diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java index 09b2f78a..63527556 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java @@ -900,12 +900,13 @@ public abstract class AbstractAttestationCertificateAuthority this.referenceManifestManager.update(dbBaseRim); } - generateDigestRecords(hw.getManufacturer(), hw.getProductName()); + generateDigestRecords(hw.getManufacturer(), hw.getProductName(), + dv.getNw().getHostname()); if (dv.hasLivelog()) { LOG.info("Device sent bios measurement log..."); fileName = String.format("%s.measurement", - defaultClientName); + dv.getNw().getHostname()); try { // find previous version. If it exists, delete it measurements = EventLogMeasurements.select(referenceManifestManager) @@ -948,7 +949,8 @@ public abstract class AbstractAttestationCertificateAuthority return dvReport; } - private boolean generateDigestRecords(final String manufacturer, final String model) { + private boolean generateDigestRecords(final String manufacturer, final String model, + final String deviceName) { List rdValues; Set dbSupportRims = SupportReferenceManifest .select(referenceManifestManager).byManufacturer(manufacturer).getRIMs(); @@ -957,6 +959,7 @@ public abstract class AbstractAttestationCertificateAuthority if (dbSupport.getPlatformModel().equals(model)) { ReferenceDigestRecord dbObj = new ReferenceDigestRecord(dbSupport, manufacturer, model); + dbObj.setDeviceName(deviceName); // this is where we update or create the log ReferenceDigestRecord rdr = this.referenceDigestManager.getRecord(dbObj); if (dbSupport.isBaseSupport()) { diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java index df6c5b3c..76bcc5d8 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java @@ -101,7 +101,7 @@ public class ReferenceManifestDetailsPageController if (params.getId() == null) { String typeError = "ID was not provided"; messages.addError(typeError); - LOGGER.error(typeError); + LOGGER.debug(typeError); mav.addObject(MESSAGES_ATTRIBUTE, messages); } else { try { @@ -494,9 +494,9 @@ public class ReferenceManifestDetailsPageController HashMap data = new HashMap<>(); LinkedList livelogEvents = new LinkedList<>(); BaseReferenceManifest base = null; - SupportReferenceManifest support = null; - TCGEventLog supportLog = null; - ReferenceDigestRecord digestRecord = null; + List supports = new ArrayList<>(); + SupportReferenceManifest baseSupport = null; + List digestRecords = new LinkedList<>(); data.put("supportFilename", "Blank"); data.put("supportId", ""); @@ -504,25 +504,28 @@ public class ReferenceManifestDetailsPageController data.put("rimType", measurements.getRimType()); data.put("hostName", measurements.getDeviceName()); - if (measurements.getPlatformManufacturer() != null) { - digestRecord = referenceDigestManager.getRecord(measurements - .getPlatformManufacturer(), - measurements.getPlatformModel()); - support = SupportReferenceManifest + if (measurements.getDeviceName() != null) { + digestRecords = referenceDigestManager + .getRecordsByDeviceName(measurements.getDeviceName()); + supports.addAll(SupportReferenceManifest .select(referenceManifestManager) - .byManufacturer(measurements - .getPlatformManufacturer()).getRIM(); - - if (support != null) { - data.put("supportFilename", support.getFileName()); - data.put("supportId", support.getId()); + .byDeviceName(measurements + .getDeviceName()).getRIMs()); + for (SupportReferenceManifest support : supports) { + if (support.isBaseSupport()) { + baseSupport = support; + } + } + if (baseSupport != null) { + data.put("supportFilename", baseSupport.getFileName()); + data.put("supportId", baseSupport.getId()); base = BaseReferenceManifest .select(referenceManifestManager) - .byEntityId(support.getAssociatedRim()) + .byEntityId(baseSupport.getAssociatedRim()) .getRIM(); - data.put("tagId", support.getTagId()); + data.put("tagId", baseSupport.getTagId()); if (base != null) { data.put("baseId", base.getId()); @@ -531,11 +534,13 @@ public class ReferenceManifestDetailsPageController } TCGEventLog measurementLog = new TCGEventLog(measurements.getRimBytes()); - List eventValue; + List eventValue = new ArrayList<>(); Map eventValueMap = new HashMap<>(); - if (digestRecord != null) { - eventValue = referenceEventManager - .getValuesByRecordId(digestRecord); + if (!digestRecords.isEmpty()) { + for (ReferenceDigestRecord rdr : digestRecords) { + eventValue.addAll(referenceEventManager + .getValuesByRecordId(rdr)); + } for (ReferenceDigestValue rdv : eventValue) { eventValueMap.put(rdv.getDigestValue(), rdv); } @@ -546,17 +551,34 @@ public class ReferenceManifestDetailsPageController } } - if (support != null) { + if (!supports.isEmpty()) { Map> baselineLogEvents = new HashMap<>(); - List baselines = null; + List matchedEvents = null; + List combinedBaselines = new LinkedList<>(); + for (SupportReferenceManifest support : supports) { + combinedBaselines.addAll(support.getEventLog()); + } + String bootVariable; + String variablePrefix = "Variable Name:"; + String variableSuffix = "UEFI_GUID"; for (TpmPcrEvent tpe : livelogEvents) { - baselines = new ArrayList<>(); - for (TpmPcrEvent supports : support.getEventLog()) { - if (supports.getEventType() == tpe.getEventType()) { - baselines.add(supports); + matchedEvents = new ArrayList<>(); + for (TpmPcrEvent tpmPcrEvent : combinedBaselines) { + if (tpmPcrEvent.getEventType() == tpe.getEventType()) { + if (tpe.getEventContentStr().contains(variablePrefix)) { + bootVariable = tpe.getEventContentStr().substring(( + tpe.getEventContentStr().indexOf(variablePrefix) + + variablePrefix.length()), + tpe.getEventContentStr().indexOf(variableSuffix)); + if (tpmPcrEvent.getEventContentStr().contains(bootVariable)) { + matchedEvents.add(tpmPcrEvent); + } + } else { + matchedEvents.add(tpmPcrEvent); + } } } - baselineLogEvents.put(tpe.getEventDigestStr(), baselines); + baselineLogEvents.put(tpe.getEventDigestStr(), matchedEvents); } data.put("eventTypeMap", baselineLogEvents); } diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/ReferenceDigestRecord.java b/HIRS_Utils/src/main/java/hirs/data/persist/ReferenceDigestRecord.java index ee24e340..43cec77d 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/ReferenceDigestRecord.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/ReferenceDigestRecord.java @@ -28,6 +28,8 @@ public class ReferenceDigestRecord extends ArchivableEntity { private String manufacturer; @Column(nullable = false) private String model; + @Column(nullable = false) + private String deviceName; @Column(columnDefinition = "blob", nullable = true) private byte[] valueBlob; @@ -134,6 +136,22 @@ public class ReferenceDigestRecord extends ArchivableEntity { this.model = model; } + /** + * Getter for the deviceName associated. + * @return the string of the deviceName + */ + public String getDeviceName() { + return deviceName; + } + + /** + * Setter for the deviceName associated. + * @param deviceName the string of the model + */ + public void setDeviceName(final String deviceName) { + this.deviceName = deviceName; + } + /** * Getter for the byte array of event values. * @return a clone of the byte array @@ -158,7 +176,7 @@ public class ReferenceDigestRecord extends ArchivableEntity { */ @Override public String toString() { - return String.format("ReferenceDigestRecord: %s%n%s -> %s", - super.toString(), this.manufacturer, this.model); + return String.format("ReferenceDigestRecord: %s%n%s::%s::%s", + super.toString(), this.manufacturer, this.model, this.deviceName); } } diff --git a/HIRS_Utils/src/main/java/hirs/persist/DBReferenceDigestManager.java b/HIRS_Utils/src/main/java/hirs/persist/DBReferenceDigestManager.java index a7177511..31cb6c71 100644 --- a/HIRS_Utils/src/main/java/hirs/persist/DBReferenceDigestManager.java +++ b/HIRS_Utils/src/main/java/hirs/persist/DBReferenceDigestManager.java @@ -108,6 +108,28 @@ public class DBReferenceDigestManager extends DBManager return dbRecord; } + @Override + public List getRecordsByDeviceName(final String deviceName) { + LOGGER.debug("Getting record for {}", deviceName); + if (deviceName == null) { + LOGGER.error("No deviceName to get record from db"); + return null; + } + + List dbRecords = new ArrayList<>(); + try { + List dbTempList = super.getList(ReferenceDigestRecord.class); + for (ReferenceDigestRecord rdr : dbTempList) { + if (rdr.getDeviceName().equals(deviceName)) { + dbRecords.add(rdr); + } + } + } catch (DBManagerException dbMEx) { + throw new RuntimeException(dbMEx); + } + return dbRecords; + } + @Override public ReferenceDigestRecord getRecordById(final ReferenceDigestRecord referenceDigestRecord) { LOGGER.debug("Getting record for {}", referenceDigestRecord); diff --git a/HIRS_Utils/src/main/java/hirs/persist/ReferenceDigestManager.java b/HIRS_Utils/src/main/java/hirs/persist/ReferenceDigestManager.java index b65cb4d8..83b4d67a 100644 --- a/HIRS_Utils/src/main/java/hirs/persist/ReferenceDigestManager.java +++ b/HIRS_Utils/src/main/java/hirs/persist/ReferenceDigestManager.java @@ -37,6 +37,14 @@ public interface ReferenceDigestManager { */ ReferenceDigestRecord getRecord(String manufacturer, String model); + /** + * Persists a new Reference Digest. + * + * @param deviceName the string of the network hostname + * @return the persisted ReferenceDigestRecord list + */ + List getRecordsByDeviceName(String deviceName); + /** * Persists a new Reference Digest. * diff --git a/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent.java b/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent.java index e99f42ba..28996a62 100644 --- a/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent.java +++ b/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent.java @@ -212,7 +212,7 @@ public class TpmPcrEvent { } /** - * Returns a formatted string of the type for the event minus the byte code + * Returns a formatted string of the type for the event minus the byte code. * @return a string formatted to be human readable */ public String getEventTypeString() {