diff --git a/HIRS_AttestationCA/config/spotbugs/spotbugs-exclude.xml b/HIRS_AttestationCA/config/spotbugs/spotbugs-exclude.xml index 14f010bc..6261ef8d 100644 --- a/HIRS_AttestationCA/config/spotbugs/spotbugs-exclude.xml +++ b/HIRS_AttestationCA/config/spotbugs/spotbugs-exclude.xml @@ -4,6 +4,9 @@ - + + + + diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/AbstractEntity.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/AbstractEntity.java index e89249c6..819ca057 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/AbstractEntity.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/AbstractEntity.java @@ -79,4 +79,27 @@ public abstract class AbstractEntity implements Serializable { public void resetCreateTime() { createTime.setTime(new Date().getTime()); } + + @Override + public int hashCode() { + if (id != null) { + return id.hashCode(); + } + return super.hashCode(); + } + + @Override + public boolean equals(final Object object) { + if (this == object) { + return true; + } + if (object == null) { + return false; + } + if (!(this.getClass().equals(object.getClass()))) { + return false; + } + return this.hashCode() == object.hashCode(); + } + } diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java index fc44115d..94e849ba 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java @@ -6,6 +6,7 @@ import jakarta.persistence.Entity; import jakarta.persistence.Id; import jakarta.persistence.Lob; import lombok.NoArgsConstructor; +import lombok.extern.log4j.Log4j2; import org.bouncycastle.util.Arrays; import java.io.ByteArrayInputStream; @@ -17,6 +18,7 @@ import java.util.Date; * This class is for saving the Identity Claim and the Nonce between the two passes of the * TPM 2.0 Provisioner. */ +@Log4j2 @NoArgsConstructor @Entity public class TPM2ProvisionerState { @@ -100,11 +102,13 @@ public class TPM2ProvisionerState { try (DataInputStream dis = new DataInputStream(new ByteArrayInputStream(nonce))) { long firstPartOfNonce = dis.readLong(); - TPM2ProvisionerState stateFound = tpm2ProvisionerStateRepository.findByFirstPartOfNonce(firstPartOfNonce); - if (Arrays.areEqual(stateFound.getNonce(), nonce)) { + TPM2ProvisionerState stateFound = tpm2ProvisionerStateRepository + .findByFirstPartOfNonce(firstPartOfNonce); + if (stateFound != null && Arrays.areEqual(stateFound.getNonce(), nonce)) { return stateFound; } - } catch (IOException | NullPointerException e) { + } catch (IOException ioEx) { + log.error(ioEx.getMessage()); return null; } return null; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java index 320e23ec..8ada1121 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java @@ -314,7 +314,7 @@ public class IdentityClaimProcessor extends AbstractProcessor { Pattern pattern = Pattern.compile("([^\\s]+(\\.(?i)(rimpcr|rimel|bin|log))$)"); Matcher matcher; MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); - List listOfSavedRims = new LinkedList<>(); +// List listOfSavedRims = new LinkedList<>(); if (dv.getLogfileCount() > 0) { for (ByteString logFile : dv.getLogfileList()) { @@ -424,11 +424,11 @@ public class IdentityClaimProcessor extends AbstractProcessor { dbSupport.setUpdated(true); dbSupport.setAssociatedRim(dbBaseRim.getId()); this.referenceManifestRepository.save(dbSupport); - listOfSavedRims.add(dbSupport); +// listOfSavedRims.add(dbSupport); } } this.referenceManifestRepository.save(dbBaseRim); - listOfSavedRims.add(dbBaseRim); +// listOfSavedRims.add(dbBaseRim); } } diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java index 9aa746c5..356cbf8b 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java @@ -44,14 +44,6 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid private static List componentResultList = new LinkedList<>(); - /** - * Setter for the list of components to verify. - * @param componentResultList list object for the components - */ - public void setComponentResultList(final List componentResultList) { - this.componentResultList = componentResultList.stream().toList(); - } - /** * Getter for the list of components to verify. * @return a collection of components diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java index 14a7e9b1..4afcc131 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java @@ -45,9 +45,7 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator { String[] baseline = new String[Integer.SIZE]; AppraisalStatus fwStatus = null; String hostName = device.getDeviceInfo().getNetworkInfo().getHostname(); - String manufacturer = device.getDeviceInfo() - .getHardwareInfo().getManufacturer(); - ReferenceManifest validationObject; +// ReferenceManifest validationObject; List baseReferenceManifests = null; BaseReferenceManifest baseReferenceManifest = null; ReferenceManifest supportReferenceManifest = null; @@ -80,7 +78,6 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator { failedString += "Bios measurement"; passed = false; } - validationObject = measurement; if (passed) { List resources = @@ -109,7 +106,6 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator { passed = false; fwStatus = new AppraisalStatus(FAIL, "Firmware validation failed: invalid certificate path."); - validationObject = baseReferenceManifest; } } catch (IOException ioEx) { log.error("Error getting X509 cert from manager: " + ioEx.getMessage()); @@ -224,7 +220,6 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator { if (!tpmPcrEvents.isEmpty()) { StringBuilder sb = new StringBuilder(); - validationObject = measurement; sb.append(String.format("%d digest(s) were not found:%n", tpmPcrEvents.size())); for (TpmPcrEvent tpe : tpmPcrEvents) {