ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-04-14 14:36:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

All changes that were deprecated for the updated 1.77 version. This is

Browse Source 
to set up for updating the actual version.
This commit is contained in:
Cyrus 2024-01-12 13:44:11 -05:00
parent e4c9150b07
commit f7103517d2
12 changed files with 96 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredential.java
View File

@ -353,21 +353,21 @@ public class EndorsementCredential extends DeviceAssociatedCertificate {
obj = (ASN1TaggedObject) seq.getObjectAt(i);
tag = obj.getTagNo();
if (tag == EK_TYPE_TAG) {
int ekGenTypeVal = ((ASN1Enumerated) obj.getObject()).getValue().intValue();
int ekGenTypeVal = ((ASN1Enumerated) obj.getBaseUniversal(true, tag)).getValue().intValue();
if (ekGenTypeVal >= EK_TYPE_VAL_MIN && ekGenTypeVal <= EK_TYPE_VAL_MAX) {
TPMSecurityAssertions.EkGenerationType ekGenType
= TPMSecurityAssertions.EkGenerationType.values()[ekGenTypeVal];
tpmSecurityAssertions.setEkGenType(ekGenType);
}
} else if (tag == EK_LOC_TAG) {
int ekGenLocVal = ((ASN1Enumerated) obj.getObject()).getValue().intValue();
int ekGenLocVal = ((ASN1Enumerated) obj.getBaseUniversal(true, tag)).getValue().intValue();
if (ekGenLocVal >= EK_LOC_VAL_MIN && ekGenLocVal <= EK_LOC_VAL_MAX) {
TPMSecurityAssertions.EkGenerationLocation ekGenLocation
= TPMSecurityAssertions.EkGenerationLocation.values()[ekGenLocVal];
tpmSecurityAssertions.setEkGenerationLocation(ekGenLocation);
}
} else if (tag == EK_CERT_LOC_TAG) {
int ekCertGenLocVal = ((ASN1Enumerated) obj.getObject())
int ekCertGenLocVal = ((ASN1Enumerated) obj.getBaseUniversal(true, tag))
.getValue().intValue();
if (ekCertGenLocVal >= EK_LOC_VAL_MIN
&& ekCertGenLocVal <= EK_LOC_VAL_MAX) {
@ -426,7 +426,7 @@ public class EndorsementCredential extends DeviceAssociatedCertificate {
} else if (component instanceof ASN1TaggedObject) {
ASN1TaggedObject taggedObj = (ASN1TaggedObject) component;
parseSingle(taggedObj.getObject(), addToMapping, key);
parseSingle(taggedObj.getLoadedObject(), addToMapping, key);
} else if (component instanceof ASN1OctetString) {
// this may contain parseable data or may just be a OID key-pair value

16
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/CommonCriteriaMeasures.java
View File

@ -4,10 +4,10 @@ import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERIA5String;
/**
* Basic class that handle CommonCriteriaMeasures for the Platform Certificate
@ -167,7 +167,7 @@ public class CommonCriteriaMeasures {
}
}
private DERIA5String version;
private ASN1IA5String version;
private EvaluationAssuranceLevel assuranceLevel;
private EvaluationStatus evaluationStatus;
private ASN1Boolean plus;
@ -201,26 +201,22 @@ public class CommonCriteriaMeasures {
//Get all the mandatory values
int index = 0;
version = DERIA5String.getInstance(sequence.getObjectAt(index));
++index;
ASN1Enumerated enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(index));
++index;
version = ASN1IA5String.getInstance(sequence.getObjectAt(index++));
ASN1Enumerated enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(index++));
//Throw exception when is not between 1 and 7
if (enumarated.getValue().intValue() <= 0
|| enumarated.getValue().intValue() > EvaluationAssuranceLevel.values().length) {
throw new IllegalArgumentException("Invalid assurance level.");
}
assuranceLevel = EvaluationAssuranceLevel.values()[enumarated.getValue().intValue() - 1];
enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(index));
++index;
enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(index++));
evaluationStatus = EvaluationStatus.values()[enumarated.getValue().intValue()];
//Default plus value
plus = ASN1Boolean.FALSE;
//Current sequence index
if (sequence.getObjectAt(index).toASN1Primitive() instanceof ASN1Boolean) {
plus = ASN1Boolean.getInstance(sequence.getObjectAt(index));
index++;
plus = ASN1Boolean.getInstance(sequence.getObjectAt(index++));
}
//Optional values (default to null or empty)

6
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/ComponentAddress.java
View File

@ -5,7 +5,7 @@ import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.ASN1UTF8String;
/**
* Basic class that handle component addresses from the component identifier.
@ -31,7 +31,7 @@ public class ComponentAddress {
private static final String BLUETOOTH_MAC = "2.23.133.17.3";
private ASN1ObjectIdentifier addressType;
private DERUTF8String addressValue;
private ASN1UTF8String addressValue;
/**
* Default constructor.
@ -55,7 +55,7 @@ public class ComponentAddress {
+ "all the required fields.");
}
addressType = ASN1ObjectIdentifier.getInstance(sequence.getObjectAt(0));
addressValue = DERUTF8String.getInstance(sequence.getObjectAt(1));
addressValue = ASN1UTF8String.getInstance(sequence.getObjectAt(1));
}
/**

34
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/ComponentIdentifier.java
View File

@ -5,11 +5,11 @@ import lombok.AllArgsConstructor;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.Setter;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.ASN1UTF8String;
import org.bouncycastle.asn1.DERUTF8String;
import java.util.ArrayList;
@ -75,10 +75,10 @@ public class ComponentIdentifier {
*/
protected static final int COMPONENT_ADDRESS = 4;
private DERUTF8String componentManufacturer;
private DERUTF8String componentModel;
private DERUTF8String componentSerial;
private DERUTF8String componentRevision;
private ASN1UTF8String componentManufacturer;
private ASN1UTF8String componentModel;
private ASN1UTF8String componentSerial;
private ASN1UTF8String componentRevision;
private ASN1ObjectIdentifier componentManufacturerId;
private ASN1Boolean fieldReplaceable;
private List<ComponentAddress> componentAddress;
@ -88,10 +88,10 @@ public class ComponentIdentifier {
* Default constructor.
*/
public ComponentIdentifier() {
componentManufacturer = new DERUTF8String(NOT_SPECIFIED_COMPONENT);
componentModel = new DERUTF8String(NOT_SPECIFIED_COMPONENT);
componentSerial = new DERUTF8String(StringUtils.EMPTY);
componentRevision = new DERUTF8String(StringUtils.EMPTY);
componentManufacturer = ASN1UTF8String.getInstance(NOT_SPECIFIED_COMPONENT);
componentModel = ASN1UTF8String.getInstance(NOT_SPECIFIED_COMPONENT);
componentSerial = ASN1UTF8String.getInstance(EMPTY_COMPONENT);
componentRevision = ASN1UTF8String.getInstance(EMPTY_COMPONENT);
componentManufacturerId = null;
fieldReplaceable = null;
componentAddress = new ArrayList<>();
@ -108,10 +108,10 @@ public class ComponentIdentifier {
* @param fieldReplaceable represents if the component is replaceable
* @param componentAddress represents a list of addresses
*/
public ComponentIdentifier(final DERUTF8String componentManufacturer,
final DERUTF8String componentModel,
final DERUTF8String componentSerial,
final DERUTF8String componentRevision,
public ComponentIdentifier(final ASN1UTF8String componentManufacturer,
final ASN1UTF8String componentModel,
final ASN1UTF8String componentSerial,
final ASN1UTF8String componentRevision,
final ASN1ObjectIdentifier componentManufacturerId,
final ASN1Boolean fieldReplaceable,
final List<ComponentAddress> componentAddress) {
@ -138,18 +138,18 @@ public class ComponentIdentifier {
}
//Mandatory values
componentManufacturer = DERUTF8String.getInstance(sequence.getObjectAt(0));
componentModel = DERUTF8String.getInstance(sequence.getObjectAt(1));
componentManufacturer = ASN1UTF8String.getInstance(sequence.getObjectAt(0));
componentModel = ASN1UTF8String.getInstance(sequence.getObjectAt(1));
//Continue reading the sequence if it does contain more than 2 values
for (int i = 2; i < sequence.size(); i++) {
ASN1TaggedObject taggedObj = ASN1TaggedObject.getInstance(sequence.getObjectAt(i));
switch (taggedObj.getTagNo()) {
case COMPONENT_SERIAL:
componentSerial = DERUTF8String.getInstance(taggedObj, false);
componentSerial = ASN1UTF8String.getInstance(taggedObj, false);
break;
case COMPONENT_REVISION:
componentRevision = DERUTF8String.getInstance(taggedObj, false);
componentRevision = ASN1UTF8String.getInstance(taggedObj, false);
break;
case COMPONENT_MANUFACTURER_ID:
componentManufacturerId = ASN1ObjectIdentifier.getInstance(taggedObj, false);

14
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/FIPSLevel.java
View File

@ -5,8 +5,8 @@ import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERIA5String;
/**
* Basic class that handle FIPS Level.
@ -71,7 +71,7 @@ public class FIPSLevel {
}
@Getter @Setter
private DERIA5String version;
private ASN1IA5String version;
@Getter @Setter
private SecurityLevel level;
@Getter @Setter
@ -94,15 +94,15 @@ public class FIPSLevel {
*/
public FIPSLevel(final ASN1Sequence sequence) throws IllegalArgumentException {
//Get version
version = DERIA5String.getInstance(sequence.getObjectAt(0));
version = ASN1IA5String.getInstance(sequence.getObjectAt(0));
//Get and validate level
ASN1Enumerated enumarated = ASN1Enumerated.getInstance(sequence.getObjectAt(1));
ASN1Enumerated enumerated = ASN1Enumerated.getInstance(sequence.getObjectAt(1));
//Throw exception when is not between 1 and 7
if (enumarated.getValue().intValue() <= 0
|| enumarated.getValue().intValue() > SecurityLevel.values().length) {
if (enumerated.getValue().intValue() <= 0
|| enumerated.getValue().intValue() > SecurityLevel.values().length) {
throw new IllegalArgumentException("Invalid security level on FIPSLevel.");
}
level = SecurityLevel.values()[enumarated.getValue().intValue() - 1];
level = SecurityLevel.values()[enumerated.getValue().intValue() - 1];
//Check if there is another value on the sequence for the plus
plus = ASN1Boolean.FALSE; //Default to false

9
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/PlatformProperty.java
View File

@ -4,6 +4,7 @@ import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1UTF8String;
import org.bouncycastle.asn1.DERUTF8String;
/**
@ -28,8 +29,8 @@ public class PlatformProperty {
*/
protected static final int IDENTIFIER_NUMBER = 2;
private DERUTF8String propertyName;
private DERUTF8String propertyValue;
private ASN1UTF8String propertyName;
private ASN1UTF8String propertyValue;
/**
* Default constructor.
@ -53,8 +54,8 @@ public class PlatformProperty {
+ "the required fields.");
}
this.propertyName = DERUTF8String.getInstance(sequence.getObjectAt(0));
this.propertyValue = DERUTF8String.getInstance(sequence.getObjectAt(1));
this.propertyName = ASN1UTF8String.getInstance(sequence.getObjectAt(0));
this.propertyValue = ASN1UTF8String.getInstance(sequence.getObjectAt(1));
}
@Override

12
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/TBBSecurityAssertion.java
View File

@ -4,10 +4,10 @@ import lombok.AllArgsConstructor;
import lombok.Getter;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERIA5String;
import java.math.BigInteger;
@ -89,7 +89,7 @@ public class TBBSecurityAssertion {
private FIPSLevel fipsLevel;
private MeasurementRootType rtmType;
private ASN1Boolean iso9000Certified;
private DERIA5String iso9000Uri;
private ASN1IA5String iso9000Uri;
/**
* Default constructor.
@ -163,8 +163,8 @@ public class TBBSecurityAssertion {
}
// Check if it's a IA5String
if (index < sequenceSize
&& sequence.getObjectAt(index).toASN1Primitive() instanceof DERIA5String) {
iso9000Uri = DERIA5String.getInstance(sequence.getObjectAt(index));
&& sequence.getObjectAt(index).toASN1Primitive() instanceof ASN1IA5String) {
iso9000Uri = ASN1IA5String.getInstance(sequence.getObjectAt(index));
}
}
@ -241,14 +241,14 @@ public class TBBSecurityAssertion {
/**
* @return the iso9000Uri
*/
public DERIA5String getIso9000Uri() {
public ASN1IA5String getIso9000Uri() {
return iso9000Uri;
}
/**
* @param iso9000Uri the iso9000Uri to set
*/
public void setIso9000Uri(final DERIA5String iso9000Uri) {
public void setIso9000Uri(final ASN1IA5String iso9000Uri) {
this.iso9000Uri = iso9000Uri;
}

16
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/URIReference.java
View File

@ -4,9 +4,9 @@ import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1BitString;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
/**
@ -23,10 +23,10 @@ import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
@Getter @Setter
@AllArgsConstructor
public class URIReference {
private DERIA5String uniformResourceIdentifier;
private ASN1IA5String uniformResourceIdentifier;
private AlgorithmIdentifier hashAlgorithm;
@JsonIgnore
private DERBitString hashValue;
private ASN1BitString hashValue;
private static final int PLATFORM_PROPERTIES_URI_MAX = 3;
private static final int PLATFORM_PROPERTIES_URI_MIN = 1;
@ -56,14 +56,14 @@ public class URIReference {
//Get the Platform Configuration URI values
for (int j = 0; j < sequence.size(); j++) {
if (sequence.getObjectAt(j) instanceof DERIA5String) {
this.uniformResourceIdentifier = DERIA5String.getInstance(sequence.getObjectAt(j));
if (sequence.getObjectAt(j) instanceof ASN1IA5String) {
this.uniformResourceIdentifier = ASN1IA5String.getInstance(sequence.getObjectAt(j));
} else if ((sequence.getObjectAt(j) instanceof AlgorithmIdentifier)
|| (sequence.getObjectAt(j) instanceof ASN1Sequence)) {
this.hashAlgorithm =
AlgorithmIdentifier.getInstance(sequence.getObjectAt(j));
} else if (sequence.getObjectAt(j) instanceof DERBitString) {
this.hashValue = DERBitString.getInstance(sequence.getObjectAt(j));
} else if (sequence.getObjectAt(j) instanceof ASN1BitString) {
this.hashValue = ASN1BitString.getInstance(sequence.getObjectAt(j));
} else {
throw new IllegalArgumentException("Unexpected DER type found. "
+ sequence.getObjectAt(j).getClass().getName() + " found at index " + j + ".");

22
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/V2/ComponentIdentifierV2.java
View File

@ -10,10 +10,10 @@ import lombok.Setter;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.ASN1UTF8String;
import java.util.List;
import java.util.stream.Collectors;
@ -81,10 +81,10 @@ public class ComponentIdentifierV2 extends ComponentIdentifier {
*/
@SuppressWarnings("checkstyle:parameternumber")
public ComponentIdentifierV2(final ComponentClass componentClass,
final DERUTF8String componentManufacturer,
final DERUTF8String componentModel,
final DERUTF8String componentSerial,
final DERUTF8String componentRevision,
final ASN1UTF8String componentManufacturer,
final ASN1UTF8String componentModel,
final ASN1UTF8String componentSerial,
final ASN1UTF8String componentRevision,
final ASN1ObjectIdentifier componentManufacturerId,
final ASN1Boolean fieldReplaceable,
final List<ComponentAddress> componentAddress,
@ -117,21 +117,21 @@ public class ComponentIdentifierV2 extends ComponentIdentifier {
int tag = 0;
ASN1Sequence componentIdSeq = ASN1Sequence.getInstance(sequence.getObjectAt(tag));
componentClass = new ComponentClass(componentIdSeq.getObjectAt(tag++).toString(),
DEROctetString.getInstance(componentIdSeq.getObjectAt(tag)).toString());
ASN1OctetString.getInstance(componentIdSeq.getObjectAt(tag)).toString());
// Mandatory values
this.setComponentManufacturer(DERUTF8String.getInstance(sequence.getObjectAt(tag++)));
this.setComponentModel(DERUTF8String.getInstance(sequence.getObjectAt(tag++)));
this.setComponentManufacturer(ASN1UTF8String.getInstance(sequence.getObjectAt(tag++)));
this.setComponentModel(ASN1UTF8String.getInstance(sequence.getObjectAt(tag++)));
// Continue reading the sequence if it does contain more than 2 values
for (int i = tag; i < sequence.size(); i++) {
ASN1TaggedObject taggedObj = ASN1TaggedObject.getInstance(sequence.getObjectAt(i));
switch (taggedObj.getTagNo()) {
case COMPONENT_SERIAL:
this.setComponentSerial(DERUTF8String.getInstance(taggedObj, false));
this.setComponentSerial(ASN1UTF8String.getInstance(taggedObj, false));
break;
case COMPONENT_REVISION:
this.setComponentRevision(DERUTF8String.getInstance(taggedObj, false));
this.setComponentRevision(ASN1UTF8String.getInstance(taggedObj, false));
break;
case COMPONENT_MANUFACTURER_ID:
this.setComponentManufacturerId(ASN1ObjectIdentifier

8
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/V2/PlatformPropertyV2.java
View File

@ -5,7 +5,7 @@ import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.ASN1UTF8String;
/**
*
@ -39,7 +39,7 @@ public class PlatformPropertyV2 extends PlatformProperty {
* @param propertyValue string containing the property value
* @param attributeStatus enumerated object with the status of the property
*/
public PlatformPropertyV2(final DERUTF8String propertyName, final DERUTF8String propertyValue,
public PlatformPropertyV2(final ASN1UTF8String propertyName, final ASN1UTF8String propertyValue,
final AttributeStatus attributeStatus) {
super(propertyName, propertyValue);
this.attributeStatus = attributeStatus;
@ -59,8 +59,8 @@ public class PlatformPropertyV2 extends PlatformProperty {
+ "the required fields.");
}
setPropertyName(DERUTF8String.getInstance(sequence.getObjectAt(0)));
setPropertyValue(DERUTF8String.getInstance(sequence.getObjectAt(1)));
setPropertyName(ASN1UTF8String.getInstance(sequence.getObjectAt(0)));
setPropertyValue(ASN1UTF8String.getInstance(sequence.getObjectAt(1)));
// optional value which is a placeholder for now
if (sequence.size() > IDENTIFIER_NUMBER

28
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/PciIds.java
View File

@ -8,7 +8,7 @@ import hirs.attestationca.persist.entity.userdefined.certificate.attributes.Comp
import hirs.attestationca.persist.entity.userdefined.certificate.attributes.V2.ComponentIdentifierV2;
import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.ASN1UTF8String;
import java.io.File;
import java.io.FileInputStream;
@ -126,8 +126,8 @@ public final class PciIds {
final String compClassValue = component.getComponentClass().getCategory();
if (compClassValue.equals(COMPCLASS_TCG_CAT_NIC)
|| compClassValue.equals(COMPCLASS_TCG_CAT_GFX)) {
DERUTF8String manufacturer = translateVendor(component.getComponentManufacturer());
DERUTF8String model = translateDevice(component.getComponentManufacturer(),
ASN1UTF8String manufacturer = translateVendor(component.getComponentManufacturer());
ASN1UTF8String model = translateDevice(component.getComponentManufacturer(),
component.getComponentModel());
newComponent = new ComponentIdentifierV2(component.getComponentClass(),
@ -153,12 +153,12 @@ public final class PciIds {
* @param refManufacturer DERUTF8String, likely from a ComponentIdentifier
* @return DERUTF8String with the discovered vendor name, or the original manufacturer value.
*/
public static DERUTF8String translateVendor(final DERUTF8String refManufacturer) {
DERUTF8String manufacturer = refManufacturer;
public static ASN1UTF8String translateVendor(final ASN1UTF8String refManufacturer) {
ASN1UTF8String manufacturer = refManufacturer;
if (manufacturer != null && manufacturer.getString().trim().matches("^[0-9A-Fa-f]{4}$")) {
Vendor ven = DB.findVendor(manufacturer.getString().toLowerCase());
if (ven != null && !Strings.isNullOrEmpty(ven.getName())) {
manufacturer = new DERUTF8String(ven.getName());
manufacturer = ASN1UTF8String.getInstance(ven.getName());
}
}
return manufacturer;
@ -168,14 +168,14 @@ public final class PciIds {
* Look up the device name from the PCI IDs list, if the input strings contain IDs.
* The Device lookup requires the Vendor ID AND the Device ID to be valid values.
* If any part of this fails, return the original model value.
* @param refManufacturer DERUTF8String, likely from a ComponentIdentifier
* @param refModel DERUTF8String, likely from a ComponentIdentifier
* @return DERUTF8String with the discovered device name, or the original model value.
* @param refManufacturer ASN1UTF8String, likely from a ComponentIdentifier
* @param refModel ASN1UTF8String, likely from a ComponentIdentifier
* @return ASN1UTF8String with the discovered device name, or the original model value.
*/
public static DERUTF8String translateDevice(final DERUTF8String refManufacturer,
final DERUTF8String refModel) {
DERUTF8String manufacturer = refManufacturer;
DERUTF8String model = refModel;
public static ASN1UTF8String translateDevice(final ASN1UTF8String refManufacturer,
final ASN1UTF8String refModel) {
ASN1UTF8String manufacturer = refManufacturer;
ASN1UTF8String model = refModel;
if (manufacturer != null
&& model != null
&& manufacturer.getString().trim().matches("^[0-9A-Fa-f]{4}$")
@ -183,7 +183,7 @@ public final class PciIds {
Device dev = DB.findDevice(manufacturer.getString().toLowerCase(),
model.getString().toLowerCase());
if (dev != null && !Strings.isNullOrEmpty(dev.getName())) {
model = new DERUTF8String(dev.getName());
model = ASN1UTF8String.getInstance(dev.getName());
}
}
return model;

22
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
View File

@ -18,7 +18,7 @@ import lombok.extern.log4j.Log4j2;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.util.Strings;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.ASN1UTF8String;
import java.io.IOException;
import java.math.BigInteger;
@ -725,19 +725,19 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
final List<ComponentIdentifier> pcComponents = new ArrayList<>();
for (ComponentIdentifier component : untrimmedPcComponents) {
if (component.getComponentManufacturer() != null) {
component.setComponentManufacturer(new DERUTF8String(
component.setComponentManufacturer(ASN1UTF8String.getInstance(
component.getComponentManufacturer().getString().trim()));
}
if (component.getComponentModel() != null) {
component.setComponentModel(new DERUTF8String(
component.setComponentModel(ASN1UTF8String.getInstance(
component.getComponentModel().getString().trim()));
}
if (component.getComponentSerial() != null) {
component.setComponentSerial(new DERUTF8String(
component.setComponentSerial(ASN1UTF8String.getInstance(
component.getComponentSerial().getString().trim()));
}
if (component.getComponentRevision() != null) {
component.setComponentRevision(new DERUTF8String(
component.setComponentRevision(ASN1UTF8String.getInstance(
component.getComponentRevision().getString().trim()));
}
pcComponents.add(component);
@ -747,13 +747,13 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
pcComponents.forEach(component -> log.info(component.toString()));
log.info("...against the the following DeviceInfoReport components:");
allDeviceInfoComponents.forEach(component -> log.info(component.toString()));
Set<DERUTF8String> manufacturerSet = new HashSet<>();
Set<ASN1UTF8String> manufacturerSet = new HashSet<>();
pcComponents.forEach(pcComp -> manufacturerSet.add(pcComp.getComponentManufacturer()));
// Create a list for unmatched components across all manufacturers to display at the end.
List<ComponentIdentifier> pcUnmatchedComponents = new ArrayList<>();
for (DERUTF8String derUtf8Manufacturer : manufacturerSet) {
for (ASN1UTF8String derUtf8Manufacturer : manufacturerSet) {
List<ComponentIdentifier> pcComponentsFromManufacturer
= pcComponents.stream().filter(compIdentifier
-> compIdentifier.getComponentManufacturer().equals(derUtf8Manufacturer))
@ -949,7 +949,7 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
private static boolean isMatchOrEmptyInPlatformCert(
final String evidenceFromDevice,
final DERUTF8String valueInPlatformCert) {
final ASN1UTF8String valueInPlatformCert) {
if (valueInPlatformCert == null || StringUtils.isEmpty(valueInPlatformCert.getString())) {
return true;
}
@ -957,8 +957,8 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
}
private static boolean isMatchOrEmptyInPlatformCert(
final DERUTF8String evidenceFromDevice,
final DERUTF8String valueInPlatformCert) {
final ASN1UTF8String evidenceFromDevice,
final ASN1UTF8String valueInPlatformCert) {
return evidenceFromDevice.equals(valueInPlatformCert);
}
@ -1114,7 +1114,7 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
* @return true if fieldValue is null or empty; false otherwise
*/
private static boolean hasEmptyValueForRequiredField(final String description,
final DERUTF8String fieldValue) {
final ASN1UTF8String fieldValue) {
if (fieldValue == null || StringUtils.isEmpty(fieldValue.getString().trim())) {
log.error("Required field was empty or null in Platform Credential: "
+ description);