feat: add command to start secure host based config

2021-02-18 14:20:26 -07:00
parent cef96ee36a
commit d9e94bdcb6
4 changed files with 105 additions and 0 deletions
--- a/commands.cpp
+++ b/commands.cpp
@@ -410,3 +410,72 @@ bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settin

    return false;
 }
+
+bool cmd_start_config_host_based(config_host_based_settings& server_cert, config_host_based_settings& amt_cert)
+{
+    // initialize HECI interface
+    if (heci_Init(NULL, PTHI_CLIENT) == 0) return false;
+
+    CFG_START_CONFIG_HBASED_REQUEST_INFO request;
+    CFG_START_CONFIG_HBASED_RESPONSE_INFO response;
+
+    memset(&request, 0, sizeof(CFG_START_CONFIG_HBASED_REQUEST_INFO));
+    memset(&response, 0, sizeof(CFG_START_CONFIG_HBASED_RESPONSE_INFO));
+
+    if (server_cert.algorithm == "MD5") 
+    {
+        request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_MD5;
+    }
+    else if (server_cert.algorithm == "SHA1")
+    {
+        request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_SHA1;
+    }
+    else if (server_cert.algorithm == "SHA256")
+    {
+        request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_SHA256;
+    }
+    else if (server_cert.algorithm == "SHA512")
+    {
+        request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_SHA512;
+    }
+    else
+    {
+        return false;
+    }
+
+    std::vector<char> cert_bytes;
+    util_hex_string_to_bytes(server_cert.hash, cert_bytes);
+    std::copy(std::begin(cert_bytes), std::end(cert_bytes), request.ServerCertHash);
+
+    // start secure host based configuration
+    AMT_STATUS amt_status = pthi_StartConfigHBased(&request, &response);
+
+    if (amt_status == 0)
+    {
+        switch (response.HashAlgorithm)
+        {
+        case CERT_HASH_ALGORITHM_MD5:
+            amt_cert.algorithm = "MD5";
+            break;
+        case CERT_HASH_ALGORITHM_SHA1:
+            amt_cert.algorithm = "SHA1";
+            break;
+        case CERT_HASH_ALGORITHM_SHA256:
+            amt_cert.algorithm = "SHA256";
+            break;
+        case CERT_HASH_ALGORITHM_SHA512:
+            amt_cert.algorithm = "SHA512";
+            break;
+        default:
+            break;
+        }
+
+        std::vector<char> hash;
+        std::copy(std::begin(response.AMTCertHash), std::end(response.AMTCertHash), std::begin(hash));
+        util_bytes_to_hex_string(hash, amt_cert.hash);
+
+        return true;
+    }
+
+    return false;
+}