From 9433c97dc906186bef0ea0b788778d1422fe7d02 Mon Sep 17 00:00:00 2001 From: Cyrus <24922493+cyrus-dev@users.noreply.github.com> Date: Wed, 25 Nov 2020 08:02:45 -0500 Subject: [PATCH] The code now uses a combination of the class value and the platform manufacturer and model to identify mismatches. This now highlights the failured components --- ...stractAttestationCertificateAuthority.java | 2 +- .../SupplyChainValidationServiceImpl.java | 1 - .../util/CertificateStringMapBuilder.java | 5 ++- .../WEB-INF/jsp/certificate-details.jsp | 2 +- .../attributes/ComponentClass.java | 6 +++- .../SupplyChainCredentialValidator.java | 33 +++++-------------- 6 files changed, 18 insertions(+), 31 deletions(-) diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java index e3051ee0..94602aa2 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java @@ -798,7 +798,7 @@ public abstract class AbstractAttestationCertificateAuthority support.setTagId(tagId); this.referenceManifestManager.save(support); } else { - LOG.error("Client provided Support RIM already loaded in database."); + LOG.info("Client provided Support RIM already loaded in database."); if (dbBaseRim != null) { support.setPlatformManufacturer(dbBaseRim.getPlatformManufacturer()); support.setPlatformModel(dbBaseRim.getPlatformModel()); diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java index b4060661..95c26c8b 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java @@ -702,7 +702,6 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe result.getMessage(), delta, Level.INFO); case FAIL: if (!result.getAdditionalInfo().isEmpty()) { - LOGGER.error(result.getAdditionalInfo()); base.setComponentFailures(result.getAdditionalInfo()); this.certificateManager.update(base); } diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/util/CertificateStringMapBuilder.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/util/CertificateStringMapBuilder.java index 60041aca..abba78cd 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/util/CertificateStringMapBuilder.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/util/CertificateStringMapBuilder.java @@ -340,10 +340,9 @@ public final class CertificateStringMapBuilder { //CPSuri data.put("CPSuri", certificate.getCPSuri()); //component failure - if (certificate.getComponentFailures().isEmpty()) { + LOGGER.error(certificate.getComponentFailures()); + if (!certificate.getComponentFailures().isEmpty()) { data.put("failures", certificate.getComponentFailures()); - } else { - LOGGER.error(certificate.getComponentFailures()); } //Get platform Configuration values and set map with it diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/certificate-details.jsp b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/certificate-details.jsp index e6158a3b..8240ad33 100644 --- a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/certificate-details.jsp +++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/certificate-details.jsp @@ -614,7 +614,7 @@
- +
diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentClass.java b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentClass.java index a8997f48..834b82cf 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentClass.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/certificate/attributes/ComponentClass.java @@ -84,7 +84,11 @@ public class ComponentClass { */ public ComponentClass(final Path componentClassPath, final String componentIdentifier) { this(componentClassPath, getComponentIntValue(componentIdentifier)); - this.classValueString = componentIdentifier; + if (componentIdentifier.contains("#")) { + this.classValueString = componentIdentifier.replaceAll("#", ""); + } else { + this.classValueString = componentIdentifier; + } } /** diff --git a/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java b/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java index 305b2666..0bc16c29 100644 --- a/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java +++ b/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java @@ -782,7 +782,6 @@ public final class SupplyChainCredentialValidator implements CredentialValidator if (!fieldValidation) { // instead of listing all unmatched, just print the #. The failure // will link to the platform certificate that'll display them. - LOGGER.error(unmatchedComponents); String failureResults = unmatchedComponents.substring(0, unmatchedComponents.length() - 1); String size = unmatchedComponents.substring(unmatchedComponents.length() - 1); @@ -804,38 +803,25 @@ public final class SupplyChainCredentialValidator implements CredentialValidator .stream().collect(Collectors.toList()); List subCompInfoList = allDeviceInfoComponents .stream().collect(Collectors.toList()); - LOGGER.error(String.format("fullDeltaChainComponents - %d", - fullDeltaChainComponents.size())); - LOGGER.error(String.format("subCompIdList - %d", subCompIdList.size())); - LOGGER.error(String.format("allDeviceInfoComponents - %d", - allDeviceInfoComponents.size())); - LOGGER.error(String.format("subCompInfoList - %d", subCompInfoList.size())); + // Delta is the baseline for (ComponentInfo cInfo : allDeviceInfoComponents) { for (ComponentIdentifier cId : fullDeltaChainComponents) { ciV2 = (ComponentIdentifierV2) cId; - LOGGER.error(String.format("%s -> %s", cInfo.getComponentClass(), - ciV2.getComponentClass().getClassValueString())); if (ciV2.getComponentClass().getClassValueString() .contains(cInfo.getComponentClass())) { // TDM RIGHT HERE, you are getting a # from componentclass /** * YOU CAN DO IT. Don't fall asleep -_- */ - LOGGER.error(String.format("Testing %s -> %s%n%n", cInfo, ciV2)); - if (!isMatch(cId, cInfo)) { - invalidDeviceInfo.append(String.format("%s:%s;", - cInfo.getComponentClass(), cInfo.toString())); - invalidPcIds.append(String.format("%s:%s;", - ciV2.getComponentClass().getClassValueString(), - ciV2.toString())); - } else { + if (isMatch(cId, cInfo)) { LOGGER.error("TDM - Removed items"); subCompIdList.remove(cId); subCompInfoList.remove(cInfo); + } else { + // FUCK PMD + LOGGER.error("No match"); } - } else { - LOGGER.error("Didn't match."); } } } @@ -850,16 +836,15 @@ public final class SupplyChainCredentialValidator implements CredentialValidator if (!subCompIdList.isEmpty()) { for (ComponentIdentifier ci : subCompIdList) { ciV2 = (ComponentIdentifierV2) ci; - invalidPcIds.append(String.format("%s:%s;", - ciV2.getComponentClass().getClassValueString(), - ciV2.getComponentModel())); + invalidPcIds.append(String.format("%s;", + ciV2.getComponentClass().getClassValueString())); } } if (!subCompInfoList.isEmpty()) { for (ComponentInfo ci : subCompInfoList) { - invalidDeviceInfo.append(String.format("%s:%s;", - ci.getComponentClass(), ci.getComponentModel())); + invalidDeviceInfo.append(String.format("%s;", + ci.getComponentClass())); } }