ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-29 15:44:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

[#62] Cleaned up preprocessor file expansion.

Browse Source 
There were unnecessary references to file paths in the executable.
This commit is contained in:
apldev4 2018-12-11 13:27:24 -05:00 committed by apldev3
parent 74728c6e0d
commit 6f99a10ad3
6 changed files with 42 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
HIRS_ProvisionerTPM2/include/CommandTpm2.h
View File

@ -87,7 +87,8 @@ class CommandTpm2 {
std::string getPublicArea(const std::string& filename); std::string getPublicArea(const std::string& filename);
std::string runTpm2CommandWithRetry(const std::string& command, std::string runTpm2CommandWithRetry(const std::string& command,
const std::string& args); const std::string& args,
int sourceCodeLineNumber);
public: public:
static const char* const kDefaultIdentityClaimResponseFilename; static const char* const kDefaultIdentityClaimResponseFilename;

10
HIRS_ProvisionerTPM2/include/Process.h
View File

@ -40,9 +40,9 @@ class Process {
std::string getOutputString() const; std::string getOutputString() const;
static std::string run(const std::string& executable, static std::string run(const std::string& executable,
std::string sourceFileName, const std::string& arguments,
int sourceLineNumber, const std::string& sourceFileName,
const std::string& arguments = ""); int sourceLineNumber);
static bool isRunning(const std::string& executable); static bool isRunning(const std::string& executable);
}; };
@ -50,8 +50,4 @@ class Process {
} // namespace utils } // namespace utils
} // namespace hirs } // namespace hirs
#define RUN_PROCESS_OR_THROW(executable, arguments)\
hirs::utils::Process::run(executable, __FILE__, __LINE__, arguments)
#endif // HIRS_PROVISIONERTPM2_INCLUDE_PROCESS_H_ #endif // HIRS_PROVISIONERTPM2_INCLUDE_PROCESS_H_

41
HIRS_ProvisionerTPM2/src/CommandTpm2.cpp
View File

@ -150,7 +150,8 @@ void CommandTpm2::setAuthData() {
} }
LOGGER.info("Attempting to set auth data."); LOGGER.info("Attempting to set auth data.");
runTpm2CommandWithRetry(kTpm2ToolsTakeOwnershipCommand, argsStream.str()); runTpm2CommandWithRetry(kTpm2ToolsTakeOwnershipCommand, argsStream.str(),
__LINE__);
LOGGER.info("Auth data set successfully."); LOGGER.info("Auth data set successfully.");
} }
@ -274,7 +275,8 @@ void CommandTpm2::createEndorsementKey(const AsymmetricKeyType& keyType) {
<< " -f " << kDefaultEkPubFilename << " -f " << kDefaultEkPubFilename
<< endl; << endl;
runTpm2CommandWithRetry(kTpm2ToolsGetPubEkCommand, argsStream.str()); runTpm2CommandWithRetry(kTpm2ToolsGetPubEkCommand, argsStream.str(),
__LINE__);
LOGGER.info("Endorsement Key successfully created."); LOGGER.info("Endorsement Key successfully created.");
} }
@ -318,7 +320,8 @@ void CommandTpm2::createAttestationKey() {
LOGGER.info("Running getpubak with arguments: " LOGGER.info("Running getpubak with arguments: "
+ argsStream.str()); + argsStream.str());
runTpm2CommandWithRetry(kTpm2ToolsGetPubAkCommand, argsStream.str()); runTpm2CommandWithRetry(kTpm2ToolsGetPubAkCommand, argsStream.str(),
__LINE__);
LOGGER.info("AK created successfully"); LOGGER.info("AK created successfully");
} }
@ -420,7 +423,8 @@ string CommandTpm2::activateIdentity() {
<< " -o " << kDefaultActivatedIdentityFilename << " -o " << kDefaultActivatedIdentityFilename
<< endl; << endl;
runTpm2CommandWithRetry(kTpm2ToolsActivateCredential, argsStream.str()); runTpm2CommandWithRetry(kTpm2ToolsActivateCredential, argsStream.str(),
__LINE__);
try { try {
binaryEncodedNonce = fileToString(kDefaultActivatedIdentityFilename); binaryEncodedNonce = fileToString(kDefaultActivatedIdentityFilename);
@ -459,7 +463,8 @@ void CommandTpm2::storeAKCertificate(
<< " -s " << akCertificateByteStringSize << " -s " << akCertificateByteStringSize
<< endl; << endl;
runTpm2CommandWithRetry(kTpm2ToolsNvDefineCommand, argsStream.str()); runTpm2CommandWithRetry(kTpm2ToolsNvDefineCommand, argsStream.str(),
__LINE__);
try { try {
LOGGER.debug(string("Beginning to write to NV Index: ") LOGGER.debug(string("Beginning to write to NV Index: ")
@ -470,7 +475,8 @@ void CommandTpm2::storeAKCertificate(
= createNvWriteCommandArgs(kAKCertificateHandle, = createNvWriteCommandArgs(kAKCertificateHandle,
kDefaultAkCertFilename); kDefaultAkCertFilename);
runTpm2CommandWithRetry(kTpm2ToolsNvWriteCommand, nvWriteArguments); runTpm2CommandWithRetry(kTpm2ToolsNvWriteCommand, nvWriteArguments,
__LINE__);
} catch (HirsRuntimeException& ex) { } catch (HirsRuntimeException& ex) {
LOGGER.warn(string("Attempt to write AK Certificate to TPM failed.") LOGGER.warn(string("Attempt to write AK Certificate to TPM failed.")
+ string(" The following output was given:\n") + string(" The following output was given:\n")
@ -526,7 +532,8 @@ void CommandTpm2::getQuote(const string& akLocation,
uint16_t CommandTpm2::getNvIndexDataSize(const string& nvIndex) { uint16_t CommandTpm2::getNvIndexDataSize(const string& nvIndex) {
string listOutput; string listOutput;
try { try {
listOutput = runTpm2CommandWithRetry(kTpm2ToolsNvListCommand, ""); listOutput = runTpm2CommandWithRetry(kTpm2ToolsNvListCommand, "",
__LINE__);
} catch (HirsRuntimeException& ex) { } catch (HirsRuntimeException& ex) {
// Due to bug in tpm2-tools 2.1.0, check to see if error was success // Due to bug in tpm2-tools 2.1.0, check to see if error was success
if (contains(ex.what(), "NV indexes defined.")) { if (contains(ex.what(), "NV indexes defined.")) {
@ -570,7 +577,7 @@ string CommandTpm2::readNvIndex(const string& nvIndex,
LOGGER.info("Command args: " + nvReadArguments); LOGGER.info("Command args: " + nvReadArguments);
string rawNvReadOutput = runTpm2CommandWithRetry( string rawNvReadOutput = runTpm2CommandWithRetry(
kTpm2ToolsNvReadCommand, nvReadArguments); kTpm2ToolsNvReadCommand, nvReadArguments, __LINE__);
switch (version) { switch (version) {
case Tpm2ToolsVersion::VERSION_1_1_0: case Tpm2ToolsVersion::VERSION_1_1_0:
@ -626,7 +633,8 @@ void CommandTpm2::releaseNvIndex(const string& nvIndex) {
argsStream << " -a " << kDefaultOwnerAuthHandle argsStream << " -a " << kDefaultOwnerAuthHandle
<< " -x " << nvIndex; << " -x " << nvIndex;
runTpm2CommandWithRetry(kTpm2ToolsNvReleaseCommand, argsStream.str()); runTpm2CommandWithRetry(kTpm2ToolsNvReleaseCommand, argsStream.str(),
__LINE__);
LOGGER.info("NV Index released successfully"); LOGGER.info("NV Index released successfully");
} }
@ -661,7 +669,8 @@ string CommandTpm2::createNvReadCommandArgs(const string& nvIndex,
*/ */
bool CommandTpm2::hasPersistentObject(const string& handle) { bool CommandTpm2::hasPersistentObject(const string& handle) {
string listOutput string listOutput
= runTpm2CommandWithRetry(kTpm2ToolsListPersistentCommand, ""); = runTpm2CommandWithRetry(kTpm2ToolsListPersistentCommand, "",
__LINE__);
return Tpm2ToolsOutputParser::parsePersistentObjectExists(handle, return Tpm2ToolsOutputParser::parsePersistentObjectExists(handle,
listOutput); listOutput);
} }
@ -683,7 +692,8 @@ void CommandTpm2::flushPersistentObject(const string& handle) {
LOGGER.info("Running evictcontrol with arguments: " LOGGER.info("Running evictcontrol with arguments: "
+ argsStream.str()); + argsStream.str());
runTpm2CommandWithRetry(kTpm2ToolsEvictControlCommand, argsStream.str()); runTpm2CommandWithRetry(kTpm2ToolsEvictControlCommand, argsStream.str(),
__LINE__);
LOGGER.info("Object flushed successfully"); LOGGER.info("Object flushed successfully");
} }
@ -712,7 +722,8 @@ void CommandTpm2::createPublicAreaFile(const string& keyHandle,
<< endl; << endl;
runTpm2CommandWithRetry(kTpm2ToolsReadPublicCommand, runTpm2CommandWithRetry(kTpm2ToolsReadPublicCommand,
argumentsStringStream.str()); argumentsStringStream.str(),
__LINE__);
LOGGER.info("Public area file successfully created."); LOGGER.info("Public area file successfully created.");
} }
@ -745,11 +756,13 @@ string CommandTpm2::getPublicArea(const std::string& filename) {
} }
string CommandTpm2::runTpm2CommandWithRetry(const string& command, string CommandTpm2::runTpm2CommandWithRetry(const string& command,
const string& args) { const string& args,
int sourceCodeLineNumber) {
string tpmErrorCode; string tpmErrorCode;
for (int i = 0;; ++i) { for (int i = 0;; ++i) {
try { try {
return RUN_PROCESS_OR_THROW(command, args); return hirs::utils::Process::run(command, args, "CommandTpm2.cpp",
sourceCodeLineNumber);
} catch (HirsRuntimeException& ex) { } catch (HirsRuntimeException& ex) {
tpmErrorCode = Tpm2ToolsOutputParser::parseTpmErrorCode(ex.what()); tpmErrorCode = Tpm2ToolsOutputParser::parseTpmErrorCode(ex.what());

8
HIRS_ProvisionerTPM2/src/Process.cpp
View File

@ -116,16 +116,16 @@ string Process::getOutputString() const {
* and source file line number for use in the exception message. * and source file line number for use in the exception message.
* *
* @param executable the executable to be run * @param executable the executable to be run
* @param arguments the arguments including options to be passed to the
* @param sourceFileName source file from which this method was called * @param sourceFileName source file from which this method was called
* @param sourceLineNumber line number of source file from which this method * @param sourceLineNumber line number of source file from which this method
* was called * was called
* @param arguments the arguments including options to be passed to the
* executable (defaults to empty string) * executable (defaults to empty string)
*/ */
string Process::run(const string& executable, string Process::run(const string& executable,
string sourceFileName, const string& arguments,
int sourceLineNumber, const string& sourceFileName,
const string& arguments) { int sourceLineNumber) {
stringstream errorStream; stringstream errorStream;
Process p(executable, arguments); Process p(executable, arguments);
if (p.run(errorStream) != 0) { if (p.run(errorStream) != 0) {

4
HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp
View File

@ -73,7 +73,9 @@ int provision() {
platformCredentials); platformCredentials);
identityClaim.set_client_version(CLIENT_VERSION); identityClaim.set_client_version(CLIENT_VERSION);
string paccorOutputString = string paccorOutputString =
RUN_PROCESS_OR_THROW("/opt/paccor/scripts/allcomponents.sh", ""); hirs::utils::Process::run(
"/opt/paccor/scripts/allcomponents.sh", "",
"TPM2_Provisioner.cpp", __LINE__);
identityClaim.set_paccoroutput(paccorOutputString); identityClaim.set_paccoroutput(paccorOutputString);
RestfulClientProvisioner provisioner; RestfulClientProvisioner provisioner;
string nonceBlob = provisioner.sendIdentityClaim(identityClaim); string nonceBlob = provisioner.sendIdentityClaim(identityClaim);

4
HIRS_ProvisionerTPM2/src/Tpm2ToolsUtils.cpp
View File

@ -45,7 +45,9 @@ const unordered_map<string, Tpm2ToolsVersion>
}; };
Tpm2ToolsVersion Tpm2ToolsVersionChecker::findTpm2ToolsVersion() { Tpm2ToolsVersion Tpm2ToolsVersionChecker::findTpm2ToolsVersion() {
string versionOutput = RUN_PROCESS_OR_THROW("tpm2_nvlist", "-v"); string versionOutput = hirs::utils::Process::run("tpm2_nvlist", "-v",
"Tpm2ToolsUtils.cpp",
__LINE__);
string version = Tpm2ToolsOutputParser::parseTpm2ToolsVersion( string version = Tpm2ToolsOutputParser::parseTpm2ToolsVersion(
versionOutput); versionOutput);
string majorVersion = Tpm2ToolsOutputParser::parseTpm2ToolsMajorVersion( string majorVersion = Tpm2ToolsOutputParser::parseTpm2ToolsMajorVersion(