add inxi and verifiable credential functionality #8
|
@ -21,7 +21,7 @@ SNAPSHOT_BASE = {
|
||||||
'uuid': str(uuid.uuid4()),
|
'uuid': str(uuid.uuid4()),
|
||||||
'software': "workbench-script",
|
'software': "workbench-script",
|
||||||
'version': "0.0.1",
|
'version': "0.0.1",
|
||||||
'token_hash': "",
|
'operator_id': "",
|
||||||
'data': {},
|
'data': {},
|
||||||
'erase': []
|
'erase': []
|
||||||
}
|
}
|
||||||
|
@ -87,11 +87,11 @@ def convert_to_legacy_snapshot(snapshot):
|
||||||
snapshot["schema_api"] = "1.0.0"
|
snapshot["schema_api"] = "1.0.0"
|
||||||
snapshot["settings_version"] = "No Settings Version (NaN)"
|
snapshot["settings_version"] = "No Settings Version (NaN)"
|
||||||
snapshot["timestamp"] = snapshot["timestamp"].replace(" ", "T")
|
snapshot["timestamp"] = snapshot["timestamp"].replace(" ", "T")
|
||||||
snapshot["data"]["smart"] = snapshot["data"]["disks"]
|
snapshot["data"]["smart"] = snapshot["data"]["smartctl"]
|
||||||
snapshot["data"].pop("disks")
|
snapshot["data"].pop("smartctl")
|
||||||
snapshot["data"].pop("inxi")
|
snapshot["data"].pop("inxi")
|
||||||
|
snapshot.pop("operator_id")
|
||||||
snapshot.pop("erase")
|
snapshot.pop("erase")
|
||||||
snapshot.pop("token_hash")
|
|
||||||
|
|
||||||
lshw = 'sudo lshw -xml'
|
lshw = 'sudo lshw -xml'
|
||||||
hwinfo = 'sudo hwinfo --reallyall'
|
hwinfo = 'sudo hwinfo --reallyall'
|
||||||
|
@ -274,7 +274,7 @@ def smartctl(all_disks, disk=None):
|
||||||
data = exec_smart(disk['name'])
|
data = exec_smart(disk['name'])
|
||||||
data_list.append(data)
|
data_list.append(data)
|
||||||
|
|
||||||
return data_list
|
return json.dumps(data_list)
|
||||||
|
|
||||||
## End Command Functions ##
|
## End Command Functions ##
|
||||||
|
|
||||||
|
@ -286,7 +286,7 @@ def get_data(all_disks):
|
||||||
inxi = "sudo inxi -afmnGEMABD -x 3 --edid --output json --output-file print"
|
inxi = "sudo inxi -afmnGEMABD -x 3 --edid --output json --output-file print"
|
||||||
|
|
||||||
data = {
|
data = {
|
||||||
'disks': smartctl(all_disks),
|
'smartctl': smartctl(all_disks),
|
||||||
'dmidecode': exec_cmd(dmidecode),
|
'dmidecode': exec_cmd(dmidecode),
|
||||||
'inxi': exec_cmd(inxi)
|
'inxi': exec_cmd(inxi)
|
||||||
}
|
}
|
||||||
|
@ -329,35 +329,53 @@ def save_snapshot_in_disk(snapshot, path, snap_uuid):
|
||||||
logger.error(_("Could not save snapshot locally. Reason: Failed to write in fallback path:\n %s"), e)
|
logger.error(_("Could not save snapshot locally. Reason: Failed to write in fallback path:\n %s"), e)
|
||||||
|
|
||||||
|
|
||||||
def send_to_sign_credential(cred, token, url):
|
def send_to_sign_credential(snapshot, token, url):
|
||||||
headers = {
|
headers = {
|
||||||
"Authorization": f"Bearer {token}",
|
"Authorization": f"Bearer {token}",
|
||||||
"Content-Type": "application/json"
|
"Content-Type": "application/json"
|
||||||
}
|
}
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
cred = {
|
||||||
|
"type": "DeviceSnapshotV1",
|
||||||
|
"save": False,
|
||||||
|
"data": {
|
||||||
|
"operator_id": snapshot["operator_id"],
|
||||||
|
"dmidecode": snapshot["data"]["dmidecode"],
|
||||||
|
"inxi": snapshot["data"]["inxi"],
|
||||||
|
"smartctl": snapshot["data"]["smartctl"],
|
||||||
|
"uuid": snapshot["uuid"],
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
data = json.dumps(cred).encode('utf-8')
|
data = json.dumps(cred).encode('utf-8')
|
||||||
request = urllib.request.Request(url, data=data, headers=headers)
|
request = urllib.request.Request(url, data=data, headers=headers)
|
||||||
with urllib.request.urlopen(request) as response:
|
with urllib.request.urlopen(request) as response:
|
||||||
status_code = response.getcode()
|
status_code = response.getcode()
|
||||||
#response_text = response.read().decode('utf-8')
|
response_text = response.read().decode('utf-8')
|
||||||
|
|
||||||
if 200 <= status_code < 300:
|
if 200 <= status_code < 300:
|
||||||
logger.info(_("Credential successfully signed"))
|
logger.info(_("Credential successfully signed"))
|
||||||
|
res = json.loads(response_text)
|
||||||
|
if res.get("status") == "success" and res.get("data"):
|
||||||
|
return res["data"]
|
||||||
|
return snapshot
|
||||||
else:
|
else:
|
||||||
logger.error(_("Credential cannot signed in '%s'"), url)
|
logger.error(_("Credential cannot signed in '%s'"), url)
|
||||||
|
return snapshot
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
logger.error(_("Credential not remotely sent to URL '%s'. Do you have internet? Is your server up & running? Is the url token authorized?\n %s"), url, e)
|
logger.error(_("Credential not remotely builded to URL '%s'. Do you have internet? Is your server up & running? Is the url token authorized?\n %s"), url, e)
|
||||||
|
return json.dumps(snapshot)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# TODO sanitize url, if url is like this, it fails
|
# TODO sanitize url, if url is like this, it fails
|
||||||
# url = 'http://127.0.0.1:8000/api/snapshot/'
|
# url = 'http://127.0.0.1:8000/api/snapshot/'
|
||||||
def send_snapshot_to_devicehub(snapshot, token, url):
|
def send_snapshot_to_devicehub(snapshot, token, url, ev_uuid):
|
||||||
url_components = urllib.parse.urlparse(url)
|
url_components = urllib.parse.urlparse(url)
|
||||||
ev_path = "evidence/{}".format(snapshot["uuid"])
|
ev_path = f"evidence/{ev_uuid}"
|
||||||
components = (url_components.schema, url_components.netloc, ev_path, '', '', '')
|
components = (url_components.scheme, url_components.netloc, ev_path, '', '', '')
|
||||||
ev_url = urllib.parse.urlunparse(components)
|
ev_url = urllib.parse.urlunparse(components)
|
||||||
# apt install qrencode
|
# apt install qrencode
|
||||||
qr = "echo {} | qrencode -t ANSI".format(ev_url)
|
qr = "echo {} | qrencode -t ANSI".format(ev_url)
|
||||||
|
@ -369,7 +387,7 @@ def send_snapshot_to_devicehub(snapshot, token, url):
|
||||||
"Content-Type": "application/json"
|
"Content-Type": "application/json"
|
||||||
}
|
}
|
||||||
try:
|
try:
|
||||||
data = json.dumps(snapshot).encode('utf-8')
|
data = snapshot.encode('utf-8')
|
||||||
request = urllib.request.Request(url, data=data, headers=headers)
|
request = urllib.request.Request(url, data=data, headers=headers)
|
||||||
with urllib.request.urlopen(request) as response:
|
with urllib.request.urlopen(request) as response:
|
||||||
status_code = response.getcode()
|
status_code = response.getcode()
|
||||||
|
@ -515,18 +533,17 @@ def main():
|
||||||
|
|
||||||
if wb_sign_token:
|
if wb_sign_token:
|
||||||
tk = wb_sign_token.encode("utf8")
|
tk = wb_sign_token.encode("utf8")
|
||||||
snapshot["token_hash"] = hashlib.hash256(tk).hexdigest()
|
snapshot["operator_id"] = hashlib.sha3_256(tk).hexdigest()
|
||||||
|
|
||||||
if url_wallet and wb_sign_token:
|
if url_wallet and wb_sign_token:
|
||||||
snapshot = send_to_sign_credential(snapshot, wb_sign_token, url_wallet)
|
snapshot = send_to_sign_credential(snapshot, wb_sign_token, url_wallet)
|
||||||
else:
|
else:
|
||||||
snapshot = json.dumps(snapshot)
|
snapshot = json.dumps(snapshot)
|
||||||
|
|
||||||
|
|
||||||
save_snapshot_in_disk(snapshot, config['path'], snap_uuid)
|
save_snapshot_in_disk(snapshot, config['path'], snap_uuid)
|
||||||
|
|
||||||
if config['url']:
|
if config['url']:
|
||||||
send_snapshot_to_devicehub(snapshot, config['token'], config['url'])
|
send_snapshot_to_devicehub(snapshot, config['token'], config['url'], snap_uuid)
|
||||||
|
|
||||||
logger.info(_("END"))
|
logger.info(_("END"))
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue