Examples with HostAgentFactory com.intel.mtwilson.agent.HostAgentFactory used on opensource projects

Example 1 with HostAgentFactory

use of com.intel.mtwilson.agent.HostAgentFactory in project OpenAttestation by OpenAttestation.

the class HostBO method addHost.

public String addHost(TxtHost host) {
    String certificate = null;
    String location = null;
    String ipAddress = null;
    HashMap<String, ? extends IManifest> pcrMap = null;
    try {
        ipAddress = InetAddress.getByName(host.getHostName().toString()).getHostAddress();
        if (!ipAddress.equalsIgnoreCase(host.getIPAddress().toString())) {
            throw new ASException(ErrorCode.AS_HOST_IPADDRESS_NOT_MATCHED, host.getHostName().toString(), host.getIPAddress().toString());
        }
        checkForDuplicate(host);
        getBiosAndVMM(host);
        log.info("Getting Server Identity.");
        TblHosts tblHosts = new TblHosts();
        tblHosts.setTlsPolicyName("TRUST_FIRST_CERTIFICATE");
        tblHosts.setTlsKeystore(null);
        tblHosts.setAddOnConnectionInfo(host.getAddOn_Connection_String());
        if (host.getHostName() != null) {
            tblHosts.setName(host.getHostName().toString());
        }
        if (host.getIPAddress() != null) {
            tblHosts.setIPAddress(host.getIPAddress().toString());
        }
        if (host.getPort() != null) {
            tblHosts.setPort(host.getPort());
        } else {
            throw new ASException(ErrorCode.PORT_MISSING, host.getHostName().toString(), host.getIPAddress().toString());
        }
        if (canFetchAIKCertificateForHost(host.getVmm().getName())) {
            // datatype.Vmm
            if (!host.getAddOn_Connection_String().toLowerCase().contains("citrix")) {
                certificate = getAIKCertificateForHost(tblHosts, host);
                // we have to check that the aik certificate was signed by a trusted privacy ca
                X509Certificate hostAikCert = X509Util.decodePemCertificate(certificate);
                hostAikCert.checkValidity();
                // read privacy ca certificate
                InputStream privacyCaIn = new FileInputStream(ResourceFinder.getFile("PrivacyCA.cer"));
                // XXX TODO currently we only support one privacy CA cert...
                // in the future we should read a PEM format file with possibly multiple trusted privacy ca certs
                X509Certificate privacyCaCert = X509Util.decodeDerCertificate(IOUtils.toByteArray(privacyCaIn));
                IOUtils.closeQuietly(privacyCaIn);
                privacyCaCert.checkValidity();
                // verify the trusted privacy ca signed this aik cert
                hostAikCert.verify(privacyCaCert.getPublicKey());
            // NoSuchAlgorithmException,InvalidKeyException,NoSuchProviderException,SignatureException
            }
        } else {
            // ESX host so get the location for the host and store in the table
            pcrMap = getHostPcrManifest(tblHosts, host);
            // BUG #497 sending both the new TblHosts record and the TxtHost object just to get the TlsPolicy into
            // the initial call so that with the trust_first_certificate policy we will obtain the host certificate now while adding it
            log.info("Getting location for host from VCenter");
            location = getLocation(pcrMap);
        }
        HostAgentFactory factory = new HostAgentFactory();
        HostAgent agent = factory.getHostAgent(tblHosts);
        log.info("Saving Host in database with TlsPolicyName {} and TlsKeystoreLength {}", tblHosts.getTlsPolicyName(), tblHosts.getTlsKeystore() == null ? "null" : tblHosts.getTlsKeystore().length);
        Map<String, String> attributes = agent.getHostAttributes();
        String hostUuidAttr = attributes.get("Host_UUID");
        //if ((attributes != null) && (!attributes.isEmpty()) && (hostUuidAttr != null))
        if (!attributes.isEmpty() && hostUuidAttr != null)
            tblHosts.setHardwareUuid(hostUuidAttr.toLowerCase().trim());
        //                        
        log.debug("Saving the host details in the DB");
        // retrieve the complete manifest and get module info inserted into database
        // We only handle module info for PCR 19
        HashMap<String, ? extends IManifest> pcrs = getHostPcrManifest(tblHosts, host);
        List<TblHostSpecificManifest> tblHostSpecificManifests = null;
        if (vmmMleId.getRequiredManifestList().contains(MODULE_PCR)) {
            if (pcrs != null) {
                PcrManifest pcr19 = (PcrManifest) pcrs.get(MODULE_PCR);
                addModuleWhiteList(pcr19, tblHosts, host, hostUuidAttr);
                log.info("Host specific modules would be retrieved from the host that extends into PCR 19.");
                String hostType = host.getVendor();
                tblHostSpecificManifests = createHostSpecificManifestRecords(vmmMleId, pcrs, hostType);
            }
        } else {
            log.info("Host specific modules will not be configured since PCR 19 is not selected for attestation");
        }
        //saveHostInDatabase(tblHosts, host, certificate, location, pcrMap);
        biosMleId = findBiosMleForHost(host);
        vmmMleId = findVmmMleForHost(host);
        saveHostInDatabase(tblHosts, host, certificate, location, pcrMap, tblHostSpecificManifests, biosMleId, vmmMleId);
        // Now that the host has been registered successfully, let us see if there is an asset tag certificated configured for the host
        // to which the host has to be associated
        //attributes);
        associateAssetTagCertForHost(host, agent.getHostAttributes(), tblHosts);
    } catch (ASException ase) {
        throw ase;
    } catch (CryptographyException e) {
        throw new ASException(e, ErrorCode.AS_ENCRYPTION_ERROR, e.getCause() == null ? e.getMessage() : e.getCause().getMessage());
    } catch (Exception e) {
        log.debug("beggining stack trace --------------");
        e.printStackTrace();
        log.debug("end stack trace --------------");
        throw new ASException(e);
    }
    return "true";
}

Example 2 with HostAgentFactory

use of com.intel.mtwilson.agent.HostAgentFactory in project OpenAttestation by OpenAttestation.

the class HostBO method getPcrModuleManifestMap.

private HashMap<String, ? extends IManifest> getPcrModuleManifestMap(TblHosts tblHosts, TxtHost host) {
    HostAgentFactory hostAgentFactory = getHostAgentFactory();
    HashMap<String, ? extends IManifest> pcrMap = hostAgentFactory.getManifest(tblHosts);
    return pcrMap;
}

Example 3 with HostAgentFactory

use of com.intel.mtwilson.agent.HostAgentFactory in project OpenAttestation by OpenAttestation.

the class CitrixAgentStrategy method getManifest.

@Override
public HashMap<String, ? extends IManifest> getManifest(TblHosts host) throws Exception {
    String pcrList = getPcrList(host);
    HostAgentFactory factory = new HostAgentFactory();
    TlsPolicy tlsPolicy = factory.getTlsPolicy(host.getTlsPolicyName(), host.getTlsKeystoreResource());
    CitrixClient client = new CitrixClient(new TlsConnection(host.getAddOnConnectionInfo(), tlsPolicy));
    return client.getQuoteInformationForHost(pcrList);
}