diff --git a/component-samples/demo/aio/WEB-INF/web.xml b/component-samples/demo/aio/WEB-INF/web.xml
index a775d9a8e..8c0b30b20 100644
--- a/component-samples/demo/aio/WEB-INF/web.xml
+++ b/component-samples/demo/aio/WEB-INF/web.xml
@@ -3,7 +3,7 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
-
+
FdoProtocol
@@ -12,7 +12,7 @@
-
+
FdoProtocol
/fdo/101/msg/10
/fdo/101/msg/12
@@ -29,7 +29,7 @@
/fdo/101/msg/255
-
+
RvInfo
org.fidoalliance.fdo.protocol.api.RestApiServlet
@@ -38,7 +38,7 @@
org.fidoalliance.fdo.protocol.api.RvInfo
-
+
RvInfo
/api/v1/rvinfo
@@ -51,7 +51,7 @@
org.fidoalliance.fdo.protocol.api.To2Blob
-
+
Redirect
/api/v1/owner/redirect
@@ -77,7 +77,7 @@
org.fidoalliance.fdo.protocol.api.To0Starter
-
+
To0Starter
/api/v1/to0/*
@@ -91,7 +91,7 @@
org.fidoalliance.fdo.protocol.api.SviPackage
-
+
SviPackage
/api/v1/owner/svi
@@ -105,7 +105,7 @@
org.fidoalliance.fdo.protocol.api.OwnerVoucher
-
+
OwnerVoucher
/api/v1/owner/vouchers/*
@@ -118,11 +118,11 @@
org.fidoalliance.fdo.protocol.api.Logs
-
+
Logs
/api/v1/logs
-
+
Interop
@@ -132,11 +132,11 @@
org.fidoalliance.fdo.protocol.api.InteropVoucher
-
+
Interop
/api/v1/interop/vouchers/*
-
+
OnDie
org.fidoalliance.fdo.protocol.api.RestApiServlet
@@ -216,6 +216,19 @@
/api/v1/mfg/vouchers/*
+
+ MacAddress
+ org.fidoalliance.fdo.protocol.api.RestApiServlet
+
+ Api-Class
+ org.fidoalliance.fdo.protocol.api.MacAddress
+
+
+
+ MacAddress
+ /api/v1/mfg/macaddress/*
+
+
CertificateApi
org.fidoalliance.fdo.protocol.api.RestApiServlet
@@ -289,7 +302,7 @@
org.fidoalliance.fdo.protocol.api.AllowList
-
+
AllowList
/api/v1/rv/allow
@@ -302,7 +315,7 @@
org.fidoalliance.fdo.protocol.api.DenyList
-
+
DenyList
/api/v1/rv/deny
diff --git a/component-samples/demo/manufacturer/WEB-INF/web.xml b/component-samples/demo/manufacturer/WEB-INF/web.xml
index b618e12ad..1a57591db 100644
--- a/component-samples/demo/manufacturer/WEB-INF/web.xml
+++ b/component-samples/demo/manufacturer/WEB-INF/web.xml
@@ -3,7 +3,7 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
-
+
FdoProtocol
@@ -12,14 +12,14 @@
-
+
FdoProtocol
/fdo/101/msg/10
/fdo/101/msg/12
/fdo/101/msg/255
-
+
RvInfo
org.fidoalliance.fdo.protocol.api.RestApiServlet
@@ -28,7 +28,7 @@
org.fidoalliance.fdo.protocol.api.RvInfo
-
+
RvInfo
/api/v1/rvinfo
@@ -46,7 +46,19 @@
/api/v1/mfg/vouchers/*
-
+
+ MacAddress
+ org.fidoalliance.fdo.protocol.api.RestApiServlet
+
+ Api-Class
+ org.fidoalliance.fdo.protocol.api.MacAddress
+
+
+
+ MacAddress
+ /api/v1/mfg/macaddress/*
+
+
Logs
@@ -56,7 +68,7 @@
org.fidoalliance.fdo.protocol.api.Logs
-
+
Logs
/api/v1/logs
diff --git a/protocol/src/main/java/org/fidoalliance/fdo/protocol/StandardMessageDispatcher.java b/protocol/src/main/java/org/fidoalliance/fdo/protocol/StandardMessageDispatcher.java
index a777bfb31..7ffa086da 100644
--- a/protocol/src/main/java/org/fidoalliance/fdo/protocol/StandardMessageDispatcher.java
+++ b/protocol/src/main/java/org/fidoalliance/fdo/protocol/StandardMessageDispatcher.java
@@ -22,6 +22,7 @@
import java.util.Optional;
import org.apache.commons.codec.binary.Hex;
import org.fidoalliance.fdo.protocol.db.FdoSysModuleExtra;
+import org.fidoalliance.fdo.protocol.db.ManufacturingInfoStorageFunction;
import org.fidoalliance.fdo.protocol.db.OnboardConfigSupplier;
import org.fidoalliance.fdo.protocol.dispatch.CertSignatureFunction;
import org.fidoalliance.fdo.protocol.dispatch.CredReuseFunction;
@@ -373,6 +374,7 @@ protected void doAppStart(DispatchMessage request, DispatchMessage response) thr
ManufacturingInfo mfgInfo = Mapper.INSTANCE.readValue(appStart.getManufacturingInfo(),
ManufacturingInfo.class);
+
SimpleStorage storage = createVoucher(mfgInfo, request.getProtocolVersion());
SessionManager manager = getWorker(SessionManager.class);
@@ -435,6 +437,9 @@ protected void doSetHmac(DispatchMessage request, DispatchMessage response) thro
VoucherStorageFunction storageFunction = getWorker(VoucherStorageFunction.class);
storageFunction.apply(info.getSerialNumber(), voucher);
+ ManufacturingInfoStorageFunction infoStore = new ManufacturingInfoStorageFunction();
+ infoStore.store(info.getSerialNumber(), info.getMacAddresses());
+
//save the voucher
response.setMessage(Mapper.INSTANCE.writeValue(new DiDone()));
manager.expireSession(request.getAuthToken().get());
@@ -611,7 +616,7 @@ protected void doTo0OwnerSign(DispatchMessage request, DispatchMessage response)
if (mfgPubKeyEnc.toInteger() < 0 || mfgPubKeyEnc.toInteger() > 3) {
throw new InvalidMessageException("Invalid Encoding of Mfg Pubkey in OV Header");
}
-
+
//verify to1d
CryptoService cs = getCryptoService();
OwnerPublicKey ownerPublicKey = VoucherUtils.getLastOwner(to0d.getVoucher());
diff --git a/protocol/src/main/java/org/fidoalliance/fdo/protocol/api/MacAddress.java b/protocol/src/main/java/org/fidoalliance/fdo/protocol/api/MacAddress.java
new file mode 100644
index 000000000..b2b7e2db3
--- /dev/null
+++ b/protocol/src/main/java/org/fidoalliance/fdo/protocol/api/MacAddress.java
@@ -0,0 +1,34 @@
+// Copyright 2022 Intel Corporation
+// SPDX-License-Identifier: Apache 2.0
+
+package org.fidoalliance.fdo.protocol.api;
+
+import java.security.cert.Certificate;
+import java.util.Arrays;
+import java.util.List;
+import org.fidoalliance.fdo.protocol.LoggerService;
+import org.fidoalliance.fdo.protocol.dispatch.ManufacturerKeySupplier;
+import org.fidoalliance.fdo.protocol.entity.ManufacturedVoucher;
+import org.fidoalliance.fdo.protocol.message.OwnershipVoucher;
+
+/**
+ * Get API for Manufacturing voucher.
+ */
+public class MacAddress extends RestApi {
+ protected static final LoggerService logger = new LoggerService(MacAddress.class);
+
+
+ @Override
+ public void doGet() throws Exception {
+
+ String path = getLastSegment();
+ logger.info("Manufacturing Voucher SerialNo: " + path);
+
+ ManufacturedVoucher mfgVoucher = getSession().get(ManufacturedVoucher.class, path);
+ if (mfgVoucher == null) {
+ logger.warn("Mfg voucher is null");
+ throw new NotFoundException(path);
+ }
+ getResponse().getOutputStream().write(mfgVoucher.getMacAddresses());
+ }
+}
diff --git a/protocol/src/main/java/org/fidoalliance/fdo/protocol/db/ManufacturingInfoStorageFunction.java b/protocol/src/main/java/org/fidoalliance/fdo/protocol/db/ManufacturingInfoStorageFunction.java
new file mode 100644
index 000000000..af08d27e0
--- /dev/null
+++ b/protocol/src/main/java/org/fidoalliance/fdo/protocol/db/ManufacturingInfoStorageFunction.java
@@ -0,0 +1,47 @@
+// Copyright 2022 Intel Corporation
+// SPDX-License-Identifier: Apache 2.0
+
+package org.fidoalliance.fdo.protocol.db;
+
+import java.io.IOException;
+import java.util.Date;
+import java.util.UUID;
+import org.fidoalliance.fdo.protocol.Mapper;
+import org.fidoalliance.fdo.protocol.api.NotFoundException;
+import org.fidoalliance.fdo.protocol.dispatch.VoucherStorageFunction;
+import org.fidoalliance.fdo.protocol.entity.ManufacturedVoucher;
+import org.fidoalliance.fdo.protocol.message.ManufacturingInfo;
+import org.fidoalliance.fdo.protocol.message.OwnershipVoucher;
+import org.fidoalliance.fdo.protocol.message.OwnershipVoucherHeader;
+import org.hibernate.Session;
+import org.hibernate.Transaction;
+
+/**
+ * Stores TPM EK Certificate into database.
+ */
+public class ManufacturingInfoStorageFunction {
+
+ /**
+ * Stores TPM EK Certificate into database.
+ * @param serialNo Device serial number that is used to retrieve TPM EK Data.
+ * @param macAddresses MAC addresses received from the client.
+ * @throws IOException Throws exception if required mfgVoucher is null.
+ */
+ public void store(String serialNo, byte[] macAddresses) throws IOException {
+ Session session = HibernateUtil.getSessionFactory().openSession();
+ try {
+ ManufacturedVoucher mfgVoucher = session.get(ManufacturedVoucher.class, serialNo);
+ if (mfgVoucher == null) {
+ throw new NotFoundException(serialNo);
+ }
+ Transaction trans = session.beginTransaction();
+ mfgVoucher.setMacAddresses(macAddresses);
+ session.saveOrUpdate(mfgVoucher);
+ trans.commit();
+ } catch (NotFoundException e) {
+ throw new RuntimeException(e);
+ } finally {
+ session.close();
+ }
+ }
+}
diff --git a/protocol/src/main/java/org/fidoalliance/fdo/protocol/entity/ManufacturedVoucher.java b/protocol/src/main/java/org/fidoalliance/fdo/protocol/entity/ManufacturedVoucher.java
index 180c75e65..5a31ed4a7 100644
--- a/protocol/src/main/java/org/fidoalliance/fdo/protocol/entity/ManufacturedVoucher.java
+++ b/protocol/src/main/java/org/fidoalliance/fdo/protocol/entity/ManufacturedVoucher.java
@@ -29,6 +29,11 @@ public class ManufacturedVoucher {
@Temporal(TemporalType.TIMESTAMP)
private Date createdOn;
+ @Lob
+ @Column(name = "macAddresses", length = 65535)
+ private byte[] macAddresses;
+
+
public String getSerialNo() {
return serialNo;
}
@@ -41,6 +46,15 @@ public Date getCreatedOn() {
return createdOn;
}
+ public byte[] getMacAddresses() {
+ return macAddresses;
+ }
+
+ public void setMacAddresses(byte[] macAddresses) {
+ this.macAddresses = macAddresses;
+ }
+
+
public void setSerialNo(String id) {
this.serialNo = id;
}
diff --git a/protocol/src/main/java/org/fidoalliance/fdo/protocol/message/ManufacturingInfo.java b/protocol/src/main/java/org/fidoalliance/fdo/protocol/message/ManufacturingInfo.java
index 98fe20e8d..e56bee97a 100644
--- a/protocol/src/main/java/org/fidoalliance/fdo/protocol/message/ManufacturingInfo.java
+++ b/protocol/src/main/java/org/fidoalliance/fdo/protocol/message/ManufacturingInfo.java
@@ -13,7 +13,7 @@
@JsonPropertyOrder(
{"keyType", "keyEnc", "serialNumber", "deviceInfo", "certInfo",
- "onDieDeviceCertChain", "testSignature", "testSigMaroePrefix"}
+ "macAddresses", "onDieDeviceCertChain", "testSignature", "testSigMaroePrefix"}
)
@JsonSerialize(using = ManufacturingInfoSerializer.class)
@JsonDeserialize(using = ManufacturingInfoDeserializer.class)
@@ -37,6 +37,9 @@ public class ManufacturingInfo {
@JsonProperty("certInfo")
private AnyType certInfo;
+ @JsonProperty("macAddresses")
+ private byte[] macAddresses;
+
@JsonProperty("onDieDeviceCertChain")
private byte[] onDieDeviceCertChain;
@@ -46,6 +49,7 @@ public class ManufacturingInfo {
@JsonProperty("testSigMaroePrefix")
private byte[] testSigMaroePrefix;
+
@JsonIgnore
public PublicKeyType getKeyType() {
return keyType;
@@ -86,6 +90,11 @@ public byte[] getTestSigMaroePrefix() {
return testSigMaroePrefix;
}
+ @JsonIgnore
+ public byte[] getMacAddresses() {
+ return macAddresses;
+ }
+
@JsonIgnore
public void setKeyType(PublicKeyType keyType) {
this.keyType = keyType;
@@ -125,4 +134,9 @@ public void setTestSignature(byte[] testSignature) {
public void setTestSigMaroePrefix(byte[] maroePrefix) {
this.testSigMaroePrefix = maroePrefix;
}
-}
+
+ @JsonIgnore
+ public void setMacAddresses(byte[] macAddresses) {
+ this.macAddresses = macAddresses;
+ }
+}
\ No newline at end of file
diff --git a/protocol/src/main/java/org/fidoalliance/fdo/protocol/serialization/ManufacturingInfoDeserializer.java b/protocol/src/main/java/org/fidoalliance/fdo/protocol/serialization/ManufacturingInfoDeserializer.java
index 8293c5e8c..836d18028 100644
--- a/protocol/src/main/java/org/fidoalliance/fdo/protocol/serialization/ManufacturingInfoDeserializer.java
+++ b/protocol/src/main/java/org/fidoalliance/fdo/protocol/serialization/ManufacturingInfoDeserializer.java
@@ -55,7 +55,7 @@ public boolean isValidString(String deviceString) {
public ManufacturingInfo deserialize(JsonParser jp, DeserializationContext ctxt)
throws IOException {
JsonNode node = jp.getCodec().readTree(jp);
-
+
int index = 0;
ManufacturingInfo info = new ManufacturingInfo();
info.setKeyType(PublicKeyType.fromNumber(node.get(index++).intValue()));
@@ -85,6 +85,9 @@ public ManufacturingInfo deserialize(JsonParser jp, DeserializationContext ctxt)
info.setCertInfo(AnyType.fromObject(subNode));
}
}
+ if (index < node.size()) {
+ info.setMacAddresses(node.get(index++).binaryValue());
+ }
if (index < node.size()) {
info.setOnDieDeviceCertChain(node.get(index++).binaryValue());
}