5fe19c5904
Updated the code to compare the composite hash and the calculated value.
2020-08-28 07:14:27 -04:00
0ab91b9b41
All bugs are fixed. The SupplyChainValidationSummary wasn't getting pulled from the DB.
2020-08-27 12:11:12 -04:00
0f3eb1b5d0
Took out initalizing TPMMeasurementRecord in PCRPolicy's constructor. This was likely throwing the DecoderException which caused the 404 error in the ACA.
2020-08-26 11:13:00 -04:00
905f12052d
This is the next stage of changes that doesn't cause a 404 error. This has a compile error because the PCRPolicy class references PCRComposite and PCRInfoShort. Both of the later classes had changes to add new constructors, and these new constructors are the source of the problem.
2020-08-26 07:54:39 -04:00
ee294e4562
SupplyCahinValidationService did not like the additions of a method returning a SupplyChainValidation, switched to Summary and it worked. This was the cause of the DB crashing.
2020-08-25 11:36:37 -04:00
025ebc8908
Merge pull request #297 from nsacyber/issue-295
...
[#295 ] Move supportRIMFormat from Meta to Payload
2020-08-20 16:02:58 -04:00
8a175b18f7
Move supportRIMFormat from Meta to Payload
2020-08-18 12:19:16 -04:00
e5ca8102a8
Update README.md
2020-08-12 12:03:02 +00:00
89ee62bdc9
Merge pull request #296 from nsacyber/issue-295
...
[#295 ] Clean up base RIM attributes
2020-08-06 17:58:21 -04:00
52cb0ede34
Fix errors with firmware attributes. Move attributes under appropriate elements.
2020-08-06 17:38:54 -04:00
14ab269fb6
Merge pull request #294 from nsacyber/issue-293
...
[#293 ] Fix broken unit tests
2020-08-06 09:24:16 -04:00
fbfda29d85
Modify travis to run test and build tcg_rim_tool
2020-08-04 15:12:27 -04:00
33c20e8c70
Fix classpath error causing broken unit tests
2020-08-04 13:25:50 -04:00
df6a864c2d
Merge pull request #284 from nsacyber/issue-273
...
[#273 ] Validate base RIM with external cert
2020-08-03 10:43:17 -04:00
3353ec5f47
Merge pull request #289 from nsacyber/aca-test-validation
...
[#282 ] ACA Firmware Validation 500 External error resolution
2020-07-29 14:37:28 -04:00
48f4f9a654
This could was not tested against a tpm 1.2 environment. The branch was failing on Travis because there was a timeout request from the provision to the aca, however no error from the aca could be shown. However the problem is occurring when the tpm 1.2 provision is attempting to save an issued attestation certificate. This part of the code touches the code changes for the 2.0 updates. The variable pcrValues is null when the 1.2 process is called and therefore when Files.write method is called, the pcrValues.getBytes call is throwing a null pointer exception. This code checks for that condition before operating over the code.
2020-07-29 13:54:41 -04:00
9fb983c828
Changed the method name for the pcr list command
2020-07-29 12:31:34 -04:00
6ae95da3a0
Merge branch 'master' into aca-test-validation
2020-07-29 09:47:41 -04:00
32fcecd48a
Merge pull request #291 from nsacyber/logfile-enhancement-cleanup
...
[#290 ] RIM Upload modification
2020-07-29 09:46:45 -04:00
2b2e7c744b
Updated the messaging for an invalid swid tag file and added .log as another type of tmp log file to extension to accept.
2020-07-29 09:27:15 -04:00
29789e2fbe
Updated Reference Manifest Page Controller so that the files being uploaded are properly handled. Swid tag files that ended with 'new' were being saved as if they were tpm log files. Updated how the code detects the type of file so that bin/rim/rimel are tested for and saved while anything else is processed as a swid tag.
2020-07-28 11:53:47 -04:00
c46b416504
Removed logging statement.
2020-07-27 14:10:22 -04:00
2e4ecb6829
Updated code for the device pcrs. The provisioner now sends everything associated with the tpm_pcrlist. The ACA stores the full list in a flat file then pulls that file when validating the firmware policy is enabled.
2020-07-27 13:58:22 -04:00
9a4f6aa829
Merge pull request #288 from nsacyber/issue-287
...
[#287 ] removed unmappable characters from comment lines
2020-07-27 08:40:32 -04:00
782dfa3f16
Updated for information about buildinng and runnning on windows 10.
2020-07-24 09:46:27 -04:00
17f4ce71bb
Merge pull request #286 from nsacyber/issue-283
...
[#283 ] added a gradlew.bat for bulding the tcg_event_log on windows
2020-07-24 09:05:24 -04:00
e694242230
Update README.md
...
path fix in README.md
2020-07-23 16:38:24 -04:00
0e1413dd3c
removed unmappable characters from comment lines
2020-07-23 15:54:57 -04:00
c70a11854b
added a gradlew.bat for bulding the tcg_event_log on windows
2020-07-23 10:59:46 -04:00
dc25c983c1
Print AIA extension from validation cert
2020-07-23 10:06:49 -04:00
6e36eee1ab
Add -p option under -v to validate a self-signed base RIM with an external cert
2020-07-21 14:50:07 -04:00
a0a2222554
Fix broken unit test from moving validation code to new class
2020-07-21 14:33:32 -04:00
586d109e7f
Move validation code to new class
2020-07-21 14:32:36 -04:00
3e9d26f598
This code changes how the ACA handles a pcr list provided by the provisioner. The provisioner also is changed to send all supported algorithms and no longer delimits them with a + sign. The ACA is now set up to cycle through the entire list until is matches the baseline found in the rim associated log file. Currently the code is having issues saving the larger list of pcr values. It is too big for the database.
2020-07-17 12:44:31 -04:00
d10e7f1ebd
Merge pull request #279 from nsacyber/issue-278
...
Set initialized values for PCRs 17-23
2020-07-07 12:25:38 -04:00
ba0597c344
Merge pull request #276 from nsacyber/issue-275
...
[#275 ] Modify Payload filepath
2020-07-07 10:34:55 -04:00
86dfc89dbd
[ #274 ] Swid Resource Not Found ( #277 )
...
* Updated RIM Details page to display File Not Found when the associated event log has not been uploaded with the swid tag.
2020-07-07 09:57:24 -04:00
00f2f33fd0
set initialized values for PCRs 17-23
2020-07-06 12:21:11 -04:00
5b43e41292
Updated firmware validation method to not check for AIC if there is no RIM.
2020-07-02 12:13:10 -04:00
c7f796d1a3
Updated status error checking for validating firmware.
2020-06-26 09:47:04 -04:00
dbbcca8718
Updated error text for file not found and column header for RIM payloads.
2020-06-26 08:33:38 -04:00
e763461e46
Updated RIM Details page to display File Not Found when the associated event log has not been uploaded with the swid tag.
2020-06-25 08:47:51 -04:00
2b6a947986
Directory and File names are read from json, File size and hash are calculated from given -l <filepath>
2020-06-25 08:26:41 -04:00
7045fc9978
Passing -l <filepath> to -v will verify the payload hash with <filepath> instead of the <File name=filepath>
2020-06-25 07:58:37 -04:00
62edecd929
Added link for tgc_rim_tool READ.md
2020-06-24 07:01:41 -04:00
1f860b5682
Updated with rim command line reference.
2020-06-24 07:00:29 -04:00
d41cb46468
[ #260 ] RIM validation report page links ( #264 )
...
* Made some minor tweaks to investigate supply chain validation report bug. The bug doesn't save the summary report for some unknown reason (no error currently appears). This change uses the device object to retrieve a RIM. Still need Attestation Certificate to pull PCRs from quote. A follow up issue will be created to move that functionality to a different object from the provisioner.
2020-06-23 13:24:34 -04:00
6a62002b05
[ #265 ] IMA/TBoot PCR ignore policy ( #271 )
...
* Updated code to include an official policy to ignore IMA and TBoot. The policies will disable if firmware validation is disabled.
2020-06-23 12:48:06 -04:00
1448b35e5e
Merge pull request #269 from nsacyber/issue-268
...
[#268 ] Tcg_rim_tool symlink
2020-06-19 11:31:48 -04:00
db31614694
Added case statement for 2.23.133.2.25 just like for 2.23.133.2.17 so that the error isn't thrown. ( #272 )
2020-06-19 11:11:58 -04:00
