external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

Intel AMT activation fixes.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2021-03-13 21:26:59 -08:00
parent ffabdb39d3
commit 5bdebda679
3 changed files with 27 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

19
certoperations.js
View file

@ -62,7 +62,7 @@ module.exports.CertificateOperations = function (parent) {
}
// Hash the leaf certificate and return the certificate chain and signing key
return { action: 'acmactivate', certs: certChain, signkey: signkey, hash: obj.getCertHash(certChain[certChain.length - 1]) };
return { action: 'acmactivate', certs: certChain, signkey: signkey, hash384: obj.getCertHash(certChain[certChain.length - 1]), hash256: obj.getCertHashSha256(certChain[certChain.length - 1]) };
}
// Sign a Intel AMT ACM activation request
@ -550,7 +550,7 @@ module.exports.CertificateOperations = function (parent) {
return obj.pki.getPublicKeyFingerprint(publickey, { encoding: 'hex', md: obj.forge.md.sha384.create() });
};
// Return the SHA384 hash of the certificate, return hex
// Return the SHA1 hash of the certificate, return hex
obj.getCertHashSha1 = function (cert) {
try {
var md = obj.forge.md.sha1.create();
@ -565,6 +565,21 @@ module.exports.CertificateOperations = function (parent) {
}
};
// Return the SHA256 hash of the certificate, return hex
obj.getCertHashSha256 = function (cert) {
try {
var md = obj.forge.md.sha256.create();
md.update(obj.forge.asn1.toDer(obj.pki.certificateToAsn1(obj.pki.certificateFromPem(cert))).getBytes());
return md.digest().toHex();
} catch (ex) {
// If this is not an RSA certificate, hash the raw PKCS7 out of the PEM file
var x1 = cert.indexOf('-----BEGIN CERTIFICATE-----'), x2 = cert.indexOf('-----END CERTIFICATE-----');
if ((x1 >= 0) && (x2 > x1)) {
return obj.crypto.createHash('sha256').update(Buffer.from(cert.substring(x1 + 27, x2), 'base64')).digest('hex');
} else { console.log("ERROR: Unable to decode certificate."); return null; }
}
};
// Return the SHA384 hash of the certificate, return hex
obj.getCertHash = function (cert) {
try {