ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-19 21:17:59 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fixed issues that caused the ACA to not complete a provision.

Browse Source 
FWvalidator was using an object used by the tool and not the portal.
Updated a few repository calls
This commit is contained in:
Cyrus 2023-11-28 15:39:33 -05:00
parent 995d69cc8f
commit 8ae0745ac5
4 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/ComponentInfo.java
View File

@ -145,7 +145,7 @@ public class ComponentInfo implements Serializable {
final String componentModel,
final String componentSerial,
final String componentRevision) {
return !(StringUtils.isEmpty(componentManufacturer)
return (StringUtils.isEmpty(componentManufacturer)
|| StringUtils.isEmpty(componentModel));
}
}

8
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java
View File

@ -66,8 +66,8 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
failedString = "Base Reference Integrity Manifest\n";
passed = false;
} else {
measurement = (EventLogMeasurements) referenceManifestRepository.findByHexDecHash(
baseReferenceManifest.getEventLogHash());
measurement = (EventLogMeasurements) referenceManifestRepository.findByHexDecHashAndRimType(
baseReferenceManifest.getEventLogHash(), ReferenceManifest.MEASUREMENT_RIM);
if (measurement == null) {
measurement = referenceManifestRepository.byMeasurementDeviceName(
@ -125,8 +125,8 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
}
for (SwidResource swidRes : resources) {
supportReferenceManifest = referenceManifestRepository.findByHexDecHash(
swidRes.getHashValue());
supportReferenceManifest = referenceManifestRepository.findByHexDecHashAndRimType(
swidRes.getHashValue(), ReferenceManifest.SUPPORT_RIM);
if (supportReferenceManifest != null) {
// Removed the filename check from this if statement
referenceManifestValidator.validateSupportRimHash(

3
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java
View File

@ -271,7 +271,8 @@ public class ReferenceManifestDetailsPageController extends PageController<Refer
// to get the id to make the link
RIM_VALIDATOR.setRim(baseRim.getRimBytes());
for (SwidResource swidRes : resources) {
support = (SupportReferenceManifest) referenceManifestRepository.findByHexDecHash(swidRes.getHashValue());
support = (SupportReferenceManifest) referenceManifestRepository.findByHexDecHashAndRimType(
swidRes.getHashValue(), ReferenceManifest.SUPPORT_RIM);
if (support != null && swidRes.getHashValue()
.equalsIgnoreCase(support.getHexDecHash())) {

12
HIRS_Utils/src/main/java/hirs/utils/rim/ReferenceManifestValidator.java
View File

@ -39,7 +39,13 @@ import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.Schema;
import javax.xml.validation.SchemaFactory;
import java.io.*;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.*;
@ -204,7 +210,9 @@ public class ReferenceManifestValidator {
log.error("Cannot validate RIM, signature element not found!");
return false;
}
trustStore = parseCertificatesFromPem(trustStoreFile);
if (!trustStoreFile.isEmpty()) {
trustStore = parseCertificatesFromPem(trustStoreFile);
}
NodeList certElement = rim.getElementsByTagName("X509Certificate");
if (certElement.getLength() > 0) {
X509Certificate embeddedCert = parseCertFromPEMString(