Age | Commit message (Collapse) | Author | Files | Lines |
|
Issue-ID: AAF-778
Change-Id: I1dce78d4f2a6ab53432652b51989e9dcba5755c5
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
This patch updates the Duplicate utility to
match with the latest tss stack
Issue-ID: AAF-763
Change-Id: I08a01b193e8cf550fa1cfcbe0781672b3051eb96
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
Change-Id: Ib3ec2c297f897c82776a66fe2ad55b18984c0337
Issue-ID: AAF-687
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
|
|
|
|
This upgrade is required due to the changes
in latest stable tss, abrmd and tpm-tools
Issue-ID: AAF-761
Change-Id: I564dba726ceb69a9d4caf8498940cadb810a478e
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
This upgrade is required to make the import
utility compaitable with latest tss stack
Issue-ID: AAF-764
Change-Id: I8bf4d9cef3a669592f1828c65974cf946dda9804
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
Issue-ID: AAF-793
Change-Id: I79f17ad508a29ff0239b7504cd8ab2ce5e11e8bb
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
Change-Id: I88686761d324f9bd734d03ccb92f4a49783cf4a0
Issue-ID: AAF-762
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
Add missing information so that the new verify
job passes. Fix indentation.
Change-Id: Ifd7c7fd5f8be771ed92dcbacfb2c9f00898d7c46
Issue-ID: CIMAN-134
Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org>
|
|
Issue-ID: AAF-729
Change-Id: Idcfecb548ce51c5e092eb8c4aea100e97aed9056
Signed-off-by: Instrumental <jonathan.gathman@att.com>
|
|
|
|
change "thread_count" variable in the
CaSignMultThread.java file to control
the number of threads created
Change-Id: I2296c01d476a7cf18e7fa221d5dd74044cd87293
Issue-ID: AAF-471
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
|
|
Change-Id: Ib2c44f05aebe8799c5b5f970cc2ceb22a4db2887
Signed-off-by: Stanislav Chlebec <stanislav.chlebec@pantheon.tech>
Issue-ID: AAF-582
|
|
Issue-ID: AAF-549
Change-Id: Idca602a0960467d933d339790ee4c16c3f747ad7
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
Create the required directory for abrmd data
before creating files
Issue-ID: AAF-527
Change-Id: I0fbc77d8eaa5b012b01dd01664ee810bce18a1d0
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|
|
Fix code formatting in Hwinfra module to match
rest of SoftHSM code.
Issue-ID: AAF-555
Change-Id: Ibbb39b72f90c7589b4999a1e2b10acf03d5c5818
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
This patch adds test framework and tests
for TPM based CA key protection import and signing.
Change-Id: I7bdd602f7275dd8613faeced11aad6c09a8aab52
Issue-ID: AAF-527
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|
|
|
|
Testca and any other container that depends on
abrmd needs a script to check if it is up and ready
to accept commands. This scripts addresses that via the
tpm2_listpcrs command.
Issue-ID: AAF-520
Change-Id: I432b6f16a78d8eb6f18118ca64f040a70b2cab25
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
Location for passphrase needed to be updated in
scenarios where tpm is not available
P2: Add more changes to get the passphrase to be passed
correctly
Issue-ID: AAF-521
Change-Id: Ibf022e05489e77cdcec642a543abf5cec3c21e53
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
Changing the file permission immediately followed
by running the script results in text file busy
error intermittently.
Change-Id: Ib1aa2273135cb42a8837af2b5a3aa630ca61dd9e
Issue-ID: AAF-519
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|
|
|
|
Testing in kubernetes revealed some issues that
needed to be fixed. This patch contains those changes.
Issue-ID: AAF-510
Change-Id: Ib7956a2d49f4f7f663f18522e71758dffe35bcb0
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
Remove global variable for storing session info.
Instead this is populated by the calling function
as required.
Issue-ID: AAF-334
Change-Id: I146b52bcee758fd053129fdf4f7a75691575e6e9
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
PRK Password needs to be passed to TPM Plugin
for load key operations to work.
P7: Moved readPassword to calling function
P8: Check size of password string before memcpy
P9: Updated readme
Issue-ID: AAF-484
Change-Id: I213446012005f2919ee0912ccfe99c3a555ccb74
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
|
|
These scripts imports the CA key to either tpm or
softhsm. Updates the pkcs11 config file and adds
the required config for softhsm
Change-Id: If45cfb514756bf4ab03081d458ed728921fa1d51
Issue-ID: AAF-483
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|
|
|
|
Key pair reading in TPM plugin assumes a particular order for input buffers.
This patch checks the buffers and removes that assumption
Issue-ID: AAF-478
Change-Id: I4fff17c912a0890138d1f432e5bfab5c9946b1cb
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
Removed hardcoded paths and using CWD instead.
Makes deployment testing simpler in kubernetes.
Makes data localized and easier to debug.
Issue-ID: AAF-474
Change-Id: Ic671a8de2442bb9ca11bbc994a6e84bb12053617
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
|
|
The init.sh file is removed as part of ownership change
hence needs to be removed from dockerfile as well.
Change-Id: I62fc1e3e15f98caf68c78be6b3ab0dbb326c2eb4
Issue-ID: AAF-409
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|
|
|
|
|
|
|
|
Add -password command line argument to take the
primary key password to import keys.
Issue-ID: AAF-464
Change-Id: I68b87139405427d065883ffe714e1072d3e987df
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
This will facilitate the SoftHSMv2 implementation
when TPM is unavailable
Change-Id: Ic77627702db514213cece200a259f723e6d66d34
Issue-ID: AAF-414
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
TPM ownership and primary key creation is assumed to be a step that is
executed by the system administrator who will provide the credentials
to pods during startup [Srini]. Now, init only reads the public portion of the
primary key and puts it the host folder.
P9: Remove init.sh. Not needed as initialize will directly talk to device now.
Initialize is called during Step 1 and run_abrmd is called during Step 2
Issue-ID: AAF-409
Change-Id: Id0d1860f257c98045613e90b6b88e37858a9aceb
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
Use base image for building abrmd container
Removes needless compilation steps involved
Issue-ID: AAF-461
Change-Id: Ib9e1606b24223f235f5e60ff94add29e142f6bda
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
Add script to build and push the image to
nexus repo. Invoke the script from top level
build script.
Issue-ID: AAF-447
Change-Id: I112efd4b484ee05e0ba0811efcb8ba7082a5d621
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|
|
Add script to build and push the image to
nexus repo. Invoke the script from top level
build script.
Change-Id: I644428d2da3bbc4688a3a45d34b8b7e9148314b0
Issue-ID: AAF-443
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|
|
|
|
|
|
There is a dependency on tabrmd while building duplicate tool
and this is required for now. Cleanup and use base container
from nexus repo. Add build scripts for nightly build.
Change-Id: I4c3487d22988927084d7336671b81144374ccb5d
Issue-ID: AAF-418
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|
|
Modifying ABRMD container to support Init tool
Change-Id: I8b2f8171688b67567e3ad4a3e4942ae76737bdfc
Issue-ID: AAF-342
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
|
|
Only in the case where no tpm hosts are present, then encrypt
and copy out the private key
Change-Id: I34fbcf65e61c4e6803f594ffe1c527c9afd8f184
Issue-ID: AAF-376
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|
|
|
|
This patch provides a build script that can be triggered
by jenkins job to build base containers for AAF.
Change-Id: I029784e7adbd7076967b756c23678b562438e06f
Issue-ID: AAF-418
Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
|