mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-01-02 03:06:47 +00:00
Finalized clean up.
This commit is contained in:
parent
e9eef0e5b3
commit
acc022d784
@ -589,6 +589,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
final List<ComponentIdentifier> origPcComponents) {
|
final List<ComponentIdentifier> origPcComponents) {
|
||||||
boolean fieldValidation = true;
|
boolean fieldValidation = true;
|
||||||
StringBuilder resultMessage = new StringBuilder();
|
StringBuilder resultMessage = new StringBuilder();
|
||||||
|
String tempStringMessage = "";
|
||||||
List<ComponentIdentifier> validOrigPcComponents = origPcComponents.stream()
|
List<ComponentIdentifier> validOrigPcComponents = origPcComponents.stream()
|
||||||
.filter(identifier -> identifier.getComponentManufacturer() != null
|
.filter(identifier -> identifier.getComponentManufacturer() != null
|
||||||
&& identifier.getComponentModel() != null)
|
&& identifier.getComponentModel() != null)
|
||||||
@ -618,48 +619,74 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
resultMessage.append("There are errors with Delta "
|
resultMessage.append("There are errors with Delta "
|
||||||
+ "Component Statuses:\n");
|
+ "Component Statuses:\n");
|
||||||
List<ComponentIdentifier> leftOverDeltas = new ArrayList<>();
|
List<ComponentIdentifier> leftOverDeltas = new ArrayList<>();
|
||||||
resultMessage.append(validateDeltaChain(deltaMapping, baseCompList,
|
List<ComponentIdentifier> absentSerialNum = new ArrayList<>();
|
||||||
leftOverDeltas, chainCertificates));
|
tempStringMessage = validateDeltaChain(deltaMapping, baseCompList,
|
||||||
|
leftOverDeltas, absentSerialNum, chainCertificates);
|
||||||
|
|
||||||
|
// check if there were any issues
|
||||||
|
if (!tempStringMessage.isEmpty()) {
|
||||||
|
resultMessage.append(tempStringMessage);
|
||||||
|
fieldValidation = false;
|
||||||
|
}
|
||||||
|
|
||||||
// finished up
|
// finished up
|
||||||
List<ArchivableEntity> certificateList = null;
|
List<ArchivableEntity> certificateList = null;
|
||||||
SupplyChainValidation scv = null;
|
SupplyChainValidation scv = null;
|
||||||
// go through the leaf and check the changes against the valid components
|
// Ok, we went through valid non-empty serial values
|
||||||
// forget modifying validOrigPcComponents
|
// now do the rest, if there are more deltas and if there are any
|
||||||
|
// non-empty serial values
|
||||||
// what wasn't handled by the serial number,
|
|
||||||
// not match by the serial number and the class type
|
|
||||||
// then the matching manufacturer and model
|
|
||||||
|
|
||||||
for (ComponentIdentifier deltaCi : leftOverDeltas) {
|
for (ComponentIdentifier deltaCi : leftOverDeltas) {
|
||||||
String classValue;
|
String classValue;
|
||||||
ComponentIdentifierV2 ciV2 = (ComponentIdentifierV2) deltaCi;
|
ComponentIdentifierV2 ciV2 = (ComponentIdentifierV2) deltaCi;
|
||||||
ComponentIdentifierV2 baseCiV2;
|
ComponentIdentifierV2 baseCiV2;
|
||||||
boolean classFound;
|
boolean classFound;
|
||||||
|
|
||||||
for (ComponentIdentifier ci : baseCompList) {
|
for (ComponentIdentifier ci : absentSerialNum) {
|
||||||
classValue = ciV2.getComponentClass().getClassValueString();
|
classValue = ciV2.getComponentClass().getClassValueString();
|
||||||
baseCiV2 = (ComponentIdentifierV2) ci;
|
baseCiV2 = (ComponentIdentifierV2) ci;
|
||||||
classFound = classValue.equals(baseCiV2.getComponentClass()
|
classFound = classValue.equals(baseCiV2.getComponentClass()
|
||||||
.getClassValueString());
|
.getClassValueString());
|
||||||
if (classFound) {
|
if (classFound) {
|
||||||
if (isMatch(ciV2, baseCiV2)) {
|
if (isMatch(ciV2, baseCiV2)) {
|
||||||
LOGGER.error("Not Found and added");
|
if (ciV2.isAdded()) {
|
||||||
|
// error
|
||||||
|
resultMessage.append("ADDED attempted with prior instance\n");
|
||||||
|
}
|
||||||
|
if (ciV2.isModified()) {
|
||||||
|
// since the base list doesn't have this ci
|
||||||
|
// just add the delta
|
||||||
|
baseCompList.add(deltaCi);
|
||||||
|
}
|
||||||
|
// if it is a remove
|
||||||
|
// we do nothing because baseCompList doesn't have it
|
||||||
} else {
|
} else {
|
||||||
LOGGER.error("Not Found and added");
|
// it is an add
|
||||||
|
if (ciV2.isAdded()) {
|
||||||
|
baseCompList.add(deltaCi);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// delta change to a class not there
|
// delta change to a class not there
|
||||||
// is it an add?
|
// is it an add?
|
||||||
if (ciV2.isAdded()) {
|
if (ciV2.isAdded()) {
|
||||||
LOGGER.error("Not Found and added");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// this needs to be removed.
|
|
||||||
baseCompList.add(deltaCi);
|
baseCompList.add(deltaCi);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (ciV2.isModified()) {
|
||||||
|
// error because you can't modify something
|
||||||
|
// that isn't here
|
||||||
|
resultMessage.append("MODIFIED attempted without prior instance\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ciV2.isRemoved()) {
|
||||||
|
// error because you can't remove something
|
||||||
|
// that isn't here
|
||||||
|
resultMessage.append("REMOVED attempted without prior instance\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (!fieldValidation) {
|
if (!fieldValidation) {
|
||||||
return new AppraisalStatus(FAIL, resultMessage.toString());
|
return new AppraisalStatus(FAIL, resultMessage.toString());
|
||||||
}
|
}
|
||||||
@ -705,13 +732,6 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
List<ComponentInfo> subCompInfoList = allDeviceInfoComponents
|
List<ComponentInfo> subCompInfoList = allDeviceInfoComponents
|
||||||
.stream().collect(Collectors.toList());
|
.stream().collect(Collectors.toList());
|
||||||
|
|
||||||
subCompIdList.stream().forEach((ci) -> {
|
|
||||||
LOGGER.error(ci.toString());
|
|
||||||
});
|
|
||||||
|
|
||||||
subCompInfoList.stream().forEach((ci) -> {
|
|
||||||
LOGGER.error(ci.toString());
|
|
||||||
});
|
|
||||||
// Delta is the baseline
|
// Delta is the baseline
|
||||||
for (ComponentInfo cInfo : allDeviceInfoComponents) {
|
for (ComponentInfo cInfo : allDeviceInfoComponents) {
|
||||||
for (ComponentIdentifier cId : fullDeltaChainComponents) {
|
for (ComponentIdentifier cId : fullDeltaChainComponents) {
|
||||||
@ -1379,6 +1399,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
final Map<PlatformCredential, SupplyChainValidation> deltaMapping,
|
final Map<PlatformCredential, SupplyChainValidation> deltaMapping,
|
||||||
final List<ComponentIdentifier> baseCompList,
|
final List<ComponentIdentifier> baseCompList,
|
||||||
final List<ComponentIdentifier> leftOvers,
|
final List<ComponentIdentifier> leftOvers,
|
||||||
|
final List<ComponentIdentifier> absentSerials,
|
||||||
final List<PlatformCredential> chainCertificates) {
|
final List<PlatformCredential> chainCertificates) {
|
||||||
StringBuilder resultMessage = new StringBuilder();
|
StringBuilder resultMessage = new StringBuilder();
|
||||||
List<String> noneSerialValues = new ArrayList<>();
|
List<String> noneSerialValues = new ArrayList<>();
|
||||||
@ -1390,7 +1411,11 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
// map the components throughout the chain
|
// map the components throughout the chain
|
||||||
Map<String, ComponentIdentifier> chainCiMapping = new HashMap<>();
|
Map<String, ComponentIdentifier> chainCiMapping = new HashMap<>();
|
||||||
baseCompList.stream().forEach((ci) -> {
|
baseCompList.stream().forEach((ci) -> {
|
||||||
|
if (!noneSerialValues.contains(ci.getComponentSerial().toString())) {
|
||||||
chainCiMapping.put(ci.getComponentSerial().toString(), ci);
|
chainCiMapping.put(ci.getComponentSerial().toString(), ci);
|
||||||
|
} else {
|
||||||
|
absentSerials.add(ci);
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
String ciSerial;
|
String ciSerial;
|
||||||
|
Loading…
Reference in New Issue
Block a user