Adding tests for validating mismatching baseboard/chassis/system serial numbers in DeviceInfoReport objects

2025-04-07 19:34:27 +00:00 · 2024-02-23 12:53:13 -05:00 · 2024-02-23 12:53:13 -05:00 · de84ccbb2c
commit de84ccbb2c
parent 42a05a9e00
1 changed files with 91 additions and 1 deletions
--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidatorTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidatorTest.java
@ -93,7 +93,10 @@ import java.util.Map;
 import java.util.HashMap;

 /**
- * Tests the SupplyChainValidator class.
+ * Tests the SupplyChainCredentialValidator and CredentialValidator class.
+ * Migration note: Tests specifically for test Intel Nuc Platform Credentials
+ * have been omitted, as there is no existing matching test Endorsement Credential
+ * in the project resources.
 */
 public class SupplyChainCredentialValidatorTest {

@ -436,6 +439,93 @@ public class SupplyChainCredentialValidatorTest {
                result.getMessage());
    }

+    /**
+     * Checks if validation occurs when the Platform Credential baseboard
+     * serial number is in the device chassis serial number field.
+     */
+    @Test
+    public final void validatePlatformCredentialCombinedWithChassisSerialNumbersMatchedBaseboard()
+            throws Exception {
+
+        DeviceInfoReport deviceInfoReport = buildReport(new HardwareInfo(
+                DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
+                DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
+                TEST_BOARD_SERIAL_NUMBER, DeviceInfoEnums.NOT_SPECIFIED));
+
+        byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(CertificateTest.class.
+                getResource(INTEL_PLATFORM_CERT_2)).toURI()));
+
+        PlatformCredential pc = new PlatformCredential(certBytes);
+
+        EndorsementCredential ec = new EndorsementCredential(
+                Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
+
+        AppraisalStatus result =
+                CredentialValidator.validatePlatformCredentialAttributes(pc,
+                        deviceInfoReport, ec);
+        assertEquals(AppraisalStatus.Status.PASS, result.getAppStatus());
+        assertEquals(SupplyChainCredentialValidator.PLATFORM_ATTRIBUTES_VALID,
+                result.getMessage());
+    }
+
+    /**
+     * Checks if validation occurs when the Platform Credential chassis
+     * serial number is in the device baseboard serial number field.
+     */
+    @Test
+    public final void validatePlatformCredentialCombinedWithBaseboardSerialNumbersMatchedChassis()
+            throws Exception {
+
+        DeviceInfoReport deviceInfoReport = buildReport(new HardwareInfo(
+                DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
+                DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
+                DeviceInfoEnums.NOT_SPECIFIED, TEST_CHASSIS_SERIAL_NUMBER));
+
+        byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(CertificateTest.class.
+                getResource(INTEL_PLATFORM_CERT_2)).toURI()));
+
+        PlatformCredential pc = new PlatformCredential(certBytes);
+
+        EndorsementCredential ec = new EndorsementCredential(
+                Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
+
+        AppraisalStatus result =
+                CredentialValidator.validatePlatformCredentialAttributes(pc,
+                        deviceInfoReport, ec);
+        assertEquals(AppraisalStatus.Status.PASS, result.getAppStatus());
+        assertEquals(SupplyChainCredentialValidator.PLATFORM_ATTRIBUTES_VALID,
+                result.getMessage());
+    }
+
+    /**
+     * Checks if validation occurs when the Platform Credential chassis
+     * serial number is in the device system serial number field.
+     */
+    @Test
+    public final void validatePlatformCredentialCombinedWithSystemSerialNumbersMatchedChassis()
+            throws Exception {
+
+        DeviceInfoReport deviceInfoReport = buildReport(new HardwareInfo(
+                DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED,
+                DeviceInfoEnums.NOT_SPECIFIED, TEST_CHASSIS_SERIAL_NUMBER,
+                DeviceInfoEnums.NOT_SPECIFIED, DeviceInfoEnums.NOT_SPECIFIED));
+
+        byte[] certBytes = Files.readAllBytes(Paths.get(Objects.requireNonNull(CertificateTest.class.
+                getResource(INTEL_PLATFORM_CERT_2)).toURI()));
+
+        PlatformCredential pc = new PlatformCredential(certBytes);
+
+        EndorsementCredential ec = new EndorsementCredential(
+                Files.readAllBytes(Paths.get(Objects.requireNonNull(getClass().getResource(TEST_EK_CERT)).toURI())));
+
+        AppraisalStatus result =
+                CredentialValidator.validatePlatformCredentialAttributes(pc,
+                        deviceInfoReport, ec);
+        assertEquals(AppraisalStatus.Status.PASS, result.getAppStatus());
+        assertEquals(SupplyChainCredentialValidator.PLATFORM_ATTRIBUTES_VALID,
+                result.getMessage());
+    }
+
    /**
     * Checks if the Platform Credential validator appropriately fails
     * when there are no serial numbers returned from the device.