more Intel AMT ACM work.
This commit is contained in:
Ylian Saint-Hilaire
parent
c2cb31f402
commit
2bc14decd2
File diff suppressed because one or more lines are too long
File diff suppressed because it is too large
Load Diff
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -0,0 +1 @@
|
|||
function AMTScanner(){var a=require("events").inherits(this);a.createEvent("found");this.dgram=require("dgram");this.buildRmcpPing=function(c){var b=Buffer.from("06000006000011BE80000000","hex");b[9]=c;return b};this.parseRmcpPacket=function(h,b,g,d){if(b==null||b.length<20){return}var f={};if(((b[12]==0)||(b[13]!=0)||(b[14]!=1)||(b[15]!=87))&&(b[21]&32)){f.servertag=b[9];f.minorVersion=b[18]&15;f.majorVersion=(b[18]>>4)&15;f.provisioningState=b[19]&3;var e=(b[16]*256)+b[17];var c=((b[19]&4)!=0)?true:false;f.openPorts=[e];f.address=g.address;if(c==true){f.openPorts=[16992,16993]}if(d!==undefined){d(h,f)}}};this.parseIPv4Range=function(f){if(f==undefined||f==null){return null}var g=f.split("-");if(g.length==2){return{min:this.parseIpv4Addr(g[0]),max:this.parseIpv4Addr(g[1])}}g=f.split("/");if(g.length==2){var c=this.parseIpv4Addr(g[0]),e=parseInt(g[1]),d=0;if(e<=16||e>32){return null}e=32-e;for(var b=0;b<e;b++){d=(d<<1);d++}return{min:c&(4294967295-d),max:(c&(4294967295-d))+d}}g=this.parseIpv4Addr(f);if(g==null){return null}return{min:g,max:g}};this.parseIpv4Addr=function(b){var c=b.split(".");if(c.length==4){return(parseInt(c[0])<<24)+(parseInt(c[1])<<16)+(parseInt(c[2])<<8)+(parseInt(c[3])<<0)}return null};this.IPv4NumToStr=function(b){return((b>>24)&255)+"."+((b>>16)&255)+"."+((b>>8)&255)+"."+(b&255)};this.scan=function(d,g){var c=this.parseIPv4Range(d);var e=this.buildRmcpPing(0);var f=this.dgram.createSocket({type:"udp4"});f.parent=this;f.scanResults=[];f.on("error",function(i){console.log("Error:"+i)});f.on("message",function(i,j){if(j.size>4){this.parent.parseRmcpPacket(this,i,j,function(l,k){l.scanResults.push(k)})}});f.on("listening",function(){for(var j=c.min;j<=c.max;j++){f.send(e,623,f.parent.IPv4NumToStr(j))}});f.bind({address:"0.0.0.0",port:0,exclusive:true});var h=setTimeout(function b(){f.close();f.parent.emit("found",f.scanResults);delete f},g)}}module.exports=AMTScanner;
|
||||
File diff suppressed because one or more lines are too long
|
|
@ -0,0 +1 @@
|
|||
function CreateWsmanComm(){var a={};a.PendingAjax=[];a.ActiveAjaxCount=0;a.MaxActiveAjaxCount=1;a.FailAllError=0;a.digest=null;a.RequestCount=0;if(arguments.length==1&&typeof(arguments[0]=="object")){a.host=arguments[0].host;a.port=arguments[0].port;a.authToken=arguments[0].authToken;a.tls=arguments[0].tls}else{a.host=arguments[0];a.port=arguments[1];a.user=arguments[2];a.pass=arguments[3];a.tls=arguments[4]}a.PerformAjax=function(d,c,f,e,g,b){if((a.ActiveAjaxCount==0||((a.ActiveAjaxCount<a.MaxActiveAjaxCount)&&(a.challengeParams!=null)))&&a.PendingAjax.length==0){a.PerformAjaxEx(d,c,f,g,b)}else{if(e==1){a.PendingAjax.unshift([d,c,f,g,b])}else{a.PendingAjax.push([d,c,f,g,b])}}};a.PerformNextAjax=function(){if(a.ActiveAjaxCount>=a.MaxActiveAjaxCount||a.PendingAjax.length==0){return}var b=a.PendingAjax.shift();a.PerformAjaxEx(b[0],b[1],b[2],b[3],b[4]);a.PerformNextAjax()};a.PerformAjaxEx=function(d,c,g,h,b){if(a.FailAllError!=0){if(a.FailAllError!=999){a.gotNextMessagesError({status:a.FailAllError},"error",null,[d,c,g])}return}if(!d){d=""}if(globalDebugFlags&1){console.log("SEND: "+d+"\r\n\r\n")}if(a.digest==null){if(a.authToken){a.digest=require("http-digest").create({authToken:a.authToken})}else{a.digest=require("http-digest").create(a.user,a.pass)}a.digest.http=require("http")}var f={protocol:(a.tls==1?"https:":"http:"),method:"POST",host:a.host,path:"/wsman",port:a.port,rejectUnauthorized:false,checkServerIdentity:function(i){console.log("checkServerIdentity",JSON.stringify(i))}};var e=a.digest.request(f);e.on("error",function(i){a.gotNextMessagesError({status:600},"error",null,[d,c,g])});e.on("response",function(i){if(globalDebugFlags&1){console.log("Response: "+i.statusCode)}if(i.statusCode!=200){if(globalDebugFlags&1){console.log("ERR:"+JSON.stringify(i))}a.gotNextMessagesError({status:i.statusCode},"error",null,[d,c,g])}else{i.acc="";i.on("data",function(j){this.acc+=j});i.on("end",function(){a.gotNextMessages(i.acc,"success",{status:i.statusCode},[d,c,g])})}});e.end(d);a.ActiveAjaxCount++;return e};a.pendingAjaxCall=[];a.gotNextMessages=function(c,e,d,b){a.ActiveAjaxCount--;if(a.FailAllError==999){return}if(globalDebugFlags&1){console.log("RECV: "+c+"\r\n\r\n")}if(a.FailAllError!=0){b[1](null,a.FailAllError,b[2]);return}if(d.status!=200){b[1](null,d.status,b[2]);return}b[1](c,200,b[2]);a.PerformNextAjax()};a.gotNextMessagesError=function(d,e,c,b){a.ActiveAjaxCount--;if(a.FailAllError==999){return}if(a.FailAllError!=0){b[1](null,a.FailAllError,b[2]);return}if(a.FailAllError!=999){b[1]({Header:{HttpError:d.status}},d.status,b[2])}a.PerformNextAjax()};a.CancelAllQueries=function(b){while(a.PendingAjax.length>0){var c=a.PendingAjax.shift();c[1](null,b,c[2])}};return a}module.exports=CreateWsmanComm;
|
||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -471,22 +471,22 @@ function AmtManager(agent, db, isdebug) {
|
|||
}
|
||||
}
|
||||
}
|
||||
if (trustedFqdn == null) return; // No trusted DNS suffix.
|
||||
//debug('TrustedFqdn: ' + trustedFqdn);
|
||||
if (trustedFqdn == null) return; // No trusted DNS suffix.
|
||||
|
||||
// Check if we have a ACM policy match
|
||||
var hashMatch = false;
|
||||
var hashMatch = null;
|
||||
for (var i in amtpolicy.match) { var m = amtpolicy.match[i]; if (m.cn == trustedFqdn) { for (var j in trustedHashes) { if ((trustedHashes[j] == m.sha256) || (trustedHashes[j] == m.sha1)) { hashMatch = trustedHashes[j]; } } } }
|
||||
if (hashMatch == null) return; // No certificate / FQDN match
|
||||
debug('Policy: ' + JSON.stringify(amtpolicy));
|
||||
debug('HashMatch: ' + hashMatch);
|
||||
//debug('Policy: ' + JSON.stringify(amtpolicy));
|
||||
//debug('HashMatch: ' + hashMatch);
|
||||
|
||||
// Fetch Intel AMT realm and activation nonce and get ready to ACM activation...
|
||||
if (osamtstack != null) {
|
||||
debug('Trying to get Intel AMT activation information (1)...');
|
||||
//debug('Trying to get Intel AMT activation information (1)...');
|
||||
osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToACM2, { fqdn: trustedFqdn, hash: hashMatch });
|
||||
} else {
|
||||
debug('ACM Activation: Trying to get local account info...');
|
||||
//debug('ACM Activation: Trying to get local account info...');
|
||||
amtMei.getLocalSystemAccount(function (x) {
|
||||
if ((x != null) && x.user && x.pass) {
|
||||
//debug('Intel AMT local account info: User=' + x.user + ', Pass=' + x.pass + '.');
|
||||
|
|
@ -495,17 +495,17 @@ function AmtManager(agent, db, isdebug) {
|
|||
var amt = require('amt');
|
||||
oswsstack = new wsman(transport, '127.0.0.1', 16992, x.user, x.pass, false);
|
||||
osamtstack = new amt(oswsstack);
|
||||
debug('Trying to get Intel AMT activation information (2)...');
|
||||
//debug('Trying to get Intel AMT activation information (2)...');
|
||||
osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToACM2, { fqdn: trustedFqdn, hash: hashMatch });
|
||||
} else {
|
||||
debug('Unable to get $$OsAdmin password.');
|
||||
//debug('Unable to get $$OsAdmin password.');
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
function activeToACM2(stack, name, responses, status, tag) {
|
||||
debug('activeToACM2 status=' + status);
|
||||
//debug('activeToACM2 status=' + status);
|
||||
if (status != 200) return;
|
||||
var fwNonce = responses['IPS_HostBasedSetupService'].response['ConfigurationNonce'];
|
||||
var digestRealm = responses['AMT_GeneralSettings'].response['DigestRealm'];
|
||||
|
|
@ -514,27 +514,29 @@ function AmtManager(agent, db, isdebug) {
|
|||
|
||||
// Called when the server responds with a ACM activation signature.
|
||||
obj.setAcmResponse = function (acmdata) {
|
||||
debug('setAcmResponse=' + JSON.stringify(acmdata));
|
||||
//debug('setAcmResponse=' + JSON.stringify(acmdata));
|
||||
acmdata.index = 0;
|
||||
//performAcmActivation(acmdata);
|
||||
performAcmActivation(acmdata);
|
||||
}
|
||||
|
||||
// Recursive function to inject the provisioning certificates into AMT in the proper order and completes ACM activation
|
||||
function performAcmActivation(acmdata) {
|
||||
var leaf = (acmdata.index == 0), root = (acmdata.index == (acmdata.certChain.length - 1));
|
||||
if (acmdata.index < acmdata.certChain.length) {
|
||||
if (acmdata.certChain[acmdata.index] != null) {
|
||||
debug('Calling AddNextCertInChain(' + acmdata.index + ')');
|
||||
osamtstack.IPS_HostBasedSetupService_AddNextCertInChain(acmdata.certChain[acmdata.index], leaf, root, function (stack, name, responses, status) {
|
||||
if (status !== 200) { debug('AddNextCertInChain status=' + status); return; }
|
||||
else if (responses['Body']['ReturnValue'] !== 0) { debug('AddNextCertInChain error=' + responses['Body']['ReturnValue']); return; }
|
||||
else { acmdata.index++; performAcmActivation(acmdata); }
|
||||
});
|
||||
}
|
||||
//debug('performAcmActivation(' + JSON.stringify(acmdata) + ')');
|
||||
var leaf = (acmdata.index == 0), root = (acmdata.index == (acmdata.certs.length - 1));
|
||||
if ((acmdata.index < acmdata.certs.length) && (acmdata.certs[acmdata.index] != null)) {
|
||||
//debug('Calling AddNextCertInChain(' + acmdata.index + ', ' + acmdata.certs[acmdata.index] + ')');
|
||||
osamtstack.IPS_HostBasedSetupService_AddNextCertInChain(acmdata.certs[acmdata.index], leaf, root, function (stack, name, responses, status) {
|
||||
if (status !== 200) { debug('AddNextCertInChain status=' + status); return; }
|
||||
else if (responses['Body']['ReturnValue'] !== 0) { debug('AddNextCertInChain error=' + responses['Body']['ReturnValue']); return; }
|
||||
else { acmdata.index++; performAcmActivation(acmdata); }
|
||||
});
|
||||
} else {
|
||||
debug('Calling AdminSetup()');
|
||||
//debug('Calling AdminSetup()');
|
||||
osamtstack.IPS_HostBasedSetupService_AdminSetup(2, acmdata.password, acmdata.nonce, 2, acmdata.signature,
|
||||
function (stack, name, responses, status) { debug('DONE: ' + status); }
|
||||
function (stack, name, responses, status) {
|
||||
debug('AdminSetup Status: ' + status);
|
||||
if (status == 200) { debug('AdminSetup ReturnValue: ' + responses['Body']['ReturnValue']); }
|
||||
}
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -0,0 +1 @@
|
|||
function AMTScanner(){var a=require("events").inherits(this);a.createEvent("found");this.dgram=require("dgram");this.buildRmcpPing=function(c){var b=Buffer.from("06000006000011BE80000000","hex");b[9]=c;return b};this.parseRmcpPacket=function(h,b,g,d){if(b==null||b.length<20){return}var f={};if(((b[12]==0)||(b[13]!=0)||(b[14]!=1)||(b[15]!=87))&&(b[21]&32)){f.servertag=b[9];f.minorVersion=b[18]&15;f.majorVersion=(b[18]>>4)&15;f.provisioningState=b[19]&3;var e=(b[16]*256)+b[17];var c=((b[19]&4)!=0)?true:false;f.openPorts=[e];f.address=g.address;if(c==true){f.openPorts=[16992,16993]}if(d!==undefined){d(h,f)}}};this.parseIPv4Range=function(f){if(f==undefined||f==null){return null}var g=f.split("-");if(g.length==2){return{min:this.parseIpv4Addr(g[0]),max:this.parseIpv4Addr(g[1])}}g=f.split("/");if(g.length==2){var c=this.parseIpv4Addr(g[0]),e=parseInt(g[1]),d=0;if(e<=16||e>32){return null}e=32-e;for(var b=0;b<e;b++){d=(d<<1);d++}return{min:c&(4294967295-d),max:(c&(4294967295-d))+d}}g=this.parseIpv4Addr(f);if(g==null){return null}return{min:g,max:g}};this.parseIpv4Addr=function(b){var c=b.split(".");if(c.length==4){return(parseInt(c[0])<<24)+(parseInt(c[1])<<16)+(parseInt(c[2])<<8)+(parseInt(c[3])<<0)}return null};this.IPv4NumToStr=function(b){return((b>>24)&255)+"."+((b>>16)&255)+"."+((b>>8)&255)+"."+(b&255)};this.scan=function(d,g){var c=this.parseIPv4Range(d);var e=this.buildRmcpPing(0);var f=this.dgram.createSocket({type:"udp4"});f.parent=this;f.scanResults=[];f.on("error",function(i){console.log("Error:"+i)});f.on("message",function(i,j){if(j.size>4){this.parent.parseRmcpPacket(this,i,j,function(l,k){l.scanResults.push(k)})}});f.on("listening",function(){for(var j=c.min;j<=c.max;j++){f.send(e,623,f.parent.IPv4NumToStr(j))}});f.bind({address:"0.0.0.0",port:0,exclusive:true});var h=setTimeout(function b(){f.close();f.parent.emit("found",f.scanResults);delete f},g)}}module.exports=AMTScanner;
|
||||
|
|
@ -0,0 +1 @@
|
|||
function CreateWsmanComm(){var a={};a.PendingAjax=[];a.ActiveAjaxCount=0;a.MaxActiveAjaxCount=1;a.FailAllError=0;a.digest=null;a.RequestCount=0;if(arguments.length==1&&typeof(arguments[0]=="object")){a.host=arguments[0].host;a.port=arguments[0].port;a.authToken=arguments[0].authToken;a.tls=arguments[0].tls}else{a.host=arguments[0];a.port=arguments[1];a.user=arguments[2];a.pass=arguments[3];a.tls=arguments[4]}a.PerformAjax=function(d,c,f,e,g,b){if((a.ActiveAjaxCount==0||((a.ActiveAjaxCount<a.MaxActiveAjaxCount)&&(a.challengeParams!=null)))&&a.PendingAjax.length==0){a.PerformAjaxEx(d,c,f,g,b)}else{if(e==1){a.PendingAjax.unshift([d,c,f,g,b])}else{a.PendingAjax.push([d,c,f,g,b])}}};a.PerformNextAjax=function(){if(a.ActiveAjaxCount>=a.MaxActiveAjaxCount||a.PendingAjax.length==0){return}var b=a.PendingAjax.shift();a.PerformAjaxEx(b[0],b[1],b[2],b[3],b[4]);a.PerformNextAjax()};a.PerformAjaxEx=function(d,c,g,h,b){if(a.FailAllError!=0){if(a.FailAllError!=999){a.gotNextMessagesError({status:a.FailAllError},"error",null,[d,c,g])}return}if(!d){d=""}if(a.digest==null){if(a.authToken){a.digest=require("http-digest").create({authToken:a.authToken})}else{a.digest=require("http-digest").create(a.user,a.pass)}a.digest.http=require("http")}var f={protocol:(a.tls==1?"https:":"http:"),method:"POST",host:a.host,path:"/wsman",port:a.port,rejectUnauthorized:false,checkServerIdentity:function(i){console.log("checkServerIdentity",JSON.stringify(i))}};var e=a.digest.request(f);e.on("error",function(i){a.gotNextMessagesError({status:600},"error",null,[d,c,g])});e.on("response",function(i){if(i.statusCode!=200){a.gotNextMessagesError({status:i.statusCode},"error",null,[d,c,g])}else{i.acc="";i.on("data",function(j){this.acc+=j});i.on("end",function(){a.gotNextMessages(i.acc,"success",{status:i.statusCode},[d,c,g])})}});e.end(d);a.ActiveAjaxCount++;return e};a.pendingAjaxCall=[];a.gotNextMessages=function(c,e,d,b){a.ActiveAjaxCount--;if(a.FailAllError==999){return}if(a.FailAllError!=0){b[1](null,a.FailAllError,b[2]);return}if(d.status!=200){b[1](null,d.status,b[2]);return}b[1](c,200,b[2]);a.PerformNextAjax()};a.gotNextMessagesError=function(d,e,c,b){a.ActiveAjaxCount--;if(a.FailAllError==999){return}if(a.FailAllError!=0){b[1](null,a.FailAllError,b[2]);return}if(a.FailAllError!=999){b[1]({Header:{HttpError:d.status}},d.status,b[2])}a.PerformNextAjax()};a.CancelAllQueries=function(b){while(a.PendingAjax.length>0){var c=a.PendingAjax.shift();c[1](null,b,c[2])}};return a}module.exports=CreateWsmanComm;
|
||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -0,0 +1 @@
|
|||
try{Object.defineProperty(Array.prototype,"peek",{value:function(){return(this.length>0?this[this.length-1]:undefined)}})}catch(e){}function dbus(a,b){this._ObjectID="linux-dbus";require("events").EventEmitter.call(this,true).createEvent("signal");Object.defineProperty(this,"uid",{value:b});this._child=require("child_process").execFile("/bin/sh",["sh"],{type:require("child_process").SpawnTypes.TERM,uid:b==null?-1:b});this._child.stdin.write("dbus-monitor --session \"type='signal', interface='"+a+'\'" | ( while read X; do echo "$X"; done )\n');this._child.stdout.dbus=this;this._child.stdout.on("data",function(c){if(!this.ready){this.ready=true;return}var f=[];var g=c.toString().split("\r\n");for(var d in g){if(g[d]==""){this.dbus.preParseRecords(f);f=[]}else{f.push(g[d])}}});this.preParseRecords=function(d){var f=[];for(var c in d){if(d[c].startsWith("signal ")){if(f.length>0){this.parseRecords(f)}f=[]}f.push(d[c])}if(f.length>0){this.parseRecords(f)}};this.parseRecords=function(d){if(d[0].startsWith("signal ")){var g={};var h=d[0].split(" ");h.shift();for(var c in h){var f=h[c].split("=");if(f.length==2){g[f[0]]=f[1]}}d.shift();g.data=d;this.parseSignal(g)}};this.parseSignal=function(f){var c=f.data;f.data=[];for(var d=0;d<c.length;++d){if(c[d].startsWith("array ")){f.data.push([]);for(d=d+1;d<c.length;++d){this.parseSignal2(c[d],f.data.peek())}}else{this.parseSignal2(c[d],f.data)}}this.emit("signal",f)};this.parseSignal2=function(c,d){if(c.startsWith("string ")){d.push(JSON.parse(c.slice(7)))}else{if(c.startsWith("boolean ")){d.push(JSON.parse(c.slice(8)))}}}}module.exports=dbus;
|
||||
File diff suppressed because one or more lines are too long
|
|
@ -0,0 +1 @@
|
|||
function powerMonitor(){this._ObjectID="power-monitor";require("events").EventEmitter.call(this,true).createEvent("changed").createEvent("sx").createEvent("batteryLevel").createEvent("acdc").createEvent("display");this._i=setImmediate(function(a){require("user-sessions");delete a._i},this)}module.exports=new powerMonitor();
|
||||
File diff suppressed because one or more lines are too long
|
|
@ -0,0 +1 @@
|
|||
function _Scan(){var f=this.Marshal.CreatePointer();this.Native.WlanEnumInterfaces(this.Handle,0,f);var a=f.Deref().Deref(0,4).toBuffer().readUInt32LE(0);var d=f.Deref().Deref(8,532);var c=d.Deref(16,512).AnsiString;var e;switch(d.Deref(528,4).toBuffer().readUInt32LE(0)){case 0:e="NOT READY";break;case 1:e="CONNECTED";break;case 2:e="AD-HOC";break;case 3:e="DISCONNECTING";break;case 4:e="DISCONNECTED";break;case 5:e="ASSOCIATING";break;case 6:e="DISCOVERING";break;case 7:e="AUTHENTICATING";break;default:e="UNKNOWN";break}var b=d.Deref(0,16);if(this.Native.WlanScan(this.Handle,b,0,0,0).Val==0){return(true)}else{return(false)}}function AccessPoint(d,a,c,b){this.ssid=d;this.bssid=a;this.rssi=c;this.lq=b}AccessPoint.prototype.toString=function(){return(this.ssid+" ["+this.bssid+"]: "+this.lq)};function OnNotify(g){var h=g.Deref(0,4).toBuffer().readUInt32LE(0);var f=g.Deref(4,4).toBuffer().readUInt32LE(0);var c=g.Deref(8,16);if((h&8)&&(f==7)){var a=this.Parent.Marshal.CreatePointer();var k=this.Parent.Native.GetBSSList(this.Parent.Handle,c,0,3,0,0,a).Val;if(k==0){var n=a.Deref().Deref(0,4).toBuffer().readUInt32LE(0);var j=a.Deref().Deref(4,4).toBuffer().readUInt32LE(0);for(i=0;i<j;++i){var d=a.Deref().Deref(8+(360*i),360);var m=d.Deref(4,32).String.trim();var b=d.Deref(40,6).HexString2;var l=d.Deref(56,4).toBuffer().readUInt32LE(0);var e=d.Deref(60,4).toBuffer().readUInt32LE(0);this.Parent.emit("Scan",new AccessPoint(m,b,l,e))}}}}function Wireless(){var a=require("events").inherits(this);this.Marshal=require("_GenericMarshal");this.Native=this.Marshal.CreateNativeProxy("wlanapi.dll");this.Native.CreateMethod("WlanOpenHandle");this.Native.CreateMethod("WlanGetNetworkBssList","GetBSSList");this.Native.CreateMethod("WlanRegisterNotification");this.Native.CreateMethod("WlanEnumInterfaces");this.Native.CreateMethod("WlanScan");this.Native.CreateMethod("WlanQueryInterface");var c=this.Marshal.CreatePointer();var b=this.Marshal.CreatePointer();this.Native.WlanOpenHandle(2,0,c,b);this.Handle=b.Deref();this._NOTIFY_PROXY_OBJECT=this.Marshal.CreateCallbackProxy(OnNotify,2);this._NOTIFY_PROXY_OBJECT.Parent=this;var d=this.Marshal.CreatePointer();var e=this.Native.WlanRegisterNotification(this.Handle,65535,0,this._NOTIFY_PROXY_OBJECT.Callback,this._NOTIFY_PROXY_OBJECT.State,0,d);a.createEvent("Scan");a.addMethod("Scan",_Scan);this.GetConnectedNetwork=function(){var n=this.Marshal.CreatePointer();console.log("Success = "+this.Native.WlanEnumInterfaces(this.Handle,0,n).Val);var h=n.Deref().Deref(0,4).toBuffer().readUInt32LE(0);var m=n.Deref().Deref(8,532);var l=m.Deref(16,512).AnsiString;var o=m.Deref(528,4).toBuffer().readUInt32LE(0);if(m.Deref(528,4).toBuffer().readUInt32LE(0)==1){var j=this.Marshal.CreatePointer();var q=this.Marshal.CreatePointer();var s=this.Marshal.CreatePointer();var k=m.Deref(0,16);var r=this.Native.WlanQueryInterface(this.Handle,k,7,0,j,q,s).Val;if(r==0){var f=q.Deref().Deref(524,32).String;var g=q.Deref().Deref(560,6).HexString;var p=q.Deref().Deref(576,4).toBuffer().readUInt32LE(0);return(new AccessPoint(f,g,0,p))}}throw ("GetConnectedNetworks: FAILED (not associated to a network)")};return(this)}module.exports=new Wireless();
|
||||
|
|
@ -0,0 +1 @@
|
|||
var MemoryStream=require("MemoryStream");var WindowsChildScript='var parent = require("ScriptContainer");var Wireless = require("wifi-scanner-windows");Wireless.on("Scan", function (ap) { parent.send(ap); });Wireless.Scan();';function AccessPoint(c,a,b){this.ssid=c;this.bssid=a;this.lq=b}AccessPoint.prototype.toString=function(){return("["+this.bssid+"]: "+this.ssid+" ("+this.lq+")")};function WiFiScanner(){var a=require("events").inherits(this);a.createEvent("accessPoint");this.hasWireless=function(){var d=false;var b=require("os").networkInterfaces();for(var c in b){if(b[c][0].type=="wireless"){d=true;break}}return(d)};this.Scan=function(){if(process.platform=="win32"){this.master=require("ScriptContainer").Create(15,ContainerPermissions.DEFAULT);this.master.parent=this;this.master.on("data",function(e){this.parent.emit("accessPoint",new AccessPoint(e.ssid,e.bssid,e.lq))});this.master.addModule("wifi-scanner-windows",getJSModule("wifi-scanner-windows"));this.master.ExecuteString(WindowsChildScript)}else{if(process.platform=="linux"){var c=require("os").networkInterfaces();var d=null;for(var b in c){if(c[b][0].type=="wireless"){d=b;break}}if(d!=null){this.child=require("child_process").execFile("/sbin/iwlist",["iwlist",d,"scan"]);this.child.parent=this;this.child.ms=new MemoryStream();this.child.ms.parent=this.child;this.child.stdout.on("data",function(e){this.parent.ms.write(e)});this.child.on("exit",function(){this.ms.end()});this.child.ms.on("end",function(){var l=this.buffer.toString();tokens=l.split(" - Address: ");for(var h in tokens){if(h==0){continue}var i=tokens[h].split("\n");var e=i[0];var f;var g;for(var j in i){j=i[j].trim();j=j.trim();if(j.startsWith("ESSID:")){g=j.slice(7,j.length-1);if(g=="<hidden>"){g=""}}if(j.startsWith("Signal level=")){f=j.slice(13,j.length-4)}else{if(j.startsWith("Quality=")){f=j.slice(8,10);var k=j.slice(11,13)}}}this.parent.parent.emit("accessPoint",new AccessPoint(g,e,f))}})}}}}}module.exports=WiFiScanner;
|
||||
|
|
@ -0,0 +1 @@
|
|||
var TrayIconFlags={NIF_MESSAGE:1,NIF_ICON:2,NIF_TIP:4,NIF_STATE:8,NIF_INFO:16,NIF_GUID:32,NIF_REALTIME:64,NIF_SHOWTIP:128,NIM_ADD:0,NIM_MODIFY:1,NIM_DELETE:2,NIM_SETFOCUS:3,NIM_SETVERSION:4};var NOTIFYICON_VERSION_4=4;var MessageTypes={WM_APP:32768,WM_USER:1024};function WindowsConsole(){if(process.platform=="win32"){this._ObjectID="win-console";this._Marshal=require("_GenericMarshal");this._kernel32=this._Marshal.CreateNativeProxy("kernel32.dll");this._user32=this._Marshal.CreateNativeProxy("user32.dll");this._kernel32.CreateMethod("GetConsoleWindow");this._kernel32.CreateMethod("GetCurrentThread");this._user32.CreateMethod("ShowWindow");this._user32.CreateMethod("LoadImageA");this._user32.CreateMethod({method:"GetMessageA",threadDispatch:1});this._shell32=this._Marshal.CreateNativeProxy("Shell32.dll");this._shell32.CreateMethod("Shell_NotifyIconA");this._handle=this._kernel32.GetConsoleWindow();this.minimize=function(){this._user32.ShowWindow(this._handle,6)};this.restore=function(){this._user32.ShowWindow(this._handle,9)};this.hide=function(){this._user32.ShowWindow(this._handle,0)};this.show=function(){this._user32.ShowWindow(this._handle,5)};this._loadicon=function(c){var b=this._user32.LoadImageA(0,this._Marshal.CreateVariable(c),1,0,0,16|32768|64);return(b)};this.SetTrayIcon=function a(h){var b=this._Marshal.CreateVariable(this._Marshal.PointerSize==4?508:528);b.toBuffer().writeUInt32LE(b._size,0);var n=TrayIconFlags.NIF_TIP|TrayIconFlags.NIF_MESSAGE;h.filter=MessageTypes.WM_APP+1;b.Deref(this._Marshal.PointerSize==4?16:24,4).toBuffer().writeUInt32LE(h.filter);if(!h.noBalloon){n|=TrayIconFlags.NIF_INFO}if(h.icon){n|=TrayIconFlags.NIF_ICON;var c=b.Deref(this._Marshal.PointerSize==4?20:32,this._Marshal.PointerSize);h.icon.pointerBuffer().copy(c.toBuffer())}b.Deref(this._Marshal.PointerSize*2,4).toBuffer().writeUInt32LE(1);b.Deref(this._Marshal.PointerSize==4?12:20,4).toBuffer().writeUInt32LE(n);b.Deref(this._Marshal.PointerSize==4?416:432,4).toBuffer().writeUInt32LE(NOTIFYICON_VERSION_4);var m=b.Deref(this._Marshal.PointerSize==4?24:40,128);var k=b.Deref(this._Marshal.PointerSize==4?160:176,256);var l=b.Deref(this._Marshal.PointerSize==4?420:436,64);if(h.szTip){Buffer.from(h.szTip).copy(m.toBuffer())}if(h.szInfo){Buffer.from(h.szInfo).copy(k.toBuffer())}if(h.szInfoTitle){Buffer.from(h.szInfoTitle).copy(l.toBuffer())}var d=require("win-message-pump");retVal={_ObjectID:"WindowsConsole.TrayIcon",MessagePump:new d(h)};var j=require("events").inherits(retVal);j.createEvent("ToastClicked");j.createEvent("IconHover");j.createEvent("ToastDismissed");retVal.Options=h;retVal.MessagePump.TrayIcon=retVal;retVal.MessagePump.NotifyData=b;retVal.MessagePump.WindowsConsole=this;retVal.MessagePump.on("exit",function e(o){console.log("Pump Exited");if(this.TrayIcon){this.TrayIcon.remove()}});retVal.MessagePump.on("hwnd",function f(o){h.hwnd=o;o.pointerBuffer().copy(this.NotifyData.Deref(this.WindowsConsole._Marshal.PointerSize,this.WindowsConsole._Marshal.PointerSize).toBuffer());if(this.WindowsConsole._shell32.Shell_NotifyIconA(TrayIconFlags.NIM_ADD,this.NotifyData).Val==0){}});retVal.MessagePump.on("message",function g(p){if(p.message==this.TrayIcon.Options.filter){var o=false;if(p.wparam==1&&p.lparam==1029){this.TrayIcon.emit("ToastClicked");o=true}if(p.wparam==1&&p.lparam==512){this.TrayIcon.emit("IconHover");o=true}if(this.TrayIcon.Options.balloonOnly&&p.wparam==1&&(p.lparam==1028||p.lparam==1029)){this.TrayIcon.emit("ToastDismissed");this.TrayIcon.remove();o=true}}});retVal.remove=function i(){this.MessagePump.WindowsConsole._shell32.Shell_NotifyIconA(TrayIconFlags.NIM_DELETE,this.MessagePump.NotifyData);this.MessagePump.stop();delete this.MessagePump.TrayIcon;delete this.MessagePump};return(retVal)}}}module.exports=new WindowsConsole();
|
||||
File diff suppressed because one or more lines are too long
|
|
@ -30,34 +30,43 @@ module.exports.CertificateOperations = function (parent) {
|
|||
|
||||
// Sign a Intel AMT ACM activation request
|
||||
obj.signAcmRequest = function (domain, request, user, pass) {
|
||||
console.log('signAcmRequest', request);
|
||||
if ((domain == null) || (domain.amtacmactivation == null) || (domain.amtacmactivation.certs == null) || (request == null) || (request.nonce == null) || (request.realm == null) || (request.fqdn == null) || (request.hash == null)) return null;
|
||||
if (parent.common.validateString(request.nonce, 16, 256) == false) return null;
|
||||
if (parent.common.validateString(request.realm, 16, 256) == false) return null;
|
||||
if (parent.common.validateString(request.fqdn, 4, 256) == false) return null;
|
||||
if (parent.common.validateString(request.hash, 16, 256) == false) return null;
|
||||
|
||||
console.log('a1');
|
||||
// Look for the signing certificate
|
||||
var signkey = null, certChain = null, hashAlgo = null;
|
||||
var signkey = null, certChain = null, hashAlgo = null, certIndex = null;
|
||||
for (var i in domain.amtacmactivation.certs) {
|
||||
const certEntry = domain.amtacmactivation.certs[i];
|
||||
if ((certEntry.sha256 == request.hash) && ((certEntry.cn == '*') || (certEntry.cn == request.fqdn))) { hashAlgo = 'sha256'; signkey = certEntry.key; certChain = certEntry.certs; break; }
|
||||
if ((certEntry.sha1 == request.hash) && ((certEntry.cn == '*') || (certEntry.cn == request.fqdn))) { hashAlgo = 'sha1'; signkey = certEntry.key; certChain = certEntry.certs; break; }
|
||||
if ((certEntry.sha256 == request.hash) && ((certEntry.cn == '*') || (certEntry.cn == request.fqdn))) { hashAlgo = 'sha256'; signkey = certEntry.key; certChain = certEntry.certs; certIndex = i; break; }
|
||||
if ((certEntry.sha1 == request.hash) && ((certEntry.cn == '*') || (certEntry.cn == request.fqdn))) { hashAlgo = 'sha1'; signkey = certEntry.key; certChain = certEntry.certs; certIndex = i; break; }
|
||||
}
|
||||
console.log('as', signkey);
|
||||
if (signkey == null) return null; // Did not find a match.
|
||||
|
||||
// Create the signature message
|
||||
var mcNonce = Buffer.from(obj.crypto.randomBytes(20), 0, 20).toString('base64');
|
||||
console.log('aa');
|
||||
// If the matching certificate is a root cert, issue a leaf cert that matches the fqdn
|
||||
if (domain.amtacmactivation.certs[certIndex].cn == '*') return; // TODO: Add support for this mode
|
||||
console.log('ab');
|
||||
|
||||
// Setup both nonces, ready to be signed
|
||||
const mcNonce = Buffer.from(obj.crypto.randomBytes(32), 'binary');
|
||||
const fwNonce = Buffer.from(request.nonce, 'base64');
|
||||
|
||||
// Sign the request
|
||||
var signature = null;
|
||||
try {
|
||||
var signer = obj.crypto.createSign(hashAlgo);
|
||||
signer.update(request.nonce + mcNonce);
|
||||
signer.update(Buffer.concat([fwNonce, mcNonce]));
|
||||
signature = signer.sign(signkey, 'base64');
|
||||
} catch (ex) { return null; }
|
||||
|
||||
// Return the signature with the computed account password hash
|
||||
return { 'action': 'acmactivate', 'signature': signature, 'password': obj.crypto.createHash('md5').update(user + ':' + request.realm + ':' + pass).digest('hex'), 'nonce': mcNonce, 'certs': certChain };
|
||||
return { 'action': 'acmactivate', 'signature': signature, 'password': obj.crypto.createHash('md5').update(user + ':' + request.realm + ':' + pass).digest('hex'), 'nonce': mcNonce.toString('base64'), 'certs': certChain };
|
||||
}
|
||||
|
||||
// Load Intel AMT ACM activation certificates
|
||||
|
|
@ -112,7 +121,7 @@ module.exports.CertificateOperations = function (parent) {
|
|||
for (var k in r.certs) {
|
||||
if (((currenthash == null) && (r.certs[k].subject.hash == r.certs[k].issuer.hash)) || ((r.certs[k].issuer.hash == currenthash) && (r.certs[k].subject.hash != r.certs[k].issuer.hash))) {
|
||||
currenthash = r.certs[k].subject.hash;
|
||||
orderedCerts.push(Buffer.from(obj.forge.asn1.toDer(obj.pki.certificateToAsn1(r.certs[k])).data, 'binary').toString('base64'));
|
||||
orderedCerts.unshift(Buffer.from(obj.forge.asn1.toDer(obj.pki.certificateToAsn1(r.certs[k])).data, 'binary').toString('base64'));
|
||||
orderingError = false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue