This is the initial code set up to pull the log file from the provisioner and send it to the ACA. Task 1 of #238.

2025-02-20 17:52:47 +00:00 · 2020-10-07 09:37:53 -04:00 · 2020-10-07 09:37:53 -04:00 · 3f57b0ab81
commit 3f57b0ab81
parent 88f68d4139
5 changed files with 31 additions and 0 deletions
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java
@ -10,6 +10,7 @@ import hirs.attestationca.service.SupplyChainValidationService;
 import hirs.data.persist.AppraisalStatus;
 import hirs.data.persist.Device;
 import hirs.data.persist.DeviceInfoReport;
+import hirs.data.persist.certificate.CertificateAuthorityCredential;
 import hirs.data.persist.info.FirmwareInfo;
 import hirs.data.persist.info.HardwareInfo;
 import hirs.data.persist.info.NetworkInfo;
@ -723,6 +724,12 @@ public abstract class AbstractAttestationCertificateAuthority
            this.pcrValues = dv.getPcrslist().toStringUtf8();
        }

+        if (dv.getLogfile() != null && !dv.getLogfile().isEmpty()) {
+            LOG.error(dv.getLogfile());
+        } else {
+            LOG.error("Didn't find the log file");
+        }
+
        // Get TPM info, currently unimplemented
        TPMInfo tpm;
        try {
--- a/HIRS_ProvisionerTPM2/include/DeviceInfoCollector.h
+++ b/HIRS_ProvisionerTPM2/include/DeviceInfoCollector.h
@ -39,5 +39,7 @@ class DeviceInfoCollector {
     * DeviceInfo object.
     */
    static hirs::pb::DeviceInfo collectDeviceInfo();
+
+    static std::string collectTcgLog();
 };
 #endif  // HIRS_PROVISIONERTPM2_INCLUDE_DEVICEINFOCOLLECTOR_H_
--- a/HIRS_ProvisionerTPM2/src/DeviceInfoCollector.cpp
+++ b/HIRS_ProvisionerTPM2/src/DeviceInfoCollector.cpp
@ -244,3 +244,23 @@ hirs::pb::OsInfo DeviceInfoCollector::collectOsInfo() {
    return info;
 }

+// Mimicing above,, open the log, and get all the information and attach that as a byte attribute of....one of the objects,
+// not sure which one yet.  and it can't be a string line, byte, then add running this method to the CollectDevieInfo
+
+string DeviceInfoCollector::collectTcgLog() {
+    ifstream tcgLogFile("/boot/tcg/manifest/rim/Evo.dockerclient.2.rimel",
+            std::ios::binary | std::ios::ate);
+    ifstream::pos_type pos = tcgLogFile.tellg();
+
+    int length = pos;
+    char *pChars = new char[length];
+
+
+    tcgLogFile.seekg(0, std::ios::beg);
+    tcgLogFile.read(pChars, length);
+
+    string content(pos);
+    tcgLogFile.close();
+
+    return content;
+}
--- a/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto
+++ b/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto
@ -58,6 +58,7 @@ message DeviceInfo {
  required NetworkInfo nw = 3;
  required OsInfo os = 4;
  optional bytes pcrslist = 5;
+  optional bytes logfile = 6;
 }

 message IdentityClaim {
--- a/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp
+++ b/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp
@ -65,6 +65,7 @@ int provision() {
    cout << "----> Collecting device information" << endl;
    hirs::pb::DeviceInfo dv = DeviceInfoCollector::collectDeviceInfo();
    dv.set_pcrslist(tpm2.getPcrList());
+    dv.set_logfile(DeviceInfoCollector::collectTcgLog());

    // send identity claim
    cout << "----> Sending identity claim to Attestation CA" << endl;