ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-20 05:28:22 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
1,582 Commits 260 Branches 0 Tags 287 MiB
v3_issue_833-ubuntu
Commit Graph

57 Commits

Author SHA1 Message Date
CAFB385655BEB1060E85B6C080B432F8EB2A2AF78459BD6532124977B933154A
3de50b0441
Implementing LDevID generation (#814) 2024-08-19 18:39:03 +00:00
Cyrus
771d5588d5 Updated the code to print out the available Restful URIs. Added some 
modifications to the provisioner code for testing and updated the
Restful base mapping
 2023-09-14 09:14:11 -04:00
Cyrus
ee4530cce2 Found the actual issue. The problem is with the previous status update 
not being implemented properly.
 2022-03-23 13:44:03 -04:00
Cyrus
7738a47b99 Updated the provisioner to respond to failed status instead of blank 
certificates.  Updated the proto to use enum instead of bytes
 2022-02-28 14:18:48 -05:00
Cyrus
acef2ea5b8 Added the new status for the state of the provision 2022-02-18 10:16:32 -05:00
Cyrus
d510e3f460 Updated error message print out. 2022-01-07 10:19:48 -05:00
Cyrus
5858e36313 Updated the implementation to return a blank identity claim response. 
The provisioner tests the blob and if it is empty, exit
 2022-01-05 16:49:27 -05:00
Cyrus
78e308e67d The provisioner was throwing an error to the standard printout because 
of protobuf. This had to do with the recent change to checking the
Identity Claim Response and the use of the has_credentialBlob check.
 2022-01-05 07:36:21 -05:00
iadgovuser29
a5c5a3ac60 Add additional location for pci.ids file and fix checkstyle issues from 
previous commit.
 2021-12-02 12:28:41 -05:00
Cyrus
68be67b73a Added default values to the provisioner for tcg certs and rim files 2021-12-01 13:57:18 -05:00
iadgovuser29
95c5e40f89 Utilize protobuf to parse claim response. Work on array handling on ACA. 2021-11-23 22:01:16 -05:00
Cyrus
4c46758d9a This commit is a feature update. The IMA PCR enable/diable is being enhanced to update the mask the provisioner uses to pull the quote from the TPM. This code will send down a string range of PCR values that excludes PCR 10. The quote that is returned should be a composite without the PCR 10. There will be a log statement in this commit that should be removed. 2021-11-23 09:36:00 -05:00
Cyrus
79127e57d1 Initi commit. There are warning that newer compilers are throwing for vector.at and vector.size. These are removed. In addition a char** in a main parameter was made into a const. 2021-10-27 14:55:50 -04:00
Cyrus
ff56d83443 A compiler error was happening with an uninitialized float variable. 2021-10-14 13:58:59 -04:00
lareine
766ff75261 fixed style check issue in CommandTpm2.cpp 2021-05-27 15:43:44 -04:00
iadgovuser26
f8b5c1b24a
Merge pull request #363 from nsacyber/issue/process-rundata-newline 
Fixed an issue that caused Process to drop data
 2021-05-25 16:34:28 -04:00
iadgovuser29
41923b7337 Fixed an issue that caused Process to drop data 2021-05-25 09:18:44 -04:00
Cyrus
29257695c1 Updated the code with some additional messaging information for the provisioner when it fails. I added a bit of code that eliminates the portal having an error when a support rim is failing, this doesn't allow it to ingest the rim into the database. 2021-04-07 10:53:09 -04:00
Cyrus
f80d9af3b7 Some issues were found while doing script testings. These issues don't appear on Travis, however some of the issues were resolved in the scripts by making these changes. This is to test how travis will react. 2021-01-22 10:08:50 -05:00
Cyrus
62c7ca2d90 This PR is to address issue #308. The ACA was pulling Issuer Certificates using the organization RDN of the subject string and getting this from the issuer string of the EC or PC. This presents a problem because it isn't a required field. The organization field cannot be null or empty. Pulling objects from a DB using null or empty would produce bad results. The main change of this issue (which has not been full tested) is pulling using the AKI for the db lookup. If this fails, instead of falling back on potentially left out fields like the O= RDN, the ACA takes the issuer/subject fields, breaks them apart and sorts them based on the key. It also changes the case. This way the lookup can be assured to match in case of some random situation in which the issuer or subject field don't match because RDN keys are just in different positions of the string. 2020-12-11 14:47:46 -05:00
Cyrus
7d49f63a9b Merge branch 'master' into multiple-rim-upload 2020-12-02 11:05:12 -05:00
Cyrus
70662bddec Updated how the bios measurement file is uploaded. Changed the code to pull the string from the properties file instead of a hard link in the code. 2020-12-01 11:13:41 -05:00
Cyrus
9534d6650f Merge branch 'master' into platform_cert_missing_fix 2020-12-01 09:47:45 -05:00
Cyrus
6eefb393a3 Updated the code to pull all the files from a swid tag file directory and a rim log file directory, instead of a single file. 2020-11-30 14:16:57 -05:00
Cyrus
bfeff6c867 initial commit 2020-11-30 08:38:46 -05:00
Cyrus
eab88e1ef6 Merge branch 'platform_cert_missing_fix' into multiple-rim-upload 2020-11-30 06:41:52 -05:00
Cyrus
61359e1920 Updated the provisioner to look into the tcg properties file for the location of the certificates that are to be uploaded instead of using the tpm (if the file is not in the tpm). 2020-11-27 13:09:04 -05:00
Cyrus
40e744690b The 3 files the provisioner uploads to the ACA are system flat files. If the first or second one dosn't exist or cause an exception to be thrown, the rest aren't executed. This change separates the try catch statements so that each one is executed independently of the previous ones' error. 2020-11-25 08:23:02 -05:00
Cyrus
2c97666bb9 This commit adds code to pull the bios measurements file to the ACA 2020-10-13 13:51:14 -04:00
Cyrus
d8da232d6b Removed method that is not used. This is task 1 for #238 2020-10-09 10:53:42 -04:00
Cyrus
4b0bb2df91 This commit updates the provisioner to pull the rim and swidtag locations from a properties file that will be created during the post install process. The provisioner then pulls the values and sends them to the ACA. The ACA currently just prints out the content and saves the swidtag. 2020-10-09 10:48:17 -04:00
Cyrus
3f57b0ab81 This is the initial code set up to pull the log file from the provisioner and send it to the ACA. Task 1 of #238. 2020-10-07 09:37:53 -04:00
Cyrus
89dd2084c2 Merge branch 'master' into rimel-delete-details 2020-09-30 10:03:27 -04:00
Cyrus
f4aed453f8 Additional visual changes 2020-09-30 10:02:33 -04:00
Cyrus
ee294e4562 SupplyCahinValidationService did not like the additions of a method returning a SupplyChainValidation, switched to Summary and it worked. This was the cause of the DB crashing. 2020-08-25 11:36:37 -04:00
Cyrus
9fb983c828 Changed the method name for the pcr list command 2020-07-29 12:31:34 -04:00
Cyrus
2e4ecb6829 Updated code for the device pcrs. The provisioner now sends everything associated with the tpm_pcrlist. The ACA stores the full list in a flat file then pulls that file when validating the firmware policy is enabled. 2020-07-27 13:58:22 -04:00
Cyrus
3e9d26f598 This code changes how the ACA handles a pcr list provided by the provisioner. The provisioner also is changed to send all supported algorithms and no longer delimits them with a + sign. The ACA is now set up to cycle through the entire list until is matches the baseline found in the rim associated log file. Currently the code is having issues saving the larger list of pcr values. It is too big for the database. 2020-07-17 12:44:31 -04:00
Cyrus
2805df9f8b
[#236] Firmware validation update part 1 (#243) 
* This commit includes changes to the provisioner for what is sent up.  Originally only SHA256 was being used, this change includes both.
* This last commit cover the items 2-4 in issue #236.  The Provisioner sends up and updated list of pcrs that include 256, not just sha1.  The validation and policy pages have been updated.  A second pull request will be created to address parsing the information into a baseline.
 2020-03-27 10:13:37 -04:00
Cyrus
c7454c945e
[#190] Provision update for quote and pcrs (#196) 
* This commit includes functioning TPM quote code that is sent to the ACA.  In addition it has code to also sent the pcrs list results.

Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.

* Changed the requirement for the field into protobuf to optional from required.
 2019-10-29 09:33:35 -04:00
apldev4
4beb1d2bac [#135] tpm_version prints output containing nulls. (#137) 
The tpm_version tool can sometimes print a null
value as part of the TPM major version if the major
version is less than 4 characters. These nulls are
now removed before printing.
 2019-05-14 11:08:40 -04:00
apldev4
74ab4d46b1 [#105] Updated tpm_version to get data from TPM hardware. 
The TPM 2 Provisioner gets packaged with an application called
tpm_version, which reported hard-coded values for the TPM
manufacturer and version. Now it collects those things from
the TPM and reports them.
 2019-05-01 16:11:00 -04:00
apldev4
00099ebfc5
[#130] Fixed Doxygen warnings. (#131) 
There were some warnings generated by Doxygen when compiling.
One was from an undocumented parameter for a method in the
Properties class. Many others were due to a setting that prevented
Doxygen from being able to associate function declarations with
their definitions if their parameters used standard library objects.
 2019-04-30 11:25:27 -04:00
apldev3
bc717c9241
[#95] Resolve Log4cplus Error complaining about no appenders on TPM2 Provisioner startup (#101) 2019-03-27 18:18:55 -04:00
apldev4
efbd22812d Updates to allow for TPM 2.0 quote. 2019-03-08 14:33:06 -05:00
apldev2
b40094373b Fix Style Issue in Build (#76) 
A couple of variables had conflicting names and the inner scope was
shadowing the outer. Style checker was complaining. Deleted one inner
definition and renamed another variable.
 2019-01-23 17:01:59 -05:00
apldev4
6f99a10ad3 [#62] Cleaned up preprocessor file expansion. 
There were unnecessary references to file paths in the executable.
 2018-12-11 16:23:51 -05:00
apldev3
c4bc52bd42
[#52] Make TPM2 Provisioner check for a running Resource Manager (#53) 
[#52] Make TPM2 Provisioner check for a running Resource Manager
 2018-11-26 16:45:22 -05:00
apldev4
0586afb9d8
[#41] Provisioners use PACCOR for device info collection. (#45) 
The provisioners used to shell out using different tools
to collect device info. Now they both use PACCOR instead.
 2018-11-07 14:54:48 -05:00
apldev3
37ba6de3cd [#7] Ensure Ubuntu support pending end-user installation of supported TPM2 Libraries 2018-11-01 09:47:40 -04:00