mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-22 14:22:29 +00:00
Modified so PCI ID translation will highlight delta certs and show in Tooltips
This commit is contained in:
parent
9b790cb805
commit
e22d95c2e6
@ -565,20 +565,14 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
resultMessage.append(unmatchedComponents);
|
resultMessage.append(unmatchedComponents);
|
||||||
|
|
||||||
// pass information of which ones failed in additionInfo
|
// pass information of which ones failed in additionInfo
|
||||||
|
int counter = 0;
|
||||||
for (ComponentIdentifier ci : validPcComponents) {
|
for (ComponentIdentifier ci : validPcComponents) {
|
||||||
try {
|
counter++;
|
||||||
if (ci.isVersion2()) {
|
|
||||||
ComponentIdentifierV2 pciCi = (ComponentIdentifierV2) ci;
|
|
||||||
if (PciIds.DB.isReady()) {
|
|
||||||
pciCi = PciIds.translate((ComponentIdentifierV2) ci);
|
|
||||||
}
|
|
||||||
additionalInfo.append(String.format("%d;", pciCi.hashCode()));
|
|
||||||
} else {
|
|
||||||
additionalInfo.append(String.format("%d;", ci.hashCode()));
|
additionalInfo.append(String.format("%d;", ci.hashCode()));
|
||||||
}
|
}
|
||||||
} catch (Exception ex) {
|
if (counter > 0) {
|
||||||
LOGGER.error(ex.getMessage());
|
additionalInfo.insert(0, "COMPID=");
|
||||||
}
|
additionalInfo.append(counter);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -710,6 +704,7 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!fieldValidation || !deltaSb.toString().isEmpty()) {
|
if (!fieldValidation || !deltaSb.toString().isEmpty()) {
|
||||||
|
deltaSb.insert(0, "COMPID=");
|
||||||
return new AppraisalStatus(FAIL, resultMessage.toString(), deltaSb.toString());
|
return new AppraisalStatus(FAIL, resultMessage.toString(), deltaSb.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -729,21 +724,29 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
LOGGER.error("PACCOR output string:\n" + paccorOutputString);
|
LOGGER.error("PACCOR output string:\n" + paccorOutputString);
|
||||||
return new AppraisalStatus(ERROR, baseErrorMessage + ioEx.getMessage());
|
return new AppraisalStatus(ERROR, baseErrorMessage + ioEx.getMessage());
|
||||||
}
|
}
|
||||||
|
StringBuilder additionalInfo = new StringBuilder();
|
||||||
if (!fieldValidation) {
|
if (!fieldValidation) {
|
||||||
// instead of listing all unmatched, just print the #. The failure
|
|
||||||
// will link to the platform certificate that'll display them.
|
|
||||||
String failureResults = unmatchedComponents.substring(0,
|
|
||||||
unmatchedComponents.length() - 1);
|
|
||||||
String size = unmatchedComponents.substring(unmatchedComponents.length() - 1);
|
|
||||||
resultMessage = new StringBuilder();
|
resultMessage = new StringBuilder();
|
||||||
|
resultMessage.append("There are unmatched components:\n");
|
||||||
resultMessage.append(String.format("There are %s unmatched components "
|
|
||||||
+ "on the Platform Certificate:%n", size));
|
|
||||||
resultMessage.append(unmatchedComponents);
|
resultMessage.append(unmatchedComponents);
|
||||||
|
|
||||||
return new AppraisalStatus(FAIL, resultMessage.toString(), failureResults);
|
// pass information of which ones failed in additionInfo
|
||||||
|
int counter = 0;
|
||||||
|
for (ComponentIdentifier ci : baseCompList) {
|
||||||
|
counter++;
|
||||||
|
additionalInfo.append(String.format("%d;", ci.hashCode()));
|
||||||
}
|
}
|
||||||
|
if (counter > 0) {
|
||||||
|
additionalInfo.insert(0, "COMPID=");
|
||||||
|
additionalInfo.append(counter);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (fieldValidation) {
|
||||||
return new AppraisalStatus(PASS, PLATFORM_ATTRIBUTES_VALID);
|
return new AppraisalStatus(PASS, PLATFORM_ATTRIBUTES_VALID);
|
||||||
|
} else {
|
||||||
|
return new AppraisalStatus(FAIL, resultMessage.toString(), additionalInfo.toString());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String validateV2PlatformCredentialAttributes(
|
private static String validateV2PlatformCredentialAttributes(
|
||||||
@ -775,14 +778,23 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
// now we return everything that was unmatched
|
// now we return everything that was unmatched
|
||||||
// what is in the component info/device reported components
|
// what is in the component info/device reported components
|
||||||
// is to be displayed as the failure
|
// is to be displayed as the failure
|
||||||
|
fullDeltaChainComponents.clear();
|
||||||
for (ComponentIdentifier ci : subCompIdList) {
|
for (ComponentIdentifier ci : subCompIdList) {
|
||||||
ciV2 = (ComponentIdentifierV2) ci;
|
if (ci.isVersion2() && PciIds.DB.isReady()) {
|
||||||
invalidPcIds.append(String.format("%d;",
|
ci = PciIds.translate((ComponentIdentifierV2) ci);
|
||||||
ciV2.hashCode()));
|
}
|
||||||
|
LOGGER.error("Unmatched component: " + ci);
|
||||||
|
fullDeltaChainComponents.add(ci);
|
||||||
|
invalidPcIds.append(String.format(
|
||||||
|
"Manufacturer=%s, Model=%s, Serial=%s, Revision=%s;%n",
|
||||||
|
ci.getComponentManufacturer(),
|
||||||
|
ci.getComponentModel(),
|
||||||
|
ci.getComponentSerial(),
|
||||||
|
ci.getComponentRevision()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return String.format("COMPID=%s%d", invalidPcIds.toString(), subCompIdList.size());
|
return invalidPcIds.toString();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -848,7 +860,6 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
= allDeviceInfoComponents.stream().filter(componentInfo
|
= allDeviceInfoComponents.stream().filter(componentInfo
|
||||||
-> componentInfo.getComponentManufacturer().equals(pcManufacturer))
|
-> componentInfo.getComponentManufacturer().equals(pcManufacturer))
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
|
|
||||||
// For each component listed in the platform credential from this manufacturer
|
// For each component listed in the platform credential from this manufacturer
|
||||||
// find the ones that specify a serial number so we can match the most specific ones
|
// find the ones that specify a serial number so we can match the most specific ones
|
||||||
// first.
|
// first.
|
||||||
@ -857,7 +868,6 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
-> compIdentifier.getComponentSerial() != null
|
-> compIdentifier.getComponentSerial() != null
|
||||||
&& StringUtils.isNotEmpty(compIdentifier.getComponentSerial().getString()))
|
&& StringUtils.isNotEmpty(compIdentifier.getComponentSerial().getString()))
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
|
|
||||||
// Now match up the components from the device info that are from the same
|
// Now match up the components from the device info that are from the same
|
||||||
// manufacturer and have a serial number. As matches are found, remove them from
|
// manufacturer and have a serial number. As matches are found, remove them from
|
||||||
// both lists.
|
// both lists.
|
||||||
@ -878,7 +888,6 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// For each component listed in the platform credential from this manufacturer
|
// For each component listed in the platform credential from this manufacturer
|
||||||
// find the ones that specify value for the revision field so we can match the most
|
// find the ones that specify value for the revision field so we can match the most
|
||||||
// specific ones first.
|
// specific ones first.
|
||||||
@ -887,7 +896,6 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
-> compIdentifier.getComponentRevision() != null
|
-> compIdentifier.getComponentRevision() != null
|
||||||
&& StringUtils.isNotEmpty(compIdentifier.getComponentRevision().getString()))
|
&& StringUtils.isNotEmpty(compIdentifier.getComponentRevision().getString()))
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
|
|
||||||
// Now match up the components from the device info that are from the same
|
// Now match up the components from the device info that are from the same
|
||||||
// manufacturer and specify a value for the revision field. As matches are found,
|
// manufacturer and specify a value for the revision field. As matches are found,
|
||||||
// remove them from both lists.
|
// remove them from both lists.
|
||||||
@ -908,7 +916,6 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// The remaining components from the manufacturer have only the 2 required fields so
|
// The remaining components from the manufacturer have only the 2 required fields so
|
||||||
// just match them.
|
// just match them.
|
||||||
List<ComponentIdentifier> templist = new ArrayList<>(pcComponentsFromManufacturer);
|
List<ComponentIdentifier> templist = new ArrayList<>(pcComponentsFromManufacturer);
|
||||||
@ -934,6 +941,10 @@ public final class SupplyChainCredentialValidator implements CredentialValidator
|
|||||||
|
|
||||||
int unmatchedComponentCounter = 1;
|
int unmatchedComponentCounter = 1;
|
||||||
for (ComponentIdentifier unmatchedComponent : pcUnmatchedComponents) {
|
for (ComponentIdentifier unmatchedComponent : pcUnmatchedComponents) {
|
||||||
|
if (unmatchedComponent.isVersion2() && PciIds.DB.isReady()) {
|
||||||
|
unmatchedComponent =
|
||||||
|
PciIds.translate((ComponentIdentifierV2) unmatchedComponent);
|
||||||
|
}
|
||||||
LOGGER.error("Unmatched component " + unmatchedComponentCounter++ + ": "
|
LOGGER.error("Unmatched component " + unmatchedComponentCounter++ + ": "
|
||||||
+ unmatchedComponent);
|
+ unmatchedComponent);
|
||||||
sb.append(String.format("Manufacturer=%s, Model=%s, Serial=%s, Revision=%s;%n",
|
sb.append(String.format("Manufacturer=%s, Model=%s, Serial=%s, Revision=%s;%n",
|
||||||
|
@ -2256,9 +2256,7 @@ public class SupplyChainCredentialValidatorTest {
|
|||||||
.validateDeltaPlatformCredentialAttributes(delta1,
|
.validateDeltaPlatformCredentialAttributes(delta1,
|
||||||
deviceInfoReport, base, chainCredentials);
|
deviceInfoReport, base, chainCredentials);
|
||||||
Assert.assertEquals(result.getAppStatus(), AppraisalStatus.Status.FAIL);
|
Assert.assertEquals(result.getAppStatus(), AppraisalStatus.Status.FAIL);
|
||||||
Assert.assertEquals(result.getMessage(),
|
Assert.assertEquals(result.getAdditionalInfo(), "COMPID=370101885;1");
|
||||||
"There are 1 unmatched components on the Platform Certificate:\n"
|
|
||||||
+ "COMPID=370101885;1");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user