aboutsummaryrefslogtreecommitdiffstats
path: root/bin
AgeCommit message (Collapse)AuthorFilesLines
2018-09-27Merge "Add abrmd readiness check script to base"Girish Havaldar2-0/+24
2018-09-26Add abrmd readiness check script to baseKiran Kamineni2-0/+24
Testca and any other container that depends on abrmd needs a script to check if it is up and ready to accept commands. This scripts addresses that via the tpm2_listpcrs command. Issue-ID: AAF-520 Change-Id: I432b6f16a78d8eb6f18118ca64f040a70b2cab25 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-09-26Update location of passphrase in distcenterKiran Kamineni3-5/+3
Location for passphrase needed to be updated in scenarios where tpm is not available P2: Add more changes to get the passphrase to be passed correctly Issue-ID: AAF-521 Change-Id: Ibf022e05489e77cdcec642a543abf5cec3c21e53 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-09-25Fix text file busy error when calling sub scriptsManjunath Ranganathaiah1-2/+0
Changing the file permission immediately followed by running the script results in text file busy error intermittently. Change-Id: Ib1aa2273135cb42a8837af2b5a3aa630ca61dd9e Issue-ID: AAF-519 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-09-19Fix bugs in startup script and move scripts to binKiran Kamineni4-23/+34
Testing in kubernetes revealed some issues that needed to be fixed. This patch contains those changes. Issue-ID: AAF-510 Change-Id: Ib7956a2d49f4f7f663f18522e71758dffe35bcb0 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-09-18Add support for PRK password in TPM pluginKiran Kamineni2-8/+13
PRK Password needs to be passed to TPM Plugin for load key operations to work. P7: Moved readPassword to calling function P8: Check size of password string before memcpy P9: Updated readme Issue-ID: AAF-484 Change-Id: I213446012005f2919ee0912ccfe99c3a555ccb74 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-09-13Add import scripts to base imageManjunath Ranganathaiah4-0/+176
These scripts imports the CA key to either tpm or softhsm. Updates the pkcs11 config file and adds the required config for softhsm Change-Id: If45cfb514756bf4ab03081d458ed728921fa1d51 Issue-ID: AAF-483 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-09-05Merge "Script for SoftHSMv2 fallback mechanism"Kiran Kamineni6-148/+183
2018-09-05Fix missing init.sh while building abrmd containerManjunath Ranganathaiah1-1/+0
The init.sh file is removed as part of ownership change hence needs to be removed from dockerfile as well. Change-Id: I62fc1e3e15f98caf68c78be6b3ab0dbb326c2eb4 Issue-ID: AAF-409 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-09-05Merge "Use base image for building abrmd"Girish Havaldar1-66/+1
2018-09-05Merge "Modify initialization to remove ownership step"Girish Havaldar4-109/+91
2018-09-04Script for SoftHSMv2 fallback mechanismPramod Raghavendra Jayathirth6-148/+183
This will facilitate the SoftHSMv2 implementation when TPM is unavailable Change-Id: Ic77627702db514213cece200a259f723e6d66d34 Issue-ID: AAF-414 Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
2018-08-31Modify initialization to remove ownership stepKiran Kamineni4-109/+91
TPM ownership and primary key creation is assumed to be a step that is executed by the system administrator who will provide the credentials to pods during startup [Srini]. Now, init only reads the public portion of the primary key and puts it the host folder. P9: Remove init.sh. Not needed as initialize will directly talk to device now. Initialize is called during Step 1 and run_abrmd is called during Step 2 Issue-ID: AAF-409 Change-Id: Id0d1860f257c98045613e90b6b88e37858a9aceb Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-08-29Use base image for building abrmdKiran Kamineni1-66/+1
Use base image for building abrmd container Removes needless compilation steps involved Issue-ID: AAF-461 Change-Id: Ib9e1606b24223f235f5e60ff94add29e142f6bda Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-08-27Add build script for testcaservice containerManjunath Ranganathaiah2-0/+43
Add script to build and push the image to nexus repo. Invoke the script from top level build script. Issue-ID: AAF-447 Change-Id: I112efd4b484ee05e0ba0811efcb8ba7082a5d621 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-08-27Add build script for initabrmd containerManjunath Ranganathaiah2-0/+47
Add script to build and push the image to nexus repo. Invoke the script from top level build script. Change-Id: I644428d2da3bbc4688a3a45d34b8b7e9148314b0 Issue-ID: AAF-443 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-08-23Merge "Add build scripts and tabrmd"Kiran Kamineni5-6/+62
2018-08-23Merge "Containerize TPM Initialization tool"Kiran Kamineni6-21/+192
2018-08-22Add build scripts and tabrmdManjunath Ranganathaiah5-6/+62
There is a dependency on tabrmd while building duplicate tool and this is required for now. Cleanup and use base container from nexus repo. Add build scripts for nightly build. Change-Id: I4c3487d22988927084d7336671b81144374ccb5d Issue-ID: AAF-418 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-08-22Containerize TPM Initialization toolPramod Raghavendra Jayathirth6-21/+192
Modifying ABRMD container to support Init tool Change-Id: I8b2f8171688b67567e3ad4a3e4942ae76737bdfc Issue-ID: AAF-342 Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
2018-08-17Copy out encrypted private key selectivelyManjunath Ranganathaiah1-17/+22
Only in the case where no tpm hosts are present, then encrypt and copy out the private key Change-Id: I34fbcf65e61c4e6803f594ffe1c527c9afd8f184 Issue-ID: AAF-376 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-08-17Merge "Base images build and dockerfiles"Kiran Kamineni3-0/+219
2018-08-16Base images build and dockerfilesManjunath Ranganathaiah3-0/+219
This patch provides a build script that can be triggered by jenkins job to build base containers for AAF. Change-Id: I029784e7adbd7076967b756c23678b562438e06f Issue-ID: AAF-418 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-08-15Change to container based naming conventionKiran Kamineni2-13/+14
Changed naming and folder structure to allow for easy integration with kubernetes. Changed createca to distcenter name, after the container name. Issue-ID: AAF-409 Change-Id: I6f9f290f7c1f02b42a11aea85c26b95b334082d1 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
2018-08-06Merge "Changes to encrypt and copy out private key"Kiran Kamineni4-21/+44
2018-08-01Changes to encrypt and copy out private keyManjunath Ranganathaiah4-21/+44
Using the given passphrase, encrypt the private key and copy out. Use the public key from the mount for generating out files. Change-Id: I5de42ad4c8a781201ed559b04b1457fe9e661e42 Issue-ID: AAF-376 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-07-27Cleanup unused jar fileManjunath Ranganathaiah1-1/+0
bctest jar file is not used and can be removed Change-Id: I9121a9f3ce8312a73454e51725f2d6f57522560d Issue-ID: AAF-342 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-07-26Remove already installed packagesManjunath Ranganathaiah1-4/+0
These are installed and present in the base container. Change-Id: Ibf591476e1fb9e036398043614e2a92ac939f6ba Issue-ID: AAF-342 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
2018-07-19Adding the CA service containerPramod Raghavendra Jayathirth3-0/+183
Adding the dockerfile and required scripts to implement CA service container functionality Issue-ID: AAF-342 Change-Id: I8ea086008d0d8e50bfad3886c741ba21642ac974 Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
2018-07-17Merge "Key distribution center container"Kiran Kamineni4-0/+57
2018-07-16Key distribution center containerManjunath Ranganathaiah4-0/+57
This container generates the ca key and certificate and encrypts it using SRK public key and stores the generated files on host folder shared with this container. The public key is built into the image for sample known target host. Change-Id: Ibcfdd10bca86a3e785a7ba6221e22fb78d8b706f Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com> Issue-ID: AAF-376
2018-07-16Changing the directory of ABRMD container filesPramod Raghavendra Jayathirth3-1/+1
Including the ABRMD in a seperare directory for better organization Change-Id: I1097a2d7be5bc99b40b0bd59a4bdb939478d5129 Issue-ID: AAF-342 Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>
2018-05-15Adding support for containerized tss and abrmdKiran Kamineni3-0/+100
Adding a dockerfile to build a container that has tss, abrmd and tpm2-tools installed on it. Issue-ID: AAF-275 Change-Id: I8bda86d36290785950cf3c23d6527e1245652f42 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>