lvfengfree/serverRoom
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
serverRoom/amt-sdk-20-0-0-1/USB_File_Module/Src/SetupFileReaderWriter/ConfigFile.cpp

2025 lines
53 KiB
C++
Raw Blame History

//----------------------------------------------------------------------------
//
// Copyright (C) 2006 Intel Corporation
//
// File: ConfigFile.cpp
//
// Contents: Tool to create and view sample Intel(R) AMT USB format files
// used with the Configuration Server.
//
//----------------------------------------------------------------------------
#include "SetupFileReaderWriter.h"
#include "ConfigFile.h"
#include "SetupFileDefinitions.h"
#include <fstream>
#include <sstream>
using namespace std;
#include <iomanip>
// check if file exists
bool MyFileExists(const string& fileName)
{
ifstream in(fileName.c_str(), ios_base::binary);
if(in.is_open())
{
in.close();
return true;
}
in.clear(ios::failbit);
in.close();
return false;
}
bool IsPskAllZeroes(const char pid[PID_LENGTH], const char pps[PPS_LENGTH])
{
// check pid for all zeroes
for(int i = 0; i < PID_LENGTH; i++)
{
if (48 != pid[i])
{
return false;
}
}
// check pps for all zeroes
for(int i = 0; i < PPS_LENGTH; i++)
{
if (48 != pps[i])
{
return false;
}
}
return true;
}
bool IsPpsValid(const char pps[PPS_LENGTH])
{
// first validate char values
for(int i = 0; i < PPS_LENGTH; i++)
{
unsigned int tmp = (unsigned int)pps[i];
if(!((tmp > 47 && tmp < 58) || (tmp > 64 && tmp < 91)))
{
return false;
}
}
// validate CRC mechanism
for(int i = 0; i < 8; i++)
{
unsigned int crc = 0;
for(int j = 0; j < 3; j ++)
{
crc += pps[i*4 + j];
}
crc %= 36;
if(crc < 10)
{
crc = crc + 48;
}
else
{
crc = crc - 10 + 65;
}
if(crc != (unsigned int)pps[i*4 + 3])
{
return false;
}
}
return true;
}
bool IsPidValid(const char pid[PID_LENGTH])
{
// first validate char values
for(int i = 0; i < PID_LENGTH; i++)
{
unsigned int tmp = (unsigned int)pid[i];
if(!((tmp > 47 && tmp < 58) || (tmp > 64 && tmp < 91)))
{
return false;
}
}
// validate CRC mechanism
unsigned int crc = 0;
for(int i = 0; i < 7; i++)
{
crc += pid[i];
}
crc %= 36;
if(crc < 10)
{
crc = crc + 48;
}
else
{
crc = crc - 10 + 65;
}
if(crc != (unsigned int)pid[7])
{
return false;
}
return true;
}
bool IsPasswordValid(const string& pwd)
{
// validate length
int len = (int)pwd.length();
if(len < MIN_PWD_LEN || len > MAX_PWD_LEN)
{
return false;
}
// verify password strength
bool digit = false;
bool symbol = false;
bool upper = false;
bool lower = false;
for (int i = 0; i < len; i++)
{
// make sure that we have only acceptable characters
if ((pwd[i] == ':') ||
(pwd[i] == '"') ||
(pwd[i] == ',') ||
(pwd[i] < 0x20) ||
(pwd[i] > 0x7E))
{
//printf("\nError: The given password contains an invalid character.\n");
return false;
}
// lower case abc
if (pwd[i] >= 'a' && pwd[i] <= 'z')
{
lower = true;
}
// upper case ABC
else if (pwd[i] >= 'A' && pwd[i] <= 'Z')
{
upper = true;
}
// numeric
else if (pwd[i] >= '0' && pwd[i] <= '9')
{
digit = true;
}
// 7 bit ASCII non alpha numeric
else if (pwd[i] != '_' && pwd[i] != ' ')
{
symbol = true;
}
}
if(!(symbol && digit && upper && lower))
{
//printf("\nError: The given password is not strong.\n");
return false;
}
return true;
}
int IsRecordValid(const ConfigRecord record)
{
if (record.hasPskPair)
{
if (!IsPskAllZeroes((char*)(record.Pid), (char*)(record.Pps)))
{
if(!IsPidValid((char*)(record.Pid)))
{
return CONFIG_INVALID_PID;
}
if(!IsPpsValid((char*)(record.Pps)))
{
return CONFIG_INVALID_PPS;
}
}
}
if(!IsPasswordValid(record.NewMEBxPwd))
{
return CONFIG_INVALID_NEW_PWD;
}
if(record.CurrentMEBxPwd.length() > MAX_PWD_LEN ||
record.CurrentMEBxPwd.length() == 0)
{
return CONFIG_INVALID_CURR_PWD;
}
if(!record.valid)
{
return CONFIG_INVALID_RECORD;
}
return CONFIG_SUCCESS;
}
void RandomChar(char* randomChar, const string& validChars, const MyRand* myRand)
{
int length = (int)validChars.length();
int index = myRand->RandomNumber() % length;
if(randomChar)
{
*randomChar = validChars[index];
}
}
int RandomPassword(string* pwd, const unsigned int len, MyRand* myRand)
{
bool randIsNull = false;
int length = len;
string data;
data.resize(length);
const string CAPITALS = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
const string LOWER_CASE = "abcdefghijklmnopqrstuvwxyz";
const string DIGITS = "0123456789";
const string SYMBOLS = "!#$%&'()*+-./;<=>?@{\\]^`{|}~";
const string all = CAPITALS + LOWER_CASE + DIGITS + SYMBOLS + " _";
if(length < MIN_PWD_LEN)
{
length = MIN_PWD_LEN;
}
if(length > MAX_PWD_LEN)
{
length = MAX_PWD_LEN;
}
if(myRand == NULL)
{
randIsNull = true;
try
{
myRand = new MyRand();
}
catch(RandomNumberError)
{
delete myRand;
return CONFIG_RNG_ERROR;
}
}
int retVal = CONFIG_SUCCESS;
try
{
// choose random index for capital, lowercase, symbol and digit
int indexes[MAX_PWD_LEN];
for(int i = 0; i < MAX_PWD_LEN; i++)
{
indexes[i] = i;
}
int r = myRand->RandomNumber() % length;
int capitalIndex = indexes[r];
indexes[r] = indexes[length - 1];
r = myRand->RandomNumber() % (length - 1);
int lowerIndex = indexes[r];
indexes[r] = indexes[length - 2];
r = myRand->RandomNumber() % (length - 2);
int symbolIndex = indexes[r];
indexes[r] = indexes[length - 3];
r = myRand->RandomNumber() % (length - 3);
int digitIndex = indexes[r];
char temp;
for(int i = 0; i < length; i++)
{
if(i == capitalIndex)
{
RandomChar(&temp, CAPITALS, myRand);
}
else if(i == lowerIndex)
{
RandomChar(&temp, LOWER_CASE, myRand);
}
else if(i == symbolIndex)
{
RandomChar(&temp, SYMBOLS, myRand);
}
else if(i == digitIndex)
{
RandomChar(&temp, DIGITS, myRand);
}
else
{
RandomChar(&temp, all, myRand);
}
data[i] = temp;
}
}
catch(RandomNumberError)
{
retVal = CONFIG_RNG_ERROR;
}
if(randIsNull)
{
delete myRand;
myRand = NULL;
}
if(retVal == CONFIG_SUCCESS)
{
if(pwd)
{
*pwd = data;
}
}
return retVal;
}
int RandomPid(char pid[PID_LENGTH], const MyRand* myRand)
{
bool randIsNull = false;
const string LEGAL = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
if(myRand == NULL)
{
randIsNull = true;
try
{
myRand = new MyRand();
}
catch(RandomNumberError)
{
delete myRand;
return CONFIG_RNG_ERROR;
}
}
int retVal = CONFIG_SUCCESS;
char temp;
unsigned int crc = 0;
try
{
for(int i = 0; i < 7; i++)
{
RandomChar(&temp, LEGAL, myRand);
pid[i] = temp;
crc += (unsigned char)pid[i];
}
crc %= 36;
pid[7] = LEGAL[crc];
}
catch(RandomNumberError)
{
retVal = CONFIG_RNG_ERROR;
}
if(randIsNull)
{
delete myRand;
myRand = NULL;
}
return retVal;
}
int RandomPps(char pps[PPS_LENGTH], const MyRand* myRand)
{
bool randIsNull = false;
const string LEGAL = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
if(myRand == NULL)
{
randIsNull = true;
try
{
myRand = new MyRand();
}
catch(RandomNumberError)
{
delete myRand;
return CONFIG_RNG_ERROR;
}
}
int retVal = CONFIG_SUCCESS;
char temp;
unsigned int crc = 0;
try
{
for(int i = 0; i < 8; i++)
{
crc = 0;
for(int j = 0; j < 3; j ++)
{
RandomChar(&temp, LEGAL, myRand);
pps[i*4 + j] = temp;
crc += (unsigned char)pps[i*4 + j];
}
crc %= 36;
pps[i*4 + 3] = LEGAL[crc];
}
}
catch(RandomNumberError)
{
retVal = CONFIG_RNG_ERROR;
}
if(randIsNull)
{
delete myRand;
myRand = NULL;
}
return retVal;
}
int WriteVersion1ConfigFile(const string& fileName,
const vector<ConfigRecord>& records,
const bool overwrite)
{
int retVal = CONFIG_SUCCESS;
unsigned int number = (unsigned int)records.size();
for(unsigned int i = 0; i < number; i++)
{
if((retVal = IsRecordValid(records[i])) != CONFIG_SUCCESS)
{
return retVal;
}
}
if(!overwrite && MyFileExists(fileName))
{
return CONFIG_FILE_WRITE_ERROR;
}
vector<DataRecord> dataRecords;
ConfigRecord temp;
for(unsigned int i = 0; i < number; i++)
{
temp = records[i];
DataRecord record; // default Ctr
record.AddRecordEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_CURRENT_MEBX_PWD,
(unsigned short)temp.CurrentMEBxPwd.length(),
(unsigned char*)temp.CurrentMEBxPwd.c_str());
record.AddRecordEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_NEW_MEBX_PWD,
(unsigned short)temp.NewMEBxPwd.length(),
(unsigned char*)temp.NewMEBxPwd.c_str());
if (temp.hasPskPair)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PID,
PID_LENGTH, (unsigned char*)temp.Pid);
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PPS,
PPS_LENGTH, (unsigned char*)temp.Pps);
}
dataRecords.push_back(record);
}
unsigned short headerChunkCount = SINGLE_CHUNK_COUNT;
unsigned short dataRecordChunkCount = SINGLE_CHUNK_COUNT;
unsigned int bufferLength = (unsigned int)CHUNK_SIZE *
(headerChunkCount + number * dataRecordChunkCount);
unsigned char* data = new unsigned char[bufferLength];
memset(data, 0, bufferLength);
SetupFileInfo fileInfo;
fileInfo.consumeRecords = false;
fileInfo.dataRecordChunkCount = dataRecordChunkCount;
fileInfo.headerChunkCount = headerChunkCount;
fileInfo.majorVersion = SETUP_FILE_VERSION_1;
fileInfo.minorVersion = 0;
fileInfo.recordCount = number;
fileInfo.recordsConsumed = 0;
retVal = RecordsToBuffer(dataRecords, fileInfo,
bufferLength, data);
if(retVal == CONFIG_SUCCESS)
{
ofstream setupFile(fileName.c_str(), ios_base::binary);
if(!setupFile.is_open())
{
retVal = CONFIG_FILE_WRITE_ERROR;
}
else
{
setupFile.write((char*)data,bufferLength);
setupFile.close();
}
}
delete[] data;
data = NULL;
return retVal;
}
int GetConfigRecord(const DataRecord record, ConfigRecord* config)
{
unsigned short varLen;
char pid[PID_LENGTH];
char pps[PPS_LENGTH];
char currPwdB[MAX_PWD_LEN + 1];
char newPwdB[MAX_PWD_LEN + 1];
if(!record.FindEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_CURRENT_MEBX_PWD,
&varLen, MAX_PWD_LEN, (unsigned char*)currPwdB))
{
return CONFIG_MISSING_CURR_PWD;
}
if(varLen == 0 || varLen > MAX_PWD_LEN)
{
return CONFIG_INVALID_CURR_PWD;
}
currPwdB[varLen] = 0;
if(!record.FindEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_NEW_MEBX_PWD,
&varLen, MAX_PWD_LEN, (unsigned char*)newPwdB))
{
return CONFIG_MISSING_NEW_PWD;
}
if(varLen < MIN_PWD_LEN || varLen > MAX_PWD_LEN)
{
return CONFIG_INVALID_NEW_PWD;
}
newPwdB[varLen] = 0;
if(!IsPasswordValid((char*)newPwdB))
{
return CONFIG_INVALID_NEW_PWD;
}
if(!record.FindEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PID,
&varLen, PID_LENGTH, (unsigned char*)pid))
{
return CONFIG_MISSING_PID;
}
if(varLen != PID_LENGTH)
{
return CONFIG_INVALID_PID;
}
if(!record.FindEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PPS,
&varLen, PPS_LENGTH, (unsigned char*)pps))
{
return CONFIG_MISSING_PPS;
}
if(varLen != PPS_LENGTH)
{
return CONFIG_INVALID_PPS;
}
if (!IsPskAllZeroes(pid, pps))
{
if (!IsPidValid(pid))
{
return CONFIG_INVALID_PID;
}
if (!IsPpsValid(pps))
{
return CONFIG_INVALID_PPS;
}
}
config->valid = true;
config->CurrentMEBxPwd = (char*)currPwdB;
config->NewMEBxPwd = (char*)newPwdB;
if (memcpy_s((char*)(config->Pid), PID_LENGTH, (char*)pid, PID_LENGTH))
{
return CONFIG_INVALID_PID;
}
if (memcpy_s((char*)(config->Pps), PPS_LENGTH, (char*)pps, PPS_LENGTH))
{
return CONFIG_INVALID_PPS;
}
return CONFIG_SUCCESS;
}
int ReadConfigFile(const string& fileName,
vector<ConfigRecord>& records)
{
ifstream ifs(fileName.c_str(), ifstream::binary);
if(!ifs.is_open())
{
return CONFIG_FILE_READ_ERROR;
}
ifs.seekg(0,ifstream::end);
unsigned int fileSize = ifs.tellg();
ifs.seekg(0);
unsigned char* data = new unsigned char[fileSize];
ifs.read((char*)data, fileSize);
ifs.close();
vector<DataRecord> dataRecords;
SetupFileInfo fileInfo;
int retVal = BufferToRecords(fileSize, data, &fileInfo, &dataRecords);
delete[] data;
data = NULL;
if(retVal != CONFIG_SUCCESS)
{
return retVal;
}
unsigned int numRecords = (unsigned int)dataRecords.size();
for(unsigned int i = 0; i < numRecords; i++)
{
ConfigRecord temp;
if(dataRecords[i].GetIsValid())
{
retVal = GetConfigRecord(dataRecords[i], &temp);
if(retVal != CONFIG_SUCCESS)
{
return retVal;
}
}
else
{
temp.valid = false;
}
records.push_back(temp);
}
return retVal;
}
int GetConfigFileRecord(const string& fileName,
const unsigned int index,
ConfigRecord* config)
{
ifstream ifs(fileName.c_str(), ifstream::binary);
if(!ifs.is_open())
{
return CONFIG_FILE_READ_ERROR;
}
ifs.seekg(0,ifstream::end);
unsigned int fileSize = ifs.tellg();
ifs.seekg(0);
unsigned char* data = new unsigned char[fileSize];
ifs.read((char*)data, fileSize);
ifs.close();
DataRecord record;
int retVal = GetRecordByIndex(fileSize, data, index, &record);
delete[] data;
data = NULL;
if(retVal != CONFIG_SUCCESS)
{
return retVal;
}
return GetConfigRecord(record, config);
}
int CreateDataRecord(const RecordSettings& settings, DataRecord& record)
{
/*********** Start of ME Kernel Variable Identifiers **********/
unsigned short currPwdLen = (unsigned short)settings.currentMEBxPwd.length();
if(currPwdLen == 0 || currPwdLen > MAX_PWD_LEN)
{
return CONFIG_INVALID_CURR_PWD;
}
if(!IsPasswordValid(settings.newMEBxPwd))
{
return CONFIG_INVALID_NEW_PWD;
}
// Current MEBx password (all versions)
record.AddRecordEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_CURRENT_MEBX_PWD,
currPwdLen,
(unsigned char*)settings.currentMEBxPwd.c_str());
// New MEBx password (all versions)
record.AddRecordEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_NEW_MEBX_PWD,
(unsigned short)settings.newMEBxPwd.length(),
(unsigned char*)settings.newMEBxPwd.c_str());
// Manageability Feature Selection (all versions)
if(settings.setAmt)
{
unsigned char man =
ME_VARIABLE_IDENTIFIER_MANAGEABILITY_FEATURE_AMT;
record.AddRecordEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_MANAGEABILITY_FEATURE_SELECTION,
ME_VARIABLE_IDENTIFIER_MANAGEABILITY_FEATURE_LEN, &man);
}
if(((2 == settings.majorVersion) && (1 == settings.minorVersion)) || (3 <= settings.majorVersion))
{
// Firmware Local Update (ver 2.1, 3 and 4)
if(settings.fwLocalUpdatePresent)
{
if((settings.fwLocalUpdateEnable == LOCAL_FW_UPDATE_PASSWORD_PROTECTED && 4 <= settings.majorVersion)
|| settings.fwLocalUpdateEnable == LOCAL_FW_UPDATE_DISABLED || settings.fwLocalUpdateEnable == LOCAL_FW_UPDATE_ENABLED)
{
unsigned char fwLocalUpdate = (unsigned char)settings.fwLocalUpdateEnable;
record.AddRecordEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_FW_LOCAL_UPDATE,
ME_VARIABLE_IDENTIFIER_FW_LOCAL_UPDATE_LEN, &fwLocalUpdate);
}
}
}
if(((2 == settings.majorVersion) && (1 == settings.minorVersion)) || (3 == settings.majorVersion))
{
// Firmware Update Qualifier (ver 2.1 and 3)
if (settings.fwUpdateQualifierPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_FW_UPDATE_QUALIFIER,
ME_VARIABLE_IDENTIFIER_FW_UPDATE_QUALIFIER_LEN,
(const unsigned char *)&settings.fwUpdateQualifier);
}
}
if(((2 == settings.majorVersion) && (1 == settings.minorVersion)) || (3 <= settings.majorVersion))
{
// Power Packages (ver 2.1, 3 and 4)
if (settings.guidPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_ME_KERNEL,
ME_VARIABLE_IDENTIFIER_PP,
ME_VARIABLE_IDENTIFIER_PP_LEN,
(const unsigned char *)settings.guid);
}
}
/*********** End of ME Kernel Variable Identifiers **********/
/*********** Start of Intel(R) AMT CM Variable Identifiers **********/
// PID (all versions)
if(settings.pidValid)
{
if (!IsPskAllZeroes(settings.pid, settings.pps))
{
if(!IsPidValid(settings.pid))
{
return CONFIG_INVALID_PID;
}
}
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PID,
PID_LENGTH, (unsigned char*)&(settings.pid[0]));
}
// PPS (all versions)
if(settings.ppsValid)
{
if (!IsPskAllZeroes(settings.pid, settings.pps))
{
if(!IsPpsValid(settings.pps))
{
return CONFIG_INVALID_PPS;
}
}
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PPS,
PPS_LENGTH, (unsigned char*)&(settings.pps[0]));
}
if(settings.majorVersion >= 2)
{
// PKI DNS Suffix (ver 2, 2.1, 3 and 4)
if(settings.dnsSuffixValid)
{
if((settings.dnsSuffix.length() > CM_VARIABLE_IDENTIFIER_PKI_DNS_SUFFIX_MAXLEN) ||
(settings.dnsSuffix.empty()))
{
return CONFIG_INVALID_DNS_SUFFIX;
}
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PKI_DNS_SUFFIX,
(unsigned short)settings.dnsSuffix.length(),
(unsigned char*)settings.dnsSuffix.c_str());
}
// Config Server FQDN (ver 2, 2.1, 3 and 4)
if(settings.serverFqdnValid)
{
if((settings.ServerFqdn.length() > CM_VARIABLE_IDENTIFIER_CONFIG_SERVER_FQDN_MAXLEN) ||
(settings.ServerFqdn.empty()))
{
return CONFIG_INVALID_FQDN;
}
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_CONFIG_SERVER_FQDN,
(unsigned short)settings.ServerFqdn.length(),
(unsigned char*)settings.ServerFqdn.c_str());
}
// RCFG Enabled (ver 2, 2.1, 3 and 4)
if(settings.enableRCFGValid)
{
unsigned char rcfg = CM_VARIABLE_IDENTIFIER_RCFG_ENABLED_OFF;
if(settings.enableRCFG)
{
rcfg = CM_VARIABLE_IDENTIFIER_RCFG_ENABLED_ON;
}
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_RCFG_ENABLED,
CM_VARIABLE_IDENTIFIER_RCFG_ENABLED_LEN, &rcfg);
}
// Pre Installed (OEM) Cert Enable (ver 2, 2.1, 3 and 4)
if(settings.oemCertificateFlagExist)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PREINSTALLED_CERT_ENABLE,
CM_VARIABLE_IDENTIFIER_PREINSTALLED_CERT_ENABLE_LEN, (const unsigned char *)&settings.oemCertificateFlag);
}
// Pre Installed (OEM) Cert Enable (ver 2, 2.1, 3 and 4)
if(settings.userCertificateFlagExist)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERTS_CONFIG,
CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERTS_CONFIG_LEN, (const unsigned char *)&settings.userCertificateFlag);
}
if(!settings.certHashes.empty())
{
//// Pre Installed Cert Enable (ver 2, 2.1, 3 and 4)
//// Disable default
//unsigned char tmp = CM_VARIABLE_IDENTIFIER_PREINSTALLED_CERT_ENABLE_OFF;
//record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
// CM_VARIABLE_IDENTIFIER_PREINSTALLED_CERT_ENABLE,
// CM_VARIABLE_IDENTIFIER_PREINSTALLED_CERT_ENABLE_LEN, &tmp);
// User Defined Certs Config (ver 2, 2.1, 3 and 4)
// Delete existing user defined hashes
/*tmp = CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERTS_CONFIG_DELETE;
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERTS_CONFIG,
CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERTS_CONFIG_LEN, &tmp);*/
// User Defined Cert Add (ver 2, 2.1, 3 and 4)
// Add new certs
unsigned char hash[CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERT_ADD_MAXLEN];
for(unsigned int i = 0; i < settings.certHashes.size(); i++)
{
// SHA1 supported in ver 2, 2.1, 3 and 4 while SHA256 and SHA384 supported in ver 3 and 4 only;
// Therefore, add the cert to the file only if it stands in the described terms.
if ( (USB_CERT_HASH_ALGORITHM_SHA1 == settings.certHashes[i]._hashAlgorithm) ||
((USB_CERT_HASH_ALGORITHM_SHA256 == settings.certHashes[i]._hashAlgorithm ||
(USB_CERT_HASH_ALGORITHM_SHA384 == settings.certHashes[i]._hashAlgorithm))
&& (3 <= settings.majorVersion)))
{
hash[0] = settings.certHashes[i]._hashAlgorithm;
if(memcpy_s(hash + 1, ARRAYSIZE(hash) - 1, settings.certHashes[i]._hash, settings.certHashes[i]._hashLength))
{
return CONFIG_INVALID_CERT_SETTINGS;
}
memset(hash + 1 + settings.certHashes[i]._hashLength, 0,
CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERT_ADD_MAXLEN - (1 + settings.certHashes[i]._hashLength));
// Friendly name length is assumed to be <= 32
*(hash + 1 + settings.certHashes[i]._hashLength) =
(unsigned char)settings.certHashes[i]._friendlyName.length();
if (memcpy_s(hash + 1 + settings.certHashes[i]._hashLength + 1,
ARRAYSIZE(hash) - settings.certHashes[i]._hashLength -2,
settings.certHashes[i]._friendlyName.c_str(),
settings.certHashes[i]._friendlyName.length()))
{
return CONFIG_INVALID_CERT_SETTINGS;
}
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERT_ADD,
1 + settings.certHashes[i]._hashLength + 1 + (unsigned short)settings.certHashes[i]._friendlyName.length(),
hash);
}
}
}
// SOL IDER Config (ver 2, 2.1,3 and 4)
if(settings.soliderConfigValid)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_SOL_IDE_REDIRECTION_CONFIG,
CM_VARIABLE_IDENTIFIER_SOL_IDE_REDIRECTION_CONFIG_LEN,
&settings.soliderConfig);
}
}
if(((2 == settings.majorVersion) && (1 == settings.minorVersion)) || (3 <= settings.majorVersion))
{
// Host Name (ver 2.1, 3 and 4)
if (settings.hostNamePresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_HOST_NAME,
(unsigned short)settings.hostName.length(),
(const unsigned char *)settings.hostName.c_str());
}
// Domain Name (ver 2.1, 3 and 4)
if (settings.domainNamePresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_DOMAIN_NAME,
(unsigned short)settings.domainName.length(),
(const unsigned char *)settings.domainName.c_str());
}
// DHCP (ver 2.1, 3 and 4)
if (settings.dhcpPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_DHCP,
DHCP_LENGTH, (const unsigned char *)&settings.dhcp);
}
// Secure Firmware Update (ver 2.1 and 3)
if (3 >= settings.majorVersion && settings.secureFWUpdatePresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_SFWU,
SFWU_LENGTH, (const unsigned char *)&settings.secureFWUpdate);
}
// Idle timeout (ver 2.1, 3 and 4)
if (settings.idleTimeOutPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_ITO,
IDLE_TIMEOUT_LENGTH, (const unsigned char *)settings.idleTimeOut);
}
// Provisioning Mode (ver 2.1, deprecated from 3)
if (settings.provisionModePresent)
{
if (3 <= settings.majorVersion)
{
cout << endl
<< "Warning: Entering the 'Provisioning Mode' variable (configured using the '-pm' flag)"
<< endl << "\t to the file even though it is deprecated starting from version 3" << endl;
}
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PM,
PM_LENGTH, (const unsigned char *)&settings.provisionMode);
}
// Provisioning Server Address (ver 2.1, 3 and 4)
if (settings.provisionServerAddPresent)
{
// IPv4 supported in ver 2.1, 3 and 4 while IPv6 supported in ver 3 and 4 only;
// Therefore, add the provision server address to the file only if it stands in the described terms.
if ((IPV4 == settings.provisionServerAddType) ||
((IPV6 == settings.provisionServerAddType) && (3 <= settings.majorVersion)))
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PSADDR,
settings.provisionServerAddSize,
(const unsigned char *)settings.provisionServerAdd);
}
}
// Provisioning Server Port (ver 2.1, 3 and 4)
if (settings.provisionServerPortPresent)
{
// IPv4 supported in ver 2.1, 3 and 4 while IPv6 supported in ver 3 and 4 only;
// Therefore, add the provision server port to the file only if it stands in the described terms.
// (This check prevent from the user to add only the provision server port,
// in case ipv6 address was given in ver 2.1)
if ((IPV4 == settings.provisionServerAddType) ||
((IPV6 == settings.provisionServerAddType) && (3 <= settings.majorVersion)))
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PSPO,
PROSERPORT_SIZE, (const unsigned char *)settings.provisionServerPort);
}
}
// Static IPv4 Parameters (ver 2.1, 3 and 4)
if (settings.staticIPv4ParamsPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_STATIC_PV4_PARAMS,
STATIC_PV4_PARAMS_SIZE, (const unsigned char *)settings.staticIPv4Params);
}
// VLAN (ver 2.1, 3 and 4)
if (settings.vlanPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_VLAN,
VLAN_SIZE, (const unsigned char *)settings.vlan);
}
// MEBx Password Change Policy (ver 2.1, 3 and 4)
if(settings.passPolicyFlagExist)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PASS_POLICY_FLAG,
PASS_POLICY_FLAG_SIZE, (const unsigned char *)&settings.passPolicyFlag);
}
}
if(3 <= settings.majorVersion)
{
// IPV6 (from ver 3 only)
if (settings.ipv6ParamsPresent)
{
if(4 <= settings.majorVersion)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_IPV6,
CM_VARIABLE_IDENTIFIER_IPV6_LEN_NEW_FORMAT,
(const unsigned char *)settings.ipv6Params);
}
else
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_IPV6,
CM_VARIABLE_IDENTIFIER_IPV6_LEN,
(const unsigned char *)settings.ipv6Params);
}
}
// Shared/Dedicated FQDN (from ver 3 only)
if(settings.sharedDedicatedFqdnPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_SHARED_DEDICATED_FQDN,
CM_VARIABLE_IDENTIFIER_SHARED_DEDICATED_FQDN_LEN,
(const unsigned char *)&settings.sharedDedicatedFqdn);
}
// Dynamic DNS Update (from ver 3 only)
if(settings.dynamicDnsUpdatePresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_DYNAMIC_DNS_UPDATE,
CM_VARIABLE_IDENTIFIER_DYNAMIC_DNS_UPDATE_LEN,
(const unsigned char *)&settings.dynamicDnsUpdate);
}
// KVM State (from ver 3 only)
if(settings.kvmStatePresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_KVM_STATE,
CM_VARIABLE_IDENTIFIER_KVM_STATE_LEN,
(const unsigned char *)&settings.kvmState);
}
// Opt-In user consent option (from ver 3 only)
if(settings.optInUserConsentPresent)
{
//'all' (0xFF) option is supported starting from version 4 only
if (settings.optInUserConsentOption != CM_VARIABLE_IDENTIFIER_OPT_IN_USER_CONSENT_ENABLE_ALL
|| settings.majorVersion == 4)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_OPT_IN_USER_CONSENT_OPTION,
CM_VARIABLE_IDENTIFIER_OPT_IN_USER_CONSENT_OPTION_LEN,
(const unsigned char *)&settings.optInUserConsentOption);
}
}
// Opt-In remote IT consent policy (from ver 3 only)
if(settings.optInRemoteITPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_OPT_IN_REMOTE_IT_CONSENT_POLICY,
CM_VARIABLE_IDENTIFIER_OPT_IN_REMOTE_IT_CONSENT_POLICY_LEN,
(const unsigned char *)&settings.optInRemoteItPolicy);
}
// ME provisioning Halt/Activate (from ver 3 only)
if(settings.meProvisioningHaltActivatePresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_ME_PROVISION_HALT_ACTIVE,
CM_VARIABLE_IDENTIFIER_ME_PROVISION_HALT_ACTIVE_LEN,
(const unsigned char *)&settings.meProvisioningHaltActivate);
}
// Manual Setup and Configuration (from ver 3 only)
if(settings.manualSetupAndConfigurationPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_MANUAL_SETUP_AND_CONFIGURATION,
CM_VARIABLE_IDENTIFIER_MANUAL_SETUP_AND_CONFIGURATION_LEN,
(const unsigned char *)&settings.manualSetupAndConfiguration);
}
// Support Channel Identifier (from ver 3 only)
if (settings.supportChannelIdentifierPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_SUPPORT_CHANNEL_IDENTIFIER,
CM_VARIABLE_IDENTIFIER_SUPPORT_CHANNEL_IDENTIFIER_LEN,
(const unsigned char *)settings.supportChannelIdentifier);
}
// Support Channel Description (from ver 3 only)
if (settings.supportChannelDescriptionPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_SUPPORT_CHANNEL_DESCRIPTION,
(unsigned short)settings.supportChannelDescription.length(),
(const unsigned char *)settings.supportChannelDescription.c_str());
}
// Service Account Number (from ver 3 only)
if (settings.serviceAccountNumberPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_SERVICE_ACCOUNT_NUMBER,
(unsigned short)settings.serviceAccountNumber.length(),
(const unsigned char *)settings.serviceAccountNumber.c_str());
}
// Enrollment Passcode (from ver 3 only)
if (settings.enrollmentPasscodePresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_ENROLLMENT_PASSCODE,
(unsigned short)settings.enrollmentPasscode.length(),
(const unsigned char *)settings.enrollmentPasscode.c_str());
}
// Service Type (from ver 3 only)
if (settings.serviceTypePresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_SERVICE_TYPE,
CM_VARIABLE_IDENTIFIER_SERVICE_TYPE_LEN,
(const unsigned char *)settings.serviceType);
}
// Service Provider Identifier (from ver 3 only)
if (settings.serviceProviderIdentifierPresent)
{
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_SERVICE_PROVIDER_IDENTIFIER,
CM_VARIABLE_IDENTIFIER_SERVICE_PROVIDER_IDENTIFIER_LEN,
(const unsigned char *)settings.serviceProviderIdentifier);
}
}
if (4 == settings.majorVersion && settings.scrambleRecords)
{
record.SetScrambled(true);
}
/*********** End of Intel(R) AMT CM Variable Identifiers **********/
return CONFIG_SUCCESS;
}
int WriteConfigFile(const RecordSettings& settings,
const string& fileName,
bool overwrite,
vector<ConfigRecord>* cfgRecords)
{
if(!overwrite && MyFileExists(fileName))
{
return CONFIG_FILE_WRITE_ERROR;
}
vector<DataRecord> records;
int retVal;
DataRecord commonData; // default ctr
// create data record adds all of the common fields
retVal = CreateDataRecord(settings, commonData);
if(retVal != CONFIG_SUCCESS)
{
return retVal;
}
for(int i = 0; i < settings.numRecords; i++)
{
DataRecord record(commonData);
ConfigRecord cfgRecord;
cfgRecord.valid = true;
cfgRecord.hasPskPair = false;
cfgRecord.CurrentMEBxPwd = settings.currentMEBxPwd;
cfgRecord.NewMEBxPwd = settings.newMEBxPwd;
if (!((settings.provisionModePresent)&&(CM_VARIABLE_IDENTIFIER_PM_SMB == settings.provisionMode)))
{
// make sure settings does not have pid\pps before generating
if(settings.generateRandomPskPair && !settings.pidValid && !settings.ppsValid)
{
char pid[PID_LENGTH];
RandomPid(pid);
char pps[PPS_LENGTH];
RandomPps(pps);
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PID,
PID_LENGTH, (unsigned char*)pid);
record.AddRecordEntry(MODULE_IDENTIFIER_AMT_CM,
CM_VARIABLE_IDENTIFIER_PPS,
PPS_LENGTH, (unsigned char*)pps);
if (memcpy_s(&cfgRecord.Pid[0], ARRAYSIZE(cfgRecord.Pid), &pid[0], ARRAYSIZE(pid)))
{
return CONFIG_FILE_WRITE_ERROR;
}
if (memcpy_s(&cfgRecord.Pps[0], ARRAYSIZE(cfgRecord.Pps), &pps[0], ARRAYSIZE(pps)))
{
return CONFIG_FILE_WRITE_ERROR;
}
cfgRecord.hasPskPair = true;
}
else if (settings.pidValid && settings.ppsValid)
{
if (memcpy_s(&cfgRecord.Pid[0], ARRAYSIZE(cfgRecord.Pid), settings.pid, ARRAYSIZE(settings.pid)))
{
return CONFIG_FILE_WRITE_ERROR;
}
if (memcpy_s(&cfgRecord.Pps[0], ARRAYSIZE(cfgRecord.Pps), settings.pps, ARRAYSIZE(settings.pps)))
{
return CONFIG_FILE_WRITE_ERROR;
}
cfgRecord.hasPskPair = true;
}
}
if(cfgRecords)
{
cfgRecords->push_back(cfgRecord);
}
records.push_back(record);
}
SetupFileInfo fileInfo;
fileInfo.majorVersion = settings.majorVersion;
switch(settings.majorVersion)
{
case SETUP_FILE_VERSION_1:
fileInfo.minorVersion = 0;
if (false == settings.multiple)
{
fileInfo.consumeRecords = true;
}
break;
case SETUP_FILE_VERSION_2:
fileInfo.minorVersion = settings.minorVersion;
if (false == settings.multiple)
{
fileInfo.consumeRecords = settings.consumable;
}
break;
case SETUP_FILE_VERSION_3:
fileInfo.minorVersion = 0;
if (false == settings.multiple)
{
fileInfo.consumeRecords = settings.consumable;
}
break;
case SETUP_FILE_VERSION_4:
fileInfo.minorVersion = 0;
if (false == settings.multiple)
{
fileInfo.consumeRecords = settings.consumable;
}
break;
default:
return CONFIG_VERSION_UNSUPPORTED;
}
if (settings.multiple)
{
fileInfo.consumeRecords = true;
}
fileInfo.headerChunkCount = SINGLE_CHUNK_COUNT;
fileInfo.recordCount = settings.numRecords;
fileInfo.recordsConsumed = 0;
// all records require the same chunk count
fileInfo.dataRecordChunkCount = GetChunkCount(records[0]);
unsigned int bufferLength = (unsigned int)CHUNK_SIZE *
(fileInfo.headerChunkCount + records.size()*fileInfo.dataRecordChunkCount);
unsigned char* data = new unsigned char[bufferLength];
memset(data, 0, bufferLength);
retVal = RecordsToBuffer(records, fileInfo, bufferLength, data);
if(retVal == CONFIG_SUCCESS)
{
ofstream setupFile(fileName.c_str(), ios_base::binary);
if(!setupFile.is_open())
{
retVal = CONFIG_FILE_WRITE_ERROR;
}
else
{
setupFile.write((char*)data,bufferLength);
setupFile.close();
}
}
delete[] data;
data = NULL;
return retVal;
}
int ParseUsbFile(const string& fileName,
SetupFileInfo* fileInfo,
vector<DataRecord>* records)
{
ifstream ifs(fileName.c_str(), ifstream::binary);
if(!ifs.is_open())
{
return CONFIG_FILE_READ_ERROR;
}
ifs.seekg(0,ifstream::end);
unsigned int fileSize = ifs.tellg();
ifs.seekg(0);
unsigned char* data = new unsigned char[fileSize];
ifs.read((char*)data, fileSize);
ifs.close();
int retVal = BufferToRecords(fileSize, data, fileInfo, records);
delete[] data;
data = NULL;
return retVal;
}
int DumpUsbFile(const string& fileName, ostream& out, bool printRecords)
{
SetupFileInfo info;
info.majorVersion = 0;
info.minorVersion = 0;
info.consumeRecords = false;
info.recordCount = 0;
info.recordsConsumed = 0;
vector<DataRecord> records;
int retVal = CONFIG_SUCCESS;
if(CONFIG_SUCCESS != (retVal = ParseUsbFile(fileName, &info, &records)))
{
return retVal;
}
out << "USB file " << fileName.c_str() << " Contents:" << endl;
out << "Setup File version = " << (unsigned int)info.majorVersion
<< "." << (unsigned int)info.minorVersion << endl;
out << "Is Consumable = "
<< (info.consumeRecords ? "True" : "False") << endl;
out << "Total Records = " << info.recordCount << endl;
out << "Consumed Records = " << info.recordsConsumed << endl << endl;
if(printRecords)
{
out << "Valid Records:" << endl;
int recordValid;
for(unsigned int i = 0; i < (unsigned int)records.size(); i++)
{
out << "Record " << info.recordsConsumed + i + 1 << ":" << endl;
if(CONFIG_SUCCESS != (recordValid = PrintDataRecord(records[i], out, (unsigned int)info.majorVersion)))
{
out << "Illegal Record!!!" << endl;
out << "The following error code was received while printing "
"this record " << recordValid << endl;
retVal = CONFIG_INVALID_RECORD;
}
out << endl;
}
}
return retVal;
}
// print a pid
void PrintPid(const unsigned char* pid, ostream& out)
{
for (int j=0; j<4; j++)
{
out << pid[j];
}
out << "-";
for (int j=4; j<8; j++)
{
out << pid[j];
}
}
void PrintGuid(const unsigned char* guid, ostream& out)
{
out << hex;
for (int i=0;i<16;i++)
{
if ((4==i) || (6==i) || (8==i) || (10==i))
out << "-";
if (i<4)
out << setfill('0') << setw(2) <<(int)guid[3-i];
if ((i>=4)&&(i<=7))
{
if (i%2==0)
out << setfill('0') << setw(2) <<(int)guid[i+1];
else out << setfill('0') << setw(2) <<(int)guid[i-1];
}
if (i>7)
out << setfill('0') << setw(2) <<(int)guid[i];
}
out<<dec;
}
// print a pps
void PrintPps(const unsigned char* pps, ostream& out)
{
for (int j=0; j<4; j++)
out << pps[j];
for (int k=0; k<7; k++)
{
out << "-";
for (int j=0; j<4; j++)
{
out << pps[(k+1)*4 + j];
}
}
}
// print a cert hash
void PrintCertHash(const unsigned char* hash, unsigned char hashAlgorithm, ostream& out)
{
unsigned int hashSize = 0;
if (USB_CERT_HASH_ALGORITHM_SHA1 == hashAlgorithm)
{
hashSize = CERT_HASH_SHA1_LENGTH;
}
else if (USB_CERT_HASH_ALGORITHM_SHA256 == hashAlgorithm)
{
hashSize = CERT_HASH_SHA256_LENGTH;
}
else if (USB_CERT_HASH_ALGORITHM_SHA384 == hashAlgorithm)
{
hashSize = CERT_HASH_SHA384_LENGTH;
}
else
{
return;
}
for(unsigned int i = 0; i < hashSize; i++)
{
out << hex << setfill('0') << setw(2) << (unsigned int)hash[i];
if( i != hashSize - 1)
{
out << " ";
}
if (((i+1)%16 == 0) && (i+1<hashSize))
{
out << "\n\t\t\t\t ";
}
}
}
int PrintDataRecord(const DataRecord& record, ostream& out, unsigned int majorVersion)
{
string newValue;
int retVal = CONFIG_SUCCESS;
unsigned short length;
unsigned char* value;
unsigned short dhcpConfiguration;
unsigned short provisioningMode;
IPV6SettingsNewFormat ipv6SettingNewFormat;
if ( record.GetIsScrambled())
{
out << "--Scrambled record--" << endl;
}
vector<DataRecordEntry> entries = record.GetRecordEntries();
for(unsigned int i = 0; i < (unsigned int) entries.size(); i++)
{
length = entries[i].GetVariableLength();
value = new unsigned char[length + 1];
entries[i].GetVariableValue(length, value);
value[length] = 0;
switch(entries[i].GetModuleId())
{
case MODULE_IDENTIFIER_ME_KERNEL:
switch(entries[i].GetVariableId())
{
case ME_VARIABLE_IDENTIFIER_CURRENT_MEBX_PWD:
if(length == 0 || length > MAX_PWD_LEN)
{
retVal = CONFIG_INVALID_CURR_PWD;
break;
}
out << " Current MEBx password = "
<< value << endl;
break;
case ME_VARIABLE_IDENTIFIER_NEW_MEBX_PWD:
if(length < MIN_PWD_LEN || length > MAX_PWD_LEN)
{
retVal = CONFIG_INVALID_NEW_PWD;
break;
}
out << " New MEBx password = " << value << endl;
break;
case ME_VARIABLE_IDENTIFIER_MANAGEABILITY_FEATURE_SELECTION:
if(length != ME_VARIABLE_IDENTIFIER_MANAGEABILITY_FEATURE_LEN)
{
retVal = CONFIG_INVALID_MANAGEABILITY_FEATURE_SELECTION;
break;
}
out << " Manageability mode = "
<< (unsigned short) value[0] <<endl;
break;
case ME_VARIABLE_IDENTIFIER_FW_LOCAL_UPDATE:
if (length != ME_VARIABLE_IDENTIFIER_FW_LOCAL_UPDATE_LEN)
{
retVal =CONFIG_INVALID_INPUT;
break;
}
out << " Firmware local update = "
<< (unsigned short) value[0]<<endl;
break;
case ME_VARIABLE_IDENTIFIER_FW_UPDATE_QUALIFIER:
if (length != ME_VARIABLE_IDENTIFIER_FW_UPDATE_QUALIFIER_LEN)
{
retVal =CONFIG_INVALID_INPUT;
break;
}
out << " Firmware local update qualifier = "
<< (unsigned short) value[0]<<endl;
break;
case ME_VARIABLE_IDENTIFIER_PP:
if (length != ME_VARIABLE_IDENTIFIER_PP_LEN)
{
retVal = CONFIG_INVALID_INPUT;
break;
}
out << " Power packages = " ;
PrintGuid(value, out);
out<<endl;
break;
default:
// unrecognized
break;
}
break;
case MODULE_IDENTIFIER_AMT_CM:
switch(entries[i].GetVariableId())
{
case CM_VARIABLE_IDENTIFIER_HOST_NAME:
if (length>HOSTNAME_MAX_LENGTH)
{
retVal = CONFIG_INVALID_PID;
break;
}
cout << " Host Name = "
<< value << endl;
break;
case CM_VARIABLE_IDENTIFIER_DOMAIN_NAME:
if (length>DOMAIN_NAME_MAX_LENGTH)
{
retVal = CONFIG_INVALID_PID;
break;
}
cout << " Domain Name = "
<< value << endl;
break;
case CM_VARIABLE_IDENTIFIER_DHCP:
// The actual enumeration is 1 for disable and 2 for enable.
// The user input however is 0 for disable and 2 for enable
// and in the code it increased by 1 to match the SPEC.
// To view the file theres a need to substract one from the actual
// enumeration in order match the user input.
dhcpConfiguration = ((unsigned short)value[0])-1;
cout << " DHCP configuration = " << dhcpConfiguration;
if (0 == dhcpConfiguration)
{
cout << " (Disabled)";
}
else if (1 == dhcpConfiguration)
{
cout << " (Enabled)";
}
else
{
cout << " (Unknown)";
}
cout << endl;
break;
case CM_VARIABLE_IDENTIFIER_SFWU:
cout << " Secure Firmware update = "
<< (unsigned short)value[0] << endl;
break;
case CM_VARIABLE_IDENTIFIER_PM:
// The actual enumeration is 1 for Enterprise and 2 for Small Business.
// The user input however is 0 for Enterprise and 1 for Small Business
// and in the code it increased by 1 to match the SPEC.
// To view the file theres a need to substract one from the actual
// enumeration in order match the user input.
provisioningMode = ((unsigned short)value[0])-1;
cout << " Provisioning mode = " << provisioningMode;
if (0 == provisioningMode)
{
cout << " (Enterprise)";
}
else if (1 == provisioningMode)
{
cout << " (Small Business)";
}
else
{
cout << " (Unknown)";
}
cout << endl;
break;
case CM_VARIABLE_IDENTIFIER_ITO:
cout << " Idle Time Out is = "<< (unsigned short)*((unsigned short *)value) << endl;
break;
case CM_VARIABLE_IDENTIFIER_PSADDR:
if (PROSERADDR_IPV4_SIZE == entries[i].GetVariableLength())
{
printf (" Provision Server Address = %d.%d.%d.%d \n",value[3],value[2],value[1],value[0]);
}
else if (PROSERADDR_IPV6_SIZE == entries[i].GetVariableLength())
{
cout << " Provision Server Address = ";
for (int i=(PROSERADDR_IPV6_SIZE-1) ; i >= 0 ; i--)
{
if (((i+1)%2==0) && ((i+1)!=PROSERADDR_IPV6_SIZE))
{
cout << ":";
}
cout << hex << setfill('0') << setw(2) << (unsigned short)value[i];
}
cout << dec << endl;
}
break;
case CM_VARIABLE_IDENTIFIER_PSPO :
cout <<" Provision Server port number = "<<(unsigned short)*((unsigned short *)value)<<endl;
break;
case CM_VARIABLE_IDENTIFIER_VLAN :
cout <<" VlanStatus = "<<(unsigned int)*((unsigned char *)value)<<endl
<<" VlanTag = "<<(unsigned short)*((unsigned short *)(value+1))<<endl;
break;
case CM_VARIABLE_IDENTIFIER_PASS_POLICY_FLAG:
{
cout << " Password policy flag = " << (UINT32)*value << endl;
break;
}
case CM_VARIABLE_IDENTIFIER_STATIC_PV4_PARAMS:
printf (" Local Address = %d.%d.%d.%d \n",value[3],value[2],value[1],value[0]);
printf (" Subnet mask = %d.%d.%d.%d \n",value[7],value[6],value[5],value[4]);
printf (" Default Gateway Address = %d.%d.%d.%d \n",value[11],value[10],value[9],value[8]);
printf (" Primary DNS Address = %d.%d.%d.%d \n",value[15],value[14],value[13],value[12]);
printf (" Secondary DNS Address = %d.%d.%d.%d \n",value[19],value[18],value[17],value[16]);
break;
case CM_VARIABLE_IDENTIFIER_PID:
char tmpZeroedPps[PPS_LENGTH];
for (int i=0 ; i<PPS_LENGTH; tmpZeroedPps[i] = 0, i++);
if (IsPskAllZeroes((char*)value, tmpZeroedPps))
{
if(length != PID_LENGTH || !IsPidValid((char*)value))
{
retVal = CONFIG_INVALID_PID;
break;
}
}
cout << " PID = ";
PrintPid(value, out);
out << endl;
break;
case CM_VARIABLE_IDENTIFIER_PPS:
char tmpZeroedPid[PPS_LENGTH];
for (int i=0 ; i<PID_LENGTH; tmpZeroedPid[i] = 0, i++);
if (IsPskAllZeroes(tmpZeroedPid, (char*)value))
{
if(length != PPS_LENGTH || !IsPpsValid((char*)value))
{
retVal = CONFIG_INVALID_PPS;
break;
}
}
cout << " PPS = ";
PrintPps(value, out);
out << endl;
break;
case CM_VARIABLE_IDENTIFIER_PKI_DNS_SUFFIX:
if((length > CM_VARIABLE_IDENTIFIER_PKI_DNS_SUFFIX_MAXLEN) || (length == 0))
{
retVal = CONFIG_INVALID_DNS_SUFFIX;
break;
}
cout << " PKI DNS Suffix = "
<< value << endl;
break;
case CM_VARIABLE_IDENTIFIER_CONFIG_SERVER_FQDN:
if((length > CM_VARIABLE_IDENTIFIER_CONFIG_SERVER_FQDN_MAXLEN) || (length == 0))
{
retVal = CONFIG_INVALID_FQDN;
break;
}
cout << " Provisioing Server FQDN = "
<< value << endl;
break;
case CM_VARIABLE_IDENTIFIER_RCFG_ENABLED:
if(length != CM_VARIABLE_IDENTIFIER_RCFG_ENABLED_LEN)
{
retVal = CONFIG_INVALID_ZTC_ENABLED;
break;
}
out << " ZTC Enabled = "
<< (unsigned short)value[0] <<endl;
break;
case CM_VARIABLE_IDENTIFIER_PREINSTALLED_CERT_ENABLE:
if(length != CM_VARIABLE_IDENTIFIER_PREINSTALLED_CERT_ENABLE_LEN)
{
retVal = CONFIG_INVALID_CERT_SETTINGS;
break;
}
out << " Preinstalled Cert Hash Enable = "
<< (unsigned short)value[0] <<endl;
break;
case CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERTS_CONFIG:
if(length != CM_VARIABLE_IDENTIFIER_PREINSTALLED_CERT_ENABLE_LEN)
{
retVal = CONFIG_INVALID_CERT_SETTINGS;
break;
}
out << " User Defined Hash Configuration = "
<< (unsigned short)value[0] <<endl;
break;
case CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERT_ADD:
{
bool ok = true;
if(length > CM_VARIABLE_IDENTIFIER_USER_DEFINED_CERT_ADD_MAXLEN)
ok = false;
size_t friendlyNameLength = 0;
string hashAlgorithmName = "";
size_t friendlyNameIndex = 2;
if (USB_CERT_HASH_ALGORITHM_SHA1 == *(value))
{
friendlyNameLength = *(value + 1 + CERT_HASH_SHA1_LENGTH);
friendlyNameIndex += CERT_HASH_SHA1_LENGTH;
hashAlgorithmName = "SHA1";
}
else if (USB_CERT_HASH_ALGORITHM_SHA256 == *(value))
{
friendlyNameLength = *(value + 1 + CERT_HASH_SHA256_LENGTH);
friendlyNameIndex += CERT_HASH_SHA256_LENGTH;
hashAlgorithmName = "SHA256";
}
else if (USB_CERT_HASH_ALGORITHM_SHA384 == *(value))
{
friendlyNameLength = *(value + 1 + CERT_HASH_SHA384_LENGTH);
friendlyNameIndex += CERT_HASH_SHA384_LENGTH;
hashAlgorithmName = "SHA384";
}
else
{
ok = false;
}
if (friendlyNameLength > MAX_FRIENDLY_NAME_LENGTH)
{
ok = false;
}
if (!ok)
{
retVal = CONFIG_INVALID_CERT_SETTINGS;
break;
}
out << " User Defined Certificate Hash = ";
PrintCertHash(value + 1, *(value), out);
out << endl;
out << " Hash Algorithm = "
<< (unsigned short)(*value) << " (" << hashAlgorithmName << ")" << endl;
out << " Friendly Name = "
<< value + friendlyNameIndex << endl;
}
break;
case CM_VARIABLE_IDENTIFIER_SOL_IDE_REDIRECTION_CONFIG:
if(length != CM_VARIABLE_IDENTIFIER_SOL_IDE_REDIRECTION_CONFIG_LEN)
{
retVal = CONFIG_INVALID_SOLIDER_CONFIG;
break;
}
out << " SOL/IDE-R Config = "
<< (unsigned short)value[0] <<endl;
break;
case CM_VARIABLE_IDENTIFIER_IPV6:
cout << " Interface Index = "
<< ((unsigned short)value[IPV6_INTERFACE_INDEX_OFFSET]) << endl;
cout << " IPv6 Enabled = "
<< ((unsigned short)value[IPV6_ENABLED_OFFSET]) << endl;
cout << " Interface ID Type = "
<< ((unsigned short)value[IPV6_INTERFACE_ID_TYPE_OFFSET]) << endl;
cout << " Interface ID = " << value+IPV6_INTERFACE_ID_OFFSET << endl;
if(majorVersion >= 4)
{
ParseIPv6(value+IPV6_ADDRESS_OFFSET,ipv6SettingNewFormat.ipv6Address);
ParseIPv6(value+IPV6_DEFAULT_ROUTER_OFFSET_NEW_FORMAT,ipv6SettingNewFormat.defultRouter);
ParseIPv6(value+IPV6_PRIMARY_DNS_ADD_OFFSET_NEW_FORMAT,ipv6SettingNewFormat.primaryDNS);
ParseIPv6(value+IPV6_SECONDARY_DNS_ADD_OFFSET_NEW_FORMAT,ipv6SettingNewFormat.secondaryDNS);
cout << " IPv6 Address = " << ipv6SettingNewFormat.ipv6Address << endl;
cout << " IPv6 Default Router = " << ipv6SettingNewFormat.defultRouter<< endl;
cout << " DNS Primary IPv6 Address = " << ipv6SettingNewFormat.primaryDNS << endl;
cout << " DNS Secondary IPv6 Address = " << ipv6SettingNewFormat.secondaryDNS << endl;
}
else
{
cout << " IPv6 Address = " << value+IPV6_ADDRESS_OFFSET << endl;
cout << " IPv6 Default Router = " << value+IPV6_DEFAULT_ROUTER_OFFSET<< endl;
cout << " DNS Primary IPv6 Address = " << value+IPV6_PRIMARY_DNS_ADD_OFFSET << endl;
cout << " DNS Secondary IPv6 Address = " << value+IPV6_SECONDARY_DNS_ADD_OFFSET << endl;
}
break;
case CM_VARIABLE_IDENTIFIER_SHARED_DEDICATED_FQDN:
cout << " Shared/Dedicated FQDN = "
<< ((unsigned short)value[0]) << endl;
break;
case CM_VARIABLE_IDENTIFIER_DYNAMIC_DNS_UPDATE:
cout << " Dynamic DNS Update = "
<< ((unsigned short)value[0]) << endl;
break;
case CM_VARIABLE_IDENTIFIER_KVM_STATE:
cout << " KVM State = "
<< ((unsigned short)value[0]) << endl;
break;
case CM_VARIABLE_IDENTIFIER_OPT_IN_USER_CONSENT_OPTION:
cout << " Opt-In user consent option = "
<< ((unsigned short)value[0]) << endl;
break;
case CM_VARIABLE_IDENTIFIER_OPT_IN_REMOTE_IT_CONSENT_POLICY:
cout << " Opt-In remote IT consent policy = "
<< ((unsigned short)value[0]) << endl;
break;
case CM_VARIABLE_IDENTIFIER_ME_PROVISION_HALT_ACTIVE:
cout << " ME provisioning Halt/Activate = "
<< ((unsigned short)value[0]) << endl;
break;
case CM_VARIABLE_IDENTIFIER_MANUAL_SETUP_AND_CONFIGURATION:
cout << " Manual Setup and Configuration = "
<< ((unsigned short)value[0]) << endl;
break;
case CM_VARIABLE_IDENTIFIER_SUPPORT_CHANNEL_IDENTIFIER:
cout << " Support Channel Identifier is = "<< (unsigned int)*((unsigned int *)value) << endl;
break;
case CM_VARIABLE_IDENTIFIER_SUPPORT_CHANNEL_DESCRIPTION:
if (length > SUPPORT_CHANNEL_DESC_MAX_LENGTH)
{
retVal = CONFIG_INVALID_SUPPORT_CH_DESC;
break;
}
cout << " Support Channel Description = " << value << endl;
break;
case CM_VARIABLE_IDENTIFIER_SERVICE_ACCOUNT_NUMBER:
if (length > SERVICE_ACCOUNT_NO_MAX_LENGTH)
{
retVal = CONFIG_INVALID_SERVICE_ACC_NO;
break;
}
cout << " Service Account Number = " << value << endl;
break;
case CM_VARIABLE_IDENTIFIER_ENROLLMENT_PASSCODE:
if (length > ENROLLMENT_PASSCODE_MAX_LENGTH)
{
retVal = CONFIG_INVALID_ENROLLMENT_PASSCODE;
break;
}
cout << " Enrollment Passcode = " << value << endl;
break;
case CM_VARIABLE_IDENTIFIER_SERVICE_TYPE:
cout << " Service Type = "
<< ((unsigned short)value[0]) << endl;
break;
case CM_VARIABLE_IDENTIFIER_SERVICE_PROVIDER_IDENTIFIER:
if (length != CM_VARIABLE_IDENTIFIER_SERVICE_PROVIDER_IDENTIFIER_LEN)
{
retVal = CONFIG_INVALID_INPUT;
break;
}
out << " Service Provider Identifier = ";
PrintGuid(value,out);
out<<endl;
break;
default:
// unrecognized
break;
}
break;
default:
// module id not recognized
break;
}
delete[] value;
value = NULL;
if(retVal != CONFIG_SUCCESS)
{
break;
}
}
return retVal;
}
int ScrambleRecordData(unsigned char* recordData, const size_t recordDataSize)
{
for(unsigned int i = 0; i < recordDataSize; i ++)
{
recordData[i] = (recordData[i] + SCRAMBLE_SHIFTING_VALUE) % 256;
}
return CONFIG_SUCCESS;
}
int DescrambleRecordData(unsigned char* recordData, const size_t recordDataSize)
{
for(unsigned int i = 0; i < recordDataSize; i ++)
{
recordData[i] = (recordData[i] + (256 - SCRAMBLE_SHIFTING_VALUE)) % 256;
}
return CONFIG_SUCCESS;
}
bool ParseIPv6(unsigned char* ipv6PartByteArray, string & ipv6PartInput)
{
unsigned char* ipv6Part = ipv6PartByteArray;
byte ipv6Byte;
char buf[40];
int k = 0;
for (int ipv6PartByteArrayIndex = 15,i = 0 ; (ipv6PartByteArrayIndex >= 0) ; ipv6PartByteArrayIndex-- , i+=2)
{
if(k==2)
{
if (strcpy_s(buf + i, ARRAYSIZE(buf) - i, ":"))
{
return false;
}
k =0;
i++;
}
ipv6Byte = ipv6Part[ipv6PartByteArrayIndex];
if (sprintf_s(buf + i, ARRAYSIZE(buf) - i, "%02x", (int)ipv6Byte))
{
return false;
}
k++;
}
ipv6PartInput = buf;
return true;
}
Reference in New Issue View Git Blame Copy Permalink