ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-03-21 19:45:53 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

This push fixes the dataTable ajax error when navigating to the device

Browse Source 
page. And it incorporates Trust Chain acaCertificate.
This commit is contained in:
Cyrus 2023-07-28 12:49:24 -04:00
parent 1dd3a2fea9
commit 391a4691c5
38 changed files with 909 additions and 584 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CertificateRepository.java
View File

@ -21,8 +21,6 @@ public interface CertificateRepository<T extends Certificate> extends JpaReposit
List<Certificate> findBySubjectSorted(String issuedSort, String dType);
@Query(value = "SELECT * FROM Certificate where DTYPE = ?1", nativeQuery = true)
List<T> findByAll(String dType);
@Query(value = "SELECT * FROM Certificate where device.id = ?1 AND DTYPE = 'PlatformCredential'", nativeQuery = true)
PlatformCredential findByDeviceId(UUID deviceId);
@Query(value = "SELECT * FROM Certificate where serialNumber = ?1 AND DTYPE = ?2", nativeQuery = true)
Certificate findBySerialNumber(BigInteger serialNumber, String dType);
@Query(value = "SELECT * FROM Certificate where platformSerial = ?1 AND DTYPE = 'PlatformCredential'", nativeQuery = true)

6
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/EndorsementCredentialRepository.java
View File

@ -1,6 +1,7 @@
package hirs.attestationca.persist.entity.manager;
import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential;
import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.stereotype.Repository;
@ -12,9 +13,8 @@ import java.util.UUID;
@Repository
public interface EndorsementCredentialRepository extends JpaRepository<EndorsementCredential, UUID> {
@Query(value = "SELECT * FROM Certificate where DTYPE='EndorsementCredential'", nativeQuery = true)
@Override
List<EndorsementCredential> findAll();
@Query(value = "SELECT * FROM Certificate where holderSerialNumber = ?1 AND DTYPE = 'EndorsementCredential'", nativeQuery = true)
EndorsementCredential getEcByHolderSerialNumber(BigInteger holderSerialNumber);
EndorsementCredential findByHolderSerialNumber(BigInteger holderSerialNumber);
List<EndorsementCredential> findByDeviceId(UUID deviceId);
}

1
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/IssuedCertificateRepository.java
View File

@ -14,4 +14,5 @@ public interface IssuedCertificateRepository extends JpaRepository<IssuedAttesta
@Query(value = "SELECT * FROM Certificate where DTYPE='IssuedAttestationCertificate'", nativeQuery = true)
@Override
List<IssuedAttestationCertificate> findAll();
List<IssuedAttestationCertificate> findByDeviceId(UUID deviceId);
}

3
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/PlatformCertificateRepository.java
View File

@ -2,7 +2,6 @@ package hirs.attestationca.persist.entity.manager;
import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.stereotype.Repository;
import java.util.List;
@ -11,7 +10,7 @@ import java.util.UUID;
@Repository
public interface PlatformCertificateRepository extends JpaRepository<PlatformCredential, UUID> {
@Query(value = "SELECT * FROM Certificate where DTYPE='PlatformCredential'", nativeQuery = true)
@Override
List<PlatformCredential> findAll();
List<PlatformCredential> findByDeviceId(UUID deviceId);
}

3
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/SupplyChainValidationRepository.java
View File

@ -4,8 +4,11 @@ import hirs.attestationca.persist.entity.userdefined.SupplyChainValidation;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
import java.util.List;
import java.util.UUID;
@Repository
public interface SupplyChainValidationRepository extends JpaRepository<SupplyChainValidation, UUID> {
List<SupplyChainValidation> findByValidationType(String validateType);
List<SupplyChainValidation> findByValidationResult(String validationResult);
}

1
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/SupplyChainValidationSummaryRepository.java
View File

@ -8,4 +8,5 @@ import java.util.UUID;
@Repository
public interface SupplyChainValidationSummaryRepository extends JpaRepository<SupplyChainValidationSummary, UUID> {
SupplyChainValidationSummary findByDevice(String device);
}

12
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java
View File

@ -1,12 +1,16 @@
package hirs.attestationca.persist.entity.userdefined;
import hirs.attestationca.persist.entity.AbstractEntity;
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
import hirs.attestationca.persist.enums.AppraisalStatus;
import hirs.attestationca.persist.enums.HealthStatus;
import jakarta.persistence.CascadeType;
import jakarta.persistence.Column;
import jakarta.persistence.Entity;
import jakarta.persistence.EnumType;
import jakarta.persistence.Enumerated;
import jakarta.persistence.FetchType;
import jakarta.persistence.OneToOne;
import jakarta.persistence.Table;
import lombok.AccessLevel;
import lombok.AllArgsConstructor;
@ -27,9 +31,9 @@ public class Device extends AbstractEntity {
@Column(name = "name", unique = true)
private String name;
// @OneToOne(cascade = CascadeType.ALL, fetch = FetchType.EAGER,
// optional = true, orphanRemoval = true)
// private DeviceInfoReport deviceInfo;
@OneToOne(cascade = CascadeType.ALL, fetch = FetchType.EAGER,
optional = true, orphanRemoval = true)
private DeviceInfoReport deviceInfo;
@Column
@Enumerated(EnumType.ORDINAL)
@ -57,7 +61,7 @@ public class Device extends AbstractEntity {
public String toString() {
return String.format("Device Name: %s%nStatus: %s%nSummary: %s",
name, healthStatus.getStatus(),
// supplyChainValidationStatus.toString(),
supplyChainValidationStatus.toString(),
summaryId);
}
}

25
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/DeviceAssociatedCertificate.java
View File

@ -1,17 +1,17 @@
package hirs.attestationca.persist.entity.userdefined.certificate;
import hirs.attestationca.persist.entity.userdefined.Certificate;
import hirs.attestationca.persist.entity.userdefined.Device;
import jakarta.persistence.JoinColumn;
import jakarta.persistence.ManyToOne;
import jakarta.persistence.Column;
import jakarta.persistence.MappedSuperclass;
import lombok.AccessLevel;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import org.hibernate.annotations.JdbcTypeCode;
import java.io.IOException;
import java.nio.file.Path;
import java.util.UUID;
/**
* A Certificate that is associated with a single device.
@ -25,14 +25,14 @@ public abstract class DeviceAssociatedCertificate extends Certificate {
// a device can have multiple certs of this type.
@Getter
@Setter
@ManyToOne
@JoinColumn(name = "device_id")
private Device device;
@JdbcTypeCode(java.sql.Types.VARCHAR)
@Column
private UUID deviceId;
/**
* Holds the name of the entity 'DEVICE_ID' field.
*/
protected static final String DEVICE_ID_FIELD = "device.id";
protected static final String DEVICE_ID_FIELD = "device_id";
/**
* Construct a new Certificate by parsing the file at the given path. The given certificate
@ -55,15 +55,4 @@ public abstract class DeviceAssociatedCertificate extends Certificate {
DeviceAssociatedCertificate(final byte[] certificateBytes) throws IOException {
super(certificateBytes);
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append(super.toString());
if (device != null) {
sb.append(String.format("%nDevice -> %s", getDevice().toString()));
}
return sb.toString();
}
}

70
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredential.java
View File

@ -105,73 +105,6 @@ public class EndorsementCredential extends DeviceAssociatedCertificate {
// number of extra bytes potentially present in a cert header.
private static final int EK_CERT_HEADER_BYTE_COUNT = 7;
/**
* This class enables the retrieval of EndorsementCredential by their attributes.
*/
// public static class Selector extends CertificateSelector<EndorsementCredential> {
// /**
// * Construct a new CertificateSelector that will use the given {@link CertificateManager} to
// * retrieve one or many EndorsementCredentials.
// *
// * @param certificateManager the certificate manager to be used to retrieve certificates
// */
// public Selector(final CertificateManager certificateManager) {
// super(certificateManager, EndorsementCredential.class);
// }
//
// /**
// * Specify a manufacturer that certificates must have to be considered as matching.
// * @param manufacturer the manufacturer to query, not empty or null
// * @return this instance (for chaining further calls)
// */
// public Selector byManufacturer(final String manufacturer) {
// setFieldValue(MANUFACTURER_FIELD, manufacturer);
// return this;
// }
//
// /**
// * Specify a model that certificates must have to be considered as matching.
// * @param model the model to query, not empty or null
// * @return this instance (for chaining further calls)
// */
// public Selector byModel(final String model) {
// setFieldValue(MODEL_FIELD, model);
// return this;
// }
//
// /**
// * Specify a version that certificates must have to be considered as matching.
// * @param version the version to query, not empty or null
// * @return this instance (for chaining further calls)
// */
// public Selector byVersion(final String version) {
// setFieldValue(VERSION_FIELD, version);
// return this;
// }
//
// /**
// * Specify a device id that certificates must have to be considered
// * as matching.
// *
// * @param device the device id to query
// * @return this instance (for chaining further calls)
// */
// public Selector byDeviceId(final UUID device) {
// setFieldValue(DEVICE_ID_FIELD, device);
// return this;
// }
// }
//
// /**
// * Get a Selector for use in retrieving EndorsementCredentials.
// *
// * @param certMan the CertificateManager to be used to retrieve persisted certificates
// * @return a EndorsementCredential.Selector instance to use for retrieving certificates
// */
// public static Selector select(final CertificateManager certMan) {
// return new Selector(certMan);
// }
/**
* this field is part of the TCG EC specification, but has not yet been found in
* manufacturer-provided ECs, and is therefore not currently parsed
@ -180,17 +113,14 @@ public class EndorsementCredential extends DeviceAssociatedCertificate {
@Column
private String credentialType = "TCPA Trusted Platform Module Endorsement";
private static final String MANUFACTURER_FIELD = "manufacturer";
@Getter
@Column
private String manufacturer = null;
private static final String MODEL_FIELD = "model";
@Getter
@Column
private String model = null;
private static final String VERSION_FIELD = "version";
@Getter
@Column
private String version = null;

106
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/ComponentInfo.java
View File

@ -8,22 +8,22 @@ import jakarta.persistence.GeneratedValue;
import jakarta.persistence.GenerationType;
import jakarta.persistence.Id;
import jakarta.xml.bind.annotation.XmlElement;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.apache.commons.lang3.StringUtils;
import org.hibernate.annotations.DiscriminatorOptions;
import org.springframework.util.Assert;
import java.io.Serializable;
import java.util.Objects;
/**
* ComponentInfo is a class to hold Hardware component information
* such as manufacturer, model, serial number and version.
*/
@Log4j2
@NoArgsConstructor
@Data
@Entity
@DiscriminatorColumn(name = "componentTypeEnum", discriminatorType = DiscriminatorType.STRING)
@DiscriminatorOptions(force = true)
public class ComponentInfo implements Serializable {
@Id
@ -51,46 +51,6 @@ public class ComponentInfo implements Serializable {
@Column
private String componentClass;
/**
* Get the Component's Manufacturer.
* @return the Component's Manufacturer
*/
public String getComponentManufacturer() {
return componentManufacturer;
}
/**
* Get the Component's Model.
* @return the Component's Model
*/
public String getComponentModel() {
return componentModel;
}
/**
* Get the Component's Serial Number.
* @return the Component's Serial Number
*/
public String getComponentSerial() {
return componentSerial;
}
/**
* Get the Component's Revision.
* @return the Component's Revision
*/
public String getComponentRevision() {
return componentRevision;
}
/**
* Get the Component's Class Registry.
* @return the Component's Class
*/
public String getComponentClass() {
return componentClass;
}
/**
* Constructor.
* @param componentManufacturer Component Manufacturer (must not be null)
@ -102,13 +62,16 @@ public class ComponentInfo implements Serializable {
final String componentModel,
final String componentSerial,
final String componentRevision) {
Assert.state(isComplete(
if (isComplete(
componentManufacturer,
componentModel,
componentSerial,
componentRevision),
"ComponentInfo: manufacturer and/or "
+ "model can not be null");
componentRevision)) {
log.error("ComponentInfo: manufacturer and/or "
+ "model can not be null");
throw new NullPointerException("ComponentInfo: manufacturer and/or "
+ "model can not be null");
}
this.componentManufacturer = componentManufacturer.trim();
this.componentModel = componentModel.trim();
if (componentSerial != null) {
@ -136,13 +99,16 @@ public class ComponentInfo implements Serializable {
final String componentSerial,
final String componentRevision,
final String componentClass) {
Assert.state(isComplete(
if (isComplete(
componentManufacturer,
componentModel,
componentSerial,
componentRevision),
"ComponentInfo: manufacturer and/or "
+ "model can not be null");
componentRevision)) {
log.error("ComponentInfo: manufacturer and/or "
+ "model can not be null");
throw new NullPointerException("ComponentInfo: manufacturer and/or "
+ "model can not be null");
}
this.componentManufacturer = componentManufacturer.trim();
this.componentModel = componentModel.trim();
if (componentSerial != null) {
@ -182,40 +148,4 @@ public class ComponentInfo implements Serializable {
return !(StringUtils.isEmpty(componentManufacturer)
|| StringUtils.isEmpty(componentModel));
}
@Override
public boolean equals(final Object o) {
if (this == o) {
return true;
}
if (o == null || getClass() != o.getClass()) {
return false;
}
ComponentInfo that = (ComponentInfo) o;
return Objects.equals(id, that.id)
&& Objects.equals(componentManufacturer, that.componentManufacturer)
&& Objects.equals(componentModel, that.componentModel)
&& Objects.equals(componentSerial, that.componentSerial)
&& Objects.equals(componentRevision, that.componentRevision)
&& Objects.equals(componentClass, that.componentClass);
}
@Override
public int hashCode() {
return Objects.hash(id, componentManufacturer, componentModel,
componentSerial, componentRevision, componentClass);
}
@Override
public String toString() {
return String.format("ComponentInfo{"
+ "componentManufacturer='%s'"
+ ", componentModel='%s'"
+ ", componentSerial='%s'"
+ ", componentRevision='%s'"
+ ", componentClass='%s'}",
componentManufacturer,
componentModel, componentSerial,
componentRevision, componentClass);
}
}

24
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/FirmwareInfo.java
View File

@ -1,7 +1,7 @@
package hirs.attestationca.persist.entity.userdefined.info;
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
import hirs.utils.StringValidator;
import hirs.utils.enums.DeviceInfoEnums;
import jakarta.persistence.Column;
import jakarta.xml.bind.annotation.XmlElement;
import lombok.EqualsAndHashCode;
@ -13,21 +13,21 @@ import java.io.Serializable;
/**
* Used for representing the firmware info of a device, such as the BIOS information.
*/
@ToString
@EqualsAndHashCode
@Getter
@EqualsAndHashCode
@ToString
public class FirmwareInfo implements Serializable {
@XmlElement
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = false)
private final String biosVendor;
@XmlElement
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = false)
private final String biosVersion;
@XmlElement
@Column(length = DeviceInfoReport.SHORT_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.SHORT_STRING_LENGTH, nullable = false)
private final String biosReleaseDate;
/**
@ -40,21 +40,21 @@ public class FirmwareInfo implements Serializable {
public FirmwareInfo(final String biosVendor, final String biosVersion,
final String biosReleaseDate) {
this.biosVendor = StringValidator.check(biosVendor, "biosVendor")
.notBlank().maxLength(DeviceInfoReport.LONG_STRING_LENGTH).getValue();
.notBlank().maxLength(DeviceInfoEnums.LONG_STRING_LENGTH).getValue();
this.biosVersion = StringValidator.check(biosVersion, "biosVersion")
.notBlank().maxLength(DeviceInfoReport.LONG_STRING_LENGTH).getValue();
.notBlank().maxLength(DeviceInfoEnums.LONG_STRING_LENGTH).getValue();
this.biosReleaseDate = StringValidator.check(biosReleaseDate, "biosReleaseDate")
.notBlank().maxLength(DeviceInfoReport.SHORT_STRING_LENGTH).getValue();
.notBlank().maxLength(DeviceInfoEnums.SHORT_STRING_LENGTH).getValue();
}
/**
* Default constructor, useful for hibernate and marshalling and unmarshalling.
*/
public FirmwareInfo() {
this(DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED);
this(DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED);
}
}

67
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/HardwareInfo.java
View File

@ -1,12 +1,13 @@
package hirs.attestationca.persist.entity.userdefined.info;
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
import hirs.utils.StringValidator;
import hirs.utils.enums.DeviceInfoEnums;
import jakarta.persistence.Column;
import jakarta.persistence.Embeddable;
import jakarta.xml.bind.annotation.XmlElement;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.ToString;
import org.apache.commons.lang3.StringUtils;
import java.io.Serializable;
@ -14,34 +15,35 @@ import java.io.Serializable;
/**
* Used for representing the hardware info of a device.
*/
@ToString
@EqualsAndHashCode
@Getter
@Embeddable
public class HardwareInfo implements Serializable {
@XmlElement
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = false)
private String manufacturer = DeviceInfoReport.NOT_SPECIFIED;
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = false)
private String manufacturer = DeviceInfoEnums.NOT_SPECIFIED;
@XmlElement
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = false)
private String productName = DeviceInfoReport.NOT_SPECIFIED;
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = false)
private String productName = DeviceInfoEnums.NOT_SPECIFIED;
@XmlElement
@Column(length = DeviceInfoReport.MED_STRING_LENGTH, nullable = false)
private String version = DeviceInfoReport.NOT_SPECIFIED;
@Column(length = DeviceInfoEnums.MED_STRING_LENGTH, nullable = false)
private String version = DeviceInfoEnums.NOT_SPECIFIED;
@XmlElement
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = false)
private String systemSerialNumber = DeviceInfoReport.NOT_SPECIFIED;
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = false)
private String systemSerialNumber = DeviceInfoEnums.NOT_SPECIFIED;
@XmlElement
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = false)
private String chassisSerialNumber = DeviceInfoReport.NOT_SPECIFIED;
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = false)
private String chassisSerialNumber = DeviceInfoEnums.NOT_SPECIFIED;
@XmlElement
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = false)
private String baseboardSerialNumber = DeviceInfoReport.NOT_SPECIFIED;
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = false)
private String baseboardSerialNumber = DeviceInfoEnums.NOT_SPECIFIED;
/**
* Constructor used to create a populated firmware info object.
@ -59,38 +61,39 @@ public class HardwareInfo implements Serializable {
final String version,
final String systemSerialNumber,
final String chassisSerialNumber,
final String baseboardSerialNumber) {
final String baseboardSerialNumber
) {
if (!StringUtils.isBlank(manufacturer)) {
this.manufacturer = StringValidator.check(manufacturer, "manufacturer")
.maxLength(DeviceInfoReport.LONG_STRING_LENGTH).getValue();
.maxLength(DeviceInfoEnums.LONG_STRING_LENGTH).getValue();
}
if (!StringUtils.isBlank(productName)) {
this.productName = StringValidator.check(productName, "productName")
.maxLength(DeviceInfoReport.LONG_STRING_LENGTH).getValue();
.maxLength(DeviceInfoEnums.LONG_STRING_LENGTH).getValue();
}
if (!StringUtils.isBlank(version)) {
this.version = StringValidator.check(version, "version")
.maxLength(DeviceInfoReport.MED_STRING_LENGTH).getValue();
.maxLength(DeviceInfoEnums.MED_STRING_LENGTH).getValue();
}
if (!StringUtils.isBlank(systemSerialNumber)) {
this.systemSerialNumber = StringValidator.check(systemSerialNumber,
"systemSerialNumber")
.maxLength(DeviceInfoReport.LONG_STRING_LENGTH).getValue();
.maxLength(DeviceInfoEnums.LONG_STRING_LENGTH).getValue();
}
if (!StringUtils.isBlank(chassisSerialNumber)) {
this.chassisSerialNumber = StringValidator.check(chassisSerialNumber,
"chassisSerialNumber")
.maxLength(DeviceInfoReport.LONG_STRING_LENGTH).getValue();
.maxLength(DeviceInfoEnums.LONG_STRING_LENGTH).getValue();
}
if (!StringUtils.isBlank(baseboardSerialNumber)) {
this.baseboardSerialNumber = StringValidator.check(
baseboardSerialNumber, "baseboardSerialNumber")
.maxLength(DeviceInfoReport.LONG_STRING_LENGTH).getValue();
.maxLength(DeviceInfoEnums.LONG_STRING_LENGTH).getValue();
}
}
@ -99,24 +102,12 @@ public class HardwareInfo implements Serializable {
*/
public HardwareInfo() {
this(
DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED
);
}
@Override
public String toString() {
return "HardwareInfo{"
+ "manufacturer='" + manufacturer + '\''
+ ", productName='" + productName + '\''
+ ", version='" + version + '\''
+ ", systemSerialNumber='" + systemSerialNumber + '\''
+ ", chassisSerialNumber='" + chassisSerialNumber + '\''
+ ", baseboardSerialNumber='" + baseboardSerialNumber + '\''
+ '}';
}
}

34
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/NetworkInfo.java
View File

@ -1,14 +1,12 @@
package hirs.attestationca.persist.entity.userdefined.info;
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
import hirs.utils.enums.DeviceInfoEnums;
import jakarta.persistence.Column;
import jakarta.persistence.Embeddable;
import jakarta.xml.bind.annotation.XmlElement;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.Setter;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import lombok.extern.log4j.Log4j2;
import java.io.Serializable;
import java.net.InetAddress;
@ -17,26 +15,22 @@ import java.net.InetAddress;
* This class is used to represent the network info of a device.
*/
@EqualsAndHashCode
@Log4j2
@Embeddable
public class NetworkInfo implements Serializable {
private static final Logger LOGGER = LogManager
.getLogger(NetworkInfo.class);
private static final int NUM_MAC_ADDRESS_BYTES = 6;
@XmlElement
@Setter
@Getter
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = true)
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = true)
private String hostname;
@XmlElement
// @XmlJavaTypeAdapter(value = InetAddressXmlAdapter.class)
@Setter
@Getter
@Column(length = DeviceInfoReport.SHORT_STRING_LENGTH, nullable = true)
// @Convert(converter = hirs.attestationca.persist.type.InetAddressType.class)
// @XmlJavaTypeAdapter(value = InetAddressXmlAdapter.class)
@Column(length = DeviceInfoEnums.SHORT_STRING_LENGTH, nullable = true)
// @JsonSubTypes.Type(type = "hirs.data.persist.type.InetAddressType")
private InetAddress ipAddress;
@XmlElement
@ -87,13 +81,23 @@ public class NetworkInfo implements Serializable {
}
}
private void setHostname(final String hostname) {
log.debug("setting hostname to: {}", hostname);
this.hostname = hostname;
}
private void setIpAddress(final InetAddress ipAddress) {
log.debug("setting IP address to: {}", ipAddress);
this.ipAddress = ipAddress;
}
private void setMacAddress(final byte[] macAddress) {
StringBuilder sb;
if (macAddress == null) {
sb = null;
} else {
if (macAddress.length != NUM_MAC_ADDRESS_BYTES) {
LOGGER.error(
log.error(
"MAC address is only {} bytes, must be {} bytes or "
+ "null", macAddress.length,
NUM_MAC_ADDRESS_BYTES);
@ -105,7 +109,7 @@ public class NetworkInfo implements Serializable {
sb.append(String.format("%02X ", b));
}
}
LOGGER.debug("setting MAC address to: {}", sb);
log.debug("setting MAC address to: {}", sb);
this.macAddress = macAddress;
}
}

49
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/OSInfo.java
View File

@ -1,15 +1,13 @@
package hirs.attestationca.persist.entity.userdefined.info;
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
import hirs.utils.StringValidator;
import hirs.utils.enums.DeviceInfoEnums;
import jakarta.persistence.Column;
import jakarta.persistence.Embeddable;
import jakarta.xml.bind.annotation.XmlElement;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.ToString;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import lombok.extern.log4j.Log4j2;
import java.io.Serializable;
@ -17,30 +15,29 @@ import java.io.Serializable;
* This class is used to represent the OS info of a device.
*/
@EqualsAndHashCode
@ToString
@Getter
@Log4j2
@Embeddable
public class OSInfo implements Serializable {
private static final Logger LOGGER = LogManager.getLogger(OSInfo.class);
@XmlElement
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = false)
private final String osName;
@XmlElement
@Column(length = DeviceInfoReport.LONG_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.LONG_STRING_LENGTH, nullable = false)
private final String osVersion;
@XmlElement
@Column(length = DeviceInfoReport.SHORT_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.SHORT_STRING_LENGTH, nullable = false)
private final String osArch;
@XmlElement
@Column(length = DeviceInfoReport.SHORT_STRING_LENGTH, nullable = true)
@Column(length = DeviceInfoEnums.SHORT_STRING_LENGTH, nullable = true)
private final String distribution;
@XmlElement
@Column(length = DeviceInfoReport.SHORT_STRING_LENGTH, nullable = true)
@Column(length = DeviceInfoEnums.SHORT_STRING_LENGTH, nullable = true)
private final String distributionRelease;
/**
@ -64,36 +61,36 @@ public class OSInfo implements Serializable {
public OSInfo(final String osName, final String osVersion,
final String osArch, final String distribution,
final String distributionRelease) {
LOGGER.debug("setting OS name information to: {}", osName);
log.debug("setting OS name information to: {}", osName);
this.osName = StringValidator.check(osName, "osName")
.notNull().maxLength(DeviceInfoReport.LONG_STRING_LENGTH).getValue();
.notNull().maxLength(DeviceInfoEnums.LONG_STRING_LENGTH).getValue();
LOGGER.debug("setting OS version information to: {}", osVersion);
log.debug("setting OS version information to: {}", osVersion);
this.osVersion = StringValidator.check(osVersion, "osVersion")
.notNull().maxLength(DeviceInfoReport.LONG_STRING_LENGTH).getValue();
.notNull().maxLength(DeviceInfoEnums.LONG_STRING_LENGTH).getValue();
LOGGER.debug("setting OS arch information to: {}", osArch);
log.debug("setting OS arch information to: {}", osArch);
this.osArch = StringValidator.check(osArch, "osArch")
.notNull().maxLength(DeviceInfoReport.SHORT_STRING_LENGTH).getValue();
.notNull().maxLength(DeviceInfoEnums.SHORT_STRING_LENGTH).getValue();
LOGGER.debug("setting OS distribution information to: {}", distribution);
log.debug("setting OS distribution information to: {}", distribution);
this.distribution = StringValidator.check(distribution, "distribution")
.maxLength(DeviceInfoReport.SHORT_STRING_LENGTH).getValue();
.maxLength(DeviceInfoEnums.SHORT_STRING_LENGTH).getValue();
LOGGER.debug("setting OS distribution release information to: {}",
log.debug("setting OS distribution release information to: {}",
distributionRelease);
this.distributionRelease = StringValidator.check(distributionRelease, "distributionRelease")
.maxLength(DeviceInfoReport.SHORT_STRING_LENGTH).getValue();
.maxLength(DeviceInfoEnums.SHORT_STRING_LENGTH).getValue();
}
/**
* Default constructor necessary for marshalling/unmarshalling XML objects.
*/
public OSInfo() {
this(DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED);
this(DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED);
}
}

106
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/PortalInfo.java Normal file
View File

@ -0,0 +1,106 @@
package hirs.attestationca.persist.entity.userdefined.info;
import hirs.utils.enums.PortalScheme;
import jakarta.persistence.Access;
import jakarta.persistence.AccessType;
import jakarta.persistence.Column;
import jakarta.persistence.Entity;
import jakarta.persistence.GeneratedValue;
import jakarta.persistence.GenerationType;
import jakarta.persistence.Id;
import jakarta.persistence.Table;
import lombok.Getter;
import lombok.NoArgsConstructor;
import java.net.InetAddress;
import java.net.UnknownHostException;
/**
* Store information about the Portal into the database.
*/
@NoArgsConstructor
@Getter
@Entity
@Table(name = "PortalInfo")
@Access(AccessType.FIELD)
public class PortalInfo {
@Id
@Column
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Column(unique = true, nullable = false)
private String name;
@Column
private InetAddress ipAddress;
@Column
private int port = 0;
@Column
private String context;
/**
* Sets the scheme name of the portal.
*
* @param scheme Name of the portal.
*/
public void setSchemeName(final PortalScheme scheme) {
if (scheme == null) {
throw new NullPointerException("Scheme cannot be null");
}
this.name = scheme.name();
}
/**
* Stores the address of the portal.
*
* @param newip address used by the portal.
*/
public void setIpAddress(final InetAddress newip) {
if (newip == null) {
throw new IllegalArgumentException("setIpAddress input was null.");
}
ipAddress = newip;
}
/**
* Resolves, then stores the address of the portal.
*
* @param host host name or address of the portal
* @throws UnknownHostException For problems resolving or storing the host.
*/
public void setIpAddress(final String host) throws UnknownHostException {
ipAddress = InetAddress.getByName(host);
}
/**
* Store the port of the portal.
*
* @param newport port of the portal
*/
public void setPort(final int newport) {
final int upperBound = 65535;
if (newport > 0 && newport <= upperBound) {
port = newport;
} else {
throw new IllegalArgumentException("Failed to store portal port. Provided number was"
+ " outside of valid range (1 - " + upperBound + ")");
}
}
/**
* Sets the context name of the portal.
*
* @param context Context name of portal.
*/
public void setContextName(final String context) {
if (context == null) {
throw new NullPointerException("Context cannot be null");
}
this.context = context;
}
}

33
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/RIMInfo.java
View File

@ -1,34 +1,39 @@
package hirs.attestationca.persist.entity.userdefined.info;
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
import hirs.utils.StringValidator;
import hirs.utils.enums.DeviceInfoEnums;
import jakarta.persistence.Column;
import jakarta.persistence.Embeddable;
import jakarta.xml.bind.annotation.XmlElement;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.ToString;
import java.io.Serializable;
/**
* Store information about the RIM into the database.
*/
@Getter
@EqualsAndHashCode
@ToString
@Embeddable
public class RIMInfo implements Serializable {
@XmlElement
@Column(length = DeviceInfoReport.MED_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.MED_STRING_LENGTH, nullable = false)
private final String rimManufacturer;
@XmlElement
@Column(length = DeviceInfoReport.MED_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.MED_STRING_LENGTH, nullable = false)
private final String model;
@XmlElement
@Column(length = DeviceInfoReport.MED_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.MED_STRING_LENGTH, nullable = false)
private final String fileHash;
@XmlElement
@Column(length = DeviceInfoReport.MED_STRING_LENGTH, nullable = false)
@Column(length = DeviceInfoEnums.MED_STRING_LENGTH, nullable = false)
private final String pcrHash;
/**
@ -41,26 +46,20 @@ public class RIMInfo implements Serializable {
public RIMInfo(final String rimManufacturer, final String model,
final String fileHash, final String pcrHash) {
this.rimManufacturer = StringValidator.check(rimManufacturer, "rimManufacturer")
.notBlank().maxLength(DeviceInfoReport.MED_STRING_LENGTH).getValue();
.notBlank().maxLength(DeviceInfoEnums.MED_STRING_LENGTH).getValue();
this.model = StringValidator.check(model, "model")
.notBlank().maxLength(DeviceInfoReport.MED_STRING_LENGTH).getValue();
.notBlank().maxLength(DeviceInfoEnums.MED_STRING_LENGTH).getValue();
this.fileHash = StringValidator.check(fileHash, "fileHash")
.notBlank().maxLength(DeviceInfoReport.MED_STRING_LENGTH).getValue();
.notBlank().maxLength(DeviceInfoEnums.MED_STRING_LENGTH).getValue();
this.pcrHash = StringValidator.check(pcrHash, "pcrHash")
.notBlank().maxLength(DeviceInfoReport.MED_STRING_LENGTH).getValue();
.notBlank().maxLength(DeviceInfoEnums.MED_STRING_LENGTH).getValue();
}
/**
* Default no parameter constructor.
*/
public RIMInfo() {
this(DeviceInfoReport.NOT_SPECIFIED, DeviceInfoReport.NOT_SPECIFIED,
DeviceInfoReport.NOT_SPECIFIED, DeviceInfoReport.NOT_SPECIFIED);
}
@Override
public String toString() {
return String.format("%s, %s, %s, %s", rimManufacturer, model,
fileHash, pcrHash);
this(DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED);
}
}

55
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfo.java
View File

@ -1,16 +1,18 @@
package hirs.attestationca.persist.entity.userdefined.info;
import com.fasterxml.jackson.annotation.JsonIgnore;
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
import hirs.utils.StringValidator;
import hirs.utils.X509CertificateAdapter;
import hirs.utils.enums.DeviceInfoEnums;
import jakarta.persistence.Column;
import jakarta.persistence.Embeddable;
import jakarta.persistence.Lob;
import jakarta.xml.bind.annotation.XmlElement;
import jakarta.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import lombok.ToString;
import lombok.extern.log4j.Log4j2;
import java.io.Serializable;
import java.security.cert.X509Certificate;
@ -20,13 +22,15 @@ import java.security.cert.X509Certificate;
*/
@Getter
@EqualsAndHashCode
@ToString
@Log4j2
@Embeddable
public class TPMInfo implements Serializable {
private static final Logger LOGGER = LogManager.getLogger(TPMInfo.class);
private static final int MAX_BLOB_SIZE = 55535;
private static final int MAX_BLOB_SIZE = 65535;
@XmlElement
@Column(length = DeviceInfoReport.MED_STRING_LENGTH, nullable = true)
@Column(length = DeviceInfoEnums.MED_STRING_LENGTH, nullable = true)
private String tpmMake;
@XmlElement
@ -46,22 +50,19 @@ public class TPMInfo implements Serializable {
private short tpmVersionRevMinor;
@XmlElement
// @XmlJavaTypeAdapter(X509CertificateAdapter.class)
@XmlJavaTypeAdapter(X509CertificateAdapter.class)
@Lob
// @Type(type = "hirs.attestationca.persist.type.X509CertificateType")
// @Type(type = "hirs.data.persist.type.X509CertificateType")
@JsonIgnore
private X509Certificate identityCertificate;
@Column(nullable = true, length = MAX_BLOB_SIZE)
@Lob
@Column(nullable = true, columnDefinition = "blob")
private byte[] pcrValues;
@Column(nullable = true, length = MAX_BLOB_SIZE)
@Lob
@Column(nullable = true, columnDefinition = "blob")
private byte[] tpmQuoteHash;
@Column(nullable = true, length = MAX_BLOB_SIZE)
@Lob
@Column(nullable = true, columnDefinition = "blob")
private byte[] tpmQuoteSignature;
/**
@ -196,7 +197,7 @@ public class TPMInfo implements Serializable {
* Default constructor used for marshalling/unmarshalling XML objects.
*/
public TPMInfo() {
this(DeviceInfoReport.NOT_SPECIFIED,
this(DeviceInfoEnums.NOT_SPECIFIED,
(short) 0,
(short) 0,
(short) 0,
@ -232,53 +233,53 @@ public class TPMInfo implements Serializable {
}
private void setTPMMake(final String tpmMake) {
LOGGER.debug("setting TPM make info: {}", tpmMake);
log.debug("setting TPM make info: {}", tpmMake);
this.tpmMake = StringValidator.check(tpmMake, "tpmMake")
.notNull().maxLength(DeviceInfoReport.MED_STRING_LENGTH).getValue();
.notNull().maxLength(DeviceInfoEnums.MED_STRING_LENGTH).getValue();
}
private void setTPMVersionMajor(final short tpmVersionMajor) {
if (tpmVersionMajor < 0) {
LOGGER.error("TPM major version number cannot be negative: {}",
log.error("TPM major version number cannot be negative: {}",
tpmVersionMajor);
throw new IllegalArgumentException(
"negative TPM major version number");
}
LOGGER.debug("setting TPM major version number: {}", tpmVersionMajor);
log.debug("setting TPM major version number: {}", tpmVersionMajor);
this.tpmVersionMajor = tpmVersionMajor;
}
private void setTPMVersionMinor(final short tpmVersionMinor) {
if (tpmVersionMinor < 0) {
LOGGER.error("TPM minor version number cannot be negative: {}",
log.error("TPM minor version number cannot be negative: {}",
tpmVersionMinor);
throw new IllegalArgumentException(
"negative TPM minor version number");
}
LOGGER.debug("setting TPM minor version number: {}", tpmVersionMinor);
log.debug("setting TPM minor version number: {}", tpmVersionMinor);
this.tpmVersionMinor = tpmVersionMinor;
}
private void setTPMVersionRevMajor(final short tpmVersionRevMajor) {
if (tpmVersionRevMajor < 0) {
LOGGER.error("TPM major revision number cannot be negative: {}",
log.error("TPM major revision number cannot be negative: {}",
tpmVersionRevMajor);
throw new IllegalArgumentException(
"negative TPM major revision number");
}
LOGGER.debug("setting TPM major revision version number: {}",
log.debug("setting TPM major revision version number: {}",
tpmVersionRevMajor);
this.tpmVersionRevMajor = tpmVersionRevMajor;
}
private void setTPMVersionRevMinor(final short tpmVersionRevMinor) {
if (tpmVersionRevMinor < 0) {
LOGGER.error("TPM minor revision number cannot be negative: {}",
log.error("TPM minor revision number cannot be negative: {}",
tpmVersionRevMinor);
throw new IllegalArgumentException(
"negative TPM minor revision number");
}
LOGGER.debug("setting TPM minor revision version number: {}",
log.debug("setting TPM minor revision version number: {}",
tpmVersionRevMinor);
this.tpmVersionRevMinor = tpmVersionRevMinor;
}
@ -286,10 +287,10 @@ public class TPMInfo implements Serializable {
private void setIdentityCertificate(
final X509Certificate identityCertificate) {
if (identityCertificate == null) {
LOGGER.error("identity certificate cannot be null");
log.error("identity certificate cannot be null");
throw new NullPointerException("identityCertificate");
}
LOGGER.debug("setting identity certificate");
log.debug("setting identity certificate");
this.identityCertificate = identityCertificate;
}

30
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/component/BIOSComponentInfo.java Normal file
View File

@ -0,0 +1,30 @@
package hirs.attestationca.persist.entity.userdefined.info.component;
import hirs.attestationca.persist.entity.userdefined.info.ComponentInfo;
import hirs.utils.enums.ComponentType;
import jakarta.persistence.DiscriminatorValue;
import jakarta.persistence.Entity;
import lombok.NoArgsConstructor;
/**
* Class to hold BIOS/UEFI Component information.
*/
@NoArgsConstructor
@Entity
@DiscriminatorValue(value = ComponentType.Values.BIOS_UEFI)
public class BIOSComponentInfo extends ComponentInfo {
/**
* Constructor.
*
* @param componentManufacturer Component Manufacturer (must not be null)
* @param componentModel Component Model (must not be null)
* @param componentRevision Component Revision or Version (can be null)
*/
public BIOSComponentInfo(final String componentManufacturer,
final String componentModel,
final String componentRevision) {
super(componentManufacturer, componentModel, null,
componentRevision);
}
}

32
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/component/BaseboardComponentInfo.java Normal file
View File

@ -0,0 +1,32 @@
package hirs.attestationca.persist.entity.userdefined.info.component;
import hirs.attestationca.persist.entity.userdefined.info.ComponentInfo;
import hirs.utils.enums.ComponentType;
import jakarta.persistence.DiscriminatorValue;
import jakarta.persistence.Entity;
import lombok.NoArgsConstructor;
/**
* Class to hold information about baseboard components.
*/
@NoArgsConstructor
@Entity
@DiscriminatorValue(value = ComponentType.Values.BASEBOARD)
public class BaseboardComponentInfo extends ComponentInfo {
/**
* Constructor.
*
* @param componentManufacturer Component Manufacturer (must not be null)
* @param componentModel Component Model (must not be null)
* @param componentSerial Component Serial Number (can be null)
* @param componentRevision Component Revision or Version (can be null)
*/
public BaseboardComponentInfo(final String componentManufacturer,
final String componentModel,
final String componentSerial,
final String componentRevision) {
super(componentManufacturer, componentModel, componentSerial,
componentRevision);
}
}

32
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/component/ChassisComponentInfo.java Normal file
View File

@ -0,0 +1,32 @@
package hirs.attestationca.persist.entity.userdefined.info.component;
import hirs.attestationca.persist.entity.userdefined.info.ComponentInfo;
import hirs.utils.enums.ComponentType;
import jakarta.persistence.DiscriminatorValue;
import jakarta.persistence.Entity;
import lombok.NoArgsConstructor;
/**
* Class to hold chassis component information.
*/
@NoArgsConstructor
@Entity
@DiscriminatorValue(value = ComponentType.Values.CHASSIS)
public class ChassisComponentInfo extends ComponentInfo {
/**
* Constructor.
*
* @param componentManufacturer Component Manufacturer (must not be null)
* @param componentModel Component Model (must not be null)
* @param componentSerial Component Serial Number (can be null)
* @param componentRevision Component Revision or Version (can be null)
*/
public ChassisComponentInfo(final String componentManufacturer,
final String componentModel,
final String componentSerial,
final String componentRevision) {
super(componentManufacturer, componentModel,
componentSerial, componentRevision);
}
}

32
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/component/HardDriveComponentInfo.java Normal file
View File

@ -0,0 +1,32 @@
package hirs.attestationca.persist.entity.userdefined.info.component;
import hirs.attestationca.persist.entity.userdefined.info.ComponentInfo;
import hirs.utils.enums.ComponentType;
import jakarta.persistence.DiscriminatorValue;
import jakarta.persistence.Entity;
import lombok.NoArgsConstructor;
/**
* Class to hold hard drive component information.
*/
@NoArgsConstructor
@Entity
@DiscriminatorValue(value = ComponentType.Values.HARD_DRIVE)
public class HardDriveComponentInfo extends ComponentInfo {
/**
* Constructor.
*
* @param componentManufacturer Component Manufacturer (must not be null)
* @param componentModel Component Model (must not be null)
* @param componentSerial Component Serial Number (can be null)
* @param componentRevision Component Revision or Version (can be null)
*/
public HardDriveComponentInfo(final String componentManufacturer,
final String componentModel,
final String componentSerial,
final String componentRevision) {
super(componentManufacturer, componentModel,
componentSerial, componentRevision);
}
}

32
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/component/MemoryComponentInfo.java Normal file
View File

@ -0,0 +1,32 @@
package hirs.attestationca.persist.entity.userdefined.info.component;
import hirs.attestationca.persist.entity.userdefined.info.ComponentInfo;
import hirs.utils.enums.ComponentType;
import jakarta.persistence.DiscriminatorValue;
import jakarta.persistence.Entity;
import lombok.NoArgsConstructor;
/**
* Class to hold memory component information.
*/
@NoArgsConstructor
@Entity
@DiscriminatorValue(value = ComponentType.Values.MEMORY)
public class MemoryComponentInfo extends ComponentInfo {
/**
* Constructor.
*
* @param componentManufacturer Component Manufacturer (must not be null)
* @param componentModel Component Model (must not be null)
* @param componentSerial Component Serial Number (can be null)
* @param componentRevision Component Revision or Version (can be null)
*/
public MemoryComponentInfo(final String componentManufacturer,
final String componentModel,
final String componentSerial,
final String componentRevision) {
super(componentManufacturer, componentModel,
componentSerial, componentRevision);
}
}

32
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/component/NICComponentInfo.java Normal file
View File

@ -0,0 +1,32 @@
package hirs.attestationca.persist.entity.userdefined.info.component;
import hirs.attestationca.persist.entity.userdefined.info.ComponentInfo;
import hirs.utils.enums.ComponentType;
import jakarta.persistence.DiscriminatorValue;
import jakarta.persistence.Entity;
import lombok.NoArgsConstructor;
/**
* Class to hold Network Interface Card (NIC) component information.
*/
@NoArgsConstructor
@Entity
@DiscriminatorValue(value = ComponentType.Values.NIC)
public class NICComponentInfo extends ComponentInfo {
/**
* Constructor.
*
* @param componentManufacturer Component Manufacturer (must not be null)
* @param componentModel Component Model (must not be null)
* @param componentSerial Component Serial Number (can be null)
* @param componentRevision Component Revision or Version (can be null)
*/
public NICComponentInfo(final String componentManufacturer,
final String componentModel,
final String componentSerial,
final String componentRevision) {
super(componentManufacturer, componentModel,
componentSerial, componentRevision);
}
}

32
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/component/ProcessorComponentInfo.java Normal file
View File

@ -0,0 +1,32 @@
package hirs.attestationca.persist.entity.userdefined.info.component;
import hirs.attestationca.persist.entity.userdefined.info.ComponentInfo;
import hirs.utils.enums.ComponentType;
import jakarta.persistence.DiscriminatorValue;
import jakarta.persistence.Entity;
import lombok.NoArgsConstructor;
/**
* Class to hold processor component information.
*/
@NoArgsConstructor
@Entity
@DiscriminatorValue(value = ComponentType.Values.PROCESSOR)
public class ProcessorComponentInfo extends ComponentInfo {
/**
* Constructor.
*
* @param componentManufacturer Component Manufacturer (must not be null)
* @param componentModel Component Model (must not be null)
* @param componentSerial Component Serial Number (can be null)
* @param componentRevision Component Revision or Version (can be null)
*/
public ProcessorComponentInfo(final String componentManufacturer,
final String componentModel,
final String componentSerial,
final String componentRevision) {
super(componentManufacturer, componentModel,
componentSerial, componentRevision);
}
}

123
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/DeviceInfoReport.java
View File

@ -1,82 +1,63 @@
package hirs.attestationca.persist.entity.userdefined.report;
import hirs.attestationca.persist.entity.userdefined.Report;
import hirs.attestationca.persist.entity.AbstractEntity;
import hirs.attestationca.persist.entity.userdefined.info.FirmwareInfo;
import hirs.attestationca.persist.entity.userdefined.info.HardwareInfo;
import hirs.attestationca.persist.entity.userdefined.info.NetworkInfo;
import hirs.attestationca.persist.entity.userdefined.info.OSInfo;
import hirs.attestationca.persist.entity.userdefined.info.TPMInfo;
import hirs.utils.VersionHelper;
import hirs.utils.enums.DeviceInfoEnums;
import jakarta.persistence.Column;
import jakarta.persistence.Embedded;
import jakarta.persistence.Entity;
import jakarta.persistence.Transient;
import jakarta.xml.bind.annotation.XmlElement;
import lombok.Getter;
import lombok.Setter;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import lombok.NoArgsConstructor;
import lombok.extern.log4j.Log4j2;
import java.io.Serializable;
/**
* A <code>DeviceInfoReport</code> is a <code>Report</code> used to transfer the
* information about the device. This <code>Report</code> includes the network,
* OS, and TPM information.
*/
@Log4j2
@Getter
@NoArgsConstructor
@Entity
public class DeviceInfoReport extends Report implements Serializable {
private static final Logger LOGGER = LogManager.getLogger(DeviceInfoReport.class);
/**
* A variable used to describe unavailable hardware, firmware, or OS info.
*/
public static final String NOT_SPECIFIED = "Not Specified";
/**
* Constant variable representing the various Short sized strings.
*/
public static final int SHORT_STRING_LENGTH = 32;
/**
* Constant variable representing the various Medium sized strings.
*/
public static final int MED_STRING_LENGTH = 64;
/**
* Constant variable representing the various Long sized strings.
*/
public static final int LONG_STRING_LENGTH = 255;
public class DeviceInfoReport extends AbstractEntity implements Serializable {
@XmlElement
@Embedded
private NetworkInfo networkInfo;
@XmlElement
@Embedded
private OSInfo osInfo;
@XmlElement
@Embedded
private FirmwareInfo firmwareInfo;
@XmlElement
@Embedded
private HardwareInfo hardwareInfo;
@XmlElement
@Embedded
private TPMInfo tpmInfo;
@Getter
@XmlElement
@Column(nullable = false)
private String clientApplicationVersion;
@Getter
@Setter
@XmlElement
@Transient
private String paccorOutputString;
/**
* Default constructor necessary for marshalling/unmarshalling.
*/
public DeviceInfoReport() {
/* do nothing */
}
/**
* Constructor used to create a <code>DeviceInfoReport</code>. The
* information cannot be changed after the <code>DeviceInfoReport</code> is
@ -160,8 +141,9 @@ public class DeviceInfoReport extends Report implements Serializable {
* without null may be returned, which this interface does not support
*/
if (osInfo == null) {
osInfo = new OSInfo(NOT_SPECIFIED, NOT_SPECIFIED,
NOT_SPECIFIED, NOT_SPECIFIED, NOT_SPECIFIED);
osInfo = new OSInfo(DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED);
}
return osInfo;
}
@ -178,8 +160,8 @@ public class DeviceInfoReport extends Report implements Serializable {
* without null may be returned, which this interface does not support
*/
if (firmwareInfo == null) {
firmwareInfo = new FirmwareInfo(NOT_SPECIFIED,
NOT_SPECIFIED, NOT_SPECIFIED);
firmwareInfo = new FirmwareInfo(DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED);
}
return firmwareInfo;
}
@ -197,63 +179,20 @@ public class DeviceInfoReport extends Report implements Serializable {
*/
if (hardwareInfo == null) {
hardwareInfo = new HardwareInfo(
NOT_SPECIFIED,
NOT_SPECIFIED,
NOT_SPECIFIED,
NOT_SPECIFIED,
NOT_SPECIFIED,
NOT_SPECIFIED
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED,
DeviceInfoEnums.NOT_SPECIFIED
);
}
return hardwareInfo;
}
/**
* Retrieves the TPMInfo for this <code>DeviceInfoReport</code>. TPMInfo may
* be null if a TPM is not available on the device.
*
* @return tpmInfo, may be null if a TPM is not available on the device
*/
public TPMInfo getTPMInfo() {
return tpmInfo;
}
@Override
public String getReportType() {
return this.getClass().getName();
}
/**
* Searches the given set of TPMBaselines for matching device info fields that
* are determined critical to detecting a kernel update.
* @param tpmBaselines Iterable&lt;TPMBaseline&gt; set of TPMBaseline objects.
* @return True, if one of the TPM baselines in the set has the same kernel-specific
* info as this DeviceInfoReport.
*/
public final boolean matchesKernelInfo() { //final Iterable<TpmWhiteListBaseline> tpmBaselines) {
boolean match = false;
// if (tpmBaselines != null) {
// Retrieve the fields which indicate a kernel update
// final OSInfo kernelOSInfo = getOSInfo();
// perform the search
// for (final TpmWhiteListBaseline baseline : tpmBaselines) {
// final OSInfo baselineOSInfo = baseline.getOSInfo();
// if(baselineOSInfo.getOSName().equalsIgnoreCase(kernelOSInfo.getOSName())
// && baselineOSInfo.getOSVersion().equalsIgnoreCase(kernelOSInfo.getOSVersion())) {
// match = true;
// break;
// }
// }
// }
return match;
}
private void setNetworkInfo(NetworkInfo networkInfo) {
if (networkInfo == null) {
LOGGER.error("NetworkInfo cannot be null");
log.error("NetworkInfo cannot be null");
throw new NullPointerException("network info");
}
this.networkInfo = networkInfo;
@ -261,7 +200,7 @@ public class DeviceInfoReport extends Report implements Serializable {
private void setOSInfo(OSInfo osInfo) {
if (osInfo == null) {
LOGGER.error("OSInfo cannot be null");
log.error("OSInfo cannot be null");
throw new NullPointerException("os info");
}
this.osInfo = osInfo;
@ -269,7 +208,7 @@ public class DeviceInfoReport extends Report implements Serializable {
private void setFirmwareInfo(FirmwareInfo firmwareInfo) {
if (firmwareInfo == null) {
LOGGER.error("FirmwareInfo cannot be null");
log.error("FirmwareInfo cannot be null");
throw new NullPointerException("firmware info");
}
this.firmwareInfo = firmwareInfo;
@ -277,7 +216,7 @@ public class DeviceInfoReport extends Report implements Serializable {
private void setHardwareInfo(HardwareInfo hardwareInfo) {
if (hardwareInfo == null) {
LOGGER.error("HardwareInfo cannot be null");
log.error("HardwareInfo cannot be null");
throw new NullPointerException("hardware info");
}
this.hardwareInfo = hardwareInfo;

150
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/PersistenceJPAConfig.java
View File

@ -1,12 +1,16 @@
package hirs.attestationca.portal;
import jakarta.annotation.PostConstruct;
import lombok.extern.log4j.Log4j2;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.springframework.beans.factory.BeanInitializationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.context.annotation.PropertySources;
import org.springframework.core.env.Environment;
import org.springframework.dao.annotation.PersistenceExceptionTranslationPostProcessor;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
@ -23,6 +27,14 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import javax.sql.DataSource;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Properties;
@ -37,21 +49,27 @@ import java.util.Properties;
@Configuration
@EnableWebMvc
@EnableTransactionManagement
@PropertySource({ "classpath:hibernate.properties", "classpath:portal.properties" })
@PropertySources({
@PropertySource(value = "classpath:hibernate.properties"),
// detects if file exists, if not, ignore errors
@PropertySource(value = "file:/etc/hirs/aca/application.properties",
ignoreResourceNotFound = true)
})
@ComponentScan({"hirs.attestationca.portal", "hirs.attestationca.portal.page.controllers", "hirs.attestationca.persist.entity"})
@EnableJpaRepositories(basePackages = "hirs.attestationca.persist.entity.manager")
public class PersistenceJPAConfig implements WebMvcConfigurer {
@Value("${aca.directories.certificates}")
private String certificatesLocation;
// @Value("${aca.directories.certificates}")
// private String certificatesLocation;
@Value("${aca.keyStore.location}")
@Value("${server.ssl.key-store}")
private String keyStoreLocation;
@Value("${aca.keyStore.password:''}")
@Value("${server.ssl.key-store-password:''}")
private String keyStorePassword;
@Value("${aca.keyStore.alias}")
@Value("${server.ssl.key-alias}")
private String keyAlias;
@Autowired
@ -87,12 +105,12 @@ public class PersistenceJPAConfig implements WebMvcConfigurer {
* methods as required. This method is intended to be invoked by the Spring
* application context.
*/
// @PostConstruct
// void initialize() {
// // ensure that Bouncy Castle is registered as a security provider
// Security.addProvider(new BouncyCastleProvider());
//
// // obtain path to ACA configuration
@PostConstruct
void initialize() {
// ensure that Bouncy Castle is registered as a security provider
Security.addProvider(new BouncyCastleProvider());
// obtain path to ACA configuration
// Path certificatesPath = Paths.get(certificatesLocation);
//
// // create base directories if they do not exist
@ -102,76 +120,64 @@ public class PersistenceJPAConfig implements WebMvcConfigurer {
// throw new BeanInitializationException(
// "Encountered error while initializing ACA directories: " + ioEx.getMessage(), ioEx);
// }
//
// // create the ACA key store if it doesn't exist
// create the ACA key store if it doesn't exist
// Path keyStorePath = Paths.get(keyStoreLocation);
//// if (!Files.exists(keyStorePath)) {
//// throw new IllegalStateException(
//// String.format("ACA Key Store not found at %s. Consult the HIRS User "
//// + "Guide for ACA installation instructions.", keyStoreLocation));
//// }
// }
// if (!Files.exists(keyStorePath)) {
// throw new IllegalStateException(
// String.format("ACA Key Store not found at %s. Consult the HIRS User "
// + "Guide for ACA installation instructions.", keyStoreLocation));
// }
}
/**
* @return the {@link X509Certificate} of the ACA
*/
// @Bean
// public X509Certificate acaCertificate() {
// KeyStore keyStore = keyStore();
//
// try {
// X509Certificate acaCertificate = (X509Certificate) keyStore.getCertificate(keyAlias);
//
// // break early if the certificate is not available.
// if (acaCertificate == null) {
// throw new BeanInitializationException(String.format("Certificate with alias "
// + "%s was not in KeyStore %s. Ensure that the KeyStore has the "
// + "specified certificate. ", keyAlias, keyStoreLocation));
// }
//
// return acaCertificate;
// } catch (KeyStoreException ksEx) {
// throw new BeanInitializationException("Encountered error loading ACA certificate "
// + "from key store: " + ksEx.getMessage(), ksEx);
// }
// }
@Bean
public X509Certificate acaCertificate() {
KeyStore keyStore = keyStore();
try {
X509Certificate acaCertificate = (X509Certificate) keyStore.getCertificate(keyAlias);
// break early if the certificate is not available.
if (acaCertificate == null) {
throw new BeanInitializationException(String.format("Certificate with alias "
+ "%s was not in KeyStore %s. Ensure that the KeyStore has the "
+ "specified certificate. ", keyAlias, keyStoreLocation));
}
return acaCertificate;
} catch (KeyStoreException ksEx) {
throw new BeanInitializationException("Encountered error loading ACA certificate "
+ "from key store: " + ksEx.getMessage(), ksEx);
}
}
/**
* @return the {@link java.security.KeyStore} that contains the certificates
* for the ACA.
*/
// @Bean
// public KeyStore keyStore() {
// Path keyStorePath = Paths.get(keyStoreLocation);
//
// // creating empty store
// String storePassword = "storePassword";
// String storeName = "emptyStore.jks";
// String storeType = "jks";
//
// // attempt to open the key store. if that fails, log a meaningful message before failing.
//// try {
//// KeyStore keyStore = KeyStore.getInstance("JKS");
//// keyStore.load(Files.newInputStream(keyStorePath), keyStorePassword.toCharArray());
//
// // empty
// try (FileOutputStream fileOutputStream = new FileOutputStream(storeName)) {
// KeyStore keyStore = KeyStore.getInstance(storeType);
// keyStore.load(null, storePassword.toCharArray());
//// keyStore.setCertificateEntry(keyAlias,);
// keyStore.store(fileOutputStream, storePassword.toCharArray());
//
//
// return keyStore;
// } catch (Exception e) {
// log.error(String.format(
// "Encountered error while loading ACA key store. The most common issue is "
// + "that configured password does not work on the configured key"
// + " store %s.", keyStorePath));
// log.error(String.format("Exception message: %s", e.getMessage()));
// throw new BeanInitializationException(e.getMessage(), e);
// }
// }
@Bean
public KeyStore keyStore() {
Path keyStorePath = Paths.get(keyStoreLocation);
// attempt to open the key store. if that fails, log a meaningful message before failing.
// empty
try {
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(Files.newInputStream(keyStorePath), keyStorePassword.toCharArray());
return keyStore;
} catch (Exception e) {
log.error(String.format(
"Encountered error while loading ACA key store. The most common issue is "
+ "that configured password does not work on the configured key"
+ " store %s.", keyStorePath));
log.error(String.format("Exception message: %s", e.getMessage()));
throw new BeanInitializationException(e.getMessage(), e);
}
}
@Bean
public PlatformTransactionManager transactionManager() {

27
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/CertificatePageController.java
View File

@ -47,6 +47,8 @@ import org.springframework.web.servlet.view.RedirectView;
import java.io.IOException;
import java.lang.ref.Reference;
import java.net.URISyntaxException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@ -94,16 +96,15 @@ public class CertificatePageController extends PageController<NoPageParams> {
* @param endorsementCredentialRepository the endorsement credential manager
* @param issuedCertificateRepository the issued certificate manager
* @param caCredentialRepository the ca credential manager
// * @param acaCertificate the ACA's X509 certificate
* @param acaCertificate the ACA's X509 certificate
*/
@Autowired
public CertificatePageController(final CertificateRepository certificateRepository,
final PlatformCertificateRepository platformCertificateRepository,
final EndorsementCredentialRepository endorsementCredentialRepository,
final IssuedCertificateRepository issuedCertificateRepository,
final CACredentialRepository caCredentialRepository
// final X509Certificate acaCertificate
) {
final CACredentialRepository caCredentialRepository,
final X509Certificate acaCertificate) {
super(Page.TRUST_CHAIN);
this.certificateRepository = certificateRepository;
this.platformCertificateRepository = platformCertificateRepository;
@ -111,14 +112,14 @@ public class CertificatePageController extends PageController<NoPageParams> {
this.issuedCertificateRepository = issuedCertificateRepository;
this.caCredentialRepository = caCredentialRepository;
// try {
certificateAuthorityCredential = null;
// = new CertificateAuthorityCredential(acaCertificate.getEncoded());
// } catch (IOException ioEx) {
// log.error("Failed to read ACA certificate", ioEx);
// } catch (CertificateEncodingException ceEx) {
// log.error("Error getting encoded ACA certificate", ceEx);
// }
try {
certificateAuthorityCredential
= new CertificateAuthorityCredential(acaCertificate.getEncoded());
} catch (IOException ioEx) {
log.error("Failed to read ACA certificate", ioEx);
} catch (CertificateEncodingException ceEx) {
log.error("Error getting encoded ACA certificate", ceEx);
}
}
/**
@ -238,7 +239,7 @@ public class CertificatePageController extends PageController<NoPageParams> {
PlatformCredential pc = (PlatformCredential) records.get(i);
// find the EC using the PC's "holder serial number"
associatedEC = this.endorsementCredentialRepository
.getEcByHolderSerialNumber(pc.getHolderSerialNumber());
.findByHolderSerialNumber(pc.getHolderSerialNumber());
if (associatedEC != null) {
log.debug("EC ID for holder s/n " + pc

172
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java
View File

@ -3,8 +3,15 @@ package hirs.attestationca.portal.page.controllers;
import hirs.attestationca.persist.FilteredRecordsList;
import hirs.attestationca.persist.entity.manager.CertificateRepository;
import hirs.attestationca.persist.entity.manager.DeviceRepository;
import hirs.attestationca.persist.entity.manager.EndorsementCredentialRepository;
import hirs.attestationca.persist.entity.manager.IssuedCertificateRepository;
import hirs.attestationca.persist.entity.manager.PlatformCertificateRepository;
import hirs.attestationca.persist.entity.userdefined.Certificate;
import hirs.attestationca.persist.entity.userdefined.Device;
import hirs.attestationca.persist.entity.userdefined.certificate.DeviceAssociatedCertificate;
import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential;
import hirs.attestationca.persist.entity.userdefined.certificate.IssuedAttestationCertificate;
import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential;
import hirs.attestationca.portal.datatables.DataTableInput;
import hirs.attestationca.portal.datatables.DataTableResponse;
import hirs.attestationca.portal.datatables.OrderedListQueryDataTableAdapter;
@ -18,10 +25,13 @@ import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.UUID;
@ -35,13 +45,22 @@ public class DevicePageController extends PageController<NoPageParams> {
private final DeviceRepository deviceRepository;
private final CertificateRepository certificateRepository;
private final PlatformCertificateRepository platformCertificateRepository;
private final EndorsementCredentialRepository endorsementCredentialRepository;
private final IssuedCertificateRepository issuedCertificateRepository;
@Autowired
public DevicePageController(final DeviceRepository deviceRepository,
final CertificateRepository certificateRepository) {
final CertificateRepository certificateRepository,
final PlatformCertificateRepository platformCertificateRepository,
final EndorsementCredentialRepository endorsementCredentialRepository,
final IssuedCertificateRepository issuedCertificateRepository) {
super(Page.DEVICES);
this.deviceRepository = deviceRepository;
this.certificateRepository = certificateRepository;
this.platformCertificateRepository = platformCertificateRepository;
this.endorsementCredentialRepository = endorsementCredentialRepository;
this.issuedCertificateRepository = issuedCertificateRepository;
}
@Override
@ -50,7 +69,9 @@ public class DevicePageController extends PageController<NoPageParams> {
return getBaseModelAndView();
}
@RequestMapping(value = "/list", produces = MediaType.APPLICATION_JSON_VALUE,
@ResponseBody
@RequestMapping(value = "/list",
produces = MediaType.APPLICATION_JSON_VALUE,
method = RequestMethod.GET)
public DataTableResponse<HashMap<String, Object>> getTableData(
final DataTableInput input) {
@ -60,8 +81,10 @@ public class DevicePageController extends PageController<NoPageParams> {
// get all the devices
FilteredRecordsList<Device> deviceList =
OrderedListQueryDataTableAdapter.getOrderedList(Device.class,
deviceRepository, input, orderColumnName);
OrderedListQueryDataTableAdapter.getOrderedList(
Device.class,
deviceRepository,
input, orderColumnName);
FilteredRecordsList<HashMap<String, Object>> record
= retrieveDevicesAndAssociatedCertificates(deviceList);
@ -79,54 +102,97 @@ public class DevicePageController extends PageController<NoPageParams> {
FilteredRecordsList<HashMap<String, Object>> records = new FilteredRecordsList<>();
// hashmap containing the device-certificate relationship
HashMap<String, Object> deviceCertMap = new HashMap<>();
Device device;
Certificate certificate;
//
// // parse if there is a Device
// if (!deviceList.isEmpty()) {
// // get a list of Certificates that contains the device IDs from the list
// List<Certificate> certificateList = certificateDBManager.getList(
// Certificate.class,
// RowMutationOperations.Restrictions.in("device.id", getDevicesIds(deviceList).toArray()));
//
// // loop all the devices
// for (int i = 0; i < deviceList.size(); i++) {
// // hashmap containing the list of certificates based on the certificate type
// HashMap<String, List<Object>> certificatePropertyMap = new HashMap<>();
//
// device = deviceList.get(i);
// deviceCertMap.put("device", device);
//
// // loop all the certificates and combined the ones that match the ID
// for (int j = 0; j < certificateList.size(); j++) {
// certificate = certificateList.get(j);
//
// // set the certificate if it's the same ID
// if (device.getId().equals(
// ((DeviceAssociatedCertificate) certificate).getDevice().getId())) {
// String certificateId = certificate.getClass().getSimpleName();
// // create a new list for the certificate type if does not exist
// // else add it to the current certificate type list
// List<Object> certificateListFromMap
// = certificatePropertyMap.get(certificateId);
// if (certificateListFromMap != null) {
// certificateListFromMap.add(certificate);
// } else {
// certificatePropertyMap.put(certificateId,
// new ArrayList<>(Collections.singletonList(certificate)));
// }
// }
// }
//
// // add the device-certificate map to the record
// deviceCertMap.putAll(certificatePropertyMap);
// records.add(new HashMap<>(deviceCertMap));
// deviceCertMap.clear();
// }
// }
PlatformCredential certificate;
List<UUID> deviceIdList = getDevicesId(deviceList);
List<PlatformCredential> platformCredentialList = new ArrayList<>();
List<EndorsementCredential> endorsementCredentialList = new ArrayList<>();
List<IssuedAttestationCertificate> issuedCertificateList = new ArrayList<>();
List<Object> certificateListFromMap = new LinkedList<>();
// parse if there is a Device
if (!deviceList.isEmpty()) {
// get a list of Certificates that contains the device IDs from the list
for (UUID id : deviceIdList) {
platformCredentialList.addAll(platformCertificateRepository.findByDeviceId(id));
endorsementCredentialList.addAll(endorsementCredentialRepository.findByDeviceId(id));
issuedCertificateList.addAll(issuedCertificateRepository.findByDeviceId(id));
}
// loop all the devices
for (Device device : deviceList) {
// hashmap containing the list of certificates based on the certificate type
HashMap<String, List<Object>> certificatePropertyMap = new HashMap<>();
deviceCertMap.put("device", device);
String deviceName;
// loop all the certificates and combined the ones that match the ID
for (PlatformCredential pc : platformCredentialList) {
deviceName = deviceRepository.findById(pc.getDeviceId()).get().getName();
// set the certificate if it's the same ID
if (device.getName().equals(deviceName)) {
String certificateId = PlatformCredential.class.getSimpleName();
// create a new list for the certificate type if does not exist
// else add it to the current certificate type list
certificateListFromMap
= certificatePropertyMap.get(certificateId);
if (certificateListFromMap != null) {
certificateListFromMap.add(pc);
} else {
certificatePropertyMap.put(certificateId,
new ArrayList<>(Collections.singletonList(pc)));
}
}
}
for (EndorsementCredential ec : endorsementCredentialList) {
deviceName = deviceRepository.findById(ec.getDeviceId()).get().getName();
// set the certificate if it's the same ID
if (device.getName().equals(deviceName)) {
String certificateId = EndorsementCredential.class.getSimpleName();
// create a new list for the certificate type if does not exist
// else add it to the current certificate type list
certificateListFromMap
= certificatePropertyMap.get(certificateId);
if (certificateListFromMap != null) {
certificateListFromMap.add(ec);
} else {
certificatePropertyMap.put(certificateId,
new ArrayList<>(Collections.singletonList(ec)));
}
}
}
for (IssuedAttestationCertificate ic : issuedCertificateList) {
deviceName = deviceRepository.findById(ic.getDeviceId()).get().getName();
// set the certificate if it's the same ID
if (device.getName().equals(deviceName)) {
String certificateId = IssuedAttestationCertificate.class.getSimpleName();
// create a new list for the certificate type if does not exist
// else add it to the current certificate type list
certificateListFromMap
= certificatePropertyMap.get(certificateId);
if (certificateListFromMap != null) {
certificateListFromMap.add(ic);
} else {
certificatePropertyMap.put(certificateId,
new ArrayList<>(Collections.singletonList(ic)));
}
}
}
// add the device-certificate map to the record
deviceCertMap.putAll(certificatePropertyMap);
records.add(new HashMap<>(deviceCertMap));
deviceCertMap.clear();
}
}
// set pagination values
// records.setRecordsTotal(deviceList.getRecordsTotal());
// records.setRecordsFiltered(deviceList.getRecordsFiltered());
records.setRecordsTotal(deviceList.getRecordsTotal());
records.setRecordsFiltered(deviceList.getRecordsFiltered());
return records;
}
@ -135,8 +201,8 @@ public class DevicePageController extends PageController<NoPageParams> {
* @param deviceList list containing the devices
* @return a list of the devices IDs
*/
private List<UUID> getDevicesIds(final FilteredRecordsList<Device> deviceList) {
List<UUID> deviceIds = new ArrayList<UUID>();
private List<UUID> getDevicesId(final FilteredRecordsList<Device> deviceList) {
List<UUID> deviceIds = new ArrayList<>();
// loop all the devices
for (int i = 0; i < deviceList.size(); i++) {

1
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java
View File

@ -110,7 +110,6 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
* @return the data tables response, including the result set and paging
* information
*/
@ResponseBody
@RequestMapping(value = "/list",
produces = MediaType.APPLICATION_JSON_VALUE,
method = RequestMethod.GET)

19
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
View File

@ -6,8 +6,10 @@ import hirs.attestationca.persist.CriteriaModifier;
import hirs.attestationca.persist.FilteredRecordsList;
import hirs.attestationca.persist.entity.manager.CertificateRepository;
import hirs.attestationca.persist.entity.manager.DeviceRepository;
import hirs.attestationca.persist.entity.manager.PlatformCertificateRepository;
import hirs.attestationca.persist.entity.manager.SupplyChainValidationSummaryRepository;
import hirs.attestationca.persist.entity.userdefined.Certificate;
import hirs.attestationca.persist.entity.userdefined.Device;
import hirs.attestationca.persist.entity.userdefined.SupplyChainValidationSummary;
import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential;
import hirs.attestationca.persist.entity.userdefined.certificate.attributes.ComponentIdentifier;
@ -62,6 +64,7 @@ public class ValidationReportsPageController extends PageController<NoPageParams
private final SupplyChainValidationSummaryRepository supplyChainValidatorSummaryRepository;
private final CertificateRepository certificateRepository;
private final DeviceRepository deviceRepository;
private final PlatformCertificateRepository platformCertificateRepository;
@Autowired(required = false)
private EntityManager entityManager;
@ -78,16 +81,19 @@ public class ValidationReportsPageController extends PageController<NoPageParams
* @param supplyChainValidatorSummaryRepository the manager
* @param certificateRepository the certificate manager
* @param deviceRepository the device manager
* @param platformCertificateRepository the platform certificate manager
*/
@Autowired
public ValidationReportsPageController(
final SupplyChainValidationSummaryRepository supplyChainValidatorSummaryRepository,
final CertificateRepository certificateRepository,
final DeviceRepository deviceRepository) {
final DeviceRepository deviceRepository,
final PlatformCertificateRepository platformCertificateRepository) {
super(Page.VALIDATION_REPORTS);
this.supplyChainValidatorSummaryRepository = supplyChainValidatorSummaryRepository;
this.certificateRepository = certificateRepository;
this.deviceRepository = deviceRepository;
this.platformCertificateRepository = platformCertificateRepository;
}
/**
@ -281,8 +287,8 @@ public class ValidationReportsPageController extends PageController<NoPageParams
if ((createTimes.get(i).isAfter(startDate) || createTimes.get(i).isEqual(startDate))
&& (createTimes.get(i).isBefore(endDate)
|| createTimes.get(i).isEqual(endDate))) {
UUID deviceId = deviceRepository.findByName(deviceNames[i]).getId();
PlatformCredential pc = certificateRepository.findByDeviceId(deviceId);
Device device = deviceRepository.findByName(deviceNames[i]);
PlatformCredential pc = platformCertificateRepository.findByDeviceId(device.getId()).get(0);
if (jsonVersion) {
jsonReportData.add(assembleJsonContent(pc, parseComponents(pc),
company, contractNumber));
@ -304,7 +310,7 @@ public class ValidationReportsPageController extends PageController<NoPageParams
+ pc.getModel() + ","
+ pc.getPlatformSerial() + ","
+ LocalDateTime.now().toString() + ","
+ pc.getDevice().getSupplyChainValidationStatus() + ",");
+ device.getSupplyChainValidationStatus() + ",");
}
if (!systemOnly) {
ArrayList<ArrayList<String>> parsedComponents = parseComponents(pc);
@ -353,6 +359,8 @@ public class ValidationReportsPageController extends PageController<NoPageParams
final String company,
final String contractNumber) {
JsonObject systemData = new JsonObject();
String deviceName = deviceRepository.findById((pc)
.getDeviceId()).get().getName();
systemData.addProperty("Company", company);
systemData.addProperty("Contract number", contractNumber);
@ -360,7 +368,8 @@ public class ValidationReportsPageController extends PageController<NoPageParams
systemData.addProperty("Model", pc.getModel());
systemData.addProperty("SN", pc.getPlatformSerial());
systemData.addProperty("Verification Date", LocalDateTime.now().toString());
systemData.addProperty("Device Status", pc.getDevice().getSupplyChainValidationStatus().toString());
systemData.addProperty("Device Status", deviceRepository.findByName(deviceName)
.getSupplyChainValidationStatus().toString());
JsonArray components = new JsonArray();
for (ArrayList<String> componentData : parsedComponents) {

7
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/SupplyChainCredentialValidator.java
View File

@ -15,6 +15,7 @@ import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
import hirs.attestationca.persist.enums.AppraisalStatus;
import hirs.attestationca.persist.validation.CredentialValidator;
import hirs.attestationca.persist.validation.SupplyChainValidatorException;
import hirs.utils.enums.DeviceInfoEnums;
import lombok.NoArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.apache.commons.codec.digest.DigestUtils;
@ -362,7 +363,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
Map<String, String> deviceInfoSerialNumbers = new HashMap<>();
if (StringUtils.isEmpty(deviceBaseboardSerialNumber)
|| DeviceInfoReport.NOT_SPECIFIED.equalsIgnoreCase(deviceBaseboardSerialNumber)) {
|| DeviceInfoEnums.NOT_SPECIFIED.equalsIgnoreCase(deviceBaseboardSerialNumber)) {
log.error("Failed to retrieve device baseboard serial number");
deviceBaseboardSerialNumber = null;
} else {
@ -372,7 +373,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
}
if (StringUtils.isEmpty(deviceChassisSerialNumber)
|| DeviceInfoReport.NOT_SPECIFIED.equalsIgnoreCase(deviceChassisSerialNumber)) {
|| DeviceInfoEnums.NOT_SPECIFIED.equalsIgnoreCase(deviceChassisSerialNumber)) {
log.error("Failed to retrieve device chassis serial number");
} else {
deviceInfoSerialNumbers.put("chassis serial number", deviceChassisSerialNumber);
@ -380,7 +381,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
+ deviceChassisSerialNumber);
}
if (StringUtils.isEmpty(deviceSystemSerialNumber)
|| DeviceInfoReport.NOT_SPECIFIED.equalsIgnoreCase(deviceSystemSerialNumber)) {
|| DeviceInfoEnums.NOT_SPECIFIED.equalsIgnoreCase(deviceSystemSerialNumber)) {
log.error("Failed to retrieve device system serial number");
} else {
deviceInfoSerialNumbers.put("system serial number", deviceSystemSerialNumber);

2
HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/devices.jsp
View File

@ -50,7 +50,7 @@
searchable:false,
render: function(data, type, full, meta) {
var html = '';
switch(full.device.supplyChainStatus){
switch(full.device.supplyChainValidationStatus){
case "PASS":
html= '<img src="${passIcon}" title="${passText}">';
break;

26
HIRS_Utils/src/main/java/hirs/utils/X509CertificateAdapter.java Normal file
View File

@ -0,0 +1,26 @@
package hirs.utils;
import jakarta.xml.bind.annotation.adapters.XmlAdapter;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
/**
* Class used to help with marshalling and unmarshalling TPMInfo objects.
*/
public class X509CertificateAdapter extends XmlAdapter<byte[], X509Certificate> {
@Override
public final byte[] marshal(final X509Certificate arg0) throws Exception {
return arg0.getEncoded();
}
@Override
public final X509Certificate unmarshal(final byte[] arg0) throws Exception {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream inStream = new ByteArrayInputStream(arg0);
return (X509Certificate) cf.generateCertificate(inStream);
}
}

13
HIRS_Utils/src/main/java/hirs/utils/digest/Digest.java
View File

@ -7,6 +7,7 @@ import jakarta.persistence.Embeddable;
import jakarta.persistence.EnumType;
import jakarta.persistence.Enumerated;
import jakarta.xml.bind.annotation.XmlElement;
import lombok.Getter;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
@ -61,6 +62,7 @@ public final class Digest extends AbstractDigest {
@XmlElement
@Column(nullable = false)
@Enumerated(EnumType.ORDINAL)
@Getter
private final DigestAlgorithm algorithm;
/**
@ -93,17 +95,6 @@ public final class Digest extends AbstractDigest {
this.digest = null;
}
/**
* Retrieves the <code>DigestAlgorithm</code> that identifies which hash
* function generated the digest.
*
* @return digest algorithm
*/
@Override
public DigestAlgorithm getAlgorithm() {
return this.algorithm;
}
/**
* Retrieves the digest.
*

13
HIRS_Utils/src/main/java/hirs/utils/digest/OptionalDigest.java
View File

@ -7,6 +7,7 @@ import jakarta.persistence.Embeddable;
import jakarta.persistence.EnumType;
import jakarta.persistence.Enumerated;
import jakarta.xml.bind.annotation.XmlElement;
import lombok.Getter;
import java.util.Arrays;
@ -29,6 +30,7 @@ public final class OptionalDigest extends AbstractDigest {
@XmlElement
@Column(nullable = true)
@Enumerated(EnumType.ORDINAL)
@Getter
private final DigestAlgorithm algorithm;
/**
@ -53,17 +55,6 @@ public final class OptionalDigest extends AbstractDigest {
this.digest = null;
}
/**
* Returns the <code>DigestAlgorithm</code> that identifies which hash
* function generated the digest.
*
* @return digest algorithm
*/
@Override
public DigestAlgorithm getAlgorithm() {
return algorithm;
}
/**
* Returns the digest.
*

85
HIRS_Utils/src/main/java/hirs/utils/enums/ComponentType.java Normal file
View File

@ -0,0 +1,85 @@
package hirs.utils.enums;
public enum ComponentType {
/**
* Baseboard.
*/
BASEBOARD(Values.BASEBOARD),
/**
* BIOS or UEFI.
*/
BIOS_UEFI(Values.BIOS_UEFI),
/**
* Chassis.
*/
CHASSIS(Values.CHASSIS),
/**
* Hard Drive.
*/
HARD_DRIVE(Values.HARD_DRIVE),
/**
* Memory.
*/
MEMORY(Values.MEMORY),
/**
* Network Interface Card.
*/
NIC(Values.NIC),
/**
* Processor.
*/
PROCESSOR(Values.PROCESSOR);
/**
* Constructor.
*
* @param val string value
*/
ComponentType(final String val) {
if (!this.name().equals(val)) {
throw new IllegalArgumentException("Incorrect use of ComponentType");
}
}
/**
* String values for use in {@link ComponentType}.
*/
public static class Values {
/**
* Baseboard.
*/
public static final String BASEBOARD = "BASEBOARD";
/**
* BIOS or UEFI.
*/
public static final String BIOS_UEFI = "BIOS_UEFI";
/**
* Chassis.
*/
public static final String CHASSIS = "CHASSIS";
/**
* Hard Drive.
*/
public static final String HARD_DRIVE = "HARD_DRIVE";
/**
* Memory.
*/
public static final String MEMORY = "MEMORY";
/**
* Network Interface Card.
*/
public static final String NIC = "NIC";
/**
* Processor.
*/
public static final String PROCESSOR = "PROCESSOR";
}
}

20
HIRS_Utils/src/main/java/hirs/utils/enums/DeviceInfoEnums.java Normal file
View File

@ -0,0 +1,20 @@
package hirs.utils.enums;
public final class DeviceInfoEnums {
/**
* A variable used to describe unavailable hardware, firmware, or OS info.
*/
public static final String NOT_SPECIFIED = "Not Specified";
/**
* Constant variable representing the various Short sized strings.
*/
public static final int SHORT_STRING_LENGTH = 32;
/**
* Constant variable representing the various Medium sized strings.
*/
public static final int MED_STRING_LENGTH = 64;
/**
* Constant variable representing the various Long sized strings.
*/
public static final int LONG_STRING_LENGTH = 255;
}

16
HIRS_Utils/src/main/java/hirs/utils/enums/PortalScheme.java Normal file
View File

@ -0,0 +1,16 @@
package hirs.utils.enums;
/**
* Schemes used by the HIRS Portal.
*/
public enum PortalScheme {
/**
* HTTP.
*/
HTTP,
/**
* HTTPS.
*/
HTTPS;
}