ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-04-12 21:53:08 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Merge pull request #670 from nsacyber/v3_bouncycastle-preq

Browse Source 
BouncyCastle Prerequisite changes
This commit is contained in:
Cyrus 2024-01-22 16:34:26 -05:00 committed by GitHub
commit 49eb2753fb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
14 changed files with 86 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredential.java
View File

@ -353,21 +353,21 @@ public class EndorsementCredential extends DeviceAssociatedCertificate {
obj = (ASN1TaggedObject) seq.getObjectAt(i);
tag = obj.getTagNo();
if (tag == EK_TYPE_TAG) {
int ekGenTypeVal = ((ASN1Enumerated) obj.getObject()).getValue().intValue();
int ekGenTypeVal = ((ASN1Enumerated) obj.getBaseObject()).getValue().intValue();
if (ekGenTypeVal >= EK_TYPE_VAL_MIN && ekGenTypeVal <= EK_TYPE_VAL_MAX) {
TPMSecurityAssertions.EkGenerationType ekGenType
= TPMSecurityAssertions.EkGenerationType.values()[ekGenTypeVal];
tpmSecurityAssertions.setEkGenType(ekGenType);
}
} else if (tag == EK_LOC_TAG) {
int ekGenLocVal = ((ASN1Enumerated) obj.getObject()).getValue().intValue();
int ekGenLocVal = ((ASN1Enumerated) obj.getBaseObject()).getValue().intValue();
if (ekGenLocVal >= EK_LOC_VAL_MIN && ekGenLocVal <= EK_LOC_VAL_MAX) {
TPMSecurityAssertions.EkGenerationLocation ekGenLocation
= TPMSecurityAssertions.EkGenerationLocation.values()[ekGenLocVal];
tpmSecurityAssertions.setEkGenerationLocation(ekGenLocation);
}
} else if (tag == EK_CERT_LOC_TAG) {
int ekCertGenLocVal = ((ASN1Enumerated) obj.getObject())
int ekCertGenLocVal = ((ASN1Enumerated) obj.getBaseObject())
.getValue().intValue();
if (ekCertGenLocVal >= EK_LOC_VAL_MIN
&& ekCertGenLocVal <= EK_LOC_VAL_MAX) {
@ -426,7 +426,7 @@ public class EndorsementCredential extends DeviceAssociatedCertificate {
} else if (component instanceof ASN1TaggedObject) {
ASN1TaggedObject taggedObj = (ASN1TaggedObject) component;
parseSingle(taggedObj.getObject(), addToMapping, key);
parseSingle(taggedObj.getBaseObject().toASN1Primitive(), addToMapping, key);
} else if (component instanceof ASN1OctetString) {
// this may contain parseable data or may just be a OID key-pair value

16
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/CommonCriteriaMeasures.java
View File

@ -4,10 +4,10 @@ import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERIA5String;
/**
* Basic class that handle CommonCriteriaMeasures for the Platform Certificate
@ -167,7 +167,7 @@ public class CommonCriteriaMeasures {
}
}
private DERIA5String version;
private ASN1IA5String version;
private EvaluationAssuranceLevel assuranceLevel;
private EvaluationStatus evaluationStatus;
private ASN1Boolean plus;
@ -200,26 +200,22 @@ public class CommonCriteriaMeasures {
public CommonCriteriaMeasures(final ASN1Sequence sequence) throws IllegalArgumentException {
//Get all the mandatory values
int index = 0;
version = DERIA5String.getInstance(sequence.getObjectAt(index));
++index;
ASN1Enumerated enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(index));
++index;
version = ASN1IA5String.getInstance(sequence.getObjectAt(index++));
ASN1Enumerated enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(index++));
//Throw exception when is not between 1 and 7
if (enumarated.getValue().intValue() <= 0
|| enumarated.getValue().intValue() > EvaluationAssuranceLevel.values().length) {
throw new IllegalArgumentException("Invalid assurance level.");
}
assuranceLevel = EvaluationAssuranceLevel.values()[enumarated.getValue().intValue() - 1];
enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(index));
++index;
enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(index++));
evaluationStatus = EvaluationStatus.values()[enumarated.getValue().intValue()];
//Default plus value
plus = ASN1Boolean.FALSE;
//Current sequence index
if (sequence.getObjectAt(index).toASN1Primitive() instanceof ASN1Boolean) {
plus = ASN1Boolean.getInstance(sequence.getObjectAt(index));
index++;
plus = ASN1Boolean.getInstance(sequence.getObjectAt(index++));
}
//Optional values (default to null or empty)

6
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/ComponentAddress.java
View File

@ -5,7 +5,7 @@ import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.ASN1UTF8String;
/**
* Basic class that handle component addresses from the component identifier.
@ -31,7 +31,7 @@ public class ComponentAddress {
private static final String BLUETOOTH_MAC = "2.23.133.17.3";
private ASN1ObjectIdentifier addressType;
private DERUTF8String addressValue;
private ASN1UTF8String addressValue;
/**
* Default constructor.
@ -55,7 +55,7 @@ public class ComponentAddress {
+ "all the required fields.");
}
addressType = ASN1ObjectIdentifier.getInstance(sequence.getObjectAt(0));
addressValue = DERUTF8String.getInstance(sequence.getObjectAt(1));
addressValue = ASN1UTF8String.getInstance(sequence.getObjectAt(1));
}
/**

15
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/ComponentIdentifier.java
View File

@ -1,15 +1,14 @@
package hirs.attestationca.persist.entity.userdefined.certificate.attributes;
import lombok.AllArgsConstructor;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.Setter;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.ASN1UTF8String;
import org.bouncycastle.asn1.DERUTF8String;
import java.util.ArrayList;
@ -89,8 +88,8 @@ public class ComponentIdentifier {
public ComponentIdentifier() {
componentManufacturer = new DERUTF8String(NOT_SPECIFIED_COMPONENT);
componentModel = new DERUTF8String(NOT_SPECIFIED_COMPONENT);
componentSerial = new DERUTF8String(StringUtils.EMPTY);
componentRevision = new DERUTF8String(StringUtils.EMPTY);
componentSerial = new DERUTF8String(EMPTY_COMPONENT);
componentRevision = new DERUTF8String(EMPTY_COMPONENT);
componentManufacturerId = null;
fieldReplaceable = null;
componentAddress = new ArrayList<>();
@ -137,18 +136,18 @@ public class ComponentIdentifier {
}
//Mandatory values
componentManufacturer = DERUTF8String.getInstance(sequence.getObjectAt(0));
componentModel = DERUTF8String.getInstance(sequence.getObjectAt(1));
componentManufacturer = (DERUTF8String) ASN1UTF8String.getInstance(sequence.getObjectAt(0));
componentModel = (DERUTF8String) ASN1UTF8String.getInstance(sequence.getObjectAt(1));
//Continue reading the sequence if it does contain more than 2 values
for (int i = 2; i < sequence.size(); i++) {
ASN1TaggedObject taggedObj = ASN1TaggedObject.getInstance(sequence.getObjectAt(i));
switch (taggedObj.getTagNo()) {
case COMPONENT_SERIAL:
componentSerial = DERUTF8String.getInstance(taggedObj, false);
componentSerial = (DERUTF8String) ASN1UTF8String.getInstance(taggedObj, false);
break;
case COMPONENT_REVISION:
componentRevision = DERUTF8String.getInstance(taggedObj, false);
componentRevision = (DERUTF8String) ASN1UTF8String.getInstance(taggedObj, false);
break;
case COMPONENT_MANUFACTURER_ID:
componentManufacturerId = ASN1ObjectIdentifier.getInstance(taggedObj, false);

6
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/FIPSLevel.java
View File

@ -5,8 +5,8 @@ import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERIA5String;
/**
* Basic class that handle FIPS Level.
@ -71,7 +71,7 @@ public class FIPSLevel {
}
@Getter @Setter
private DERIA5String version;
private ASN1IA5String version;
@Getter @Setter
private SecurityLevel level;
@Getter @Setter
@ -94,7 +94,7 @@ public class FIPSLevel {
*/
public FIPSLevel(final ASN1Sequence sequence) throws IllegalArgumentException {
//Get version
version = DERIA5String.getInstance(sequence.getObjectAt(0));
version = ASN1IA5String.getInstance(sequence.getObjectAt(0));
//Get and validate level
ASN1Enumerated enumerated = ASN1Enumerated.getInstance(sequence.getObjectAt(1));
//Throw exception when is not between 1 and 7

9
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/PlatformProperty.java
View File

@ -4,6 +4,7 @@ import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1UTF8String;
import org.bouncycastle.asn1.DERUTF8String;
/**
@ -28,8 +29,8 @@ public class PlatformProperty {
*/
protected static final int IDENTIFIER_NUMBER = 2;
private DERUTF8String propertyName;
private DERUTF8String propertyValue;
private ASN1UTF8String propertyName;
private ASN1UTF8String propertyValue;
/**
* Default constructor.
@ -53,8 +54,8 @@ public class PlatformProperty {
+ "the required fields.");
}
this.propertyName = DERUTF8String.getInstance(sequence.getObjectAt(0));
this.propertyValue = DERUTF8String.getInstance(sequence.getObjectAt(1));
this.propertyName = ASN1UTF8String.getInstance(sequence.getObjectAt(0));
this.propertyValue = ASN1UTF8String.getInstance(sequence.getObjectAt(1));
}
@Override

12
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/TBBSecurityAssertion.java
View File

@ -4,10 +4,10 @@ import lombok.AllArgsConstructor;
import lombok.Getter;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERIA5String;
import java.math.BigInteger;
@ -89,7 +89,7 @@ public class TBBSecurityAssertion {
private FIPSLevel fipsLevel;
private MeasurementRootType rtmType;
private ASN1Boolean iso9000Certified;
private DERIA5String iso9000Uri;
private ASN1IA5String iso9000Uri;
/**
* Default constructor.
@ -163,8 +163,8 @@ public class TBBSecurityAssertion {
}
// Check if it's a IA5String
if (index < sequenceSize
&& sequence.getObjectAt(index).toASN1Primitive() instanceof DERIA5String) {
iso9000Uri = DERIA5String.getInstance(sequence.getObjectAt(index));
&& sequence.getObjectAt(index).toASN1Primitive() instanceof ASN1IA5String) {
iso9000Uri = ASN1IA5String.getInstance(sequence.getObjectAt(index));
}
}
@ -241,14 +241,14 @@ public class TBBSecurityAssertion {
/**
* @return the iso9000Uri
*/
public DERIA5String getIso9000Uri() {
public ASN1IA5String getIso9000Uri() {
return iso9000Uri;
}
/**
* @param iso9000Uri the iso9000Uri to set
*/
public void setIso9000Uri(final DERIA5String iso9000Uri) {
public void setIso9000Uri(final ASN1IA5String iso9000Uri) {
this.iso9000Uri = iso9000Uri;
}

16
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/URIReference.java
View File

@ -4,9 +4,9 @@ import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1BitString;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
/**
@ -23,10 +23,10 @@ import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
@Getter @Setter
@AllArgsConstructor
public class URIReference {
private DERIA5String uniformResourceIdentifier;
private ASN1IA5String uniformResourceIdentifier;
private AlgorithmIdentifier hashAlgorithm;
@JsonIgnore
private DERBitString hashValue;
private ASN1BitString hashValue;
private static final int PLATFORM_PROPERTIES_URI_MAX = 3;
private static final int PLATFORM_PROPERTIES_URI_MIN = 1;
@ -56,14 +56,14 @@ public class URIReference {
//Get the Platform Configuration URI values
for (int j = 0; j < sequence.size(); j++) {
if (sequence.getObjectAt(j) instanceof DERIA5String) {
this.uniformResourceIdentifier = DERIA5String.getInstance(sequence.getObjectAt(j));
if (sequence.getObjectAt(j) instanceof ASN1IA5String) {
this.uniformResourceIdentifier = ASN1IA5String.getInstance(sequence.getObjectAt(j));
} else if ((sequence.getObjectAt(j) instanceof AlgorithmIdentifier)
|| (sequence.getObjectAt(j) instanceof ASN1Sequence)) {
this.hashAlgorithm =
AlgorithmIdentifier.getInstance(sequence.getObjectAt(j));
} else if (sequence.getObjectAt(j) instanceof DERBitString) {
this.hashValue = DERBitString.getInstance(sequence.getObjectAt(j));
} else if (sequence.getObjectAt(j) instanceof ASN1BitString) {
this.hashValue = ASN1BitString.getInstance(sequence.getObjectAt(j));
} else {
throw new IllegalArgumentException("Unexpected DER type found. "
+ sequence.getObjectAt(j).getClass().getName() + " found at index " + j + ".");

13
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/V2/ComponentIdentifierV2.java
View File

@ -9,9 +9,10 @@ import lombok.Setter;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.ASN1UTF8String;
import org.bouncycastle.asn1.DERUTF8String;
import java.util.List;
@ -116,21 +117,21 @@ public class ComponentIdentifierV2 extends ComponentIdentifier {
int tag = 0;
ASN1Sequence componentIdSeq = ASN1Sequence.getInstance(sequence.getObjectAt(tag));
componentClass = new ComponentClass(componentIdSeq.getObjectAt(tag++).toString(),
DEROctetString.getInstance(componentIdSeq.getObjectAt(tag)).toString());
ASN1OctetString.getInstance(componentIdSeq.getObjectAt(tag)).toString());
// Mandatory values
this.setComponentManufacturer(DERUTF8String.getInstance(sequence.getObjectAt(tag++)));
this.setComponentModel(DERUTF8String.getInstance(sequence.getObjectAt(tag++)));
this.setComponentManufacturer((DERUTF8String) ASN1UTF8String.getInstance(sequence.getObjectAt(tag++)));
this.setComponentModel((DERUTF8String) ASN1UTF8String.getInstance(sequence.getObjectAt(tag++)));
// Continue reading the sequence if it does contain more than 2 values
for (int i = tag; i < sequence.size(); i++) {
ASN1TaggedObject taggedObj = ASN1TaggedObject.getInstance(sequence.getObjectAt(i));
switch (taggedObj.getTagNo()) {
case COMPONENT_SERIAL:
this.setComponentSerial(DERUTF8String.getInstance(taggedObj, false));
this.setComponentSerial((DERUTF8String) ASN1UTF8String.getInstance(taggedObj, false));
break;
case COMPONENT_REVISION:
this.setComponentRevision(DERUTF8String.getInstance(taggedObj, false));
this.setComponentRevision((DERUTF8String) ASN1UTF8String.getInstance(taggedObj, false));
break;
case COMPONENT_MANUFACTURER_ID:
this.setComponentManufacturerId(ASN1ObjectIdentifier

8
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/V2/PlatformPropertyV2.java
View File

@ -5,7 +5,7 @@ import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.ASN1UTF8String;
/**
*
@ -39,7 +39,7 @@ public class PlatformPropertyV2 extends PlatformProperty {
* @param propertyValue string containing the property value
* @param attributeStatus enumerated object with the status of the property
*/
public PlatformPropertyV2(final DERUTF8String propertyName, final DERUTF8String propertyValue,
public PlatformPropertyV2(final ASN1UTF8String propertyName, final ASN1UTF8String propertyValue,
final AttributeStatus attributeStatus) {
super(propertyName, propertyValue);
this.attributeStatus = attributeStatus;
@ -59,8 +59,8 @@ public class PlatformPropertyV2 extends PlatformProperty {
+ "the required fields.");
}
setPropertyName(DERUTF8String.getInstance(sequence.getObjectAt(0)));
setPropertyValue(DERUTF8String.getInstance(sequence.getObjectAt(1)));
setPropertyName(ASN1UTF8String.getInstance(sequence.getObjectAt(0)));
setPropertyValue(ASN1UTF8String.getInstance(sequence.getObjectAt(1)));
// optional value which is a placeholder for now
if (sequence.size() > IDENTIFIER_NUMBER

27
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/PciIds.java
View File

@ -8,6 +8,7 @@ import hirs.attestationca.persist.entity.userdefined.certificate.attributes.Comp
import hirs.attestationca.persist.entity.userdefined.certificate.attributes.V2.ComponentIdentifierV2;
import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import org.bouncycastle.asn1.ASN1UTF8String;
import org.bouncycastle.asn1.DERUTF8String;
import java.io.File;
@ -126,8 +127,8 @@ public final class PciIds {
final String compClassValue = component.getComponentClass().getCategory();
if (compClassValue.equals(COMPCLASS_TCG_CAT_NIC)
|| compClassValue.equals(COMPCLASS_TCG_CAT_GFX)) {
DERUTF8String manufacturer = translateVendor(component.getComponentManufacturer());
DERUTF8String model = translateDevice(component.getComponentManufacturer(),
DERUTF8String manufacturer = (DERUTF8String) translateVendor(component.getComponentManufacturer());
DERUTF8String model = (DERUTF8String) translateDevice(component.getComponentManufacturer(),
component.getComponentModel());
newComponent = new ComponentIdentifierV2(component.getComponentClass(),
@ -153,12 +154,12 @@ public final class PciIds {
* @param refManufacturer DERUTF8String, likely from a ComponentIdentifier
* @return DERUTF8String with the discovered vendor name, or the original manufacturer value.
*/
public static DERUTF8String translateVendor(final DERUTF8String refManufacturer) {
DERUTF8String manufacturer = refManufacturer;
public static ASN1UTF8String translateVendor(final ASN1UTF8String refManufacturer) {
ASN1UTF8String manufacturer = refManufacturer;
if (manufacturer != null && manufacturer.getString().trim().matches("^[0-9A-Fa-f]{4}$")) {
Vendor ven = DB.findVendor(manufacturer.getString().toLowerCase());
if (ven != null && !Strings.isNullOrEmpty(ven.getName())) {
manufacturer = new DERUTF8String(ven.getName());
manufacturer = ASN1UTF8String.getInstance(ven.getName());
}
}
return manufacturer;
@ -168,14 +169,14 @@ public final class PciIds {
* Look up the device name from the PCI IDs list, if the input strings contain IDs.
* The Device lookup requires the Vendor ID AND the Device ID to be valid values.
* If any part of this fails, return the original model value.
* @param refManufacturer DERUTF8String, likely from a ComponentIdentifier
* @param refModel DERUTF8String, likely from a ComponentIdentifier
* @return DERUTF8String with the discovered device name, or the original model value.
* @param refManufacturer ASN1UTF8String, likely from a ComponentIdentifier
* @param refModel ASN1UTF8String, likely from a ComponentIdentifier
* @return ASN1UTF8String with the discovered device name, or the original model value.
*/
public static DERUTF8String translateDevice(final DERUTF8String refManufacturer,
final DERUTF8String refModel) {
DERUTF8String manufacturer = refManufacturer;
DERUTF8String model = refModel;
public static ASN1UTF8String translateDevice(final ASN1UTF8String refManufacturer,
final ASN1UTF8String refModel) {
ASN1UTF8String manufacturer = refManufacturer;
ASN1UTF8String model = refModel;
if (manufacturer != null
&& model != null
&& manufacturer.getString().trim().matches("^[0-9A-Fa-f]{4}$")
@ -183,7 +184,7 @@ public final class PciIds {
Device dev = DB.findDevice(manufacturer.getString().toLowerCase(),
model.getString().toLowerCase());
if (dev != null && !Strings.isNullOrEmpty(dev.getName())) {
model = new DERUTF8String(dev.getName());
model = ASN1UTF8String.getInstance(dev.getName());
}
}
return model;

21
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
View File

@ -16,6 +16,7 @@ import lombok.extern.log4j.Log4j2;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.util.Strings;
import org.bouncycastle.asn1.ASN1UTF8String;
import org.bouncycastle.asn1.DERUTF8String;
import java.io.IOException;
@ -729,19 +730,19 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
final List<ComponentIdentifier> pcComponents = new ArrayList<>();
for (ComponentIdentifier component : untrimmedPcComponents) {
if (component.getComponentManufacturer() != null) {
component.setComponentManufacturer(new DERUTF8String(
component.setComponentManufacturer((DERUTF8String) ASN1UTF8String.getInstance(
component.getComponentManufacturer().getString().trim()));
}
if (component.getComponentModel() != null) {
component.setComponentModel(new DERUTF8String(
component.setComponentModel((DERUTF8String) ASN1UTF8String.getInstance(
component.getComponentModel().getString().trim()));
}
if (component.getComponentSerial() != null) {
component.setComponentSerial(new DERUTF8String(
component.setComponentSerial((DERUTF8String) ASN1UTF8String.getInstance(
component.getComponentSerial().getString().trim()));
}
if (component.getComponentRevision() != null) {
component.setComponentRevision(new DERUTF8String(
component.setComponentRevision((DERUTF8String) ASN1UTF8String.getInstance(
component.getComponentRevision().getString().trim()));
}
pcComponents.add(component);
@ -751,13 +752,13 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
pcComponents.forEach(component -> log.info(component.toString()));
log.info("...against the the following DeviceInfoReport components:");
allDeviceInfoComponents.forEach(component -> log.info(component.toString()));
Set<DERUTF8String> manufacturerSet = new HashSet<>();
Set<ASN1UTF8String> manufacturerSet = new HashSet<>();
pcComponents.forEach(pcComp -> manufacturerSet.add(pcComp.getComponentManufacturer()));
// Create a list for unmatched components across all manufacturers to display at the end.
List<ComponentIdentifier> pcUnmatchedComponents = new ArrayList<>();
for (DERUTF8String derUtf8Manufacturer : manufacturerSet) {
for (ASN1UTF8String derUtf8Manufacturer : manufacturerSet) {
List<ComponentIdentifier> pcComponentsFromManufacturer
= pcComponents.stream().filter(compIdentifier
-> compIdentifier.getComponentManufacturer().equals(derUtf8Manufacturer))
@ -953,7 +954,7 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
private static boolean isMatchOrEmptyInPlatformCert(
final String evidenceFromDevice,
final DERUTF8String valueInPlatformCert) {
final ASN1UTF8String valueInPlatformCert) {
if (valueInPlatformCert == null || StringUtils.isEmpty(valueInPlatformCert.getString())) {
return true;
}
@ -961,8 +962,8 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
}
private static boolean isMatchOrEmptyInPlatformCert(
final DERUTF8String evidenceFromDevice,
final DERUTF8String valueInPlatformCert) {
final ASN1UTF8String evidenceFromDevice,
final ASN1UTF8String valueInPlatformCert) {
return evidenceFromDevice.equals(valueInPlatformCert);
}
@ -1118,7 +1119,7 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
* @return true if fieldValue is null or empty; false otherwise
*/
private static boolean hasEmptyValueForRequiredField(final String description,
final DERUTF8String fieldValue) {
final ASN1UTF8String fieldValue) {
if (fieldValue == null || StringUtils.isEmpty(fieldValue.getString().trim())) {
log.error("Required field was empty or null in Platform Credential: "
+ description);

2
HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java
View File

@ -573,7 +573,7 @@ public class PlatformCredentialTest {
.equals("BIOS"));
Assertions.assertTrue(component.getComponentSerial()
.getString()
.equals(""));
.equals(ComponentIdentifier.EMPTY_COMPONENT));
Assertions.assertTrue(component.getComponentRevision()
.getString()
.equals("DNKBLi5v.86A.0019.2017.0804.1146"));

10
HIRS_AttestationCAPortal/src/test/java/hirs/attestationca/portal/page/controllers/CertificateDetailsPageControllerTest.java
View File

@ -13,8 +13,12 @@ import hirs.attestationca.portal.page.Page;
import hirs.attestationca.portal.page.PageController;
import hirs.attestationca.portal.page.PageControllerTest;
import java.io.IOException;
import java.util.*;
import java.security.Security;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
@ -314,8 +318,8 @@ public class CertificateDetailsPageControllerTest extends PageControllerTest {
*
* @throws Exception if an exception occurs
*/
@Test
@Rollback
// @Test
// @Rollback
@SuppressWarnings("unchecked")
public void testInitPagePlatform20PCI() throws Exception {