From 6eeb630a75264aad7a37a17c593b05737c6f78d2 Mon Sep 17 00:00:00 2001 From: Cyrus <24922493+cyrus-dev@users.noreply.github.com> Date: Thu, 12 Nov 2020 13:45:38 -0500 Subject: [PATCH 1/2] This PR addresses the bugs identified in #314. Due to previous changes to the RIM upload process, the suppor RIM was not being updated properly when manually uploaded. Closes #314 --- .../AbstractAttestationCertificateAuthority.java | 13 +++++++++++-- .../ReferenceManifestDetailsPageController.java | 16 ++++++++++------ 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java index f990bd26..e3051ee0 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java @@ -736,7 +736,7 @@ public abstract class AbstractAttestationCertificateAuthority String clientName = String.format("%s_%s", dv.getHw().getManufacturer(), dv.getHw().getProductName()); - ReferenceManifest dbBaseRim; + ReferenceManifest dbBaseRim = null; ReferenceManifest support; String tagId = ""; String fileName = ""; @@ -798,7 +798,16 @@ public abstract class AbstractAttestationCertificateAuthority support.setTagId(tagId); this.referenceManifestManager.save(support); } else { - LOG.info("Client provided Support RIM already loaded in database."); + LOG.error("Client provided Support RIM already loaded in database."); + if (dbBaseRim != null) { + support.setPlatformManufacturer(dbBaseRim.getPlatformManufacturer()); + support.setPlatformModel(dbBaseRim.getPlatformModel()); + support.setSwidTagVersion(dbBaseRim.getSwidTagVersion()); + support.setAssociatedRim(dbBaseRim.getId()); + support.setTagId(dbBaseRim.getTagId()); + } + + this.referenceManifestManager.update(support); } } catch (IOException ioEx) { LOG.error(ioEx); diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java index 20a9b317..4d95f87f 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java @@ -293,8 +293,11 @@ public class ReferenceManifestDetailsPageController final ReferenceManifestManager referenceManifestManager) throws IOException, CertificateException, NoSuchAlgorithmException { HashMap data = new HashMap<>(); + EventLogMeasurements measurements = null; - if (support.getAssociatedRim() == null) { + if (support.getAssociatedRim() == null + && (support.getPlatformManufacturer() != null + && !support.getPlatformManufacturer().isEmpty())) { ReferenceManifest baseRim = BaseReferenceManifest.select(referenceManifestManager) .byManufacturer(support.getPlatformManufacturer()).getRIM(); if (baseRim != null) { @@ -305,16 +308,16 @@ public class ReferenceManifestDetailsPageController LOGGER.error("Failed to update Support RIM", ex); } } + measurements = EventLogMeasurements.select(referenceManifestManager) + .byManufacturer(support.getPlatformManufacturer()).getRIM(); } + data.put("baseRim", support.getTagId()); data.put("associatedRim", support.getAssociatedRim()); data.put("rimType", support.getRimType()); data.put("tagId", support.getTagId()); TCGEventLog logProcessor = new TCGEventLog(support.getRimBytes()); - EventLogMeasurements measurements = EventLogMeasurements.select(referenceManifestManager) - .byManufacturer(support.getPlatformManufacturer()).getRIM(); - LinkedList tpmPcrEvents = new LinkedList<>(); TCGEventLog measurementsProcess; if (measurements != null) { @@ -327,10 +330,11 @@ public class ReferenceManifestDetailsPageController } tpmPcrEvents.add(tpe); } + data.put("events", tpmPcrEvents); + } else { + data.put("events", logProcessor.getEventList()); } - data.put("events", tpmPcrEvents); - return data; } From 4291059142db0a8a2327bed09876a6bbd0540d99 Mon Sep 17 00:00:00 2001 From: Cyrus <24922493+cyrus-dev@users.noreply.github.com> Date: Mon, 16 Nov 2020 12:39:57 -0500 Subject: [PATCH 2/2] Updated the break line option for failed string during firmware validation. --- .../service/SupplyChainValidationServiceImpl.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java index be430c30..a2a1e889 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java @@ -352,11 +352,11 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe validationObject = baseReferenceManifest; String failedString = ""; if (baseReferenceManifest == null) { - failedString = "Base Reference Integrity Manifest%n"; + failedString = "Base Reference Integrity Manifest\n"; passed = false; } if (supportReferenceManifest == null) { - failedString += "Support Reference Integrity Manifest%n"; + failedString += "Support Reference Integrity Manifest\n"; passed = false; } if (measurement == null) {