Commit Graph

67 Commits

Author SHA1 Message Date
Cyrus
d353854835 Updated the post install to only do it if the file doesn't exist 2022-02-14 10:34:21 -05:00
Cyrus
c99622bbea Removed conditional checks for tcg file locations in post install script 2022-02-11 08:06:23 -05:00
Cyrus
8f9c354c0a Updated post install script for provisioner to change the permissions on
the file and how the file is populated.
2022-01-25 08:22:31 -05:00
Cyrus
d510e3f460 Updated error message print out. 2022-01-07 10:19:48 -05:00
Cyrus
5858e36313 Updated the implementation to return a blank identity claim response.
The provisioner tests the blob and if it is empty, exit
2022-01-05 16:49:27 -05:00
Cyrus
78e308e67d The provisioner was throwing an error to the standard printout because
of protobuf. This had to do with the recent change to checking the
Identity Claim Response and the use of the has_credentialBlob check.
2022-01-05 07:36:21 -05:00
iadgovuser29
a5c5a3ac60 Add additional location for pci.ids file and fix checkstyle issues from
previous commit.
2021-12-02 12:28:41 -05:00
Cyrus
68be67b73a Added default values to the provisioner for tcg certs and rim files 2021-12-01 13:57:18 -05:00
iadgovuser29
95c5e40f89 Utilize protobuf to parse claim response. Work on array handling on ACA. 2021-11-23 22:01:16 -05:00
Cyrus
4c46758d9a This commit is a feature update. The IMA PCR enable/diable is being enhanced to update the mask the provisioner uses to pull the quote from the TPM. This code will send down a string range of PCR values that excludes PCR 10. The quote that is returned should be a composite without the PCR 10. There will be a log statement in this commit that should be removed. 2021-11-23 09:36:00 -05:00
Cyrus
79127e57d1 Initi commit. There are warning that newer compilers are throwing for vector.at and vector.size. These are removed. In addition a char** in a main parameter was made into a const. 2021-10-27 14:55:50 -04:00
Cyrus
ff56d83443 A compiler error was happening with an uninitialized float variable. 2021-10-14 13:58:59 -04:00
lareine
766ff75261 fixed style check issue in CommandTpm2.cpp 2021-05-27 15:43:44 -04:00
iadgovuser26
f8b5c1b24a
Merge pull request #363 from nsacyber/issue/process-rundata-newline
Fixed an issue that caused Process to drop data
2021-05-25 16:34:28 -04:00
iadgovuser29
41923b7337 Fixed an issue that caused Process to drop data 2021-05-25 09:18:44 -04:00
Cyrus
29257695c1 Updated the code with some additional messaging information for the provisioner when it fails. I added a bit of code that eliminates the portal having an error when a support rim is failing, this doesn't allow it to ingest the rim into the database. 2021-04-07 10:53:09 -04:00
Cyrus
a04b697c9a Added an additional suppression to the cppcheck call. 2021-01-26 15:10:47 -05:00
Cyrus
f80d9af3b7 Some issues were found while doing script testings. These issues don't appear on Travis, however some of the issues were resolved in the scripts by making these changes. This is to test how travis will react. 2021-01-22 10:08:50 -05:00
Cyrus
62c7ca2d90 This PR is to address issue #308. The ACA was pulling Issuer Certificates using the organization RDN of the subject string and getting this from the issuer string of the EC or PC. This presents a problem because it isn't a required field. The organization field cannot be null or empty. Pulling objects from a DB using null or empty would produce bad results. The main change of this issue (which has not been full tested) is pulling using the AKI for the db lookup. If this fails, instead of falling back on potentially left out fields like the O= RDN, the ACA takes the issuer/subject fields, breaks them apart and sorts them based on the key. It also changes the case. This way the lookup can be assured to match in case of some random situation in which the issuer or subject field don't match because RDN keys are just in different positions of the string. 2020-12-11 14:47:46 -05:00
Cyrus
7d49f63a9b Merge branch 'master' into multiple-rim-upload 2020-12-02 11:05:12 -05:00
Cyrus
70662bddec Updated how the bios measurement file is uploaded. Changed the code to pull the string from the properties file instead of a hard link in the code. 2020-12-01 11:13:41 -05:00
Cyrus
9534d6650f Merge branch 'master' into platform_cert_missing_fix 2020-12-01 09:47:45 -05:00
Cyrus
6eefb393a3 Updated the code to pull all the files from a swid tag file directory and a rim log file directory, instead of a single file. 2020-11-30 14:16:57 -05:00
Cyrus
bfeff6c867 initial commit 2020-11-30 08:38:46 -05:00
Cyrus
eab88e1ef6 Merge branch 'platform_cert_missing_fix' into multiple-rim-upload 2020-11-30 06:41:52 -05:00
Cyrus
61359e1920 Updated the provisioner to look into the tcg properties file for the location of the certificates that are to be uploaded instead of using the tpm (if the file is not in the tpm). 2020-11-27 13:09:04 -05:00
Cyrus
40e744690b The 3 files the provisioner uploads to the ACA are system flat files. If the first or second one dosn't exist or cause an exception to be thrown, the rest aren't executed. This change separates the try catch statements so that each one is executed independently of the previous ones' error. 2020-11-25 08:23:02 -05:00
Cyrus
2c97666bb9 This commit adds code to pull the bios measurements file to the ACA 2020-10-13 13:51:14 -04:00
Cyrus
f9b0ce413d This commit adds minor tweaks. The first updates the post install script to overwrite, rather than append, the file names to the tcg boot properties file. The next tweak properly loads the Base and Support RIM from the provisioning process into the DB. 2020-10-13 11:42:50 -04:00
Cyrus
4e39b6856b post install script was run however that is all that was run. The set tcg properties script was not included. The contents of the new script have been added to the post install script and the set tcg script has been removed. 2020-10-09 13:18:10 -04:00
Cyrus
84df61e4cf The CPACK variable name for the post rpm install script was the same as the set tcg script included in the cmakelists file. This caused the post install script to never run and never create directories necessary for a successful install. 2020-10-09 12:34:38 -04:00
Cyrus
04471c9653 Bash if statement with syntax error: exclamation mark was outside of [] 2020-10-09 11:58:27 -04:00
Cyrus
d8da232d6b Removed method that is not used. This is task 1 for #238 2020-10-09 10:53:42 -04:00
Cyrus
4b0bb2df91 This commit updates the provisioner to pull the rim and swidtag locations from a properties file that will be created during the post install process. The provisioner then pulls the values and sends them to the ACA. The ACA currently just prints out the content and saves the swidtag. 2020-10-09 10:48:17 -04:00
Cyrus
3f57b0ab81 This is the initial code set up to pull the log file from the provisioner and send it to the ACA. Task 1 of #238. 2020-10-07 09:37:53 -04:00
Cyrus
89dd2084c2 Merge branch 'master' into rimel-delete-details 2020-09-30 10:03:27 -04:00
Cyrus
f4aed453f8 Additional visual changes 2020-09-30 10:02:33 -04:00
Cyrus
325feffd90 Update h file that was changed with the method change in the cpp class file. 2020-09-08 08:08:23 -04:00
Cyrus
ee294e4562 SupplyCahinValidationService did not like the additions of a method returning a SupplyChainValidation, switched to Summary and it worked. This was the cause of the DB crashing. 2020-08-25 11:36:37 -04:00
Cyrus
9fb983c828 Changed the method name for the pcr list command 2020-07-29 12:31:34 -04:00
Cyrus
2e4ecb6829 Updated code for the device pcrs. The provisioner now sends everything associated with the tpm_pcrlist. The ACA stores the full list in a flat file then pulls that file when validating the firmware policy is enabled. 2020-07-27 13:58:22 -04:00
Cyrus
3e9d26f598 This code changes how the ACA handles a pcr list provided by the provisioner. The provisioner also is changed to send all supported algorithms and no longer delimits them with a + sign. The ACA is now set up to cycle through the entire list until is matches the baseline found in the rim associated log file. Currently the code is having issues saving the larger list of pcr values. It is too big for the database. 2020-07-17 12:44:31 -04:00
Cyrus
70504e7423
Modified how TPM2 Provisioner pulls down sub module cpr (#255) 2020-06-05 11:54:41 -04:00
Cyrus
2805df9f8b
[#236] Firmware validation update part 1 (#243)
* This commit includes changes to the provisioner for what is sent up.  Originally only SHA256 was being used, this change includes both.
* This last commit cover the items 2-4 in issue #236.  The Provisioner sends up and updated list of pcrs that include 256, not just sha1.  The validation and policy pages have been updated.  A second pull request will be created to address parsing the information into a baseline.
2020-03-27 10:13:37 -04:00
Cyrus
c7454c945e
[#190] Provision update for quote and pcrs (#196)
* This commit includes functioning TPM quote code that is sent to the ACA.  In addition it has code to also sent the pcrs list results.

Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.Additional changes to correct code for sending the pcr list over to the ACA.

* Changed the requirement for the field into protobuf to optional from required.
2019-10-29 09:33:35 -04:00
apldev4
4beb1d2bac [#135] tpm_version prints output containing nulls. (#137)
The tpm_version tool can sometimes print a null
value as part of the TPM major version if the major
version is less than 4 characters. These nulls are
now removed before printing.
2019-05-14 11:08:40 -04:00
apldev4
74ab4d46b1 [#105] Updated tpm_version to get data from TPM hardware.
The TPM 2 Provisioner gets packaged with an application called
tpm_version, which reported hard-coded values for the TPM
manufacturer and version. Now it collects those things from
the TPM and reports them.
2019-05-01 16:11:00 -04:00
apldev4
00099ebfc5
[#130] Fixed Doxygen warnings. (#131)
There were some warnings generated by Doxygen when compiling.
One was from an undocumented parameter for a method in the
Properties class. Many others were due to a setting that prevented
Doxygen from being able to associate function declarations with
their definitions if their parameters used standard library objects.
2019-04-30 11:25:27 -04:00
iadgovuser26
6dba37be80
Merge pull request #97 from nsacyber/issue-90
Modify build scripts to enable installation on Amazon Linux
2019-03-28 11:06:33 -04:00
apldev3
bc717c9241
[#95] Resolve Log4cplus Error complaining about no appenders on TPM2 Provisioner startup (#101) 2019-03-27 18:18:55 -04:00