From 667672d7fb3b5e44f32368038cccd2d92b698c35 Mon Sep 17 00:00:00 2001
From: iadgovuser29 <33426478+iadgovuser29@users.noreply.github.com>
Date: Mon, 15 Jul 2024 12:16:45 -0400
Subject: [PATCH] Attempt alternate lookup of rim by device name

---
 .../validation/FirmwareScvValidator.java      | 26 +++++++++++++++----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java
index 68975ea9..cf4dacf3 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java
@@ -61,18 +61,34 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
 
         baseReferenceManifests = referenceManifestRepository.findAllBaseRims();
 
-        for (BaseReferenceManifest bRim : baseReferenceManifests) {
-            if (bRim.getDeviceName().equals(hostName)
-                    && !bRim.isSwidSupplemental() && !bRim.isSwidPatch()) {
-                baseReferenceManifest = bRim;
+        // This block was looking for a base RIM matching the device name
+        // The base rim might not have a device name associated with it- i.e. if it's uploaded to the ACA prior to provisioning
+        // In this case, try to look up the event log associated with the device, then get the base rim associated by event log hash
+        List<ReferenceManifest> deviceRims = referenceManifestRepository.findByDeviceName(hostName);
+        for (ReferenceManifest deviceRim : deviceRims) {
+            if (deviceRim.isArchived()) {
+                continue;
             }
+
+            if (deviceRim instanceof BaseReferenceManifest && !deviceRim.isSwidSupplemental() && !deviceRim.isSwidPatch()) {
+                baseReferenceManifest = (BaseReferenceManifest) deviceRim;
+            }
+
+            if (deviceRim instanceof EventLogMeasurements) {
+                measurement = (EventLogMeasurements) deviceRim;
+            }
+        }
+
+        // Attempt to get an event log from the database matching the expected hash
+        if (baseReferenceManifest == null && measurement != null) {
+            baseReferenceManifest = (BaseReferenceManifest)referenceManifestRepository.findByHexDecHashAndRimType(measurement.getEventLogHash(), ReferenceManifest.BASE_RIM);
         }
 
         String failedString = "";
         if (baseReferenceManifest == null) {
             failedString = "Base Reference Integrity Manifest\n";
             passed = false;
-        } else {
+        } else if (measurement == null) {
             measurement = (EventLogMeasurements) referenceManifestRepository.findByHexDecHashAndRimType(
                     baseReferenceManifest.getEventLogHash(), ReferenceManifest.MEASUREMENT_RIM);