v3_issue_821: fixed the NPE issue we were getting during provisioning for missing component info.

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/ComponentInfo.java

@@ -92,18 +92,21 @@ public class ComponentInfo extends ArchivableEntity {
                          final String componentSerial,
                          final String componentRevision) {
 
-        if ((StringUtils.isEmpty(componentManufacturer)
-                || StringUtils.isEmpty(componentModel))) {
+        if (componentManufacturer == null) {
+            log.error("Component Info's manufacturer cannot be null.");
+            this.componentManufacturer = "";
+        } else {
+            this.componentManufacturer = componentModel.trim();
+        }
 
-            log.error("Component Info's manufacturer and/or "
-                    + "model can not be null");
-            throw new NullPointerException("ComponentInfo: manufacturer and/or "
-                    + "model can not be null");
+        if (componentModel == null) {
+            log.error("Component Info's model cannot be null.");
+            this.componentModel = "";
+        } else {
+            this.componentModel = componentModel.trim();
         }
 
         this.deviceName = deviceName;
-        this.componentManufacturer = componentManufacturer.trim();
-        this.componentModel = componentModel.trim();
 
         if (componentSerial != null) {
             this.componentSerial = componentSerial.trim();

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java

@@ -93,7 +93,9 @@ public class SupplyChainCredentialValidator {
                 throw new SupplyChainValidatorException("Truststore is empty");
             }
         } catch (KeyStoreException ksEx) {
-            log.error("Error accessing trust store: " + ksEx.getMessage());
+            log.error(
+                    "Error accessing trust store while trying to verify the X509 Attribute"
+                            + " Certificate Holder: {}", ksEx.getMessage());
         }
 
         try {
@@ -134,7 +136,8 @@ public class SupplyChainCredentialValidator {
                 throw new SupplyChainValidatorException("Truststore is empty");
             }
         } catch (KeyStoreException ksEx) {
-            log.error("Error accessing trust store: " + ksEx.getMessage());
+            log.error("Error accessing trust store while trying to verify the X509 Certificate: {}",
+                    ksEx.getMessage());
         }
 
         try {
@@ -147,8 +150,9 @@ public class SupplyChainCredentialValidator {
 
             return validateCertChain(cert, trustedCerts).isEmpty();
         } catch (KeyStoreException ksEx) {
-            log.error("Error accessing keystore", ksEx);
-            throw new SupplyChainValidatorException("Error with the trust store", ksEx);
+            log.error("Error accessing keystore while trying to verify the X509 Certificate", ksEx);
+            throw new SupplyChainValidatorException(
+                    "Error accessing keystore while trying to verify the X509 Certificate", ksEx);
         }
     }
 
@@ -191,7 +195,7 @@ public class SupplyChainCredentialValidator {
 
                 if (issuerMatchesSubject && signatureMatchesPublicKey) {
                     if (isSelfSigned(trustedCert)) {
-                        log.info("CA Root found.");
+                        log.info("CA Root found while validating the X509 Attribute Certificate Holder.");
                         return "";
                     } else {
                         foundRootOfCertChain = intCAError;
@@ -244,7 +248,7 @@ public class SupplyChainCredentialValidator {
                         trustedCert);
                 if (issuerMatchesSubject && signatureMatchesPublicKey) {
                     if (isSelfSigned(trustedCert)) {
-                        log.info("CA Root found.");
+                        log.info("CA Root found while validating X509 Certificate.");
                         return "";
                     } else {
                         foundRootOfCertChain = intCAError;
@@ -320,11 +324,18 @@ public class SupplyChainCredentialValidator {
         return componentInfoList;
     }
 
+    /**
+     * Helper method that attempts to retrieve the value as text from the provided Json Node.
+     *
+     * @param node      json node
+     * @param fieldName field name
+     * @return string json node value
+     */
     private static String getJSONNodeValueAsText(final JsonNode node, final String fieldName) {
         if (node.hasNonNull(fieldName)) {
             return node.findValue(fieldName).textValue();
         }
-        return null;
+        return "";
     }
 
     /**
@@ -404,8 +415,7 @@ public class SupplyChainCredentialValidator {
         } catch (NoSuchProviderException e) {
             log.info("Incorrect provider for cert signature validation");
         } catch (SignatureException e) {
-            log.info(String.format("%s.verify(%s)", cert.getSubjectX500Principal(),
-                    signingCert.getSubjectX500Principal()));
+            log.info("{}.verify({})", cert.getSubjectX500Principal(), signingCert.getSubjectX500Principal());
         }
         return false;
 
@@ -450,8 +460,7 @@ public class SupplyChainCredentialValidator {
             return cert.isSignatureValid(contentVerifierProvider);
         } catch (OperatorCreationException | CertException e) {
             log.info("Exception thrown while verifying certificate", e);
-            log.info(String.format("%s.isSignatureValid(%s)", cert.getSerialNumber(),
-                    signingKey.getFormat()));
+            log.info("{}.isSignatureValid({})", cert.getSerialNumber(), signingKey.getFormat());
             return false;
         }
     }