ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-19 21:17:59 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Undid some code and change the Digest Value class into a table in the database. This code then updates those values when a provision is initiated. At this time, that is all it does.

Browse Source
This commit is contained in:
Cyrus 2021-03-19 11:01:25 -04:00
parent 53cb300063
commit 108748fb2a
12 changed files with 664 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java
View File

@ -9,30 +9,32 @@ import hirs.attestationca.exceptions.UnexpectedServerException;
import hirs.attestationca.service.SupplyChainValidationService; import hirs.attestationca.service.SupplyChainValidationService;
import hirs.data.persist.AppraisalStatus; import hirs.data.persist.AppraisalStatus;
import hirs.data.persist.BaseReferenceManifest; import hirs.data.persist.BaseReferenceManifest;
import hirs.data.persist.EventLogMeasurements;
import hirs.data.persist.Device; import hirs.data.persist.Device;
import hirs.data.persist.DeviceInfoReport; import hirs.data.persist.DeviceInfoReport;
import hirs.data.persist.EventLogMeasurements;
import hirs.data.persist.ReferenceDigestRecord; import hirs.data.persist.ReferenceDigestRecord;
import hirs.data.persist.ReferenceDigestValue;
import hirs.data.persist.ReferenceManifest; import hirs.data.persist.ReferenceManifest;
import hirs.data.persist.SupplyChainPolicy; import hirs.data.persist.SupplyChainPolicy;
import hirs.data.persist.SupplyChainValidationSummary;
import hirs.data.persist.SupportReferenceManifest; import hirs.data.persist.SupportReferenceManifest;
import hirs.data.persist.SwidResource; import hirs.data.persist.SwidResource;
import hirs.data.persist.info.FirmwareInfo;
import hirs.data.persist.info.HardwareInfo;
import hirs.data.persist.info.NetworkInfo;
import hirs.data.persist.info.OSInfo;
import hirs.data.persist.SupplyChainValidationSummary;
import hirs.data.persist.info.TPMInfo;
import hirs.data.persist.certificate.Certificate; import hirs.data.persist.certificate.Certificate;
import hirs.data.persist.certificate.EndorsementCredential; import hirs.data.persist.certificate.EndorsementCredential;
import hirs.data.persist.certificate.IssuedAttestationCertificate; import hirs.data.persist.certificate.IssuedAttestationCertificate;
import hirs.data.persist.certificate.PlatformCredential; import hirs.data.persist.certificate.PlatformCredential;
import hirs.data.persist.info.FirmwareInfo;
import hirs.data.persist.info.HardwareInfo;
import hirs.data.persist.info.NetworkInfo;
import hirs.data.persist.info.OSInfo;
import hirs.data.persist.info.TPMInfo;
import hirs.data.service.DeviceRegister; import hirs.data.service.DeviceRegister;
import hirs.persist.CertificateManager; import hirs.persist.CertificateManager;
import hirs.persist.ReferenceDigestManager;
import hirs.persist.ReferenceManifestManager;
import hirs.persist.DBManager; import hirs.persist.DBManager;
import hirs.persist.DeviceManager; import hirs.persist.DeviceManager;
import hirs.persist.ReferenceDigestManager;
import hirs.persist.ReferenceEventManager;
import hirs.persist.ReferenceManifestManager;
import hirs.persist.TPM2ProvisionerState; import hirs.persist.TPM2ProvisionerState;
import hirs.structs.converters.SimpleStructBuilder; import hirs.structs.converters.SimpleStructBuilder;
import hirs.structs.converters.StructConverter; import hirs.structs.converters.StructConverter;
@ -44,6 +46,8 @@ import hirs.structs.elements.tpm.IdentityProof;
import hirs.structs.elements.tpm.IdentityRequest; import hirs.structs.elements.tpm.IdentityRequest;
import hirs.structs.elements.tpm.SymmetricKey; import hirs.structs.elements.tpm.SymmetricKey;
import hirs.structs.elements.tpm.SymmetricKeyParams; import hirs.structs.elements.tpm.SymmetricKeyParams;
import hirs.tpm.eventlog.TCGEventLog;
import hirs.tpm.eventlog.TpmPcrEvent;
import hirs.utils.HexUtils; import hirs.utils.HexUtils;
import org.apache.commons.codec.binary.Hex; import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.ArrayUtils;
@ -172,6 +176,7 @@ public abstract class AbstractAttestationCertificateAuthority
private final DeviceManager deviceManager; private final DeviceManager deviceManager;
private final DBManager<TPM2ProvisionerState> tpm2ProvisionerStateDBManager; private final DBManager<TPM2ProvisionerState> tpm2ProvisionerStateDBManager;
private final ReferenceDigestManager referenceDigestManager; private final ReferenceDigestManager referenceDigestManager;
private final ReferenceEventManager referenceEventManager;
private String tpmQuoteHash = ""; private String tpmQuoteHash = "";
private String tpmQuoteSignature = ""; private String tpmQuoteSignature = "";
private String pcrValues; private String pcrValues;
@ -189,6 +194,7 @@ public abstract class AbstractAttestationCertificateAuthority
* @param deviceManager the device manager * @param deviceManager the device manager
* @param tpm2ProvisionerStateDBManager the DBManager for persisting provisioner state * @param tpm2ProvisionerStateDBManager the DBManager for persisting provisioner state
* @param referenceDigestManager the reference digest manager * @param referenceDigestManager the reference digest manager
* @param referenceEventManager the reference event manager
*/ */
@SuppressWarnings("checkstyle:parameternumber") @SuppressWarnings("checkstyle:parameternumber")
public AbstractAttestationCertificateAuthority( public AbstractAttestationCertificateAuthority(
@ -200,7 +206,8 @@ public abstract class AbstractAttestationCertificateAuthority
final DeviceRegister deviceRegister, final int validDays, final DeviceRegister deviceRegister, final int validDays,
final DeviceManager deviceManager, final DeviceManager deviceManager,
final DBManager<TPM2ProvisionerState> tpm2ProvisionerStateDBManager, final DBManager<TPM2ProvisionerState> tpm2ProvisionerStateDBManager,
final ReferenceDigestManager referenceDigestManager) { final ReferenceDigestManager referenceDigestManager,
final ReferenceEventManager referenceEventManager) {
this.supplyChainValidationService = supplyChainValidationService; this.supplyChainValidationService = supplyChainValidationService;
this.privateKey = privateKey; this.privateKey = privateKey;
this.acaCertificate = acaCertificate; this.acaCertificate = acaCertificate;
@ -212,6 +219,7 @@ public abstract class AbstractAttestationCertificateAuthority
this.deviceManager = deviceManager; this.deviceManager = deviceManager;
this.tpm2ProvisionerStateDBManager = tpm2ProvisionerStateDBManager; this.tpm2ProvisionerStateDBManager = tpm2ProvisionerStateDBManager;
this.referenceDigestManager = referenceDigestManager; this.referenceDigestManager = referenceDigestManager;
this.referenceEventManager = referenceEventManager;
} }
/** /**
@ -848,14 +856,33 @@ public abstract class AbstractAttestationCertificateAuthority
this.referenceManifestManager.update(support); this.referenceManifestManager.update(support);
} }
// this is where we update or create the log ReferenceDigestRecord dbObj = new ReferenceDigestRecord(support,
ReferenceDigestRecord rdr = new ReferenceDigestRecord(support,
hw.getManufacturer(), hw.getProductName()); hw.getManufacturer(), hw.getProductName());
// this is where we update or create the log
ReferenceDigestRecord rdr = this.referenceDigestManager.getRecord(dbObj);
// Handle baseline digest records
// is there already a baseline?
if (rdr == null) {
// doesn't exist, store
rdr = referenceDigestManager.saveRecord(dbObj);
} // right now this will not deal with updating
referenceDigestManager.saveRecord(rdr); if (this.referenceEventManager.getValuesByRecordId(rdr).isEmpty()) {
try {
TCGEventLog logProcessor = new TCGEventLog(support.getRimBytes());
ReferenceDigestValue rdv;
for (TpmPcrEvent tpe : logProcessor.getEventList()) {
rdv = new ReferenceDigestValue(rdr.getId(), tpe.getEventNumber(),
tpe.getEventDigestStr(), tpe.getEventTypeStr(), false);
this.referenceEventManager.saveValue(rdv);
}
} catch (CertificateException cEx) {
LOG.error(cEx);
} catch (NoSuchAlgorithmException noSaEx) {
LOG.error(noSaEx);
}
}
} catch (IOException ioEx) { } catch (IOException ioEx) {
LOG.error(ioEx); LOG.error(ioEx);
} }

32
HIRS_AttestationCA/src/main/java/hirs/attestationca/configuration/AttestationCertificateAuthorityConfiguration.java
View File

@ -1,7 +1,19 @@
package hirs.attestationca.configuration; package hirs.attestationca.configuration;
import hirs.persist.DBDeviceGroupManager;
import hirs.persist.DBDeviceManager;
import hirs.persist.DBReferenceDigestManager; import hirs.persist.DBReferenceDigestManager;
import hirs.persist.DBReferenceEventManager;
import hirs.persist.DBReferenceManifestManager;
import hirs.persist.DeviceGroupManager;
import hirs.persist.DeviceManager;
import hirs.persist.HibernateConfiguration;
import hirs.persist.ReferenceDigestManager; import hirs.persist.ReferenceDigestManager;
import hirs.persist.ReferenceEventManager;
import hirs.persist.ReferenceManifestManager;
import hirs.structs.converters.SimpleStructConverter;
import hirs.structs.converters.StructConverter;
import hirs.utils.LogConfigurationUtil;
import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.bouncycastle.jce.provider.BouncyCastleProvider;
@ -33,16 +45,6 @@ import java.security.KeyStoreException;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.Security; import java.security.Security;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import hirs.persist.DBDeviceGroupManager;
import hirs.persist.DBDeviceManager;
import hirs.persist.DeviceGroupManager;
import hirs.persist.DeviceManager;
import hirs.persist.ReferenceManifestManager;
import hirs.persist.DBReferenceManifestManager;
import hirs.persist.HibernateConfiguration;
import hirs.structs.converters.SimpleStructConverter;
import hirs.structs.converters.StructConverter;
import hirs.utils.LogConfigurationUtil;
/** /**
* Provides application context configuration for the Attestation Certificate * Provides application context configuration for the Attestation Certificate
@ -264,6 +266,16 @@ public class AttestationCertificateAuthorityConfiguration extends WebMvcConfigur
return new DBReferenceDigestManager(sessionFactory.getObject()); return new DBReferenceDigestManager(sessionFactory.getObject());
} }
/**
* Creates a {@link ReferenceEventManager} ready to use.
*
* @return {@link ReferenceEventManager}
*/
@Bean
public ReferenceEventManager referenceEventManager() {
return new DBReferenceEventManager(sessionFactory.getObject());
}
@Override @Override
public void addResourceHandlers(final ResourceHandlerRegistry resourceHandlerRegistry) { public void addResourceHandlers(final ResourceHandlerRegistry resourceHandlerRegistry) {
resourceHandlerRegistry.addResourceHandler("/client-files/**") resourceHandlerRegistry.addResourceHandler("/client-files/**")

19
HIRS_AttestationCA/src/main/java/hirs/attestationca/rest/RestfulAttestationCertificateAuthority.java
View File

@ -1,8 +1,16 @@
package hirs.attestationca.rest; package hirs.attestationca.rest;
import hirs.attestationca.AbstractAttestationCertificateAuthority;
import hirs.attestationca.service.SupplyChainValidationService;
import hirs.data.service.DeviceRegister;
import hirs.persist.CertificateManager;
import hirs.persist.DBManager; import hirs.persist.DBManager;
import hirs.persist.DeviceManager;
import hirs.persist.ReferenceDigestManager; import hirs.persist.ReferenceDigestManager;
import hirs.persist.ReferenceEventManager;
import hirs.persist.ReferenceManifestManager;
import hirs.persist.TPM2ProvisionerState; import hirs.persist.TPM2ProvisionerState;
import hirs.structs.converters.StructConverter;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
@ -14,13 +22,6 @@ import org.springframework.web.bind.annotation.RestController;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import hirs.attestationca.AbstractAttestationCertificateAuthority;
import hirs.attestationca.service.SupplyChainValidationService;
import hirs.data.service.DeviceRegister;
import hirs.persist.CertificateManager;
import hirs.persist.ReferenceManifestManager;
import hirs.persist.DeviceManager;
import hirs.structs.converters.StructConverter;
/** /**
* Restful implementation of the {@link hirs.attestationca.AttestationCertificateAuthority}. * Restful implementation of the {@link hirs.attestationca.AttestationCertificateAuthority}.
@ -44,6 +45,7 @@ public class RestfulAttestationCertificateAuthority
* @param deviceManager the device manager * @param deviceManager the device manager
* @param tpm2ProvisionerStateDBManager the DBManager for persisting provisioner state * @param tpm2ProvisionerStateDBManager the DBManager for persisting provisioner state
* @param referenceDigestManager the reference digest manager * @param referenceDigestManager the reference digest manager
* @param referenceEventManager the reference event manager
*/ */
@SuppressWarnings({ "checkstyle:parameternumber" }) @SuppressWarnings({ "checkstyle:parameternumber" })
@Autowired @Autowired
@ -57,11 +59,12 @@ public class RestfulAttestationCertificateAuthority
final DeviceManager deviceManager, final DeviceManager deviceManager,
final DBManager<TPM2ProvisionerState> tpm2ProvisionerStateDBManager, final DBManager<TPM2ProvisionerState> tpm2ProvisionerStateDBManager,
final ReferenceDigestManager referenceDigestManager, final ReferenceDigestManager referenceDigestManager,
final ReferenceEventManager referenceEventManager,
@Value("${aca.certificates.validity}") final int validDays) { @Value("${aca.certificates.validity}") final int validDays) {
super(supplyChainValidationService, privateKey, acaCertificate, structConverter, super(supplyChainValidationService, privateKey, acaCertificate, structConverter,
certificateManager, referenceManifestManager, certificateManager, referenceManifestManager,
deviceRegister, validDays, deviceManager, deviceRegister, validDays, deviceManager,
tpm2ProvisionerStateDBManager, referenceDigestManager); tpm2ProvisionerStateDBManager, referenceDigestManager, referenceEventManager);
} }
/* /*

25
HIRS_AttestationCA/src/test/java/hirs/attestationca/AbstractAttestationCertificateAuthorityTest.java
View File

@ -2,6 +2,17 @@ package hirs.attestationca;
import com.google.protobuf.ByteString; import com.google.protobuf.ByteString;
import hirs.data.persist.certificate.PlatformCredential; import hirs.data.persist.certificate.PlatformCredential;
import hirs.structs.converters.StructConverter;
import hirs.structs.elements.aca.SymmetricAttestation;
import hirs.structs.elements.tpm.AsymmetricKeyParams;
import hirs.structs.elements.tpm.AsymmetricPublicKey;
import hirs.structs.elements.tpm.EncryptionScheme;
import hirs.structs.elements.tpm.IdentityProof;
import hirs.structs.elements.tpm.IdentityRequest;
import hirs.structs.elements.tpm.StorePubKey;
import hirs.structs.elements.tpm.SymmetricKey;
import hirs.structs.elements.tpm.SymmetricKeyParams;
import hirs.structs.elements.tpm.SymmetricSubParams;
import hirs.utils.HexUtils; import hirs.utils.HexUtils;
import org.apache.commons.codec.binary.Hex; import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.ArrayUtils;
@ -42,18 +53,6 @@ import java.security.spec.MGF1ParameterSpec;
import java.util.Calendar; import java.util.Calendar;
import java.util.HashSet; import java.util.HashSet;
import hirs.structs.converters.StructConverter;
import hirs.structs.elements.aca.SymmetricAttestation;
import hirs.structs.elements.tpm.AsymmetricKeyParams;
import hirs.structs.elements.tpm.AsymmetricPublicKey;
import hirs.structs.elements.tpm.EncryptionScheme;
import hirs.structs.elements.tpm.IdentityProof;
import hirs.structs.elements.tpm.IdentityRequest;
import hirs.structs.elements.tpm.StorePubKey;
import hirs.structs.elements.tpm.SymmetricKey;
import hirs.structs.elements.tpm.SymmetricKeyParams;
import hirs.structs.elements.tpm.SymmetricSubParams;
import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.times; import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verify;
@ -133,7 +132,7 @@ public class AbstractAttestationCertificateAuthorityTest {
public void setup() { public void setup() {
aca = new AbstractAttestationCertificateAuthority(null, keyPair.getPrivate(), aca = new AbstractAttestationCertificateAuthority(null, keyPair.getPrivate(),
null, null, null, null, null, 1, null, null, null, null, null, 1,
null, null, null) { null, null, null, null) {
}; };
} }

15
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/persistence/PersistenceConfiguration.java
View File

@ -5,12 +5,13 @@ import hirs.persist.AppraiserManager;
import hirs.persist.CrudManager; import hirs.persist.CrudManager;
import hirs.persist.DBAppraiserManager; import hirs.persist.DBAppraiserManager;
import hirs.persist.DBCertificateManager; import hirs.persist.DBCertificateManager;
import hirs.persist.DBReferenceDigestManager;
import hirs.persist.DBReferenceManifestManager;
import hirs.persist.DBDeviceGroupManager; import hirs.persist.DBDeviceGroupManager;
import hirs.persist.DBDeviceManager; import hirs.persist.DBDeviceManager;
import hirs.persist.DBManager; import hirs.persist.DBManager;
import hirs.persist.DBPolicyManager; import hirs.persist.DBPolicyManager;
import hirs.persist.DBReferenceDigestManager;
import hirs.persist.DBReferenceEventManager;
import hirs.persist.DBReferenceManifestManager;
import hirs.persist.DeviceGroupManager; import hirs.persist.DeviceGroupManager;
import hirs.persist.DeviceManager; import hirs.persist.DeviceManager;
import hirs.persist.HibernateConfiguration; import hirs.persist.HibernateConfiguration;
@ -82,6 +83,16 @@ public class PersistenceConfiguration {
return new DBReferenceDigestManager(sessionFactory.getObject()); return new DBReferenceDigestManager(sessionFactory.getObject());
} }
/**
* Creates a {@link DBReferenceEventManager} ready to use.
*
* @return {@link DBReferenceEventManager}
*/
@Bean
public DBReferenceEventManager referenceEventManager() {
return new DBReferenceEventManager(sessionFactory.getObject());
}
/** /**
* Creates a {@link AppraiserManager} ready to use. * Creates a {@link AppraiserManager} ready to use.
* *

17
HIRS_Utils/src/main/java/hirs/data/persist/ReferenceDigestRecord.java
View File

@ -1,6 +1,9 @@
package hirs.data.persist; package hirs.data.persist;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.util.Arrays; import org.bouncycastle.util.Arrays;
import org.hibernate.annotations.Type;
import javax.persistence.Column; import javax.persistence.Column;
import javax.persistence.Entity; import javax.persistence.Entity;
@ -10,12 +13,15 @@ import java.util.UUID;
/** /**
* This class will represent an entry a table that'll be associated * This class will represent an entry a table that'll be associated
* with the manufacturer and model with all digest values, * with the manufacturer and model with all digest values,
* Event Type, index, RIM Tagid. * Event Type, index, RIM TagId.
*/ */
@Entity @Entity
@Table(name = "ReferenceDigestRecord") @Table(name = "ReferenceDigestRecord")
public class ReferenceDigestRecord extends ArchivableEntity { public class ReferenceDigestRecord extends ArchivableEntity {
private static final Logger LOGGER = LogManager.getLogger(ReferenceDigestRecord.class);
@Type(type = "uuid-char")
@Column @Column
private UUID supportRim; private UUID supportRim;
@Column(nullable = false) @Column(nullable = false)
@ -24,20 +30,16 @@ public class ReferenceDigestRecord extends ArchivableEntity {
private String model; private String model;
@Column(columnDefinition = "blob", nullable = true) @Column(columnDefinition = "blob", nullable = true)
private byte[] valueBlob; private byte[] valueBlob;
@Column
private boolean supportLoaded;
/** /**
* Default Constructor. * Default Constructor.
*/ */
protected ReferenceDigestRecord() { protected ReferenceDigestRecord() {
super(); super();
// I wonder if this will throw and error
this.supportRim = UUID.randomUUID(); this.supportRim = UUID.randomUUID();
this.manufacturer = ""; this.manufacturer = "";
this.model = ""; this.model = "";
this.valueBlob = null; this.valueBlob = null;
this.supportLoaded = false;
} }
/** /**
@ -60,7 +62,7 @@ public class ReferenceDigestRecord extends ArchivableEntity {
} }
/** /**
* Default constructor with parameters specitic to a RIM object. * Default constructor with parameters specific to a RIM object.
* @param referenceManifest rim object to use. * @param referenceManifest rim object to use.
* @param manufacturer device manufacturer * @param manufacturer device manufacturer
* @param model device model * @param model device model
@ -71,7 +73,6 @@ public class ReferenceDigestRecord extends ArchivableEntity {
super(); super();
if (referenceManifest instanceof SupportReferenceManifest) { if (referenceManifest instanceof SupportReferenceManifest) {
this.supportRim = referenceManifest.getId(); this.supportRim = referenceManifest.getId();
this.supportLoaded = true;
SupportReferenceManifest srm = (SupportReferenceManifest) referenceManifest; SupportReferenceManifest srm = (SupportReferenceManifest) referenceManifest;
this.valueBlob = Arrays.clone(srm.getRimBytes()); this.valueBlob = Arrays.clone(srm.getRimBytes());
} else if (referenceManifest != null) { } else if (referenceManifest != null) {
@ -157,7 +158,7 @@ public class ReferenceDigestRecord extends ArchivableEntity {
*/ */
@Override @Override
public String toString() { public String toString() {
return String.format("%s%n%s -> %s", return String.format("ReferenceDigestRecord: %s%n%s -> %s",
super.toString(), this.manufacturer, this.model); super.toString(), this.manufacturer, this.model);
} }
} }

152
HIRS_Utils/src/main/java/hirs/data/persist/ReferenceDigestValue.java
View File

@ -1,61 +1,141 @@
package hirs.data.persist; package hirs.data.persist;
import java.util.Arrays; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.hibernate.annotations.Type;
import javax.persistence.Column;
import javax.persistence.Entity;
import java.util.Objects; import java.util.Objects;
import java.util.UUID;
/** /**
* This class represents that actual entry in the Support RIM. * This class represents that actual entry in the Support RIM.
* Digest Value, Event Type, index, RIM Tagid * Digest Value, Event Type, index, RIM Tagid
*/ */
public class ReferenceDigestValue { @Entity
public class ReferenceDigestValue extends AbstractEntity {
private static final Logger LOGGER = LogManager.getLogger(ReferenceDigestValue.class);
@Type(type = "uuid-char")
@Column
private UUID digestRecordId;
@Column(nullable = false)
private int eventNumber; private int eventNumber;
@Column(nullable = false)
private String digestValue; private String digestValue;
@Column(nullable = false)
private String eventType; private String eventType;
private String tagId; @Column(nullable = false)
private boolean matchFail; private boolean matchFail;
private byte[] chunk;
/** /**
* Default Constructor. * Default Constructor.
*/ */
public ReferenceDigestValue() { public ReferenceDigestValue() {
super();
} this.digestRecordId = UUID.randomUUID();
this.eventNumber = -1;
/** this.digestValue = "";
* Maybe add the match fail status to the device object: eventNumber, digest value this.eventType = "";
*/
/**
* Default Constructor with a parameter for the data.
* @param data event data
*/
public ReferenceDigestValue(final byte[] data) {
this.chunk = data.clone();
int i = 0;
this.eventNumber = data[i];
// look to using the Digest class
this.digestValue = String.valueOf(data[++i]);
this.eventType = String.valueOf(data[++i]);
this.tagId = String.valueOf(data[++i]);
this.matchFail = false; this.matchFail = false;
} }
/** /**
* Default Constructor with parameters for all associated data. * Default Constructor with parameters for all associated data.
* @param digestRecordId the UUID of the associated record
* @param eventNumber the event number * @param eventNumber the event number
* @param digestValue the key digest value * @param digestValue the key digest value
* @param eventType the event type * @param eventType the event type to store
* @param tagId the tag id
* @param matchFail the status of the baseline check * @param matchFail the status of the baseline check
*/ */
public ReferenceDigestValue(final int eventNumber, final String digestValue, public ReferenceDigestValue(final UUID digestRecordId, final int eventNumber,
final String eventType, final String tagId, final boolean matchFail) { final String digestValue, final String eventType,
final boolean matchFail) {
this.digestRecordId = digestRecordId;
this.eventNumber = eventNumber; this.eventNumber = eventNumber;
this.digestValue = digestValue; this.digestValue = digestValue;
this.eventType = eventType; this.eventType = eventType;
this.tagId = tagId; this.matchFail = matchFail;
}
/**
* Getter for the digest record UUID.
* @return the string of the UUID
*/
public UUID getDigestRecordId() {
return digestRecordId;
}
/**
* Setter for the digest record UUID.
* @param digestRecordId the value to store
*/
public void setDigestRecordId(final UUID digestRecordId) {
this.digestRecordId = digestRecordId;
}
/**
* Getter for the event number.
* @return the stored value
*/
public int getEventNumber() {
return eventNumber;
}
/**
* Setter for the event number.
* @param eventNumber the value to store
*/
public void setEventNumber(final int eventNumber) {
this.eventNumber = eventNumber;
}
/**
* Getter for the digest value.
* @return the stored value
*/
public String getDigestValue() {
return digestValue;
}
/**
* Setter for the digest value.
* @param digestValue the value to store
*/
public void setDigestValue(final String digestValue) {
this.digestValue = digestValue;
}
/**
* Getter for the event type value.
* @return the stored value
*/
public String getEventType() {
return eventType;
}
/**
* Setter for the event type.
* @param eventType the value to store
*/
public void setEventType(final String eventType) {
this.eventType = eventType;
}
/**
* Getter for the status of the match fail.
* @return the value of the status
*/
public boolean isMatchFail() {
return matchFail;
}
/**
* Setter for the status of a match fail.
* @param matchFail the value to store
*/
public void setMatchFail(final boolean matchFail) {
this.matchFail = matchFail; this.matchFail = matchFail;
} }
@ -70,15 +150,21 @@ public class ReferenceDigestValue {
ReferenceDigestValue that = (ReferenceDigestValue) obj; ReferenceDigestValue that = (ReferenceDigestValue) obj;
return eventNumber == that.eventNumber && matchFail == that.matchFail return eventNumber == that.eventNumber && matchFail == that.matchFail
&& Objects.equals(digestValue, that.digestValue) && Objects.equals(digestValue, that.digestValue)
&& Objects.equals(eventType, that.eventType) && Objects.equals(digestRecordId, that.digestRecordId)
&& Objects.equals(tagId, that.tagId) && Arrays.equals(chunk, that.chunk); && Objects.equals(eventType, that.eventType);
} }
@Override @Override
@SuppressWarnings("MagicNumber")
public int hashCode() { public int hashCode() {
int result = Objects.hash(eventNumber, digestValue, eventType, tagId, matchFail); int result = Objects.hash(eventNumber, digestValue, digestRecordId, eventType, matchFail);
result = 31 * result + Arrays.hashCode(chunk);
return result; return result;
} }
/**
* Returns a string of the classes fields.
* @return a string
*/
public String toString() {
return String.format("ReferenceDigestValue: {%d, %b}", eventNumber, matchFail);
}
} }

156
HIRS_Utils/src/main/java/hirs/persist/DBReferenceDigestManager.java
View File

@ -3,9 +3,14 @@ package hirs.persist;
import hirs.data.persist.ReferenceDigestRecord; import hirs.data.persist.ReferenceDigestRecord;
import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
import org.hibernate.Session;
import org.hibernate.SessionFactory; import org.hibernate.SessionFactory;
import org.hibernate.Transaction;
import org.hibernate.criterion.Restrictions;
import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.UUID;
/** /**
* This class is used to persist and retrieve {@link hirs.data.persist.ReferenceDigestRecord}s into * This class is used to persist and retrieve {@link hirs.data.persist.ReferenceDigestRecord}s into
@ -27,7 +32,7 @@ public class DBReferenceDigestManager extends DBManager<ReferenceDigestRecord>
@Override @Override
public ReferenceDigestRecord saveRecord(final ReferenceDigestRecord referenceDigestRecord) { public ReferenceDigestRecord saveRecord(final ReferenceDigestRecord referenceDigestRecord) {
LOGGER.debug("saving state: {}", referenceDigestRecord); LOGGER.debug("saving digest record: {}", referenceDigestRecord);
try { try {
return save(referenceDigestRecord); return save(referenceDigestRecord);
} catch (DBManagerException dbMEx) { } catch (DBManagerException dbMEx) {
@ -40,9 +45,100 @@ public class DBReferenceDigestManager extends DBManager<ReferenceDigestRecord>
LOGGER.debug("Getting record for {}", referenceDigestRecord); LOGGER.debug("Getting record for {}", referenceDigestRecord);
if (referenceDigestRecord == null) { if (referenceDigestRecord == null) {
LOGGER.error("null referenceDigestRecord argument"); LOGGER.error("null referenceDigestRecord argument");
throw new NullPointerException("null referenceDigestRecord"); return null;
} }
return null;
if (referenceDigestRecord.getManufacturer() == null
|| referenceDigestRecord.getModel() == null) {
LOGGER.error("No reference to get record from db {}", referenceDigestRecord);
return null;
}
ReferenceDigestRecord dbRecord = null;
Transaction tx = null;
Session session = getFactory().getCurrentSession();
try {
LOGGER.debug("retrieving referenceDigestRecord from db");
tx = session.beginTransaction();
dbRecord = (ReferenceDigestRecord) session.createCriteria(ReferenceDigestRecord.class)
.add(Restrictions.eq("manufacturer",
referenceDigestRecord.getManufacturer())).add(Restrictions.eq("model",
referenceDigestRecord.getModel())).uniqueResult();
tx.commit();
} catch (Exception ex) {
final String msg = "unable to retrieve object";
LOGGER.error(msg, ex);
if (tx != null) {
LOGGER.debug("rolling back transaction");
tx.rollback();
}
throw new DBManagerException(msg, ex);
}
return dbRecord;
}
@Override
public ReferenceDigestRecord getRecordById(final ReferenceDigestRecord referenceDigestRecord) {
LOGGER.debug("Getting record for {}", referenceDigestRecord);
if (referenceDigestRecord == null) {
LOGGER.error("null referenceDigestRecord argument");
return null;
}
if (referenceDigestRecord.getId() == null) {
LOGGER.error("No id to get record from db {}", referenceDigestRecord);
return null;
}
ReferenceDigestRecord dbRecord;
Transaction tx = null;
Session session = getFactory().getCurrentSession();
try {
LOGGER.debug("retrieving referenceDigestRecord from db");
tx = session.beginTransaction();
dbRecord = (ReferenceDigestRecord) session.createCriteria(ReferenceDigestRecord.class)
.add(Restrictions.eq("id",
referenceDigestRecord.getId())).uniqueResult();
tx.commit();
} catch (Exception ex) {
final String msg = "unable to retrieve object";
LOGGER.error(msg, ex);
if (tx != null) {
LOGGER.debug("rolling back transaction");
tx.rollback();
}
throw new DBManagerException(msg, ex);
}
return dbRecord;
}
@Override
public ReferenceDigestRecord getRecordBySupportId(final UUID supportId) {
LOGGER.debug("Getting record for {}", supportId);
if (supportId == null) {
LOGGER.error("null supportId argument");
return null;
}
ReferenceDigestRecord dbRecord;
Transaction tx = null;
Session session = getFactory().getCurrentSession();
try {
LOGGER.debug("retrieving referenceDigestRecord from db");
tx = session.beginTransaction();
dbRecord = (ReferenceDigestRecord) session.createCriteria(ReferenceDigestRecord.class)
.add(Restrictions.eq("supportRim", supportId)).uniqueResult();
tx.commit();
} catch (Exception ex) {
final String msg = "unable to retrieve object";
LOGGER.error(msg, ex);
if (tx != null) {
LOGGER.debug("rolling back transaction");
tx.rollback();
}
throw new DBManagerException(msg, ex);
}
return dbRecord;
} }
@Override @Override
@ -53,7 +149,24 @@ public class DBReferenceDigestManager extends DBManager<ReferenceDigestRecord>
LOGGER.error("null referenceDigestRecord argument"); LOGGER.error("null referenceDigestRecord argument");
throw new NullPointerException("null referenceDigestRecord"); throw new NullPointerException("null referenceDigestRecord");
} }
return null; if (referenceDigestRecord.getManufacturer() == null) {
LOGGER.error("null referenceDigestRecord manufacturer argument");
throw new NullPointerException("null referenceDigestRecord manufacturer");
}
List<ReferenceDigestRecord> dbRecords = new ArrayList<>();
String manufacturer = referenceDigestRecord.getManufacturer();
try {
List<ReferenceDigestRecord> dbTempList = super.getList(ReferenceDigestRecord.class);
for (ReferenceDigestRecord rdr : dbTempList) {
if (rdr.getManufacturer().equals(manufacturer)) {
dbRecords.add(rdr);
}
}
} catch (DBManagerException dbMEx) {
throw new RuntimeException(dbMEx);
}
return dbRecords;
} }
@Override @Override
@ -64,12 +177,33 @@ public class DBReferenceDigestManager extends DBManager<ReferenceDigestRecord>
LOGGER.error("null referenceDigestRecord argument"); LOGGER.error("null referenceDigestRecord argument");
throw new NullPointerException("null referenceDigestRecord"); throw new NullPointerException("null referenceDigestRecord");
} }
return null; if (referenceDigestRecord.getModel() == null) {
LOGGER.error("null referenceDigestRecord model argument");
throw new NullPointerException("null referenceDigestRecord model");
}
List<ReferenceDigestRecord> dbRecords = new ArrayList<>();
String model = referenceDigestRecord.getModel();
try {
List<ReferenceDigestRecord> dbTempList = super.getList(ReferenceDigestRecord.class);
for (ReferenceDigestRecord rdr : dbTempList) {
if (rdr.getModel().equals(model)) {
dbRecords.add(rdr);
}
}
} catch (DBManagerException dbMEx) {
throw new RuntimeException(dbMEx);
}
return dbRecords;
} }
@Override @Override
public boolean updateRecord(final ReferenceDigestRecord referenceDigestRecord) { public void updateRecord(final ReferenceDigestRecord referenceDigestRecord) {
return false; try {
super.update(referenceDigestRecord);
} catch (DBManagerException dbMEx) {
throw new RuntimeException(dbMEx);
}
} }
/** /**
@ -80,8 +214,14 @@ public class DBReferenceDigestManager extends DBManager<ReferenceDigestRecord>
*/ */
@Override @Override
public boolean deleteRecord(final ReferenceDigestRecord referenceDigestRecord) { public boolean deleteRecord(final ReferenceDigestRecord referenceDigestRecord) {
boolean result = false;
LOGGER.info(String.format("Deleting reference to %s/%s", LOGGER.info(String.format("Deleting reference to %s/%s",
referenceDigestRecord.getManufacturer(), referenceDigestRecord.getModel())); referenceDigestRecord.getManufacturer(), referenceDigestRecord.getModel()));
return delete(referenceDigestRecord); try {
result = super.delete(referenceDigestRecord);
} catch (DBManagerException dbMEx) {
throw new RuntimeException(dbMEx);
}
return result;
} }
} }

191
HIRS_Utils/src/main/java/hirs/persist/DBReferenceEventManager.java Normal file
View File

@ -0,0 +1,191 @@
package hirs.persist;
import hirs.data.persist.ReferenceDigestRecord;
import hirs.data.persist.ReferenceDigestValue;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.hibernate.Transaction;
import org.hibernate.criterion.Restrictions;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;
/**
* This class is used to persist and retrieve {@link hirs.data.persist.ReferenceDigestValue}s into
* and from the database.
*/
public class DBReferenceEventManager extends DBManager<ReferenceDigestValue>
implements ReferenceEventManager {
private static final Logger LOGGER = LogManager.getLogger(DBReferenceDigestManager.class);
/**
* Default Constructor.
*
* @param sessionFactory session factory used to access database connections
*/
public DBReferenceEventManager(final SessionFactory sessionFactory) {
super(ReferenceDigestValue.class, sessionFactory);
}
@Override
public ReferenceDigestValue saveValue(final ReferenceDigestValue referenceDigestValue) {
LOGGER.debug("saving event digest value: {}", referenceDigestValue);
try {
return save(referenceDigestValue);
} catch (DBManagerException dbMEx) {
throw new RuntimeException(dbMEx);
}
}
@Override
public ReferenceDigestValue getValue(final ReferenceDigestValue referenceDigestValue) {
LOGGER.debug("Getting record for {}", referenceDigestValue);
if (referenceDigestValue == null) {
LOGGER.error("null referenceDigestValue argument");
return null;
}
if (referenceDigestValue.getDigestRecordId() == null
|| referenceDigestValue.getDigestValue() == null
|| referenceDigestValue.getEventNumber() == -1) {
LOGGER.error("No reference to get record from db {}", referenceDigestValue);
return null;
}
ReferenceDigestValue dbRecord;
Transaction tx = null;
Session session = getFactory().getCurrentSession();
try {
LOGGER.debug("retrieving referenceDigestValue from db");
tx = session.beginTransaction();
dbRecord = (ReferenceDigestValue) session.createCriteria(ReferenceDigestValue.class)
.add(Restrictions.eq("digestRecordId",
referenceDigestValue.getDigestRecordId()))
.add(Restrictions.eq("digestValue",
referenceDigestValue.getDigestValue()))
.add(Restrictions.eq("eventNumber",
referenceDigestValue.getEventNumber()))
.uniqueResult();
tx.commit();
} catch (Exception ex) {
final String msg = "unable to retrieve object";
LOGGER.error(msg, ex);
if (tx != null) {
LOGGER.debug("rolling back transaction");
tx.rollback();
}
throw new DBManagerException(msg, ex);
}
return dbRecord;
}
@Override
public ReferenceDigestValue getValueById(final ReferenceDigestValue referenceDigestValue) {
LOGGER.debug("Getting record for {}", referenceDigestValue);
if (referenceDigestValue == null) {
LOGGER.error("null referenceDigestValue argument");
return null;
}
if (referenceDigestValue.getId() == null) {
LOGGER.error("No reference to get record from db {}", referenceDigestValue);
return null;
}
ReferenceDigestValue dbRecord;
Transaction tx = null;
Session session = getFactory().getCurrentSession();
try {
LOGGER.debug("retrieving referenceDigestValue from db");
tx = session.beginTransaction();
dbRecord = (ReferenceDigestValue) session.createCriteria(ReferenceDigestValue.class)
.add(Restrictions.eq("id",
referenceDigestValue.getId())).uniqueResult();
tx.commit();
} catch (Exception ex) {
final String msg = "unable to retrieve object";
LOGGER.error(msg, ex);
if (tx != null) {
LOGGER.debug("rolling back transaction");
tx.rollback();
}
throw new DBManagerException(msg, ex);
}
return dbRecord;
}
@Override
public List<ReferenceDigestValue> getValuesByRecordId(
final ReferenceDigestRecord referenceDigestRecord) {
LOGGER.debug("Getting digest values for {}", referenceDigestRecord);
if (referenceDigestRecord == null) {
LOGGER.error("null referenceDigestRecord argument");
throw new NullPointerException("null referenceDigestRecord");
}
if (referenceDigestRecord.getId() == null) {
LOGGER.error("null referenceDigestRecord ID argument");
throw new NullPointerException("null referenceDigestRecord ID");
}
List<ReferenceDigestValue> dbDigestValues = new ArrayList<>();
UUID uuid = referenceDigestRecord.getId();
try {
List<ReferenceDigestValue> dbTempList = super.getList(ReferenceDigestValue.class);
for (ReferenceDigestValue rdv : dbTempList) {
if (rdv.getDigestRecordId().equals(uuid)) {
dbDigestValues.add(rdv);
}
}
} catch (DBManagerException dbMEx) {
throw new RuntimeException(dbMEx);
}
return dbDigestValues;
}
@Override
public List<ReferenceDigestValue> getValueByEventType(final String eventType) {
LOGGER.debug("Getting digest values for event type: {}", eventType);
if (eventType == null) {
LOGGER.error("null event type argument");
throw new NullPointerException("null event type");
}
List<ReferenceDigestValue> dbDigestValues = new ArrayList<>();
try {
List<ReferenceDigestValue> dbTempList = super.getList(ReferenceDigestValue.class);
for (ReferenceDigestValue rdv : dbTempList) {
if (rdv.getEventType().equals(eventType)) {
dbDigestValues.add(rdv);
}
}
} catch (DBManagerException dbMEx) {
throw new RuntimeException(dbMEx);
}
return dbDigestValues;
}
@Override
public void updateRecord(final ReferenceDigestValue referenceDigestValue) {
try {
super.update(referenceDigestValue);
} catch (DBManagerException dbMEx) {
throw new RuntimeException(dbMEx);
}
}
@Override
public boolean deleteRecord(final ReferenceDigestValue referenceDigestValue) {
boolean result;
LOGGER.info(String.format("Deleting reference to %s",
referenceDigestValue.getId()));
try {
result = super.delete(referenceDigestValue);
} catch (DBManagerException dbMEx) {
throw new RuntimeException(dbMEx);
}
return result;
}
}

13
HIRS_Utils/src/main/java/hirs/persist/PersistenceConfiguration.java
View File

@ -167,6 +167,19 @@ public class PersistenceConfiguration {
return manager; return manager;
} }
/**
* Creates a {@link ReferenceEventManager} ready to use.
*
* @return {@link ReferenceEventManager}
*/
@Bean
public ReferenceEventManager referenceEventManager() {
DBReferenceEventManager manager
= new DBReferenceEventManager(sessionFactory.getObject());
setDbManagerRetrySettings(manager);
return manager;
}
/** /**
* Creates a {@link DeviceStateManager} ready to use. * Creates a {@link DeviceStateManager} ready to use.
* *

20
HIRS_Utils/src/main/java/hirs/persist/ReferenceDigestManager.java
View File

@ -4,6 +4,7 @@ package hirs.persist;
import hirs.data.persist.ReferenceDigestRecord; import hirs.data.persist.ReferenceDigestRecord;
import java.util.List; import java.util.List;
import java.util.UUID;
/** /**
* This class facilitates the persistence of {@link hirs.data.persist.ReferenceDigestRecord}s * This class facilitates the persistence of {@link hirs.data.persist.ReferenceDigestRecord}s
@ -27,6 +28,22 @@ public interface ReferenceDigestManager {
*/ */
ReferenceDigestRecord getRecord(ReferenceDigestRecord referenceDigestRecord); ReferenceDigestRecord getRecord(ReferenceDigestRecord referenceDigestRecord);
/**
* Persists a new Reference Digest.
*
* @param referenceDigestRecord the ReferenceDigestRecord
* @return the persisted ReferenceDigestRecord
*/
ReferenceDigestRecord getRecordById(ReferenceDigestRecord referenceDigestRecord);
/**
* Persists a new Reference Digest.
*
* @param supportId the support RIM UUID
* @return the persisted ReferenceDigestRecord
*/
ReferenceDigestRecord getRecordBySupportId(UUID supportId);
/** /**
* Persists a new Reference Digest. * Persists a new Reference Digest.
* *
@ -47,9 +64,8 @@ public interface ReferenceDigestManager {
/** /**
* Updates an existing ReferenceDigestRecord. * Updates an existing ReferenceDigestRecord.
* @param referenceDigestRecord the Reference Digest update * @param referenceDigestRecord the Reference Digest update
* @return status of successful update
*/ */
boolean updateRecord(ReferenceDigestRecord referenceDigestRecord); void updateRecord(ReferenceDigestRecord referenceDigestRecord);
/** /**
* Delete the given record. * Delete the given record.

66
HIRS_Utils/src/main/java/hirs/persist/ReferenceEventManager.java Normal file
View File

@ -0,0 +1,66 @@
package hirs.persist;
import hirs.data.persist.ReferenceDigestRecord;
import hirs.data.persist.ReferenceDigestValue;
import java.util.List;
/**
* This class facilitates the persistence of {@link hirs.data.persist.ReferenceDigestValue}s
* including storage, retrieval, and deletion.
*/
public interface ReferenceEventManager {
/**
* Persists a new Reference Digest value.
*
* @param referenceDigestValue the ReferenceDigestValue
* @return the persisted ReferenceDigestValue
*/
ReferenceDigestValue saveValue(ReferenceDigestValue referenceDigestValue);
/**
* Persists a new Reference Digest value.
*
* @param referenceDigestValue the ReferenceDigestValue
* @return the persisted ReferenceDigestValue
*/
ReferenceDigestValue getValue(ReferenceDigestValue referenceDigestValue);
/**
* Persists a new Reference Digest value.
*
* @param referenceDigestValue the ReferenceDigestValue
* @return the persisted ReferenceDigestValue
*/
ReferenceDigestValue getValueById(ReferenceDigestValue referenceDigestValue);
/**
* Persists a new Reference Digest value.
*
* @param referenceDigestRecord the ReferenceDigestRecord
* @return the persisted list of ReferenceDigestValue
*/
List<ReferenceDigestValue> getValuesByRecordId(ReferenceDigestRecord referenceDigestRecord);
/**
* Persists a new Reference Digest value.
*
* @param eventType the event type to look for
* @return the persisted list of ReferenceDigestValue
*/
List<ReferenceDigestValue> getValueByEventType(String eventType);
/**
* Updates an existing ReferenceDigestRecord.
* @param referenceDigestValue the Reference Event update
*/
void updateRecord(ReferenceDigestValue referenceDigestValue);
/**
* Delete the given value.
*
* @param referenceDigestValue the digest record delete
* @return true if the deletion succeeded, false otherwise.
*/
boolean deleteRecord(ReferenceDigestValue referenceDigestValue);
}