mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-01-18 02:39:56 +00:00
* Initial changes to pull down the serial from the validation reports page and transfer them to the certificates details page. This will then allow the certificate details page to reference the serial numbers that are in failure. * This is an attempt to transfer data from page to page via the certificate manager. * Previous attempt didn't work, the manager isn't saving the summary. Switching to augmenting the database by adding a new column for platform credentials. * These changes add identifying color to the components that fail validation in the base certificate. This code however does change the database by adding a new column to track the fails and pass to the classes that display the information. * Updated the jsp display of the highlighted component to red background with a white foreground. Updated the index of the string parse to not use magic numbers.
This commit is contained in:
Cyrus
GitHub
parent
2e07d2cfd7
commit
9318c22549
@ -183,26 +183,29 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
pc, device.getDeviceInfo(), ec);
|
||||
}
|
||||
|
||||
// have to make sure the attribute validation isn't ignored and
|
||||
// doesn't override general validation status
|
||||
if (platformScv.getResult() == AppraisalStatus.Status.PASS
|
||||
&& attributeScv.getResult() != AppraisalStatus.Status.PASS) {
|
||||
// if the platform trust store validated but the attribute didn't
|
||||
// replace
|
||||
validations.remove(platformScv);
|
||||
validations.add(attributeScv);
|
||||
} else if ((platformScv.getResult() == AppraisalStatus.Status.PASS
|
||||
&& attributeScv.getResult() == AppraisalStatus.Status.PASS)
|
||||
|| (platformScv.getResult() != AppraisalStatus.Status.PASS
|
||||
&& attributeScv.getResult() != AppraisalStatus.Status.PASS)) {
|
||||
// if both trust store and attributes validated or failed
|
||||
// combine messages
|
||||
validations.remove(platformScv);
|
||||
validations.add(new SupplyChainValidation(
|
||||
platformScv.getValidationType(),
|
||||
platformScv.getResult(), platformScv.getCertificatesUsed(),
|
||||
String.format("%s%n%s", platformScv.getMessage(),
|
||||
attributeScv.getMessage())));
|
||||
if (platformScv != null) {
|
||||
// have to make sure the attribute validation isn't ignored and
|
||||
// doesn't override general validation status
|
||||
if (platformScv.getResult() == AppraisalStatus.Status.PASS
|
||||
&& attributeScv.getResult() != AppraisalStatus.Status.PASS) {
|
||||
// if the platform trust store validated but the attribute didn't
|
||||
// replace
|
||||
validations.remove(platformScv);
|
||||
validations.add(attributeScv);
|
||||
} else if ((platformScv.getResult() == AppraisalStatus.Status.PASS
|
||||
&& attributeScv.getResult() == AppraisalStatus.Status.PASS)
|
||||
|| (platformScv.getResult() != AppraisalStatus.Status.PASS
|
||||
&& attributeScv.getResult() != AppraisalStatus.Status.PASS)) {
|
||||
// if both trust store and attributes validated or failed
|
||||
// combine messages
|
||||
validations.remove(platformScv);
|
||||
validations.add(new SupplyChainValidation(
|
||||
platformScv.getValidationType(),
|
||||
platformScv.getResult(),
|
||||
platformScv.getCertificatesUsed(),
|
||||
String.format("%s%n%s", platformScv.getMessage(),
|
||||
attributeScv.getMessage())));
|
||||
}
|
||||
}
|
||||
|
||||
pc.setDevice(device);
|
||||
@ -215,6 +218,10 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
|
||||
// Generate validation summary, save it, and return it.
|
||||
SupplyChainValidationSummary summary =
|
||||
new SupplyChainValidationSummary(device, validations);
|
||||
if (baseCredential != null) {
|
||||
baseCredential.setComponentFailures(summary.getMessage());
|
||||
this.certificateManager.update(baseCredential);
|
||||
}
|
||||
try {
|
||||
supplyChainValidatorSummaryManager.save(summary);
|
||||
} catch (DBManagerException ex) {
|
||||
|
||||
@ -30,6 +30,7 @@ public final class CertificateStringMapBuilder {
|
||||
|
||||
private static final Logger LOGGER =
|
||||
LogManager.getLogger(CertificateStringMapBuilder.class);
|
||||
private static final int SERIAL_INDEX = 1;
|
||||
|
||||
private CertificateStringMapBuilder() {
|
||||
|
||||
@ -338,6 +339,14 @@ public final class CertificateStringMapBuilder {
|
||||
data.put("x509Version", certificate.getX509CredentialVersion());
|
||||
//CPSuri
|
||||
data.put("CPSuri", certificate.getCPSuri());
|
||||
//component failure
|
||||
StringBuilder savedFailures = new StringBuilder();
|
||||
for (String s : certificate.getComponentFailures().split(",")) {
|
||||
if (s.contains("Serial")) {
|
||||
savedFailures.append(s.split("=")[SERIAL_INDEX]);
|
||||
}
|
||||
}
|
||||
data.put("failures", savedFailures.toString());
|
||||
|
||||
//Get platform Configuration values and set map with it
|
||||
PlatformConfiguration platformConfiguration = certificate.getPlatformConfiguration();
|
||||
|
||||
@ -4,8 +4,7 @@
|
||||
<%@taglib prefix="spring" uri="http://www.springframework.org/tags"%>
|
||||
<%@taglib prefix="form" uri="http://www.springframework.org/tags/form"%>
|
||||
<%@taglib prefix="fn" uri = "http://java.sun.com/jsp/jstl/functions" %>
|
||||
<%@taglib prefix="my" tagdir="/WEB-INF/tags"%>
|
||||
<%@taglib prefix="fn" uri = "http://java.sun.com/jsp/jstl/functions"%><%--CONTENT--%>
|
||||
<%@taglib prefix="my" tagdir="/WEB-INF/tags"%><%--CONTENT--%>
|
||||
<my:page>
|
||||
<jsp:attribute name="style">
|
||||
<link type="text/css" rel="stylesheet" href="${common}/certificate_details.css"/>
|
||||
@ -614,7 +613,14 @@
|
||||
<c:forEach items="${initialData.componentsIdentifier}" var="component">
|
||||
<div class="component col col-md-4">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">
|
||||
<c:choose>
|
||||
<c:when test="${fn:contains(initialData.failures, component.getComponentSerial()) && not empty fn:trim(component.getComponentSerial())}">
|
||||
<div class="panel-heading" style="background-color: red; color: white">
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<div class="panel-heading">
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
<c:choose>
|
||||
<c:when test="${component.isVersion2()=='TRUE'}">
|
||||
<span data-toggle="tooltip" data-placement="top" title="Component Class">${component.getComponentClass()}</span>
|
||||
@ -850,7 +856,7 @@
|
||||
var subjectKeyIdentifier = ${initialData.subjectKeyIdentifier};
|
||||
$("#subjectKeyIdentifier").html(byteToHexString(subjectKeyIdentifier));
|
||||
}
|
||||
</c:if>
|
||||
</c:if>
|
||||
|
||||
//Initiliaze tooltips
|
||||
$('[data-toggle="tooltip"]').tooltip();
|
||||
|
||||
@ -230,6 +230,9 @@ public class PlatformCredential extends DeviceAssociatedCertificate {
|
||||
@Column
|
||||
private String platformClass = null;
|
||||
|
||||
@Column
|
||||
private String componentFailures = Strings.EMPTY;
|
||||
|
||||
@Transient
|
||||
private EndorsementCredential endorsementCredential = null;
|
||||
|
||||
@ -675,6 +678,22 @@ public class PlatformCredential extends DeviceAssociatedCertificate {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter for the component failures.
|
||||
* @return string of failures.
|
||||
*/
|
||||
public String getComponentFailures() {
|
||||
return componentFailures;
|
||||
}
|
||||
|
||||
/**
|
||||
* Setter for the component failure instance.
|
||||
* @param componentFailures a string of failures.
|
||||
*/
|
||||
public void setComponentFailures(final String componentFailures) {
|
||||
this.componentFailures = componentFailures;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the Platform Configuration Attribute from the Platform Certificate.
|
||||
* @return a map with all the attributes
|
||||
|
||||
Loading…
Reference in New Issue
Block a user