ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-19 04:58:00 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

These changes update the component class object to handled SMBIOS components along with the TCG ones presented originally. The unit tests also were updated to use the new structure of the class and added additional tests for the SMBIOS entries

Browse Source
This commit is contained in:
Cyrus 2021-06-07 13:46:47 -04:00
parent 71ec0cbd97
commit 13043856ef
6 changed files with 289 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentClass.java
View File

@ -24,6 +24,8 @@ import java.nio.file.Path;
* </pre>
*/
public class ComponentClass {
private static final String TCG_COMPONENT_REGISTRY = "2.23.133.18.3.1";
private static final String SMBIOS_COMPONENT_REGISTRY = "2.23.133.18.3.3";
private static final Path JSON_PATH = FileSystems.getDefault()
.getPath("/opt", "hirs", "default-properties", "component-class.json");
@ -46,6 +48,7 @@ public class ComponentClass {
private String category;
private String component;
private String registryType;
private int componentIdentifier;
private String classValueString;
@ -53,7 +56,7 @@ public class ComponentClass {
* Default class constructor.
*/
public ComponentClass() {
this(JSON_PATH, UNKNOWN);
this("TCG", JSON_PATH, UNKNOWN);
}
/**
@ -62,17 +65,32 @@ public class ComponentClass {
* @param componentIdentifier component value
*/
public ComponentClass(final int componentIdentifier) {
this(JSON_PATH, componentIdentifier);
this(TCG_COMPONENT_REGISTRY, JSON_PATH, componentIdentifier);
}
/**
* Class Constructor that takes a String representation of the component
* value.
*
* @param registryOid the decimal notation for the type of registry
* @param componentIdentifier component value
*/
public ComponentClass(final String componentIdentifier) {
this(JSON_PATH, componentIdentifier);
public ComponentClass(final String registryOid, final String componentIdentifier) {
this(registryOid, JSON_PATH, getComponentIntValue(componentIdentifier));
}
/**
* Class Constructor that takes a String representation of the component
* value.
*
* @param registryOid the decimal notation for the type of registry
* @param componentClassPath file path for the json
* @param componentIdentifier component value
*/
public ComponentClass(final String registryOid,
final Path componentClassPath,
final String componentIdentifier) {
this(registryOid, componentClassPath, getComponentIntValue(componentIdentifier));
}
/**
@ -83,7 +101,7 @@ public class ComponentClass {
* @param componentIdentifier component value
*/
public ComponentClass(final Path componentClassPath, final String componentIdentifier) {
this(componentClassPath, getComponentIntValue(componentIdentifier));
this(TCG_COMPONENT_REGISTRY, componentClassPath, getComponentIntValue(componentIdentifier));
if (componentIdentifier != null && componentIdentifier.contains("#")) {
this.classValueString = componentIdentifier.replaceAll("#", "");
} else {
@ -96,14 +114,28 @@ public class ComponentClass {
* component value. Sets main class variables to default values and then
* matches the value against defined values in the associated JSON file.
*
* @param registryOid the decimal notation for the type of registry
* @param componentClassPath file path for the json
* @param componentIdentifier component value
*/
public ComponentClass(final Path componentClassPath, final int componentIdentifier) {
public ComponentClass(final String registryOid,
final Path componentClassPath,
final int componentIdentifier) {
this.category = UNKNOWN_STRING;
this.component = NONE_STRING;
this.componentIdentifier = componentIdentifier;
switch (registryOid) {
case TCG_COMPONENT_REGISTRY:
registryType = "TCG";
break;
case SMBIOS_COMPONENT_REGISTRY:
registryType = "SMBIOS";
break;
default:
registryType = UNKNOWN_STRING;
}
switch (componentIdentifier) {
case OTHER:
this.category = NONE_STRING;
@ -117,7 +149,7 @@ public class ComponentClass {
// Number Format Exception
break;
default:
getCategory(JsonUtils.getSpecificJsonObject(componentClassPath, "Components"));
getCategory(JsonUtils.getSpecificJsonObject(componentClassPath, registryType));
break;
}
}
@ -163,7 +195,7 @@ public class ComponentClass {
*/
@Override
public String toString() {
return String.format("%s - %s", category, component);
return String.format("%s%n%s - %s", registryType, category, component);
}
/**

12
HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/ComponentIdentifierV2.java
View File

@ -4,9 +4,6 @@ import hirs.data.persist.certificate.attributes.ComponentAddress;
import hirs.data.persist.certificate.attributes.ComponentClass;
import hirs.data.persist.certificate.attributes.ComponentIdentifier;
import hirs.data.persist.certificate.attributes.URIReference;
import java.util.List;
import java.util.stream.Collectors;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
@ -15,6 +12,9 @@ import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERUTF8String;
import java.util.List;
import java.util.stream.Collectors;
/**
* Basic class that handle component identifiers from the Platform Configuration
* Attribute.
@ -109,9 +109,9 @@ public class ComponentIdentifierV2 extends ComponentIdentifier {
}
int tag = 0;
ASN1Sequence componentIdSeq = ASN1Sequence.getInstance(sequence.getObjectAt(tag++));
componentClass = new ComponentClass(DEROctetString.getInstance(componentIdSeq
.getObjectAt(tag)).toString());
ASN1Sequence componentIdSeq = ASN1Sequence.getInstance(sequence.getObjectAt(tag));
componentClass = new ComponentClass(componentIdSeq.getObjectAt(tag++).toString(),
DEROctetString.getInstance(componentIdSeq.getObjectAt(tag)).toString());
// Mandatory values
this.setComponentManufacturer(DERUTF8String.getInstance(sequence.getObjectAt(tag++)));

57
HIRS_Utils/src/main/resources/component-class.json
View File

@ -1,5 +1,5 @@
{
"Components": {
"TCG": {
"Processors": {
"ID": "0x00010000",
"Types": {
@ -333,5 +333,60 @@
"0x00000006": "System Management Module"
}
}
},
"SMBIOS": {
"BIOS": {
"ID": "0x00000000",
"Types": {
"0x00000002": "CPU"
}
},
"System": {
"ID": "0x00010000",
"Types": {
"0x00000002": "Desktop"
}
},
"Baseboard": {
"ID": "0x00020000",
"Types": {
"0x00000002": "Daughter Board"
}
},
"Chassis": {
"ID": "0x00030000",
"Types": {
"0x00000002": "SAS Bridgeboard",
"0x00000003": "Processor Module"
}
},
"Processor": {
"ID": "0x00040000",
"Types": {
"0x00000002": "Video Controller",
"0x00000003": "SCSI Controller"
}
},
"RAM": {
"ID": "0x00110000",
"Types": {
"0x00000002": "Port Controller",
"0x00000003": "Baseboard Management Controller"
}
},
"Power Supply": {
"ID": "0x00270000",
"Types": {
"0x00000002": "Storage Drive",
"0x00000003": "SSD Drive"
}
},
"TPM": {
"ID": "0x002B0000",
"Types": {
"0x00000002": "Floppy Drive",
"0x00000003": "Tape Drive"
}
}
}
}

61
HIRS_Utils/src/test/java/hirs/data/persist/certificate/attributes/ComponentClassTest.java
View File

@ -20,7 +20,7 @@ public class ComponentClassTest {
@Test
public void testGetComponentNoneUNK() throws URISyntaxException {
int componentIdentifier = 1;
ComponentClass instance = new ComponentClass(Paths.get(this.getClass()
ComponentClass instance = new ComponentClass("TCG", Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
String resultCategory = instance.getCategory();
String resultComponent = instance.getComponent();
@ -35,7 +35,7 @@ public class ComponentClassTest {
@Test
public void testGetComponentNoneOther() throws URISyntaxException {
int componentIdentifier = 0;
ComponentClass instance = new ComponentClass(Paths.get(this.getClass()
ComponentClass instance = new ComponentClass("TCG", Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
String resultCategory = instance.getCategory();
String resultComponent = instance.getComponent();
@ -92,7 +92,7 @@ public class ComponentClassTest {
* @throws URISyntaxException if there is a problem constructing the URI
*/
@Test
public void testGetComponentStandardQuery() throws URISyntaxException {
public void testGetComponentStandardQueryTCG() throws URISyntaxException {
String componentIdentifier = "0x00040002";
ComponentClass instance = new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
@ -107,9 +107,24 @@ public class ComponentClassTest {
* @throws URISyntaxException if there is a problem constructing the URI
*/
@Test
public void testGetComponentStandardQueryInt() throws URISyntaxException {
public void testGetComponentStandardQuerySMBIOS() throws URISyntaxException {
String componentIdentifier = "0x00040002";
ComponentClass instance = new ComponentClass("2.23.133.18.3.3", Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
String resultCategory = instance.getCategory();
String resultComponent = instance.getComponent();
Assert.assertEquals("Video Controller", resultComponent);
Assert.assertEquals("Processor", resultCategory);
}
/**
* Test of getComponent method, of class ComponentClass.
* @throws URISyntaxException if there is a problem constructing the URI
*/
@Test
public void testGetComponentStandardQueryIntTCG() throws URISyntaxException {
int componentIdentifier = 0x00040002;
ComponentClass instance = new ComponentClass(Paths.get(this.getClass()
ComponentClass instance = new ComponentClass("2.23.133.18.3.1", Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
String resultCategory = instance.getCategory();
String resultComponent = instance.getComponent();
@ -117,6 +132,21 @@ public class ComponentClassTest {
Assert.assertEquals("Modules", resultCategory);
}
/**
* Test of getComponent method, of class ComponentClass.
* @throws URISyntaxException if there is a problem constructing the URI
*/
@Test
public void testGetComponentStandardQueryIntSMBIOS() throws URISyntaxException {
int componentIdentifier = 0x00040002;
ComponentClass instance = new ComponentClass("2.23.133.18.3.3", Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
String resultCategory = instance.getCategory();
String resultComponent = instance.getComponent();
Assert.assertEquals("Video Controller", resultComponent);
Assert.assertEquals("Processor", resultCategory);
}
/**
* Test of getComponent method, of class ComponentClass.
* @throws URISyntaxException if there is a problem constructing the URI
@ -124,7 +154,7 @@ public class ComponentClassTest {
@Test
public void testGetComponentStandardQueryIntOther() throws URISyntaxException {
int componentIdentifier = 0x00040000;
ComponentClass instance = new ComponentClass(Paths.get(this.getClass()
ComponentClass instance = new ComponentClass("2.23.133.18.3.1", Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
String resultCategory = instance.getCategory();
String resultComponent = instance.getComponent();
@ -139,7 +169,7 @@ public class ComponentClassTest {
@Test
public void testGetComponentStandardQueryIntUnk() throws URISyntaxException {
int componentIdentifier = 0x00040001;
ComponentClass instance = new ComponentClass(Paths.get(this.getClass()
ComponentClass instance = new ComponentClass("2.23.133.18.3.1", Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
String resultCategory = instance.getCategory();
String resultComponent = instance.getComponent();
@ -153,7 +183,7 @@ public class ComponentClassTest {
*/
@Test
public void testGetComponentStandardQuery2() throws URISyntaxException {
String componentIdentifier = "0x00060012";
String componentIdentifier = "0x00060015";
ComponentClass instance = new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
String resultCategory = instance.getCategory();
@ -162,21 +192,6 @@ public class ComponentClassTest {
Assert.assertEquals("Memory", resultCategory);
}
/**
* Test of getComponent method, of class ComponentClass.
* @throws URISyntaxException if there is a problem constructing the URI
*/
@Test
public void testGetComponentStandardQueryOther() throws URISyntaxException {
String componentIdentifier = "0x00060000";
ComponentClass instance = new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), componentIdentifier);
String resultCategory = instance.getCategory();
String resultComponent = instance.getComponent();
Assert.assertEquals("Other", resultComponent);
Assert.assertEquals("Memory", resultCategory);
}
/**
* Test of getComponent method, of class ComponentClass.
* @throws URISyntaxException if there is a problem constructing the URI

4
HIRS_Utils/src/test/java/hirs/validation/SupplyChainCredentialValidatorTest.java
View File

@ -1196,8 +1196,8 @@ public class SupplyChainCredentialValidatorTest {
PlatformCredential pc = new PlatformCredential(certBytes);
String expectedMessage = "Can't validate platform credential without a "
+ "trust store\n";
String expectedMessage = "Can't validate platform credential without an "
+ "Issuer Cert in the Trust Store\n";
AppraisalStatus result = supplyChainCredentialValidator.validatePlatformCredential(pc, null,
true);

193
HIRS_Utils/src/test/resources/config/component-class.json
View File

@ -1,5 +1,5 @@
{
"Components": {
"TCG": {
"Processors": {
"ID": "0x00010000",
"Types": {
@ -13,18 +13,48 @@
"Containers": {
"ID": "0x00020000",
"Types": {
"0x00000002": "Chassis",
"0x00000003": "Backplane",
"0x00000004": "Server Blade",
"0x00000005": "Stack (Rack)",
"0x00000006": "Stack (Rack)",
"0x00000007": "Stack (Rack)",
"0x00000008": "Stack (Rack)",
"0x00000009": "Stack (Rack)",
"0x0000000A": "Stack (Rack)",
"0x0000000B": "Stack (Rack)",
"0x0000000C": "Stack (Rack)",
"0x0000000D": "Stack (Rack)"
"0x00000002": "Desktop",
"0x00000003": "Low Profile Desktop",
"0x00000004": "Pizza Box",
"0x00000005": "Mini Tower",
"0x00000006": "Tower",
"0x00000007": "Portable",
"0x00000008": "Laptop",
"0x00000009": "Notebook",
"0x0000000A": "Hand Held",
"0x0000000B": "Docking Station",
"0x0000000C": "All in One",
"0x0000000D": "Sub Notebook",
"0x0000000E": "Space-saving",
"0x0000000F": "Lunch Box",
"0x00000010": "Main Server Chassis",
"0x00000011": "Expansion Chassis",
"0x00000012": "Sub Chassis",
"0x00000013": "Bus Expansion Chassis",
"0x00000014": "Peripheral Chassis",
"0x00000015": "RAID Chassis",
"0x00000016": "Rack Mount Chassis",
"0x00000017": "Sealed-case PC",
"0x00000018": "Multi-system Chassis",
"0x00000019": "Compact PCI",
"0x0000001A": "Advanced TCA",
"0x0000001B": "Blade",
"0x0000001C": "Blade Enclosure",
"0x0000001D": "Tablet",
"0x0000001E": "Convertible",
"0x0000001F": "Detachable",
"0x00000020": "IoT Gateway",
"0x00000021": "Embedded PC",
"0x00000022": "MiniPC",
"0x00000023": "Stick PC",
"0x00000024": "1U Rack Mount Chassis",
"0x00000025": "2U Rack Mount Chassis",
"0x00000026": "3U Rack Mount Chassis",
"0x00000027": "4U Rack Mount Chassis",
"0x00000028": "5U Rack Mount Chassis",
"0x00000029": "6U Rack Mount Chassis",
"0x0000002A": "7U Rack Mount Chassis",
"0x0000002B": "8U Rack Mount Chassis"
}
},
"IC Boards": {
@ -44,7 +74,8 @@
"0x00000005": "Memory Module",
"0x00000006": "Power Module",
"0x00000007": "Processor/Memory Module",
"0x00000008": "Processor/IO Module"
"0x00000008": "Processor/IO Module",
"0x00000009": "TPM"
}
},
"Controllers": {
@ -61,37 +92,42 @@
"0x0000000A": "LED Display Controller",
"0x0000000B": "RAID Controller",
"0x0000000C": "Remote Access Controller",
"0x0000000D": "USB Controller"
"0x0000000E": "USB Controller",
"0x0000000F": "Multi-function Storage Controller",
"0x00000010": "Multi-function Network Controller",
"0x00000011": "Smart IO Controller"
}
},
"Memory": {
"ID": "0x00060000",
"Types": {
"0x0000000": "",
"0x00000001": "DRAM Memory",
"0x00000002": "EDRAM Memory",
"0x00000003": "VRAM Memory",
"0x00000004": "SRAM Memory",
"0x00000005": "RAM Memory",
"0x00000006": "ROM Memory",
"0x00000007": "FLASH Memory",
"0x00000008": "EEPROM Memory",
"0x00000009": "FEPROM Memory",
"0x0000000A": "EPROM Memory",
"0x0000000B": "CDRAM Memory",
"0x0000000C": "3DRAM Memory",
"0x0000000D": "SDRAM Memory",
"0x0000000E": "SGRAM Memory",
"0x0000000F": "RDRAM Memory",
"0x00000010": "DDR Memory",
"0x00000011": "DDR2 Memory",
"0x00000012": "DDR3 Memory",
"0x00000013": "DDR4 Memory",
"0x00000014": "LPDDR Memory",
"0x00000015": "LPDDR2 Memory",
"0x00000016": "LPDDR3 Memory",
"0x00000017": "LPDDR4 Memory",
"0x00000018": "NVRAM Memory"
"0x00000002": "Port Controller",
"0x00000003": "Baseboard Management Controller",
"0x00000004": "DRAM Memory",
"0x00000005": "EDRAM Memory",
"0x00000006": "VRAM Memory",
"0x00000007": "SRAM Memory",
"0x00000008": "RAM Memory",
"0x00000009": "ROM Memory",
"0x0000000A": "FLASH Memory",
"0x0000000B": "EEPROM Memory",
"0x0000000C": "FEPROM Memory",
"0x0000000D": "EPROM Memory",
"0x0000000E": "CDRAM Memory",
"0x0000000F": "3DRAM Memory",
"0x00000010": "SDRAM Memory",
"0x00000011": "SGRAM Memory",
"0x00000012": "RDRAM Memory",
"0x00000013": "DDR Memory",
"0x00000014": "DDR2 Memory",
"0x00000015": "DDR3 Memory",
"0x00000016": "DDR4 Memory",
"0x00000017": "LPDDR Memory",
"0x00000018": "LPDDR2 Memory",
"0x00000019": "LPDDR3 Memory",
"0x0000001A": "LPDDR4 Memory",
"0x0000001B": "NVRAM Memory",
"0x0000001C": "3D Xpoint Memory"
}
},
"Storage": {
@ -156,10 +192,10 @@
"Display Devices": {
"ID": "0x000C0000",
"Types": {
"0x00000001": "LCD Display Panel",
"0x00000002": "LED Display Panel",
"0x00000003": "OLED Display Panel",
"0x00000004": "CRT Display Panel"
"0x00000002": "LCD Display Panel",
"0x00000003": "LED Display Panel",
"0x00000004": "OLED Display Panel",
"0x00000005": "CRT Display Panel"
}
},
"Cooling": {
@ -183,7 +219,7 @@
"0x00000006": "Touch Pad",
"0x00000007": "Touch Screen",
"0x00000008": "Camera",
"0x00000009": "Fingerpoint Reader",
"0x00000009": "Fingerprint Reader",
"0x0000000A": "Keyboard",
"0x0000000B": "Smartcard Reader",
"0x0000000C": "Biometric Reader",
@ -284,7 +320,72 @@
"0x00000008": "IDE Cable",
"0x00000009": "Molex Cable",
"0x0000000A": "Ribbon Cable",
"0x0000000B": "PCI Express"
"0x0000000B": "PCI Express Cable"
}
},
"Firmware": {
"ID": "0x00130000",
"Types": {
"0x00000002": "UEFI",
"0x00000003": "System BIOS",
"0x00000004": "Drive BIOS",
"0x00000005": "Bootloader",
"0x00000006": "System Management Module"
}
}
},
"SMBIOS": {
"BIOS": {
"ID": "0x00000000",
"Types": {
"0x00000002": "CPU"
}
},
"System": {
"ID": "0x00010000",
"Types": {
"0x00000002": "Desktop"
}
},
"Baseboard": {
"ID": "0x00020000",
"Types": {
"0x00000002": "Daughter Board"
}
},
"Chassis": {
"ID": "0x00030000",
"Types": {
"0x00000002": "SAS Bridgeboard",
"0x00000003": "Processor Module"
}
},
"Processor": {
"ID": "0x00040000",
"Types": {
"0x00000002": "Video Controller",
"0x00000003": "SCSI Controller"
}
},
"RAM": {
"ID": "0x00110000",
"Types": {
"0x00000002": "Port Controller",
"0x00000003": "Baseboard Management Controller"
}
},
"Power Supply": {
"ID": "0x00270000",
"Types": {
"0x00000002": "Storage Drive",
"0x00000003": "SSD Drive"
}
},
"TPM": {
"ID": "0x002B0000",
"Types": {
"0x00000002": "Floppy Drive",
"0x00000003": "Tape Drive"
}
}
}