[#106] Platform Configuration v2 (#112)

* These changes are the beginning stage for spec 2 changes to the platform configuration section of the attributes platform certificate. * Updated typos and corrected check style errors. * Updating Platform Credential Unit test from #24 * Added unit test resource
2025-04-14 14:36:51 +00:00 · 2019-03-25 11:13:09 -04:00 · 2019-03-25 11:13:09 -04:00 · 3ae32b6777
commit 3ae32b6777
parent c83b3c2de5
6 changed files with 282 additions and 71 deletions
--- a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/PlatformCredential.java
+++ b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/PlatformCredential.java
@ -2,6 +2,8 @@ package hirs.data.persist.certificate;

 import hirs.data.persist.certificate.attributes.ComponentIdentifier;
 import hirs.data.persist.certificate.attributes.PlatformConfiguration;
+import hirs.data.persist.certificate.attributes.PlatformConfigurationV1;
+import hirs.data.persist.certificate.attributes.PlatformConfigurationV2;
 import hirs.data.persist.certificate.attributes.TBBSecurityAssertion;
 import hirs.data.persist.certificate.attributes.URIReference;
 import hirs.persist.CertificateManager;
@ -68,8 +70,8 @@ public class PlatformCredential extends DeviceAssociatedCertificate {

    //OID for Certificate Attributes
    private static final String TCG_PLATFORM_SPECIFICATION = "2.23.133.2.17";
-    private static final String TPM_SECURITU_ASSERTION = "2.23.133.2.18";
-    private static final String TBB_SECURITU_ASSERTION = "2.23.133.2.19";
+    private static final String TPM_SECURITY_ASSERTION = "2.23.133.2.18";
+    private static final String TBB_SECURITY_ASSERTION = "2.23.133.2.19";
    private static final String TCG_CREDENTIAL_SPECIFICATION = "2.23.133.2.23";
    private static final String PLATFORM_CONFIGURATION_URI = "2.23.133.5.1.3";
    private static final String PLATFORM_CONFIGURATION = "2.23.133.5.1.7.1";
@ -626,7 +628,7 @@ public class PlatformCredential extends DeviceAssociatedCertificate {
                        = ASN1Sequence.getInstance(attr.getAttrValues().getObjectAt(0));
            //Parse sequence based on the attribute OID
            switch (attr.getAttrType().getId()) {
-                case TBB_SECURITU_ASSERTION:
+                case TBB_SECURITY_ASSERTION:
                    attributes.put("tbbSecurityAssertion",
                            new TBBSecurityAssertion(attributeSequence));
                    break;
@ -635,15 +637,18 @@ public class PlatformCredential extends DeviceAssociatedCertificate {
                            new URIReference(attributeSequence));
                    break;
                case PLATFORM_CONFIGURATION:
+                    attributes.put("platformConfiguration",
+                            new PlatformConfigurationV1(attributeSequence));
+                    break;
                case PLATFORM_CONFIGURATION_V2:
                    attributes.put("platformConfiguration",
-                            new PlatformConfiguration(attributeSequence));
+                            new PlatformConfigurationV2(attributeSequence));
                    break;
                case TCG_PLATFORM_SPECIFICATION:
                case TCG_CREDENTIAL_SPECIFICATION:
                    break;
                default:
-                    //No class deffined for this attribute
+                    //No class defined for this attribute
                    LOGGER.warn("No class defined for attribute with OID: "
                            + attr.getAttrType().getId());
                    break;
--- a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/PlatformConfiguration.java
+++ b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/PlatformConfiguration.java
@ -4,27 +4,15 @@ import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.stream.Collectors;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;

 /**
- * Basic class that handle Platform Configuration for the Platform Certificate
- * Attribute.
- * <pre>
- * PlatformConfiguration ::= SEQUENCE {
- *      componentIdentifier [0] IMPLICIT SEQUENCE(SIZE(1..CONFIGMAX)) OF
- *           ComponentIdentifier OPTIONAL,
- *      platformProperties [1] IMPLICIT SEQUENCE(SIZE(1..CONFIGMAX)) OF Properties OPTIONAL,
- *      platformPropertiesUri [2] IMPLICIT URIReference OPTIONAL }
- * </pre>
+ * Abstract class that provides base info for Platform Configuration of
+ * the Platform Certificate Attribute.
 */
-public class PlatformConfiguration {
-
-    private static final int COMPONENT_IDENTIFIER = 0;
-    private static final int PLATFORM_PROPERTIES = 1;
-    private static final int PLATFORM_PROPERTIES_URI = 2;
+public abstract class PlatformConfiguration {

    private List<ComponentIdentifier> componentIdentifier;
+    private URIReference componentIdentifierUri;
    private List<PlatformProperty> platformProperties;
    private URIReference platformPropertiesUri;

@ -33,6 +21,7 @@ public class PlatformConfiguration {
     */
    public PlatformConfiguration() {
        this.componentIdentifier = new ArrayList<>();
+        this.componentIdentifierUri = null;
        this.platformProperties = new ArrayList<>();
        this.platformPropertiesUri = null;
    }
@ -55,65 +44,45 @@ public class PlatformConfiguration {
    }

    /**
-     * Constructor given the SEQUENCE that contains Platform Configuration.
-     * @param sequence containing the the Platform Configuration.
-     * @throws IllegalArgumentException if there was an error on the parsing
+     * Constructor given the Platform Configuration values for V2 configuration.
+     *
+     * @param componentIdentifier list containing all the components inside the
+     *          Platform Configuration.
+     * @param componentIdentifierUri object containing the URI Reference
+     * @param platformProperties list containing all the properties inside the
+     *          Platform Configuration.
+     * @param platformPropertiesUri object containing the URI Reference
     */
-    public PlatformConfiguration(final ASN1Sequence sequence) throws IllegalArgumentException {
-
-        //Default values
-        this.componentIdentifier = new ArrayList<>();
-        this.platformProperties = new ArrayList<>();
-        this.platformPropertiesUri = null;
-
-        for (int i = 0; i < sequence.size(); i++) {
-            ASN1TaggedObject taggedSequence
-                        = ASN1TaggedObject.getInstance(sequence.getObjectAt(i));
-            //Set information based on the set tagged
-            switch (taggedSequence.getTagNo()) {
-                case COMPONENT_IDENTIFIER:
-                    //Get componentIdentifier
-                    ASN1Sequence componentConfiguration
-                            = ASN1Sequence.getInstance(taggedSequence, false);
-
-                    //Get and set all the component values
-                    for (int j = 0; j < componentConfiguration.size(); j++) {
-                        //DERSequence with the components
-                        ASN1Sequence component
-                                = ASN1Sequence.getInstance(componentConfiguration.getObjectAt(j));
-                        this.componentIdentifier.add(new ComponentIdentifier(component));
-                    }
-                    break;
-                case PLATFORM_PROPERTIES:
-                    //Get platformProperties
-                    ASN1Sequence properties = ASN1Sequence.getInstance(taggedSequence, false);
-
-                    //Get and set all the properties values
-                    for (int j = 0; j < properties.size(); j++) {
-                        //DERSequence with the components
-                        ASN1Sequence property = ASN1Sequence.getInstance(properties.getObjectAt(j));
-                        this.platformProperties.add(new PlatformProperty(property));
-                    }
-                    break;
-                case PLATFORM_PROPERTIES_URI:
-                    //Get platformPropertiesURI
-                    ASN1Sequence propertiesUri = ASN1Sequence.getInstance(taggedSequence, false);
-                    //Save properties URI
-                    this.platformPropertiesUri = new URIReference(propertiesUri);
-                    break;
-                default:
-                    break;
-            }
-        }
+    public PlatformConfiguration(final List<ComponentIdentifier> componentIdentifier,
+                        final URIReference componentIdentifierUri,
+                        final List<PlatformProperty> platformProperties,
+                        final URIReference platformPropertiesUri) {
+        this.componentIdentifier = componentIdentifier;
+        this.componentIdentifierUri = componentIdentifierUri;
+        this.platformProperties = platformProperties;
+        this.platformPropertiesUri = platformPropertiesUri;
    }

-       /**
+    /**
     * @return the componentIdentifier
     */
    public List<ComponentIdentifier> getComponentIdentifier() {
        return Collections.unmodifiableList(componentIdentifier);
    }

+    /**
+     * Add function for the component identifier array.
+     * @param componentIdentifier object to add
+     * @return status of the add, if successful or not
+     */
+    protected boolean add(final ComponentIdentifier componentIdentifier) {
+        if (this.componentIdentifier != null) {
+            return this.componentIdentifier.add(componentIdentifier);
+        }
+
+        return false;
+    }
+
    /**
     * @param componentIdentifier the componentIdentifier to set
     */
@ -121,6 +90,20 @@ public class PlatformConfiguration {
        this.componentIdentifier = componentIdentifier;
    }

+    /**
+     * @return the componentIdentifierUri
+     */
+    public URIReference getComponentIdentifierUri() {
+        return componentIdentifierUri;
+    }
+
+    /**
+     * @param componentIdentifierUri the componentIdentifierUri to set
+     */
+    public void setComponentIdentifierUri(final URIReference componentIdentifierUri) {
+        this.componentIdentifierUri = componentIdentifierUri;
+    }
+
    /**
     * @return the platformProperties
     */
@ -128,6 +111,19 @@ public class PlatformConfiguration {
        return Collections.unmodifiableList(platformProperties);
    }

+    /**
+     * Add function for the platform property array.
+     * @param platformProperty property object to add
+     * @return status of the add, if successful or not
+     */
+    protected boolean add(final PlatformProperty platformProperty) {
+        if (this.platformProperties != null) {
+            return this.platformProperties.add(platformProperty);
+        }
+
+        return false;
+    }
+
    /**
     * @param platformProperties the platformProperties to set
     */
--- a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/PlatformConfigurationV1.java
+++ b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/PlatformConfigurationV1.java
@ -0,0 +1,76 @@
+package hirs.data.persist.certificate.attributes;
+
+import java.util.ArrayList;
+import org.bouncycastle.asn1.ASN1Sequence;
+import org.bouncycastle.asn1.ASN1TaggedObject;
+
+/**
+ * Basic class that handle Platform Configuration for the Platform Certificate
+ * Attribute.
+ * <pre>
+ * PlatformConfiguration ::= SEQUENCE {
+ *      componentIdentifier [0] IMPLICIT SEQUENCE(SIZE(1..CONFIGMAX)) OF
+ *           ComponentIdentifier OPTIONAL,
+ *      platformProperties [1] IMPLICIT SEQUENCE(SIZE(1..CONFIGMAX)) OF Properties OPTIONAL,
+ *      platformPropertiesUri [2] IMPLICIT URIReference OPTIONAL }
+ * </pre>
+ */
+public class PlatformConfigurationV1 extends PlatformConfiguration {
+
+    private static final int COMPONENT_IDENTIFIER = 0;
+    private static final int PLATFORM_PROPERTIES = 1;
+    private static final int PLATFORM_PROPERTIES_URI = 2;
+
+    /**
+     * Constructor given the SEQUENCE that contains Platform Configuration.
+     * @param sequence containing the the Platform Configuration.
+     * @throws IllegalArgumentException if there was an error on the parsing
+     */
+    public PlatformConfigurationV1(final ASN1Sequence sequence) throws IllegalArgumentException {
+
+        //Default values
+        setComponentIdentifier(new ArrayList<>());
+        setPlatformProperties(new ArrayList<>());
+        setPlatformPropertiesUri(null);
+
+        for (int i = 0; i < sequence.size(); i++) {
+            ASN1TaggedObject taggedSequence
+                        = ASN1TaggedObject.getInstance(sequence.getObjectAt(i));
+            //Set information based on the set tagged
+            switch (taggedSequence.getTagNo()) {
+                case COMPONENT_IDENTIFIER:
+                    //Get componentIdentifier
+                    ASN1Sequence componentConfiguration
+                            = ASN1Sequence.getInstance(taggedSequence, false);
+
+                    //Get and set all the component values
+                    for (int j = 0; j < componentConfiguration.size(); j++) {
+                        //DERSequence with the components
+                        ASN1Sequence component
+                                = ASN1Sequence.getInstance(componentConfiguration.getObjectAt(j));
+                        add(new ComponentIdentifier(component));
+                    }
+                    break;
+                case PLATFORM_PROPERTIES:
+                    //Get platformProperties
+                    ASN1Sequence properties = ASN1Sequence.getInstance(taggedSequence, false);
+
+                    //Get and set all the properties values
+                    for (int j = 0; j < properties.size(); j++) {
+                        //DERSequence with the components
+                        ASN1Sequence property = ASN1Sequence.getInstance(properties.getObjectAt(j));
+                        add(new PlatformProperty(property));
+                    }
+                    break;
+                case PLATFORM_PROPERTIES_URI:
+                    //Get platformPropertiesURI
+                    ASN1Sequence propertiesUri = ASN1Sequence.getInstance(taggedSequence, false);
+                    //Save properties URI
+                    setPlatformPropertiesUri(new URIReference(propertiesUri));
+                    break;
+                default:
+                    break;
+            }
+        }
+    }
+}
--- a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/PlatformConfigurationV2.java
+++ b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/PlatformConfigurationV2.java
@ -0,0 +1,85 @@
+package hirs.data.persist.certificate.attributes;
+
+import java.util.ArrayList;
+import org.bouncycastle.asn1.ASN1Sequence;
+import org.bouncycastle.asn1.ASN1TaggedObject;
+
+/**
+ * Basic class that handle Platform Configuration for the Platform Certificate
+ * Attribute.
+ * <pre>
+ * PlatformConfiguration ::= SEQUENCE {
+ *      componentIdentifier [0] IMPLICIT SEQUENCE(SIZE(1..CONFIGMAX)) OF
+ *           ComponentIdentifier OPTIONAL,
+ *      componentIdentifiersUri [1] IMPLICIT URIReference OPTIONAL
+ *      platformProperties [2] IMPLICIT SEQUENCE(SIZE(1..CONFIGMAX)) OF Properties OPTIONAL,
+ *      platformPropertiesUri [3] IMPLICIT URIReference OPTIONAL }
+ * </pre>
+ */
+public class PlatformConfigurationV2 extends PlatformConfiguration {
+
+    private static final int COMPONENT_IDENTIFIER = 0;
+    private static final int COMPONENT_IDENTIFIER_URI = 1;
+    private static final int PLATFORM_PROPERTIES = 2;
+    private static final int PLATFORM_PROPERTIES_URI = 3;
+
+    /**
+     * Constructor given the SEQUENCE that contains Platform Configuration.
+     * @param sequence containing the the Platform Configuration.
+     * @throws IllegalArgumentException if there was an error on the parsing
+     */
+    public PlatformConfigurationV2(final ASN1Sequence sequence) throws IllegalArgumentException {
+
+        //Default values
+        setComponentIdentifier(new ArrayList<>());
+        setComponentIdentifierUri(null);
+        setPlatformProperties(new ArrayList<>());
+        setPlatformPropertiesUri(null);
+
+        for (int i = 0; i < sequence.size(); i++) {
+            ASN1TaggedObject taggedSequence
+                        = ASN1TaggedObject.getInstance(sequence.getObjectAt(i));
+            //Set information based on the set tagged
+            switch (taggedSequence.getTagNo()) {
+                case COMPONENT_IDENTIFIER:
+                    //Get componentIdentifier
+                    ASN1Sequence componentConfiguration
+                            = ASN1Sequence.getInstance(taggedSequence, false);
+
+                    //Get and set all the component values
+                    for (int j = 0; j < componentConfiguration.size(); j++) {
+                        //DERSequence with the components
+                        ASN1Sequence component
+                                = ASN1Sequence.getInstance(componentConfiguration.getObjectAt(j));
+                        add(new ComponentIdentifier(component));
+                    }
+                    break;
+                case COMPONENT_IDENTIFIER_URI:
+                    //Get platformPropertiesURI
+                    ASN1Sequence componentUri = ASN1Sequence.getInstance(taggedSequence, false);
+                    //Save properties URI
+                    setComponentIdentifierUri(new URIReference(componentUri));
+                    break;
+                case PLATFORM_PROPERTIES:
+                    //Get platformProperties
+                    ASN1Sequence properties = ASN1Sequence.getInstance(taggedSequence, false);
+
+                    //Get and set all the properties values
+                    for (int j = 0; j < properties.size(); j++) {
+                        //DERSequence with the components
+                        ASN1Sequence property = ASN1Sequence.getInstance(properties.getObjectAt(j));
+                        add(new PlatformProperty(property));
+                    }
+                    break;
+                case PLATFORM_PROPERTIES_URI:
+                    //Get platformPropertiesURI
+                    ASN1Sequence propertiesUri = ASN1Sequence.getInstance(taggedSequence, false);
+                    //Save properties URI
+                    setPlatformPropertiesUri(new URIReference(propertiesUri));
+                    break;
+                default:
+                    break;
+            }
+        }
+    }
+}
--- a/HIRS_Utils/src/test/java/hirs/data/persist/certificate/PlatformCredentialTest.java
+++ b/HIRS_Utils/src/test/java/hirs/data/persist/certificate/PlatformCredentialTest.java
@ -68,6 +68,12 @@ public class PlatformCredentialTest {
    static final String TEST_PLATFORM_CERT2_1 =
            "/validation/platform_credentials_2/basic_plat_cert.pem";

+    /**
+     * Platform Certificate spec 2.
+     */
+    static final String TEST_PLATFORM_CERT2_SPEC2 =
+            "/validation/platform_credentials_2/large_attribute_spec2.txt";
+
    /**
     * Platform Certificate 2.0 with all the expected data.
     */
@ -659,6 +665,49 @@ public class PlatformCredentialTest {

    }

+    /**
+     * Tests Platform Configuration Values. View platform Properties
+     *
+     * @throws IOException if an IO error occurs during processing
+     * @throws URISyntaxException if there is a problem constructing the cert's URI
+     */
+    @Test
+    public final void testPlatformConfiguarion5() throws IOException, URISyntaxException {
+
+        URL resource = this.getClass().getResource(TEST_PLATFORM_CERT2_SPEC2);
+        Path certPath = Paths.get(resource.toURI());
+
+        PlatformCredential platformCert = new PlatformCredential(certPath);
+        PlatformConfiguration platformConfig = platformCert.getPlatformConfiguration();
+
+        //Check component identifier
+        List<ComponentIdentifier> allComponents = platformConfig.getComponentIdentifier();
+        Assert.assertFalse(allComponents.isEmpty());
+
+        List<PlatformProperty> platformProperties = platformConfig.getPlatformProperties();
+        if (platformProperties.isEmpty()) {
+            Assert.fail("Platform Properties is empty.");
+        }
+        Assert.assertEquals(platformProperties.size(), 3);
+
+        PlatformProperty property;
+
+        //Check property #1
+        property = (PlatformProperty) platformProperties.get(0);
+        Assert.assertTrue(property.getPropertyName().getString().equals("AMT"));
+        Assert.assertTrue(property.getPropertyValue().getString().equals("true"));
+
+        //Check property #2
+        property = (PlatformProperty) platformProperties.get(1);
+        Assert.assertTrue(property.getPropertyName().getString().equals("vPro Enabled"));
+        Assert.assertTrue(property.getPropertyValue().getString().equals("true"));
+
+        //Check property #3
+        property = (PlatformProperty) platformProperties.get(2);
+        Assert.assertTrue(property.getPropertyName().getString().equals("DropShip Enabled"));
+        Assert.assertTrue(property.getPropertyValue().getString().equals("false"));
+    }
+
    /**
     * Tests Platform Configuration Values. View platform Properties
     *
--- a/HIRS_Utils/src/test/resources/validation/platform_credentials_2/large_attribute_spec2.txt
+++ b/HIRS_Utils/src/test/resources/validation/platform_credentials_2/large_attribute_spec2.txt