diff --git a/HIRS_Utils/src/main/java/hirs/utils/AbstractEntity.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/AbstractEntity.java similarity index 97% rename from HIRS_Utils/src/main/java/hirs/utils/AbstractEntity.java rename to HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/AbstractEntity.java index 2d699e87..e89249c6 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/AbstractEntity.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/AbstractEntity.java @@ -1,4 +1,4 @@ -package hirs.utils; +package hirs.attestationca.persist.entity; import jakarta.persistence.Column; import jakarta.persistence.GeneratedValue; diff --git a/HIRS_Utils/src/main/java/hirs/utils/ArchivableEntity.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/ArchivableEntity.java similarity index 98% rename from HIRS_Utils/src/main/java/hirs/utils/ArchivableEntity.java rename to HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/ArchivableEntity.java index fbb32bd0..a39ec842 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/ArchivableEntity.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/ArchivableEntity.java @@ -1,4 +1,4 @@ -package hirs.utils; +package hirs.attestationca.persist.entity; import jakarta.persistence.Column; import jakarta.persistence.MappedSuperclass; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/UserDefinedEntity.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/UserDefinedEntity.java index 730378f4..ca38680d 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/UserDefinedEntity.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/UserDefinedEntity.java @@ -1,6 +1,5 @@ package hirs.attestationca.persist.entity; -import hirs.utils.ArchivableEntity; import jakarta.persistence.Column; import jakarta.persistence.MappedSuperclass; import lombok.AllArgsConstructor; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CACredentialRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CACredentialRepository.java index 26362784..d3f3074f 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CACredentialRepository.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CACredentialRepository.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.entity.manager; -import hirs.utils.CertificateAuthorityCredential; +import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.Query; import org.springframework.stereotype.Repository; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CertificateRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CertificateRepository.java index 0f83b2a5..5a97022d 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CertificateRepository.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CertificateRepository.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.entity.manager; -import hirs.utils.Certificate; +import hirs.attestationca.persist.entity.userdefined.Certificate; import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential; import hirs.attestationca.persist.entity.userdefined.certificate.IssuedAttestationCertificate; import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ReferenceManifestRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ReferenceManifestRepository.java index d934a769..eb0892b2 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ReferenceManifestRepository.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ReferenceManifestRepository.java @@ -1,7 +1,7 @@ package hirs.attestationca.persist.entity.manager; -import hirs.utils.rim.ReferenceManifest; -import hirs.utils.rim.BaseReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.ReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.rim.BaseReferenceManifest; import hirs.attestationca.persist.entity.userdefined.rim.EventLogMeasurements; import hirs.attestationca.persist.entity.userdefined.rim.SupportReferenceManifest; import org.springframework.data.jpa.repository.JpaRepository; diff --git a/HIRS_Utils/src/main/java/hirs/utils/Certificate.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Certificate.java similarity index 99% rename from HIRS_Utils/src/main/java/hirs/utils/Certificate.java rename to HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Certificate.java index af28a232..fda9d4c8 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/Certificate.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Certificate.java @@ -1,7 +1,11 @@ -package hirs.utils; +package hirs.attestationca.persist.entity.userdefined; import com.fasterxml.jackson.annotation.JsonIgnore; import com.google.common.base.Preconditions; +import hirs.attestationca.persist.entity.ArchivableEntity; +import hirs.attestationca.persist.entity.userdefined.certificate.CertificateVariables; +import hirs.attestationca.persist.util.CredentialHelper; +import hirs.utils.HexUtils; import jakarta.persistence.Column; import jakarta.persistence.Entity; import jakarta.persistence.Inheritance; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java index cd56b9c4..118cd3d7 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.entity.userdefined; -import hirs.utils.AbstractEntity; +import hirs.attestationca.persist.entity.AbstractEntity; import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport; import hirs.attestationca.persist.enums.AppraisalStatus; import hirs.attestationca.persist.enums.HealthStatus; diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/ReferenceManifest.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/ReferenceManifest.java similarity index 97% rename from HIRS_Utils/src/main/java/hirs/utils/rim/ReferenceManifest.java rename to HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/ReferenceManifest.java index 321a8ef9..ea496a00 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/rim/ReferenceManifest.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/ReferenceManifest.java @@ -1,8 +1,8 @@ -package hirs.utils.rim; +package hirs.attestationca.persist.entity.userdefined; -import hirs.utils.ArchivableEntity; import com.fasterxml.jackson.annotation.JsonIgnore; import com.google.common.base.Preconditions; +import hirs.attestationca.persist.entity.ArchivableEntity; import jakarta.persistence.Access; import jakarta.persistence.AccessType; import jakarta.persistence.Column; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Report.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Report.java index daf0c523..d6c4ff2b 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Report.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Report.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.entity.userdefined; -import hirs.utils.AbstractEntity; +import hirs.attestationca.persist.entity.AbstractEntity; import jakarta.persistence.Access; import jakarta.persistence.AccessType; import jakarta.persistence.Entity; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java index 7a040ac7..97c892e5 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java @@ -1,9 +1,7 @@ package hirs.attestationca.persist.entity.userdefined; import com.google.common.base.Preconditions; -import hirs.utils.ArchivableEntity; -import hirs.utils.Certificate; -import hirs.utils.rim.ReferenceManifest; +import hirs.attestationca.persist.entity.ArchivableEntity; import hirs.attestationca.persist.enums.AppraisalStatus; import jakarta.persistence.Column; import jakarta.persistence.Entity; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationSummary.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationSummary.java index 57f772b2..3ffeff34 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationSummary.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationSummary.java @@ -1,7 +1,7 @@ package hirs.attestationca.persist.entity.userdefined; import com.google.common.base.Preconditions; -import hirs.utils.ArchivableEntity; +import hirs.attestationca.persist.entity.ArchivableEntity; import hirs.attestationca.persist.enums.AppraisalStatus; import jakarta.persistence.CascadeType; import jakarta.persistence.Column; diff --git a/HIRS_Utils/src/main/java/hirs/utils/CertificateAuthorityCredential.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateAuthorityCredential.java similarity index 97% rename from HIRS_Utils/src/main/java/hirs/utils/CertificateAuthorityCredential.java rename to HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateAuthorityCredential.java index add48be0..72047d42 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/CertificateAuthorityCredential.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateAuthorityCredential.java @@ -1,5 +1,6 @@ -package hirs.utils; +package hirs.attestationca.persist.entity.userdefined.certificate; +import hirs.attestationca.persist.entity.userdefined.Certificate; import jakarta.persistence.Column; import jakarta.persistence.Entity; import lombok.Getter; diff --git a/HIRS_Utils/src/main/java/hirs/utils/CertificateVariables.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java similarity index 97% rename from HIRS_Utils/src/main/java/hirs/utils/CertificateVariables.java rename to HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java index 16fcc4a4..621ef771 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/CertificateVariables.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java @@ -1,4 +1,4 @@ -package hirs.utils; +package hirs.attestationca.persist.entity.userdefined.certificate; public class CertificateVariables { diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java index 9be4a092..ddb6f13c 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.entity.userdefined.certificate; -import hirs.utils.AbstractEntity; +import hirs.attestationca.persist.entity.AbstractEntity; import jakarta.persistence.Entity; import lombok.AccessLevel; import lombok.EqualsAndHashCode; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ConformanceCredential.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ConformanceCredential.java index c695016d..25186117 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ConformanceCredential.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ConformanceCredential.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.entity.userdefined.certificate; -import hirs.utils.Certificate; +import hirs.attestationca.persist.entity.userdefined.Certificate; import jakarta.persistence.Entity; import lombok.AccessLevel; import lombok.NoArgsConstructor; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/DeviceAssociatedCertificate.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/DeviceAssociatedCertificate.java index 499e69af..e0f54321 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/DeviceAssociatedCertificate.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/DeviceAssociatedCertificate.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.entity.userdefined.certificate; -import hirs.utils.Certificate; +import hirs.attestationca.persist.entity.userdefined.Certificate; import jakarta.persistence.Column; import jakarta.persistence.MappedSuperclass; import lombok.AccessLevel; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/DeviceInfoReport.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/DeviceInfoReport.java index d33538a9..1d4c4a1f 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/DeviceInfoReport.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/DeviceInfoReport.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.entity.userdefined.report; -import hirs.utils.AbstractEntity; +import hirs.attestationca.persist.entity.AbstractEntity; import hirs.attestationca.persist.entity.userdefined.info.FirmwareInfo; import hirs.attestationca.persist.entity.userdefined.info.HardwareInfo; import hirs.attestationca.persist.entity.userdefined.info.NetworkInfo; diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/BaseReferenceManifest.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/BaseReferenceManifest.java similarity index 99% rename from HIRS_Utils/src/main/java/hirs/utils/rim/BaseReferenceManifest.java rename to HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/BaseReferenceManifest.java index a10fdf45..74493148 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/rim/BaseReferenceManifest.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/BaseReferenceManifest.java @@ -1,5 +1,6 @@ -package hirs.utils.rim; +package hirs.attestationca.persist.entity.userdefined.rim; +import hirs.attestationca.persist.entity.userdefined.ReferenceManifest; import hirs.utils.SwidResource; import hirs.utils.swid.SwidTagConstants; import jakarta.persistence.Column; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/EventLogMeasurements.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/EventLogMeasurements.java index 6433c746..4d400121 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/EventLogMeasurements.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/EventLogMeasurements.java @@ -1,7 +1,7 @@ package hirs.attestationca.persist.entity.userdefined.rim; import com.fasterxml.jackson.annotation.JsonIgnore; -import hirs.utils.rim.ReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.ReferenceManifest; import hirs.attestationca.persist.enums.AppraisalStatus; import hirs.utils.tpm.eventlog.TCGEventLog; import hirs.utils.tpm.eventlog.TpmPcrEvent; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/ReferenceDigestValue.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/ReferenceDigestValue.java index 72c9dbce..be8106ef 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/ReferenceDigestValue.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/ReferenceDigestValue.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.entity.userdefined.rim; -import hirs.utils.AbstractEntity; +import hirs.attestationca.persist.entity.AbstractEntity; import jakarta.persistence.Access; import jakarta.persistence.AccessType; import jakarta.persistence.Column; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/SupportReferenceManifest.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/SupportReferenceManifest.java index 14c74d75..98769b57 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/SupportReferenceManifest.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/SupportReferenceManifest.java @@ -1,7 +1,7 @@ package hirs.attestationca.persist.entity.userdefined.rim; import com.fasterxml.jackson.annotation.JsonIgnore; -import hirs.utils.rim.ReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.ReferenceManifest; import hirs.utils.tpm.eventlog.TCGEventLog; import hirs.utils.tpm.eventlog.TpmPcrEvent; import jakarta.persistence.Column; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/AbstractProcessor.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/AbstractProcessor.java index f36233db..cca14eca 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/AbstractProcessor.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/AbstractProcessor.java @@ -4,7 +4,7 @@ import com.google.protobuf.ByteString; import hirs.attestationca.configuration.provisionerTpm2.ProvisionerTpm2; import hirs.attestationca.persist.entity.manager.CertificateRepository; import hirs.attestationca.persist.entity.manager.PolicyRepository; -import hirs.utils.Certificate; +import hirs.attestationca.persist.entity.userdefined.Certificate; import hirs.attestationca.persist.entity.userdefined.Device; import hirs.attestationca.persist.entity.userdefined.PolicySettings; import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java index 308a0344..05e1ad77 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java @@ -11,7 +11,7 @@ import hirs.attestationca.persist.entity.manager.TPM2ProvisionerStateRepository; import hirs.attestationca.persist.entity.tpm.TPM2ProvisionerState; import hirs.attestationca.persist.entity.userdefined.Device; import hirs.attestationca.persist.entity.userdefined.PolicySettings; -import hirs.utils.rim.ReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.ReferenceManifest; import hirs.attestationca.persist.entity.userdefined.SupplyChainValidationSummary; import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential; import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential; @@ -21,7 +21,7 @@ import hirs.attestationca.persist.entity.userdefined.info.NetworkInfo; import hirs.attestationca.persist.entity.userdefined.info.OSInfo; import hirs.attestationca.persist.entity.userdefined.info.TPMInfo; import hirs.attestationca.persist.entity.userdefined.report.DeviceInfoReport; -import hirs.utils.rim.BaseReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.rim.BaseReferenceManifest; import hirs.attestationca.persist.entity.userdefined.rim.EventLogMeasurements; import hirs.attestationca.persist.entity.userdefined.rim.ReferenceDigestValue; import hirs.attestationca.persist.entity.userdefined.rim.SupportReferenceManifest; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/SupplyChainValidationService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/SupplyChainValidationService.java index c55c1a90..9e6f5d4c 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/SupplyChainValidationService.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/SupplyChainValidationService.java @@ -1,6 +1,7 @@ package hirs.attestationca.persist.service; import hirs.attestationca.persist.DBManagerException; +import hirs.attestationca.persist.entity.ArchivableEntity; import hirs.attestationca.persist.entity.manager.CACredentialRepository; import hirs.attestationca.persist.entity.manager.CertificateRepository; import hirs.attestationca.persist.entity.manager.ComponentResultRepository; @@ -20,7 +21,6 @@ import hirs.attestationca.persist.entity.userdefined.rim.SupportReferenceManifes import hirs.attestationca.persist.enums.AppraisalStatus; import hirs.attestationca.persist.validation.PcrValidator; import hirs.attestationca.persist.validation.SupplyChainCredentialValidator; -import hirs.utils.ArchivableEntity; import lombok.extern.log4j.Log4j2; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java index e54af196..1fe060b5 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java @@ -1,13 +1,16 @@ package hirs.attestationca.persist.service; +import hirs.attestationca.persist.entity.ArchivableEntity; import hirs.attestationca.persist.entity.manager.CACredentialRepository; import hirs.attestationca.persist.entity.manager.CertificateRepository; import hirs.attestationca.persist.entity.manager.ComponentResultRepository; import hirs.attestationca.persist.entity.manager.ReferenceDigestValueRepository; import hirs.attestationca.persist.entity.manager.ReferenceManifestRepository; +import hirs.attestationca.persist.entity.userdefined.Certificate; import hirs.attestationca.persist.entity.userdefined.Device; import hirs.attestationca.persist.entity.userdefined.PolicySettings; import hirs.attestationca.persist.entity.userdefined.SupplyChainValidation; +import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential; import hirs.attestationca.persist.entity.userdefined.certificate.ComponentResult; import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential; import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential; @@ -16,10 +19,7 @@ import hirs.attestationca.persist.enums.AppraisalStatus; import hirs.attestationca.persist.validation.CertificateAttributeScvValidator; import hirs.attestationca.persist.validation.CredentialValidator; import hirs.attestationca.persist.validation.FirmwareScvValidator; -import hirs.utils.ArchivableEntity; import hirs.utils.BouncyCastleUtils; -import hirs.utils.Certificate; -import hirs.utils.CertificateAuthorityCredential; import lombok.extern.log4j.Log4j2; import org.apache.logging.log4j.Level; import org.bouncycastle.util.encoders.Hex; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/CertificateSelector.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/CertificateSelector.java index c83b1982..5f28222c 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/CertificateSelector.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/CertificateSelector.java @@ -1,7 +1,7 @@ package hirs.attestationca.persist.service.selector; import com.google.common.base.Preconditions; -import hirs.utils.Certificate; +import hirs.attestationca.persist.entity.userdefined.Certificate; import jakarta.persistence.criteria.CriteriaBuilder; import jakarta.persistence.criteria.CriteriaQuery; import jakarta.persistence.criteria.Predicate; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/ReferenceManifestSelector.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/ReferenceManifestSelector.java index 4f6b4d88..62442115 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/ReferenceManifestSelector.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/ReferenceManifestSelector.java @@ -1,8 +1,8 @@ package hirs.attestationca.persist.service.selector; import com.google.common.base.Preconditions; -import hirs.utils.Certificate; -import hirs.utils.rim.ReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.Certificate; +import hirs.attestationca.persist.entity.userdefined.ReferenceManifest; import jakarta.persistence.criteria.CriteriaBuilder; import jakarta.persistence.criteria.CriteriaQuery; import jakarta.persistence.criteria.Predicate; diff --git a/HIRS_Utils/src/main/java/hirs/utils/CredentialHelper.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java similarity index 98% rename from HIRS_Utils/src/main/java/hirs/utils/CredentialHelper.java rename to HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java index 27f55912..f6224504 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/CredentialHelper.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java @@ -1,5 +1,6 @@ -package hirs.utils; +package hirs.attestationca.persist.util; +import hirs.attestationca.persist.entity.userdefined.certificate.CertificateVariables; import lombok.AccessLevel; import lombok.NoArgsConstructor; import lombok.extern.log4j.Log4j2; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java index b6194351..5140632a 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java @@ -1,6 +1,6 @@ package hirs.attestationca.persist.validation; -import hirs.utils.ArchivableEntity; +import hirs.attestationca.persist.entity.ArchivableEntity; import hirs.attestationca.persist.entity.userdefined.SupplyChainValidation; import hirs.attestationca.persist.entity.userdefined.certificate.ComponentResult; import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java index 068f4dd1..1ee6bc4d 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java @@ -5,15 +5,15 @@ import hirs.attestationca.persist.entity.manager.ReferenceDigestValueRepository; import hirs.attestationca.persist.entity.manager.ReferenceManifestRepository; import hirs.attestationca.persist.entity.userdefined.Device; import hirs.attestationca.persist.entity.userdefined.PolicySettings; +import hirs.attestationca.persist.entity.userdefined.ReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential; +import hirs.attestationca.persist.entity.userdefined.rim.BaseReferenceManifest; import hirs.attestationca.persist.entity.userdefined.rim.EventLogMeasurements; import hirs.attestationca.persist.entity.userdefined.rim.ReferenceDigestValue; import hirs.attestationca.persist.enums.AppraisalStatus; import hirs.attestationca.persist.service.ValidationService; -import hirs.utils.CertificateAuthorityCredential; -import hirs.utils.SwidResource; -import hirs.utils.rim.ReferenceManifest; import hirs.utils.rim.ReferenceManifestValidator; -import hirs.utils.rim.BaseReferenceManifest; +import hirs.utils.SwidResource; import hirs.utils.tpm.eventlog.TCGEventLog; import hirs.utils.tpm.eventlog.TpmPcrEvent; import lombok.extern.log4j.Log4j2; diff --git a/HIRS_Utils/src/test/java/hirs/utils/CertificateTest.java b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/CertificateTest.java similarity index 90% rename from HIRS_Utils/src/test/java/hirs/utils/CertificateTest.java rename to HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/CertificateTest.java index 71187416..b9a0d916 100644 --- a/HIRS_Utils/src/test/java/hirs/utils/CertificateTest.java +++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/CertificateTest.java @@ -1,4 +1,6 @@ -package hirs.utils; +package hirs.attestationca.persist.entity.userdefined; + +import hirs.attestationca.persist.entity.ArchivableEntity; import java.io.FileInputStream; import java.io.IOException; @@ -27,30 +29,6 @@ import static org.junit.jupiter.api.Assertions.assertThrows; * This class tests functionality of the {@link Certificate} class. */ public class CertificateTest { - /** - * Location of another, slightly different platform attribute cert. - */ - public static final String TEST_PLATFORM_CERT_3 = - "/validation/platform_credentials/Intel_pc3.cer"; - - /** - * Platform cert with comma separated baseboard and chassis serial number. - */ - public static final String TEST_PLATFORM_CERT_4 = - "/validation/platform_credentials/Intel_pc4.pem"; - - /** - * Another platform cert with comma separated baseboard and chassis serial number. - */ - public static final String TEST_PLATFORM_CERT_5 = - "/validation/platform_credentials/Intel_pc5.pem"; - - /** - * Location of another, slightly different platform attribute cert. - */ - public static final String TEST_PLATFORM_CERT_6 = - "/validation/platform_credentials/TPM_INTC_Platform_Cert_RSA.txt"; - /** * Location of a test (fake) root CA certificate. */ @@ -73,8 +51,59 @@ public class CertificateTest { */ public static final String FAKE_SGI_INT_CA_FILE = "/certificates/fakeSGIIntermediateCA.cer"; + /** + * Location of another test self-signed certificate. + */ + public static final String ANOTHER_SELF_SIGNED_FILE = + "/certificates/fakeSelfSigned.cer"; + + /** + * Location of the NUC EC. + */ + public static final String STM_NUC1_EC = "/certificates/nuc-1/tpmcert.pem"; + + /** + * Location of the ST Micro Intermediate 02 CA certificate. + */ + public static final String STM_INT_02_CA = "/certificates/stMicroCaCerts/stmtpmekint02.crt"; + + /** + * Location of the ST Micro Root CA certificate. + */ + public static final String STM_ROOT_CA = "/certificates/stMicroCaCerts/stmtpmekroot.crt"; + + /** + * Location of the GlobalSign Root CA certificate. + */ + public static final String GS_ROOT_CA = "/certificates/stMicroCaCerts/gstpmroot.crt"; + + /** + * Hex-encoded subject key identifier for the FAKE_ROOT_CA_FILE. + */ + public static final String FAKE_ROOT_CA_SUBJECT_KEY_IDENTIFIER_HEX = + "58ec313a1699f94c1c8c4e2c6412402b258f0177"; + + /** + * Location of a test STM endorsement credential. + */ + public static final String TEST_EC = "/certificates/ab21ccf2-tpmcert.pem"; + + /** + * Location of a test client cert. + */ + public static final String ISSUED_CLIENT_CERT = + "/tpm/sample_identity_cert.cer"; + private static final String INT_CA_CERT02 = "/certificates/fakestmtpmekint02.pem"; + private static final String RDN_COMMA_SEPARATED = + "CN=STM TPM EK Intermediate CA 02, O=STMicroelectronics NV, C=CH"; + private static final String RDN_MULTIVALUE = + "CN=Nuvoton TPM Root CA 2010+O=Nuvoton Technology Corporation+C=TW"; + + private static final String RDN_COMMA_SEPARATED_ORGANIZATION = "STMicroelectronics NV"; + private static final String RDN_MULTIVALUE_ORGANIZATION = "Nuvoton Technology Corporation"; + private static final String EK_CERT_WITH_PADDED_BYTES = "/certificates/ek_cert_with_padded_bytes.cer"; @@ -168,11 +197,11 @@ public class CertificateTest { assertNotEquals(getTestCertificate( PlatformCredential.class, - TEST_PLATFORM_CERT_3).getCertificateType(), + PlatformCredentialTest.TEST_PLATFORM_CERT_3).getCertificateType(), Certificate.CertificateType.X509_CERTIFICATE); assertEquals(getTestCertificate( PlatformCredential.class, - TEST_PLATFORM_CERT_3).getCertificateType(), + PlatformCredentialTest.TEST_PLATFORM_CERT_3).getCertificateType(), Certificate.CertificateType.ATTRIBUTE_CERTIFICATE); } @@ -186,7 +215,7 @@ public class CertificateTest { @Test public void testImportPem() throws IOException { Certificate platformCredential = getTestCertificate( - PlatformCredential.class, TEST_PLATFORM_CERT_4 + PlatformCredential.class, PlatformCredentialTest.TEST_PLATFORM_CERT_4 ); assertEquals(platformCredential.getCertificateType(), @@ -197,7 +226,7 @@ public class CertificateTest { ); platformCredential = getTestCertificate( - PlatformCredential.class, TEST_PLATFORM_CERT_5 + PlatformCredential.class, PlatformCredentialTest.TEST_PLATFORM_CERT_5 ); assertEquals(platformCredential.getCertificateType(), @@ -257,12 +286,12 @@ public class CertificateTest { public void testX509AttributeCertificateParsing() throws IOException, URISyntaxException { Certificate platformCert = getTestCertificate( PlatformCredential.class, - TEST_PLATFORM_CERT_3 + PlatformCredentialTest.TEST_PLATFORM_CERT_3 ); X509AttributeCertificateHolder attrCertHolder = new X509AttributeCertificateHolder( Files.readAllBytes(Paths.get(this.getClass().getResource( - TEST_PLATFORM_CERT_3 + PlatformCredentialTest.TEST_PLATFORM_CERT_3 ).toURI())) ); @@ -292,7 +321,7 @@ public class CertificateTest { public void testX509AttributeCertificateParsingExtended() throws IOException, URISyntaxException { Certificate platformCert = getTestCertificate( - PlatformCredential.class, TEST_PLATFORM_CERT_6); + PlatformCredential.class, PlatformCredentialTest.TEST_PLATFORM_CERT_6); assertEquals(platformCert.getAuthorityInfoAccess(), "https://trustedservices.intel.com/" diff --git a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationTest.java b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationTest.java index 1c5dbdfa..95c35a64 100644 --- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationTest.java +++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationTest.java @@ -3,16 +3,11 @@ package hirs.attestationca.persist.entity.userdefined; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertThrows; -import hirs.utils.ArchivableEntity; -import hirs.utils.CertificateAuthorityCredential; +import hirs.attestationca.persist.entity.ArchivableEntity; import hirs.attestationca.persist.enums.AppraisalStatus; -import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; import java.io.IOException; -import java.net.URISyntaxException; -import java.nio.file.Paths; -import java.util.ArrayList; import java.util.List; /** @@ -22,40 +17,6 @@ import java.util.List; class SupplyChainValidationTest { private static final String MESSAGE = "Some message."; - /** - * Location of a test (fake) root CA certificate. - */ - public static final String FAKE_ROOT_CA_FILE = "/certificates/fakeRootCA.cer"; - - /** - * Location of a test (fake) Intel intermediate CA certificate. - */ - public static final String FAKE_INTEL_INT_CA_FILE = - "/certificates/fakeIntelIntermediateCA.cer"; - - /** - * Location of a test (fake) SGI intermediate CA certificate. - */ - public static final String FAKE_SGI_INT_CA_FILE = "/certificates/fakeSGIIntermediateCA.cer"; - private static final List allTestCertificates = - new ArrayList(3); - - @BeforeAll - private static void setAllTestCertificates() throws URISyntaxException, IOException { - allTestCertificates.add( - new CertificateAuthorityCredential( - Paths.get(SupplyChainValidationTest.class.getResource( - FAKE_SGI_INT_CA_FILE).toURI()))); - allTestCertificates.add( - new CertificateAuthorityCredential( - Paths.get(SupplyChainValidationTest.class.getResource( - FAKE_INTEL_INT_CA_FILE).toURI()))); - allTestCertificates.add( - new CertificateAuthorityCredential( - Paths.get(SupplyChainValidationTest.class.getResource( - FAKE_ROOT_CA_FILE).toURI()))); - } - /** * Test that this class' getter methods work properly. * @@ -70,7 +31,7 @@ class SupplyChainValidationTest { ); assertEquals( validation.getCertificatesUsed(), - allTestCertificates + CertificateTest.getAllTestCertificates() ); assertEquals(validation.getMessage(), MESSAGE); } @@ -86,7 +47,7 @@ class SupplyChainValidationTest { new SupplyChainValidation( null, AppraisalStatus.Status.PASS, - allTestCertificates, + CertificateTest.getAllTestCertificates(), MESSAGE )); } @@ -117,7 +78,7 @@ class SupplyChainValidationTest { new SupplyChainValidation( SupplyChainValidation.ValidationType.ENDORSEMENT_CREDENTIAL, AppraisalStatus.Status.PASS, - allTestCertificates, + CertificateTest.getAllTestCertificates(), MESSAGE ); } @@ -134,7 +95,7 @@ class SupplyChainValidationTest { return getTestSupplyChainValidation( SupplyChainValidation.ValidationType.ENDORSEMENT_CREDENTIAL, AppraisalStatus.Status.PASS, - allTestCertificates + CertificateTest.getAllTestCertificates() ); } diff --git a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java index 0c5c32c3..43b06ae4 100644 --- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java +++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java @@ -1,7 +1,6 @@ package hirs.attestationca.persist.entity.userdefined.certificate; -import hirs.utils.Certificate; -import hirs.utils.CertificateAuthorityCredential; +import hirs.attestationca.persist.entity.userdefined.Certificate; import hirs.attestationca.persist.entity.userdefined.certificate.attributes.ComponentIdentifier; import hirs.attestationca.persist.entity.userdefined.certificate.attributes.PlatformConfiguration; import hirs.attestationca.persist.entity.userdefined.certificate.attributes.PlatformProperty; diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/CertificatePageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/CertificatePageController.java index 77968193..08df7d76 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/CertificatePageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/CertificatePageController.java @@ -9,12 +9,12 @@ import hirs.attestationca.persist.entity.manager.CertificateRepository; import hirs.attestationca.persist.entity.manager.EndorsementCredentialRepository; import hirs.attestationca.persist.entity.manager.IssuedCertificateRepository; import hirs.attestationca.persist.entity.manager.PlatformCertificateRepository; -import hirs.utils.Certificate; -import hirs.utils.CertificateAuthorityCredential; +import hirs.attestationca.persist.entity.userdefined.Certificate; +import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential; import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential; import hirs.attestationca.persist.entity.userdefined.certificate.IssuedAttestationCertificate; import hirs.attestationca.persist.entity.userdefined.certificate.PlatformCredential; -import hirs.utils.CredentialHelper; +import hirs.attestationca.persist.util.CredentialHelper; import hirs.attestationca.portal.datatables.DataTableInput; import hirs.attestationca.portal.datatables.DataTableResponse; import hirs.attestationca.portal.datatables.OrderedListQueryDataTableAdapter; diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java index 9a42a374..4b475c35 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java @@ -6,7 +6,7 @@ import hirs.attestationca.persist.entity.manager.DeviceRepository; import hirs.attestationca.persist.entity.manager.EndorsementCredentialRepository; import hirs.attestationca.persist.entity.manager.IssuedCertificateRepository; import hirs.attestationca.persist.entity.manager.PlatformCertificateRepository; -import hirs.utils.Certificate; +import hirs.attestationca.persist.entity.userdefined.Certificate; import hirs.attestationca.persist.entity.userdefined.Device; import hirs.attestationca.persist.entity.userdefined.certificate.DeviceAssociatedCertificate; import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential; diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java index d20a4a29..c75b4776 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java @@ -5,13 +5,12 @@ import hirs.attestationca.persist.entity.manager.CACredentialRepository; import hirs.attestationca.persist.entity.manager.CertificateRepository; import hirs.attestationca.persist.entity.manager.ReferenceDigestValueRepository; import hirs.attestationca.persist.entity.manager.ReferenceManifestRepository; -import hirs.utils.rim.ReferenceManifest; -import hirs.utils.CertificateAuthorityCredential; -import hirs.utils.rim.BaseReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.ReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential; +import hirs.attestationca.persist.entity.userdefined.rim.BaseReferenceManifest; import hirs.attestationca.persist.entity.userdefined.rim.EventLogMeasurements; import hirs.attestationca.persist.entity.userdefined.rim.ReferenceDigestValue; import hirs.attestationca.persist.entity.userdefined.rim.SupportReferenceManifest; -import hirs.utils.rim.ReferenceManifestValidator; import hirs.attestationca.persist.service.ValidationService; import hirs.attestationca.persist.validation.SupplyChainCredentialValidator; import hirs.attestationca.persist.validation.SupplyChainValidatorException; @@ -19,6 +18,7 @@ import hirs.attestationca.portal.page.Page; import hirs.attestationca.portal.page.PageController; import hirs.attestationca.portal.page.PageMessages; import hirs.attestationca.portal.page.params.ReferenceManifestDetailsPageParams; +import hirs.utils.rim.ReferenceManifestValidator; import hirs.utils.SwidResource; import hirs.utils.tpm.eventlog.TCGEventLog; import hirs.utils.tpm.eventlog.TpmPcrEvent; diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java index 68b3bf19..e9b53b74 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java @@ -4,8 +4,8 @@ import hirs.attestationca.persist.DBManagerException; import hirs.attestationca.persist.FilteredRecordsList; import hirs.attestationca.persist.entity.manager.ReferenceDigestValueRepository; import hirs.attestationca.persist.entity.manager.ReferenceManifestRepository; -import hirs.utils.rim.ReferenceManifest; -import hirs.utils.rim.BaseReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.ReferenceManifest; +import hirs.attestationca.persist.entity.userdefined.rim.BaseReferenceManifest; import hirs.attestationca.persist.entity.userdefined.rim.ReferenceDigestValue; import hirs.attestationca.persist.entity.userdefined.rim.SupportReferenceManifest; import hirs.attestationca.portal.datatables.DataTableInput; diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/RimDatabasePageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/RimDatabasePageController.java index 74445763..36cd752c 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/RimDatabasePageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/RimDatabasePageController.java @@ -5,7 +5,7 @@ import hirs.attestationca.persist.DBManagerException; import hirs.attestationca.persist.FilteredRecordsList; import hirs.attestationca.persist.entity.manager.ReferenceDigestValueRepository; import hirs.attestationca.persist.entity.manager.ReferenceManifestRepository; -import hirs.utils.Certificate; +import hirs.attestationca.persist.entity.userdefined.Certificate; import hirs.attestationca.persist.entity.userdefined.rim.ReferenceDigestValue; import hirs.attestationca.persist.entity.userdefined.rim.SupportReferenceManifest; import hirs.attestationca.portal.datatables.DataTableInput; diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java index 88855ab4..9c1066a9 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java @@ -3,8 +3,8 @@ package hirs.attestationca.portal.page.utils; import hirs.attestationca.persist.entity.manager.CACredentialRepository; import hirs.attestationca.persist.entity.manager.CertificateRepository; import hirs.attestationca.persist.entity.manager.ComponentResultRepository; -import hirs.utils.Certificate; -import hirs.utils.CertificateAuthorityCredential; +import hirs.attestationca.persist.entity.userdefined.Certificate; +import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential; import hirs.attestationca.persist.entity.userdefined.certificate.ComponentResult; import hirs.attestationca.persist.entity.userdefined.certificate.EndorsementCredential; import hirs.attestationca.persist.entity.userdefined.certificate.IssuedAttestationCertificate; diff --git a/HIRS_Utils/build.gradle b/HIRS_Utils/build.gradle index 1bc6b786..f2b6cbd4 100644 --- a/HIRS_Utils/build.gradle +++ b/HIRS_Utils/build.gradle @@ -37,7 +37,6 @@ dependencies { implementation libs.commons.lang3 implementation libs.commons.io implementation libs.minimal.json - implementation libs.hibernate.core implementation 'org.apache.logging.log4j:log4j-core:2.19.0' implementation 'org.apache.logging.log4j:log4j-api:2.19.0' @@ -73,4 +72,4 @@ jar { // // commandLine './genXjcLibrary.sh' //} -//compileJava.dependsOn generateXjcLibrary +//compileJava.dependsOn generateXjcLibrary \ No newline at end of file diff --git a/HIRS_Utils/src/test/resources/certificates/ek_cert_with_padded_bytes.cer b/HIRS_Utils/src/test/resources/certificates/ek_cert_with_padded_bytes.cer deleted file mode 100644 index 65426766..00000000 Binary files a/HIRS_Utils/src/test/resources/certificates/ek_cert_with_padded_bytes.cer and /dev/null differ diff --git a/HIRS_Utils/src/test/resources/certificates/fakeIntelIntermediateCA.cer b/HIRS_Utils/src/test/resources/certificates/fakeIntelIntermediateCA.cer deleted file mode 100644 index cf8ed36b..00000000 --- a/HIRS_Utils/src/test/resources/certificates/fakeIntelIntermediateCA.cer +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDGDCCAgKgAwIBAgIBAjALBgkqhkiG9w0BAQswFzEVMBMGA1UEAwwMRmFrZSBS -b290IENBMB4XDTE3MDEyNDE1MjU0MVoXDTI3MDEyNDE1MjU0MVowJzElMCMGA1UE -AwwcRmFrZSBJbnRlbCBJbnRlcm1lZGlhdGUgQ0EgMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAKOwrvGN7liqE0Fv0Z5jSRuYdz5WHbxNgb9HNvllM9AK -a61TKVL2yWjaDMeO3r/QmL6MbiVNLfSYzJtotbujpelZSucgFqq/6skr5K8ik1Lk -se7DrZGsheC6g9ei5UyAJlIQtCmm26xIraQWtQbSrMvMoRo25vm2LNA9fY46hx/a -zk9yPI9OLXOWuK/OnT7gmV/ESU1fLWXedVCxYZfu9KyMD2PxHG5eZc8e/Or/cVt1 -5wuP16ZbzCV8NsJFKPBvfKsngznb4WuGOPTbMJaslB5wJZPp+GyBe3L0g4vr2+GE -WldoObtit9vdHj1HDcsxk2IHaQZ7zkJZ2vyGdDYn10ECAwEAAaNjMGEwDwYDVR0T -AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFCEFgTDtdHY0MnCE -8CeV32cOi9dzMB8GA1UdIwQYMBaAFFjsMToWmflMHIxOLGQSQCsljwF3MAsGCSqG -SIb3DQEBCwOCAQEAb9OPfUQSOZG5JLNJTMJtBUXWPAAhR7xXvWtG17B3c8UrU4kN -bfqAQnVkya+7vUPpaxVP5KJjzud8hBg5xqgaf7MO5mq/P+3RmtudB/AunTiBApSL -f0nXEMl3UbGdfseWnrEC0QMetsBDgPyhUAJ+P+KwEWWndpaeZRV1pfvPc2OMqG3J -or8hmfEVk2k9Di3GThsA5PnKehYE+FGHtT2+YO5Tpn75PdhN8r2N6MU7kXVPN9yi -5RT5HKpee8ZmkzYdOhWe7+7W23j3Klh3yyVHW1Yk426PRuRym9RrPOZO8dSJY0n5 -abPM8+BCy4GpK/wdUuZhKBo1BX/Mq7fMfR07kQ== ------END CERTIFICATE----- diff --git a/HIRS_Utils/src/test/resources/certificates/fakeRootCA.cer b/HIRS_Utils/src/test/resources/certificates/fakeRootCA.cer deleted file mode 100644 index 7fca7bac..00000000 --- a/HIRS_Utils/src/test/resources/certificates/fakeRootCA.cer +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC5zCCAdGgAwIBAgIBATALBgkqhkiG9w0BAQswFzEVMBMGA1UEAwwMRmFrZSBS -b290IENBMB4XDTE3MDEyNDE1MjU0MVoXDTQ3MDEyNDE1MjU0MVowFzEVMBMGA1UE -AwwMRmFrZSBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -geIXUAtrlc+FY8FC/bAGC6Vg1lbok+kILT/ZmG/4vdigZ2hzFR3dVjmgWd4hp3uP -dY7E/JUEouBq24qDpPUWrHIxSCqGp9Rn+whGq6Yy7d1d0FGyskIJJ2aFr1QC+/jA -4CptLbQGhqmyALrmXFai3scUmNciuTbEb3Ap9829IdsD4F9hT557zRSocaelVCUw -6sNLU78fJfG7K3dKmKemvtprqlDlfM3nya5P6IzkRKiPpXN6Q1sL7FDkKQ3HuyBM -WqPU+AWhqhCR9hRenuTpwTxEPVPA8FRV78wkV3VLzXCG7lHPZ8xCDKAZzdbwymjU -wfm9Wr5KperE83suIcIHxQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBBjAdBgNVHQ4EFgQUWOwxOhaZ+UwcjE4sZBJAKyWPAXcwCwYJKoZI -hvcNAQELA4IBAQA2qgdehg53y1ehnq9KKdV5JllGgPon1GigMrMJ8VMGo+zs7h2q -CYlqCyuCI5hYWzZTRzwX6OAfZkIVEgY0O2lYJgTzsC+kz4EFArzq5eLqw2/hsn8c -KveCz+6mIL9AoyAMx9NZB1IytkDWIOtIElxOoAojluEDp3L1gzr9PVHJkI9KMeVV -eaH6Hg+Wg6I0jS1546oJnheEmcrwYaLJ0pHZR9NGpkICxDNMpNTLW9yy8e/kK+iB -xzT6vc3p791ktO1UD5kfK0QW8oRyMX0eHdRlDK2so+VWA5pEka+ZPc9dPB5JSudm -HBfbguS1HVpYAfJslzj31UpSnxr7ZA4OWiLf ------END CERTIFICATE----- diff --git a/HIRS_Utils/src/test/resources/certificates/fakeSGIIntermediateCA.cer b/HIRS_Utils/src/test/resources/certificates/fakeSGIIntermediateCA.cer deleted file mode 100644 index 959cb8e7..00000000 --- a/HIRS_Utils/src/test/resources/certificates/fakeSGIIntermediateCA.cer +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDFjCCAgCgAwIBAgIBAzALBgkqhkiG9w0BAQswFzEVMBMGA1UEAwwMRmFrZSBS -b290IENBMB4XDTE3MDEyNDE1MjU0MVoXDTI3MDEyNDE1MjU0MVowJTEjMCEGA1UE -AwwaRmFrZSBTR0kgSW50ZXJtZWRpYXRlIENBIDEwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQC7tS739kM5cCJBVXGJtTgiV30AKtnDXeF5uw40DYfiXf1H -H5QAHNdiLqiZpsYJPiTnS7drsdvlzT1zjkfu11cI0jdUjMqDfSP+2MfAvrcjpdSN -R2YlcIJSNTeJyydvkxl6l0keXKdaoUkrMoJ+O0BWbSy7jXbicmndh4aoscq0Qp6s -99n4bPwrKqV/GkuTRjaUqGoEx/h9gM05kUcO5kw9xwO21ogY1H+j3NNstmTAjko+ -PNEhVEp5Ax6XpqTZOqbFpiWQdA7oXJsXar0tXi0DWBWcVz0EXqoOSxhH4cpnBmSZ -ioioIOCzcxitdcWIQS+phm/B+vhK4+YUKHCF2ds1AgMBAAGjYzBhMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQynzPkAJcEtxU2u0uy -YG2QqJ+U/zAfBgNVHSMEGDAWgBRY7DE6Fpn5TByMTixkEkArJY8BdzALBgkqhkiG -9w0BAQsDggEBAGs9uq0DKACdcgoNyJcHzyb11EhMe8+l/D+j8JjsRp3w6rXpw60U -ptZVMh7/SpRte7NjUBJ7wk76IIhntu6rcf/ik4ptyOgSUxDzGDffQzPRHRmXmjj0 -eir+cVQP34O7gByj/n92S9GP4/0RYGt7X7PGGiNArSroeS83fUQMVHhN8PbFzcrk -y9NHNR/In90Le/tPsFwGdTYzirgnjmcaVZFgCQfKuU3xr9vjANc2i5+QzzApjZ1i -K3o3z1eLOz6x25C03J8MF6GRiSV9AjrP8P0vQc25zpsjKH/rvdwmLIC6IjprF3Wk -nqakIzC7ABXdKhS8pOLkbmcoPlyt1rP9RgA= ------END CERTIFICATE----- diff --git a/HIRS_Utils/src/test/resources/certificates/fakestmtpmekint02.pem b/HIRS_Utils/src/test/resources/certificates/fakestmtpmekint02.pem deleted file mode 100644 index eefe3b6f..00000000 --- a/HIRS_Utils/src/test/resources/certificates/fakestmtpmekint02.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDjzCCAnmgAwIBAgIBBTALBgkqhkiG9w0BAQswFzEVMBMGA1UEAwwMRmFrZSBS -b290IENBMB4XDTExMDEyMTAwMDAwMFoXDTI5MTIzMTAwMDAwMFowVTELMAkGA1UE -BhMCQ0gxHjAcBgNVBAoTFVNUTWljcm9lbGVjdHJvbmljcyBOVjEmMCQGA1UEAxMd -U1RNIFRQTSBFSyBJbnRlcm1lZGlhdGUgQ0EgMDIwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQCTt4oZ/7h4Fdx65T2ab/PtfsYPXHC396VVyaE+Z/Dxx4sT -emUQZn/zYPOfzg2c8Z6LQuuFg/BhzC8kNAp2tzCRfjBiWeUeSZLiUQeArYEz8HE1 -WSLArrqdGg1pz82Kh8L32og9hQ9GmsQp0yiI1lPTs7Uw9iOtcVtiyhGOFXXvltwu -1mYEuU6apG4Sc8tjSY+qEjAypJXyN1/I1X+254DHAkd19zXCKN+PSA7da9Rn8Afq -Fq4aIGVZzBSSgKEmD/GkKyw1Ze0kDgIE189iAw+m6NY4Gv/Cm+9nQ4fA9qq5Kloe -x8HWrN46qm2/boqujtnSSWPOhY3341z6N4xpRY07AgMBAAGjgaswgagwDwYDVR0T -AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAgQwRQYDVR0gAQH/BDswOTA3BgRVHSAA -MC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cuc3QuY29tL1RQTS9yZXBvc2l0b3J5 -LzAdBgNVHQ4EFgQUVx+Aa0fM55v6NZR87Yi40QBa4J4wHwYDVR0jBBgwFoAUWOwx -OhaZ+UwcjE4sZBJAKyWPAXcwCwYJKoZIhvcNAQELA4IBAQB8IaDIWicxm7m2qyDv -v4L253D3qRcx+sdM2GM0IpvK3u9z3BQraAhF6PPLlgFGP6slZdDY6ryrP8PEkvsH -tHoapB1MWe+eMrxw7dXQLnpzm/P++8AWMtY8roziiO7x3AYTbRb9lB2HjOWc2aGZ -1xW+su+aTnr9U4uYO1+HrDDKYgkypIcousRwUMW6c6szAZY2UtWS2e4346V3LVLz -sv22n4rqWWRzJ2tl+jIqLepChqOdgscDL+aO2iowmzTSWV/WLJRaTs0AsOYJkdlG -8wWRzygRbfGdIL7A/hKK42o0b7v3R/NI0nemwAzVN/QOYjTbkOCIUBg/6mT8CkYx -pmiq ------END CERTIFICATE----- diff --git a/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc3.cer b/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc3.cer deleted file mode 100755 index 42d19bbd..00000000 Binary files a/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc3.cer and /dev/null differ diff --git a/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc4.pem b/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc4.pem deleted file mode 100644 index 9ea77f12..00000000 Binary files a/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc4.pem and /dev/null differ diff --git a/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc5.pem b/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc5.pem deleted file mode 100644 index 478f6229..00000000 Binary files a/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc5.pem and /dev/null differ diff --git a/HIRS_Utils/src/test/resources/validation/platform_credentials/TPM_INTC_Platform_Cert_RSA.txt b/HIRS_Utils/src/test/resources/validation/platform_credentials/TPM_INTC_Platform_Cert_RSA.txt deleted file mode 100644 index f99f2281..00000000 Binary files a/HIRS_Utils/src/test/resources/validation/platform_credentials/TPM_INTC_Platform_Cert_RSA.txt and /dev/null differ diff --git a/HIRS_Utils/src/test/resources/validation/platform_credentials/intel_chain/root/intermediate2.cer b/HIRS_Utils/src/test/resources/validation/platform_credentials/intel_chain/root/intermediate2.cer deleted file mode 100644 index 4ed90e4a..00000000 Binary files a/HIRS_Utils/src/test/resources/validation/platform_credentials/intel_chain/root/intermediate2.cer and /dev/null differ diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle index 4acdd4a1..89e43dfa 100644 --- a/tools/tcg_rim_tool/build.gradle +++ b/tools/tcg_rim_tool/build.gradle @@ -25,10 +25,21 @@ dependencies { implementation libs.glassfish.json implementation libs.glassfish.jaxb.runtime implementation libs.jcommander + implementation libs.jakarta.api + implementation libs.jakarta.xml + implementation libs.commons.codec + implementation libs.hibernate.core + implementation libs.jackson.databind + implementation 'org.apache.logging.log4j:log4j-core:2.19.0' + implementation libs.guava // implementation libs.javax.json // implementation libs.javax.jaxb // implementation libs.javax.annotation + compileOnly libs.lombok + implementation libs.lombok + annotationProcessor libs.lombok + testImplementation libs.testng } diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/BaseReferenceManifest.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/BaseReferenceManifest.java new file mode 100644 index 00000000..d9781c5e --- /dev/null +++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/BaseReferenceManifest.java @@ -0,0 +1,360 @@ +package hirs.swid; + +import com.fasterxml.jackson.annotation.JsonIgnore; +import hirs.swid.ReferenceManifest; +import hirs.swid.SwidResource; +import hirs.swid.SwidTagConstants; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.xml.bind.JAXBContext; +import jakarta.xml.bind.JAXBException; +import jakarta.xml.bind.UnmarshalException; +import jakarta.xml.bind.Unmarshaller; +import lombok.AccessLevel; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import lombok.extern.log4j.Log4j2; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; + +import javax.xml.transform.Source; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMResult; +import javax.xml.transform.stream.StreamSource; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.ArrayList; +import java.util.Base64; +import java.util.List; + +/** + * + */ +@Log4j2 +@Getter +@Setter +@NoArgsConstructor(access = AccessLevel.PROTECTED) +@Entity +public class BaseReferenceManifest extends ReferenceManifest { + /** + * Holds the name of the 'base64Hash' field. + */ + public static final String BASE_64_HASH_FIELD = "base64Hash"; + + private static JAXBContext jaxbContext; + + @Column + @JsonIgnore + private String base64Hash = ""; + @Column + private String swidName = null; + @Column + private int swidCorpus = 0; + @Column + private String colloquialVersion = null; + @Column + private String product = null; + @Column + private String revision = null; + @Column + private String edition = null; + @Column + private String rimLinkHash = null; + @Column + private String bindingSpec = null; + @Column + private String bindingSpecVersion = null; + @Column + private String platformVersion = null; + @Column + private String payloadType = null; + @Column + private String pcURIGlobal = null; + @Column + private String pcURILocal = null; + + private String entityName = null; + private String entityRegId = null; + private String entityRole = null; + private String entityThumbprint = null; + private String linkHref = null; + private String linkRel = null; + + /** + * Support constructor for the RIM object. + * + * @param rimBytes - the file content of the uploaded file. + * @throws IOException - thrown if the file is invalid. + */ + public BaseReferenceManifest(final byte[] rimBytes) throws IOException { + this("", rimBytes); + } + + /** + * Main constructor for the RIM object. This takes in a byte array of a + * valid swidtag file and parses the information. + * + * @param fileName - string representation of the uploaded file. + * @param rimBytes byte array representation of the RIM + * @throws IOException if unable to unmarshal the string + */ + @SuppressWarnings("checkstyle:AvoidInlineConditionals") + public BaseReferenceManifest(final String fileName, final byte[] rimBytes) throws IOException { + super(rimBytes); + this.setRimType(BASE_RIM); + this.setFileName(fileName); + Document document = unmarshallSwidTag(new ByteArrayInputStream(rimBytes)); + Element softwareIdentity; + Element meta; + Element entity; + Element link; + + MessageDigest digest = null; + this.base64Hash = ""; + try { + digest = MessageDigest.getInstance("SHA-256"); + this.base64Hash = Base64.getEncoder().encodeToString( + digest.digest(rimBytes)); + } catch (NoSuchAlgorithmException noSaEx) { + log.error(noSaEx); + } + + // begin parsing valid swid tag + if (document != null) { + softwareIdentity = (Element) document.getElementsByTagName(SwidTagConstants.SOFTWARE_IDENTITY).item(0); + entity = (Element) document.getElementsByTagName(SwidTagConstants.ENTITY).item(0); + link = (Element) document.getElementsByTagName(SwidTagConstants.LINK).item(0); + meta = (Element) document.getElementsByTagName(SwidTagConstants.META).item(0); + setTagId(softwareIdentity.getAttribute(SwidTagConstants.TAGID)); + this.swidName = softwareIdentity.getAttribute(SwidTagConstants.NAME); + this.swidCorpus = Boolean.parseBoolean(softwareIdentity.getAttribute(SwidTagConstants.CORPUS)) ? 1 : 0; + this.setSwidPatch(Boolean.parseBoolean(softwareIdentity.getAttribute(SwidTagConstants.PATCH))); + this.setSwidSupplemental(Boolean.parseBoolean(softwareIdentity.getAttribute(SwidTagConstants.SUPPLEMENTAL))); + this.setSwidVersion(softwareIdentity.getAttribute(SwidTagConstants.VERSION)); + this.setSwidTagVersion(softwareIdentity.getAttribute(SwidTagConstants.TAGVERSION)); + + parseSoftwareMeta(meta); + parseEntity(entity); + parseLink(link); + } + } + + /** + * This is a helper method that parses the SoftwareMeta tag and stores the + * information in the class fields. + * + * @param softwareMeta The object to parse. + */ + private void parseSoftwareMeta(final Element softwareMeta) { + if (softwareMeta != null) { + this.colloquialVersion = softwareMeta.getAttribute(SwidTagConstants.COLLOQUIAL_VERSION); + this.product = softwareMeta.getAttribute(SwidTagConstants.PRODUCT); + this.revision = softwareMeta.getAttribute(SwidTagConstants.REVISION); + this.edition = softwareMeta.getAttribute(SwidTagConstants.EDITION); + this.rimLinkHash = softwareMeta.getAttribute(SwidTagConstants.RIM_LINK_HASH); + this.bindingSpec = softwareMeta.getAttribute(SwidTagConstants.BINDING_SPEC); + this.bindingSpecVersion = softwareMeta.getAttribute(SwidTagConstants.BINDING_SPEC_VERSION); + this.setPlatformManufacturerId(softwareMeta.getAttribute(SwidTagConstants.PLATFORM_MANUFACTURER_ID)); + this.setPlatformManufacturer(softwareMeta.getAttribute(SwidTagConstants.PLATFORM_MANUFACTURER_STR)); + this.setPlatformModel(softwareMeta.getAttribute(SwidTagConstants.PLATFORM_MODEL)); + this.platformVersion = softwareMeta.getAttribute(SwidTagConstants.PLATFORM_VERSION); + this.payloadType = softwareMeta.getAttribute(SwidTagConstants.PAYLOAD_TYPE); + this.pcURIGlobal = softwareMeta.getAttribute(SwidTagConstants.PC_URI_GLOBAL); + this.pcURILocal = softwareMeta.getAttribute(SwidTagConstants.PC_URI_LOCAL); + } else { + log.warn("SoftwareMeta Tag not found."); + } + } + + /** + * This is a helper method that parses the Entity tag and stores the + * information in the class fields. + * + * @param entity The object to parse. + */ + private void parseEntity(final Element entity) { + if (entity != null) { + this.entityName = entity.getAttribute(SwidTagConstants.NAME); + this.entityRegId = entity.getAttribute(SwidTagConstants.REGID); + this.entityRole = entity.getAttribute(SwidTagConstants.ROLE); + this.entityThumbprint = entity.getAttribute(SwidTagConstants.THUMBPRINT); + } else { + log.warn("Entity Tag not found."); + } + } + + /** + * This is a helper method that parses the Link tag and stores the + * information in the class fields. + * + * @param link The object to parse. + */ + private void parseLink(final Element link) { + if (link != null) { + this.linkHref = link.getAttribute(SwidTagConstants.HREF); + this.linkRel = link.getAttribute(SwidTagConstants.REL); + } else { + log.warn("Link Tag not found."); + } + } + + /** + * This method validates the .swidtag file at the given filepath against the + * schema. A successful validation results in the output of the tag's name + * and tagId attributes, otherwise a generic error message is printed. + * + */ + private Element getDirectoryTag() { + return getDirectoryTag(new ByteArrayInputStream(getRimBytes())); + } + + /** + * This method validates the .swidtag file at the given filepath against the + * schema. A successful validation results in the output of the tag's name + * and tagId attributes, otherwise a generic error message is printed. + * + * @param byteArrayInputStream the location of the file to be validated + */ + private Element getDirectoryTag(final ByteArrayInputStream byteArrayInputStream) { + Document document = unmarshallSwidTag(byteArrayInputStream); + Element softwareIdentity = + (Element) document.getElementsByTagName("SoftwareIdentity").item(0); + if (softwareIdentity != null) { + Element directory = (Element) document.getElementsByTagName("Directory").item(0); + + return directory; + } else { + log.error("Invalid xml for validation, please verify "); + } + + return null; + } + + /** + * This method iterates over the list of File elements under the directory. * + */ + public List getFileResources() { + return getFileResources(getRimBytes()); + } + + /** + * This method iterates over the list of File elements under the directory. + * + * @param rimBytes the bytes to find the files + * + */ + public List getFileResources(final byte[] rimBytes) { + Element directoryTag = getDirectoryTag(new ByteArrayInputStream(rimBytes)); + List validHashes = new ArrayList<>(); + NodeList fileNodeList = directoryTag.getChildNodes(); + Element file = null; + SwidResource swidResource = null; + for (int i = 0; i < fileNodeList.getLength(); i++) { + file = (Element) fileNodeList.item(i); + swidResource = new SwidResource(); + swidResource.setName(file.getAttribute(SwidTagConstants.NAME)); + swidResource.setSize(file.getAttribute(SwidTagConstants.SIZE)); + swidResource.setHashValue(file.getAttribute(SwidTagConstants._SHA256_HASH.getPrefix() + ":" + + SwidTagConstants._SHA256_HASH.getLocalPart())); + validHashes.add(swidResource); + } + + return validHashes; + } + + /** + * This method unmarshalls the swidtag found at [path] into a Document object + * and validates it according to the schema. + * + * @param byteArrayInputStream to the input swidtag + * @return the Document element at the root of the swidtag + */ + private Document unmarshallSwidTag(final ByteArrayInputStream byteArrayInputStream) { + InputStream is = null; + Document document = null; + Unmarshaller unmarshaller = null; + try { + document = removeXMLWhitespace(byteArrayInputStream); + SchemaFactory schemaFactory = SchemaFactory.newInstance(SCHEMA_LANGUAGE); + is = getClass().getClassLoader().getResourceAsStream(SwidTagConstants.SCHEMA_URL); + Schema schema = schemaFactory.newSchema(new StreamSource(is)); + if (jaxbContext == null) { + jaxbContext = JAXBContext.newInstance(SCHEMA_PACKAGE); + } + unmarshaller = jaxbContext.createUnmarshaller(); + unmarshaller.setSchema(schema); + unmarshaller.unmarshal(document); + } catch (IOException e) { + log.error(e.getMessage()); + } catch (SAXException e) { + log.error("Error setting schema for validation!"); + } catch (UnmarshalException e) { + log.error("Error validating swidtag file!"); + } catch (IllegalArgumentException e) { + log.error("Input file empty."); + } catch (JAXBException e) { + e.printStackTrace(); + } finally { + if (is != null) { + try { + is.close(); + } catch (IOException e) { + System.out.println("Error closing input stream"); + } + } + } + + return document; + } + + /** + * This method strips all whitespace from an xml file, including indents and spaces + * added for human-readability. + * + * @param byteArrayInputStream to the xml file + * @return Document object without whitespace + */ + private Document removeXMLWhitespace(final ByteArrayInputStream byteArrayInputStream) throws IOException { + TransformerFactory tf = TransformerFactory.newInstance(); + Source source = new StreamSource( + getClass().getClassLoader().getResourceAsStream("identity_transform.xslt")); + Document document = null; + if (byteArrayInputStream.available() > 0) { + try { + Transformer transformer = tf.newTransformer(source); + DOMResult result = new DOMResult(); + transformer.transform(new StreamSource(byteArrayInputStream), result); + document = (Document) result.getNode(); + } catch (TransformerConfigurationException tcEx) { + log.error("Error configuring transformer!"); + } catch (TransformerException tEx) { + log.error("Error transforming input!"); + } + } else { + throw new IOException("Input file is empty!"); + } + + return document; + } + + @Override + public String toString() { + return String.format("ReferenceManifest{swidName=%s," + + "platformManufacturer=%s," + + " platformModel=%s," + + "tagId=%s, base64Hash=%s}", + swidName, this.getPlatformManufacturer(), + this.getPlatformModel(), getTagId(), this.getBase64Hash()); + } +} diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/DigestAlgorithm.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/DigestAlgorithm.java new file mode 100644 index 00000000..35111dc3 --- /dev/null +++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/DigestAlgorithm.java @@ -0,0 +1,66 @@ +package hirs.swid; + + +import lombok.AllArgsConstructor; +import lombok.Getter; + +/** + * Enum of digest algorithms. The enum values also provide a standardized + * algorithm name. The standardized algorithm name is a String of the algorithm + * name as defined by Java. + */ +@Getter +@AllArgsConstructor +public enum DigestAlgorithm { + /** + * MD2 digest algorithm. + */ + MD2("MD2", 16), + /** + * MD5 digest algorithm. + */ + MD5("MD5", 16), + /** + * SHA-1 digest algorithm. + */ + SHA1("SHA-1", 20), + /** + * SHA-256 digest algorithm. + */ + SHA256("SHA-256", 32), + /** + * SHA-384 digest algorithm. + */ + SHA384("SHA-384", 48), + /** + * SHA-512 digest algorithm. + */ + SHA512("SHA-512", 64), + /** + * Condition used when an algorithm is not specified and + * the size doesn't match known digests. + */ + UNSPECIFIED("NOT SPECIFIED", Integer.BYTES); + + private final String standardAlgorithmName; + private final int lengthInBytes; + + /** + * Returns a DigestAlgorithm object given a String. The String is expected to be one of the + * options for standardAlgorithmName. Throws an IllegalArgumentException if no Enum exists with + * that value. + * + * @param standardAlgorithmName + * String value of the Enum + * @return DigestAlgorithm object + */ + public static DigestAlgorithm findByString(final String standardAlgorithmName) { + for (DigestAlgorithm algorithm: DigestAlgorithm.values()) { + if (algorithm.getStandardAlgorithmName().equals(standardAlgorithmName)) { + return algorithm; + } + } + throw new IllegalArgumentException(String.format("No constant with text \"%s\" found", + standardAlgorithmName)); + } +} \ No newline at end of file diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/ReferenceManifest.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/ReferenceManifest.java new file mode 100644 index 00000000..325597f3 --- /dev/null +++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/ReferenceManifest.java @@ -0,0 +1,165 @@ +package hirs.swid; + +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.google.common.base.Preconditions; +import jakarta.persistence.Access; +import jakarta.persistence.AccessType; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.Inheritance; +import jakarta.persistence.InheritanceType; +import jakarta.persistence.Table; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; +import lombok.ToString; +import lombok.extern.log4j.Log4j2; +import org.apache.commons.codec.binary.Hex; +import org.hibernate.annotations.JdbcTypeCode; + +import javax.xml.XMLConstants; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.UUID; + +/** + * This class represents the Reference Integrity Manifest object that will be + * loaded into the DB and displayed in the ACA. + */ +@Getter @Setter @ToString +@EqualsAndHashCode(onlyExplicitlyIncluded = true, callSuper = false) +@Log4j2 +@Entity +@Inheritance(strategy = InheritanceType.SINGLE_TABLE) +@Table(name = "ReferenceManifest") +@Access(AccessType.FIELD) +public class ReferenceManifest { + + /** + * Holds the name of the 'hexDecHash' field. + */ + public static final String HEX_DEC_HASH_FIELD = "hexDecHash"; + /** + * String for display of a Base RIM. + */ + public static final String BASE_RIM = "Base"; + /** + * String for display of a Support RIM. + */ + public static final String SUPPORT_RIM = "Support"; + /** + * String for display of a Support RIM. + */ + public static final String MEASUREMENT_RIM = "Measurement"; + + /** + * String for the xml schema ios standard. + */ + public static final String SCHEMA_STATEMENT = "ISO/IEC 19770-2:2015 Schema (XSD 1.0) " + + "- September 2015, see http://standards.iso.org/iso/19770/-2/2015/schema.xsd"; + /** + * String for the xml schema URL file name. + */ + public static final String SCHEMA_URL = "swid_schema.xsd"; + /** + * String for the language type for the xml schema. + */ + public static final String SCHEMA_LANGUAGE = XMLConstants.W3C_XML_SCHEMA_NS_URI; + /** + * String for the package location of the xml generated java files. + */ + public static final String SCHEMA_PACKAGE = "hirs.utils.xjc"; + + @EqualsAndHashCode.Include + @Column(columnDefinition = "mediumblob", nullable = false) + private byte[] rimBytes; + @EqualsAndHashCode.Include + @Column(nullable = false) + private String rimType = "Base"; + @Column + private String tagId = null; + @Column + private boolean swidPatch = false; + @Column + private boolean swidSupplemental = false; + @Column + private String platformManufacturer = null; + @Column + private String platformManufacturerId = null; + @Column + private String swidTagVersion = null; + @Column + private String swidVersion = null; + @Column + private String platformModel = null; + @Column(nullable = false) + private String fileName = null; + @JdbcTypeCode(java.sql.Types.VARCHAR) + @Column + private UUID associatedRim; + @Column + private String deviceName; + @Column + private String hexDecHash = ""; + @Column + private String eventLogHash = ""; + + /** + * Default constructor necessary for Hibernate. + */ + protected ReferenceManifest() { + super(); + this.rimBytes = null; + this.rimType = null; + this.platformManufacturer = null; + this.platformManufacturerId = null; + this.platformModel = null; + this.fileName = BASE_RIM; + this.tagId = null; + this.associatedRim = null; + } + + /** + * Default constructor for ingesting the bytes of the file content. + * @param rimBytes - file contents. + */ + public ReferenceManifest(final byte[] rimBytes) { + Preconditions.checkArgument(rimBytes != null, + "Cannot construct a RIM from a null byte array"); + + Preconditions.checkArgument(rimBytes.length > 0, + "Cannot construct a RIM from an empty byte array"); + + this.rimBytes = rimBytes.clone(); + MessageDigest digest = null; + this.hexDecHash = ""; + try { + digest = MessageDigest.getInstance("SHA-256"); + this.hexDecHash = Hex.encodeHexString( + digest.digest(rimBytes)); + } catch (NoSuchAlgorithmException noSaEx) { + log.error(noSaEx); + } + } + + /** + * Getter for the Reference Integrity Manifest as a byte array. + * + * @return array of bytes + */ + @JsonIgnore + public byte[] getRimBytes() { + if (this.rimBytes != null) { + return this.rimBytes.clone(); + } + return null; + } + + public boolean isBase() { + return rimType.equals(BASE_RIM); + } + + public boolean isSupport() { + return rimType.equals(SUPPORT_RIM); + } +} diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidResource.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidResource.java new file mode 100644 index 00000000..b79f090d --- /dev/null +++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidResource.java @@ -0,0 +1,83 @@ +package hirs.swid; + +import com.google.common.base.Preconditions; +import hirs.swid.DigestAlgorithm; +import hirs.swid.xjc.File; +import lombok.Getter; +import lombok.Setter; +import lombok.ToString; + +import javax.xml.namespace.QName; +import java.math.BigInteger; +import java.util.Map; + +/** + * This object is used to represent the content of a Swid Tags Directory + * section. + */ +@ToString +public class SwidResource { + + @Getter + @Setter + private String name, size, hashValue; + @Getter + private String rimFormat, rimType, rimUriGlobal; + private DigestAlgorithm digest = DigestAlgorithm.SHA1; + @Getter + private boolean validFileSize = false; + + /** + * Default constructor. + */ + public SwidResource() { + name = null; + size = null; + rimFormat = null; + rimType = null; + rimUriGlobal = null; + hashValue = null; + } + + /** + * The main constructor that processes a {@code hirs.utils.xjc.File}. + * + * @param file {@link File} + * @param digest algorithm associated with pcr values + */ + public SwidResource(final File file, final DigestAlgorithm digest) { + Preconditions.checkArgument(file != null, + "Cannot construct a RIM Resource from a null File object"); + + this.name = file.getName(); + // at this time, there is a possibility to get an object with + // no size even though it is required. + if (file.getSize() != null) { + this.size = file.getSize().toString(); + } else { + this.size = BigInteger.ZERO.toString(); + } + + for (Map.Entry entry + : file.getOtherAttributes().entrySet()) { + switch (entry.getKey().getLocalPart()) { + case "supportRIMFormat": + this.rimFormat = entry.getValue(); + break; + case "supportRIMType": + this.rimType = entry.getValue(); + break; + case "supportRIMURIGlobal": + this.rimUriGlobal = entry.getValue(); + break; + case "hash": + this.hashValue = entry.getValue(); + break; + default: + } + } + + this.digest = digest; +// tpmWhiteList = new TpmWhiteListBaseline(this.name); + } +} \ No newline at end of file