Skip to content

Commit

Permalink
Fixed -kvmdatatrace issue.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Ylianst
Ylianst committed Aug 10, 2020
1 parent ea9fb68 commit 1507ace
Show file tree
Hide file tree
Showing 116 changed files with 49,517 additions and 18 deletions.
2 changes: 1 addition & 1 deletion amt-desktop-0.0.2.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -768,7 +768,7 @@ var CreateAmtRemoteDesktop = function (divid, scrolldiv) {
if ((obj.onKvmDataAck == true) && (obj.onKvmDataPending.length > 0)) { obj.sendKvmData(obj.onKvmDataPending.shift()); } // Send pending data
} else {
console.log('Got KVM clipboard data:', d);
if (urlvars && urlvars['kvmdatatrace']) { console.log('KVM-ClipBoard-Recv(' + x.length + '): ' + rstr2hex(x) + ', ' + x); }
if (urlvars && urlvars['kvmdatatrace']) { console.log('KVM-ClipBoard-Recv(' + d.length + '): ' + rstr2hex(d) + ', ' + d); }
}
}
// ###END###{DesktopInband}
Expand Down
13 changes: 9 additions & 4 deletions forge.js/forge.bundle.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18480,9 +18480,9 @@ pki.certificateFromAsn1 = function(obj, computeHash) {

// get oid
var oid = asn1.derToOid(capture.publicKeyOid);
if(oid !== pki.oids['rsaEncryption']) {
throw new Error('Cannot read public key. OID is not RSA.');
}
//if(oid !== pki.oids['rsaEncryption']) {
//throw new Error('Cannot read public key. OID is not RSA.');
//}

// create certificate
var cert = pki.createCertificate();
Expand Down Expand Up @@ -18602,8 +18602,13 @@ pki.certificateFromAsn1 = function(obj, computeHash) {
cert.extensions = [];
}

if (oid === pki.oids.rsaEncryption) {
// convert RSA public key from ASN.1
cert.publicKey = pki.publicKeyFromAsn1(capture.subjectPublicKeyInfo);
}

// convert RSA public key from ASN.1
cert.publicKey = pki.publicKeyFromAsn1(capture.subjectPublicKeyInfo);
//cert.publicKey = pki.publicKeyFromAsn1(capture.subjectPublicKeyInfo);

return cert;
};
Expand Down
15 changes: 10 additions & 5 deletions forge.js/x509.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1275,9 +1275,9 @@ pki.certificateFromAsn1 = function(obj, computeHash) {

// get oid
var oid = asn1.derToOid(capture.publicKeyOid);
if(oid !== pki.oids['rsaEncryption']) {
throw new Error('Cannot read public key. OID is not RSA.');
}
//if(oid !== pki.oids['rsaEncryption']) {
//throw new Error('Cannot read public key. OID is not RSA.');
//}

// create certificate
var cert = pki.createCertificate();
Expand Down Expand Up @@ -1397,8 +1397,13 @@ pki.certificateFromAsn1 = function(obj, computeHash) {
cert.extensions = [];
}

// convert RSA public key from ASN.1
cert.publicKey = pki.publicKeyFromAsn1(capture.subjectPublicKeyInfo);
if (oid === pki.oids.rsaEncryption) {
// convert RSA public key from ASN.1
cert.publicKey = pki.publicKeyFromAsn1(capture.subjectPublicKeyInfo);
}

// convert RSA public key from ASN.1
//cert.publicKey = pki.publicKeyFromAsn1(capture.subjectPublicKeyInfo);

return cert;
};
Expand Down
13,547 changes: 13,547 additions & 0 deletions index-old.html
View file

Large diffs are not rendered by default.

74 changes: 66 additions & 8 deletions index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4823,14 +4823,27 @@ <h4 style="width:100%;border-bottom:1px solid gray">Software KVM</h4>

// ###BEGIN###{Mode-NodeWebkit}
// Perform Intel ME authentication if available.
/*
if (amtversion >= 15) {
var nonce = '12345678901234567890'; // TODO: This is a test nonce, we will need to use a random one.
stack.AMT_GeneralSettings_AMTAuthenticate(btoa(nonce), function (stack, name, response, status) {
console.log('Intel AMT Auth', name, response, status);
if ((amtversion >= 15) && (wsstack.comm.xtlsCertificate != null)) {
stack.amtauthnonce = require('crypto').randomBytes(10).toString('hex');
stack.AMT_GeneralSettings_AMTAuthenticate(stack.amtauthnonce, function (stack, name, response, status) {
if (status == 200) {
stack.amtauth = response.Body;
stack.amtauth.CertificatesDer = [];
var certs = [], certsbin = atob(stack.amtauth.Certificates), cptr = 0;
for (var i = 0; i < stack.amtauth.LengthOfCertificates.length; i++) {
var bin = certsbin.substring(cptr, cptr + stack.amtauth.LengthOfCertificates[i]);
stack.amtauth.CertificatesDer.push(bin);
certs.push(forge.pki.certificateFromAsn1(forge.asn1.fromDer(bin))); // Node-forge does not support ECC, but we are using a modified Node-forge that can still parse the cert.
cptr += stack.amtauth.LengthOfCertificates[i];
}
stack.amtauth.Certificates = certs;
stack.amtauth.ClientNonce = stack.amtauthnonce;
delete stack.amtauth.LengthOfCertificates;
stack.amtauth.uuidStr = guidToStr(stack.amtauth.UUID).toLowerCase();
}
delete stack.amtauthnonce;
});
}
*/
// ###END###{Mode-NodeWebkit}

// ###BEGIN###{ComputerSelector}
Expand Down Expand Up @@ -5250,7 +5263,11 @@ <h4 style="width:100%;border-bottom:1px solid gray">Software KVM</h4>
if (y != null && y.length > 0) host += '.' + y;
if (host.length == 0) { host = ('<i>' + "None" + '</i>'); } else { host = EscapeHtml(host); }
x += TableEntry("Name & Domain", addLinkConditional(host, 'showEditNameDlg()', xxAccountAdminName));
if (HardwareInventory) x += TableEntry("System ID", guidToStr(HardwareInventory['CIM_ComputerSystemPackage'].response['PlatformGUID'].toLowerCase()));
if (amtstack.amtauth && amtstack.amtauth.uuidStr) {
x += TableEntry("System ID", amtstack.amtauth.uuidStr);
} else if (HardwareInventory) {
x += TableEntry("System ID", guidToStr(HardwareInventory['CIM_ComputerSystemPackage'].response['PlatformGUID'].toLowerCase()));
}
if (amtlogicalelements) {
var mode = '', scs = getItem(amtlogicalelements, 'CreationClassName', 'AMT_SetupAndConfigurationService');
// ###BEGIN###{!Look-Intel-SBT}
Expand Down Expand Up @@ -5431,6 +5448,10 @@ <h4 style="width:100%;border-bottom:1px solid gray">Software KVM</h4>
buttons += AddButton("Run Script...", 'script_runScriptDlg()') + ' ';
// ###END###{Scripting}
x += TableEnd(buttons);

// Show authentic CSME if present
if (amtstack.amtauth) { x += '<div style=position:absolute;top:10px;right:20px;cursor:pointer onclick=showAuthCsme()><img src=authcsme.png width=100 height=100 /></div>'; }

QH('id_TableSysStatus', x);

// ###BEGIN###{NetworkSettings}
Expand Down Expand Up @@ -5638,6 +5659,43 @@ <h4 style="width:100%;border-bottom:1px solid gray">Software KVM</h4>
}
}

function showAuthCsme() {
if (xxdialogMode) return;
var x = '<div style=margin-top:8px>' + "Intel&reg; AMT supports authentic CSME feature, however MeshCommander cannot verify the authenticity yet." + '</div><hr style=margin-top:8px;margin-bottom:8px;height:2px;border-width:0;color:gray;background-color:gray />';
x += addHtmlValue("FW Version", amtstack.amtauth.FWVersion);
x += addHtmlValue("FQDN", amtstack.amtauth.FQDN ? amtstack.amtauth.FQDN : ('<i>' + "None" + '</i>'));
x += '<hr style=margin-top:8px;margin-bottom:8px;height:2px;border-width:0;color:gray;background-color:gray /><table>';
for (var i in amtstack.amtauth.Certificates) {
var cert = amtstack.amtauth.Certificates[i];
x += '<tr><td style=width:32px><img src=images-commander/cert1.png height=32 width=32 />';
x += '<td>' + EscapeHtml(cert.subject.getField('CN').value) + '<br />';
// ###BEGIN###{FileSaver}
x += amtstack.amtauth.CertificatesDer[i].length + " bytes, " + '<a style=cursor:pointer;color:blue onclick=downloadAuthCert(' + i + ')>' + "Download" + '</a>';
// ###END###{FileSaver}
// ###BEGIN###{!FileSaver}
x += amtstack.amtauth.CertificatesDer[i].length + " bytes";
// ###END###{!FileSaver}
}
x += '</table>';
setDialogMode(11, "Authentic CSME", 1, null, x);
}

// ###BEGIN###{FileSaver}
function downloadAuthCert(h) {
h = parseInt(h);
// ###BEGIN###{!Mode-NodeWebkit}
saveAs(data2blob(amtstack.amtauth.CertificatesDer[h]), amtstack.amtauth.Certificates[h].subject.getField('CN').value + '.cer');
// ###END###{!Mode-NodeWebkit}
// ###BEGIN###{Mode-NodeWebkit}
var chooser = document.createElement('input');
chooser.setAttribute('type', 'file');
chooser.setAttribute('nwsaveas', amtstack.amtauth.Certificates[h].subject.getField('CN').value + '.cer');
chooser.addEventListener('change', function () { require('fs').writeFile(this.value, amtstack.amtauth.CertificatesDer[h], 'binary', function () { }); }, false);
chooser.click();
// ###END###{Mode-NodeWebkit}
}
// ###END###{FileSaver}

// ###BEGIN###{WsmanBrowser}
// ###BEGIN###{FileSaver}
var IntelAmtEntireState;
Expand Down Expand Up @@ -6235,7 +6293,7 @@ <h4 style="width:100%;border-bottom:1px solid gray">Software KVM</h4>
if (certificateStore.length > 0) {
x += '<div id=dxcertfileop2><div style=height:26px;margin-top:4px><select id=certhandle style=float:right;width:260px>';
for (var i in certificateStore) {
var certificate = certificateStore[i], name = certificate.cert.subject.getField('CN').value
var certificate = certificateStore[i], name = certificate.cert.subject.getField('CN').value;
x += '<option value=' + certificate['h'] + '>' + name + '</option>';
}
x += '</select><div style=padding-top:4px>' + "Certificate" + '</div></div></div>';
Expand Down
153 changes: 153 additions & 0 deletions pki.js/AccessDescription.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,153 @@
import * as asn1js from "asn1js";
import { getParametersValue, clearProps } from "pvutils";
import GeneralName from "./GeneralName.js";
//**************************************************************************************
/**
* Class from RFC5280
*/
export default class AccessDescription
{
//**********************************************************************************
/**
* Constructor for AccessDescription class
* @param {Object} [parameters={}]
* @param {Object} [parameters.schema] asn1js parsed value to initialize the class from
*/
constructor(parameters = {})
{
//region Internal properties of the object
/**
* @type {string}
* @desc The type and format of the information are specified by the accessMethod field. This profile defines two accessMethod OIDs: id-ad-caIssuers and id-ad-ocsp
*/
this.accessMethod = getParametersValue(parameters, "accessMethod", AccessDescription.defaultValues("accessMethod"));
/**
* @type {GeneralName}
* @desc The accessLocation field specifies the location of the information
*/
this.accessLocation = getParametersValue(parameters, "accessLocation", AccessDescription.defaultValues("accessLocation"));
//endregion

//region If input argument array contains "schema" for this object
if("schema" in parameters)
this.fromSchema(parameters.schema);
//endregion
}
//**********************************************************************************
/**
* Return default values for all class members
* @param {string} memberName String name for a class member
*/
static defaultValues(memberName)
{
switch(memberName)
{
case "accessMethod":
return "";
case "accessLocation":
return new GeneralName();
default:
throw new Error(`Invalid member name for AccessDescription class: ${memberName}`);
}
}
//**********************************************************************************
/**
* Return value of pre-defined ASN.1 schema for current class
*
* ASN.1 schema:
* ```asn1
* AccessDescription ::= SEQUENCE {
* accessMethod OBJECT IDENTIFIER,
* accessLocation GeneralName }
* ```
*
* @param {Object} parameters Input parameters for the schema
* @returns {Object} asn1js schema object
*/
static schema(parameters = {})
{
/**
* @type {Object}
* @property {string} [blockName]
* @property {string} [accessMethod]
* @property {string} [accessLocation]
*/
const names = getParametersValue(parameters, "names", {});

return (new asn1js.Sequence({
name: (names.blockName || ""),
value: [
new asn1js.ObjectIdentifier({ name: (names.accessMethod || "") }),
GeneralName.schema(names.accessLocation || {})
]
}));
}
//**********************************************************************************
/**
* Convert parsed asn1js object into current class
* @param {!Object} schema
*/
fromSchema(schema)
{
//region Clear input data first
clearProps(schema, [
"accessMethod",
"accessLocation"
]);
//endregion

//region Check the schema is valid
const asn1 = asn1js.compareSchema(schema,
schema,
AccessDescription.schema({
names: {
accessMethod: "accessMethod",
accessLocation: {
names: {
blockName: "accessLocation"
}
}
}
})
);

if(asn1.verified === false)
throw new Error("Object's schema was not verified against input data for AccessDescription");
//endregion

//region Get internal properties from parsed schema
this.accessMethod = asn1.result.accessMethod.valueBlock.toString();
this.accessLocation = new GeneralName({ schema: asn1.result.accessLocation });
//endregion
}
//**********************************************************************************
/**
* Convert current object to asn1js object and set correct values
* @returns {Object} asn1js object
*/
toSchema()
{
//region Construct and return new ASN.1 schema for this object
return (new asn1js.Sequence({
value: [
new asn1js.ObjectIdentifier({ value: this.accessMethod }),
this.accessLocation.toSchema()
]
}));
//endregion
}
//**********************************************************************************
/**
* Convertion for the class to JSON object
* @returns {Object}
*/
toJSON()
{
return {
accessMethod: this.accessMethod,
accessLocation: this.accessLocation.toJSON()
};
}
//**********************************************************************************
}
//**************************************************************************************
Loading

0 comments on commit 1507ace

Please sign in to comment.