mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-21 13:57:56 +00:00
Please enter the message for your changes.ssociated event values to the
support rim and delete them properly and to not also upload duplicate issues. [no ci]
This commit is contained in:
parent
210c48dada
commit
6e96c32a5e
@ -13,12 +13,11 @@ public interface ReferenceDigestValueRepository extends JpaRepository<ReferenceD
|
||||
|
||||
@Query(value = "SELECT * FROM ReferenceDigestValue", nativeQuery = true)
|
||||
List<ReferenceDigestValue> listAll();
|
||||
@Query(value = "SELECT * FROM ReferenceDigestValue WHERE model = ?1", nativeQuery = true)
|
||||
List<ReferenceDigestValue> listByModel(String model);
|
||||
@Query(value = "SELECT * FROM ReferenceDigestValue WHERE manufacturer = ?1", nativeQuery = true)
|
||||
List<ReferenceDigestValue> listByManufacturer(String manufacturer);
|
||||
List<ReferenceDigestValue> findByModel(String model);
|
||||
List<ReferenceDigestValue> findByManufacturer(String manufacturer);
|
||||
@Query(value = "SELECT * FROM ReferenceDigestValue WHERE baseRimId = '?1' OR supportRimId = '?1'", nativeQuery = true)
|
||||
List<ReferenceDigestValue> getValuesByRimId(UUID associatedRimId);
|
||||
@Query(value = "SELECT * FROM ReferenceDigestValue WHERE supportRimId = '?1'", nativeQuery = true)
|
||||
List<ReferenceDigestValue> getValuesBySupportRimId(UUID supportRimId);
|
||||
List<ReferenceDigestValue> findBySupportRimId(UUID supportRimId);
|
||||
List<ReferenceDigestValue> findBySupportRimHash(String supportRimHash);
|
||||
}
|
||||
|
@ -14,14 +14,12 @@ import java.util.UUID;
|
||||
@Repository
|
||||
public interface ReferenceManifestRepository extends JpaRepository<ReferenceManifest, UUID> {
|
||||
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE hexDecHash = ?1", nativeQuery = true)
|
||||
ReferenceManifest findByHash(String rimHash);
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE hexDecHash = ?1 AND rimType = ?2", nativeQuery = true)
|
||||
ReferenceManifest findByHash(String rimHash, String rimType);
|
||||
ReferenceManifest findByHexDecHash(String hexDecHash);
|
||||
ReferenceManifest findByHexDecHashAndRimType(String hexDecHash, String rimType);
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE platformManufacturer = ?1 AND platformModel = ?2 AND rimType = 'Base'", nativeQuery = true)
|
||||
List<BaseReferenceManifest> getBaseByManufacturerModel(String manufacturer, String model);
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE platformManufacturer = ?1 AND DTYPE = ?2", nativeQuery = true)
|
||||
List<ReferenceManifest> getByManufacturer(String manufacturer, String dType);
|
||||
ReferenceManifest getByManufacturer(String manufacturer, String dType);
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE platformModel = ?1 AND DTYPE = ?2", nativeQuery = true)
|
||||
ReferenceManifest getByModel(String model, String dType);
|
||||
@Query(value = "SELECT * FROM ReferenceManifest WHERE DTYPE = 'BaseReferenceManifest'", nativeQuery = true)
|
||||
|
@ -3,8 +3,6 @@ package hirs.attestationca.persist.entity.userdefined.rim;
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
import hirs.attestationca.persist.entity.userdefined.ReferenceManifest;
|
||||
import hirs.attestationca.persist.enums.AppraisalStatus;
|
||||
import hirs.attestationca.persist.service.ReferenceManifestServiceImpl;
|
||||
import hirs.attestationca.persist.service.selector.ReferenceManifestSelector;
|
||||
import hirs.utils.tpm.eventlog.TCGEventLog;
|
||||
import hirs.utils.tpm.eventlog.TpmPcrEvent;
|
||||
import jakarta.persistence.Column;
|
||||
@ -41,66 +39,6 @@ public class EventLogMeasurements extends ReferenceManifest {
|
||||
@Getter @Setter
|
||||
private AppraisalStatus.Status overallValidationResult = AppraisalStatus.Status.FAIL;
|
||||
|
||||
/**
|
||||
* This class enables the retrieval of SupportReferenceManifest by their attributes.
|
||||
*/
|
||||
public static class Selector extends ReferenceManifestSelector<EventLogMeasurements> {
|
||||
/**
|
||||
* Construct a new ReferenceManifestSelector that
|
||||
* will use the given (@link ReferenceManifestService}
|
||||
* to retrieve one or may SupportReferenceManifest.
|
||||
*
|
||||
* @param referenceManifestManager the reference manifest manager to be used to retrieve
|
||||
* reference manifests.
|
||||
*/
|
||||
public Selector(final ReferenceManifestServiceImpl referenceManifestManager) {
|
||||
super(referenceManifestManager, EventLogMeasurements.class, false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Specify the platform manufacturer that rims must have to be considered
|
||||
* as matching.
|
||||
* @param manufacturer string for the manufacturer
|
||||
* @return this instance
|
||||
*/
|
||||
public Selector byManufacturer(final String manufacturer) {
|
||||
setFieldValue(PLATFORM_MANUFACTURER, manufacturer);
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Specify the platform model that rims must have to be considered
|
||||
* as matching.
|
||||
* @param model string for the model
|
||||
* @return this instance
|
||||
*/
|
||||
public Selector byModel(final String model) {
|
||||
setFieldValue(PLATFORM_MODEL, model);
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Specify the device name that rims must have to be considered
|
||||
* as matching.
|
||||
* @param deviceName string for the deviceName
|
||||
* @return this instance
|
||||
*/
|
||||
public Selector byDeviceName(final String deviceName) {
|
||||
setFieldValue("deviceName", deviceName);
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Specify the RIM hash associated with the Event Log.
|
||||
* @param hexDecHash the hash of the file associated with the rim
|
||||
* @return this instance
|
||||
*/
|
||||
public Selector byHexDecHash(final String hexDecHash) {
|
||||
setFieldValue(HEX_DEC_HASH_FIELD, hexDecHash);
|
||||
return this;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Support constructor for the RIM object.
|
||||
*
|
||||
@ -135,17 +73,6 @@ public class EventLogMeasurements extends ReferenceManifest {
|
||||
this.pcrHash = 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a Selector for use in retrieving ReferenceManifest.
|
||||
*
|
||||
* @param rimMan the ReferenceManifestService to be used to retrieve
|
||||
* persisted RIMs
|
||||
* @return a Selector instance to use for retrieving RIMs
|
||||
*/
|
||||
public static Selector select(final ReferenceManifestServiceImpl rimMan) {
|
||||
return new Selector(rimMan);
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter method for the expected PCR values contained within the support
|
||||
* RIM.
|
||||
|
@ -1,6 +1,6 @@
|
||||
package hirs.attestationca.persist.entity.userdefined.rim;
|
||||
|
||||
import hirs.attestationca.persist.entity.ArchivableEntity;
|
||||
import hirs.attestationca.persist.entity.AbstractEntity;
|
||||
import jakarta.persistence.Access;
|
||||
import jakarta.persistence.AccessType;
|
||||
import jakarta.persistence.Column;
|
||||
@ -26,7 +26,7 @@ import java.util.UUID;
|
||||
@EqualsAndHashCode(callSuper=false)
|
||||
@Table(name = "ReferenceDigestValue")
|
||||
@Access(AccessType.FIELD)
|
||||
public class ReferenceDigestValue extends ArchivableEntity {
|
||||
public class ReferenceDigestValue extends AbstractEntity {
|
||||
|
||||
@JdbcTypeCode(java.sql.Types.VARCHAR)
|
||||
@Column
|
||||
@ -43,6 +43,8 @@ public class ReferenceDigestValue extends ArchivableEntity {
|
||||
@Column(nullable = false)
|
||||
private String digestValue;
|
||||
@Column(nullable = false)
|
||||
private String supportRimHash;
|
||||
@Column(nullable = false)
|
||||
private String eventType;
|
||||
@Column(columnDefinition = "blob", nullable = true)
|
||||
private byte[] contentBlob;
|
||||
@ -64,6 +66,7 @@ public class ReferenceDigestValue extends ArchivableEntity {
|
||||
this.model = "";
|
||||
this.pcrIndex = -1;
|
||||
this.digestValue = "";
|
||||
this.supportRimHash = "";
|
||||
this.eventType = "";
|
||||
this.matchFail = false;
|
||||
this.patched = false;
|
||||
@ -79,6 +82,7 @@ public class ReferenceDigestValue extends ArchivableEntity {
|
||||
* @param model the specific device type
|
||||
* @param pcrIndex the event number
|
||||
* @param digestValue the key digest value
|
||||
* @param supportRimHash the support file's hash value
|
||||
* @param eventType the event type to store
|
||||
* @param matchFail the status of the baseline check
|
||||
* @param patched the status of the value being updated to patch
|
||||
@ -88,6 +92,7 @@ public class ReferenceDigestValue extends ArchivableEntity {
|
||||
public ReferenceDigestValue(final UUID baseRimId, final UUID supportRimId,
|
||||
final String manufacturer, final String model,
|
||||
final int pcrIndex, final String digestValue,
|
||||
final String supportRimHash,
|
||||
final String eventType, final boolean matchFail,
|
||||
final boolean patched, final boolean updated,
|
||||
final byte[] contentBlob) {
|
||||
@ -97,6 +102,7 @@ public class ReferenceDigestValue extends ArchivableEntity {
|
||||
this.model = model;
|
||||
this.pcrIndex = pcrIndex;
|
||||
this.digestValue = digestValue;
|
||||
this.supportRimHash = supportRimHash;
|
||||
this.eventType = eventType;
|
||||
this.matchFail = matchFail;
|
||||
this.patched = patched;
|
||||
|
@ -29,7 +29,6 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.KeyStore;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.cert.CertificateException;
|
||||
@ -234,8 +233,8 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
data.put("pcUriLocal", baseRim.getPcURILocal());
|
||||
data.put("rimLinkHash", baseRim.getRimLinkHash());
|
||||
if (baseRim.getRimLinkHash() != null) {
|
||||
ReferenceManifest rim = referenceManifestRepository.findByHash(baseRim.getRimLinkHash(),
|
||||
"BaseReferenceManifest");
|
||||
ReferenceManifest rim = referenceManifestRepository.findByHexDecHashAndRimType(
|
||||
baseRim.getRimLinkHash(), ReferenceManifest.BASE_RIM);
|
||||
if (rim != null) {
|
||||
data.put("rimLinkId", rim.getId());
|
||||
data.put("linkHashValid", true);
|
||||
@ -247,27 +246,12 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
|
||||
List<SwidResource> resources = baseRim.getFileResources();
|
||||
TCGEventLog logProcessor = null;
|
||||
List<ReferenceManifest> subManifests;
|
||||
SupportReferenceManifest support = null;
|
||||
|
||||
if (baseRim.getAssociatedRim() == null) {
|
||||
/**
|
||||
* Need to have parsing implemented
|
||||
*/
|
||||
// referenceManifestRepository.findByHash("hexDecHash", "Support");
|
||||
subManifests = referenceManifestRepository
|
||||
support = (SupportReferenceManifest) referenceManifestRepository
|
||||
.getByManufacturer(baseRim.getPlatformManufacturer(),
|
||||
"SupportReferenceManifest");
|
||||
String fileString = new String(baseRim.getRimBytes(), StandardCharsets.UTF_8);
|
||||
|
||||
for (ReferenceManifest rim : subManifests) {
|
||||
if (rim instanceof SupportReferenceManifest) {
|
||||
support = (SupportReferenceManifest) rim;
|
||||
if (fileString.contains(rim.getHexDecHash())) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (support != null) {
|
||||
baseRim.setAssociatedRim(support.getId());
|
||||
}
|
||||
@ -314,8 +298,8 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
data.replace("signatureValid", true);
|
||||
break;
|
||||
}
|
||||
} catch (SupplyChainValidatorException scvEx) {
|
||||
log.warn("Error verifying cert chain: " + scvEx.getMessage());
|
||||
} catch (SupplyChainValidatorException e) {
|
||||
log.error("Error verifying cert chain: " + e.getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -329,8 +313,6 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
}
|
||||
} catch (NullPointerException e) {
|
||||
log.error("Unable to link signing certificate: " + e.getMessage());
|
||||
} catch (Exception ex) {
|
||||
log.warn(ex.getMessage());
|
||||
}
|
||||
return data;
|
||||
}
|
||||
@ -373,8 +355,8 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
// testing this independent of the above if statement because the above
|
||||
// starts off checking if associated rim is null; that is irrelevant for
|
||||
// this statement.
|
||||
measurements = (EventLogMeasurements) referenceManifestRepository.findByHash(support.getHexDecHash(),
|
||||
"EventLogMeasurements");
|
||||
measurements = (EventLogMeasurements) referenceManifestRepository.findByHexDecHashAndRimType(support.getHexDecHash(),
|
||||
ReferenceManifest.MEASUREMENT_RIM);
|
||||
|
||||
if (support.isSwidPatch()) {
|
||||
data.put("swidPatch", "True");
|
||||
@ -525,7 +507,7 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
data.put("validationResult", measurements.getOverallValidationResult());
|
||||
data.put("swidBase", true);
|
||||
|
||||
List<ReferenceDigestValue> eventValues = new ArrayList<>();
|
||||
List<ReferenceDigestValue> eventValues = new LinkedList<>();
|
||||
if (measurements.getDeviceName() != null) {
|
||||
supports.addAll(referenceManifestRepository.byDeviceName(measurements
|
||||
.getDeviceName()));
|
||||
@ -545,7 +527,7 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
|
||||
data.put("associatedRim", base.getId());
|
||||
}
|
||||
|
||||
eventValues.addAll(referenceDigestValueRepository.getValuesByRimId(base.getId()));
|
||||
eventValues.addAll(referenceDigestValueRepository.findBySupportRimId(baseSupport.getId()));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -221,26 +221,25 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
|
||||
try {
|
||||
ReferenceManifest referenceManifest = getRimFromDb(id);
|
||||
List<ReferenceDigestValue> values = new LinkedList<>();
|
||||
|
||||
if (referenceManifest == null) {
|
||||
String notFoundMessage = "Unable to locate RIM with ID: " + id;
|
||||
messages.addError(notFoundMessage);
|
||||
log.warn(notFoundMessage);
|
||||
} else {
|
||||
// if support rim, update associated events
|
||||
values = referenceDigestValueRepository.findBySupportRimHash(
|
||||
referenceManifest.getHexDecHash());
|
||||
|
||||
for (ReferenceDigestValue value : values) {
|
||||
referenceDigestValueRepository.delete(value);
|
||||
}
|
||||
|
||||
referenceManifestRepository.delete(referenceManifest);
|
||||
String deleteCompletedMessage = "RIM successfully deleted";
|
||||
messages.addInfo(deleteCompletedMessage);
|
||||
log.info(deleteCompletedMessage);
|
||||
|
||||
// if support rim, update associated events
|
||||
if (referenceManifest instanceof SupportReferenceManifest) {
|
||||
List<ReferenceDigestValue> values = referenceDigestValueRepository
|
||||
.getValuesByRimId(referenceManifest.getId());
|
||||
|
||||
for (ReferenceDigestValue value : values) {
|
||||
referenceDigestValueRepository.delete(value);
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (IllegalArgumentException iaEx) {
|
||||
String uuidError = "Failed to parse ID from: " + id;
|
||||
@ -396,6 +395,8 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
|
||||
byte[] fileBytes = new byte[0];
|
||||
String fileName = file.getOriginalFilename();
|
||||
BaseReferenceManifest baseRim;
|
||||
SupportReferenceManifest supportRim;
|
||||
|
||||
// build the manifest from the uploaded bytes
|
||||
try {
|
||||
@ -409,9 +410,18 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
|
||||
try {
|
||||
if (supportRIM) {
|
||||
supportRims.add(new SupportReferenceManifest(fileName, fileBytes));
|
||||
supportRim = new SupportReferenceManifest(fileName, fileBytes);
|
||||
if (referenceManifestRepository.findByHexDecHashAndRimType(supportRim.getHexDecHash(),
|
||||
supportRim.getRimType()) == null) {
|
||||
supportRims.add(supportRim);
|
||||
messages.addInfo("Saved Reference Manifest " + fileName);
|
||||
}
|
||||
} else {
|
||||
baseRims.add(new BaseReferenceManifest(fileName, fileBytes));
|
||||
baseRim = new BaseReferenceManifest(fileName, fileBytes);
|
||||
if (referenceManifestRepository.findByHexDecHashAndRimType(baseRim.getHexDecHash(),
|
||||
baseRim.getRimType()) == null) {
|
||||
baseRims.add(baseRim);
|
||||
}
|
||||
}
|
||||
} catch (IOException ioEx) {
|
||||
final String failMessage
|
||||
@ -489,7 +499,7 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
// So first we'll have to pull values based on support rim
|
||||
// get by support rim id NEXT
|
||||
if (dbSupport.getPlatformManufacturer() != null) {
|
||||
tpmEvents = referenceDigestValueRepository.getValuesBySupportRimId(dbSupport.getAssociatedRim());
|
||||
tpmEvents = referenceDigestValueRepository.findBySupportRimId(dbSupport.getId());
|
||||
baseRim = findBaseRim(dbSupport);
|
||||
if (tpmEvents.isEmpty()) {
|
||||
try {
|
||||
@ -498,8 +508,9 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
|
||||
newRdv = new ReferenceDigestValue(baseRim.getId(),
|
||||
dbSupport.getId(), dbSupport.getPlatformManufacturer(),
|
||||
dbSupport.getPlatformModel(), tpe.getPcrIndex(),
|
||||
tpe.getEventDigestStr(), tpe.getEventTypeStr(),
|
||||
false, false, true, tpe.getEventContent());
|
||||
tpe.getEventDigestStr(), dbSupport.getHexDecHash(),
|
||||
tpe.getEventTypeStr(),false, false,
|
||||
true, tpe.getEventContent());
|
||||
|
||||
this.referenceDigestValueRepository.save(newRdv);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user