ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-31 00:24:00 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Attempt alternate lookup of rim by device name

Browse Source
This commit is contained in:
iadgovuser29 2024-07-15 12:16:45 -04:00
parent 0728756cb7
commit 667672d7fb
1 changed files with 21 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java
View File

@ -61,18 +61,34 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
baseReferenceManifests = referenceManifestRepository.findAllBaseRims();
for (BaseReferenceManifest bRim : baseReferenceManifests) {
if (bRim.getDeviceName().equals(hostName)
&& !bRim.isSwidSupplemental() && !bRim.isSwidPatch()) {
baseReferenceManifest = bRim;
// This block was looking for a base RIM matching the device name
// The base rim might not have a device name associated with it- i.e. if it's uploaded to the ACA prior to provisioning
// In this case, try to look up the event log associated with the device, then get the base rim associated by event log hash
List<ReferenceManifest> deviceRims = referenceManifestRepository.findByDeviceName(hostName);
for (ReferenceManifest deviceRim : deviceRims) {
if (deviceRim.isArchived()) {
continue;
}
if (deviceRim instanceof BaseReferenceManifest && !deviceRim.isSwidSupplemental() && !deviceRim.isSwidPatch()) {
baseReferenceManifest = (BaseReferenceManifest) deviceRim;
}
if (deviceRim instanceof EventLogMeasurements) {
measurement = (EventLogMeasurements) deviceRim;
}
}
// Attempt to get an event log from the database matching the expected hash
if (baseReferenceManifest == null && measurement != null) {
baseReferenceManifest = (BaseReferenceManifest)referenceManifestRepository.findByHexDecHashAndRimType(measurement.getEventLogHash(), ReferenceManifest.BASE_RIM);
}
String failedString = "";
if (baseReferenceManifest == null) {
failedString = "Base Reference Integrity Manifest\n";
passed = false;
} else {
} else if (measurement == null) {
measurement = (EventLogMeasurements) referenceManifestRepository.findByHexDecHashAndRimType(
baseReferenceManifest.getEventLogHash(), ReferenceManifest.MEASUREMENT_RIM);