ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-02-20 17:52:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Updated how the error checking for the digest failure is handled for the details page.

Browse Source
This commit is contained in:
Cyrus 2021-04-14 11:17:10 -04:00
parent 5a82e48b61
commit d80e6d309b
2 changed files with 67 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java
View File

@ -229,6 +229,13 @@ public class ReferenceManifestDetailsPageController
data.put("pcUriGlobal", baseRim.getPcURIGlobal());
data.put("pcUriLocal", baseRim.getPcURILocal());
data.put("rimLinkHash", baseRim.getRimLinkHash());
boolean hashLinked = false;
if (baseRim.getRimLinkHash() != null) {
ReferenceManifest rim = BaseReferenceManifest.select(referenceManifestManager)
.byHashCode(baseRim.getRimLinkHash()).getRIM();
hashLinked = (rim != null);
}
data.put("linkHashValid", hashLinked);
data.put("rimType", baseRim.getRimType());
List<SwidResource> resources = baseRim.parseResource();
@ -331,6 +338,18 @@ public class ReferenceManifestDetailsPageController
.byManufacturer(support.getPlatformManufacturer()).getRIM();
}
if (support.isSwidPatch()) {
data.put("swidPatch", "True");
} else {
data.put("swidPatch", "False");
}
if (support.isSwidSupplemental()) {
data.put("swidSupplemental", "True");
} else {
data.put("swidSupplemental", "False");
}
data.put("swidBase", (!support.isSwidPatch()
&& !support.isSwidSupplemental()));
data.put("baseRim", support.getTagId());
data.put("associatedRim", support.getAssociatedRim());
data.put("rimType", support.getRimType());
@ -355,14 +374,21 @@ public class ReferenceManifestDetailsPageController
TCGEventLog measurementsProcess;
if (measurements != null) {
measurementsProcess = new TCGEventLog((measurements.getRimBytes()));
HashMap<String, TpmPcrEvent> digestMap = new HashMap<>();
for (TpmPcrEvent tpe : logProcessor.getEventList()) {
if (!tpe.eventCompare(
measurementsProcess.getEventByNumber(
tpe.getEventNumber()))) {
tpe.setError(true);
digestMap.put(tpe.getEventDigestStr(), tpe);
if (!support.isSwidSupplemental()) {
if (!tpe.eventCompare(
measurementsProcess.getEventByNumber(
tpe.getEventNumber()))) {
tpe.setError(true);
}
}
tpmPcrEvents.add(tpe);
}
for (TpmPcrEvent tpe : logProcessor.getEventList()) {
tpe.setError(!digestMap.containsKey(tpe.getEventDigestStr()));
}
data.put("events", tpmPcrEvents);
} else {
data.put("events", logProcessor.getEventList());

46
HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/rim-details.jsp
View File

@ -41,6 +41,24 @@
</c:choose>
</div>
</div>
<c:if test="${not initialData.swidBase}">
<div class="row">
<div class="col-md-1 col-md-offset-1">
<span class="colHeader">RIM Type</span>
</div>
<div id="baseRim" class="col col-md-8">
<c:if test="${initialData.swidCorpus}">
<div>SWID Corpus</div>
</c:if>
<c:if test="${initialData.swidPatch}">
<div>SWID Patch</div>
</c:if>
<c:if test="${initialData.swidSupplemental}">
<div>SWID Supplemental</div>
</c:if>
</div>
</div>
</c:if>
<div class="row">
<div class="col-md-1 col-md-offset-1">
<span class="colRimHeader">
@ -57,7 +75,7 @@
<ul>
<c:if test="${initialData.crtm || initialData.bootManager || initialData.osLoader || initialData.osKernel}">
<li>PC Client Boot path</li>
</c:if>
</c:if>
<ul>
<c:if test="${initialData.crtm}">
<li>Software Core Root of Trust for Measurement (SRTM)</li>
@ -70,7 +88,7 @@
</c:if>
<c:if test="${initialData.osKernel}">
<li>OS Kernel</li>
</c:if>
</c:if>
</ul>
<c:if test="${initialData.acpiTables || initialData.smbiosTables || initialData.gptTable || initialData.defaultBootDevice}">
<li>Device Configuration</li>
@ -90,7 +108,7 @@
</c:if>
<c:if test="${initialData.defaultBootDevice}">
<li>Default boot device</li>
</c:if>
</c:if>
</ul>
<c:if test="${initialData.secureBoot || initialData.pk || initialData.kek || initialData.sigDb || initialData.forbiddenDbx}">
<li>Secure Boot Variables</li>
@ -110,7 +128,7 @@
</c:if>
<c:if test="${initialData.forbiddenDbx}">
<li>Forbidden Signatures Database (dbx)</li>
</c:if>
</c:if>
</ul>
</ul>
</ul>
@ -134,7 +152,6 @@
<li>OS Kernel</li>
</c:if>
</ul>
<c:if test="${not initialData.acpiTables || not initialData.smbiosTables || not initialData.gptTable || not initialData.bootOrder || not initialData.defaultBootDevice}">
<li>Device Configuration</li>
</c:if>
@ -173,7 +190,7 @@
</c:if>
<c:if test="${not initialData.forbiddenDbx}">
<li>Forbidden Signatures Database (dbx)</li>
</c:if>
</c:if>
</ul>
</ul>
</ul>
@ -352,13 +369,24 @@
</c:if>
<div>Binding Spec:&nbsp;<span>${initialData.bindingSpec}</span></div>
<div>Binding Spec Version:&nbsp;<span>${initialData.bindingSpecVersion}</span></div>
<c:if test="${not empty initiaData.pcUriGlobal}">
<c:if test="${not empty initialData.pcUriGlobal}">
<div>PC URI Global:&nbsp;<span>${initialData.pcUriGlobal}</span></div>
</c:if>
<c:if test="${not empty initiaData.pcUriLocal}">
<c:if test="${not empty initialData.pcUriLocal}">
<div>PC URI Local:&nbsp;<span>${initialData.pcUriLocal}</span></div>
</c:if>
<div>Rim Link Hash:&nbsp;<span>${initialData.rimLinkHash}</span></div>
<div>Rim Link Hash:&nbsp;<span>${initialData.rimLinkHash}</span>
<span>
<c:choose>
<c:when test="${initialData.linkHashValid}">
<img src="${passIcon}" title="SWID Tag exist.">
</c:when>
<c:otherwise>
<img src="${failIcon}" title="SWID Tag doesn't exist.">
</c:otherwise>
</c:choose>
</span>
</div>
</div>
</div>
<div class="row">