mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-20 13:33:13 +00:00
checkstyles cleanup
This commit is contained in:
parent
aad508fdb9
commit
7efbcc270e
@ -20,7 +20,11 @@ import org.bouncycastle.asn1.x509.Extension;
|
|||||||
import org.bouncycastle.asn1.x509.GeneralNames;
|
import org.bouncycastle.asn1.x509.GeneralNames;
|
||||||
import org.bouncycastle.asn1.x509.TBSCertificate;
|
import org.bouncycastle.asn1.x509.TBSCertificate;
|
||||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||||
import org.junit.jupiter.api.*;
|
import org.junit.jupiter.api.BeforeAll;
|
||||||
|
import org.junit.jupiter.api.Disabled;
|
||||||
|
import org.junit.jupiter.api.Nested;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.junit.jupiter.api.TestInstance;
|
||||||
import org.springframework.test.util.ReflectionTestUtils;
|
import org.springframework.test.util.ReflectionTestUtils;
|
||||||
|
|
||||||
import javax.crypto.Cipher;
|
import javax.crypto.Cipher;
|
||||||
@ -37,7 +41,14 @@ import java.nio.charset.StandardCharsets;
|
|||||||
import java.nio.file.Files;
|
import java.nio.file.Files;
|
||||||
import java.nio.file.Path;
|
import java.nio.file.Path;
|
||||||
import java.nio.file.Paths;
|
import java.nio.file.Paths;
|
||||||
import java.security.*;
|
import java.security.KeyPair;
|
||||||
|
import java.security.KeyPairGenerator;
|
||||||
|
import java.security.MessageDigest;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.PrivateKey;
|
||||||
|
import java.security.PublicKey;
|
||||||
|
import java.security.SecureRandom;
|
||||||
|
import java.security.Security;
|
||||||
import java.security.cert.X509Certificate;
|
import java.security.cert.X509Certificate;
|
||||||
import java.security.interfaces.RSAPublicKey;
|
import java.security.interfaces.RSAPublicKey;
|
||||||
import java.security.spec.MGF1ParameterSpec;
|
import java.security.spec.MGF1ParameterSpec;
|
||||||
@ -90,6 +101,11 @@ public class AttestationCertificateAuthorityTest {
|
|||||||
// test key pair
|
// test key pair
|
||||||
private KeyPair keyPair;
|
private KeyPair keyPair;
|
||||||
|
|
||||||
|
// length of IV used in PKI
|
||||||
|
private static final int ENCRYPTION_IV_LEN = 16;
|
||||||
|
// length of secret key used in PKI
|
||||||
|
private static final int SECRETKEY_LEN = 128;
|
||||||
|
|
||||||
private static final String EK_PUBLIC_PATH = "/tpm2/ek.pub";
|
private static final String EK_PUBLIC_PATH = "/tpm2/ek.pub";
|
||||||
private static final String AK_PUBLIC_PATH = "/tpm2/ak.pub";
|
private static final String AK_PUBLIC_PATH = "/tpm2/ak.pub";
|
||||||
private static final String AK_NAME_PATH = "/tpm2/ak.name";
|
private static final String AK_NAME_PATH = "/tpm2/ak.name";
|
||||||
@ -235,10 +251,10 @@ public class AttestationCertificateAuthorityTest {
|
|||||||
|
|
||||||
// create a key generator to generate a "shared" secret
|
// create a key generator to generate a "shared" secret
|
||||||
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
|
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
|
||||||
keyGenerator.init(128);
|
keyGenerator.init(SECRETKEY_LEN);
|
||||||
|
|
||||||
// use some random bytes as the IV to encrypt and subsequently decrypt with
|
// use some random bytes as the IV to encrypt and subsequently decrypt with
|
||||||
byte[] randomBytes = new byte[16];
|
byte[] randomBytes = new byte[ENCRYPTION_IV_LEN];
|
||||||
|
|
||||||
// generate the random bytes
|
// generate the random bytes
|
||||||
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
|
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
|
||||||
@ -284,7 +300,7 @@ public class AttestationCertificateAuthorityTest {
|
|||||||
byte[] identityProofEncoded = new byte[]{0, 0, 1, 1};
|
byte[] identityProofEncoded = new byte[]{0, 0, 1, 1};
|
||||||
|
|
||||||
// generate a random session key to be used for encryption and decryption
|
// generate a random session key to be used for encryption and decryption
|
||||||
byte[] sessionKey = new byte[16];
|
byte[] sessionKey = new byte[ENCRYPTION_IV_LEN];
|
||||||
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
|
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
|
||||||
random.nextBytes(sessionKey);
|
random.nextBytes(sessionKey);
|
||||||
|
|
||||||
@ -325,7 +341,7 @@ public class AttestationCertificateAuthorityTest {
|
|||||||
|
|
||||||
// create a key generator to generate a secret key
|
// create a key generator to generate a secret key
|
||||||
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
|
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
|
||||||
keyGenerator.init(128);
|
keyGenerator.init(SECRETKEY_LEN);
|
||||||
|
|
||||||
// obtain the key from the generator
|
// obtain the key from the generator
|
||||||
byte[] secretKey = keyGenerator.generateKey().getEncoded();
|
byte[] secretKey = keyGenerator.generateKey().getEncoded();
|
||||||
@ -356,7 +372,7 @@ public class AttestationCertificateAuthorityTest {
|
|||||||
assertTrue(attestation.getCredential().length == attestation.getCredentialSize());
|
assertTrue(attestation.getCredential().length == attestation.getCredentialSize());
|
||||||
|
|
||||||
// create containers for the 2 parts of the credential
|
// create containers for the 2 parts of the credential
|
||||||
byte[] iv = new byte[16];
|
byte[] iv = new byte[ENCRYPTION_IV_LEN];
|
||||||
byte[] credential = new byte[attestation.getCredential().length - iv.length];
|
byte[] credential = new byte[attestation.getCredential().length - iv.length];
|
||||||
|
|
||||||
// siphon off the first 16 bytes for the IV
|
// siphon off the first 16 bytes for the IV
|
||||||
@ -700,7 +716,7 @@ public class AttestationCertificateAuthorityTest {
|
|||||||
// initialize a cipher using the specified transformation
|
// initialize a cipher using the specified transformation
|
||||||
Cipher cipher = Cipher.getInstance(transformation);
|
Cipher cipher = Cipher.getInstance(transformation);
|
||||||
|
|
||||||
// generate a secret key specification using the key and AES.
|
// generate a secret key specification using the key and AES
|
||||||
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
SecretKeySpec keySpec = new SecretKeySpec(key, "AES");
|
||||||
|
|
||||||
// create IV parameter for key specification
|
// create IV parameter for key specification
|
||||||
|
@ -1,8 +1,16 @@
|
|||||||
package hirs.attestationca.persist.entity.userdefined;
|
package hirs.attestationca.persist.entity.userdefined;
|
||||||
|
|
||||||
import hirs.attestationca.persist.entity.ArchivableEntity;
|
import hirs.attestationca.persist.entity.ArchivableEntity;
|
||||||
import hirs.attestationca.persist.entity.userdefined.certificate.*;
|
import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential;
|
||||||
import hirs.attestationca.persist.entity.userdefined.info.*;
|
import hirs.attestationca.persist.entity.userdefined.certificate.ConformanceCredential;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.IssuedAttestationCertificate;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.info.FirmwareInfo;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.info.HardwareInfo;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.info.NetworkInfo;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.info.OSInfo;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.info.TPMInfo;
|
||||||
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
|
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
|
||||||
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReportTest;
|
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReportTest;
|
||||||
import hirs.attestationca.persist.enums.AppraisalStatus;
|
import hirs.attestationca.persist.enums.AppraisalStatus;
|
||||||
@ -48,7 +56,6 @@ public class AbstractUserdefinedEntityTest {
|
|||||||
/**
|
/**
|
||||||
* Hex-encoded subject key identifier for the FAKE_ROOT_CA_FILE.
|
* Hex-encoded subject key identifier for the FAKE_ROOT_CA_FILE.
|
||||||
*/
|
*/
|
||||||
//j
|
|
||||||
public static final String FAKE_ROOT_CA_SUBJECT_KEY_IDENTIFIER_HEX =
|
public static final String FAKE_ROOT_CA_SUBJECT_KEY_IDENTIFIER_HEX =
|
||||||
"58ec313a1699f94c1c8c4e2c6412402b258f0177";
|
"58ec313a1699f94c1c8c4e2c6412402b258f0177";
|
||||||
|
|
||||||
@ -57,13 +64,47 @@ public class AbstractUserdefinedEntityTest {
|
|||||||
*/
|
*/
|
||||||
private static final String TEST_IDENTITY_CERT = "/tpm/sample_identity_cert.cer";
|
private static final String TEST_IDENTITY_CERT = "/tpm/sample_identity_cert.cer";
|
||||||
|
|
||||||
// private final NetworkInfo networkInfo = createTestNetworkInfo();
|
/**
|
||||||
// private final OSInfo osInfo = createTestOSInfo();
|
* Location of a test platform attribute cert.
|
||||||
// private final FirmwareInfo firmwareInfo = createTestFirmwareInfo();
|
*/
|
||||||
// private final HardwareInfo hardwareInfo = createTestHardwareInfo();
|
public static final String TEST_PLATFORM_CERT_1 =
|
||||||
// private final TPMInfo tpmInfo = createTPMInfo();
|
"/validation/platform_credentials/Intel_pc1.cer";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Location of another, slightly different platform attribute cert.
|
||||||
|
*/
|
||||||
|
public static final String TEST_PLATFORM_CERT_2 =
|
||||||
|
"/validation/platform_credentials/Intel_pc2.cer";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Location of another, slightly different platform attribute cert.
|
||||||
|
*/
|
||||||
|
public static final String TEST_PLATFORM_CERT_3 =
|
||||||
|
"/validation/platform_credentials/Intel_pc3.cer";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Platform cert with comma separated baseboard and chassis serial number.
|
||||||
|
*/
|
||||||
|
public static final String TEST_PLATFORM_CERT_4 =
|
||||||
|
"/validation/platform_credentials/Intel_pc4.pem";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Another platform cert with comma separated baseboard and chassis serial number.
|
||||||
|
*/
|
||||||
|
public static final String TEST_PLATFORM_CERT_5 =
|
||||||
|
"/validation/platform_credentials/Intel_pc5.pem";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Location of another, slightly different platform attribute cert.
|
||||||
|
*/
|
||||||
|
public static final String TEST_PLATFORM_CERT_6 =
|
||||||
|
"/validation/platform_credentials/TPM_INTC_Platform_Cert_RSA.txt";
|
||||||
|
|
||||||
private static final Logger LOGGER = LogManager.getLogger(DeviceInfoReportTest.class);
|
private static final Logger LOGGER = LogManager.getLogger(DeviceInfoReportTest.class);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Dummy message for supply chain validation test
|
||||||
|
*/
|
||||||
public static final String VALIDATION_MESSAGE = "Some message.";
|
public static final String VALIDATION_MESSAGE = "Some message.";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -100,8 +141,10 @@ public class AbstractUserdefinedEntityTest {
|
|||||||
|
|
||||||
Path certPath;
|
Path certPath;
|
||||||
try {
|
try {
|
||||||
certPath = Paths.get(Objects.requireNonNull(AbstractUserdefinedEntityTest.class.getResource(filename)).toURI());
|
certPath = Paths.get(Objects.requireNonNull(
|
||||||
// certPath = Paths.get(Objects.requireNonNull(CertificateTest.class.getResource(filename)).toURI());
|
AbstractUserdefinedEntityTest.class.getResource(filename)).toURI());
|
||||||
|
// certPath = Paths.get(Objects.requireNonNull(
|
||||||
|
// CertificateTest.class.getResource(filename)).toURI());
|
||||||
} catch (URISyntaxException e) {
|
} catch (URISyntaxException e) {
|
||||||
throw new IOException("Could not resolve path URI", e);
|
throw new IOException("Could not resolve path URI", e);
|
||||||
}
|
}
|
||||||
@ -215,6 +258,11 @@ public class AbstractUserdefinedEntityTest {
|
|||||||
getTestIdentityCertificate());
|
getTestIdentityCertificate());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a test identity certificate.
|
||||||
|
*
|
||||||
|
* @return the test X509 certificate
|
||||||
|
*/
|
||||||
public static X509Certificate getTestIdentityCertificate() {
|
public static X509Certificate getTestIdentityCertificate() {
|
||||||
X509Certificate certificateValue = null;
|
X509Certificate certificateValue = null;
|
||||||
InputStream istream = null;
|
InputStream istream = null;
|
||||||
|
@ -1,5 +1,12 @@
|
|||||||
package hirs.attestationca.persist.entity.userdefined;
|
package hirs.attestationca.persist.entity.userdefined;
|
||||||
|
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.ConformanceCredential;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential;
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential;
|
||||||
|
import org.bouncycastle.cert.X509AttributeCertificateHolder;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
|
||||||
import java.io.FileInputStream;
|
import java.io.FileInputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.math.BigInteger;
|
import java.math.BigInteger;
|
||||||
@ -14,9 +21,6 @@ import java.security.cert.X509Certificate;
|
|||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Objects;
|
import java.util.Objects;
|
||||||
|
|
||||||
import hirs.attestationca.persist.entity.userdefined.certificate.*;
|
|
||||||
import org.bouncycastle.cert.X509AttributeCertificateHolder;
|
|
||||||
import org.junit.jupiter.api.Test;
|
|
||||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||||
@ -95,7 +99,8 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testConstructCertFromByteArray() throws IOException, URISyntaxException {
|
public void testConstructCertFromByteArray() throws IOException, URISyntaxException {
|
||||||
Certificate certificate = new CertificateAuthorityCredential(
|
Certificate certificate = new CertificateAuthorityCredential(
|
||||||
Files.readAllBytes(
|
Files.readAllBytes(
|
||||||
Paths.get(Objects.requireNonNull(this.getClass().getResource(FAKE_ROOT_CA_FILE)).toURI())
|
Paths.get(Objects.requireNonNull(this.getClass().getResource(
|
||||||
|
FAKE_ROOT_CA_FILE)).toURI())
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
assertEquals(
|
assertEquals(
|
||||||
@ -139,7 +144,8 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
@Test
|
@Test
|
||||||
public void testConstructCertFromPath() throws URISyntaxException, IOException {
|
public void testConstructCertFromPath() throws URISyntaxException, IOException {
|
||||||
Certificate certificate = new CertificateAuthorityCredential(
|
Certificate certificate = new CertificateAuthorityCredential(
|
||||||
Paths.get(Objects.requireNonNull(this.getClass().getResource(FAKE_ROOT_CA_FILE)).toURI())
|
Paths.get(Objects.requireNonNull(this.getClass().getResource(
|
||||||
|
FAKE_ROOT_CA_FILE)).toURI())
|
||||||
);
|
);
|
||||||
assertEquals(
|
assertEquals(
|
||||||
"CN=Fake Root CA",
|
"CN=Fake Root CA",
|
||||||
@ -178,12 +184,12 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
Certificate.CertificateType.X509_CERTIFICATE,
|
Certificate.CertificateType.X509_CERTIFICATE,
|
||||||
getTestCertificate(
|
getTestCertificate(
|
||||||
PlatformCredential.class,
|
PlatformCredential.class,
|
||||||
PlatformCredentialTest.TEST_PLATFORM_CERT_3).getCertificateType());
|
TEST_PLATFORM_CERT_3).getCertificateType());
|
||||||
assertEquals(
|
assertEquals(
|
||||||
Certificate.CertificateType.ATTRIBUTE_CERTIFICATE,
|
Certificate.CertificateType.ATTRIBUTE_CERTIFICATE,
|
||||||
getTestCertificate(
|
getTestCertificate(
|
||||||
PlatformCredential.class,
|
PlatformCredential.class,
|
||||||
PlatformCredentialTest.TEST_PLATFORM_CERT_3).getCertificateType());
|
TEST_PLATFORM_CERT_3).getCertificateType());
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -196,7 +202,7 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
@Test
|
@Test
|
||||||
public void testImportPem() throws IOException {
|
public void testImportPem() throws IOException {
|
||||||
Certificate platformCredential = getTestCertificate(
|
Certificate platformCredential = getTestCertificate(
|
||||||
PlatformCredential.class, PlatformCredentialTest.TEST_PLATFORM_CERT_4
|
PlatformCredential.class, TEST_PLATFORM_CERT_4
|
||||||
);
|
);
|
||||||
|
|
||||||
assertEquals(
|
assertEquals(
|
||||||
@ -208,7 +214,7 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
);
|
);
|
||||||
|
|
||||||
platformCredential = getTestCertificate(
|
platformCredential = getTestCertificate(
|
||||||
PlatformCredential.class, PlatformCredentialTest.TEST_PLATFORM_CERT_5
|
PlatformCredential.class, TEST_PLATFORM_CERT_5
|
||||||
);
|
);
|
||||||
|
|
||||||
assertEquals(
|
assertEquals(
|
||||||
@ -271,13 +277,12 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testX509AttributeCertificateParsing() throws IOException, URISyntaxException {
|
public void testX509AttributeCertificateParsing() throws IOException, URISyntaxException {
|
||||||
Certificate platformCert = getTestCertificate(
|
Certificate platformCert = getTestCertificate(
|
||||||
PlatformCredential.class,
|
PlatformCredential.class,
|
||||||
PlatformCredentialTest.TEST_PLATFORM_CERT_3
|
TEST_PLATFORM_CERT_3
|
||||||
);
|
);
|
||||||
|
|
||||||
X509AttributeCertificateHolder attrCertHolder = new X509AttributeCertificateHolder(
|
X509AttributeCertificateHolder attrCertHolder = new X509AttributeCertificateHolder(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(this.getClass().getResource(
|
Files.readAllBytes(Paths.get(Objects.requireNonNull(this.getClass().getResource(
|
||||||
PlatformCredentialTest.TEST_PLATFORM_CERT_3
|
TEST_PLATFORM_CERT_3)).toURI()))
|
||||||
)).toURI()))
|
|
||||||
);
|
);
|
||||||
|
|
||||||
assertEquals(
|
assertEquals(
|
||||||
@ -306,7 +311,7 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testX509AttributeCertificateParsingExtended()
|
public void testX509AttributeCertificateParsingExtended()
|
||||||
throws IOException, URISyntaxException {
|
throws IOException, URISyntaxException {
|
||||||
Certificate platformCert = getTestCertificate(
|
Certificate platformCert = getTestCertificate(
|
||||||
PlatformCredential.class, PlatformCredentialTest.TEST_PLATFORM_CERT_6);
|
PlatformCredential.class, TEST_PLATFORM_CERT_6);
|
||||||
|
|
||||||
assertEquals("https://trustedservices.intel.com/"
|
assertEquals("https://trustedservices.intel.com/"
|
||||||
+ "content/TSC/certs/TSC_IssuingCAIKGF_TEST.cer\n",
|
+ "content/TSC/certs/TSC_IssuingCAIKGF_TEST.cer\n",
|
||||||
@ -404,11 +409,13 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
|
|
||||||
assertEquals(
|
assertEquals(
|
||||||
new CertificateAuthorityCredential(
|
new CertificateAuthorityCredential(
|
||||||
Paths.get(Objects.requireNonNull(this.getClass().getResource(FAKE_ROOT_CA_FILE)).toURI())
|
Paths.get(Objects.requireNonNull(this.getClass().getResource(
|
||||||
|
FAKE_ROOT_CA_FILE)).toURI())
|
||||||
),
|
),
|
||||||
new CertificateAuthorityCredential(
|
new CertificateAuthorityCredential(
|
||||||
Files.readAllBytes(
|
Files.readAllBytes(
|
||||||
Paths.get(Objects.requireNonNull(this.getClass().getResource(FAKE_ROOT_CA_FILE)).toURI())
|
Paths.get(Objects.requireNonNull(this.getClass().getResource(
|
||||||
|
FAKE_ROOT_CA_FILE)).toURI())
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
@ -465,11 +472,13 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
|
|
||||||
assertEquals(
|
assertEquals(
|
||||||
new CertificateAuthorityCredential(
|
new CertificateAuthorityCredential(
|
||||||
Paths.get(Objects.requireNonNull(this.getClass().getResource(FAKE_ROOT_CA_FILE)).toURI())
|
Paths.get(Objects.requireNonNull(this.getClass().getResource(
|
||||||
|
FAKE_ROOT_CA_FILE)).toURI())
|
||||||
).hashCode(),
|
).hashCode(),
|
||||||
new CertificateAuthorityCredential(
|
new CertificateAuthorityCredential(
|
||||||
Files.readAllBytes(
|
Files.readAllBytes(
|
||||||
Paths.get(Objects.requireNonNull(this.getClass().getResource(FAKE_ROOT_CA_FILE)).toURI())
|
Paths.get(Objects.requireNonNull(this.getClass().getResource(
|
||||||
|
FAKE_ROOT_CA_FILE)).toURI())
|
||||||
)
|
)
|
||||||
).hashCode()
|
).hashCode()
|
||||||
);
|
);
|
||||||
@ -506,8 +515,9 @@ public class CertificateTest extends AbstractUserdefinedEntityTest {
|
|||||||
throw new IOException("Cannot get X509 CertificateFactory instance", e);
|
throw new IOException("Cannot get X509 CertificateFactory instance", e);
|
||||||
}
|
}
|
||||||
|
|
||||||
try (FileInputStream certInputStream = new FileInputStream(
|
try (FileInputStream certInputStream = new FileInputStream(Paths.get(
|
||||||
Paths.get(Objects.requireNonNull(CertificateTest.class.getResource(resourceName)).toURI()).toFile()
|
Objects.requireNonNull(CertificateTest.class.getResource(
|
||||||
|
resourceName)).toURI()).toFile()
|
||||||
)) {
|
)) {
|
||||||
return (X509Certificate) cf.generateCertificate(certInputStream);
|
return (X509Certificate) cf.generateCertificate(certInputStream);
|
||||||
} catch (CertificateException | URISyntaxException e) {
|
} catch (CertificateException | URISyntaxException e) {
|
||||||
|
@ -21,7 +21,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
@Test
|
@Test
|
||||||
public void testDevice() {
|
public void testDevice() {
|
||||||
final String name = "my-laptop";
|
final String name = "my-laptop";
|
||||||
final Device device = new Device(name, null, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null , null);
|
final Device device = new Device(name, null, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
assertNotNull(device);
|
assertNotNull(device);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -33,7 +35,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testDeviceNameAndInfo() {
|
public void testDeviceNameAndInfo() {
|
||||||
final String name = "my-laptop";
|
final String name = "my-laptop";
|
||||||
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
||||||
new Device(name, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
new Device(name, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -43,7 +47,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testDeviceNameAndNullInfo() {
|
public void testDeviceNameAndNullInfo() {
|
||||||
final String name = "my-laptop";
|
final String name = "my-laptop";
|
||||||
final DeviceInfoReport deviceInfo = null;
|
final DeviceInfoReport deviceInfo = null;
|
||||||
new Device(name, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
new Device(name, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -53,7 +59,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testGetDeviceInfo() {
|
public void testGetDeviceInfo() {
|
||||||
final String name = "my-laptop";
|
final String name = "my-laptop";
|
||||||
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
||||||
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
assertEquals(deviceInfo, device.getDeviceInfo());
|
assertEquals(deviceInfo, device.getDeviceInfo());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -63,7 +71,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
@Test
|
@Test
|
||||||
public void testSetDeviceInfo() {
|
public void testSetDeviceInfo() {
|
||||||
final String name = "my-laptop";
|
final String name = "my-laptop";
|
||||||
final Device device = new Device(name, null, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
final Device device = new Device(name, null, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
assertNull(device.getDeviceInfo());
|
assertNull(device.getDeviceInfo());
|
||||||
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
||||||
device.setDeviceInfo(deviceInfo);
|
device.setDeviceInfo(deviceInfo);
|
||||||
@ -77,7 +87,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testSetNullDeviceInfo() {
|
public void testSetNullDeviceInfo() {
|
||||||
final String name = "my-laptop";
|
final String name = "my-laptop";
|
||||||
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
||||||
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
assertEquals(deviceInfo, device.getDeviceInfo());
|
assertEquals(deviceInfo, device.getDeviceInfo());
|
||||||
device.setDeviceInfo(null);
|
device.setDeviceInfo(null);
|
||||||
assertNull(device.getDeviceInfo());
|
assertNull(device.getDeviceInfo());
|
||||||
@ -90,7 +102,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testNotNullLastReportTimeStamp() {
|
public void testNotNullLastReportTimeStamp() {
|
||||||
final String name = "my-laptop";
|
final String name = "my-laptop";
|
||||||
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
||||||
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
assertNotNull(device.getLastReportTimestamp());
|
assertNotNull(device.getLastReportTimestamp());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -99,7 +113,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testSetHealthStatus() {
|
public void testSetHealthStatus() {
|
||||||
final Device device = new Device("test-device", null, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
final Device device = new Device("test-device", null, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
device.setHealthStatus(HealthStatus.TRUSTED);
|
device.setHealthStatus(HealthStatus.TRUSTED);
|
||||||
assertEquals(HealthStatus.TRUSTED, device.getHealthStatus());
|
assertEquals(HealthStatus.TRUSTED, device.getHealthStatus());
|
||||||
}
|
}
|
||||||
@ -112,8 +128,12 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
final String name = "my-laptop";
|
final String name = "my-laptop";
|
||||||
final String otherName = "my-laptop";
|
final String otherName = "my-laptop";
|
||||||
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
||||||
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
final Device other = new Device(otherName, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
|
final Device other = new Device(otherName, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
assertEquals(device, other);
|
assertEquals(device, other);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -124,7 +144,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testGetDefaultSupplyChainStatus() {
|
public void testGetDefaultSupplyChainStatus() {
|
||||||
String name = "my-laptop";
|
String name = "my-laptop";
|
||||||
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
||||||
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
assertEquals(AppraisalStatus.Status.UNKNOWN, device.getSupplyChainValidationStatus());
|
assertEquals(AppraisalStatus.Status.UNKNOWN, device.getSupplyChainValidationStatus());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -135,7 +157,9 @@ public final class DeviceTest extends AbstractUserdefinedEntityTest {
|
|||||||
public void testSetAndGetSupplyChainStatus() {
|
public void testSetAndGetSupplyChainStatus() {
|
||||||
String name = "my-laptop";
|
String name = "my-laptop";
|
||||||
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
||||||
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
final Device device = new Device(name, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null, false,
|
||||||
|
null, null);
|
||||||
device.setSupplyChainValidationStatus(AppraisalStatus.Status.PASS);
|
device.setSupplyChainValidationStatus(AppraisalStatus.Status.PASS);
|
||||||
assertEquals(AppraisalStatus.Status.PASS, device.getSupplyChainValidationStatus());
|
assertEquals(AppraisalStatus.Status.PASS, device.getSupplyChainValidationStatus());
|
||||||
}
|
}
|
||||||
|
@ -4,9 +4,14 @@ import hirs.attestationca.persist.entity.ArchivableEntity;
|
|||||||
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
|
import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport;
|
||||||
import hirs.attestationca.persist.enums.AppraisalStatus;
|
import hirs.attestationca.persist.enums.AppraisalStatus;
|
||||||
import hirs.attestationca.persist.enums.HealthStatus;
|
import hirs.attestationca.persist.enums.HealthStatus;
|
||||||
import org.junit.jupiter.api.*;
|
import org.junit.jupiter.api.BeforeAll;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.junit.jupiter.api.TestInstance;
|
||||||
|
|
||||||
import java.util.*;
|
import java.util.Collection;
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||||
@ -20,13 +25,13 @@ import static org.junit.jupiter.api.Assertions.assertThrows;
|
|||||||
public class SupplyChainValidationSummaryTest extends AbstractUserdefinedEntityTest {
|
public class SupplyChainValidationSummaryTest extends AbstractUserdefinedEntityTest {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test device
|
* Test device.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
private Device device;
|
private Device device;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of test certificates
|
* List of test certificates.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
private List<ArchivableEntity> certificates;
|
private List<ArchivableEntity> certificates;
|
||||||
@ -50,8 +55,7 @@ public class SupplyChainValidationSummaryTest extends AbstractUserdefinedEntityT
|
|||||||
public void testEmptySummary() throws InterruptedException {
|
public void testEmptySummary() throws InterruptedException {
|
||||||
SupplyChainValidationSummary emptySummary = getTestSummary(
|
SupplyChainValidationSummary emptySummary = getTestSummary(
|
||||||
0,
|
0,
|
||||||
0,
|
0
|
||||||
certificates
|
|
||||||
);
|
);
|
||||||
|
|
||||||
//assertEquals(device, emptySummary.getDevice());
|
//assertEquals(device, emptySummary.getDevice());
|
||||||
@ -87,8 +91,7 @@ public class SupplyChainValidationSummaryTest extends AbstractUserdefinedEntityT
|
|||||||
public void testSuccessfulSummary() throws InterruptedException {
|
public void testSuccessfulSummary() throws InterruptedException {
|
||||||
SupplyChainValidationSummary oneValidation = getTestSummary(
|
SupplyChainValidationSummary oneValidation = getTestSummary(
|
||||||
1,
|
1,
|
||||||
0,
|
0
|
||||||
certificates
|
|
||||||
);
|
);
|
||||||
|
|
||||||
//assertEquals(device, oneValidation.getDevice());
|
//assertEquals(device, oneValidation.getDevice());
|
||||||
@ -99,8 +102,7 @@ public class SupplyChainValidationSummaryTest extends AbstractUserdefinedEntityT
|
|||||||
|
|
||||||
SupplyChainValidationSummary twoValidations = getTestSummary(
|
SupplyChainValidationSummary twoValidations = getTestSummary(
|
||||||
2,
|
2,
|
||||||
0,
|
0
|
||||||
certificates
|
|
||||||
);
|
);
|
||||||
|
|
||||||
//assertEquals(device, twoValidations.getDevice());
|
//assertEquals(device, twoValidations.getDevice());
|
||||||
@ -118,8 +120,7 @@ public class SupplyChainValidationSummaryTest extends AbstractUserdefinedEntityT
|
|||||||
public void testUnsuccessfulSummary() throws InterruptedException {
|
public void testUnsuccessfulSummary() throws InterruptedException {
|
||||||
SupplyChainValidationSummary oneValidation = getTestSummary(
|
SupplyChainValidationSummary oneValidation = getTestSummary(
|
||||||
1,
|
1,
|
||||||
1,
|
1
|
||||||
certificates
|
|
||||||
);
|
);
|
||||||
|
|
||||||
//assertEquals(device, oneValidation.getDevice());
|
//assertEquals(device, oneValidation.getDevice());
|
||||||
@ -130,8 +131,7 @@ public class SupplyChainValidationSummaryTest extends AbstractUserdefinedEntityT
|
|||||||
|
|
||||||
SupplyChainValidationSummary twoValidations = getTestSummary(
|
SupplyChainValidationSummary twoValidations = getTestSummary(
|
||||||
2,
|
2,
|
||||||
1,
|
1
|
||||||
certificates
|
|
||||||
);
|
);
|
||||||
|
|
||||||
//assertEquals(device, twoValidations.getDevice());
|
//assertEquals(device, twoValidations.getDevice());
|
||||||
@ -142,8 +142,7 @@ public class SupplyChainValidationSummaryTest extends AbstractUserdefinedEntityT
|
|||||||
|
|
||||||
SupplyChainValidationSummary twoBadValidations = getTestSummary(
|
SupplyChainValidationSummary twoBadValidations = getTestSummary(
|
||||||
2,
|
2,
|
||||||
2,
|
2
|
||||||
certificates
|
|
||||||
);
|
);
|
||||||
|
|
||||||
//assertEquals(device, twoBadValidations.getDevice());
|
//assertEquals(device, twoBadValidations.getDevice());
|
||||||
@ -163,17 +162,23 @@ public class SupplyChainValidationSummaryTest extends AbstractUserdefinedEntityT
|
|||||||
*/
|
*/
|
||||||
public static Device getTestDevice(final String name) {
|
public static Device getTestDevice(final String name) {
|
||||||
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
final DeviceInfoReport deviceInfo = getTestDeviceInfoReport();
|
||||||
return new Device(name, deviceInfo, HealthStatus.UNKNOWN, AppraisalStatus.Status.UNKNOWN, null, false, null, null);
|
return new Device(name, deviceInfo, HealthStatus.UNKNOWN,
|
||||||
|
AppraisalStatus.Status.UNKNOWN, null,
|
||||||
|
false, null, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* Utility method for getting a <code>SupplyChainValidationSummary</code> that can be used for
|
||||||
|
* testing.
|
||||||
*
|
*
|
||||||
|
* @param numberOfValidations number of validations for the <code>SupplyChainValidationSummary</code>
|
||||||
|
* @param numFail number of failed validations
|
||||||
|
*
|
||||||
|
* @return device
|
||||||
*/
|
*/
|
||||||
private SupplyChainValidationSummary getTestSummary(
|
private SupplyChainValidationSummary getTestSummary(
|
||||||
final int numberOfValidations,
|
final int numberOfValidations,
|
||||||
final int numFail,
|
final int numFail
|
||||||
final List<ArchivableEntity> certificates
|
|
||||||
) throws InterruptedException {
|
) throws InterruptedException {
|
||||||
SupplyChainValidation.ValidationType[] validationTypes =
|
SupplyChainValidation.ValidationType[] validationTypes =
|
||||||
SupplyChainValidation.ValidationType.values();
|
SupplyChainValidation.ValidationType.values();
|
||||||
|
@ -28,6 +28,8 @@ public class EndorsementCredentialTest {
|
|||||||
private static final String EK_CERT_WITH_SECURITY_ASSERTIONS =
|
private static final String EK_CERT_WITH_SECURITY_ASSERTIONS =
|
||||||
"/certificates/ek_cert_with_security_assertions.cer";
|
"/certificates/ek_cert_with_security_assertions.cer";
|
||||||
|
|
||||||
|
private static final int TPM_SPEC_REVISION_NUM = 116;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests the successful parsing of an EC using a test cert from STM.
|
* Tests the successful parsing of an EC using a test cert from STM.
|
||||||
* @throws IOException test failed due to invalid certificate parsing
|
* @throws IOException test failed due to invalid certificate parsing
|
||||||
@ -48,7 +50,7 @@ public class EndorsementCredentialTest {
|
|||||||
TPMSpecification spec = ec.getTpmSpecification();
|
TPMSpecification spec = ec.getTpmSpecification();
|
||||||
assertEquals(spec.getFamily(), "1.2");
|
assertEquals(spec.getFamily(), "1.2");
|
||||||
assertEquals(spec.getLevel(), BigInteger.valueOf(2));
|
assertEquals(spec.getLevel(), BigInteger.valueOf(2));
|
||||||
assertEquals(spec.getRevision(), BigInteger.valueOf(116));
|
assertEquals(spec.getRevision(), BigInteger.valueOf(TPM_SPEC_REVISION_NUM));
|
||||||
|
|
||||||
TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
|
TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
|
||||||
assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
|
assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
|
||||||
@ -81,7 +83,7 @@ public class EndorsementCredentialTest {
|
|||||||
TPMSpecification spec = ec.getTpmSpecification();
|
TPMSpecification spec = ec.getTpmSpecification();
|
||||||
assertEquals(spec.getFamily(), "1.2");
|
assertEquals(spec.getFamily(), "1.2");
|
||||||
assertEquals(spec.getLevel(), BigInteger.valueOf(2));
|
assertEquals(spec.getLevel(), BigInteger.valueOf(2));
|
||||||
assertEquals(spec.getRevision(), BigInteger.valueOf(116));
|
assertEquals(spec.getRevision(), BigInteger.valueOf(TPM_SPEC_REVISION_NUM));
|
||||||
|
|
||||||
TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
|
TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
|
||||||
assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
|
assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
|
||||||
@ -117,7 +119,7 @@ public class EndorsementCredentialTest {
|
|||||||
TPMSpecification spec = ec.getTpmSpecification();
|
TPMSpecification spec = ec.getTpmSpecification();
|
||||||
assertEquals(spec.getFamily(), "1.2");
|
assertEquals(spec.getFamily(), "1.2");
|
||||||
assertEquals(spec.getLevel(), BigInteger.valueOf(2));
|
assertEquals(spec.getLevel(), BigInteger.valueOf(2));
|
||||||
assertEquals(spec.getRevision(), BigInteger.valueOf(116));
|
assertEquals(spec.getRevision(), BigInteger.valueOf(TPM_SPEC_REVISION_NUM));
|
||||||
|
|
||||||
TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
|
TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
|
||||||
assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
|
assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
|
||||||
@ -150,7 +152,7 @@ public class EndorsementCredentialTest {
|
|||||||
TPMSpecification spec = ec.getTpmSpecification();
|
TPMSpecification spec = ec.getTpmSpecification();
|
||||||
assertEquals(spec.getFamily(), "1.2");
|
assertEquals(spec.getFamily(), "1.2");
|
||||||
assertEquals(spec.getLevel(), BigInteger.valueOf(2));
|
assertEquals(spec.getLevel(), BigInteger.valueOf(2));
|
||||||
assertEquals(spec.getRevision(), BigInteger.valueOf(116));
|
assertEquals(spec.getRevision(), BigInteger.valueOf(TPM_SPEC_REVISION_NUM));
|
||||||
|
|
||||||
TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
|
TPMSecurityAssertions asserts = ec.getTpmSecurityAssertions();
|
||||||
assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
|
assertEquals(asserts.getTpmSecAssertsVersion(), BigInteger.valueOf(0));
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
package hirs.attestationca.persist.entity.userdefined.certificate;
|
package hirs.attestationca.persist.entity.userdefined.certificate;
|
||||||
|
|
||||||
|
import hirs.attestationca.persist.entity.userdefined.AbstractUserdefinedEntityTest;
|
||||||
import hirs.attestationca.persist.entity.userdefined.Certificate;
|
import hirs.attestationca.persist.entity.userdefined.Certificate;
|
||||||
import hirs.attestationca.persist.entity.userdefined.certificate.attributes.ComponentIdentifier;
|
import hirs.attestationca.persist.entity.userdefined.certificate.attributes.ComponentIdentifier;
|
||||||
import hirs.attestationca.persist.entity.userdefined.certificate.attributes.PlatformConfiguration;
|
import hirs.attestationca.persist.entity.userdefined.certificate.attributes.PlatformConfiguration;
|
||||||
@ -25,42 +26,7 @@ import java.util.TimeZone;
|
|||||||
/**
|
/**
|
||||||
* Tests that a PlatformCredential parses its fields correctly.
|
* Tests that a PlatformCredential parses its fields correctly.
|
||||||
*/
|
*/
|
||||||
public class PlatformCredentialTest {
|
public class PlatformCredentialTest extends AbstractUserdefinedEntityTest {
|
||||||
/**
|
|
||||||
* Location of a test platform attribute cert.
|
|
||||||
*/
|
|
||||||
public static final String TEST_PLATFORM_CERT_1 =
|
|
||||||
"/validation/platform_credentials/Intel_pc1.cer";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Location of another, slightly different platform attribute cert.
|
|
||||||
*/
|
|
||||||
public static final String TEST_PLATFORM_CERT_2 =
|
|
||||||
"/validation/platform_credentials/Intel_pc2.cer";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Location of another, slightly different platform attribute cert.
|
|
||||||
*/
|
|
||||||
public static final String TEST_PLATFORM_CERT_3 =
|
|
||||||
"/validation/platform_credentials/Intel_pc3.cer";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Platform cert with comma separated baseboard and chassis serial number.
|
|
||||||
*/
|
|
||||||
public static final String TEST_PLATFORM_CERT_4 =
|
|
||||||
"/validation/platform_credentials/Intel_pc4.pem";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Another platform cert with comma separated baseboard and chassis serial number.
|
|
||||||
*/
|
|
||||||
public static final String TEST_PLATFORM_CERT_5 =
|
|
||||||
"/validation/platform_credentials/Intel_pc5.pem";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Location of another, slightly different platform attribute cert.
|
|
||||||
*/
|
|
||||||
public static final String TEST_PLATFORM_CERT_6 =
|
|
||||||
"/validation/platform_credentials/TPM_INTC_Platform_Cert_RSA.txt";
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Platform Certificate 2.0 with all the expected data.
|
* Platform Certificate 2.0 with all the expected data.
|
||||||
|
@ -231,7 +231,6 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
if (!f.delete()) {
|
if (!f.delete()) {
|
||||||
fail("file was not cleaned up");
|
fail("file was not cleaned up");
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -247,16 +246,16 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
throws URISyntaxException, IOException, CertificateException, KeyStoreException {
|
throws URISyntaxException, IOException, CertificateException, KeyStoreException {
|
||||||
Certificate rootcacert, intermediateca02cert;
|
Certificate rootcacert, intermediateca02cert;
|
||||||
|
|
||||||
EndorsementCredential ekcert = new EndorsementCredential(
|
EndorsementCredential ekcert = new EndorsementCredential(Files.readAllBytes(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI()))
|
Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI()))
|
||||||
);
|
);
|
||||||
|
|
||||||
intermediateca02cert = new CertificateAuthorityCredential(
|
intermediateca02cert = new CertificateAuthorityCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(INT_CA_CERT02)).toURI()))
|
Objects.requireNonNull(getClass().getResource(INT_CA_CERT02)).toURI()))
|
||||||
);
|
);
|
||||||
|
|
||||||
rootcacert = new CertificateAuthorityCredential(
|
rootcacert = new CertificateAuthorityCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(FAKE_ROOT_CA_ORIG)).toURI()))
|
Objects.requireNonNull(getClass().getResource(FAKE_ROOT_CA_ORIG)).toURI()))
|
||||||
);
|
);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
@ -286,14 +285,15 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
@Test
|
@Test
|
||||||
public final void validateIntelPlatformCredentials()
|
public final void validateIntelPlatformCredentials()
|
||||||
throws URISyntaxException, IOException, CertificateException, KeyStoreException {
|
throws URISyntaxException, IOException, CertificateException, KeyStoreException {
|
||||||
Certificate rootcacert, intermediatecacert;
|
|
||||||
|
|
||||||
intermediatecacert = new CertificateAuthorityCredential(
|
Certificate intermediatecacert =
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(INTEL_INT_CA)).toURI()))
|
new CertificateAuthorityCredential(Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(getClass().getResource(INTEL_INT_CA)).toURI()))
|
||||||
);
|
);
|
||||||
|
|
||||||
rootcacert = new CertificateAuthorityCredential(
|
Certificate rootcacert =
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(FAKE_ROOT_CA)).toURI()))
|
new CertificateAuthorityCredential(Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(getClass().getResource(FAKE_ROOT_CA)).toURI()))
|
||||||
);
|
);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
@ -301,8 +301,9 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
keyStore.setCertificateEntry("Intel Intermediate Cert",
|
keyStore.setCertificateEntry("Intel Intermediate Cert",
|
||||||
intermediatecacert.getX509Certificate());
|
intermediatecacert.getX509Certificate());
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(INTEL_PLATFORM_CERT)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
||||||
|
INTEL_PLATFORM_CERT)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
@ -327,8 +328,9 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
public final void validateIntelPlatformCredentialAttributes()
|
public final void validateIntelPlatformCredentialAttributes()
|
||||||
throws Exception {
|
throws Exception {
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
||||||
|
INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
@ -337,8 +339,8 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
PLATFORM_VERSION, TEST_BOARD_SERIAL_NUMBER,
|
PLATFORM_VERSION, TEST_BOARD_SERIAL_NUMBER,
|
||||||
TEST_CHASSIS_SERIAL_NUMBER, TEST_BOARD_SERIAL_NUMBER));
|
TEST_CHASSIS_SERIAL_NUMBER, TEST_BOARD_SERIAL_NUMBER));
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
AppraisalStatus result =
|
AppraisalStatus result =
|
||||||
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
||||||
@ -362,13 +364,14 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
||||||
DeviceInfoEnums.NOT_SPECIFIED, TEST_BOARD_SERIAL_NUMBER));
|
DeviceInfoEnums.NOT_SPECIFIED, TEST_BOARD_SERIAL_NUMBER));
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
||||||
|
INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
AppraisalStatus result =
|
AppraisalStatus result =
|
||||||
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
||||||
@ -391,13 +394,14 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
||||||
TEST_CHASSIS_SERIAL_NUMBER, DeviceInfoEnums.NOT_SPECIFIED));
|
TEST_CHASSIS_SERIAL_NUMBER, DeviceInfoEnums.NOT_SPECIFIED));
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
||||||
|
INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
AppraisalStatus result =
|
AppraisalStatus result =
|
||||||
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
||||||
@ -422,13 +426,14 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
DeviceInfoEnums.NOT_SPECIFIED, TEST_BOARD_SERIAL_NUMBER,
|
DeviceInfoEnums.NOT_SPECIFIED, TEST_BOARD_SERIAL_NUMBER,
|
||||||
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED));
|
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED));
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
||||||
|
INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
AppraisalStatus result =
|
AppraisalStatus result =
|
||||||
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
||||||
@ -451,13 +456,15 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
||||||
TEST_BOARD_SERIAL_NUMBER, DeviceInfoEnums.NOT_SPECIFIED));
|
TEST_BOARD_SERIAL_NUMBER, DeviceInfoEnums.NOT_SPECIFIED));
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
||||||
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
AppraisalStatus result =
|
AppraisalStatus result =
|
||||||
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
||||||
@ -480,13 +487,14 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
||||||
DeviceInfoEnums.NOT_SPECIFIED, TEST_CHASSIS_SERIAL_NUMBER));
|
DeviceInfoEnums.NOT_SPECIFIED, TEST_CHASSIS_SERIAL_NUMBER));
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
||||||
|
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
AppraisalStatus result =
|
AppraisalStatus result =
|
||||||
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
||||||
@ -509,13 +517,14 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
DeviceInfoEnums.NOT_SPECIFIED, TEST_CHASSIS_SERIAL_NUMBER,
|
DeviceInfoEnums.NOT_SPECIFIED, TEST_CHASSIS_SERIAL_NUMBER,
|
||||||
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED));
|
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED));
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
||||||
|
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
AppraisalStatus result =
|
AppraisalStatus result =
|
||||||
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
CredentialValidator.validatePlatformCredentialAttributes(pc,
|
||||||
@ -539,13 +548,15 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
PLATFORM_VERSION, DeviceInfoEnums.NOT_SPECIFIED,
|
PLATFORM_VERSION, DeviceInfoEnums.NOT_SPECIFIED,
|
||||||
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED));
|
DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED));
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
||||||
|
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
String expectedMessage = "Platform serial did not match device info";
|
String expectedMessage = "Platform serial did not match device info";
|
||||||
|
|
||||||
@ -569,13 +580,15 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
new HardwareInfo(DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
new HardwareInfo(DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
|
||||||
DeviceInfoEnums.NOT_SPECIFIED, "zzz", "aaa", "bbb"));
|
DeviceInfoEnums.NOT_SPECIFIED, "zzz", "aaa", "bbb"));
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.
|
||||||
|
getResource(INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
String expectedMessage = "Platform serial did not match device info";
|
String expectedMessage = "Platform serial did not match device info";
|
||||||
|
|
||||||
@ -883,7 +896,8 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
@Test
|
@Test
|
||||||
public final void verifyPlatformCredentialWithBadKeyStore()
|
public final void verifyPlatformCredentialWithBadKeyStore()
|
||||||
throws URISyntaxException, IOException {
|
throws URISyntaxException, IOException {
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
||||||
INTEL_PLATFORM_CERT)).toURI()));
|
INTEL_PLATFORM_CERT)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
@ -922,7 +936,8 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
@Test
|
@Test
|
||||||
public final void verifyPlatformCredentialNullKeyStore()
|
public final void verifyPlatformCredentialNullKeyStore()
|
||||||
throws URISyntaxException, IOException {
|
throws URISyntaxException, IOException {
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
||||||
INTEL_PLATFORM_CERT)).toURI()));
|
INTEL_PLATFORM_CERT)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
@ -946,13 +961,14 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
@Test
|
@Test
|
||||||
public final void verifyPlatformCredentialNullDeviceInfoReport()
|
public final void verifyPlatformCredentialNullDeviceInfoReport()
|
||||||
throws URISyntaxException, IOException {
|
throws URISyntaxException, IOException {
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(SupplyChainCredentialValidatorTest.class.getResource(
|
||||||
INTEL_PLATFORM_CERT_2)).toURI()));
|
INTEL_PLATFORM_CERT_2)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(
|
EndorsementCredential ec = new EndorsementCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
|
||||||
|
|
||||||
String expectedMessage = "Can't validate platform credential attributes without a "
|
String expectedMessage = "Can't validate platform credential attributes without a "
|
||||||
+ "device info report";
|
+ "device info report";
|
||||||
@ -976,12 +992,13 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
public final void testPlatformDnEquals() throws URISyntaxException, IOException,
|
public final void testPlatformDnEquals() throws URISyntaxException, IOException,
|
||||||
KeyStoreException, SupplyChainValidatorException {
|
KeyStoreException, SupplyChainValidatorException {
|
||||||
Certificate signingCert;
|
Certificate signingCert;
|
||||||
signingCert = new CertificateAuthorityCredential(
|
signingCert = new CertificateAuthorityCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(INTEL_SIGNING_KEY)).toURI()))
|
Objects.requireNonNull(getClass().getResource(INTEL_SIGNING_KEY)).toURI()))
|
||||||
);
|
);
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidator.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(NEW_NUC1)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidator.class.getResource(
|
||||||
|
NEW_NUC1)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
|
|
||||||
@ -1005,11 +1022,12 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
public final void testPlatformDnNotEquals() throws URISyntaxException, IOException,
|
public final void testPlatformDnNotEquals() throws URISyntaxException, IOException,
|
||||||
KeyStoreException, SupplyChainValidatorException {
|
KeyStoreException, SupplyChainValidatorException {
|
||||||
Certificate signingCert;
|
Certificate signingCert;
|
||||||
signingCert = new CertificateAuthorityCredential(
|
signingCert = new CertificateAuthorityCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(INTEL_INT_CA)).toURI()))
|
Objects.requireNonNull(getClass().getResource(INTEL_INT_CA)).toURI()))
|
||||||
);
|
);
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidator.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(SupplyChainCredentialValidator.class.
|
||||||
getResource(NEW_NUC1)).toURI()));
|
getResource(NEW_NUC1)).toURI()));
|
||||||
|
|
||||||
PlatformCredential pc = new PlatformCredential(certBytes);
|
PlatformCredential pc = new PlatformCredential(certBytes);
|
||||||
@ -1033,12 +1051,13 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
public final void testEndorsementDnEquals() throws URISyntaxException, IOException,
|
public final void testEndorsementDnEquals() throws URISyntaxException, IOException,
|
||||||
KeyStoreException, SupplyChainValidatorException {
|
KeyStoreException, SupplyChainValidatorException {
|
||||||
Certificate signingCert;
|
Certificate signingCert;
|
||||||
signingCert = new CertificateAuthorityCredential(
|
signingCert = new CertificateAuthorityCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(INT_CA_CERT02)).toURI()))
|
Objects.requireNonNull(getClass().getResource(INT_CA_CERT02)).toURI()))
|
||||||
);
|
);
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidator.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
getResource(TEST_EK_CERT)).toURI()));
|
Objects.requireNonNull(SupplyChainCredentialValidator.class.getResource(
|
||||||
|
TEST_EK_CERT)).toURI()));
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(certBytes);
|
EndorsementCredential ec = new EndorsementCredential(certBytes);
|
||||||
|
|
||||||
@ -1062,11 +1081,12 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
public final void testEndorsementDnNotEquals() throws URISyntaxException, IOException,
|
public final void testEndorsementDnNotEquals() throws URISyntaxException, IOException,
|
||||||
KeyStoreException, SupplyChainValidatorException {
|
KeyStoreException, SupplyChainValidatorException {
|
||||||
Certificate signingCert;
|
Certificate signingCert;
|
||||||
signingCert = new CertificateAuthorityCredential(
|
signingCert = new CertificateAuthorityCredential(Files.readAllBytes(Paths.get(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(INTEL_INT_CA)).toURI()))
|
Objects.requireNonNull(getClass().getResource(INTEL_INT_CA)).toURI()))
|
||||||
);
|
);
|
||||||
|
|
||||||
byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidator.class.
|
byte[] certBytes = Files.readAllBytes(Paths.get(
|
||||||
|
Objects.requireNonNull(SupplyChainCredentialValidator.class.
|
||||||
getResource(TEST_EK_CERT)).toURI()));
|
getResource(TEST_EK_CERT)).toURI()));
|
||||||
|
|
||||||
EndorsementCredential ec = new EndorsementCredential(certBytes);
|
EndorsementCredential ec = new EndorsementCredential(certBytes);
|
||||||
@ -1267,8 +1287,9 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
throws IOException, URISyntaxException {
|
throws IOException, URISyntaxException {
|
||||||
DeviceInfoReport deviceInfoReport = setupDeviceInfoReportWithNotSpecifiedComponents();
|
DeviceInfoReport deviceInfoReport = setupDeviceInfoReportWithNotSpecifiedComponents();
|
||||||
PlatformCredential platformCredential = new PlatformCredential(
|
PlatformCredential platformCredential = new PlatformCredential(
|
||||||
Files.readAllBytes(Paths.get(Objects.requireNonNull(SupplyChainCredentialValidator.class.
|
Files.readAllBytes(Paths.get(
|
||||||
getResource((SAMPLE_TEST_PACCOR_CERT))).toURI())));
|
Objects.requireNonNull(SupplyChainCredentialValidator.class.getResource(
|
||||||
|
SAMPLE_TEST_PACCOR_CERT)).toURI())));
|
||||||
|
|
||||||
AppraisalStatus appraisalStatus = CertificateAttributeScvValidator
|
AppraisalStatus appraisalStatus = CertificateAttributeScvValidator
|
||||||
.validatePlatformCredentialAttributesV2p0(platformCredential, deviceInfoReport);
|
.validatePlatformCredentialAttributesV2p0(platformCredential, deviceInfoReport);
|
||||||
@ -1936,9 +1957,9 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
.validateDeltaPlatformCredentialAttributes(delta1,
|
.validateDeltaPlatformCredentialAttributes(delta1,
|
||||||
deviceInfoReport, base, chainCredentials);
|
deviceInfoReport, base, chainCredentials);
|
||||||
assertEquals(AppraisalStatus.Status.FAIL, result.getAppStatus());
|
assertEquals(AppraisalStatus.Status.FAIL, result.getAppStatus());
|
||||||
assertEquals("There are unmatched components:\n" +
|
assertEquals("There are unmatched components:\n"
|
||||||
"Manufacturer=Intel Corporation, Model=82580 Gigabit Network " +
|
+ "Manufacturer=Intel Corporation, Model=82580 Gigabit Network "
|
||||||
"Connection-faulty, Serial=90:e2:ba:31:83:10, Revision=;\n",
|
+ "Connection-faulty, Serial=90:e2:ba:31:83:10, Revision=;\n",
|
||||||
result.getMessage());
|
result.getMessage());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2017,7 +2038,7 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
* @return new X509Certificate
|
* @return new X509Certificate
|
||||||
*/
|
*/
|
||||||
private static X509Certificate createCertSignedByAnotherCert(final KeyPair keyPair,
|
private static X509Certificate createCertSignedByAnotherCert(final KeyPair keyPair,
|
||||||
final PrivateKey signingKey, final X509Certificate signingCert) {
|
final PrivateKey signingKey, final X509Certificate signingCert) {
|
||||||
final int timeRange = 10000;
|
final int timeRange = 10000;
|
||||||
X509Certificate cert = null;
|
X509Certificate cert = null;
|
||||||
try {
|
try {
|
||||||
@ -2072,7 +2093,7 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
return cert;
|
return cert;
|
||||||
}
|
}
|
||||||
|
|
||||||
private DeviceInfoReport buildReport(final HardwareInfo hardwareInfo) {
|
private DeviceInfoReport buildReport(final HardwareInfo givenHardwareInfo) {
|
||||||
final InetAddress ipAddress = getTestIpAddress();
|
final InetAddress ipAddress = getTestIpAddress();
|
||||||
final byte[] macAddress = new byte[] {11, 22, 33, 44, 55, 66};
|
final byte[] macAddress = new byte[] {11, 22, 33, 44, 55, 66};
|
||||||
|
|
||||||
@ -2082,7 +2103,7 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
TPMInfo tpmInfo = new TPMInfo();
|
TPMInfo tpmInfo = new TPMInfo();
|
||||||
|
|
||||||
return new DeviceInfoReport(networkInfo, osInfo,
|
return new DeviceInfoReport(networkInfo, osInfo,
|
||||||
firmwareInfo, hardwareInfo, tpmInfo);
|
firmwareInfo, givenHardwareInfo, tpmInfo);
|
||||||
}
|
}
|
||||||
private static InetAddress getTestIpAddress() {
|
private static InetAddress getTestIpAddress() {
|
||||||
try {
|
try {
|
||||||
|
Loading…
Reference in New Issue
Block a user