mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-25 07:31:11 +00:00
Continuing fixing spotbugs for AttestationCA
This commit is contained in:
parent
8c573b0bcd
commit
39da434f1f
@ -4,6 +4,9 @@
|
|||||||
<Match>
|
<Match>
|
||||||
<Package name="~hirs\.attestationca\.configuration*" />
|
<Package name="~hirs\.attestationca\.configuration*" />
|
||||||
</Match>
|
</Match>
|
||||||
|
<Match>
|
||||||
|
<!-- https://github.com/spotbugs/spotbugs/pull/2748 -->
|
||||||
|
<Bug pattern="CT_CONSTRUCTOR_THROW" />
|
||||||
|
</Match>
|
||||||
</FindBugsFilter>
|
</FindBugsFilter>
|
||||||
|
|
||||||
|
@ -79,4 +79,27 @@ public abstract class AbstractEntity implements Serializable {
|
|||||||
public void resetCreateTime() {
|
public void resetCreateTime() {
|
||||||
createTime.setTime(new Date().getTime());
|
createTime.setTime(new Date().getTime());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int hashCode() {
|
||||||
|
if (id != null) {
|
||||||
|
return id.hashCode();
|
||||||
|
}
|
||||||
|
return super.hashCode();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean equals(final Object object) {
|
||||||
|
if (this == object) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
if (object == null) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!(this.getClass().equals(object.getClass()))) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return this.hashCode() == object.hashCode();
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -6,6 +6,7 @@ import jakarta.persistence.Entity;
|
|||||||
import jakarta.persistence.Id;
|
import jakarta.persistence.Id;
|
||||||
import jakarta.persistence.Lob;
|
import jakarta.persistence.Lob;
|
||||||
import lombok.NoArgsConstructor;
|
import lombok.NoArgsConstructor;
|
||||||
|
import lombok.extern.log4j.Log4j2;
|
||||||
import org.bouncycastle.util.Arrays;
|
import org.bouncycastle.util.Arrays;
|
||||||
|
|
||||||
import java.io.ByteArrayInputStream;
|
import java.io.ByteArrayInputStream;
|
||||||
@ -17,6 +18,7 @@ import java.util.Date;
|
|||||||
* This class is for saving the Identity Claim and the Nonce between the two passes of the
|
* This class is for saving the Identity Claim and the Nonce between the two passes of the
|
||||||
* TPM 2.0 Provisioner.
|
* TPM 2.0 Provisioner.
|
||||||
*/
|
*/
|
||||||
|
@Log4j2
|
||||||
@NoArgsConstructor
|
@NoArgsConstructor
|
||||||
@Entity
|
@Entity
|
||||||
public class TPM2ProvisionerState {
|
public class TPM2ProvisionerState {
|
||||||
@ -100,11 +102,13 @@ public class TPM2ProvisionerState {
|
|||||||
try (DataInputStream dis
|
try (DataInputStream dis
|
||||||
= new DataInputStream(new ByteArrayInputStream(nonce))) {
|
= new DataInputStream(new ByteArrayInputStream(nonce))) {
|
||||||
long firstPartOfNonce = dis.readLong();
|
long firstPartOfNonce = dis.readLong();
|
||||||
TPM2ProvisionerState stateFound = tpm2ProvisionerStateRepository.findByFirstPartOfNonce(firstPartOfNonce);
|
TPM2ProvisionerState stateFound = tpm2ProvisionerStateRepository
|
||||||
if (Arrays.areEqual(stateFound.getNonce(), nonce)) {
|
.findByFirstPartOfNonce(firstPartOfNonce);
|
||||||
|
if (stateFound != null && Arrays.areEqual(stateFound.getNonce(), nonce)) {
|
||||||
return stateFound;
|
return stateFound;
|
||||||
}
|
}
|
||||||
} catch (IOException | NullPointerException e) {
|
} catch (IOException ioEx) {
|
||||||
|
log.error(ioEx.getMessage());
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
|
@ -314,7 +314,7 @@ public class IdentityClaimProcessor extends AbstractProcessor {
|
|||||||
Pattern pattern = Pattern.compile("([^\\s]+(\\.(?i)(rimpcr|rimel|bin|log))$)");
|
Pattern pattern = Pattern.compile("([^\\s]+(\\.(?i)(rimpcr|rimel|bin|log))$)");
|
||||||
Matcher matcher;
|
Matcher matcher;
|
||||||
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
|
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
|
||||||
List<ReferenceManifest> listOfSavedRims = new LinkedList<>();
|
// List<ReferenceManifest> listOfSavedRims = new LinkedList<>();
|
||||||
|
|
||||||
if (dv.getLogfileCount() > 0) {
|
if (dv.getLogfileCount() > 0) {
|
||||||
for (ByteString logFile : dv.getLogfileList()) {
|
for (ByteString logFile : dv.getLogfileList()) {
|
||||||
@ -424,11 +424,11 @@ public class IdentityClaimProcessor extends AbstractProcessor {
|
|||||||
dbSupport.setUpdated(true);
|
dbSupport.setUpdated(true);
|
||||||
dbSupport.setAssociatedRim(dbBaseRim.getId());
|
dbSupport.setAssociatedRim(dbBaseRim.getId());
|
||||||
this.referenceManifestRepository.save(dbSupport);
|
this.referenceManifestRepository.save(dbSupport);
|
||||||
listOfSavedRims.add(dbSupport);
|
// listOfSavedRims.add(dbSupport);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
this.referenceManifestRepository.save(dbBaseRim);
|
this.referenceManifestRepository.save(dbBaseRim);
|
||||||
listOfSavedRims.add(dbBaseRim);
|
// listOfSavedRims.add(dbBaseRim);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -44,14 +44,6 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
|
|||||||
|
|
||||||
private static List<ComponentResult> componentResultList = new LinkedList<>();
|
private static List<ComponentResult> componentResultList = new LinkedList<>();
|
||||||
|
|
||||||
/**
|
|
||||||
* Setter for the list of components to verify.
|
|
||||||
* @param componentResultList list object for the components
|
|
||||||
*/
|
|
||||||
public void setComponentResultList(final List<ComponentResult> componentResultList) {
|
|
||||||
this.componentResultList = componentResultList.stream().toList();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Getter for the list of components to verify.
|
* Getter for the list of components to verify.
|
||||||
* @return a collection of components
|
* @return a collection of components
|
||||||
|
@ -45,9 +45,7 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
|
|||||||
String[] baseline = new String[Integer.SIZE];
|
String[] baseline = new String[Integer.SIZE];
|
||||||
AppraisalStatus fwStatus = null;
|
AppraisalStatus fwStatus = null;
|
||||||
String hostName = device.getDeviceInfo().getNetworkInfo().getHostname();
|
String hostName = device.getDeviceInfo().getNetworkInfo().getHostname();
|
||||||
String manufacturer = device.getDeviceInfo()
|
// ReferenceManifest validationObject;
|
||||||
.getHardwareInfo().getManufacturer();
|
|
||||||
ReferenceManifest validationObject;
|
|
||||||
List<BaseReferenceManifest> baseReferenceManifests = null;
|
List<BaseReferenceManifest> baseReferenceManifests = null;
|
||||||
BaseReferenceManifest baseReferenceManifest = null;
|
BaseReferenceManifest baseReferenceManifest = null;
|
||||||
ReferenceManifest supportReferenceManifest = null;
|
ReferenceManifest supportReferenceManifest = null;
|
||||||
@ -80,7 +78,6 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
|
|||||||
failedString += "Bios measurement";
|
failedString += "Bios measurement";
|
||||||
passed = false;
|
passed = false;
|
||||||
}
|
}
|
||||||
validationObject = measurement;
|
|
||||||
|
|
||||||
if (passed) {
|
if (passed) {
|
||||||
List<SwidResource> resources =
|
List<SwidResource> resources =
|
||||||
@ -109,7 +106,6 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
|
|||||||
passed = false;
|
passed = false;
|
||||||
fwStatus = new AppraisalStatus(FAIL,
|
fwStatus = new AppraisalStatus(FAIL,
|
||||||
"Firmware validation failed: invalid certificate path.");
|
"Firmware validation failed: invalid certificate path.");
|
||||||
validationObject = baseReferenceManifest;
|
|
||||||
}
|
}
|
||||||
} catch (IOException ioEx) {
|
} catch (IOException ioEx) {
|
||||||
log.error("Error getting X509 cert from manager: " + ioEx.getMessage());
|
log.error("Error getting X509 cert from manager: " + ioEx.getMessage());
|
||||||
@ -224,7 +220,6 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
|
|||||||
|
|
||||||
if (!tpmPcrEvents.isEmpty()) {
|
if (!tpmPcrEvents.isEmpty()) {
|
||||||
StringBuilder sb = new StringBuilder();
|
StringBuilder sb = new StringBuilder();
|
||||||
validationObject = measurement;
|
|
||||||
sb.append(String.format("%d digest(s) were not found:%n",
|
sb.append(String.format("%d digest(s) were not found:%n",
|
||||||
tpmPcrEvents.size()));
|
tpmPcrEvents.size()));
|
||||||
for (TpmPcrEvent tpe : tpmPcrEvents) {
|
for (TpmPcrEvent tpe : tpmPcrEvents) {
|
||||||
|
Loading…
Reference in New Issue
Block a user