Commit Graph

242 Commits

Author SHA1 Message Date
iadgovuser26
f8e549a458
Merge pull request #399 from nsacyber/certificate-bulk-download
Bulk Certificate Download
2021-12-02 11:04:40 -05:00
chubtub
d183504a3f Merge branch 'master' into issue-381 2021-11-10 10:08:42 -05:00
Cyrus
0934b3106f
Merge pull request #420 from nsacyber/base-rim-link-fix
RimLinkHash Fix
2021-11-10 10:06:11 -05:00
Cyrus
70d92c4b38
Merge pull request #417 from nsacyber/issue-404
[#404] PXE Policy options
2021-11-10 10:05:52 -05:00
Cyrus
04b050de15 The rimlinkhash meta information wasn't linking up with the associated swidtag. This is because the wrong hash look up was being used. Previously when the hexDecHash and base64Hash were implemented, the main focus was on the rimel and not the swidtag. 2021-11-10 09:50:17 -05:00
Cyrus
2d9fb19d38 Updated the new polices after doing a bit of testing to make sure that they do ignore when there is a failure on that specific bit. 2021-11-10 07:27:33 -05:00
chubtub
0c233ae771 Set signature validity so that the ACA can report accurately 2021-11-08 14:51:38 -05:00
chubtub
3a6be133eb Checkstyle changes 2021-11-08 14:51:38 -05:00
chubtub
962ca45bb7 Modify ACA RIM validation to search for a signing cert if the base RIM does not have an embedded cert. Validate the ca chain of the found signing cert. 2021-11-08 14:46:04 -05:00
Cyrus
bd5d905990 Updated the code to include bulk downloads for issued, eks. 2021-11-04 15:55:55 -04:00
Cyrus
2b7b4bfdd1 Updated the labeling for the Trust chain and platform certificates. The import label is removed and the download icon moved next to the import button. Added the same functionality to the RIMs. 2021-10-29 15:42:57 -04:00
Cyrus
aae6845730 Initial Commit. This adds the visual object to the policy page. 2021-10-29 14:55:23 -04:00
Cyrus
b0835d1cf5 Changed the compare to the hash value for the file instead of the filename. 2021-10-27 08:58:51 -04:00
Cyrus
bb6ec6cc4b The rim hash validation icon is coming up red when both base and support RIMs are loaded. This fixes that issue. 2021-10-26 11:09:36 -04:00
chubtub
0b4febf53b WIP: frontend hangs while getting records from backend 2021-10-20 14:57:52 -04:00
Cyrus
8f2290300e The wrong hash was use for the look up 2021-10-18 09:53:59 -04:00
Cyrus
9492c680da There was an checkstyles error that needed to be corrected. 2021-10-12 08:41:45 -04:00
Cyrus
ee7befca81 This initial commit adds the ability to download all platform credentials and trust chain credentials from their respective pages in a bulk zip. 2021-10-08 16:35:40 -04:00
chubtub
324865b434 Merge branch 'master' into issue-395 2021-10-06 15:01:02 -04:00
chubtub
84a2ff723c Controller class for returning TPM Event data to jsp 2021-10-06 15:00:23 -04:00
chubtub
386d467016 Front end changes for new TPM Events page 2021-10-05 14:56:27 -04:00
Cyrus
e51f01d52e Changed DevID to LDevID on the policy page and removed the Attestation reference for LDevID 2021-10-04 10:37:02 -04:00
Cyrus
f8a3ccd962 This is an initial commit updates the policy page. Adds additional policies for generating a DevID. The underlying code doesn't actually generate one yet. But the SupplyChainPolicy holds the flags. 2021-09-17 07:55:44 -04:00
iadgovuser26
6a11cb35ce
Delete HIRS_ACA_UsersGuide_1.0.3.pdf
Removed older version of the users guide.
2021-08-26 11:31:14 -04:00
iadgovuser26
3e4a09753f
Add files via upload
Added TCG Rim Tool Users Guide and TCG Event Log Users Guide.
2021-08-26 11:28:29 -04:00
iadgovuser29
71cea63842 An old servlet on the classpath caused errors for portal building and testing. 2021-08-17 09:27:06 -04:00
Cyrus
cac913af11 Updated the component class to no longer use ints but instead use only Strings 2021-07-01 12:49:35 -04:00
Cyrus
5c448057d4
Merge branch 'master' into fm-validation-pass-link 2021-06-28 12:15:47 -04:00
Cyrus
bdbe9332bc Resolved the merge conflicts. 2021-06-28 12:04:54 -04:00
Cyrus
b6f4c294d1 Some finaly changes to the failed event display 2021-06-28 10:30:45 -04:00
Cyrus
8a9e5059d8 Minor visual updates to the event log failure page 2021-06-25 13:00:20 -04:00
chubtub
93f212a193 Modify ReferenceManifestDetailsPageController class to include cert path check in reporting RIM signature validity. 2021-06-25 11:40:08 -04:00
Cyrus
94930e981a Finished updating the title for the new page 2021-06-21 15:51:31 -04:00
Cyrus
b06025a71f Updated the Event Log Measurements class to use a hash for lookup 2021-06-17 12:52:28 -04:00
Cyrus
c523dda558 Some additional minor changes that are to address the event log being the object that is linked when the firmware validation passes. 2021-06-15 09:15:55 -04:00
Cyrus
1ec644eccc Added an additional catch statement to the parsing of Certificates that are PEM in case of a DecoderException for Base64.decode method. Instead of going to a blank page with the error, the ACA catches the exception and states on the page in which the file was uploaded to. 2021-06-10 11:19:38 -04:00
Cyrus
9c060dec55 Updated event log measurements to pass in the overall result status. However display isn't printing out correctly. 2021-06-09 11:07:11 -04:00
Cyrus
218002a3c2 Merge remote-tracking branch 'origin/digest-implement-final' into fm-validation-pass-link 2021-06-08 22:19:52 -04:00
Cyrus
8a258f2b76 Updated some text associated with the rimType 2021-05-28 08:48:40 -04:00
Cyrus
0e8e88b536 This commit has updated changes that save both a base64 and a hex dec value of the RIM file hash to the database. Depending on what is needed, they are used to pull either the base or support RIM. Also fixed the link for the rimlinkhash on the details page. 2021-05-27 13:46:43 -04:00
lareine
93b65edae4 added new version of the HIRS ACA Users Guide 2021-05-24 15:55:56 -04:00
Cyrus
efa2cada2d Updated the Rel Link References for the swid tag details pages. The previous set up didn't discern between a tag id and an actual url. 2021-05-21 06:40:06 -04:00
Cyrus
5162f7b187 Updated the details page for RIMs to check if the rim hash link entry exists, if not don't display valid check. 2021-05-21 05:56:21 -04:00
chubtub
59dff64af4 Support for -j|--json option to output validation report data in JSON format. Add shorthand options for script parameters and update help menu. 2021-05-20 12:06:20 -04:00
Cyrus
65d596a756 Some additional updates that included deviceNames as a means to pull RIM information. In addition updated the display of the failures, adding filters for like events from the baseline. 2021-05-20 06:26:07 -04:00
Cyrus
ddc36d81f4 This set of code changes deals with the displaying of failed digests values from the validation process. The way there were displayed before was going to be unsustainable because event numbers will never match up. There for a direct compare to a failed event would never be accurate. 2021-05-17 12:44:03 -04:00
chubtub
da7e1de7f3 Support -m|--manufacturer and -s|--serial filter options from commandline in controller class. 2021-05-11 13:06:37 -04:00
Cyrus
3b33bd60b8 The main change in this commit adjusts how the base and support rim are pulled for validation in the environment with multiple Base and Support RIMs per device/manufacturer/model. 2021-05-11 09:44:10 -04:00
Cyrus
1b06d956b4 Updated how the swidtags and support files are updated when imported. 2021-05-07 10:57:19 -04:00
Cyrus
5acc393541 This commit adds several changes that updates how the RIM files are accessed and made accessible from the DB as well as what is shown visually when there is a validation failure and the measurement log is shown. 2021-05-06 08:43:26 -04:00
chubtub
12d03ea2ea Support --system-only and --component-only options from commandline in controller class. 2021-05-05 12:54:43 -04:00
Cyrus
1d33054577
Merge pull request #350 from nsacyber/ignore-gpt-events
[#349] Ignore GPT PCR
2021-05-04 10:14:53 -04:00
Cyrus
5a040483da Fixed a checkstyle issue 2021-04-14 15:35:22 -04:00
Cyrus
85d8f0342e Fixed up the PMD issue 2021-04-14 14:52:45 -04:00
Cyrus
b52b8101a6 The new policy setting is supposed to be default on. 2021-04-14 14:23:43 -04:00
Cyrus
523bae8f9d This set of code adds an additional policy to the page for the GPT PCR. Details for the change can be found in issue #349. 2021-04-14 13:55:52 -04:00
Cyrus
d80e6d309b Updated how the error checking for the digest failure is handled for the details page. 2021-04-14 11:17:10 -04:00
Cyrus
5a82e48b61 Merge branch 'master' into event-digest-update 2021-04-13 08:50:42 -04:00
Cyrus
e70e019c6b This commit has some changes to how patch and supplemental are handled. It adds some flags to the Record and Value objects to note that data has been processed so that multiple entries aren't created. 2021-04-13 07:45:52 -04:00
Cyrus
760f246096
Merge pull request #342 from nsacyber/rim_digest_store
[#341] RIM Event Digest Store
2021-04-13 07:45:17 -04:00
Cyrus
c46aa2b48b
Merge pull request #348 from nsacyber/certificate-failure-fidelity
Certificate Failure Fidelity
2021-04-09 14:15:43 -04:00
Cyrus
6d435f9783 This commit adds some changes to the details page for RIMs so that the patch or supplemental RIM doesn't display "file not found" for the expected pcr values section 2021-04-09 12:27:55 -04:00
Cyrus
ea5b85b703 Updated the code to now display the var swidtag and rimel. However there are issues with the examples. This commit has fixes for how the pcr values are pulled for display on the base RIM page. 2021-04-02 06:34:47 -04:00
Cyrus
48c934d35f
Merge pull request #347 from nsacyber/serial-number-display-fix
Serial Number Display Fix
2021-04-02 06:10:53 -04:00
chubtub
8727a9b210
Merge pull request #339 from nsacyber/issue-336
[#336] Script to download ACAPortal validation reports
2021-03-30 09:49:03 -04:00
Cyrus
44632e8e04 Updated the code for authority serial number and serial number for the general info for any certificate to no longer use the getLong method of the Big Integer object. This truncated the value. Instead, the new code uses the Hex.toHexString method from bouncy castle. 2021-03-30 08:06:26 -04:00
Cyrus
4911742c7a This is a checkout of some changes to the resource management for swid tags so that the file name listed is associated with the stored support RIMS. 2021-03-30 06:35:14 -04:00
Cyrus
f2308f2955 Updated the isIssuer and the containsAll to allow the reason for the platform certificate failure isn't that the issuer is missing but that the issuer available fails the public key on the details page for certificates 2021-03-26 10:32:19 -04:00
Cyrus
a6c6fbfb31 Made some changes for using just the RIM Hash to pull support rims from the database to associated with the swid tag. Changed the rim hash from and int to a string. 2021-03-25 13:28:31 -04:00
Cyrus
2110b7e94d Merge branch 'rim_digest_store' into event-digest-update 2021-03-23 11:31:42 -04:00
Cyrus
108748fb2a Undid some code and change the Digest Value class into a table in the database. This code then updates those values when a provision is initiated. At this time, that is all it does. 2021-03-19 11:01:25 -04:00
Cyrus
6e8086c59e This is a change to the details page handler for the RIM files. The rimel files that are uploaded by themselves are not updated with manufacturer or model information, and the controllers are referencing that information when looking up database information. This causes a null exception and a funky output on the screen. This commit fixes this issue. 2021-03-17 10:39:39 -04:00
Cyrus
53cb300063 This is an initial commit with changes that add new classes for digest reference matching. 2021-03-17 10:23:08 -04:00
chubtub
175d2238d2 Add ACA address as option 3rd commandline parameter. Handle case where no reports are available or selected for download. 2021-03-16 11:09:58 -04:00
chubtub
7064c00c0b Detect component failures in delta certs for validation reports 2021-03-16 10:18:06 -04:00
chubtub
3d13b8b72f Add column in csv file for platform cert issuer for each component identifier 2021-03-16 09:16:45 -04:00
chubtub
c0a056b987 Script to download the validation report(s) from the ACAPortal from the command line. 2021-03-11 11:51:26 -05:00
chubtub
a380db58fa
Merge pull request #328 from nsacyber/issue-281
Validation report file
2021-03-11 10:56:00 -05:00
Cyrus
c66f4f7648
Merge pull request #334 from nsacyber/Unmatched-component-refactor
Unmatched component refactor
2021-03-09 13:07:16 -05:00
Cyrus
28f0fdb3e1
Merge pull request #309 from nsacyber/aic-policy-rule
[#169] AIC policy rule
2021-03-09 10:52:01 -05:00
Cyrus
763dcbd975 These are changes that were made in the system-tests-test that resolved the issues in the first TPM 2.0 system tests on travis. 2021-03-04 08:01:18 -05:00
Cyrus
6e470e2b04 Updated the wording for the policy setting page. 2021-02-23 13:27:43 -05:00
Cyrus
a5184f5a5b Final changes that adds in the additional setting for the renewal period threshold. This value indicates that if the end validity has been reached for the current issued attestation certificate, then don't generate one. However if we are within the number of days set by the threshold, then generate the certificate before it expires. The default is 1 year from the end validity. 2021-02-23 10:17:56 -05:00
Cyrus
9c3dfe16b1 Modified the policy page controller by adding a new method to work on a form request from the policy page for enabling the generate issued attestation certificate based on a time frame rather than never or on each provision. 2021-02-16 10:30:21 -05:00
Cyrus
a41d1484e1 Updated the printing of the event number for the failed events. This is to match them with the event number on the support rim page. Support rim page starts at 1 but the method used on the failure page starts at 0. Also while investigating this issue, I noted that the coloring of the failure event disappears after the first viewing of that page. This was fixed. The conditions to check for an error were being ignored after the first load. 2021-02-12 09:01:35 -05:00
Cyrus
dcf0ec8101 Merge branch 'master' into aic-policy-rule 2021-02-11 14:13:28 -05:00
chubtub
847bad5201 Update verification date 2021-02-10 09:54:06 -05:00
chubtub
95bf9d9317 Updated SN, component data, and CSV output format. 2021-02-09 09:39:46 -05:00
chubtub
177e307a17 Add input formatting and validation to client and server side. Close dialog box on submission. 2021-02-09 09:39:43 -05:00
chubtub
4acfbf3026 Single download link for the entire page. Added date range begin and end fields. Pass timestamp to controller to filter reports. Format file in CSV. 2021-02-09 09:39:42 -05:00
chubtub
3cd9e06f97 Add user input fields to modal dialog. Handle user input, collect device report data, and write to local file. 2021-02-09 09:39:42 -05:00
chubtub
bb6cbfe871 Front end change: display modal dialog for user input on download link click. 2021-02-09 09:39:42 -05:00
chubtub
18ec7d4a5b Controller changes: Pull platform credential for device and parse info 2021-02-09 09:39:42 -05:00
chubtub
a4d639925e Frontend changes: download link to validation report 2021-02-09 09:39:42 -05:00
Cyrus
5e4dc8ce82 Merge branch 'master' into Unmatched-component-refactor 2021-02-08 15:23:21 -05:00
Cyrus
4999c96685 Updated code to correct situations that were not linking up with properly for delta and platform certificate component validation. 2021-02-05 16:10:15 -05:00
Cyrus
677716fa08 Merge branch 'master' into Unmatched-component-refactor 2021-02-04 08:51:31 -05:00
Cyrus
2d9bbe1bd7 initial commit 2021-02-01 11:24:20 -05:00
Cyrus
fa6b64d38a Removed unused statement 2021-01-08 07:20:18 -05:00
Cyrus
e0ae088401 Remove error statement 2021-01-08 07:07:16 -05:00