use of com.intel.mountwilson.manifest.data.PcrManifest in project OpenAttestation by OpenAttestation.
the class PcrGKVStrategyTest method testGetVmmGoodKnownManifest.
@Test
public void testGetVmmGoodKnownManifest() {
when(mleJpaController.findVmmMle(anyString(), anyString(), anyString(), anyString())).thenReturn(mockFindVmmMle());
TblPcrManifest pcr = new TblPcrManifest(1, "18", "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF");
when(pcrManifestJpaController.findPcrManifestById(any(Integer.class))).thenReturn(pcr);
HashMap<String, IManifest> pcrManifests = (HashMap<String, IManifest>) gkvstrategy.getVmmGoodKnownManifest("XEN", "4.3", "Fedora", "20", 1);
assertNotNull(pcrManifests);
assertEquals(pcrManifests.size(), 1);
PcrManifest pcrMf = (PcrManifest) pcrManifests.get("18");
assertNotNull(pcrMf);
assertEquals(pcrMf.getPcrNumber(), 18);
assertEquals(pcrMf.getPcrValue(), "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF");
}
use of com.intel.mountwilson.manifest.data.PcrManifest in project OpenAttestation by OpenAttestation.
the class CitrixClient method getQuoteInformationForHost.
public HashMap<String, PcrManifest> getQuoteInformationForHost(String pcrList) {
log.debug("getQuoteInformationForHost pcrList == " + pcrList);
try {
// We cannot reuse the connections across different calls since they are tied to a particular host.
if (!isConnected()) {
connect();
}
String nonce = generateNonce();
String sessionId = generateSessionId();
// We do not need to connect again. So, commenting it out.
// System.err.println("stdalex-error connecting with " + userName + " " + password);
// Session.loginWithPassword(connection, userName, password, APIVersion.latest().toString());
// System.err.println( "CitrixClient: connected to server ["+hostIpAddress+"]");
Map<String, String> myMap = new HashMap<String, String>();
Set<Host> hostList = Host.getAll(connection);
Iterator iter = hostList.iterator();
// hasNext() will always be valid otherwise we will get an exception from the getAll method. So, we not need
// to throw an exception if the hasNext is false.
Host h = null;
if (iter.hasNext()) {
h = (Host) iter.next();
}
String aik = h.callPlugin(connection, "tpm", "tpm_get_attestation_identity", myMap);
int startP = aik.indexOf("<xentxt:TPM_Attestation_KEY_PEM>");
int endP = aik.indexOf("</xentxt:TPM_Attestation_KEY_PEM>");
// 32 is the size of the opening tag <xentxt:TPM_Attestation_KEY_PEM>
String cert = aik.substring(startP + "<xentxt:TPM_Attestation_KEY_PEM>".length(), endP);
keys key = new keys();
// This is the actual value for AIK!!!!!
key.tpmAttKeyPEM = cert;
String aikCertificate = key.tpmAttKeyPEM;
myMap = new HashMap<String, String>();
myMap.put("nonce", nonce);
String quote = h.callPlugin(connection, "tpm", "tpm_get_quote", myMap);
log.debug("extracted quote from response: " + quote);
//saveFile(getCertFileName(sessionId), Base64.decodeBase64(aikCertificate));
saveFile(getCertFileName(sessionId), aikCertificate.getBytes());
log.debug("saved certificate with session id: " + sessionId);
saveQuote(quote, sessionId);
log.debug("saved quote with session id: " + sessionId);
saveNonce(nonce, sessionId);
log.debug("saved nonce with session id: " + sessionId);
//createRSAKeyFile(sessionId);
log.debug("created RSA key file for session id: " + sessionId);
HashMap<String, PcrManifest> pcrMap = verifyQuoteAndGetPcr(sessionId, pcrList);
log.debug("Got PCR map");
return pcrMap;
} catch (ASException e) {
throw e;
// } catch(UnknownHostException e) {
// throw new ASException(e,ErrorCode.AS_HOST_COMMUNICATION_ERROR, hostIpAddress);
} catch (Exception e) {
log.debug("caught exception during login: " + e.toString() + " class: " + e.getClass());
throw new ASException(e, ErrorCode.AS_CITRIX_ERROR, e.toString());
}
}
use of com.intel.mountwilson.manifest.data.PcrManifest in project OpenAttestation by OpenAttestation.
the class TAHelper method getQuoteInformationForHost.
// BUG #497 see the other getQuoteInformationForHost which is called from IntelHostAgent
// public HashMap<String, PcrManifest> getQuoteInformationForHost(String hostIpAddress, String pcrList, String name, int port) {
public HashMap<String, PcrManifest> getQuoteInformationForHost(TblHosts tblHosts, String pcrList) {
try {
// going to IntelHostAgent directly because 1) we are TAHelper so we know we need intel trust agents, 2) the HostAgent interface isn't ready yet for full generic usage, 3) one day this entire function will be in the IntelHostAgent or that agent will call THIS function instaed of the othe way around
HostAgentFactory factory = new HostAgentFactory();
TlsPolicy tlsPolicy = factory.getTlsPolicy(tblHosts.getTlsPolicyName(), tblHosts.getTlsKeystoreResource());
String connectionString = tblHosts.getAddOnConnectionInfo();
if (connectionString == null || connectionString.isEmpty()) {
if (tblHosts.getIPAddress() != null) {
// without vendor scheme because we are passing directly to TrustAgentSEcureClient (instead of to HOstAgentFactory)
connectionString = String.format("https://%s:%d", tblHosts.getIPAddress(), tblHosts.getPort());
}
} else if (connectionString.startsWith("intel:")) {
connectionString = connectionString.substring(6);
}
TrustAgentSecureClient client = new TrustAgentSecureClient(new TlsConnection(connectionString, tlsPolicy));
// IntelHostAgent agent = new IntelHostAgent(client, new InternetAddress(tblHosts.getIPAddress().toString()));
HashMap<String, PcrManifest> pcrMap = getQuoteInformationForHost(tblHosts.getIPAddress(), client, pcrList);
return pcrMap;
} catch (ASException e) {
throw e;
} catch (UnknownHostException e) {
throw new ASException(e, ErrorCode.AS_HOST_COMMUNICATION_ERROR, "Unknown host: " + (tblHosts.getIPAddress() == null ? "missing IP Address" : tblHosts.getIPAddress().toString()));
} catch (Exception e) {
throw new ASException(e);
}
}
Aggregations