diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/ComponentInfo.java b/HIRS_Utils/src/main/java/hirs/data/persist/ComponentInfo.java index 6f344626..d4af44de 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/ComponentInfo.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/ComponentInfo.java @@ -15,6 +15,7 @@ import javax.xml.bind.annotation.XmlElement; import java.io.Serializable; import java.util.Objects; + /** * ComponentInfo is a class to hold Hardware component information * such as manufacturer, model, serial number and version. @@ -194,9 +195,13 @@ public class ComponentInfo implements Serializable { this.componentModel = componentModel.trim(); if (componentSerial != null) { this.componentSerial = componentSerial.trim(); + } else { + this.componentSerial = StringUtils.EMPTY; } if (componentRevision != null) { this.componentRevision = componentRevision.trim(); + } else { + this.componentRevision = StringUtils.EMPTY; } } diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentIdentifier.java b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentIdentifier.java index 9daa4a19..c3f78f39 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentIdentifier.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentIdentifier.java @@ -4,6 +4,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.stream.Collectors; +import org.apache.commons.lang3.StringUtils; import org.bouncycastle.asn1.ASN1Boolean; import org.bouncycastle.asn1.ASN1ObjectIdentifier; @@ -32,7 +33,11 @@ public class ComponentIdentifier { /** * Variable for components that aren't set. */ - public static final String EMPTY_COMPONENT = " --- "; + public static final String EMPTY_COMPONENT = "[Empty]"; + /** + * Variable for components that aren't set. + */ + public static final String NOT_SPECFIED_COMPONENT = "Not Specified"; /** * Maximum number of configurations. */ @@ -73,10 +78,10 @@ public class ComponentIdentifier { * Default constructor. */ public ComponentIdentifier() { - componentManufacturer = new DERUTF8String(EMPTY_COMPONENT); - componentModel = new DERUTF8String(EMPTY_COMPONENT); - componentSerial = new DERUTF8String(EMPTY_COMPONENT); - componentRevision = new DERUTF8String(EMPTY_COMPONENT); + componentManufacturer = new DERUTF8String(NOT_SPECFIED_COMPONENT); + componentModel = new DERUTF8String(NOT_SPECFIED_COMPONENT); + componentSerial = new DERUTF8String(StringUtils.EMPTY); + componentRevision = new DERUTF8String(StringUtils.EMPTY); componentManufacturerId = null; fieldReplaceable = null; componentAddress = new ArrayList<>(); diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/AttributeStatus.java b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/AttributeStatus.java index 094f494f..b30c0968 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/AttributeStatus.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/AttributeStatus.java @@ -1,6 +1,7 @@ package hirs.data.persist.certificate.attributes.V2; -import hirs.data.persist.certificate.attributes.ComponentIdentifier; +import org.apache.commons.lang3.StringUtils; + /** * A type to handle the security Level used in the FIPS Level. @@ -28,9 +29,9 @@ public enum AttributeStatus { */ REMOVED("removed"), /** - * Attribute Status for NOT_SPECIFIED. + * Attribute Status for EMPTY. */ - NOT_SPECIFIED(ComponentIdentifier.EMPTY_COMPONENT); + EMPTY_STATUS(StringUtils.EMPTY); private final String value; diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/ComponentIdentifierV2.java b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/ComponentIdentifierV2.java index 179e3bac..9d0dc3c5 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/ComponentIdentifierV2.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/ComponentIdentifierV2.java @@ -55,7 +55,7 @@ public class ComponentIdentifierV2 extends ComponentIdentifier { componentClass = new ComponentClass(); certificateIdentifier = null; componentPlatformUri = null; - attributeStatus = AttributeStatus.NOT_SPECIFIED; + attributeStatus = AttributeStatus.EMPTY_STATUS; } /** diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/PlatformPropertyV2.java b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/PlatformPropertyV2.java index ad188633..b53d42de 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/PlatformPropertyV2.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/V2/PlatformPropertyV2.java @@ -25,7 +25,7 @@ public class PlatformPropertyV2 extends PlatformProperty { */ public PlatformPropertyV2() { super(); - this.attributeStatus = AttributeStatus.NOT_SPECIFIED; + this.attributeStatus = AttributeStatus.EMPTY_STATUS; } /** diff --git a/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java b/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java index 86ee688a..aaf68b77 100644 --- a/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java +++ b/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java @@ -534,8 +534,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator new ComponentIdentifier( new DERUTF8String(component.getComponentManufacturer().getString().trim()), new DERUTF8String(component.getComponentModel().getString().trim()), - componentSerial, - componentRevision, + componentSerial, componentRevision, component.getComponentManufacturerId(), component.getFieldReplaceable(), component.getComponentAddress() @@ -578,8 +577,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator // Now match up the components from the device info that are from the same // manufacturer and have a serial number. As matches are found, remove them from // both lists. - for (ComponentIdentifier pcComponent - : pcComponentsFromManufacturerWithSerialNumber) { + for (ComponentIdentifier pcComponent : pcComponentsFromManufacturerWithSerialNumber) { Optional first = deviceInfoComponentsFromManufacturer.stream() .filter(componentInfo @@ -609,8 +607,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator // Now match up the components from the device info that are from the same // manufacturer and specify a value for the revision field. As matches are found, // remove them from both lists. - for (ComponentIdentifier pcComponent - : pcComponentsFromManufacturerWithRevision) { + for (ComponentIdentifier pcComponent : pcComponentsFromManufacturerWithRevision) { Optional first = deviceInfoComponentsFromManufacturer.stream() .filter(info -> StringUtils.isNotEmpty(info.getComponentRevision())) @@ -654,9 +651,11 @@ public final class SupplyChainCredentialValidator implements CredentialValidator for (ComponentIdentifier unmatchedComponent : pcUnmatchedComponents) { LOGGER.error("Unmatched component " + umatchedComponentCounter++ + ": " + unmatchedComponent); - sb.append(String.format("Manufacturer=%s, Model=%s%n", + sb.append(String.format("Manufacturer=%s, Model=%s, Serial=%s, Revision=%s%n", unmatchedComponent.getComponentManufacturer(), - unmatchedComponent.getComponentModel())); + unmatchedComponent.getComponentModel(), + unmatchedComponent.getComponentSerial(), + unmatchedComponent.getComponentRevision())); } return sb.toString(); } diff --git a/HIRS_Utils/src/test/java/hirs/data/persist/certificate/PlatformCredentialTest.java b/HIRS_Utils/src/test/java/hirs/data/persist/certificate/PlatformCredentialTest.java index 8922894c..de054891 100644 --- a/HIRS_Utils/src/test/java/hirs/data/persist/certificate/PlatformCredentialTest.java +++ b/HIRS_Utils/src/test/java/hirs/data/persist/certificate/PlatformCredentialTest.java @@ -574,7 +574,7 @@ public class PlatformCredentialTest { .equals("BIOS")); Assert.assertTrue(component.getComponentSerial() .getString() - .equals(" --- ")); + .equals("")); Assert.assertTrue(component.getComponentRevision() .getString() .equals("DNKBLi5v.86A.0019.2017.0804.1146")); diff --git a/HIRS_Utils/src/test/java/hirs/validation/SupplyChainCredentialValidatorTest.java b/HIRS_Utils/src/test/java/hirs/validation/SupplyChainCredentialValidatorTest.java index 2be1db33..aa9b7ba0 100644 --- a/HIRS_Utils/src/test/java/hirs/validation/SupplyChainCredentialValidatorTest.java +++ b/HIRS_Utils/src/test/java/hirs/validation/SupplyChainCredentialValidatorTest.java @@ -1113,7 +1113,8 @@ public class SupplyChainCredentialValidatorTest { + "Platform version did not match\n" + "Platform serial did not match\n" + "There are unmatched components:\n" - + "Manufacturer=Intel, Model=platform2018\n"; + + "Manufacturer=Intel, Model=platform2018," + + " Serial=BQKP52840678, Revision=1.0\n"; AppraisalStatus result = supplyChainCredentialValidator.validatePlatformCredentialAttributes( @@ -1757,7 +1758,8 @@ public class SupplyChainCredentialValidatorTest { Assert.assertEquals(result.getAppStatus(), AppraisalStatus.Status.FAIL); Assert.assertEquals(result.getMessage(), "Component manufacturer is empty\n" + "There are unmatched components:\n" - + "Manufacturer=, Model=Core i7\n"); + + "Manufacturer=, Model=Core i7, Serial=Not Specified," + + " Revision=Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz\n"); platformCredential = setupMatchingPlatformCredential(deviceInfoReport); result = SupplyChainCredentialValidator @@ -1813,7 +1815,7 @@ public class SupplyChainCredentialValidatorTest { deviceInfoReport); Assert.assertEquals(result.getAppStatus(), AppraisalStatus.Status.FAIL); Assert.assertEquals(result.getMessage(), "There are unmatched components:\n" - + "Manufacturer=ACME, Model=TNT\n"); + + "Manufacturer=ACME, Model=TNT, Serial=2, Revision=1.1\n"); } /** @@ -1876,7 +1878,8 @@ public class SupplyChainCredentialValidatorTest { Assert.assertEquals(result.getAppStatus(), AppraisalStatus.Status.FAIL); Assert.assertEquals(result.getMessage(), "Component manufacturer is empty\n" + "There are unmatched components:\n" - + "Manufacturer=, Model=Core i7\n"); + + "Manufacturer=, Model=Core i7, Serial=Not Specified," + + " Revision=Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz\n"); platformCredential = setupMatchingPlatformCredential(deviceInfoReport); result = SupplyChainCredentialValidator