mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-01-03 19:54:14 +00:00
Updated some more code, commiting to merge in updates from main that are
needed for this branch
This commit is contained in:
parent
24d66e864d
commit
04023c5ed2
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager
HIRS_AttestationCAPortal/src/main
java/hirs/attestationca/portal/page
webapp/WEB-INF/jsp
@ -25,6 +25,7 @@ public interface CertificateRepository extends JpaRepository<Certificate, UUID>
|
|||||||
List<Certificate> findByType(String dType);
|
List<Certificate> findByType(String dType);
|
||||||
@Query(value = "SELECT * FROM Certificate where serialNumber = ?1 AND DTYPE = ?2", nativeQuery = true)
|
@Query(value = "SELECT * FROM Certificate where serialNumber = ?1 AND DTYPE = ?2", nativeQuery = true)
|
||||||
Certificate findBySerialNumber(BigInteger serialNumber, String dType);
|
Certificate findBySerialNumber(BigInteger serialNumber, String dType);
|
||||||
|
Certificate findByPlatformSerialAndSerialNumber(String platformSerial, BigInteger serialNumber);
|
||||||
@Query(value = "SELECT * FROM Certificate where platformSerial = ?1 AND DTYPE = 'PlatformCredential'", nativeQuery = true)
|
@Query(value = "SELECT * FROM Certificate where platformSerial = ?1 AND DTYPE = 'PlatformCredential'", nativeQuery = true)
|
||||||
List<PlatformCredential> byBoardSerialNumber(String boardSerialNumber);
|
List<PlatformCredential> byBoardSerialNumber(String boardSerialNumber);
|
||||||
@Query(value = "SELECT * FROM Certificate where holderSerialNumber = ?1 AND DTYPE = 'PlatformCredential'", nativeQuery = true)
|
@Query(value = "SELECT * FROM Certificate where holderSerialNumber = ?1 AND DTYPE = 'PlatformCredential'", nativeQuery = true)
|
||||||
|
@ -13,6 +13,12 @@ public interface ComponentInfoRepository extends JpaRepository<ComponentInfo, UU
|
|||||||
* @return a list of device components
|
* @return a list of device components
|
||||||
*/
|
*/
|
||||||
List<ComponentInfo> findByDeviceName(String deviceName);
|
List<ComponentInfo> findByDeviceName(String deviceName);
|
||||||
|
/**
|
||||||
|
* Query that retrieves device components by device name and order them
|
||||||
|
* @param deviceName string for the host name
|
||||||
|
* @return a list of device components
|
||||||
|
*/
|
||||||
|
List<ComponentInfo> findByDeviceNameOrderByDeviceNameAsc(String deviceName);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Query that retrieves device components by device name and
|
* Query that retrieves device components by device name and
|
||||||
|
@ -2,11 +2,16 @@ package hirs.attestationca.portal.page.controllers;
|
|||||||
|
|
||||||
import hirs.attestationca.persist.entity.manager.CertificateRepository;
|
import hirs.attestationca.persist.entity.manager.CertificateRepository;
|
||||||
import hirs.attestationca.persist.entity.manager.ComponentAttributeRepository;
|
import hirs.attestationca.persist.entity.manager.ComponentAttributeRepository;
|
||||||
|
import hirs.attestationca.persist.entity.manager.ComponentInfoRepository;
|
||||||
import hirs.attestationca.persist.entity.manager.ComponentResultRepository;
|
import hirs.attestationca.persist.entity.manager.ComponentResultRepository;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.ComponentResult;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.attributes.ComponentAttributeResult;
|
||||||
|
import hirs.attestationca.persist.util.PciIds;
|
||||||
import hirs.attestationca.portal.page.Page;
|
import hirs.attestationca.portal.page.Page;
|
||||||
import hirs.attestationca.portal.page.PageController;
|
import hirs.attestationca.portal.page.PageController;
|
||||||
import hirs.attestationca.portal.page.PageMessages;
|
import hirs.attestationca.portal.page.PageMessages;
|
||||||
import hirs.attestationca.portal.page.params.NoPageParams;
|
import hirs.attestationca.portal.page.params.CertificateDetailsPageParams;
|
||||||
import lombok.extern.log4j.Log4j2;
|
import lombok.extern.log4j.Log4j2;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
@ -14,19 +19,31 @@ import org.springframework.ui.Model;
|
|||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.servlet.ModelAndView;
|
import org.springframework.web.servlet.ModelAndView;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.math.BigInteger;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.UUID;
|
||||||
|
|
||||||
@Log4j2
|
@Log4j2
|
||||||
@Controller
|
@Controller
|
||||||
@RequestMapping("/HIRS_AttestationCAPortal/portal/component-validation")
|
@RequestMapping("/HIRS_AttestationCAPortal/portal/component-validation")
|
||||||
public class ComponentComparisonPageController extends PageController<NoPageParams> {
|
public class ComponentComparisonPageController extends PageController<CertificateDetailsPageParams> {
|
||||||
|
|
||||||
private final CertificateRepository certificateRepository;
|
private final CertificateRepository certificateRepository;
|
||||||
private final ComponentResultRepository componentResultRepository;
|
private final ComponentResultRepository componentResultRepository;
|
||||||
|
private final ComponentInfoRepository componentInfoRepository;
|
||||||
private final ComponentAttributeRepository componentAttributeRepository;
|
private final ComponentAttributeRepository componentAttributeRepository;
|
||||||
@Autowired
|
@Autowired
|
||||||
public ComponentComparisonPageController(final CertificateRepository certificateRepository, final ComponentResultRepository componentResultRepository, final ComponentAttributeRepository componentAttributeRepository) {
|
public ComponentComparisonPageController(final CertificateRepository certificateRepository,
|
||||||
|
final ComponentResultRepository componentResultRepository,
|
||||||
|
final ComponentInfoRepository componentInfoRepository,
|
||||||
|
final ComponentAttributeRepository componentAttributeRepository) {
|
||||||
super(Page.COMPONENT_COMPARISON);
|
super(Page.COMPONENT_COMPARISON);
|
||||||
this.certificateRepository = certificateRepository;
|
this.certificateRepository = certificateRepository;
|
||||||
this.componentResultRepository = componentResultRepository;
|
this.componentResultRepository = componentResultRepository;
|
||||||
|
this.componentInfoRepository = componentInfoRepository;
|
||||||
this.componentAttributeRepository = componentAttributeRepository;
|
this.componentAttributeRepository = componentAttributeRepository;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -40,16 +57,98 @@ public class ComponentComparisonPageController extends PageController<NoPagePara
|
|||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
@RequestMapping
|
@RequestMapping
|
||||||
public ModelAndView initPage(final NoPageParams params, final Model model) {
|
public ModelAndView initPage(final CertificateDetailsPageParams params, final Model model) {
|
||||||
// get the basic information to render the page
|
// get the basic information to render the page
|
||||||
ModelAndView mav = getBaseModelAndView();
|
ModelAndView mav = getBaseModelAndView();
|
||||||
PageMessages messages = new PageMessages();
|
PageMessages messages = new PageMessages();
|
||||||
|
// Map with the certificate information
|
||||||
|
HashMap<String, Object> data = new HashMap<>();
|
||||||
|
|
||||||
mav.addObject(MESSAGES_ATTRIBUTE, messages);
|
mav.addObject(MESSAGES_ATTRIBUTE, messages);
|
||||||
mav.addObject(INITIAL_DATA, data);
|
mav.addObject(INITIAL_DATA, data);
|
||||||
|
// Check if parameters were set
|
||||||
|
if (params.getId() == null) {
|
||||||
|
String typeError = "ID was not provided";
|
||||||
|
messages.addError(typeError);
|
||||||
|
log.debug(typeError);
|
||||||
|
mav.addObject(MESSAGES_ATTRIBUTE, messages);
|
||||||
|
} else {
|
||||||
|
try {
|
||||||
|
UUID uuid = UUID.fromString(params.getId());
|
||||||
|
data.putAll(getPlatformComponentInformation(uuid, params.getDeviceName(),
|
||||||
|
certificateRepository, componentResultRepository,
|
||||||
|
componentInfoRepository,
|
||||||
|
componentAttributeRepository));
|
||||||
|
} catch (IllegalArgumentException iaEx) {
|
||||||
|
String uuidError = "Failed to parse ID from: " + params.getId();
|
||||||
|
messages.addError(uuidError);
|
||||||
|
log.error(uuidError, iaEx);
|
||||||
|
} catch (IOException ioEx) {
|
||||||
|
log.error(ioEx);
|
||||||
|
} catch (Exception ex) {
|
||||||
|
log.error(ex);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (data.isEmpty()) {
|
||||||
|
String notFoundMessage = "Unable to find RIM with ID: " + params.getId();
|
||||||
|
messages.addError(notFoundMessage);
|
||||||
|
log.warn(notFoundMessage);
|
||||||
|
mav.addObject(MESSAGES_ATTRIBUTE, messages);
|
||||||
|
} else {
|
||||||
|
mav.addObject(INITIAL_DATA, data);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return mav;
|
return mav;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Compiles and returns Platform Certificate component information.
|
||||||
|
*
|
||||||
|
* @param uuid ID for the certificate.
|
||||||
|
* @param certificateRepository the certificate manager for retrieving certs.
|
||||||
|
* @return a hash map with the endorsement certificate information.
|
||||||
|
* @throws IOException when parsing the certificate
|
||||||
|
* @throws IllegalArgumentException invalid argument on parsing the certificate
|
||||||
|
*/
|
||||||
|
public static HashMap<String, Object> getPlatformComponentInformation(
|
||||||
|
final UUID sessionId, final String deviceName,
|
||||||
|
final CertificateRepository certificateRepository,
|
||||||
|
final ComponentResultRepository componentResultRepository,
|
||||||
|
final ComponentInfoRepository componentInfoRepository,
|
||||||
|
final ComponentAttributeRepository componentAttributeRepository)
|
||||||
|
throws IllegalArgumentException, IOException {
|
||||||
|
HashMap<String, Object> data = new HashMap<>();
|
||||||
|
List<ComponentResult> componentResults = new ArrayList<>();
|
||||||
|
List<ComponentAttributeResult> attributeResults = componentAttributeRepository.findByProvisionSessionId(sessionId);
|
||||||
|
if (!attributeResults.isEmpty()) {
|
||||||
|
List<UUID> tempIdList = new ArrayList<>();
|
||||||
|
attributeResults.stream().forEach((dbObject) -> {
|
||||||
|
if (!tempIdList.contains(dbObject.getComponentId())) {
|
||||||
|
tempIdList.add(dbObject.getComponentId());
|
||||||
|
}
|
||||||
|
});
|
||||||
|
componentResults.addAll(componentResultRepository.findAllById(tempIdList));
|
||||||
|
PlatformCredential platformCredential = certificateRepository.findByPlatformSerialAndSerialNumber(componentResults.get(0).getBoardSerialNumber(), BigInteger.valueOf(Long.parseLong(componentResults.get(0).getCertificateSerialNumber()));
|
||||||
|
|
||||||
|
if (platformCredential != null) {
|
||||||
|
data.put("certificateId", platformCredential.getId());
|
||||||
|
data.put("certificateSerialNumber", platformCredential.getSerialNumber());
|
||||||
|
data.put("platformManufacturer", platformCredential.getManufacturer());
|
||||||
|
data.put("platformModel", platformCredential.getModel());
|
||||||
|
}
|
||||||
|
if (PciIds.DB.isReady()) {
|
||||||
|
componentResults = PciIds.translateResults(componentResults);
|
||||||
|
}
|
||||||
|
data.put("componentResults", componentResults);
|
||||||
|
data.put("componentInfos", componentInfoRepository.findByDeviceNameOrderByDeviceNameAsc(deviceName));
|
||||||
|
} else {
|
||||||
|
String notFoundMessage = "Unable to find Platform Certificate "
|
||||||
|
+ "with ID: " + uuid;
|
||||||
|
log.error(notFoundMessage);
|
||||||
|
}
|
||||||
|
return data;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -18,6 +18,7 @@ public class CertificateDetailsPageParams implements PageParams {
|
|||||||
private String id;
|
private String id;
|
||||||
private String type;
|
private String type;
|
||||||
private String sessionId;
|
private String sessionId;
|
||||||
|
private String deviceName;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor to set ID Certificate Details URL parameters.
|
* Constructor to set ID Certificate Details URL parameters.
|
||||||
@ -35,6 +36,7 @@ public class CertificateDetailsPageParams implements PageParams {
|
|||||||
id = null;
|
id = null;
|
||||||
type = null;
|
type = null;
|
||||||
sessionId = null;
|
sessionId = null;
|
||||||
|
deviceName = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -57,5 +59,4 @@ public class CertificateDetailsPageParams implements PageParams {
|
|||||||
+ "type: " + type
|
+ "type: " + type
|
||||||
+ "}";
|
+ "}";
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -0,0 +1,83 @@
|
|||||||
|
<%@page contentType="text/html" pageEncoding="UTF-8"%>
|
||||||
|
|
||||||
|
<%-- JSP TAGS --%>
|
||||||
|
<%@taglib prefix="c" uri="jakarta.tags.core" %>
|
||||||
|
<%@taglib prefix="spring" uri="http://www.springframework.org/tags"%>
|
||||||
|
<%@taglib prefix="form" uri="http://www.springframework.org/tags/form"%>
|
||||||
|
<%@taglib prefix="fn" uri="jakarta.tags.functions"%>
|
||||||
|
<%@taglib prefix="my" tagdir="/WEB-INF/tags"%>
|
||||||
|
|
||||||
|
<%--CONTENT--%>
|
||||||
|
<my:page>
|
||||||
|
<jsp:attribute name="style">
|
||||||
|
<link type="text/css" rel="stylesheet" href="${common}/certificate_details.css"/>
|
||||||
|
<link type="text/css" rel="stylesheet" href="${common}/rim_details.css"/>
|
||||||
|
</jsp:attribute>
|
||||||
|
<c:if test="${param.sessionId==null}">
|
||||||
|
<c:redirect url = "${portal}/validation-reports"/>
|
||||||
|
</c:if>
|
||||||
|
<jsp:attribute name="pageHeaderTitle">Platform Component Failure Comparison</jsp:attribute>
|
||||||
|
|
||||||
|
<jsp:body>
|
||||||
|
<div id="certificate-details-page" class="container-fluid">
|
||||||
|
<div style="display: inline">
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-1 col-md-offset-1"><span class="colHeader">Support Component Objects</span></div>
|
||||||
|
<div id="measurements" class="col col-md-8">
|
||||||
|
<c:if test="${not empty initialData.hostName}">
|
||||||
|
<div>Device: <span>${initialData.hostName}</span>
|
||||||
|
</div>
|
||||||
|
</c:if>
|
||||||
|
<c:if test="${not empty initialData.certificateId}">
|
||||||
|
<div>Platform Certificate: <span><a href="${portal}/certificate-details?id=${initialData.certificateId}">${initialData.certificateFileName}</a></span>
|
||||||
|
</div>
|
||||||
|
</c:if>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<br />
|
||||||
|
<div class="row" style="margin: auto 260px auto 125px">
|
||||||
|
<div class="panel panel-default" style="flex: 1">
|
||||||
|
<div class="panel-heading">Client Log</div>
|
||||||
|
<c:if test="${not empty initialData.componentResults}">
|
||||||
|
<c:set var="iterator" value="0" scope="page"/>
|
||||||
|
<c:forEach items="${initialData.componentResults}" var="componentResult">
|
||||||
|
<div>
|
||||||
|
<div style="display: flex; background: lightgray;">
|
||||||
|
<div style="display: flex 1; font-weight: bold; margin: auto 1rem auto 1rem">Failed Event Digest:<br />
|
||||||
|
</div>
|
||||||
|
<div style="display: flex 2; margin: 2px auto 2px 25px">
|
||||||
|
<span class="mappedData">PCR Index:</span> ${lEvent.getPcrIndex()}<br />
|
||||||
|
<span class="mappedData">Digest:</span> ${lEvent.getEventDigestStr()}<br />
|
||||||
|
<span class="mappedData">Event Content:</span> ${lEvent.getEventContentStr()}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div style="display: flex;">
|
||||||
|
<div class="mappedButton">
|
||||||
|
Expected Events from RIM DB:<br />
|
||||||
|
<span style="word-wrap: break-word"><a role="button" data-toggle="collapse" href="#eventContent${iterator}">${lEvent.getEventTypeString()}</a></span>
|
||||||
|
</div>
|
||||||
|
<div id="eventContent${iterator}" class="panel-collapse collapse in" style="flex: 2">
|
||||||
|
<c:forEach items="${initialData.eventTypeMap}" var="mappedDigest">
|
||||||
|
<c:if test="${mappedDigest.key == lEvent.getEventDigestStr()}">
|
||||||
|
<c:set var="event" value="${mappedDigest.value}" scope="page"/>
|
||||||
|
<c:forEach items="${mappedDigest.value}" var="event">
|
||||||
|
<div class="mappedOverhead">
|
||||||
|
<div><span class="mappedData">PCR Index:</span> ${event.getPcrIndex()}</div>
|
||||||
|
<div><span class="mappedData">Digest:</span> ${event.getEventDigestStr()}</div>
|
||||||
|
<div><span class="mappedData">Event Content:</span> ${event.getEventContentStr()}</div>
|
||||||
|
</div>
|
||||||
|
</c:forEach>
|
||||||
|
</c:if>
|
||||||
|
</c:forEach>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<c:set var="iterator" value="${iterator+1}" scope="page"/>
|
||||||
|
</c:forEach>
|
||||||
|
</c:if>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</jsp:body>
|
||||||
|
</my:page>
|
Loading…
Reference in New Issue
Block a user