ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-31 00:24:00 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

The code now uses a combination of the class value and the platform manufacturer and model to identify mismatches. This now highlights the failured components

Browse Source
This commit is contained in:
Cyrus 2020-11-25 08:02:45 -05:00
parent ffbcebbf11
commit 9433c97dc9
6 changed files with 18 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java
View File

@ -798,7 +798,7 @@ public abstract class AbstractAttestationCertificateAuthority
support.setTagId(tagId);
this.referenceManifestManager.save(support);
} else {
LOG.error("Client provided Support RIM already loaded in database.");
LOG.info("Client provided Support RIM already loaded in database.");
if (dbBaseRim != null) {
support.setPlatformManufacturer(dbBaseRim.getPlatformManufacturer());
support.setPlatformModel(dbBaseRim.getPlatformModel());

1
HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java
View File

@ -702,7 +702,6 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe
result.getMessage(), delta, Level.INFO);
case FAIL:
if (!result.getAdditionalInfo().isEmpty()) {
LOGGER.error(result.getAdditionalInfo());
base.setComponentFailures(result.getAdditionalInfo());
this.certificateManager.update(base);
}

5
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/util/CertificateStringMapBuilder.java
View File

@ -340,10 +340,9 @@ public final class CertificateStringMapBuilder {
//CPSuri
data.put("CPSuri", certificate.getCPSuri());
//component failure
if (certificate.getComponentFailures().isEmpty()) {
LOGGER.error(certificate.getComponentFailures());
if (!certificate.getComponentFailures().isEmpty()) {
data.put("failures", certificate.getComponentFailures());
} else {
LOGGER.error(certificate.getComponentFailures());
}
//Get platform Configuration values and set map with it

2
HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/certificate-details.jsp
View File

@ -614,7 +614,7 @@
<div class="panel-body">
<div id="componentIdentifier" class="row">
<c:forEach items="${initialData.componentsIdentifier}" var="component">
<c:set var="combined" value="${component.getComponentManufacturer()}${component.getComponentModel()}" scope="page"/>
<c:set var="combined" value="${component.getComponentClass().getClassValueString()}" scope="page"/>
<div class="component col col-md-4">
<div class="panel panel-default">
<c:choose>

6
HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentClass.java
View File

@ -84,7 +84,11 @@ public class ComponentClass {
*/
public ComponentClass(final Path componentClassPath, final String componentIdentifier) {
this(componentClassPath, getComponentIntValue(componentIdentifier));
this.classValueString = componentIdentifier;
if (componentIdentifier.contains("#")) {
this.classValueString = componentIdentifier.replaceAll("#", "");
} else {
this.classValueString = componentIdentifier;
}
}
/**

33
HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java
View File

@ -782,7 +782,6 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
if (!fieldValidation) {
// instead of listing all unmatched, just print the #. The failure
// will link to the platform certificate that'll display them.
LOGGER.error(unmatchedComponents);
String failureResults = unmatchedComponents.substring(0,
unmatchedComponents.length() - 1);
String size = unmatchedComponents.substring(unmatchedComponents.length() - 1);
@ -804,38 +803,25 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
.stream().collect(Collectors.toList());
List<ComponentInfo> subCompInfoList = allDeviceInfoComponents
.stream().collect(Collectors.toList());
LOGGER.error(String.format("fullDeltaChainComponents - %d",
fullDeltaChainComponents.size()));
LOGGER.error(String.format("subCompIdList - %d", subCompIdList.size()));
LOGGER.error(String.format("allDeviceInfoComponents - %d",
allDeviceInfoComponents.size()));
LOGGER.error(String.format("subCompInfoList - %d", subCompInfoList.size()));
// Delta is the baseline
for (ComponentInfo cInfo : allDeviceInfoComponents) {
for (ComponentIdentifier cId : fullDeltaChainComponents) {
ciV2 = (ComponentIdentifierV2) cId;
LOGGER.error(String.format("%s -> %s", cInfo.getComponentClass(),
ciV2.getComponentClass().getClassValueString()));
if (ciV2.getComponentClass().getClassValueString()
.contains(cInfo.getComponentClass())) {
// TDM RIGHT HERE, you are getting a # from componentclass
/**
* YOU CAN DO IT. Don't fall asleep -_-
*/
LOGGER.error(String.format("Testing %s -> %s%n%n", cInfo, ciV2));
if (!isMatch(cId, cInfo)) {
invalidDeviceInfo.append(String.format("%s:%s;",
cInfo.getComponentClass(), cInfo.toString()));
invalidPcIds.append(String.format("%s:%s;",
ciV2.getComponentClass().getClassValueString(),
ciV2.toString()));
} else {
if (isMatch(cId, cInfo)) {
LOGGER.error("TDM - Removed items");
subCompIdList.remove(cId);
subCompInfoList.remove(cInfo);
} else {
// FUCK PMD
LOGGER.error("No match");
}
} else {
LOGGER.error("Didn't match.");
}
}
}
@ -850,16 +836,15 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
if (!subCompIdList.isEmpty()) {
for (ComponentIdentifier ci : subCompIdList) {
ciV2 = (ComponentIdentifierV2) ci;
invalidPcIds.append(String.format("%s:%s;",
ciV2.getComponentClass().getClassValueString(),
ciV2.getComponentModel()));
invalidPcIds.append(String.format("%s;",
ciV2.getComponentClass().getClassValueString()));
}
}
if (!subCompInfoList.isEmpty()) {
for (ComponentInfo ci : subCompInfoList) {
invalidDeviceInfo.append(String.format("%s:%s;",
ci.getComponentClass(), ci.getComponentModel()));
invalidDeviceInfo.append(String.format("%s;",
ci.getComponentClass()));
}
}