From a9e403d1a0225536fe8df3df8a4c802f2789b89f Mon Sep 17 00:00:00 2001
From: Cyrus <24922493+cyrus-dev@users.noreply.github.com>
Date: Wed, 13 Mar 2024 14:57:41 -0400
Subject: [PATCH] This set of code fixes a null pointer. The ignore flag was
not set up properly and the setter for the attribute name for the result
wasn't set
---
.../certificate/ComponentResult.java | 6 ++++
.../attributes/ComponentAttributeResult.java | 13 ++++++++
.../persist/service/ValidationService.java | 2 +-
.../CertificateAttributeScvValidator.java | 33 +++++++++++++------
.../validation/CredentialValidator.java | 4 +--
5 files changed, 45 insertions(+), 13 deletions(-)
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java
index 5d19bc62..72b09a72 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java
@@ -26,6 +26,12 @@ import java.util.Objects;
@NoArgsConstructor(access = AccessLevel.PROTECTED)
public class ComponentResult extends ArchivableEntity {
+ // String value for the Manufacturer title
+ public static final String ATTRIBUTE_MANUFACTURER = "Manufacturer";
+ // String value for the Model title
+ public static final String ATTRIBUTE_MODEL = "Model";
+ // String value for the Serial title
+ public static final String ATTRIBUTE_SERIAL = "Serial";
// String value for the revision title
public static final String ATTRIBUTE_REVISION = "Revision";
// embedded component info
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/ComponentAttributeResult.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/ComponentAttributeResult.java
index 31914e15..bf7c832d 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/ComponentAttributeResult.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/ComponentAttributeResult.java
@@ -6,6 +6,7 @@ import lombok.AccessLevel;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
+import org.apache.commons.lang3.StringUtils;
import java.util.UUID;
@@ -68,4 +69,16 @@ public class ComponentAttributeResult extends ArchivableEntity {
public boolean checkMatchedStatus() {
return this.actualValue.equals(this.expectedValue);
}
+
+ /**
+ * For the state of the object, this shouldn't be negative.
+ * @return the string value of the attribute name
+ */
+ public String getAttribute() {
+ if (attribute == null) {
+ attribute = "";
+ }
+
+ return attribute;
+ }
}
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java
index 98ea051c..320bc99f 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java
@@ -160,7 +160,7 @@ public class ValidationService {
validateDeltaPlatformCredentialAttributes(deviceInfoReport,
base, deltaMapping, componentInfos,
componentResultRepository, componentAttributeRepository,
- provisionSessionId);
+ provisionSessionId, ignoreRevisionAttribute);
switch (result.getAppStatus()) {
case PASS:
return buildValidationRecord(validationType, AppraisalStatus.Status.PASS,
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
index 45677b74..f15cd48f 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
@@ -317,7 +317,7 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
final List<ComponentInfo> componentInfos,
final ComponentResultRepository componentResultRepository,
final ComponentAttributeRepository componentAttributeRepository,
- final UUID provisionSessionId) {
+ final UUID provisionSessionId, final boolean ignoreRevisionAttribute) {
boolean fieldValidation = true;
StringBuilder resultMessage = new StringBuilder();
List<PlatformCredential> deltaCertificates = new LinkedList<>(deltaMapping.keySet());
@@ -374,9 +374,13 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
componentInfos, remainingComponentResults);
for (ComponentAttributeResult componentAttributeResult : attributeResults) {
- componentAttributeResult.setProvisionSessionId(provisionSessionId);
- componentAttributeRepository.save(componentAttributeResult);
- fieldValidation &= componentAttributeResult.checkMatchedStatus();
+ if (componentAttributeResult.getAttribute()
+ .equalsIgnoreCase(ComponentResult.ATTRIBUTE_REVISION)
+ && !ignoreRevisionAttribute) {
+ componentAttributeResult.setProvisionSessionId(provisionSessionId);
+ componentAttributeRepository.save(componentAttributeResult);
+ fieldValidation &= componentAttributeResult.checkMatchedStatus();
+ }
}
numOfAttributes = attributeResults.size();
}
@@ -925,18 +929,27 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
// there are instances of components with the same class (ie hard disks, memory)
List<ComponentAttributeResult> attributeResults = new ArrayList<>();
if (!componentInfo.getComponentManufacturer().equals(componentResult.getManufacturer())) {
- attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
- componentResult.getManufacturer(), componentInfo.getComponentManufacturer()));
+ ComponentAttributeResult manufacturerAttribute = new ComponentAttributeResult(
+ componentResult.getId(), componentResult.getManufacturer(),
+ componentInfo.getComponentManufacturer());
+ manufacturerAttribute.setAttribute(ComponentResult.ATTRIBUTE_MANUFACTURER);
+ attributeResults.add(manufacturerAttribute);
}
if (!componentInfo.getComponentModel().equals(componentResult.getModel())) {
- attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
- componentResult.getModel(), componentInfo.getComponentModel()));
+ ComponentAttributeResult modelAttribute = new ComponentAttributeResult(
+ componentResult.getId(), componentResult.getModel(),
+ componentInfo.getComponentModel());
+ modelAttribute.setAttribute(ComponentResult.ATTRIBUTE_MODEL);
+ attributeResults.add(modelAttribute);
}
if (!componentInfo.getComponentSerial().equals(componentResult.getSerialNumber())) {
- attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
- componentResult.getSerialNumber(), componentInfo.getComponentSerial()));
+ ComponentAttributeResult serialAttribute = new ComponentAttributeResult(
+ componentResult.getId(), componentResult.getSerialNumber(),
+ componentInfo.getComponentSerial());
+ serialAttribute.setAttribute(ComponentResult.ATTRIBUTE_SERIAL);
+ attributeResults.add(serialAttribute);
}
if (!componentInfo.getComponentRevision().equals(componentResult.getRevisionNumber())) {
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CredentialValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CredentialValidator.java
index 8f30dfd6..bb4beedc 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CredentialValidator.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CredentialValidator.java
@@ -242,7 +242,7 @@ public class CredentialValidator extends SupplyChainCredentialValidator {
final List<ComponentInfo> componentInfos,
final ComponentResultRepository componentResultRepository,
final ComponentAttributeRepository componentAttributeRepository,
- final UUID provisionSessionId) {
+ final UUID provisionSessionId, final boolean ignoreRevisionAttribute) {
final String baseErrorMessage = "Can't validate platform credential attributes without ";
String message;
@@ -282,6 +282,6 @@ public class CredentialValidator extends SupplyChainCredentialValidator {
return CertificateAttributeScvValidator.validateDeltaAttributesChainV2p0(
deviceInfoReport, deltaMapping, origPcComponents, componentInfos,
componentResultRepository,
- componentAttributeRepository, provisionSessionId);
+ componentAttributeRepository, provisionSessionId, ignoreRevisionAttribute);
}
}