Merge branch 'main' into dependabot/github_actions/github/codeql-acti…

…on-3.26.11
open-amt-cloud-toolkit · Oct 4, 2024 · 474254d · 474254d
2 parents ecc3565 + 3a64481
commit 474254d
Show file tree

Hide file tree

Showing 11 changed files with 732 additions and 2 deletions.
diff --git a/go.mod b/go.mod
@@ -3,12 +3,23 @@ module github.com/open-amt-cloud-toolkit/go-wsman-messages/v2
 go 1.20
 
 require (
+	github.com/99designs/keyring v1.2.2
 	github.com/google/uuid v1.6.0
 	github.com/stretchr/testify v1.9.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
-require golang.org/x/sys v0.18.0 // indirect
+require (
+	github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 // indirect
+	github.com/danieljoos/wincred v1.1.2 // indirect
+	github.com/dvsekhvalnov/jose2go v1.7.0 // indirect
+	github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 // indirect
+	github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c // indirect
+	github.com/mtibben/percent v0.2.1 // indirect
+	github.com/stretchr/objx v0.5.2 // indirect
+	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/term v0.3.0 // indirect
+)
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect

diff --git a/go.sum b/go.sum
@@ -1,23 +1,48 @@
+github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 h1:/vQbFIOMbk2FiG/kXiLl8BRyzTWDw7gX/Hz7Dd5eDMs=
+github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4/go.mod h1:hN7oaIRCjzsZ2dE+yG5k+rsdt3qcwykqK6HVGcKwsw4=
+github.com/99designs/keyring v1.2.2 h1:pZd3neh/EmUzWONb35LxQfvuY7kiSXAq3HQd97+XBn0=
+github.com/99designs/keyring v1.2.2/go.mod h1:wes/FrByc8j7lFOAGLGSNEg8f/PaI3cgTBqhFkHUrPk=
+github.com/danieljoos/wincred v1.1.2 h1:QLdCxFs1/Yl4zduvBdcHB8goaYk9RARS2SgLLRuAyr0=
+github.com/danieljoos/wincred v1.1.2/go.mod h1:GijpziifJoIBfYh+S7BbkdUTU4LfM+QnGqR5Vl2tAx0=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dvsekhvalnov/jose2go v1.7.0 h1:bnQc8+GMnidJZA8zc6lLEAb4xNrIqHwO+9TzqvtQZPo=
+github.com/dvsekhvalnov/jose2go v1.7.0/go.mod h1:QsHjhyTlD/lAVqn/NSbVZmSCGeDehTB/mPZadG+mhXU=
+github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 h1:ZpnhV/YsD2/4cESfV5+Hoeu/iUR3ruzNvZ+yQfO03a0=
+github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
 github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c h1:6rhixN/i8ZofjG1Y75iExal34USq5p+wiN1tpie8IrU=
+github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c/go.mod h1:NMPJylDgVpX0MLRlPy15sqSwOFv/U1GZ2m21JhFfek0=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/mtibben/percent v0.2.1 h1:5gssi8Nqo8QU/r2pynCm+hBQHpkB/uNK7BJCFogWdzs=
+github.com/mtibben/percent v0.2.1/go.mod h1:KG9uO+SZkUp+VkRHsCdYQV3XSZrrSpR3O9ibNBTZrns=
+github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
+github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+golang.org/x/sys v0.0.0-20210819135213-f52c844e1c1c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
 golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+golang.org/x/term v0.3.0 h1:qoo4akIqOcDME5bhc/NgxUdovd6BSS2uMsVjB56q1xI=
+golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b h1:QRR6H1YWRnHb4Y/HeNFCTJLFVxaq6wH4YuVdsUOr75U=
+gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/pkg/config/v2.go b/pkg/config/v2.go
@@ -0,0 +1,114 @@
+package config
+
+type Configuration struct {
+	ID            int              `yaml:"id"`
+	Name          string           `yaml:"name"`
+	Configuration RemoteManagement `yaml:"configuration"`
+}
+
+type RemoteManagement struct {
+	GeneralSettings     GeneralSettings     `yaml:"generalSettings"`
+	Network             Network             `yaml:"network"`
+	TLS                 TLS                 `yaml:"tls"`
+	Redirection         Redirection         `yaml:"redirection"`
+	UserAccounts        UserAccounts        `yaml:"userAccounts"`
+	EnterpriseAssistant EnterpriseAssistant `yaml:"enterpriseAssistant"`
+	AMTSpecific         AMTSpecific         `yaml:"amtSpecific"`
+	BMCSpecific         BMCSpecific         `yaml:"bmcSpecific"`
+	DASHSpecific        DASHSpecific        `yaml:"dashSpecific"`
+	RedfishSpecific     RedfishSpecific     `yaml:"redfishSpecific"`
+}
+
+type GeneralSettings struct {
+	SharedFQDN              bool `yaml:"sharedFQDN"`
+	NetworkInterfaceEnabled int  `yaml:"networkInterfaceEnabled"`
+	PingResponseEnabled     bool `yaml:"pingResponseEnabled"`
+}
+
+type Network struct {
+	Wired    Wired    `yaml:"wired"`
+	Wireless Wireless `yaml:"wireless"`
+}
+
+type Wired struct {
+	DHCPEnabled    bool      `yaml:"dhcpEnabled"`
+	IPSyncEnabled  bool      `yaml:"ipSyncEnabled"`
+	SharedStaticIP bool      `yaml:"sharedStaticIP"`
+	IPAddress      string    `yaml:"ipAddress"`
+	SubnetMask     string    `yaml:"subnetMask"`
+	DefaultGateway string    `yaml:"defaultGateway"`
+	PrimaryDNS     string    `yaml:"primaryDNS"`
+	SecondaryDNS   string    `yaml:"secondaryDNS"`
+	Authentication string    `yaml:"authentication"`
+	IEEE8021x      IEEE8021x `yaml:"ieee8021x"`
+}
+
+type Wireless struct {
+	Profiles []WirelessProfile `yaml:"profiles"`
+}
+
+type WirelessProfile struct {
+	SSID                 string    `yaml:"ssid"`
+	Password             string    `yaml:"password"`
+	AuthenticationMethod string    `yaml:"authenticationMethod"`
+	EncryptionMethod     string    `yaml:"encryptionMethod"`
+	Priority             int       `yaml:"priority"`
+	IEEE8021x            IEEE8021x `yaml:"ieee8021x"`
+}
+
+type IEEE8021x struct {
+	Username               string `yaml:"username"`
+	Password               string `yaml:"password"`
+	AuthenticationProtocol int    `yaml:"authenticationProtocol"`
+	ClientCert             string `yaml:"clientCert"`
+	CACert                 string `yaml:"caCert"`
+	PrivateKey             string `yaml:"privateKey"`
+}
+
+type TLS struct {
+	MutualAuthentication bool     `yaml:"mutualAuthentication"`
+	Enabled              bool     `yaml:"enabled"`
+	TrustedCN            []string `yaml:"trustedCN"`
+}
+
+type Redirection struct {
+	Enabled     bool     `yaml:"enabled"`
+	Services    Services `yaml:"services"`
+	UserConsent string   `yaml:"userConsent"`
+}
+
+type Services struct {
+	KVM  bool `yaml:"kvm"`
+	SOL  bool `yaml:"sol"`
+	IDER bool `yaml:"ider"`
+}
+
+type UserAccounts struct {
+	UserAccounts []string `yaml:"userAccounts"`
+}
+
+type EnterpriseAssistant struct {
+	URL      string `yaml:"url"`
+	Username string `yaml:"username"`
+	Password string `yaml:"password"`
+}
+
+type AMTSpecific struct {
+	ControlMode         string `yaml:"controlMode"`
+	AdminPassword       string `yaml:"adminPassword"`
+	ProvisioningCert    string `yaml:"provisioningCert"`
+	ProvisioningCertPwd string `yaml:"provisioningCertPwd"`
+	MEBXPassword        string `yaml:"mebxPassword"`
+}
+
+type BMCSpecific struct {
+	AdminPassword string `yaml:"adminPassword"`
+}
+
+type DASHSpecific struct {
+	AdminPassword string `yaml:"adminPassword"`
+}
+
+type RedfishSpecific struct {
+	AdminPassword string `yaml:"adminPassword"`
+}
diff --git a/pkg/security/decrypt.go b/pkg/security/decrypt.go
@@ -0,0 +1,66 @@
+package security
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"encoding/base64"
+	"errors"
+	"os"
+
+	"gopkg.in/yaml.v3"
+
+	"github.com/open-amt-cloud-toolkit/go-wsman-messages/v2/pkg/config"
+)
+
+// Decrypt ciphertext using AES-GCM with the provided key.
+func (c Crypto) Decrypt(cipherText string, key []byte) ([]byte, error) {
+	data, err := base64.StdEncoding.DecodeString(cipherText)
+	if err != nil {
+		return nil, err
+	}
+
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+
+	gcm, err := cipher.NewGCM(block)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(data) < gcm.NonceSize() {
+		return nil, errors.New("cipher text too short")
+	}
+
+	nonce, ciphertext := data[:gcm.NonceSize()], data[gcm.NonceSize():]
+
+	plainText, err := gcm.Open(nil, nonce, ciphertext, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return plainText, nil
+}
+
+// Read encrypted data from file and decrypt it.
+func (c Crypto) ReadAndDecryptFile(filePath string, key []byte) (config.Configuration, error) {
+	encryptedData, err := os.ReadFile(filePath)
+	if err != nil {
+		return config.Configuration{}, err
+	}
+
+	decryptedData, err := c.Decrypt(string(encryptedData), key)
+	if err != nil {
+		return config.Configuration{}, err
+	}
+
+	var configuration config.Configuration
+
+	err = yaml.Unmarshal(decryptedData, &configuration)
+	if err != nil {
+		return config.Configuration{}, err
+	}
+
+	return configuration, nil
+}