Merge pull request #679 from nsacyber/issue-642-spotbugs-p3

[#642] HIRS_Utils spotbugs fixes

HIRS_Utils/config/spotbugs/spotbugs-exclude.xml

@@ -2,7 +2,10 @@
 <!-- Docs at http://findbugs.sourceforge.net/manual/filter.html -->
 <FindBugsFilter>
     <Match>
-	<Package name="~hirs\.utils.*" />
+	    <Package name="~hirs\.utils.xjc.*" />
+    </Match>
+    <Match>
+        <Package name="~hirs\.utils.rim.*" />
     </Match>
     <Match>
         <!-- https://github.com/spotbugs/spotbugs/pull/2748 -->

HIRS_Utils/src/main/java/hirs/utils/swid/SwidTagConstants.java

@@ -83,35 +83,34 @@ public class SwidTagConstants {
     public static final String RFC3852_PFX = "rcf3852";
     public static final String RFC3339_PFX = "rcf3339";
 
-    public static final String _COLLOQUIAL_VERSION_STR = new String(N8060_PFX + FX_SEPARATOR +
-            COLLOQUIAL_VERSION);
-    public static final String _PRODUCT_STR = new String(N8060_PFX + FX_SEPARATOR +
-            PRODUCT);
-    public static final String _REVISION_STR = new String(N8060_PFX + FX_SEPARATOR +
-            REVISION);
-    public static final String _EDITION_STR = new String(N8060_PFX + FX_SEPARATOR +
-            EDITION);
-
-    public static final String _RIM_LINK_HASH_STR = new String(RIM_PFX + FX_SEPARATOR +
-            RIM_LINK_HASH);
-    public static final String _BINDING_SPEC_STR = new String(RIM_PFX + FX_SEPARATOR +
-            BINDING_SPEC);
-    public static final String _BINDING_SPEC_VERSION_STR = new String(RIM_PFX + FX_SEPARATOR +
-            BINDING_SPEC_VERSION);
-    public static final String _PLATFORM_MANUFACTURER_STR = new String(RIM_PFX + FX_SEPARATOR +
-            PLATFORM_MANUFACTURER_STR);
-    public static final String _PLATFORM_MANUFACTURER_ID_STR = new String(RIM_PFX + FX_SEPARATOR +
-            PLATFORM_MANUFACTURER_ID);
-    public static final String _PLATFORM_MODEL_STR = new String(RIM_PFX + FX_SEPARATOR +
-            PLATFORM_MODEL);
-    public static final String _PLATFORM_VERSION_STR = new String(RIM_PFX + FX_SEPARATOR +
-            PLATFORM_VERSION);
-    public static final String _PAYLOAD_TYPE_STR = new String(RIM_PFX + FX_SEPARATOR +
-            PAYLOAD_TYPE);
-    public static final String _PC_URI_LOCAL_STR = new String(RIM_PFX + FX_SEPARATOR +
-            PC_URI_LOCAL);
-    public static final String _PC_URI_GLOBAL_STR = new String(RIM_PFX + FX_SEPARATOR +
-            PC_URI_GLOBAL);
+    public static final String _COLLOQUIAL_VERSION_STR = N8060_PFX + FX_SEPARATOR +
+            COLLOQUIAL_VERSION;
+    public static final String _PRODUCT_STR = N8060_PFX + FX_SEPARATOR +
+            PRODUCT;
+    public static final String _REVISION_STR = N8060_PFX + FX_SEPARATOR +
+            REVISION;
+    public static final String _EDITION_STR = N8060_PFX + FX_SEPARATOR +
+            EDITION;
+    public static final String _RIM_LINK_HASH_STR = RIM_PFX + FX_SEPARATOR +
+            RIM_LINK_HASH;
+    public static final String _BINDING_SPEC_STR = RIM_PFX + FX_SEPARATOR +
+            BINDING_SPEC;
+    public static final String _BINDING_SPEC_VERSION_STR = RIM_PFX + FX_SEPARATOR +
+            BINDING_SPEC_VERSION;
+    public static final String _PLATFORM_MANUFACTURER_STR = RIM_PFX + FX_SEPARATOR +
+            PLATFORM_MANUFACTURER_STR;
+    public static final String _PLATFORM_MANUFACTURER_ID_STR = RIM_PFX + FX_SEPARATOR +
+            PLATFORM_MANUFACTURER_ID;
+    public static final String _PLATFORM_MODEL_STR = RIM_PFX + FX_SEPARATOR +
+            PLATFORM_MODEL;
+    public static final String _PLATFORM_VERSION_STR = RIM_PFX + FX_SEPARATOR +
+            PLATFORM_VERSION;
+    public static final String _PAYLOAD_TYPE_STR = RIM_PFX + FX_SEPARATOR +
+            PAYLOAD_TYPE;
+    public static final String _PC_URI_LOCAL_STR = RIM_PFX + FX_SEPARATOR +
+            PC_URI_LOCAL;
+    public static final String _PC_URI_GLOBAL_STR = RIM_PFX + FX_SEPARATOR +
+            PC_URI_GLOBAL;
 
 
     public static final QName _SHA256_HASH = new QName(

HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiGptPartition.java

@@ -8,6 +8,7 @@ import lombok.Getter;
 import java.io.UnsupportedEncodingException;
 import java.math.BigInteger;
 import java.util.ArrayList;
+import java.util.List;
 
 /**
  * Class to process the PC Client Firmware profile defined EV_EFI_GPT_EVENT event.
@@ -68,8 +69,7 @@ public class EvEfiGptPartition {
     /**
      * List of Partitions.
      */
-    @Getter
-    private ArrayList<UefiPartition> partitionList = new ArrayList<>();
+    private List<UefiPartition> partitionList;
 
     /**
      * GPT Partition Event Type constructor.
@@ -80,6 +80,7 @@ public class EvEfiGptPartition {
     public EvEfiGptPartition(final byte[] eventDataBytes) throws UnsupportedEncodingException {
         //byte[] eventDataBytes = event.getEventContent();
         // Process the partition header
+        partitionList = new ArrayList<>();
         System.arraycopy(eventDataBytes, 0, header, 0, UefiConstants.SIZE_8);  // Signature
         byte[] revision = new byte[UefiConstants.SIZE_4];
         System.arraycopy(eventDataBytes, UefiConstants.SIZE_8, revision, 0, UefiConstants.SIZE_4);

HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpecIdEvent.java

@@ -7,6 +7,7 @@ import lombok.Getter;
 
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
+import java.util.List;
 
 /**
  * Class to process the TCG_EfiSpecIDEvent.
@@ -47,40 +48,46 @@ import java.util.ArrayList;
  * 6. The version of the log is used to determine which format the Log
  * is to use (sha1 or Crypto Agile)
  */
-@Getter
 public class EvEfiSpecIdEvent {
     /**
      * Minor Version.
      */
+    @Getter
     private String versionMinor = "";
     /**
      * Major Version.
      */
+    @Getter
     private String versionMajor = "";
     /**
      * Specification errata version.
      */
+    @Getter
     private String errata = "";
     /**
      * Signature (text) data.
      */
+    @Getter
     private String signature = "";
     /**
      * Platform class.
      */
+    @Getter
     private String platformClass = "";
     /**
      * Algorithm count.
      */
+    @Getter
     private int numberOfAlg = 0;
     /**
      * True if event log uses Crypto Agile format.
      */
+    @Getter
     private boolean cryptoAgile = false;
     /**
      * Algorithm list.
      */
-    private ArrayList<String> algList = new ArrayList<String>();
+    private List<String> algList;
 
     /**
      * EvEfiSpecIdEvent Constructor.
@@ -88,6 +95,7 @@ public class EvEfiSpecIdEvent {
      * @param efiSpecId byte array holding the spec ID Event.
      */
     public EvEfiSpecIdEvent(final byte[] efiSpecId) {
+        algList = new ArrayList<>();
         byte[] signatureBytes = new byte[UefiConstants.SIZE_16];
         System.arraycopy(efiSpecId, 0, signatureBytes, 0, UefiConstants.SIZE_16);
         signature = HexUtils.byteArrayToHexString(signatureBytes);

HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureList.java

@@ -174,15 +174,6 @@ public class UefiSignatureList {
         }
     }
 
-    /**
-     * Returns an ArrayList of EFISignatureData objects.
-     *
-     * @return ArrayList of EFISignatureData objects.
-     */
-    public ArrayList<UefiSignatureData> getSignatureDataList() {
-        return sigList;
-    }
-
     /**
      * Checks to see if GUID is listed on page 1729 of UEFI spec version 2.8.
      *
@@ -212,7 +203,7 @@ public class UefiSignatureList {
         StringBuilder sigInfo = new StringBuilder();
         sigInfo.append("UEFI Signature List Type = " + signatureType.toString() + "\n");
         sigInfo.append("Number if items = " + numberOfCerts + "\n");
-        sigList.iterator();
+
         for (int i = 0; i < sigList.size(); i++) {
             UefiSignatureData certData = sigList.get(i);
             sigInfo.append(certData.toString());

HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java

@@ -10,6 +10,7 @@ import java.nio.charset.StandardCharsets;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateException;
 import java.util.ArrayList;
+import java.util.List;
 
 /**
  * Class to process a UEFI variable within a TPM Event.
@@ -31,8 +32,7 @@ public class UefiVariable {
     /**
      * List of Signature lists.
      */
-    @Getter
-    private ArrayList<UefiSignatureList> certSuperList = new ArrayList<>();
+    private List<UefiSignatureList> certSuperList;
     /**
      * Name of the UEFI variable.
      */
@@ -67,6 +67,7 @@ public class UefiVariable {
      */
     public UefiVariable(final byte[] variableData)
             throws CertificateException, NoSuchAlgorithmException, IOException {
+        certSuperList = new ArrayList<>();
         byte[] guid = new byte[UefiConstants.SIZE_16];
         byte[] nameLength = new byte[UefiConstants.SIZE_8];
         byte[] nameTemp = null;
@@ -173,8 +174,8 @@ public class UefiVariable {
                     efiVariable.append("Data not provided   ");
                 }
         }
-        for (int i = 0; i < certSuperList.size(); i++) {
-            efiVariable.append(certSuperList.get(i).toString());
+        for (UefiSignatureList uefiSigList : certSuperList) {
+            efiVariable.append(uefiSigList.toString());
         }
         return efiVariable.toString();
     }