ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-18 02:39:56 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Updated unit tested to correct the failures that were occurring because of the updated code changes.

Browse Source
This commit is contained in:
Cyrus 2021-08-30 11:44:37 -04:00
parent cf5472242b
commit 14ecd9832e
3 changed files with 70 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java
View File

@ -321,21 +321,21 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
// this needs to be a loop for all deltas, link to issue #110
// check that they don't have the same serial number
for (PlatformCredential delta : deltaMapping.keySet()) {
for (PlatformCredential pc : deltaMapping.keySet()) {
if (!basePlatformCredential.getPlatformSerial()
.equals(delta.getPlatformSerial())) {
.equals(pc.getPlatformSerial())) {
message = String.format("Base and Delta platform serial "
+ "numbers do not match (%s != %s)",
delta.getPlatformSerial(),
pc.getPlatformSerial(),
basePlatformCredential.getPlatformSerial());
LOGGER.error(message);
return new AppraisalStatus(FAIL, message);
}
// none of the deltas should have the serial number of the base
if (basePlatformCredential.getSerialNumber()
.equals(delta.getSerialNumber())) {
if (!pc.isBase() && basePlatformCredential.getSerialNumber()
.equals(pc.getSerialNumber())) {
message = String.format("Delta Certificate with same serial number as base. (%s)",
delta.getSerialNumber());
pc.getSerialNumber());
LOGGER.error(message);
return new AppraisalStatus(FAIL, message);
}

82
HIRS_Utils/src/test/java/hirs/validation/SupplyChainCredentialValidatorTest.java
View File

@ -99,6 +99,7 @@ import static org.powermock.api.mockito.PowerMockito.when;
"javax.security.auth.*" })
public class SupplyChainCredentialValidatorTest {
private static final String JSON_FILE = "/config/component-class.json";
private static final String SAMPLE_PACCOR_OUTPUT_TXT = "sample_paccor_output.txt";
private static final String SAMPLE_PACCOR_OUTPUT_NOT_SPECIFIED_TXT
= "sample_paccor_output_not_specified_values.txt";
@ -2028,29 +2029,41 @@ public class SupplyChainCredentialValidatorTest {
PlatformCredential delta1 = mock(PlatformCredential.class);
PlatformCredential delta2 = mock(PlatformCredential.class);
ComponentIdentifier compId1 = new ComponentIdentifier(new DERUTF8String("Intel"),
ComponentIdentifierV2 compId1 = new ComponentIdentifierV2(
new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), "0x00010002"),
new DERUTF8String("Intel"),
new DERUTF8String("Core i7"), new DERUTF8String("Not Specified"),
new DERUTF8String("Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz"), null,
ASN1Boolean.TRUE, new ArrayList<>(0));
ComponentIdentifier compId2 = new ComponentIdentifier(
ASN1Boolean.TRUE, new ArrayList<>(0), null, null,
null);
ComponentIdentifierV2 compId2 = new ComponentIdentifierV2(
new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), "0x00050004"),
new DERUTF8String("Intel Corporation"),
new DERUTF8String("Ethernet Connection I217-V-faulty"),
new DERUTF8String("23:94:17:ba:86:5e"), new DERUTF8String("00"), null,
ASN1Boolean.FALSE, new ArrayList<>(0));
ComponentIdentifier compId3 = new ComponentIdentifier(
ASN1Boolean.FALSE, new ArrayList<>(0), null, null,
null);
ComponentIdentifierV2 compId3 = new ComponentIdentifierV2(
new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), "0x00090002"),
new DERUTF8String("Intel Corporation"),
new DERUTF8String("82580 Gigabit Network Connection-faulty"),
new DERUTF8String("90:e2:ba:31:83:10"), new DERUTF8String(""), null,
ASN1Boolean.FALSE, new ArrayList<>(0));
ASN1Boolean.FALSE, new ArrayList<>(0), null, null,
null);
ComponentIdentifierV2 deltaCompId2 = new ComponentIdentifierV2(
new ComponentClass(),
new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), "0x00050004"),
new DERUTF8String("Intel Corporation"),
new DERUTF8String("Ethernet Connection I217-V"),
new DERUTF8String("23:94:17:ba:86:5e"), new DERUTF8String("00"), null,
ASN1Boolean.FALSE, new ArrayList<>(0), null, null,
AttributeStatus.ADDED);
ComponentIdentifierV2 deltaCompId3 = new ComponentIdentifierV2(
new ComponentClass(),
new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), "0x00090002"),
new DERUTF8String("Intel Corporation"),
new DERUTF8String("82580 Gigabit Network Connection"),
new DERUTF8String("90:e2:ba:31:83:10"), new DERUTF8String(""), null,
@ -2060,6 +2073,7 @@ public class SupplyChainCredentialValidatorTest {
ComponentIdentifierV2 ciV21Faulty = new ComponentIdentifierV2();
ComponentIdentifierV2 ciV22Faulty = new ComponentIdentifierV2();
ciV21Faulty.setComponentManufacturer(compId2.getComponentManufacturer());
ciV21Faulty.setComponentClass(compId2.getComponentClass());
ciV21Faulty.setComponentModel(compId2.getComponentModel());
ciV21Faulty.setComponentSerial(compId2.getComponentSerial());
ciV21Faulty.setComponentRevision(compId2.getComponentRevision());
@ -2068,6 +2082,7 @@ public class SupplyChainCredentialValidatorTest {
ciV21Faulty.setComponentAddress(compId2.getComponentAddress());
ciV21Faulty.setAttributeStatus(AttributeStatus.REMOVED);
ciV22Faulty.setComponentManufacturer(compId3.getComponentManufacturer());
ciV22Faulty.setComponentClass(compId3.getComponentClass());
ciV22Faulty.setComponentModel(compId3.getComponentModel());
ciV22Faulty.setComponentSerial(compId3.getComponentSerial());
ciV22Faulty.setComponentRevision(compId3.getComponentRevision());
@ -2094,17 +2109,17 @@ public class SupplyChainCredentialValidatorTest {
when(base.getManufacturer()).thenReturn("innotek GmbH");
when(base.getModel()).thenReturn("VirtualBox");
when(base.getVersion()).thenReturn("1.2");
when(base.getPlatformSerial()).thenReturn("0");
when(delta1.getPlatformSerial()).thenReturn("0");
when(delta2.getPlatformSerial()).thenReturn("0");
when(base.getPlatformSerial()).thenReturn("62UIAE5");
when(delta1.getPlatformSerial()).thenReturn("62UIAE5");
when(delta2.getPlatformSerial()).thenReturn("62UIAE5");
when(base.getPlatformType()).thenReturn("base");
when(delta1.getPlatformType()).thenReturn("delta");
when(delta2.getPlatformType()).thenReturn("delta");
when(base.getSerialNumber()).thenReturn(BigInteger.ZERO);
when(delta1.getSerialNumber()).thenReturn(BigInteger.ONE);
when(delta2.getSerialNumber()).thenReturn(BigInteger.TEN);
when(delta1.getHolderSerialNumber()).thenReturn(BigInteger.ZERO);
when(delta2.getHolderSerialNumber()).thenReturn(BigInteger.ONE);
when(base.getSerialNumber()).thenReturn(BigInteger.valueOf(01));
when(delta1.getSerialNumber()).thenReturn(BigInteger.valueOf(39821));
when(delta2.getSerialNumber()).thenReturn(BigInteger.valueOf(39822));
when(delta1.getHolderSerialNumber()).thenReturn(BigInteger.valueOf(02));
when(delta2.getHolderSerialNumber()).thenReturn(BigInteger.valueOf(39821));
when(base.getComponentIdentifiers()).thenReturn(compList);
when(delta1.getComponentIdentifiers()).thenReturn(delta1List);
when(delta2.getComponentIdentifiers()).thenReturn(delta2List);
@ -2129,9 +2144,9 @@ public class SupplyChainCredentialValidatorTest {
AppraisalStatus result = supplyChainCredentialValidator
.validateDeltaPlatformCredentialAttributes(delta2,
deviceInfoReport, base, chainCredentials);
Assert.assertEquals(result.getAppStatus(), AppraisalStatus.Status.PASS);
Assert.assertEquals(result.getMessage(),
SupplyChainCredentialValidator.PLATFORM_ATTRIBUTES_VALID);
Assert.assertEquals(result.getAppStatus(), AppraisalStatus.Status.PASS);
}
/**
@ -2149,22 +2164,33 @@ public class SupplyChainCredentialValidatorTest {
PlatformCredential base = mock(PlatformCredential.class);
PlatformCredential delta1 = mock(PlatformCredential.class);
ComponentIdentifier compId1 = new ComponentIdentifier(new DERUTF8String("Intel"),
ComponentIdentifierV2 compId1 = new ComponentIdentifierV2(
new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), "0x00010002"),
new DERUTF8String("Intel"),
new DERUTF8String("Core i7"), new DERUTF8String("Not Specified"),
new DERUTF8String("Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz"), null,
ASN1Boolean.TRUE, new ArrayList<>(0));
ComponentIdentifier compId2 = new ComponentIdentifier(
ASN1Boolean.TRUE, new ArrayList<>(0), null, null,
null);
ComponentIdentifierV2 compId2 = new ComponentIdentifierV2(
new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), "0x00050004"),
new DERUTF8String("Intel Corporation"),
new DERUTF8String("Ethernet Connection I217-V-faulty"),
new DERUTF8String("23:94:17:ba:86:5e"), new DERUTF8String("00"), null,
ASN1Boolean.FALSE, new ArrayList<>(0));
ComponentIdentifier compId3 = new ComponentIdentifier(
ASN1Boolean.FALSE, new ArrayList<>(0), null, null,
null);
ComponentIdentifierV2 compId3 = new ComponentIdentifierV2(
new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), "0x00090002"),
new DERUTF8String("Intel Corporation"),
new DERUTF8String("82580 Gigabit Network Connection-faulty"),
new DERUTF8String("90:e2:ba:31:83:10"), new DERUTF8String(""), null,
ASN1Boolean.FALSE, new ArrayList<>(0));
ASN1Boolean.FALSE, new ArrayList<>(0), null, null,
null);
ComponentIdentifierV2 deltaCompId2 = new ComponentIdentifierV2(
new ComponentClass(),
new ComponentClass(Paths.get(this.getClass()
.getResource(JSON_FILE).toURI()), "0x00050004"),
new DERUTF8String("Intel Corporation"),
new DERUTF8String("Ethernet Connection I217-V"),
new DERUTF8String("23:94:17:ba:86:5e"), new DERUTF8String("00"), null,
@ -2231,12 +2257,8 @@ public class SupplyChainCredentialValidatorTest {
deviceInfoReport, base, chainCredentials);
Assert.assertEquals(result.getAppStatus(), AppraisalStatus.Status.FAIL);
Assert.assertEquals(result.getMessage(),
"Delta Certificate with same serial number as base. (0)");
// Assert.assertEquals(result.getMessage(),
// "There are unmatched components:\n"
// + "Manufacturer=Intel Corporation, Model=82580 "
// + "Gigabit Network Connection-faulty, "
// + "Serial=90:e2:ba:31:83:10, Revision=;\n");
"There are 1 unmatched components on the Platform Certificate:\n"
+ "COMPID=370101885;1");
}
/**

15
HIRS_Utils/src/test/resources/hirs/validation/sample_paccor_output.txt
View File

@ -5,13 +5,22 @@
},
"COMPONENTS": [
{
"MANUFACTURER": "Intel","MODEL": "Core i7","SERIAL": "Not Specified","REVISION": "Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz"
"COMPONENTCLASS": {
"COMPONENTCLASSREGISTRY": "2.23.133.18.3.1",
"COMPONENTCLASSVALUE": "00010002"
},"MANUFACTURER": "Intel","MODEL": "Core i7","SERIAL": "Not Specified","REVISION": "Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz"
},
{
"MANUFACTURER": "Intel Corporation","MODEL": "Ethernet Connection I217-V", "FIELDREPLACEABLE": "false","SERIAL": "23:94:17:ba:86:5e", "REVISION": "00"
"COMPONENTCLASS": {
"COMPONENTCLASSREGISTRY": "2.23.133.18.3.1",
"COMPONENTCLASSVALUE": "00050004"
},"MANUFACTURER": "Intel Corporation","MODEL": "Ethernet Connection I217-V", "FIELDREPLACEABLE": "false","SERIAL": "23:94:17:ba:86:5e", "REVISION": "00"
},
{
"MANUFACTURER": "Intel Corporation","MODEL": "82580 Gigabit Network Connection", "FIELDREPLACEABLE": "false", "SERIAL": "90:e2:ba:31:83:10", "REVISION": ""
"COMPONENTCLASS": {
"COMPONENTCLASSREGISTRY": "2.23.133.18.3.1",
"COMPONENTCLASSVALUE": "00090002"
},"MANUFACTURER": "Intel Corporation","MODEL": "82580 Gigabit Network Connection", "FIELDREPLACEABLE": "false", "SERIAL": "90:e2:ba:31:83:10", "REVISION": ""
}
],
"PROPERTIES": [