mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-19 21:17:59 +00:00
Continuing fixing spotbugs for AttestationCA
This commit is contained in:
Cyrus
parent
8c573b0bcd
commit
39da434f1f
@ -4,6 +4,9 @@
|
||||
<Match>
|
||||
<Package name="~hirs\.attestationca\.configuration*" />
|
||||
</Match>
|
||||
|
||||
<Match>
|
||||
<!-- https://github.com/spotbugs/spotbugs/pull/2748 -->
|
||||
<Bug pattern="CT_CONSTRUCTOR_THROW" />
|
||||
</Match>
|
||||
</FindBugsFilter>
|
||||
|
||||
|
||||
@ -79,4 +79,27 @@ public abstract class AbstractEntity implements Serializable {
|
||||
public void resetCreateTime() {
|
||||
createTime.setTime(new Date().getTime());
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
if (id != null) {
|
||||
return id.hashCode();
|
||||
}
|
||||
return super.hashCode();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(final Object object) {
|
||||
if (this == object) {
|
||||
return true;
|
||||
}
|
||||
if (object == null) {
|
||||
return false;
|
||||
}
|
||||
if (!(this.getClass().equals(object.getClass()))) {
|
||||
return false;
|
||||
}
|
||||
return this.hashCode() == object.hashCode();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -6,6 +6,7 @@ import jakarta.persistence.Entity;
|
||||
import jakarta.persistence.Id;
|
||||
import jakarta.persistence.Lob;
|
||||
import lombok.NoArgsConstructor;
|
||||
import lombok.extern.log4j.Log4j2;
|
||||
import org.bouncycastle.util.Arrays;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
@ -17,6 +18,7 @@ import java.util.Date;
|
||||
* This class is for saving the Identity Claim and the Nonce between the two passes of the
|
||||
* TPM 2.0 Provisioner.
|
||||
*/
|
||||
@Log4j2
|
||||
@NoArgsConstructor
|
||||
@Entity
|
||||
public class TPM2ProvisionerState {
|
||||
@ -100,11 +102,13 @@ public class TPM2ProvisionerState {
|
||||
try (DataInputStream dis
|
||||
= new DataInputStream(new ByteArrayInputStream(nonce))) {
|
||||
long firstPartOfNonce = dis.readLong();
|
||||
TPM2ProvisionerState stateFound = tpm2ProvisionerStateRepository.findByFirstPartOfNonce(firstPartOfNonce);
|
||||
if (Arrays.areEqual(stateFound.getNonce(), nonce)) {
|
||||
TPM2ProvisionerState stateFound = tpm2ProvisionerStateRepository
|
||||
.findByFirstPartOfNonce(firstPartOfNonce);
|
||||
if (stateFound != null && Arrays.areEqual(stateFound.getNonce(), nonce)) {
|
||||
return stateFound;
|
||||
}
|
||||
} catch (IOException | NullPointerException e) {
|
||||
} catch (IOException ioEx) {
|
||||
log.error(ioEx.getMessage());
|
||||
return null;
|
||||
}
|
||||
return null;
|
||||
|
||||
@ -314,7 +314,7 @@ public class IdentityClaimProcessor extends AbstractProcessor {
|
||||
Pattern pattern = Pattern.compile("([^\\s]+(\\.(?i)(rimpcr|rimel|bin|log))$)");
|
||||
Matcher matcher;
|
||||
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
|
||||
List<ReferenceManifest> listOfSavedRims = new LinkedList<>();
|
||||
// List<ReferenceManifest> listOfSavedRims = new LinkedList<>();
|
||||
|
||||
if (dv.getLogfileCount() > 0) {
|
||||
for (ByteString logFile : dv.getLogfileList()) {
|
||||
@ -424,11 +424,11 @@ public class IdentityClaimProcessor extends AbstractProcessor {
|
||||
dbSupport.setUpdated(true);
|
||||
dbSupport.setAssociatedRim(dbBaseRim.getId());
|
||||
this.referenceManifestRepository.save(dbSupport);
|
||||
listOfSavedRims.add(dbSupport);
|
||||
// listOfSavedRims.add(dbSupport);
|
||||
}
|
||||
}
|
||||
this.referenceManifestRepository.save(dbBaseRim);
|
||||
listOfSavedRims.add(dbBaseRim);
|
||||
// listOfSavedRims.add(dbBaseRim);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -44,14 +44,6 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
|
||||
|
||||
private static List<ComponentResult> componentResultList = new LinkedList<>();
|
||||
|
||||
/**
|
||||
* Setter for the list of components to verify.
|
||||
* @param componentResultList list object for the components
|
||||
*/
|
||||
public void setComponentResultList(final List<ComponentResult> componentResultList) {
|
||||
this.componentResultList = componentResultList.stream().toList();
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter for the list of components to verify.
|
||||
* @return a collection of components
|
||||
|
||||
@ -45,9 +45,7 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
|
||||
String[] baseline = new String[Integer.SIZE];
|
||||
AppraisalStatus fwStatus = null;
|
||||
String hostName = device.getDeviceInfo().getNetworkInfo().getHostname();
|
||||
String manufacturer = device.getDeviceInfo()
|
||||
.getHardwareInfo().getManufacturer();
|
||||
ReferenceManifest validationObject;
|
||||
// ReferenceManifest validationObject;
|
||||
List<BaseReferenceManifest> baseReferenceManifests = null;
|
||||
BaseReferenceManifest baseReferenceManifest = null;
|
||||
ReferenceManifest supportReferenceManifest = null;
|
||||
@ -80,7 +78,6 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
|
||||
failedString += "Bios measurement";
|
||||
passed = false;
|
||||
}
|
||||
validationObject = measurement;
|
||||
|
||||
if (passed) {
|
||||
List<SwidResource> resources =
|
||||
@ -109,7 +106,6 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
|
||||
passed = false;
|
||||
fwStatus = new AppraisalStatus(FAIL,
|
||||
"Firmware validation failed: invalid certificate path.");
|
||||
validationObject = baseReferenceManifest;
|
||||
}
|
||||
} catch (IOException ioEx) {
|
||||
log.error("Error getting X509 cert from manager: " + ioEx.getMessage());
|
||||
@ -224,7 +220,6 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
|
||||
|
||||
if (!tpmPcrEvents.isEmpty()) {
|
||||
StringBuilder sb = new StringBuilder();
|
||||
validationObject = measurement;
|
||||
sb.append(String.format("%d digest(s) were not found:%n",
|
||||
tpmPcrEvents.size()));
|
||||
for (TpmPcrEvent tpe : tpmPcrEvents) {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user