com.intel.util
Class AMTProvision
- java.lang.Object
-
- com.intel.util.AMTProvision
-
public class AMTProvision extends java.lang.Object
This class provides an interface to accomplish provisioning of Intel® AMT in ACM mode. Full provisioning (ACM - Admin Control Mode) can be accomplished from CCM (Client Control Mode - partial provisioning) or from NONE (not provisioned mode). Unprovision (full unprovision) will move the Intel® AMT state to NONE (not provisioned mode).
The Intel® AMT states are:
- PRE - not provisioned
- IN - in the middle of a provisioning process (CCM or ACM)
- POST - after a provisioning process (CCM or ACM)
NOTE: It is not allowed to move to ACM while the Intel® AMT state is IN,
UtilException.UtilException()
will be thrown in this case.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class and Description static class
AMTProvision.ProtocolVersion
Represents Intel® DAL Intel® AMT Provisioning protocol version
-
Field Summary
Fields Modifier and Type Field and Description static int
CONTROL_MODE_ADMIN
Intel® AMT provision control mode - Admin mode (ACM)static int
CONTROL_MODE_CLIENT
Intel® AMT provision control mode - Client mode (CCM)static int
CONTROL_MODE_NONE
Intel® AMT provision control mode - not provisionedstatic int
MAX_CONFIGURATION_SERVER_FQDN
Max secure server domain FQDN lengthstatic int
MAX_SECURE_FQDN_LENGTH
Max secure FQDN lengthstatic int
NETWORK_PASSWORD_LENGTH
Intel® AMT password sizestatic int
PROVISIONING_AUDIT_RECORD_LENGTH
Max Intel® AMT provision audit record lengthstatic int
PROVISIONING_STATE_IN
Intel® AMT provisioning state - in the middle of a provisioning process (to CCM or to ACM)static int
PROVISIONING_STATE_POST
Intel® AMT provisioning state - after a provisioning processstatic int
PROVISIONING_STATE_PRE
Intel® AMT provisioning state - not provisionedstatic int
UNPROVISIONING_AUDIT_RECORD_LENGTH
Max Intel® AMT un-provision audit record length
-
Method Summary
Methods Modifier and Type Method and Description static void
completeConfigurationToACM(int networkAdminPasswordEncryptionType, byte[] networkAdminPassword, byte[] appletProvisioningAuditRecord)
Provision the Intel® AMT on the platform to ACM mode.static void
completeConfigurationToACM(int networkAdminPasswordEncryptionType, byte[] networkAdminPassword, byte[] appletProvisioningAuditRecord, byte[] params)
Provision the Intel® AMT on the platform to ACM mode.static byte[]
getAppletProvisioningAuditRecord()
Retrieve the applet Intel® AMT provisioning (setup) audit record which was provided tocompleteConfigurationToACM()
or tocompleteConfigurationToACM()
static int
getControlMode()
Retrieve the Intel® AMT provisioning control modestatic byte[]
getProvisioningAuditRecord()
Retrieve the Intel® AMT legacy provisioning (setup) audit record.static AMTProvision.ProtocolVersion
getProvisioningProtocolVersion()
Returns the current Intel® DAL assisted Intel® AMT provisioning protocol versionstatic int
getProvisioningState()
Retrieve the Intel® AMT provisioning statestatic int
getSecureFqdn(byte[] fqdn)
Returns the current secure FQDN that has been provisioned to Intel® AMT (the provisioning server FQDN).static int
getSecureServerDomainFqdn(byte[] domain)
Returns the current secure domain server FQDN that has been provisioned to Intel® AMT (the provisioning server FQDN).static void
unprovision(byte[] unprovisioningAuditRecord)
Un-provisioning the Intel® AMT on the platform.static void
unprovision(byte[] unprovisioningAuditRecord, byte[] params)
Un-provisioning the Intel® AMT on the platform.
-
-
-
Field Detail
-
CONTROL_MODE_NONE
public static final int CONTROL_MODE_NONE
AMT provision control mode - not provisioned- See Also:
- Constant Field Values
-
CONTROL_MODE_CLIENT
public static final int CONTROL_MODE_CLIENT
Intel® AMT provision control mode - client mode (CCM)- See Also:
- Constant Field Values
-
CONTROL_MODE_ADMIN
public static final int CONTROL_MODE_ADMIN
Intel® AMT provision control mode - admin mode (ACM)- See Also:
- Constant Field Values
-
PROVISIONING_STATE_PRE
public static final int PROVISIONING_STATE_PRE
Intel® AMT provisioning state - not provisioned- See Also:
- Constant Field Values
-
PROVISIONING_STATE_IN
public static final int PROVISIONING_STATE_IN
Intel® AMT provisioning state - in the middle of a provisioning process (to CCM or to ACM)- See Also:
- Constant Field Values
-
PROVISIONING_STATE_POST
public static final int PROVISIONING_STATE_POST
Intel® AMT provisioning state - after a provisioning process- See Also:
- Constant Field Values
-
NETWORK_PASSWORD_LENGTH
public static final int NETWORK_PASSWORD_LENGTH
Intel® AMT password size- See Also:
- Constant Field Values
-
PROVISIONING_AUDIT_RECORD_LENGTH
public static final int PROVISIONING_AUDIT_RECORD_LENGTH
Max Intel® AMT provision audit record length- See Also:
- Constant Field Values
-
UNPROVISIONING_AUDIT_RECORD_LENGTH
public static final int UNPROVISIONING_AUDIT_RECORD_LENGTH
Max Intel® AMT un-provision audit record length- See Also:
- Constant Field Values
-
MAX_SECURE_FQDN_LENGTH
public static final int MAX_SECURE_FQDN_LENGTH
Max secure FQDN length- See Also:
- Constant Field Values
-
MAX_CONFIGURATION_SERVER_FQDN
public static final int MAX_CONFIGURATION_SERVER_FQDN
Max secure server domain FQDN length- See Also:
- Constant Field Values
-
-
Method Detail
-
completeConfigurationToACM
public static void completeConfigurationToACM(int networkAdminPasswordEncryptionType, byte[] networkAdminPassword, byte[] appletProvisioningAuditRecord) throws UtilException
Provision the Intel® AMT on the platform to ACM mode. Moving from CCM to ACM is allowed only if the password matches the password supplied when CCM provisioning was performed.- Parameters:
networkAdminPasswordEncryptionType
- password encryption type NOTE: this parameter value is enforced to be only DIGEST MD5 (i.e. param value = 2)networkAdminPassword
- Network password. password length isNETWORK_PASSWORD_LENGTH
The password should be configured as the following: MD5("admin:<realm>:<password>") NOTE: AMTProvisioning user name is "admin". using other user name will success but authentication to WebUI will fail.appletProvisioningAuditRecord
- Provisioning audit record. record length isPROVISIONING_AUDIT_RECORD_LENGTH
NOTE: this parameter can't be null.- Throws:
IllegalParameterException
- if one or more of the input parameters is illegalUtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported on this platform
-
completeConfigurationToACM
public static void completeConfigurationToACM(int networkAdminPasswordEncryptionType, byte[] networkAdminPassword, byte[] appletProvisioningAuditRecord, byte[] params) throws UtilException
Provision the Intel® AMT on the platform to ACM mode. Moving from CCM to ACM is allowed only if the password matches the password supplied when CCM provision was performed.- Parameters:
networkAdminPasswordEncryptionType
- password encryption type NOTE: this parameter value is enforced to be only DIGEST MD5 (i.e. param value = 2)networkAdminPassword
- Network password. password length isNETWORK_PASSWORD_LENGTH
The password should be configured as the following: MD5(("admin:<realm>:<password>") NOTE: AMTProvisioning user name is "admin". using other user name will success but authentication to WebUi will fail.appletProvisioningAuditRecord
- Provisioning audit record. record length isPROVISIONING_AUDIT_RECORD_LENGTH
NOTE: this parameter can't be null.params
- an opaque context for future extensibility, currently is not used- Throws:
IllegalParameterException
- if one or more of the input parameters is illegalUtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported in this platform
-
unprovision
public static void unprovision(byte[] unprovisioningAuditRecord) throws UtilException
Un-provisioning the Intel® AMT on the platform.- Parameters:
unprovisioningAuditRecord
- the audit data associated with this un-provision operation NOTE: this parameter can't be null.- Throws:
UtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported in this platform
-
unprovision
public static void unprovision(byte[] unprovisioningAuditRecord, byte[] params) throws UtilException
Un-provisioning the Intel® AMT on the platform.- Parameters:
unprovisioningAuditRecord
- the audit data associated with this un-provision operation NOTE: this parameter can't be null.params
- an opaque context for future extensibility, currently is not used- Throws:
UtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported on this platform
-
getProvisioningProtocolVersion
public static AMTProvision.ProtocolVersion getProvisioningProtocolVersion() throws UtilException
Returns the current Intel® DAL assisted Intel® AMT provisioning protocol version- Returns:
- The current Intel® AMT protocol version
- Throws:
UtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported on this platform
-
getControlMode
public static int getControlMode() throws UtilException
Retrieve the Intel® AMT provisioning control mode- Returns:
- Intel® AMT Control mode (one of the CONTROL_MODE_* constants)
- Throws:
UtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported on this platform
-
getProvisioningState
public static int getProvisioningState() throws UtilException
Retrieve the Intel® AMT provisioning state- Returns:
- Intel® AMT provisioning state (one of the PROVISIONING_STATE_* constants)
- Throws:
UtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported on this platform
-
getProvisioningAuditRecord
public static byte[] getProvisioningAuditRecord() throws UtilException
Retrieve the Intel® AMT legacy provisioning (setup) audit record. The last record in the Intel® AMT provisioning (setup) log is retrieved.- Returns:
- Intel® AMT provisioning audit record buffer
- Throws:
UtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported in this platform
-
getAppletProvisioningAuditRecord
public static byte[] getAppletProvisioningAuditRecord() throws UtilException
Retrieve the applet Intel® AMT provisioning (setup) audit record which was provided tocompleteConfigurationToACM()
or tocompleteConfigurationToACM()
- Returns:
- Applet Intel® AMT provisioning audit record buffer
- Throws:
UtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported on this platform
-
getSecureFqdn
public static int getSecureFqdn(byte[] fqdn) throws UtilException
Returns the current secure FQDN that has been provisioned to Intel® AMT (the provisioning server FQDN).- Parameters:
fqdn
- a byte array allocated by user to hold the FQDN data. Max FQDN length isMAX_SECURE_FQDN_LENGTH
- Returns:
- The actual size of the FQDN
- Throws:
IllegalParameterException
- if one or more of the input parameters is illegalUtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported in this platform
-
getSecureServerDomainFqdn
public static int getSecureServerDomainFqdn(byte[] domain) throws UtilException
Returns the current secure domain server FQDN that has been provisioned to Intel® AMT (the provisioning server FQDN).- Parameters:
domain
- a byte array allocated by user to hold the server FQDN data. Max server FQDN length isMAX_CONFIGURATION_SERVER_FQDN
)- Returns:
- The actual size of the domain server FQDN
- Throws:
IllegalParameterException
- if one or more of the input parameters is illegalUtilException
- if any internal error occurredNotSupportedException
- if Intel® AMT is not supported on this platform
-
-