diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/CredentialManagementHelper.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/CredentialManagementHelper.java index e1dbd778..fcb47793 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/CredentialManagementHelper.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/CredentialManagementHelper.java @@ -122,7 +122,7 @@ public final class CredentialManagementHelper { if (!certificates.isEmpty()) { // found associated certificates for (PlatformCredential pc : certificates) { - if (pc.isBase()) { + if (pc.isBase() && platformCredential.isBase()) { // found a base in the database associated with // parsed certificate LOG.error(String.format("Base certificate stored" diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java index 65b268e9..2dca7923 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java @@ -184,8 +184,8 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe // the base if (baseCredential != null) { for (PlatformCredential pc : pcs) { - int result = pc.getBeginValidity() - .compareTo(baseCredential.getBeginValidity()); + int result = baseCredential.getBeginValidity() + .compareTo(pc.getBeginValidity()); if (!pc.isBase() && (result > 0)) { pcErrorMessage = String.format("%s%s%n", pcErrorMessage, "Delta Certificate's validity " diff --git a/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java b/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java index ec8b00a1..8aa55638 100644 --- a/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java +++ b/HIRS_Utils/src/main/java/hirs/validation/SupplyChainCredentialValidator.java @@ -664,7 +664,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator "%s attempted MODIFIED with no prior instance.%n", classValue)); scv = deltaMapping.get(delta); - if (scv.getResult() != AppraisalStatus.Status.PASS) { + if (scv != null && scv.getResult() != AppraisalStatus.Status.PASS) { failureMsg.append(scv.getMessage()); } deltaMapping.put(delta, new SupplyChainValidation( @@ -694,7 +694,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator "%s attempted REMOVED with no prior instance.%n", classValue)); scv = deltaMapping.get(delta); - if (scv.getResult() != AppraisalStatus.Status.PASS) { + if (scv != null && scv.getResult() != AppraisalStatus.Status.PASS) { failureMsg.append(scv.getMessage()); } deltaMapping.put(delta, new SupplyChainValidation( @@ -723,7 +723,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator "%s was ADDED, the serial already exists.%n", classValue)); scv = deltaMapping.get(delta); - if (scv.getResult() != AppraisalStatus.Status.PASS) { + if (scv != null && scv.getResult() != AppraisalStatus.Status.PASS) { failureMsg.append(scv.getMessage()); } deltaMapping.put(delta, new SupplyChainValidation(