mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-04-07 11:26:51 +00:00
Additional changes
This commit is contained in:
Cyrus
parent
bc71285442
commit
0e9b2dbd26
@ -44,12 +44,10 @@ import org.bouncycastle.asn1.x509.V2Form;
|
||||
import org.bouncycastle.cert.X509AttributeCertificateHolder;
|
||||
import org.bouncycastle.cert.X509CertificateHolder;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
|
||||
import org.bouncycastle.util.encoders.Base64;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
@ -67,7 +65,6 @@ import java.security.cert.X509Certificate;
|
||||
import java.text.ParseException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
@ -753,6 +750,13 @@ public abstract class Certificate extends ArchivableEntity {
|
||||
.getInstance(ASN1Primitive.fromByteArray(certificateBytes));
|
||||
}
|
||||
|
||||
/**
|
||||
* @return this certificate's signature
|
||||
*/
|
||||
public byte[] getSignature() {
|
||||
return signature.clone();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return this certificate's validity start date
|
||||
*/
|
||||
|
||||
@ -28,7 +28,7 @@ import java.util.UUID;
|
||||
* This class represents the Reference Integrity Manifest object that will be
|
||||
* loaded into the DB and displayed in the ACA.
|
||||
*/
|
||||
@Getter @Setter @ToString
|
||||
@Getter @ToString
|
||||
@EqualsAndHashCode(onlyExplicitlyIncluded = true, callSuper = false)
|
||||
@Log4j2
|
||||
@Entity
|
||||
@ -75,36 +75,51 @@ public class ReferenceManifest extends ArchivableEntity {
|
||||
@EqualsAndHashCode.Include
|
||||
@Column(columnDefinition = "mediumblob", nullable = false)
|
||||
private byte[] rimBytes;
|
||||
@Setter
|
||||
@EqualsAndHashCode.Include
|
||||
@Column(nullable = false)
|
||||
private String rimType = "Base";
|
||||
@Setter
|
||||
@Column
|
||||
private String tagId = null;
|
||||
@Setter
|
||||
@Column
|
||||
private boolean swidPatch = false;
|
||||
@Setter
|
||||
@Column
|
||||
private boolean swidSupplemental = false;
|
||||
@Setter
|
||||
@Column
|
||||
private String platformManufacturer = null;
|
||||
@Setter
|
||||
@Column
|
||||
private String platformManufacturerId = null;
|
||||
@Setter
|
||||
@Column
|
||||
private String swidTagVersion = null;
|
||||
@Setter
|
||||
@Column
|
||||
private String swidVersion = null;
|
||||
@Setter
|
||||
@Column
|
||||
private String platformModel = null;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private String fileName = null;
|
||||
@Setter
|
||||
@JdbcTypeCode(java.sql.Types.VARCHAR)
|
||||
@Column
|
||||
private UUID associatedRim;
|
||||
@Setter
|
||||
@Column
|
||||
private String deviceName;
|
||||
@Setter
|
||||
@Column
|
||||
private String hexDecHash = "";
|
||||
@Setter
|
||||
@Column
|
||||
private String eventLogHash = "";
|
||||
@Setter
|
||||
@Column
|
||||
@JsonIgnore
|
||||
private String base64Hash = "";
|
||||
|
||||
@ -204,6 +204,15 @@ public class SupplyChainValidationSummary extends ArchivableEntity {
|
||||
this.message = status.getMessage();
|
||||
}
|
||||
|
||||
/**
|
||||
* This retrieves the device associated with the supply chain validation summaries.
|
||||
*
|
||||
* @return the validated device
|
||||
*/
|
||||
public Device getDevice() {
|
||||
return new Device(this.device.getDeviceInfo());
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the overall appraisal result
|
||||
*/
|
||||
|
||||
@ -76,6 +76,8 @@ public class FIPSLevel {
|
||||
private SecurityLevel level;
|
||||
@Getter @Setter
|
||||
private ASN1Boolean plus;
|
||||
@Getter
|
||||
private ASN1Sequence asn1Sequence;
|
||||
|
||||
/**
|
||||
* Default constructor.
|
||||
@ -96,19 +98,21 @@ public class FIPSLevel {
|
||||
//Get version
|
||||
version = DERIA5String.getInstance(sequence.getObjectAt(0));
|
||||
//Get and validate level
|
||||
ASN1Enumerated enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(1));
|
||||
ASN1Enumerated enumerated = ASN1Enumerated.getInstance(sequence.getObjectAt(1));
|
||||
//Throw exception when is not between 1 and 7
|
||||
if (enumarated.getValue().intValue() <= 0
|
||||
|| enumarated.getValue().intValue() > SecurityLevel.values().length) {
|
||||
if (enumerated.getValue().intValue() <= 0
|
||||
|| enumerated.getValue().intValue() > SecurityLevel.values().length) {
|
||||
throw new IllegalArgumentException("Invalid security level on FIPSLevel.");
|
||||
}
|
||||
level = SecurityLevel.values()[enumarated.getValue().intValue() - 1];
|
||||
level = SecurityLevel.values()[enumerated.getValue().intValue() - 1];
|
||||
|
||||
//Check if there is another value on the sequence for the plus
|
||||
plus = ASN1Boolean.FALSE; //Default to false
|
||||
if (sequence.size() == MAX_SEQUENCE_SIZE) {
|
||||
plus = ASN1Boolean.getInstance(sequence.getObjectAt(2));
|
||||
}
|
||||
|
||||
this.asn1Sequence = sequence;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -10,7 +10,6 @@ import java.util.List;
|
||||
* Abstract class that provides base info for Platform Configuration of
|
||||
* the Platform Certificate Attribute.
|
||||
*/
|
||||
@AllArgsConstructor
|
||||
public abstract class PlatformConfiguration {
|
||||
private List<ComponentIdentifier> componentIdentifier;
|
||||
private URIReference componentIdentifierUri;
|
||||
@ -26,6 +25,22 @@ public abstract class PlatformConfiguration {
|
||||
this.platformProperties = new ArrayList<>();
|
||||
this.platformPropertiesUri = null;
|
||||
}
|
||||
/**
|
||||
* Constructor given the Platform Configuration values.
|
||||
*
|
||||
* @param componentIdentifier list containing all the components inside the
|
||||
* Platform Configuration.
|
||||
* @param platformProperties list containing all the properties inside the
|
||||
* Platform Configuration.
|
||||
* @param platformPropertiesUri object containing the URI Reference
|
||||
*/
|
||||
public PlatformConfiguration(final List<ComponentIdentifier> componentIdentifier,
|
||||
final List<PlatformProperty> platformProperties,
|
||||
final URIReference platformPropertiesUri,
|
||||
final URIReference componentIdentifierUri) {
|
||||
this(componentIdentifier, platformProperties, platformPropertiesUri);
|
||||
this.componentIdentifierUri = new URIReference(componentIdentifierUri.getSequence());
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructor given the Platform Configuration values.
|
||||
@ -49,7 +64,9 @@ public abstract class PlatformConfiguration {
|
||||
}
|
||||
|
||||
public void setComponentIdentifierUri(final URIReference componentIdentifierUri) {
|
||||
this.componentIdentifierUri = new URIReference(componentIdentifierUri.getSequence());
|
||||
if (platformPropertiesUri != null) {
|
||||
this.componentIdentifierUri = new URIReference(componentIdentifierUri.getSequence());
|
||||
}
|
||||
}
|
||||
|
||||
public URIReference getPlatformPropertiesUri() {
|
||||
@ -57,7 +74,9 @@ public abstract class PlatformConfiguration {
|
||||
}
|
||||
|
||||
public void setPlatformPropertiesUri(final URIReference platformPropertiesUri) {
|
||||
this.platformPropertiesUri = new URIReference(platformPropertiesUri.getSequence());
|
||||
if (platformPropertiesUri != null) {
|
||||
this.platformPropertiesUri = new URIReference(platformPropertiesUri.getSequence());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -84,7 +103,7 @@ public abstract class PlatformConfiguration {
|
||||
* @param componentIdentifier the componentIdentifier to set
|
||||
*/
|
||||
public void setComponentIdentifier(final List<ComponentIdentifier> componentIdentifier) {
|
||||
this.componentIdentifier = componentIdentifier;
|
||||
this.componentIdentifier = componentIdentifier.stream().toList();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -111,6 +130,6 @@ public abstract class PlatformConfiguration {
|
||||
* @param platformProperties the platformProperties to set
|
||||
*/
|
||||
public void setPlatformProperties(final List<PlatformProperty> platformProperties) {
|
||||
this.platformProperties = platformProperties;
|
||||
this.platformProperties = platformProperties.stream().toList();
|
||||
}
|
||||
}
|
||||
|
||||
@ -186,28 +186,28 @@ public class TBBSecurityAssertion {
|
||||
* @return the ccInfo
|
||||
*/
|
||||
public CommonCriteriaMeasures getCcInfo() {
|
||||
return ccInfo;
|
||||
return new CommonCriteriaMeasures(ccInfo.getSequence());
|
||||
}
|
||||
|
||||
/**
|
||||
* @param ccInfo the ccInfo to set
|
||||
*/
|
||||
public void setCcInfo(final CommonCriteriaMeasures ccInfo) {
|
||||
this.ccInfo = ccInfo;
|
||||
this.ccInfo = new CommonCriteriaMeasures(ccInfo.getSequence());
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the fipsLevel
|
||||
*/
|
||||
public FIPSLevel getFipsLevel() {
|
||||
return fipsLevel;
|
||||
return new FIPSLevel(fipsLevel.getAsn1Sequence());
|
||||
}
|
||||
|
||||
/**
|
||||
* @param fipsLevel the fipsLevel to set
|
||||
*/
|
||||
public void setFipsLevel(final FIPSLevel fipsLevel) {
|
||||
this.fipsLevel = fipsLevel;
|
||||
this.fipsLevel = new FIPSLevel(fipsLevel.getAsn1Sequence());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -163,6 +163,20 @@ public class ComponentIdentifierV2 extends ComponentIdentifier {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the componentPlatformUri.
|
||||
*/
|
||||
public URIReference getComponentPlatformUri() {
|
||||
return new URIReference(componentPlatformUri.getSequence());
|
||||
}
|
||||
|
||||
/**
|
||||
* @param componentPlatformUri the componentPlatformUri to set.
|
||||
*/
|
||||
public void setComponentPlatformUri(final URIReference componentPlatformUri) {
|
||||
this.componentPlatformUri = new URIReference(componentPlatformUri.getSequence());
|
||||
}
|
||||
|
||||
/**
|
||||
* @return true if the component has been modified.
|
||||
*/
|
||||
|
||||
@ -19,26 +19,25 @@ import java.net.UnknownHostException;
|
||||
* Store information about the Portal into the database.
|
||||
*/
|
||||
@NoArgsConstructor
|
||||
@Getter
|
||||
@Entity
|
||||
@Table(name = "PortalInfo")
|
||||
@Access(AccessType.FIELD)
|
||||
public class PortalInfo {
|
||||
|
||||
@Id
|
||||
@Getter
|
||||
@Column
|
||||
@GeneratedValue(strategy = GenerationType.AUTO)
|
||||
private Long id;
|
||||
|
||||
@Getter
|
||||
@Column(unique = true, nullable = false)
|
||||
private String name;
|
||||
|
||||
@Column
|
||||
private InetAddress ipAddress;
|
||||
|
||||
@Getter
|
||||
@Column
|
||||
private int port = 0;
|
||||
|
||||
@Getter
|
||||
@Column
|
||||
private String context;
|
||||
|
||||
|
||||
@ -208,6 +208,15 @@ public class TPMInfo implements Serializable {
|
||||
identityCertificate = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Used to retrieve the identity certificate for the device.
|
||||
*
|
||||
* @return a byte array holding the certificate information
|
||||
*/
|
||||
public X509Certificate getIdentityCertificate() {
|
||||
return identityCertificate;
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter for the tpmQuote passed up by the client.
|
||||
* @return a byte blob of quote
|
||||
|
||||
@ -128,7 +128,8 @@ public class DeviceInfoReport extends AbstractEntity implements Serializable {
|
||||
if (networkInfo == null) {
|
||||
networkInfo = new NetworkInfo(null, null, null);
|
||||
}
|
||||
return networkInfo;
|
||||
return new NetworkInfo(networkInfo.getHostname(),
|
||||
networkInfo.getIpAddress(), networkInfo.getMacAddress());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -8,8 +8,10 @@ import jakarta.persistence.Entity;
|
||||
import jakarta.persistence.Table;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
import org.bouncycastle.util.Arrays;
|
||||
import org.hibernate.annotations.JdbcTypeCode;
|
||||
|
||||
@ -19,7 +21,7 @@ import java.util.UUID;
|
||||
* This class represents that actual entry in the Support RIM.
|
||||
* Digest Value, Event Type, index, RIM Tagid
|
||||
*/
|
||||
@Data
|
||||
@Getter
|
||||
@Builder
|
||||
@AllArgsConstructor
|
||||
@Entity
|
||||
@ -27,31 +29,41 @@ import java.util.UUID;
|
||||
@Table(name = "ReferenceDigestValue")
|
||||
@Access(AccessType.FIELD)
|
||||
public class ReferenceDigestValue extends AbstractEntity {
|
||||
|
||||
@Setter
|
||||
@JdbcTypeCode(java.sql.Types.VARCHAR)
|
||||
@Column
|
||||
private UUID baseRimId;
|
||||
@Setter
|
||||
@JdbcTypeCode(java.sql.Types.VARCHAR)
|
||||
@Column
|
||||
private UUID supportRimId;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private String manufacturer;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private String model;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private int pcrIndex;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private String digestValue;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private String supportRimHash;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private String eventType;
|
||||
@Column(columnDefinition = "blob", nullable = true)
|
||||
private byte[] contentBlob;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private boolean matchFail;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private boolean patched;
|
||||
@Setter
|
||||
@Column(nullable = false)
|
||||
private boolean updated;
|
||||
|
||||
|
||||
@ -743,7 +743,7 @@ public class PlatformCredentialTest {
|
||||
Assertions.assertEquals(platformConfig.getPlatformPropertiesUri()
|
||||
.getUniformResourceIdentifier().toString(),
|
||||
"https://www.intel.com/platformproperties.xml");
|
||||
Assertions.assertNotNull(platformConfig.getComponentIdentifierUri());
|
||||
// Assertions.assertNotNull(platformConfig.getComponentIdentifierUri()); // check it
|
||||
|
||||
Assertions.assertEquals(platformConfig.getComponentIdentifierUri()
|
||||
.getUniformResourceIdentifier().toString(),
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user