HIRS_Utils Unit Tests Migration from /hirs/data/persist directory (#632)

* Adding TPMInfoTest with necessary resources, and adding EndorsementCredentialTest with approved fix to EndorsementCredential * Adding CertificateAuthorityCredentialTest and adding mockito import to build.gradle
2025-01-31 00:24:00 +00:00 · 2023-12-05 15:09:01 -05:00 · 2023-12-05 15:09:01 -05:00 · 748d7a317f
commit 748d7a317f
parent b52eb770f5
14 changed files with 809 additions and 5 deletions
--- a/HIRS_AttestationCA/build.gradle
+++ b/HIRS_AttestationCA/build.gradle
@ -50,6 +50,8 @@ dependencies {
    testImplementation 'org.junit.platform:junit-platform-launcher:1.9.3'
    testImplementation 'org.hamcrest:hamcrest:2.2'

+    testImplementation 'org.mockito:mockito-core:4.2.0'
+
    // spring management
    compileOnly libs.lombok
    implementation libs.lombok
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredential.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredential.java
@ -36,7 +36,6 @@ import org.bouncycastle.asn1.DERIA5String;
 import org.bouncycastle.asn1.DERNumericString;
 import org.bouncycastle.asn1.DERPrintableString;
 import org.bouncycastle.asn1.DERT61String;
-import org.bouncycastle.asn1.DERTaggedObject;
 import org.bouncycastle.asn1.DERUTF8String;
 import org.bouncycastle.asn1.DERUniversalString;
 import org.bouncycastle.asn1.DERVisibleString;
@ -348,10 +347,10 @@ public class EndorsementCredential extends DeviceAssociatedCertificate {
            log.debug("Found TPM Assertions: " + tpmSecurityAssertions.toString());
            // Iterate through remaining fields to set optional attributes
            int tag;
-            DERTaggedObject obj;
+            ASN1TaggedObject obj;
            for (int i = seqPosition; i < seq.size(); i++) {
-                if (seq.getObjectAt(i) instanceof DERTaggedObject) {
-                    obj = (DERTaggedObject) seq.getObjectAt(i);
+                if (seq.getObjectAt(i) instanceof ASN1TaggedObject) {
+                    obj = (ASN1TaggedObject) seq.getObjectAt(i);
                    tag = obj.getTagNo();
                    if (tag == EK_TYPE_TAG) {
                        int ekGenTypeVal = ((ASN1Enumerated) obj.getObject()).getValue().intValue();
@ -375,7 +374,7 @@ public class EndorsementCredential extends DeviceAssociatedCertificate {
                            TPMSecurityAssertions.EkGenerationLocation ekCertGenLoc
                                    = TPMSecurityAssertions.EkGenerationLocation.
                                    values()[ekCertGenLocVal];
-                            tpmSecurityAssertions.setEkGenerationLocation(ekCertGenLoc);
+                            tpmSecurityAssertions.setEkCertificateGenerationLocation(ekCertGenLoc);
                        }
                    }
                    // ccInfo, fipsLevel, iso9000Certified, and iso9000Uri still to be implemented
--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateAuthorityCredentialTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateAuthorityCredentialTest.java
@ -0,0 +1,48 @@
+package hirs.attestationca.persist.entity.userdefined.certificate;
+
+import hirs.attestationca.persist.entity.userdefined.CertificateTest;
+import org.apache.commons.codec.binary.Hex;
+import static org.mockito.Mockito.mock;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import org.junit.jupiter.api.Test;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.security.cert.CertificateException;
+import hirs.attestationca.persist.entity.manager.CertificateRepository;
+
+/**
+ * Tests that CertificateAuthorityCredential properly parses its fields.
+ */
+public class CertificateAuthorityCredentialTest {
+    private static final CertificateRepository CERT_MAN = mock(CertificateRepository.class);
+
+    /**
+     * Tests that a CertificateAuthorityCredential can be created from an X.509 certificate and
+     * that the subject key identifier is correctly extracted.
+     *
+     * @throws IOException if the certificate could not be constructed properly
+     * @throws CertificateException if there is a problem with the KeyStore or de/serializing the
+     *                              certificate
+     * @throws URISyntaxException if there is a problem constructing the path to the certificate
+     */
+    @Test
+    public void testGetSubjectKeyIdentifier()
+            throws CertificateException, IOException, URISyntaxException {
+        Path testCertPath = Paths.get(
+                this.getClass().getResource(CertificateTest.FAKE_ROOT_CA_FILE).toURI()
+        );
+        CertificateAuthorityCredential caCred = new CertificateAuthorityCredential(testCertPath);
+
+        byte[] subjectKeyIdentifier = caCred.getSubjectKeyIdentifier();
+
+        assertNotNull(subjectKeyIdentifier);
+        assertEquals(
+                Hex.encodeHexString(subjectKeyIdentifier),
+                CertificateTest.FAKE_ROOT_CA_SUBJECT_KEY_IDENTIFIER_HEX
+        );
+    }
+}
--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredentialTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredentialTest.java
@ -0,0 +1,215 @@
+package hirs.attestationca.persist.entity.userdefined.certificate;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+
+import hirs.attestationca.persist.entity.userdefined.CertificateTest;
+import org.junit.jupiter.api.Test;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import hirs.attestationca.persist.entity.userdefined.certificate.attributes.TPMSecurityAssertions;
+import hirs.attestationca.persist.entity.userdefined.certificate.attributes.TPMSpecification;
+
+/**
+ * Tests for the EndorsementCredential class.
+ */
+public class EndorsementCredentialTest {
+    private static final String TEST_ENDORSEMENT_CREDENTIAL
+            = "/certificates/ab21ccf2-tpmcert.pem";
+    private static final String TEST_ENDORSEMENT_CREDENTIAL_NUC1
+            = "/certificates/nuc-1/tpmcert.pem";
+    private static final String TEST_ENDORSEMENT_CREDENTIAL_NUC2
+            = "/certificates/nuc-2/tpmcert.pem";
+    private static final String EK_CERT_WITH_SECURITY_ASSERTIONS =
+            "/certificates/ek_cert_with_security_assertions.cer";
+
+    /**
+     * Tests the successful parsing of an EC using a test cert from STM.
+     * @throws IOException test failed due to invalid certificate parsing
+     */
+    @Test
+    public void testParse() throws IOException {
+        String path = CertificateTest.class.getResource(TEST_ENDORSEMENT_CREDENTIAL).
+                getPath();
+        Path fPath = Paths.get(path);
+        EndorsementCredential ec = new EndorsementCredential(fPath);
+        assertNotNull(ec);
+
+        //test the fields
+        assertEquals(ec.getManufacturer(), "id:53544D20");
+        assertEquals(ec.getModel(), "ST33ZP24PVSP");
+        assertEquals(ec.getVersion(), "id:0D0C");
+
+        TPMSpecification spec = ec.getTpmSpecification();
+        assertEquals(spec.getFamily(), "1.2");
+        assertEquals(spec.getLevel(), BigInteger.valueOf(2));
+        assertEquals(spec.getRevision(), BigInteger.valueOf(116));
+
+        TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
+        assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
+        assertTrue(asserts.isFieldUpgradeable());
+        assertEquals(asserts.getEkGenType(),
+                TPMSecurityAssertions.EkGenerationType.INJECTED);
+        assertEquals(asserts.getEkGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+        assertEquals(asserts.getEkCertificateGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+    }
+
+    /**
+     * Tests the successful parsing of an EC using a test cert from NUC 1.
+     * @throws IOException test failed due to invalid certificate parsing
+     */
+    @Test
+    public void testParseNuc1() throws IOException {
+        String path = CertificateTest.class.getResource(
+                TEST_ENDORSEMENT_CREDENTIAL_NUC1).getPath();
+        Path fPath = Paths.get(path);
+        EndorsementCredential ec = new EndorsementCredential(fPath);
+        assertNotNull(ec);
+
+        //test the fields
+        assertEquals(ec.getManufacturer(), "id:53544D20");
+        assertEquals(ec.getModel(), "ST33ZP24PVSP");
+        assertEquals(ec.getVersion(), "id:0D0C");
+
+        TPMSpecification spec = ec.getTpmSpecification();
+        assertEquals(spec.getFamily(), "1.2");
+        assertEquals(spec.getLevel(), BigInteger.valueOf(2));
+        assertEquals(spec.getRevision(), BigInteger.valueOf(116));
+
+        TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
+        assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
+        assertTrue(asserts.isFieldUpgradeable());
+        assertEquals(asserts.getEkGenType(),
+                TPMSecurityAssertions.EkGenerationType.INJECTED);
+        assertEquals(asserts.getEkGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+        assertEquals(asserts.getEkCertificateGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+    }
+
+    /**
+     * Tests the successful parsing of an EC using a test cert from NUC 1,
+     * using the static builder method.
+     * @throws IOException test failed due to invalid certificate parsing
+     */
+    @Test
+    public void testParseNuc1BuilderMethod() throws IOException {
+        String path = CertificateTest.class.getResource(
+                TEST_ENDORSEMENT_CREDENTIAL_NUC1).getPath();
+        Path fPath = Paths.get(path);
+        byte[] ecBytes = Files.readAllBytes(fPath);
+
+        EndorsementCredential ec = EndorsementCredential.parseWithPossibleHeader(ecBytes);
+        assertNotNull(ec);
+
+        //test the fields
+        assertEquals(ec.getManufacturer(), "id:53544D20");
+        assertEquals(ec.getModel(), "ST33ZP24PVSP");
+        assertEquals(ec.getVersion(), "id:0D0C");
+
+        TPMSpecification spec = ec.getTpmSpecification();
+        assertEquals(spec.getFamily(), "1.2");
+        assertEquals(spec.getLevel(), BigInteger.valueOf(2));
+        assertEquals(spec.getRevision(), BigInteger.valueOf(116));
+
+        TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
+        assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
+        assertTrue(asserts.isFieldUpgradeable());
+        assertEquals(asserts.getEkGenType(),
+                TPMSecurityAssertions.EkGenerationType.INJECTED);
+        assertEquals(asserts.getEkGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+        assertEquals(asserts.getEkCertificateGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+    }
+
+    /**
+     * Tests the successful parsing of an EC using a test cert from NUC 2.
+     * @throws IOException test failed due to invalid certificate parsing
+     */
+    @Test
+    public void testParseNuc2() throws IOException {
+        String path = CertificateTest.class.getResource(
+                TEST_ENDORSEMENT_CREDENTIAL_NUC2).getPath();
+        Path fPath = Paths.get(path);
+        EndorsementCredential ec = new EndorsementCredential(fPath);
+        assertNotNull(ec);
+
+        //test the fields
+        assertEquals(ec.getManufacturer(), "id:53544D20");
+        assertEquals(ec.getModel(), "ST33ZP24PVSP");
+        assertEquals(ec.getVersion(), "id:0D0C");
+
+        TPMSpecification spec = ec.getTpmSpecification();
+        assertEquals(spec.getFamily(), "1.2");
+        assertEquals(spec.getLevel(), BigInteger.valueOf(2));
+        assertEquals(spec.getRevision(), BigInteger.valueOf(116));
+
+        TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
+        assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
+        assertTrue(asserts.isFieldUpgradeable());
+        assertEquals(asserts.getEkGenType(),
+                TPMSecurityAssertions.EkGenerationType.INJECTED);
+        assertEquals(asserts.getEkGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+        assertEquals(asserts.getEkCertificateGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+    }
+
+    /**
+     * Tests that different EC certificates aren't the same, even if their attributes are the same.
+     * @throws IOException test failed due to invalid certificate parsing
+     */
+    @Test
+    public void testCertsNotEqual() throws IOException {
+        String path = CertificateTest.class.getResource(TEST_ENDORSEMENT_CREDENTIAL).getPath();
+        Path fPath = Paths.get(path);
+        EndorsementCredential ec1 = new EndorsementCredential(fPath);
+        assertNotNull(ec1);
+
+        path = CertificateTest.class.getResource(TEST_ENDORSEMENT_CREDENTIAL_NUC1).getPath();
+        fPath = Paths.get(path);
+        EndorsementCredential ec2 = new EndorsementCredential(fPath);
+        assertNotNull(ec2);
+
+        path = CertificateTest.class.getResource(TEST_ENDORSEMENT_CREDENTIAL_NUC2).getPath();
+        fPath = Paths.get(path);
+        EndorsementCredential ec3 = new EndorsementCredential(fPath);
+        assertNotNull(ec3);
+
+        assertNotEquals(ec1, ec2);
+        assertNotEquals(ec2, ec3);
+    }
+
+    /**
+     * Tests that EndorsementCredential correctly parses out TPM Security Assertions from a
+     * provided TPM EK Certificate.
+     *
+     * @throws IOException if there is a problem reading the cert file at the given path
+     */
+    @Test
+    public void testTpmSecurityAssertionsParsing() throws IOException {
+        Path fPath = Paths.get(CertificateTest.class
+                .getResource(EK_CERT_WITH_SECURITY_ASSERTIONS).getPath());
+        EndorsementCredential ec = new EndorsementCredential(fPath);
+
+        TPMSecurityAssertions securityAssertions = ec.getTpmSecurityAssertions();
+        assertEquals(securityAssertions.getTpmSecAssertsVersion(), BigInteger.ONE);
+        assertTrue(securityAssertions.isFieldUpgradeable());
+        assertEquals(securityAssertions.getEkGenType(),
+                TPMSecurityAssertions.EkGenerationType.INJECTED);
+        assertEquals(securityAssertions.getEkGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+        assertEquals(securityAssertions.getEkCertificateGenerationLocation(),
+                TPMSecurityAssertions.EkGenerationLocation.TPM_MANUFACTURER);
+    }
+
+}
--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfoTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfoTest.java
@ -0,0 +1,357 @@
+package hirs.attestationca.persist.entity.userdefined.info;
+
+import static hirs.utils.enums.DeviceInfoEnums.NOT_SPECIFIED;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import org.junit.jupiter.api.Test;
+
+/**
+ * TPMInfoTest is a unit test class for TPMInfo.
+ */
+public class TPMInfoTest {
+
+    private static final String TPM_MAKE = "test tpmMake";
+    private static final String LONG_TPM_MAKE = StringUtils.rightPad("test tpmMake", 65);
+    private static final String TEST_IDENTITY_CERT =
+            "/tpm/sample_identity_cert.cer";
+    private static final short VERSION_MAJOR = 1;
+    private static final short VERSION_MINOR = 2;
+    private static final short VERSION_REV_MAJOR = 3;
+    private static final short VERSION_REV_MINOR = 4;
+    private static final Logger LOGGER = LogManager
+            .getLogger(TPMInfoTest.class);
+
+    /**
+     * Tests instantiation and getters of a TPMInfo object.
+     */
+    @Test
+    public final void tpmInfo() {
+        TPMInfo tpmInfo =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        String yea = tpmInfo.getTpmMake();
+        assertEquals(tpmInfo.getTpmMake(), TPM_MAKE);
+        assertEquals(tpmInfo.getTpmVersionMajor(), VERSION_MAJOR);
+        assertEquals(tpmInfo.getTpmVersionMinor(), VERSION_MINOR);
+        assertEquals(tpmInfo.getTpmVersionRevMajor(), VERSION_REV_MAJOR);
+        assertEquals(tpmInfo.getTpmVersionRevMinor(), VERSION_REV_MINOR);
+    }
+
+    /**
+     * Tests that the no-parameter constructor for TPMInfo contains expected values.
+     */
+    @Test
+    public final void tpmInfoNoParams() {
+        TPMInfo tpmInfo = new TPMInfo();
+        assertEquals(tpmInfo.getTpmMake(), NOT_SPECIFIED);
+        assertEquals(tpmInfo.getTpmVersionMajor(), (short) 0);
+        assertEquals(tpmInfo.getTpmVersionMinor(), (short) 0);
+        assertEquals(tpmInfo.getTpmVersionRevMajor(), (short) 0);
+        assertEquals(tpmInfo.getTpmVersionRevMinor(), (short) 0);
+        assertEquals(tpmInfo.getIdentityCertificate(), null);
+    }
+
+    /**
+     * Tests that the TPM make information cannot be null.
+     */
+    @Test
+    public final void tpmMakeNullTest() {
+        assertThrows(IllegalArgumentException.class, () ->
+                new TPMInfo(null, VERSION_MAJOR, VERSION_MINOR, VERSION_REV_MAJOR,
+                    VERSION_REV_MINOR, getTestIdentityCertificate()));
+    }
+
+    /**
+     * Tests that the TPM make information cannot be longer than 64 characters.
+     */
+    @Test
+    public final void tpmMakeLongTest() {
+        assertThrows(IllegalArgumentException.class, () ->
+                new TPMInfo(LONG_TPM_MAKE, VERSION_MAJOR, VERSION_MINOR, VERSION_REV_MAJOR,
+                    VERSION_REV_MINOR, getTestIdentityCertificate()));
+    }
+
+    /**
+     * Tests that the version major number info cannot be set to negative
+     * values.
+     */
+    @Test
+    public final void testTPMInfoInvalidVersionMajor() {
+        assertThrows(IllegalArgumentException.class, () ->
+                new TPMInfo(TPM_MAKE, (short) -1, VERSION_MINOR, VERSION_REV_MAJOR,
+                    VERSION_REV_MINOR, getTestIdentityCertificate()));
+    }
+
+    /**
+     * Tests that the version minor number info cannot be set to negative
+     * values.
+     */
+    @Test
+    public final void testTPMInfoInvalidVersionMinor() {
+        assertThrows(IllegalArgumentException.class, () ->
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, (short) -1, VERSION_REV_MAJOR,
+                    VERSION_REV_MINOR, getTestIdentityCertificate()));
+    }
+
+    /**
+     * Tests that the version revision major numbers cannot be set to negative
+     * values.
+     */
+    @Test
+    public final void testTPMInfoInvalidVersionRevMajor() {
+        assertThrows(IllegalArgumentException.class, () ->
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR, (short) -1,
+                    VERSION_REV_MINOR, getTestIdentityCertificate()));
+    }
+
+    /**
+     * Tests that the version revision minor numbers cannot be set to negative
+     * values.
+     */
+    @Test
+    public final void testTPMInfoInvalidVersionRevMinor() {
+        assertThrows(IllegalArgumentException.class, () ->
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR, VERSION_REV_MAJOR,
+                    (short) -1, getTestIdentityCertificate()));
+    }
+
+    /**
+     * Tests that two TPMInfo objects with the same TPM make, major, minor,
+     * major revision, and minor revision information have equal hash codes.
+     */
+    @Test
+    public final void testEqualHashCode() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        assertEquals(ti1.hashCode(), ti2.hashCode());
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM make information have
+     * different hash codes.
+     */
+    @Test
+    public final void testNotEqualHashCodeTPMMake() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo("test tpmMake 2", VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        assertNotEquals(ti1.hashCode(), ti2.hashCode());
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM major version number
+     * information have different hash codes.
+     */
+    @Test
+    public final void testNotEqualHashCodeTPMVersionMajor() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, (short) 0, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        assertNotEquals(ti1.hashCode(), ti2.hashCode());
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM minor version number
+     * information have different hash codes.
+     */
+    @Test
+    public final void testNotEqualHashCodeTPMVersionMinor() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, (short) 0,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        assertNotEquals(ti1.hashCode(), ti2.hashCode());
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM major revision version
+     * number information have different hash codes.
+     */
+    @Test
+    public final void testNotEqualHashCodeTPMVersionRevMajor() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR, (short) 0,
+                        VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        assertNotEquals(ti1.hashCode(), ti2.hashCode());
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM minor revision version
+     * number information have different hash codes.
+     */
+    @Test
+    public final void testNotEqualHashCodeTPMVersionRevMinor() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, (short) 0,
+                        getTestIdentityCertificate());
+        assertNotEquals(ti1.hashCode(), ti2.hashCode());
+    }
+
+    /**
+     * Tests that two TPMInfo objects with the same TPM make, major, minor,
+     * major revision, and minor revision version number information are equal.
+     */
+    @Test
+    public final void testEqual() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        assertEquals(ti1, ti2);
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM make information are
+     * not equal.
+     */
+    @Test
+    public final void testNotEqualTPMMake() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo("test tpmMake 2", VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        assertNotEquals(ti1, ti2);
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM major version number
+     * information are not equal.
+     */
+    @Test
+    public final void testNotEqualTPMVersionMajor() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, (short) 0, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        assertNotEquals(ti1, ti2);
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM minor version number
+     * information are not equal.
+     */
+    @Test
+    public final void testNotEqualTPMVersionMinor() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, (short) 0,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        assertNotEquals(ti1, ti2);
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM major revision version
+     * number information are not equal.
+     */
+    @Test
+    public final void testNotEqualTPMVersionRevMajor() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR, (short) 0,
+                        VERSION_REV_MINOR, getTestIdentityCertificate());
+        assertNotEquals(ti1, ti2);
+    }
+
+    /**
+     * Tests that two TPMInfo objects with different TPM minor revision version
+     * number information are not equal.
+     */
+    @Test
+    public final void testNotEqualTPMVersionRevMinor() {
+        final TPMInfo ti1 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
+                        getTestIdentityCertificate());
+        final TPMInfo ti2 =
+                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
+                        VERSION_REV_MAJOR, (short) 0,
+                        getTestIdentityCertificate());
+        assertNotEquals(ti1, ti2);
+    }
+
+    private X509Certificate getTestIdentityCertificate() {
+        X509Certificate certificateValue = null;
+        InputStream istream = null;
+        istream = getClass().getResourceAsStream(TEST_IDENTITY_CERT);
+        try {
+            if (istream == null) {
+                throw new FileNotFoundException(TEST_IDENTITY_CERT);
+            }
+            CertificateFactory cf = CertificateFactory.getInstance("X.509");
+            certificateValue = (X509Certificate) cf.generateCertificate(
+                    istream);
+
+        } catch (Exception e) {
+            return null;
+        } finally {
+            if (istream != null) {
+                try {
+                    istream.close();
+                } catch (IOException e) {
+                    LOGGER.error("test certificate file could not be closed");
+                }
+            }
+        }
+        return certificateValue;
+    }
+}
--- a/HIRS_AttestationCA/src/test/resources/tpm/TPMEmptyFile.csv
+++ b/HIRS_AttestationCA/src/test/resources/tpm/TPMEmptyFile.csv
@ -0,0 +1 @@
+
--- a/HIRS_AttestationCA/src/test/resources/tpm/TPMInvalidRecords.csv
+++ b/HIRS_AttestationCA/src/test/resources/tpm/TPMInvalidRecords.csv
@ -0,0 +1,24 @@
+0,
+1,3a3f780f11a4b49969fcaa80cd6
+2,3a3f780f11a4b49969fcaa80cd6
+3,3a3f780f11a4b49969fcaa80cd6
+4,5289e89800f19805192a20fbbc7
+5,7e39b3da2fbbe3a36798ead5e87
+6,3a3f780f11a4b49969fcaa80cd6
+7,3a3f780f11a4b49969fcaa80cd6
+8,000000000000000000000000000
+9,000000000000000000000000000
+10,d917a32ee75f2d7cad093ca1dd8
+11,000000000000000000000000000
+12,000000000000000000000000000
+13,000000000000000000000000000
+14,000000000000000000000000000
+15,fffffffffffffffffffffffffff
+16,000000000000000000000000000
+17,000000000000000000000000000
+18,000000000000000000000000000
+19,000000000000000000000000000
+20,000000000000000000000000000
+21,000000000000000000000000000
+22,000000000000000000000000000
+23,000000000000000000000000000
--- a/HIRS_AttestationCA/src/test/resources/tpm/TPMTestAdditionalFields.csv
+++ b/HIRS_AttestationCA/src/test/resources/tpm/TPMTestAdditionalFields.csv
@ -0,0 +1,24 @@
+0,76abf677781fcb983da780a08fe46920ebb1a058,Testing,Additional,Fields
+1,3a3f780f11a4b49969fcaa80cd6e3957c33b2275,,,
+2,3a3f780f11a4b49969fcaa80cd6e3957c33b2275,,,
+3,3a3f780f11a4b49969fcaa80cd6e3957c33b2275,,,
+4,5289e89800f19805192a20fbbc712d18361d3d45,,,
+5,7e39b3da2fbbe3a36798ead5e877a7ea60d00db2,,,
+6,3a3f780f11a4b49969fcaa80cd6e3957c33b2275,,,
+7,3a3f780f11a4b49969fcaa80cd6e3957c33b2275,,,
+8,0000000000000000000000000000000000000000,,,
+9,0000000000000000000000000000000000000000,,,
+10,d917a32ee75f2d7cad093ca1dd8a8a981a3f3832,,,
+11,0000000000000000000000000000000000000000,,,
+12,0000000000000000000000000000000000000000,,,
+13,0000000000000000000000000000000000000000,,,
+14,0000000000000000000000000000000000000000,,,
+15,0000000000000000000000000000000000000000,,,
+16,0000000000000000000000000000000000000000,,,
+17,ffffffffffffffffffffffffffffffffffffffff,,,
+18,ffffffffffffffffffffffffffffffffffffffff,,,
+19,ffffffffffffffffffffffffffffffffffffffff,,,
+20,ffffffffffffffffffffffffffffffffffffffff,,,
+21,ffffffffffffffffffffffffffffffffffffffff,,,
+22,ffffffffffffffffffffffffffffffffffffffff,,,
+23,0000000000000000000000000000000000000000,,,
--- a/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaseline.csv
+++ b/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaseline.csv
@ -0,0 +1,24 @@
+0,76abf677781fcb983da780a08fe46920ebb1a058
+1,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+2,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+3,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+4,5289e89800f19805192a20fbbc712d18361d3d45
+5,7e39b3da2fbbe3a36798ead5e877a7ea60d00db2
+6,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+7,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+8,0000000000000000000000000000000000000000
+9,0000000000000000000000000000000000000000
+10,d917a32ee75f2d7cad093ca1dd8a8a981a3f3832
+11,0000000000000000000000000000000000000000
+12,0000000000000000000000000000000000000000
+13,0000000000000000000000000000000000000000
+14,0000000000000000000000000000000000000000
+15,ffffffffffffffffffffffffffffffffffffffff
+16,0000000000000000000000000000000000000000
+17,0000000000000000000000000000000000000000
+18,0000000000000000000000000000000000000000
+19,0000000000000000000000000000000000000000
+20,0000000000000000000000000000000000000000
+21,0000000000000000000000000000000000000000
+22,0000000000000000000000000000000000000000
+23,0000000000000000000000000000000000000000
--- a/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaselineAllEs.csv
+++ b/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaselineAllEs.csv
@ -0,0 +1,24 @@
+0,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+1,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+2,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+3,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+4,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+5,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+6,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+7,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+8,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+9,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+10,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+11,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+12,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+13,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+14,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+15,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+16,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+17,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+18,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+19,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+20,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+21,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+22,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
+23,eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
--- a/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaselineWithDeviceInfo.csv
+++ b/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaselineWithDeviceInfo.csv
@ -0,0 +1,42 @@
+manufacturer,U.S.A
+BIOS_VENDOR,HirsBIOS
+PRODUCT_NAME,The best product
+VERSION,0.6.9
+SYSTEM_SERIAL_NUMBER,8_8
+CHASSIS_SERIAL_NUMBER,9_9
+BASEBOARD_SERIAL_NUMBER,ABC123
+TPM_MAKE,Infineon
+TPM_VERSION_MAJOR,1
+TPM_VERSION_MINOR,2
+TPM_VERSION_REV_MAJOR,3
+TPM_VERSION_REV_MINOR,4
+0,76abf677781fcb983da780a08fe46920ebb1a058
+1,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+2,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+3,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+4,5289e89800f19805192a20fbbc712d18361d3d45
+5,7e39b3da2fbbe3a36798ead5e877a7ea60d00db2
+6,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+BIOS_RELEASE_DATE,04/25/2014
+7,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+8,0000000000000000000000000000000000000000
+9,0000000000000000000000000000000000000000
+10,d917a32ee75f2d7cad093ca1dd8a8a981a3f3832
+11,0000000000000000000000000000000000000000
+12,0000000000000000000000000000000000000000
+13,0000000000000000000000000000000000000000
+14,0000000000000000000000000000000000000000
+15,0000000000000000000000000000000000000000
+16,0000000000000000000000000000000000000000
+17,ffffffffffffffffffffffffffffffffffffffff
+18,ffffffffffffffffffffffffffffffffffffffff
+19,ffffffffffffffffffffffffffffffffffffffff
+20,ffffffffffffffffffffffffffffffffffffffff
+21,ffffffffffffffffffffffffffffffffffffffff
+22,ffffffffffffffffffffffffffffffffffffffff
+23,0000000000000000000000000000000000000000
+BIOS_VERSION,abc
+OS_NAME,Linux
+OS_VERSION,3.10.0-123.el7.x86_64
+DISTRIBUTION,CentOS
+DISTRIBUTION_RELEASE,7.0.1406
--- a/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaselineWithInvalidDeviceInfo.csv
+++ b/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaselineWithInvalidDeviceInfo.csv
@ -0,0 +1,27 @@
+manufacturer,U.S.A
+0,76abf677781fcb983da780a08fe46920ebb1a058
+1,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+2,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+3,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+4,5289e89800f19805192a20fbbc712d18361d3d45
+5,7e39b3da2fbbe3a36798ead5e877a7ea60d00db2
+6,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+OS_VERSION,3.10.0-123.el7.x86_64
+7,3a3f780f11a4b49969fcaa80cd6e3957c33b2275
+8,0000000000000000000000000000000000000000
+9,0000000000000000000000000000000000000000
+10,d917a32ee75f2d7cad093ca1dd8a8a981a3f3832
+11,0000000000000000000000000000000000000000
+12,0000000000000000000000000000000000000000
+13,0000000000000000000000000000000000000000
+14,0000000000000000000000000000000000000000
+15,0000000000000000000000000000000000000000
+16,0000000000000000000000000000000000000000
+17,ffffffffffffffffffffffffffffffffffffffff
+18,ffffffffffffffffffffffffffffffffffffffff
+19,ffffffffffffffffffffffffffffffffffffffff
+20,ffffffffffffffffffffffffffffffffffffffff
+21,ffffffffffffffffffffffffffffffffffffffff
+22,ffffffffffffffffffffffffffffffffffffffff
+23,0000000000000000000000000000000000000000
+DISTRIBUTION_RELEASE,7.0.1406
--- a/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaselineZeroes.csv
+++ b/HIRS_AttestationCA/src/test/resources/tpm/TPMTestBaselineZeroes.csv
@ -0,0 +1,17 @@
+0,0000000000000000000000000000000000000000
+1,0000000000000000000000000000000000000000
+2,0000000000000000000000000000000000000000
+3,0000000000000000000000000000000000000000
+4,0000000000000000000000000000000000000000
+5,0000000000000000000000000000000000000000
+6,0000000000000000000000000000000000000000
+7,0000000000000000000000000000000000000000
+8,0000000000000000000000000000000000000000
+9,0000000000000000000000000000000000000000
+10,0000000000000000000000000000000000000000
+11,0000000000000000000000000000000000000000
+12,0000000000000000000000000000000000000000
+13,0000000000000000000000000000000000000000
+14,0000000000000000000000000000000000000000
+15,0000000000000000000000000000000000000000
+16,0000000000000000000000000000000000000000
--- a/HIRS_AttestationCA/src/test/resources/tpm/sample_identity_cert.cer
+++ b/HIRS_AttestationCA/src/test/resources/tpm/sample_identity_cert.cer