Intel AMT ACM activation fully working.
This commit is contained in:
Ylian Saint-Hilaire
parent
56637d4d58
commit
57b4b6cde2
|
|
@ -83,11 +83,28 @@ module.exports.CertificateOperations = function (parent) {
|
|||
var acmCerts = [], acmmatch = [];
|
||||
if (amtacmactivation.certs != null) {
|
||||
for (var j in amtacmactivation.certs) {
|
||||
var acmconfig = amtacmactivation.certs[j];
|
||||
if (typeof acmconfig.cert != 'string') continue;
|
||||
var r = null;
|
||||
try { r = obj.loadPfxCertificate(obj.parent.path.join(obj.parent.datapath, acmconfig.cert), acmconfig.certpass); } catch (ex) { console.log(ex); }
|
||||
if ((r == null) || (r.certs == null) || (r.keys == null) || (r.certs.length < 2) || (r.keys.length != 1)) continue;
|
||||
var acmconfig = amtacmactivation.certs[j], r = null;
|
||||
|
||||
if ((typeof acmconfig.certpfx == 'string') && (typeof acmconfig.certpfxpass == 'string')) {
|
||||
// P12 format, certpfx and certpfxpass
|
||||
try { r = obj.loadPfxCertificate(obj.parent.path.join(obj.parent.datapath, acmconfig.certpfx), acmconfig.certpfxpass); } catch (ex) { console.log(ex); }
|
||||
if ((r == null) || (r.certs == null) || (r.keys == null) || (r.certs.length < 2) || (r.keys.length != 1)) continue;
|
||||
} else if ((typeof acmconfig.certfiles == 'object') && (typeof acmconfig.keyfile == 'string')) {
|
||||
// PEM format, certfiles and keyfile
|
||||
r = { certs: [], keys: [] };
|
||||
for (var k in acmconfig.certfiles) { r.certs.push(obj.pki.certificateFromPem(obj.fs.readFileSync(obj.parent.path.join(obj.parent.datapath, acmconfig.certfiles[k])))); }
|
||||
r.keys.push(obj.pki.privateKeyFromPem(obj.fs.readFileSync(obj.parent.path.join(obj.parent.datapath, acmconfig.keyfile))));
|
||||
if ((r.certs.length < 2) || (r.keys.length != 1)) continue;
|
||||
}
|
||||
|
||||
/*
|
||||
// Debug: Display all certs & key as PEM
|
||||
for (var k in r.certs) {
|
||||
var cn = r.certs[k].subject.getField('CN');
|
||||
if (cn != null) { console.log(cn.value + '\r\n' + obj.pki.certificateToPem(r.certs[k])); } else { console.log(obj.pki.certificateToPem(r.certs[k])); }
|
||||
}
|
||||
console.log(obj.pki.privateKeyToPem(r.keys[0]));
|
||||
*/
|
||||
|
||||
// Check if the right OU or OID is present for Intel AMT activation
|
||||
var validActivationCert = false;
|
||||
|
|
@ -164,14 +181,13 @@ module.exports.CertificateOperations = function (parent) {
|
|||
// Return the certificate of the remote HTTPS server
|
||||
obj.loadPfxCertificate = function (filename, password) {
|
||||
var r = { certs: [], keys: [] };
|
||||
var pfxbuf = obj.fs.readFileSync(filename);
|
||||
var pfxb64 = Buffer.from(pfxbuf).toString('base64');
|
||||
var pfxder = obj.forge.util.decode64(pfxb64);
|
||||
var asn = obj.forge.asn1.fromDer(pfxder);
|
||||
var pfx = obj.forge.pkcs12.pkcs12FromAsn1(asn, true, password);
|
||||
var pfxb64 = Buffer.from(obj.fs.readFileSync(filename)).toString('base64');
|
||||
var pfx = obj.forge.pkcs12.pkcs12FromAsn1(obj.forge.asn1.fromDer(obj.forge.util.decode64(pfxb64)), true, password);
|
||||
|
||||
// Get the certs from certbags
|
||||
var bags = pfx.getBags({ bagType: obj.forge.pki.oids.certBag });
|
||||
for (var i = 0; i < bags[obj.forge.pki.oids.certBag].length; i++) { r.certs.push(bags[obj.forge.pki.oids.certBag][i].cert); }
|
||||
|
||||
// Get shrouded key from key bags
|
||||
bags = pfx.getBags({ bagType: obj.forge.pki.oids.pkcs8ShroudedKeyBag });
|
||||
for (var i = 0; i < bags[obj.forge.pki.oids.pkcs8ShroudedKeyBag].length; i++) { r.keys.push(bags[obj.forge.pki.oids.pkcs8ShroudedKeyBag][i].key); }
|
||||
|
|
|
|||
|
|
@ -1232,7 +1232,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
|||
ChangeAgentCoreInfo({ "intelamt": { user: 'admin', pass: amtpassword, uuid: command.uuid, realm: command.realm } });
|
||||
|
||||
// Send the activation response
|
||||
//obj.send(JSON.stringify(signResponse));
|
||||
obj.send(JSON.stringify(signResponse));
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "meshcentral",
|
||||
"version": "0.3.6-r",
|
||||
"version": "0.3.6-s",
|
||||
"keywords": [
|
||||
"Remote Management",
|
||||
"Intel AMT",
|
||||
|
|
|
|||
|
|
@ -82,6 +82,15 @@
|
|||
"_MaxAgentSessions": 100,
|
||||
"MaxSingleUserSessions": 10
|
||||
},
|
||||
"_AmtAcmActivation": {
|
||||
"log": "amtactivation.log",
|
||||
"certs": {
|
||||
"mycertname": {
|
||||
"certfiles": [ "amtacm-leafcert.crt", "amtacm-intermediate1.crt", "amtacm-intermediate2.crt", "amtacm-rootcert.crt" ],
|
||||
"keyfile": "amtacm-leafcert.key"
|
||||
}
|
||||
}
|
||||
},
|
||||
"_Redirects": {
|
||||
"meshcommander": "https://www.meshcommander.com/"
|
||||
},
|
||||
|
|
|
|||
|
|
@ -9885,7 +9885,7 @@ var QRCode;!function(){function a(a){this.mode=c.MODE_8BIT_BYTE,this.data=a,this
|
|||
}
|
||||
|
||||
// Attribute: Mesh Agent
|
||||
var agentsStr = ['Unknown', 'Windows 32bit console', 'Windows 64bit console', 'Windows 32bit service', 'Windows 64bit service', 'Linux 32bit', 'Linux 64bit', 'MIPS', 'XENx86', 'Android ARM', 'Linux ARM', 'MacOS 32bit', 'Android x86', 'PogoPlug ARM', 'Android APK', 'Linux Poky x86-32bit', 'MacOS 64bit', 'ChromeOS', 'Linux Poky x86-64bit', 'Linux NoKVM x86-32bit', 'Linux NoKVM x86-64bit', 'Windows MinCore console', 'Windows MinCore service', 'NodeJS', 'ARM-Linaro', 'ARMv6l / ARMv7l', 'ARMv8 64bit'];
|
||||
var agentsStr = ['Unknown', 'Windows 32bit console', 'Windows 64bit console', 'Windows 32bit service', 'Windows 64bit service', 'Linux 32bit', 'Linux 64bit', 'MIPS', 'XENx86', 'Android ARM', 'Linux ARM', 'MacOS 32bit', 'Android x86', 'PogoPlug ARM', 'Android APK', 'Linux Poky x86-32bit', 'MacOS 64bit', 'ChromeOS', 'Linux Poky x86-64bit', 'Linux NoKVM x86-32bit', 'Linux NoKVM x86-64bit', 'Windows MinCore console', 'Windows MinCore service', 'NodeJS', 'ARM-Linaro', 'ARMv6l / ARMv7l', 'ARMv8 64bit', 'Unknown', 'Unknown', 'Unknown', 'FreeBSD x86-64'];
|
||||
if ((node.agent != null) && (node.agent.id != null) && (node.agent.ver != null)) {
|
||||
var str = '';
|
||||
if (node.agent.id <= agentsStr.length) { str = agentsStr[node.agent.id]; } else { str = agentsStr[0]; }
|
||||
|
|
|
|||
|
|
@ -3830,7 +3830,7 @@
|
|||
}
|
||||
|
||||
// Attribute: Mesh Agent
|
||||
var agentsStr = ['Unknown', 'Windows 32bit console', 'Windows 64bit console', 'Windows 32bit service', 'Windows 64bit service', 'Linux 32bit', 'Linux 64bit', 'MIPS', 'XENx86', 'Android ARM', 'Linux ARM', 'MacOS 32bit', 'Android x86', 'PogoPlug ARM', 'Android APK', 'Linux Poky x86-32bit', 'MacOS 64bit', 'ChromeOS', 'Linux Poky x86-64bit', 'Linux NoKVM x86-32bit', 'Linux NoKVM x86-64bit', 'Windows MinCore console', 'Windows MinCore service', 'NodeJS', 'ARM-Linaro', 'ARMv6l / ARMv7l', 'ARMv8 64bit'];
|
||||
var agentsStr = ['Unknown', 'Windows 32bit console', 'Windows 64bit console', 'Windows 32bit service', 'Windows 64bit service', 'Linux 32bit', 'Linux 64bit', 'MIPS', 'XENx86', 'Android ARM', 'Linux ARM', 'MacOS 32bit', 'Android x86', 'PogoPlug ARM', 'Android APK', 'Linux Poky x86-32bit', 'MacOS 64bit', 'ChromeOS', 'Linux Poky x86-64bit', 'Linux NoKVM x86-32bit', 'Linux NoKVM x86-64bit', 'Windows MinCore console', 'Windows MinCore service', 'NodeJS', 'ARM-Linaro', 'ARMv6l / ARMv7l', 'ARMv8 64bit', 'Unknown', 'Unknown', 'Unknown', 'FreeBSD x86-64'];
|
||||
if ((node.agent != null) && (node.agent.id != null) && (node.agent.ver != null)) {
|
||||
var str = '';
|
||||
if (node.agent.id <= agentsStr.length) { str = agentsStr[node.agent.id]; } else { str = agentsStr[0]; }
|
||||
|
|
|
|||
Loading…
Reference in New Issue