feat: add command to start secure host based config
This commit is contained in:
Mudit Vats
69
commands.cpp
69
commands.cpp
@@ -410,3 +410,72 @@ bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settin
|
|||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool cmd_start_config_host_based(config_host_based_settings& server_cert, config_host_based_settings& amt_cert)
|
||||||
|
{
|
||||||
|
// initialize HECI interface
|
||||||
|
if (heci_Init(NULL, PTHI_CLIENT) == 0) return false;
|
||||||
|
|
||||||
|
CFG_START_CONFIG_HBASED_REQUEST_INFO request;
|
||||||
|
CFG_START_CONFIG_HBASED_RESPONSE_INFO response;
|
||||||
|
|
||||||
|
memset(&request, 0, sizeof(CFG_START_CONFIG_HBASED_REQUEST_INFO));
|
||||||
|
memset(&response, 0, sizeof(CFG_START_CONFIG_HBASED_RESPONSE_INFO));
|
||||||
|
|
||||||
|
if (server_cert.algorithm == "MD5")
|
||||||
|
{
|
||||||
|
request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_MD5;
|
||||||
|
}
|
||||||
|
else if (server_cert.algorithm == "SHA1")
|
||||||
|
{
|
||||||
|
request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_SHA1;
|
||||||
|
}
|
||||||
|
else if (server_cert.algorithm == "SHA256")
|
||||||
|
{
|
||||||
|
request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_SHA256;
|
||||||
|
}
|
||||||
|
else if (server_cert.algorithm == "SHA512")
|
||||||
|
{
|
||||||
|
request.ServerHashAlgorithm = CERT_HASH_ALGORITHM_SHA512;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
std::vector<char> cert_bytes;
|
||||||
|
util_hex_string_to_bytes(server_cert.hash, cert_bytes);
|
||||||
|
std::copy(std::begin(cert_bytes), std::end(cert_bytes), request.ServerCertHash);
|
||||||
|
|
||||||
|
// start secure host based configuration
|
||||||
|
AMT_STATUS amt_status = pthi_StartConfigHBased(&request, &response);
|
||||||
|
|
||||||
|
if (amt_status == 0)
|
||||||
|
{
|
||||||
|
switch (response.HashAlgorithm)
|
||||||
|
{
|
||||||
|
case CERT_HASH_ALGORITHM_MD5:
|
||||||
|
amt_cert.algorithm = "MD5";
|
||||||
|
break;
|
||||||
|
case CERT_HASH_ALGORITHM_SHA1:
|
||||||
|
amt_cert.algorithm = "SHA1";
|
||||||
|
break;
|
||||||
|
case CERT_HASH_ALGORITHM_SHA256:
|
||||||
|
amt_cert.algorithm = "SHA256";
|
||||||
|
break;
|
||||||
|
case CERT_HASH_ALGORITHM_SHA512:
|
||||||
|
amt_cert.algorithm = "SHA512";
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
std::vector<char> hash;
|
||||||
|
std::copy(std::begin(response.AMTCertHash), std::end(response.AMTCertHash), std::begin(hash));
|
||||||
|
util_bytes_to_hex_string(hash, amt_cert.hash);
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|||||||
@@ -37,6 +37,12 @@ struct fqdn_settings
|
|||||||
std::string fqdn;
|
std::string fqdn;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
struct config_host_based_settings
|
||||||
|
{
|
||||||
|
std::string hash;
|
||||||
|
std::string algorithm;
|
||||||
|
};
|
||||||
|
|
||||||
bool cmd_is_admin();
|
bool cmd_is_admin();
|
||||||
bool cmd_get_version(std::string& version);
|
bool cmd_get_version(std::string& version);
|
||||||
bool cmd_get_build_number(std::string& version);
|
bool cmd_get_build_number(std::string& version);
|
||||||
@@ -50,5 +56,6 @@ bool cmd_get_wired_mac_address(std::vector<unsigned char>& address);
|
|||||||
bool cmd_get_certificate_hashes(std::vector<cert_hash_entry>& hash_entries);
|
bool cmd_get_certificate_hashes(std::vector<cert_hash_entry>& hash_entries);
|
||||||
bool cmd_get_remote_access_connection_status(int& network_status, int& remote_status, int& remote_trigger, std::string& mps_hostname);
|
bool cmd_get_remote_access_connection_status(int& network_status, int& remote_status, int& remote_trigger, std::string& mps_hostname);
|
||||||
bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settings);
|
bool cmd_get_lan_interface_settings(lan_interface_settings& lan_interface_settings);
|
||||||
|
bool cmd_start_config_host_based(config_host_based_settings& server_cert, config_host_based_settings& amt_cert);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
27
utils.cpp
27
utils.cpp
@@ -57,3 +57,30 @@ bool util_format_uuid(std::vector<unsigned char> uuid_bytes, std::string& uuid_s
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool util_hex_string_to_bytes(std::string hex_string, std::vector<char>& hex_bytes)
|
||||||
|
{
|
||||||
|
hex_bytes.clear();
|
||||||
|
|
||||||
|
for (int i = 0; i < hex_string.length(); i += 2)
|
||||||
|
{
|
||||||
|
std::string byte_string = hex_string.substr(i, 2);
|
||||||
|
char value = (char)strtol(byte_string.c_str(), NULL, 16);
|
||||||
|
hex_bytes.push_back(value);
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool util_bytes_to_hex_string(std::vector<char> hex_bytes, std::string& hex_string)
|
||||||
|
{
|
||||||
|
hex_string.clear();
|
||||||
|
|
||||||
|
for (char hex_char : hex_bytes)
|
||||||
|
{
|
||||||
|
char hex[10];
|
||||||
|
snprintf(hex, 10, "%02x", hex_char);
|
||||||
|
hex_string += hex;
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
2
utils.h
2
utils.h
@@ -13,5 +13,7 @@ std::string util_encode_base64(std::string str);
|
|||||||
std::string util_decode_base64(std::string str);
|
std::string util_decode_base64(std::string str);
|
||||||
bool util_is_printable(std::string str);
|
bool util_is_printable(std::string str);
|
||||||
bool util_format_uuid(std::vector<unsigned char> uuid_bytes, std::string& uuid_string);
|
bool util_format_uuid(std::vector<unsigned char> uuid_bytes, std::string& uuid_string);
|
||||||
|
bool util_hex_string_to_bytes(std::string hex_string, std::vector<char>& hex_bytes);
|
||||||
|
bool util_bytes_to_hex_string(std::vector<char> hex_bytes, std::string& hex_string);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
Reference in New Issue
Block a user