From 3f57b0ab81bf7889cf154ad4025c2ea66a5265a0 Mon Sep 17 00:00:00 2001 From: Cyrus <24922493+cyrus-dev@users.noreply.github.com> Date: Wed, 7 Oct 2020 09:37:53 -0400 Subject: [PATCH] This is the initial code set up to pull the log file from the provisioner and send it to the ACA. Task 1 of #238. --- ...stractAttestationCertificateAuthority.java | 7 +++++++ .../include/DeviceInfoCollector.h | 2 ++ .../src/DeviceInfoCollector.cpp | 20 +++++++++++++++++++ .../src/ProvisionerTpm2.proto | 1 + HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp | 1 + 5 files changed, 31 insertions(+) diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java index 8db7100e..b1f14f41 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java @@ -10,6 +10,7 @@ import hirs.attestationca.service.SupplyChainValidationService; import hirs.data.persist.AppraisalStatus; import hirs.data.persist.Device; import hirs.data.persist.DeviceInfoReport; +import hirs.data.persist.certificate.CertificateAuthorityCredential; import hirs.data.persist.info.FirmwareInfo; import hirs.data.persist.info.HardwareInfo; import hirs.data.persist.info.NetworkInfo; @@ -723,6 +724,12 @@ public abstract class AbstractAttestationCertificateAuthority this.pcrValues = dv.getPcrslist().toStringUtf8(); } + if (dv.getLogfile() != null && !dv.getLogfile().isEmpty()) { + LOG.error(dv.getLogfile()); + } else { + LOG.error("Didn't find the log file"); + } + // Get TPM info, currently unimplemented TPMInfo tpm; try { diff --git a/HIRS_ProvisionerTPM2/include/DeviceInfoCollector.h b/HIRS_ProvisionerTPM2/include/DeviceInfoCollector.h index ad368448..8680b690 100644 --- a/HIRS_ProvisionerTPM2/include/DeviceInfoCollector.h +++ b/HIRS_ProvisionerTPM2/include/DeviceInfoCollector.h @@ -39,5 +39,7 @@ class DeviceInfoCollector { * DeviceInfo object. */ static hirs::pb::DeviceInfo collectDeviceInfo(); + + static std::string collectTcgLog(); }; #endif // HIRS_PROVISIONERTPM2_INCLUDE_DEVICEINFOCOLLECTOR_H_ diff --git a/HIRS_ProvisionerTPM2/src/DeviceInfoCollector.cpp b/HIRS_ProvisionerTPM2/src/DeviceInfoCollector.cpp index d3486c45..acfcd511 100644 --- a/HIRS_ProvisionerTPM2/src/DeviceInfoCollector.cpp +++ b/HIRS_ProvisionerTPM2/src/DeviceInfoCollector.cpp @@ -244,3 +244,23 @@ hirs::pb::OsInfo DeviceInfoCollector::collectOsInfo() { return info; } +// Mimicing above,, open the log, and get all the information and attach that as a byte attribute of....one of the objects, +// not sure which one yet. and it can't be a string line, byte, then add running this method to the CollectDevieInfo + +string DeviceInfoCollector::collectTcgLog() { + ifstream tcgLogFile("/boot/tcg/manifest/rim/Evo.dockerclient.2.rimel", + std::ios::binary | std::ios::ate); + ifstream::pos_type pos = tcgLogFile.tellg(); + + int length = pos; + char *pChars = new char[length]; + + + tcgLogFile.seekg(0, std::ios::beg); + tcgLogFile.read(pChars, length); + + string content(pos); + tcgLogFile.close(); + + return content; +} \ No newline at end of file diff --git a/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto b/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto index 9f34d2a2..6f030111 100644 --- a/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto +++ b/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto @@ -58,6 +58,7 @@ message DeviceInfo { required NetworkInfo nw = 3; required OsInfo os = 4; optional bytes pcrslist = 5; + optional bytes logfile = 6; } message IdentityClaim { diff --git a/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp b/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp index 835e4be2..156336ba 100644 --- a/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp +++ b/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp @@ -65,6 +65,7 @@ int provision() { cout << "----> Collecting device information" << endl; hirs::pb::DeviceInfo dv = DeviceInfoCollector::collectDeviceInfo(); dv.set_pcrslist(tpm2.getPcrList()); + dv.set_logfile(DeviceInfoCollector::collectTcgLog()); // send identity claim cout << "----> Sending identity claim to Attestation CA" << endl;