diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/AcaPciIds.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/AcaPciIds.java index b946df4b..29dbe00d 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/AcaPciIds.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/AcaPciIds.java @@ -2,7 +2,6 @@ package hirs.attestationca.persist.util; import com.github.marandus.pciid.model.Device; import com.github.marandus.pciid.model.Vendor; -import com.github.marandus.pciid.service.PciIdsDatabase; import com.google.common.base.Strings; import hirs.attestationca.persist.entity.userdefined.certificate.ComponentResult; import hirs.attestationca.persist.entity.userdefined.certificate.attributes.ComponentIdentifier; @@ -12,71 +11,16 @@ import lombok.extern.log4j.Log4j2; import org.bouncycastle.asn1.ASN1UTF8String; import org.bouncycastle.asn1.DERUTF8String; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; import java.util.ArrayList; -import java.util.Collections; import java.util.List; +import static hirs.utils.PciIds.DB; + /** * Provide Java access to PCI IDs. */ @Log4j2 public final class AcaPciIds { - /** - * This pci ids file can be in different places on different distributions. - */ - public static final List PCI_IDS_PATH = - Collections.unmodifiableList(new ArrayList<>() { - private static final long serialVersionUID = 1L; - { - add("/usr/share/hwdata/pci.ids"); - add("/usr/share/misc/pci.ids"); - add("/tmp/pci.ids"); - } - }); - - /** - * The PCI IDs Database object. - * - * This only needs to be loaded one time. - * - * The pci ids library protects the data inside the object by making it immutable. - */ - public static final PciIdsDatabase DB = new PciIdsDatabase(); - - static { - if (!DB.isReady()) { - String dbFile = null; - for (final String path : PCI_IDS_PATH) { - if ((new File(path)).exists()) { - log.info("PCI IDs file was found {}", path); - dbFile = path; - break; - } - } - if (dbFile != null) { - InputStream is = null; - try { - is = new FileInputStream(new File(dbFile)); - DB.loadStream(is); - } catch (IOException e) { - // DB will not be ready, hardware IDs will not be translated - dbFile = null; - } finally { - if (is != null) { - try { - is.close(); - } catch (IOException e) { - dbFile = null; - } - } - } - } - } - } /** * The Component Class TCG Registry OID. diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java index 6f18313e..a427835c 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java @@ -14,6 +14,7 @@ import hirs.attestationca.persist.entity.userdefined.info.HardwareInfo; import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport; import hirs.attestationca.persist.enums.AppraisalStatus; import hirs.attestationca.persist.util.AcaPciIds; +import hirs.utils.PciIds; import hirs.utils.enums.DeviceInfoEnums; import lombok.extern.log4j.Log4j2; import org.apache.commons.codec.digest.DigestUtils; @@ -445,7 +446,7 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid // is to be displayed as the failure fullDeltaChainComponents.clear(); for (ComponentIdentifier ci : subCompIdList) { - if (ci.isVersion2() && AcaPciIds.DB.isReady()) { + if (ci.isVersion2() && PciIds.DB.isReady()) { ci = AcaPciIds.translate((ComponentIdentifierV2) ci); } log.error("Unmatched component: " + ci); @@ -606,7 +607,7 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid int unmatchedComponentCounter = 1; for (ComponentIdentifier unmatchedComponent : pcUnmatchedComponents) { - if (unmatchedComponent.isVersion2() && AcaPciIds.DB.isReady()) { + if (unmatchedComponent.isVersion2() && PciIds.DB.isReady()) { unmatchedComponent = AcaPciIds.translate((ComponentIdentifierV2) unmatchedComponent); } diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java index c112ef2c..d415f3f1 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java @@ -14,6 +14,7 @@ import hirs.attestationca.persist.entity.userdefined.certificate.attributes.Comp import hirs.attestationca.persist.entity.userdefined.certificate.attributes.PlatformConfiguration; import hirs.attestationca.persist.util.AcaPciIds; import hirs.utils.BouncyCastleUtils; +import hirs.utils.PciIds; import lombok.AccessLevel; import lombok.NoArgsConstructor; import lombok.extern.log4j.Log4j2; @@ -371,7 +372,7 @@ public final class CertificateStringMapBuilder { .findByCertificateSerialNumberAndBoardSerialNumber( certificate.getSerialNumber().toString(), certificate.getPlatformSerial()); - if (AcaPciIds.DB.isReady()) { + if (PciIds.DB.isReady()) { compResults = AcaPciIds.translateResults(compResults); } data.put("componentResults", compResults); @@ -381,7 +382,7 @@ public final class CertificateStringMapBuilder { if (platformConfiguration != null) { //Component Identifier - attempt to translate hardware IDs List comps = platformConfiguration.getComponentIdentifier(); - if (AcaPciIds.DB.isReady()) { + if (PciIds.DB.isReady()) { comps = AcaPciIds.translate(comps); } data.put("componentsIdentifier", comps); diff --git a/HIRS_Utils/build.gradle b/HIRS_Utils/build.gradle index 100af334..cac43798 100644 --- a/HIRS_Utils/build.gradle +++ b/HIRS_Utils/build.gradle @@ -38,6 +38,7 @@ dependencies { implementation libs.commons.lang3 implementation libs.commons.io implementation libs.minimal.json + implementation libs.pci implementation 'org.apache.logging.log4j:log4j-core:2.19.0' implementation 'org.apache.logging.log4j:log4j-api:2.19.0' diff --git a/HIRS_Utils/src/main/java/hirs/utils/PciIds.java b/HIRS_Utils/src/main/java/hirs/utils/PciIds.java index 63ed3499..b6bfcb87 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/PciIds.java +++ b/HIRS_Utils/src/main/java/hirs/utils/PciIds.java @@ -1,4 +1,73 @@ package hirs.utils; -public class PciIds { +import com.github.marandus.pciid.service.PciIdsDatabase; +import lombok.extern.log4j.Log4j2; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +/** + * Provide Java access to PCI IDs. + */ +@Log4j2 +public final class PciIds { + + /** + * This pci ids file can be in different places on different distributions. + */ + public static final List PCI_IDS_PATH = + Collections.unmodifiableList(new ArrayList<>() { + private static final long serialVersionUID = 1L; + { + add("/usr/share/hwdata/pci.ids"); + add("/usr/share/misc/pci.ids"); + add("/tmp/pci.ids"); + } + }); + + /** + * The PCI IDs Database object. + * + * This only needs to be loaded one time. + * + * The pci ids library protects the data inside the object by making it immutable. + */ + public static final PciIdsDatabase DB = new PciIdsDatabase(); + + static { + if (!DB.isReady()) { + String dbFile = null; + for (final String path : PCI_IDS_PATH) { + if ((new File(path)).exists()) { + log.info("PCI IDs file was found {}", path); + dbFile = path; + break; + } + } + if (dbFile != null) { + InputStream is = null; + try { + is = new FileInputStream(new File(dbFile)); + DB.loadStream(is); + } catch (IOException e) { + // DB will not be ready, hardware IDs will not be translated + dbFile = null; + } finally { + if (is != null) { + try { + is.close(); + } catch (IOException e) { + dbFile = null; + } + } + } + } + } + } + }