From f28f75be58901c261188ee63ee61ff3a7d846adb Mon Sep 17 00:00:00 2001 From: iadgovuser29 <33426478+iadgovuser29@users.noreply.github.com> Date: Mon, 15 Jul 2024 11:05:58 -0400 Subject: [PATCH] Try only setting tagId if not null --- .ci/system-tests/tests/aca_policy_tests.sh | 4 ++-- .../persist/provision/IdentityClaimProcessor.java | 15 +++++---------- 2 files changed, 7 insertions(+), 12 deletions(-) diff --git a/.ci/system-tests/tests/aca_policy_tests.sh b/.ci/system-tests/tests/aca_policy_tests.sh index 6f89713c..3a6a838f 100755 --- a/.ci/system-tests/tests/aca_policy_tests.sh +++ b/.ci/system-tests/tests/aca_policy_tests.sh @@ -54,6 +54,8 @@ if [ "$test" = "5" ] || [ "$test" = "all" ]; then setPolicyEkPcFw provisionTpm2 "fail" fi +writeToLogs "Now using appsettings with hardware information" +setAppsettings --paccor-output-file /ci_test/hw.json --event-log-file /ci_test/binary_bios_measurements --linux-dmi if [ "$test" = "6" ] || [ "$test" = "all" ]; then writeToLogs "### ACA POLICY TEST 6: Test PC Validation Policy with valid PC with no Attribute Check ###" clearAcaDb @@ -65,13 +67,11 @@ if [ "$test" = "6" ] || [ "$test" = "all" ]; then fi if [ "$test" = "7" ] || [ "$test" = "all" ]; then writeToLogs "### ACA POLICY TEST 7: Test PC Validation Policy with valid PC with Attribute Check ###" - writeToLogs "Now using appsettings with hardware information" clearAcaDb resetTpmForNewTest setPolicyEkPc uploadTrustedCerts setPlatformCerts -p "laptop" -t "default" - setAppsettings --paccor-output-file /ci_test/hw.json --event-log-file /ci_test/binary_bios_measurements --linux-dmi provisionTpm2 "pass" fi if [ "$test" = "8" ] || [ "$test" = "all" ]; then diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java index 40d2eb5b..8d887c38 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java @@ -490,23 +490,20 @@ public class IdentityClaimProcessor extends AbstractProcessor { .getBaseByManufacturerModel(dv.getHw().getManufacturer(), dv.getHw().getProductName()); measurements = temp; - if (tagId != null && !tagId.isEmpty()) { - measurements.setTagId(tagId); - } measurements.setPlatformManufacturer(dv.getHw().getManufacturer()); measurements.setPlatformModel(dv.getHw().getProductName()); - measurements.setTagId(tagId); + if (tagId != null && !tagId.trim().isEmpty()) { + measurements.setTagId(tagId); + } measurements.setDeviceName(dv.getNw().getHostname()); measurements.archive(); + this.referenceManifestRepository.save(measurements); + for (BaseReferenceManifest baseRim : baseRims) { if (baseRim != null) { // pull the base versions of the swidtag and rimel and set the // event log hash for use during provision - if ((tagId == null || tagId.trim().isEmpty()) && !baseRim.getTagId().isEmpty()) { - tagId = baseRim.getTagId(); - measurements.setTagId(tagId); - } SupportReferenceManifest sBaseRim = referenceManifestRepository .getSupportRimEntityById(baseRim.getAssociatedRim()); baseRim.setEventLogHash(temp.getHexDecHash()); @@ -515,8 +512,6 @@ public class IdentityClaimProcessor extends AbstractProcessor { referenceManifestRepository.save(sBaseRim); } } - - this.referenceManifestRepository.save(measurements); } catch (IOException ioEx) { log.error(ioEx); }