Intel

Developer Zone

AMTProvision

com.intel.util

Class AMTProvision

  • java.lang.Object
    • com.intel.util.AMTProvision


  • public class AMTProvision
    extends java.lang.Object

    This class provides an interface to accomplish provisioning of Intel® AMT in ACM mode. Full provisioning (ACM - Admin Control Mode) can be accomplished from CCM (Client Control Mode - partial provisioning) or from NONE (not provisioned mode). Unprovision (full unprovision) will move the Intel® AMT state to NONE (not provisioned mode).

    The Intel® AMT states are:

    • PRE - not provisioned
    • IN - in the middle of a provisioning process (CCM or ACM)
    • POST - after a provisioning process (CCM or ACM)

    NOTE: It is not allowed to move to ACM while the Intel® AMT state is IN, UtilException.UtilException() will be thrown in this case.

    • Field Detail

      • CONTROL_MODE_NONE

        public static final int CONTROL_MODE_NONE
        AMT provision control mode - not provisioned
        See Also:
        Constant Field Values
      • CONTROL_MODE_CLIENT

        public static final int CONTROL_MODE_CLIENT
        Intel® AMT provision control mode - client mode (CCM)
        See Also:
        Constant Field Values
      • CONTROL_MODE_ADMIN

        public static final int CONTROL_MODE_ADMIN
        Intel® AMT provision control mode - admin mode (ACM)
        See Also:
        Constant Field Values
      • PROVISIONING_STATE_PRE

        public static final int PROVISIONING_STATE_PRE
        Intel® AMT provisioning state - not provisioned
        See Also:
        Constant Field Values
      • PROVISIONING_STATE_IN

        public static final int PROVISIONING_STATE_IN
        Intel® AMT provisioning state - in the middle of a provisioning process (to CCM or to ACM)
        See Also:
        Constant Field Values
      • PROVISIONING_STATE_POST

        public static final int PROVISIONING_STATE_POST
        Intel® AMT provisioning state - after a provisioning process
        See Also:
        Constant Field Values
      • NETWORK_PASSWORD_LENGTH

        public static final int NETWORK_PASSWORD_LENGTH
        Intel® AMT password size
        See Also:
        Constant Field Values
      • PROVISIONING_AUDIT_RECORD_LENGTH

        public static final int PROVISIONING_AUDIT_RECORD_LENGTH
        Max Intel® AMT provision audit record length
        See Also:
        Constant Field Values
      • UNPROVISIONING_AUDIT_RECORD_LENGTH

        public static final int UNPROVISIONING_AUDIT_RECORD_LENGTH
        Max Intel® AMT un-provision audit record length
        See Also:
        Constant Field Values
      • MAX_SECURE_FQDN_LENGTH

        public static final int MAX_SECURE_FQDN_LENGTH
        Max secure FQDN length
        See Also:
        Constant Field Values
      • MAX_CONFIGURATION_SERVER_FQDN

        public static final int MAX_CONFIGURATION_SERVER_FQDN
        Max secure server domain FQDN length
        See Also:
        Constant Field Values
    • Method Detail

      • completeConfigurationToACM

        public static void completeConfigurationToACM(int networkAdminPasswordEncryptionType,
                                      byte[] networkAdminPassword,
                                      byte[] appletProvisioningAuditRecord)
                                               throws UtilException
        Provision the Intel® AMT on the platform to ACM mode. Moving from CCM to ACM is allowed only if the password matches the password supplied when CCM provisioning was performed.
        Parameters:
        networkAdminPasswordEncryptionType - password encryption type NOTE: this parameter value is enforced to be only DIGEST MD5 (i.e. param value = 2)
        networkAdminPassword - Network password. password length is NETWORK_PASSWORD_LENGTH The password should be configured as the following: MD5("admin:<realm>:<password>") NOTE: AMTProvisioning user name is "admin". using other user name will success but authentication to WebUI will fail.
        appletProvisioningAuditRecord - Provisioning audit record. record length is PROVISIONING_AUDIT_RECORD_LENGTH NOTE: this parameter can't be null.
        Throws:
        IllegalParameterException - if one or more of the input parameters is illegal
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported on this platform
      • completeConfigurationToACM

        public static void completeConfigurationToACM(int networkAdminPasswordEncryptionType,
                                      byte[] networkAdminPassword,
                                      byte[] appletProvisioningAuditRecord,
                                      byte[] params)
                                               throws UtilException
        Provision the Intel® AMT on the platform to ACM mode. Moving from CCM to ACM is allowed only if the password matches the password supplied when CCM provision was performed.
        Parameters:
        networkAdminPasswordEncryptionType - password encryption type NOTE: this parameter value is enforced to be only DIGEST MD5 (i.e. param value = 2)
        networkAdminPassword - Network password. password length is NETWORK_PASSWORD_LENGTH The password should be configured as the following: MD5(("admin:<realm>:<password>") NOTE: AMTProvisioning user name is "admin". using other user name will success but authentication to WebUi will fail.
        appletProvisioningAuditRecord - Provisioning audit record. record length is PROVISIONING_AUDIT_RECORD_LENGTH NOTE: this parameter can't be null.
        params - an opaque context for future extensibility, currently is not used
        Throws:
        IllegalParameterException - if one or more of the input parameters is illegal
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported in this platform
      • unprovision

        public static void unprovision(byte[] unprovisioningAuditRecord)
                                throws UtilException
        Un-provisioning the Intel® AMT on the platform.
        Parameters:
        unprovisioningAuditRecord - the audit data associated with this un-provision operation NOTE: this parameter can't be null.
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported in this platform
      • unprovision

        public static void unprovision(byte[] unprovisioningAuditRecord,
                       byte[] params)
                                throws UtilException
        Un-provisioning the Intel® AMT on the platform.
        Parameters:
        unprovisioningAuditRecord - the audit data associated with this un-provision operation NOTE: this parameter can't be null.
        params - an opaque context for future extensibility, currently is not used
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported on this platform
      • getProvisioningProtocolVersion

        public static AMTProvision.ProtocolVersion getProvisioningProtocolVersion()
                                                                           throws UtilException
        Returns the current Intel® DAL assisted Intel® AMT provisioning protocol version
        Returns:
        The current Intel® AMT protocol version
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported on this platform
      • getControlMode

        public static int getControlMode()
                                  throws UtilException
        Retrieve the Intel® AMT provisioning control mode
        Returns:
        Intel® AMT Control mode (one of the CONTROL_MODE_* constants)
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported on this platform
      • getProvisioningState

        public static int getProvisioningState()
                                        throws UtilException
        Retrieve the Intel® AMT provisioning state
        Returns:
        Intel® AMT provisioning state (one of the PROVISIONING_STATE_* constants)
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported on this platform
      • getProvisioningAuditRecord

        public static byte[] getProvisioningAuditRecord()
                                                 throws UtilException
        Retrieve the Intel® AMT legacy provisioning (setup) audit record. The last record in the Intel® AMT provisioning (setup) log is retrieved.
        Returns:
        Intel® AMT provisioning audit record buffer
        Throws:
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported in this platform
      • getSecureFqdn

        public static int getSecureFqdn(byte[] fqdn)
                                 throws UtilException
        Returns the current secure FQDN that has been provisioned to Intel® AMT (the provisioning server FQDN).
        Parameters:
        fqdn - a byte array allocated by user to hold the FQDN data. Max FQDN length is MAX_SECURE_FQDN_LENGTH
        Returns:
        The actual size of the FQDN
        Throws:
        IllegalParameterException - if one or more of the input parameters is illegal
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported in this platform
      • getSecureServerDomainFqdn

        public static int getSecureServerDomainFqdn(byte[] domain)
                                             throws UtilException
        Returns the current secure domain server FQDN that has been provisioned to Intel® AMT (the provisioning server FQDN).
        Parameters:
        domain - a byte array allocated by user to hold the server FQDN data. Max server FQDN length is MAX_CONFIGURATION_SERVER_FQDN)
        Returns:
        The actual size of the domain server FQDN
        Throws:
        IllegalParameterException - if one or more of the input parameters is illegal
        UtilException - if any internal error occurred
        NotSupportedException - if Intel® AMT is not supported on this platform