Cyrus
|
a5184f5a5b
|
Final changes that adds in the additional setting for the renewal period threshold. This value indicates that if the end validity has been reached for the current issued attestation certificate, then don't generate one. However if we are within the number of days set by the threshold, then generate the certificate before it expires. The default is 1 year from the end validity.
|
2021-02-23 10:17:56 -05:00 |
|
Cyrus
|
dcf0ec8101
|
Merge branch 'master' into aic-policy-rule
|
2021-02-11 14:13:28 -05:00 |
|
chubtub
|
88015df551
|
Checkstyle: unused import
|
2021-01-14 13:19:17 -05:00 |
|
Cyrus
|
859fdbef83
|
Added a null check for the platformCredentials in the issued certificate attribute helper so that NPEs aren't thrown.
|
2021-01-14 12:48:53 -05:00 |
|
Cyrus
|
164a43f056
|
These are unit tests that were not run on the merge request #327 for issue 308. The unit tests uses certificate (EC and 2 CAs) that don't match for SKI to AKI or issuer string fields. The O= field isn't required and the code in #327 was changed to use SKI first then a sorted RDN list. See #327. A note was left in the unit tests that the test certs need to be updated.`
|
2021-01-14 12:41:29 -05:00 |
|
Cyrus
|
85254d9c44
|
Removed null assignment that isn't used
|
2021-01-05 08:14:18 -05:00 |
|
Cyrus
|
6dd948c828
|
Added a null check for the endorsement credential for the tpm 1.2
|
2020-12-18 06:58:18 -05:00 |
|
Cyrus
|
a7eae2fd77
|
Test out an potential exception
|
2020-12-17 13:09:03 -05:00 |
|
Cyrus
|
62c7ca2d90
|
This PR is to address issue #308. The ACA was pulling Issuer Certificates using the organization RDN of the subject string and getting this from the issuer string of the EC or PC. This presents a problem because it isn't a required field. The organization field cannot be null or empty. Pulling objects from a DB using null or empty would produce bad results. The main change of this issue (which has not been full tested) is pulling using the AKI for the db lookup. If this fails, instead of falling back on potentially left out fields like the O= RDN, the ACA takes the issuer/subject fields, breaks them apart and sorts them based on the key. It also changes the case. This way the lookup can be assured to match in case of some random situation in which the issuer or subject field don't match because RDN keys are just in different positions of the string.
|
2020-12-11 14:47:46 -05:00 |
|
Cyrus
|
209024c12a
|
Cleaned up some comments and code.
|
2020-12-07 09:47:54 -05:00 |
|
Cyrus
|
a3de35ed27
|
The issue with the tpm 1.2 system test failing had to do with the string to integer conversion using getInteger instead of parseInt.
|
2020-12-07 07:44:48 -05:00 |
|
Cyrus
|
11f238f671
|
Testing system tests
|
2020-12-04 08:36:42 -05:00 |
|
Cyrus
|
e64c6cf772
|
Merge branch 'master' into aic-policy-rule
|
2020-12-03 13:34:29 -05:00 |
|
Cyrus
|
a07fbbd847
|
In a previous pull request, the reference manifest manager was not called to update the unarchived base rim. So it appears to never have been uploaded.
|
2020-12-02 11:46:42 -05:00 |
|
Cyrus
|
7d49f63a9b
|
Merge branch 'master' into multiple-rim-upload
|
2020-12-02 11:05:12 -05:00 |
|
Cyrus
|
70662bddec
|
Updated how the bios measurement file is uploaded. Changed the code to pull the string from the properties file instead of a hard link in the code.
|
2020-12-01 11:13:41 -05:00 |
|
Cyrus
|
9534d6650f
|
Merge branch 'master' into platform_cert_missing_fix
|
2020-12-01 09:47:45 -05:00 |
|
Cyrus
|
6eefb393a3
|
Updated the code to pull all the files from a swid tag file directory and a rim log file directory, instead of a single file.
|
2020-11-30 14:16:57 -05:00 |
|
Cyrus
|
857f1eb0ff
|
There was a pull for an object that would be null without any RIMs uploaded.
|
2020-11-30 10:11:25 -05:00 |
|
Cyrus
|
749a3a2317
|
When the provisioner sends the rim swidtag and the rimel and they already exists in the db but are archived, they don't unarchive them so they never show up on the RIM page. This change fixes that.
|
2020-11-25 10:06:56 -05:00 |
|
Cyrus
|
2b41720ded
|
Merge branch 'master' into update-component-failure-highlight
|
2020-11-17 15:24:27 -05:00 |
|
Cyrus
|
ea03737234
|
Testing travis
|
2020-11-16 14:49:53 -05:00 |
|
Cyrus
|
4291059142
|
Updated the break line option for failed string during firmware validation.
|
2020-11-16 12:39:57 -05:00 |
|
Cyrus
|
3a3919d9bc
|
Added null checks for the SupplyChainPolicy object
|
2020-11-13 08:41:33 -05:00 |
|
Cyrus
|
6eeb630a75
|
This PR addresses the bugs identified in #314. Due to previous changes to the RIM upload process, the suppor RIM was not being updated properly when manually uploaded.
Closes #314
|
2020-11-12 13:45:38 -05:00 |
|
Cyrus
|
67b70a386d
|
Added method to combine the manufacturer and the model as an identifier for the component.
|
2020-11-10 10:04:46 -05:00 |
|
Cyrus
|
e8f5107137
|
Updating code to use a different format for identifying failed components.
|
2020-11-09 13:59:19 -05:00 |
|
Cyrus
|
967d9a0030
|
Merge branch 'master' into aic-policy-rule
|
2020-11-09 07:24:33 -05:00 |
|
Cyrus
|
9aa2c6a46d
|
Merge branch 'master' into client-display-log-mismatch
|
2020-11-06 09:17:38 -05:00 |
|
Cyrus
|
ed7dea3706
|
Merge branch 'master' into aic-policy-rule
|
2020-11-06 06:42:44 -05:00 |
|
chubtub
|
623da2ce80
|
Overload RIM validator class for faster signature checking
|
2020-11-05 14:13:50 -05:00 |
|
Cyrus
|
c7ffb1c57d
|
Merge branch 'master' into client-display-log-mismatch
|
2020-11-05 12:39:35 -05:00 |
|
chubtub
|
d096aebe12
|
Add support RIM and signature validation checks to SupplyChainValidationServiceImpl class
|
2020-11-05 11:27:41 -05:00 |
|
Cyrus
|
e1c3a1fc0f
|
Initial Commit
|
2020-10-29 08:58:37 -04:00 |
|
Cyrus
|
24e460e0c4
|
This is a refactore that changes BiosMeasurements into EventLogMeasurements for evolving naming convention updates.
|
2020-10-26 11:09:26 -04:00 |
|
Cyrus
|
d7ade70b5c
|
This branch takes the validated status of a failed event log matching from the bios measurements on the client and displays what failed on the support RIM page and the fail validation icon, if log mismatch, links to a bios measurments page that displays the events that didn't match next to baseline.
|
2020-10-22 13:32:30 -04:00 |
|
Cyrus
|
3df6eff549
|
Removed debug code
|
2020-10-19 13:20:27 -04:00 |
|
Cyrus
|
96970142cb
|
This commit includes a completed rewrite of the ReferenceManifestSelector framework. Like the previous rewrite, it was easier and made more sense to create addition classes ands that are specific to a type of RIM (base, support, measurement) for referencing in the DB. Once this was rewritten the code was modified to validate the measurement against the support rim.
|
2020-10-19 13:06:44 -04:00 |
|
Cyrus
|
2c97666bb9
|
This commit adds code to pull the bios measurements file to the ACA
|
2020-10-13 13:51:14 -04:00 |
|
Cyrus
|
f9b0ce413d
|
This commit adds minor tweaks. The first updates the post install script to overwrite, rather than append, the file names to the tcg boot properties file. The next tweak properly loads the Base and Support RIM from the provisioning process into the DB.
|
2020-10-13 11:42:50 -04:00 |
|
Cyrus
|
4b0bb2df91
|
This commit updates the provisioner to pull the rim and swidtag locations from a properties file that will be created during the post install process. The provisioner then pulls the values and sends them to the ACA. The ACA currently just prints out the content and saves the swidtag.
|
2020-10-09 10:48:17 -04:00 |
|
Cyrus
|
3f57b0ab81
|
This is the initial code set up to pull the log file from the provisioner and send it to the ACA. Task 1 of #238.
|
2020-10-07 09:37:53 -04:00 |
|
Cyrus
|
17728d3019
|
Updated the error message for no associated RIM not found, cleaned up display of the event content and adjusted the column of the digest display.
|
2020-10-06 07:42:15 -04:00 |
|
Cyrus
|
b42dfb577f
|
The manufacturer look up for a RIM was inadequate. This change pulls down all RIMs and searches for the base RIM that matches instead of just pulling down a RIM by Manufacturer.
|
2020-10-05 11:37:38 -04:00 |
|
Cyrus
|
89fbaa0517
|
PCR policy matching wasn't propertly failing because the baseline from the support RIM was not properly populating.
|
2020-10-05 10:44:18 -04:00 |
|
Cyrus
|
653acd270e
|
With the changes to how the ReferenceManifest is represented in the code and the previous firmware validation PR update, this branch wasn't properly updated for quote validation. The code was still pulling information for the baseline from an old source that wouldn't work anymore. Therefore all validations for the quote failed. The update now pulls the baseline information from the support RIM which is now stored in the database.
|
2020-10-01 12:14:29 -04:00 |
|
Cyrus
|
cb4dc0aa7f
|
Corrected checkstyles warning
|
2020-09-30 12:26:46 -04:00 |
|
Cyrus
|
35dcc226a6
|
Updated and fixed the difference in the code from the master branch merge
|
2020-09-30 11:33:28 -04:00 |
|
Cyrus
|
89dd2084c2
|
Merge branch 'master' into rimel-delete-details
|
2020-09-30 10:03:27 -04:00 |
|
Cyrus
|
f4aed453f8
|
Additional visual changes
|
2020-09-30 10:02:33 -04:00 |
|