ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-03-15 16:45:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Removed commented out code and brought the policy page back in

Browse Source
This commit is contained in:
Cyrus 2022-01-25 14:15:11 -05:00
parent 081ef7e5b2
commit 2f830b5d34
4 changed files with 1 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java
View File

@ -587,7 +587,6 @@ public abstract class AbstractAttestationCertificateAuthority
// Get attestation public key
RSAPublicKey akPub = parsePublicKey(claim.getAkPublicArea().toByteArray());
//RSAPublicKey devPub = parsePublicKey(claim.getDevIdPublicArea().toByteArray());
// Get Endorsement Credential if it exists or was uploaded
EndorsementCredential endorsementCredential = parseEcFromIdentityClaim(claim, ekPub);

2
HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/policy.jsp
View File

@ -175,7 +175,7 @@
<br />
<%-- Generate LDevID Certificate--%>
<div class="aca-input-box" style="display: none">
<div class="aca-input-box">
<form:form method="POST" modelAttribute="initialData" action="policy/update-issue-devid">
<li>Generate LDevID Certificate: ${initialData.issueDevIdCertificate ? 'Enabled' : 'Disabled'}
<my:editor id="issuedDevIdCertificatePolicyEditor" label="Edit Settings">

39
HIRS_ProvisionerTPM2/src/CommandTpm2.cpp
View File

@ -336,27 +336,6 @@ void CommandTpm2::createAttestationKey() {
LOGGER.info("AK created successfully");
}
void CommandTpm2::createDevIDKey() {
if (hasPersistentObject(kDefaultDevHandle)) {
LOGGER.info(string("Attestation key already exists at default address")
+ "\nFlushing key...");
flushPersistentObject(kDefaultDevHandle);
}
stringstream argsStream;
argsStream << " -E " << kDefaultEkHandle
<< " -k " << kDefaultDevHandle
<< " -f " << kDefaultDevIdPubFilename
<< " -n " << kDefaultDevNameFilename
<< endl;
LOGGER.info("Running getpubak with arguments: "
+ argsStream.str());
runTpm2CommandWithRetry(kTpm2ToolsGetPubAkCommand, argsStream.str(),
__LINE__);
LOGGER.info("DevID created successfully");
}
/**
* Method to get the byte-encoded public key portion of the AK pair.
* Assumes createAk has been called and default filenames were used.
@ -374,23 +353,6 @@ string CommandTpm2::getAttestationKeyPublicArea() {
return binaryEncodedPublicArea;
}
/**
* Method to get the byte-encoded public key portion of the AK pair.
* Assumes createAk has been called and default filenames were used.
* Takes generated public data and name file and packages them into
* a protobuf data structure for transmission.
*
* @return protobuf encoded Attestation Public Key Data
*/
string CommandTpm2::getDevIdKeyPublicArea() {
LOGGER.info("Attempting to read DevID public area from file: "
+ string(kDefaultDevIdPubFilename));
string binaryEncodedPublicArea = getPublicArea(kDefaultDevIdPubFilename);
LOGGER.info("Public area successfully read.");
return binaryEncodedPublicArea;
}
/**
* Method to create identity claim to send to the Attestation Certificate
* Authority (ACA).
@ -398,7 +360,6 @@ string CommandTpm2::getDevIdKeyPublicArea() {
* @param deviceInfo device specific info that can be verified
* @param akPublicArea the public key area blob for the AK
* @param ekPublicArea the public key area blob for the endorsement key
* @param devIdPublicArea the public key area blob for the Dev ID key
* @param endorsementCredential endorsement credential for verification
* @param platformCredentials platform credentials for verification
*/

2
HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp
View File

@ -58,9 +58,7 @@ int provision() {
// get attestation key
cout << "----> Creating attestation key" << endl;
tpm2.createAttestationKey();
// tpm2.createDevIDKey();
string akPublicArea = tpm2.getAttestationKeyPublicArea();
// string devPublicArea = tpm2.getDevIdKeyPublicArea();
// get platform credential
cout << "----> Collecting platform credential from TPM" << endl;