ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-22 06:17:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Updated the code to properly assign the base rim ID to the tpm events

Browse Source 
link and updated the image for the nav bar tpm events
This commit is contained in:
Cyrus 2022-02-03 12:04:12 -05:00
parent c5e3823acd
commit 6d4ee92b5f
4 changed files with 131 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/Page.java
View File

@ -54,14 +54,14 @@ public enum Page {
*/ */
RIM_DETAILS("Reference Integrity Manifest Details", RIM_DETAILS("Reference Integrity Manifest Details",
"", null, true, false, null, null), "", null, true, false, null, null),
/**
* Page to display RIM event digest table.
*/
TPM_EVENTS("RIM Database", "ic_important_devices", "first"),
/** /**
* Page that manages Attestation CA Policy. * Page that manages Attestation CA Policy.
*/ */
POLICY("Policy", "ic_subtitles"), POLICY("Policy", "ic_subtitles"),
/**
* Page to display RIM event digest table.
*/
TPM_EVENTS("RIM Database", null, "first"),
/** /**
* Help page. * Help page.
*/ */

3
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java
View File

@ -117,9 +117,6 @@ public class ReferenceManifestDetailsPageController
LOGGER.error(uuidError, iaEx); LOGGER.error(uuidError, iaEx);
} catch (Exception ioEx) { } catch (Exception ioEx) {
LOGGER.error(ioEx); LOGGER.error(ioEx);
for (StackTraceElement ste : ioEx.getStackTrace()) {
LOGGER.error(ste.toString());
}
} }
if (data.isEmpty()) { if (data.isEmpty()) {
String notFoundMessage = "Unable to find RIM with ID: " + params.getId(); String notFoundMessage = "Unable to find RIM with ID: " + params.getId();

155
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java
View File

@ -183,26 +183,27 @@ public class ReferenceManifestPageController
input, orderColumnName, criteriaModifier); input, orderColumnName, criteriaModifier);
SupportReferenceManifest support; SupportReferenceManifest support;
List<ReferenceDigestValue> events; // List<ReferenceDigestValue> events;
for (ReferenceManifest rim : records) { // for (ReferenceManifest rim : records) {
if (rim instanceof SupportReferenceManifest) { // if (rim instanceof SupportReferenceManifest) {
support = (SupportReferenceManifest) rim; // support = (SupportReferenceManifest) rim;
events = referenceEventManager.getValuesByRimId(support); // events = referenceEventManager.getValuesByRimId(support);
for (ReferenceDigestValue rdv : events) { //
// the selector isn't giving me what I want // for (ReferenceDigestValue rdv : events) {
if (support.getPlatformManufacturer() != null) { // // the selector isn't giving me what I want
rdv.setManufacturer(support.getPlatformManufacturer()); // if (support.getPlatformManufacturer() != null) {
} // rdv.setManufacturer(support.getPlatformManufacturer());
if (support.getPlatformModel() != null) { // }
rdv.setModel(support.getPlatformModel()); // if (support.getPlatformModel() != null) {
} // rdv.setModel(support.getPlatformModel());
if (support.getAssociatedRim() != null) { // }
rdv.setBaseRimId(support.getAssociatedRim()); // if (support.getAssociatedRim() != null) {
} // rdv.setBaseRimId(support.getAssociatedRim());
referenceEventManager.updateRecord(rdv); // }
} // referenceEventManager.updateRecord(rdv);
} // }
} // }
// }
LOGGER.debug("Returning list of size: " + records.size()); LOGGER.debug("Returning list of size: " + records.size());
return new DataTableResponse<>(records, input); return new DataTableResponse<>(records, input);
@ -238,34 +239,36 @@ public class ReferenceManifestPageController
//Parse reference manifests //Parse reference manifests
ReferenceManifest rim = parseRIM(file, supportRIM, messages); ReferenceManifest rim = parseRIM(file, supportRIM, messages);
// store first then update
ReferenceManifest referenceManifest = storeManifest(file.getOriginalFilename(),
messages,
rim,
supportRIM);
//Store only if it was parsed //Store only if it was parsed
if (rim != null) { if (rim != null) {
if (supportRIM) { if (supportRIM) {
// look for associated base/support // look for associated base/support
// if I am the support rim, my hash is in the meta data of the swidtag
Set<BaseReferenceManifest> rims = BaseReferenceManifest Set<BaseReferenceManifest> rims = BaseReferenceManifest
.select(referenceManifestManager).getRIMs(); .select(referenceManifestManager).getRIMs();
support = (SupportReferenceManifest) rim; support = (SupportReferenceManifest) rim;
// update information for associated support rim // update information for associated support rim
for (BaseReferenceManifest dbRim : rims) { for (BaseReferenceManifest bRim : rims) {
for (SwidResource swid : dbRim.parseResource()) { for (SwidResource swid : bRim.parseResource()) {
if (swid.getName().equals(rim.getFileName())) { if (support.getHexDecHash().equals(swid.getHashValue())) {
support.setSwidTagVersion(dbRim.getSwidTagVersion()); updateSupportRimInfo(bRim, support);
support.setPlatformManufacturer(dbRim.getPlatformManufacturer()); }
support.setPlatformModel(dbRim.getPlatformModel()); }
support.setTagId(dbRim.getTagId()); if (support.isUpdated()) {
support.setAssociatedRim(dbRim.getId());
support.setUpdated(true);
break; break;
} }
} }
}
} else { } else {
base = (BaseReferenceManifest) rim; base = (BaseReferenceManifest) referenceManifest;
// the base can find the support rim by the meta data hash
for (SwidResource swid : base.parseResource()) { for (SwidResource swid : base.parseResource()) {
support = SupportReferenceManifest.select(referenceManifestManager) support = SupportReferenceManifest.select(referenceManifestManager)
.byFileName(swid.getName()).getRIM(); .byHexDecHash(swid.getHashValue()).getRIM();
if (support != null) { if (support != null) {
base.setAssociatedRim(support.getId()); base.setAssociatedRim(support.getId());
if (support.isUpdated()) { if (support.isUpdated()) {
@ -273,29 +276,17 @@ public class ReferenceManifestPageController
// instead of finding it, it is uptodate but still search // instead of finding it, it is uptodate but still search
break; break;
} else { } else {
support.setSwidTagVersion(base.getSwidTagVersion()); updateSupportRimInfo(base, support);
support.setPlatformManufacturer(base.getPlatformManufacturer()); updateTpmEvents(support);
support.setPlatformModel(base.getPlatformModel());
support.setTagId(base.getTagId());
support.setUpdated(true);
// add in update code for the events based on support id
try { try {
referenceManifestManager.update(support); referenceManifestManager.update(support);
} catch (DBManagerException dbmEx) { } catch (DBManagerException dbmEx) {
LOGGER.error(String.format("Couldn't update Support RIM " LOGGER.warn("Failed to update Support RIM");
+ "%s with associated UUID %s", rim.getTagId(),
support.getId()), dbmEx);
} }
} }
} }
} }
} }
storeManifest(file.getOriginalFilename(),
messages,
rim,
supportRIM);
} }
} }
@ -337,6 +328,17 @@ public class ReferenceManifestPageController
String deleteCompletedMessage = "RIM successfully deleted"; String deleteCompletedMessage = "RIM successfully deleted";
messages.addInfo(deleteCompletedMessage); messages.addInfo(deleteCompletedMessage);
LOGGER.info(deleteCompletedMessage); LOGGER.info(deleteCompletedMessage);
// if support rim, update associated events
if (referenceManifest instanceof SupportReferenceManifest) {
List<ReferenceDigestValue> rdvs = referenceEventManager
.getValuesByRimId(referenceManifest);
for (ReferenceDigestValue rdv : rdvs) {
rdv.archive("Support RIM was deleted");
referenceEventManager.updateRecord(rdv);
}
}
} }
} catch (IllegalArgumentException ex) { } catch (IllegalArgumentException ex) {
String uuidError = "Failed to parse ID from: " + id; String uuidError = "Failed to parse ID from: " + id;
@ -519,7 +521,7 @@ public class ReferenceManifestPageController
* @param supportRim boolean flag indicating if this is a support RIM * @param supportRim boolean flag indicating if this is a support RIM
* process. * process.
*/ */
private void storeManifest( private ReferenceManifest storeManifest(
final String fileName, final String fileName,
final PageMessages messages, final PageMessages messages,
final ReferenceManifest referenceManifest, final ReferenceManifest referenceManifest,
@ -562,7 +564,7 @@ public class ReferenceManifestPageController
+ "failed (%s): ", fileName); + "failed (%s): ", fileName);
messages.addError(failMessage + e.getMessage()); messages.addError(failMessage + e.getMessage());
LOGGER.error(failMessage, e); LOGGER.error(failMessage, e);
return; return null;
} }
try { try {
@ -574,13 +576,14 @@ public class ReferenceManifestPageController
fileName); fileName);
messages.addSuccess(successMsg); messages.addSuccess(successMsg);
LOGGER.info(successMsg); LOGGER.info(successMsg);
return;
return referenceManifest;
} }
} catch (DBManagerException dbmEx) { } catch (DBManagerException dbmEx) {
final String failMessage = String.format("Storing RIM failed (%s): ", fileName); final String failMessage = String.format("Storing RIM failed (%s): ", fileName);
messages.addError(failMessage + dbmEx.getMessage()); messages.addError(failMessage + dbmEx.getMessage());
LOGGER.error(failMessage, dbmEx); LOGGER.error(failMessage, dbmEx);
return; return null;
} }
try { try {
@ -590,18 +593,62 @@ public class ReferenceManifestPageController
existingManifest.restore(); existingManifest.restore();
existingManifest.resetCreateTime(); existingManifest.resetCreateTime();
referenceManifestManager.update(existingManifest); referenceManifestManager.update(existingManifest);
saveTpmEvents(existingManifest);
final String successMsg final String successMsg
= String.format("Pre-existing RIM found and unarchived (%s): ", fileName); = String.format("Pre-existing RIM found and unarchived (%s): ", fileName);
messages.addSuccess(successMsg); messages.addSuccess(successMsg);
LOGGER.info(successMsg); LOGGER.info(successMsg);
return existingManifest;
} }
} catch (DBManagerException dbmEx) { } catch (DBManagerException dbmEx) {
final String failMessage = String.format("Found an identical pre-existing RIM in the " final String failMessage = String.format("Found an identical pre-existing RIM in the "
+ "archive, but failed to unarchive it (%s): ", fileName); + "archive, but failed to unarchive it (%s): ", fileName);
messages.addError(failMessage + dbmEx.getMessage()); messages.addError(failMessage + dbmEx.getMessage());
LOGGER.error(failMessage, dbmEx); LOGGER.error(failMessage, dbmEx);
return null;
}
return referenceManifest;
}
private void updateSupportRimInfo(final BaseReferenceManifest dbBaseRim,
final SupportReferenceManifest supportRim) {
// I have to assume the baseRim is from the database
// Updating the id values, manufacturer, model
if (supportRim != null) {
supportRim.setSwidTagVersion(dbBaseRim.getSwidTagVersion());
supportRim.setPlatformManufacturer(dbBaseRim.getPlatformManufacturer());
supportRim.setPlatformModel(dbBaseRim.getPlatformModel());
supportRim.setTagId(dbBaseRim.getTagId());
supportRim.setAssociatedRim(dbBaseRim.getId());
supportRim.setUpdated(true);
}
}
private void updateTpmEvents(final ReferenceManifest referenceManifest) {
String manufacturer;
String model;
if (referenceManifest.getPlatformManufacturer() == null) {
manufacturer = "";
} else {
manufacturer = referenceManifest.getPlatformManufacturer();
}
if (referenceManifest.getPlatformModel() == null) {
model = "";
} else {
model = referenceManifest.getPlatformModel();
}
List<ReferenceDigestValue> rdvs = referenceEventManager
.getValuesByRimId(referenceManifest);
for (ReferenceDigestValue rdv : rdvs) {
rdv.setModel(model);
rdv.setManufacturer(manufacturer);
rdv.setBaseRimId(referenceManifest.getAssociatedRim());
referenceEventManager.updateRecord(rdv);
} }
} }

26
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/TpmEventsPageController.java
View File

@ -9,12 +9,16 @@ import hirs.attestationca.portal.page.Page;
import hirs.attestationca.portal.page.PageController; import hirs.attestationca.portal.page.PageController;
import hirs.attestationca.portal.page.params.NoPageParams; import hirs.attestationca.portal.page.params.NoPageParams;
import hirs.data.persist.ReferenceDigestValue; import hirs.data.persist.ReferenceDigestValue;
import hirs.data.persist.SupportReferenceManifest;
import hirs.data.persist.certificate.Certificate; import hirs.data.persist.certificate.Certificate;
import hirs.persist.CriteriaModifier; import hirs.persist.CriteriaModifier;
import hirs.persist.DBManagerException;
import hirs.persist.DBReferenceDigestManager; import hirs.persist.DBReferenceDigestManager;
import hirs.persist.DBReferenceEventManager; import hirs.persist.DBReferenceEventManager;
import hirs.persist.DBReferenceManifestManager;
import hirs.persist.ReferenceDigestManager; import hirs.persist.ReferenceDigestManager;
import hirs.persist.ReferenceEventManager; import hirs.persist.ReferenceEventManager;
import hirs.persist.ReferenceManifestManager;
import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
import org.hibernate.Criteria; import org.hibernate.Criteria;
@ -43,6 +47,7 @@ public class TpmEventsPageController
private static final String BIOS_RELEASE_DATE_FORMAT = "yyyy-MM-dd"; private static final String BIOS_RELEASE_DATE_FORMAT = "yyyy-MM-dd";
private final BiosDateValidator biosValidator; private final BiosDateValidator biosValidator;
private final ReferenceManifestManager referenceManifestManager;
private final ReferenceDigestManager referenceDigestManager; private final ReferenceDigestManager referenceDigestManager;
private final ReferenceEventManager referenceEventManager; private final ReferenceEventManager referenceEventManager;
private static final Logger LOGGER private static final Logger LOGGER
@ -93,14 +98,17 @@ public class TpmEventsPageController
/** /**
* Constructor providing the Page's display and routing specification. * Constructor providing the Page's display and routing specification.
* *
* @param referenceManifestManager the ReferenceManifestManager object
* @param referenceDigestManager the ReferenceDigestManager object * @param referenceDigestManager the ReferenceDigestManager object
* @param referenceEventManager the referenceEventManager object * @param referenceEventManager the referenceEventManager object
*/ */
@Autowired @Autowired
public TpmEventsPageController( public TpmEventsPageController(
final DBReferenceManifestManager referenceManifestManager,
final DBReferenceDigestManager referenceDigestManager, final DBReferenceDigestManager referenceDigestManager,
final DBReferenceEventManager referenceEventManager) { final DBReferenceEventManager referenceEventManager) {
super(Page.TPM_EVENTS); super(Page.TPM_EVENTS);
this.referenceManifestManager = referenceManifestManager;
this.referenceDigestManager = referenceDigestManager; this.referenceDigestManager = referenceDigestManager;
this.referenceEventManager = referenceEventManager; this.referenceEventManager = referenceEventManager;
this.biosValidator = new BiosDateValidator(BIOS_RELEASE_DATE_FORMAT); this.biosValidator = new BiosDateValidator(BIOS_RELEASE_DATE_FORMAT);
@ -155,6 +163,24 @@ public class TpmEventsPageController
referenceEventManager, referenceEventManager,
input, orderColumnName, criteriaModifier); input, orderColumnName, criteriaModifier);
SupportReferenceManifest support;
for (ReferenceDigestValue rdv : referenceDigestValues) {
// We are updating the base rim ID field if necessary and
if (rdv.getBaseRimId() == null) {
support = SupportReferenceManifest.select(referenceManifestManager)
.byEntityId(rdv.getSupportRimId()).getRIM();
if (support != null) {
rdv.setBaseRimId(support.getAssociatedRim());
try {
referenceEventManager.updateRecord(rdv);
} catch (DBManagerException e) {
LOGGER.error("Failed to update TPM Event with Base RIM ID");
LOGGER.error(rdv);
}
}
}
}
return new DataTableResponse<>(referenceDigestValues, input); return new DataTableResponse<>(referenceDigestValues, input);
} }
} }