From 6d770e9a638d4b2284c4785742ad3ecf75d58984 Mon Sep 17 00:00:00 2001 From: TheSilentCoder <184309164+ThatSilentCoder@users.noreply.github.com> Date: Fri, 25 Oct 2024 17:30:36 -0400 Subject: [PATCH] issue_847: Fixed ALL checkstyle and spotbug errors in CA module. Fixing spotbug and checkstyle issues in CA_PORT module now. --- HIRS_AttestationCA/build.gradle | 3 + .../userdefined/SupplyChainValidation.java | 9 ++- .../CertificateAuthorityCredential.java | 57 +++++++++++++++++-- .../certificate/CertificateVariables.java | 49 +++------------- .../certificate/EndorsementCredential.java | 21 ++++--- .../userdefined/report/DeviceInfoReport.java | 5 ++ .../persist/enums/HealthStatus.java | 6 ++ .../provision/helper/ProvisionUtils.java | 56 ++++++++++++------ .../persist/util/CredentialHelper.java | 14 +++-- .../CredentialManagementHelperTest.java | 24 +++++++- .../attestationca/portal/HIRSApplication.java | 3 +- .../portal/HIRSDbInitializer.java | 3 +- .../portal/PersistenceJPAConfig.java | 3 +- .../portal/datatables/DataTableResponse.java | 16 ++++-- .../portal/datatables/package-info.java | 1 + .../portal/listener/package-info.java | 1 + .../attestationca/portal/page/PageParams.java | 2 +- .../controllers/DevicePageController.java | 2 +- .../ReferenceManifestPageController.java | 10 ++-- .../portal/page/controllers/package-info.java | 1 + .../portal/page/package-info.java | 1 + .../portal/page/params/package-info.java | 2 +- .../portal/page/utils/package-info.java | 2 +- .../portal/page/PageControllerTest.java | 6 +- .../CertificateDetailsPageControllerTest.java | 2 +- .../controllers/DevicePageControllerTest.java | 4 +- ...PlatformCredentialsPageControllerTest.java | 6 +- .../controllers/PolicyPageControllerTest.java | 14 ++--- ...rustChainManagementPageControllerTest.java | 15 +++-- .../portal/page/controllers/package-info.java | 1 + .../portal/page/package-info.java | 1 + gradle.properties | 2 + 32 files changed, 214 insertions(+), 128 deletions(-) create mode 100644 HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/package-info.java create mode 100644 HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/listener/package-info.java create mode 100644 HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/package-info.java create mode 100644 HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/package-info.java create mode 100644 HIRS_AttestationCAPortal/src/test/java/hirs/attestationca/portal/page/controllers/package-info.java create mode 100644 HIRS_AttestationCAPortal/src/test/java/hirs/attestationca/portal/page/package-info.java diff --git a/HIRS_AttestationCA/build.gradle b/HIRS_AttestationCA/build.gradle index 55ce5538..ff0bf8e5 100644 --- a/HIRS_AttestationCA/build.gradle +++ b/HIRS_AttestationCA/build.gradle @@ -54,6 +54,9 @@ dependencies { testImplementation 'org.mockito:mockito-core:4.2.0' testImplementation 'org.springframework:spring-test:6.0.8' + compileOnly "com.github.spotbugs:spotbugs-annotations:${spotBugAnnotationVersion}" + annotationProcessor "com.github.spotbugs:spotbugs-annotations:${spotBugAnnotationVersion}" + // spring management compileOnly libs.lombok implementation libs.lombok diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java index 3d0d9711..6485f46e 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java @@ -9,6 +9,7 @@ import jakarta.persistence.FetchType; import jakarta.persistence.JoinColumn; import jakarta.persistence.JoinTable; import jakarta.persistence.ManyToMany; +import lombok.AccessLevel; import lombok.Getter; import java.util.ArrayList; @@ -18,26 +19,24 @@ import java.util.List; /** * Stores results of a single element of the supply chain validation process. */ +@Getter @Entity public class SupplyChainValidation extends ArchivableEntity { - @Getter @Column private final ValidationType validationType; - @Getter @Column private final AppraisalStatus.Status validationResult; + @Getter(AccessLevel.NONE) @ManyToMany(fetch = FetchType.EAGER) @JoinTable(name = "CertificatesUsedToValidate", joinColumns = {@JoinColumn(name = "validation_id", nullable = false)}) private final List certificatesUsed; - @Getter @Column(length = RESULT_MESSAGE_LENGTH) private final String message; - - @Getter + @Column private String rimId; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateAuthorityCredential.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateAuthorityCredential.java index f5356160..0f5e5421 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateAuthorityCredential.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateAuthorityCredential.java @@ -3,19 +3,20 @@ package hirs.attestationca.persist.entity.userdefined.certificate; import hirs.attestationca.persist.entity.userdefined.Certificate; import jakarta.persistence.Column; import jakarta.persistence.Entity; -import lombok.EqualsAndHashCode; +import lombok.AccessLevel; import lombok.Getter; import org.apache.commons.codec.binary.Hex; import java.io.IOException; import java.nio.file.Path; +import java.util.Arrays; /** * This class persists Certificate Authority credentials by extending the base Certificate * class with fields unique to CA credentials. */ +@Getter @Entity -@EqualsAndHashCode public class CertificateAuthorityCredential extends Certificate { /** @@ -30,6 +31,7 @@ public class CertificateAuthorityCredential extends Certificate { private static final int PREFIX_BYTE_SIZE = 4; + @Getter(AccessLevel.NONE) @Column private final byte[] subjectKeyIdentifier; @@ -37,11 +39,9 @@ public class CertificateAuthorityCredential extends Certificate { * this field is part of the TCG CA specification, but has not yet been found in * manufacturer-provided CAs, and is therefore not currently parsed. */ - @Getter @Column private final String credentialType = "TCPA Trusted Platform Module Endorsement"; - @Getter @Column private String subjectKeyIdString; @@ -112,10 +112,59 @@ public class CertificateAuthorityCredential extends Certificate { return null; } + /** + * Helper method that uses the provided certificate bytes and truncates a portion + * of the certificate bytes array. + * + * @param certificateBytes byte array representation of the certificate bytes + * @return a truncated certificate byte array + */ private byte[] truncatePrefixBytes(final byte[] certificateBytes) { byte[] temp = new byte[CA_BYTE_SIZE]; System.arraycopy(certificateBytes, PREFIX_BYTE_SIZE, temp, 0, CA_BYTE_SIZE); return temp; } + + /** + * Compares this Certificate Authority Credential object to another Certificate + * Authority Credential object. + * + * @param o object to compare + * @return true if both this and the provided Certificate Authority Credential objects are equal, + * false otherwise + */ + public boolean equals(final Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + if (!super.equals(o)) { + return false; + } + + CertificateAuthorityCredential that = (CertificateAuthorityCredential) o; + +// if (!Objects.equals(credentialType, that.credentialType)) { +// return false; +// } + + return Arrays.equals(subjectKeyIdentifier, that.subjectKeyIdentifier); + } + + /** + * Creates an integer hash code. + * + * @return an integer hash code + */ + @Override + public int hashCode() { + final int hashCodeConst = 31; + int result = super.hashCode(); + result = hashCodeConst * result + credentialType.hashCode(); + result = hashCodeConst * result + Arrays.hashCode(subjectKeyIdentifier); + return result; + } } diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java index b4b53162..eff3b7a3 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java @@ -1,214 +1,179 @@ package hirs.attestationca.persist.entity.userdefined.certificate; -public class CertificateVariables { +public final class CertificateVariables { /** * */ public static final String PEM_HEADER = "-----BEGIN CERTIFICATE-----"; - /** * */ public static final String PEM_FOOTER = "-----END CERTIFICATE-----"; - /** * */ public static final String PEM_ATTRIBUTE_HEADER = "-----BEGIN ATTRIBUTE CERTIFICATE-----"; - /** * */ public static final String PEM_ATTRIBUTE_FOOTER = "-----END ATTRIBUTE CERTIFICATE-----"; - /** * */ public static final String MALFORMED_CERT_MESSAGE = "Malformed certificate detected."; - /** * */ public static final int MAX_CERT_LENGTH_BYTES = 2048; - /** * */ public static final int MAX_NUMERIC_PRECISION = 49; - /** * Can store up to 160 bit values. */ public static final int MAX_PUB_KEY_MODULUS_HEX_LENGTH = 1024; - /** * */ public static final int KEY_USAGE_BIT0 = 0; - /** * */ public static final int KEY_USAGE_BIT1 = 1; - /** * */ public static final int KEY_USAGE_BIT2 = 2; - /** * */ public static final int KEY_USAGE_BIT3 = 3; - /** * */ public static final int KEY_USAGE_BIT4 = 4; - /** * */ public static final int KEY_USAGE_BIT5 = 5; - /** * */ public static final int KEY_USAGE_BIT6 = 6; - /** * */ public static final int KEY_USAGE_BIT7 = 7; - /** * */ public static final int KEY_USAGE_BIT8 = 8; - /** * */ public static final String KEY_USAGE_DS = "DIGITAL SIGNATURE"; - /** * */ public static final String KEY_USAGE_NR = "NON-REPUDIATION"; - /** * */ public static final String KEY_USAGE_KE = "KEY ENCIPHERMENT"; - /** * */ public static final String KEY_USAGE_DE = "DATA ENCIPHERMENT"; - /** * */ public static final String KEY_USAGE_KA = "KEY AGREEMENT"; - /** * */ public static final String KEY_USAGE_KC = "KEY CERT SIGN"; - /** * */ public static final String KEY_USAGE_CS = "CRL SIGN"; - /** * */ public static final String KEY_USAGE_EO = "ENCIPHER ONLY"; - /** * */ public static final String KEY_USAGE_DO = "DECIPHER ONLY"; - /** * */ public static final String ECDSA_OID = "1.2.840.10045.4.3.2"; - /** * */ public static final String ECDSA_SHA224_OID = "1.2.840.10045.4.1"; - /** * */ public static final String RSA256_OID = "1.2.840.113549.1.1.11"; - /** * */ public static final String RSA384_OID = "1.2.840.113549.1.1.12"; - /** * */ public static final String RSA512_OID = "1.2.840.113549.1.1.13"; - /** * */ public static final String RSA224_OID = "1.2.840.113549.1.1.14"; - /** * */ public static final String RSA512_224_OID = "1.2.840.113549.1.1.15"; - /** * */ public static final String RSA512_256_OID = "1.2.840.113549.1.1.16"; - /** * */ public static final String RSA256_STRING = "SHA256WithRSA"; - /** * */ public static final String RSA384_STRING = "SHA384WithRSA"; - /** * */ public static final String RSA224_STRING = "SHA224WithRSA"; - /** * */ public static final String RSA512_STRING = "SHA512WithRSA"; - /** * */ public static final String RSA512_224_STRING = "SHA512-224WithRSA"; - /** * */ public static final String RSA512_256_STRING = "SHA512-256WithRSA"; - /** * */ public static final String ECDSA_STRING = "SHA256WithECDSA"; - /** * */ public static final String ECDSA_SHA224_STRING = "SHA224WithECDSA"; + + /** + * Private constructor was created to silence checkstyle error. + */ + private CertificateVariables() { + } } diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredential.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredential.java index f8a8bf70..961e4423 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredential.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/EndorsementCredential.java @@ -1,5 +1,6 @@ package hirs.attestationca.persist.entity.userdefined.certificate; +import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import hirs.attestationca.persist.entity.userdefined.certificate.attributes.TPMSecurityAssertions; import hirs.attestationca.persist.entity.userdefined.certificate.attributes.TPMSpecification; import jakarta.persistence.Column; @@ -60,6 +61,9 @@ import java.util.Set; * trustedcomputinggroup.org/wp-content/uploads/Credential_Profiles_V1.2_Level2_Revision8.pdf */ @Log4j2 +@SuppressFBWarnings(value = "RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE", + justification = "property credentialType is guaranteed to always be non-null/initialized. Warning" + + "stems from auto-generated lombok equals and hashcode method doing redundant null checks.") @EqualsAndHashCode(callSuper = false) @NoArgsConstructor(access = AccessLevel.PROTECTED) @Entity @@ -115,7 +119,7 @@ public class EndorsementCredential extends DeviceAssociatedCertificate { * manufacturer-provided ECs, and is therefore not currently parsed. */ @Getter - @Column(nullable = true) + @Column private final String policyReference = null; // optional /** @@ -123,7 +127,7 @@ public class EndorsementCredential extends DeviceAssociatedCertificate { * manufacturer-provided ECs, and is therefore not currently parsed. */ @Getter - @Column(nullable = true) + @Column private final String revocationLocator = null; // optional @Getter @@ -265,13 +269,13 @@ public class EndorsementCredential extends DeviceAssociatedCertificate { value = entry.getValue(); if (oid.equals(TPM_MODEL)) { model = value.toString(); - log.debug("Found TPM Model: " + model); + log.debug("Found TPM Model: {}", model); } else if (oid.equals(TPM_VERSION)) { version = value.toString(); - log.debug("Found TPM Version: " + version); + log.debug("Found TPM Version: {}", version); } else if (oid.equals(TPM_MANUFACTURER)) { manufacturer = value.toString(); - log.debug("Found TPM Manufacturer: " + manufacturer); + log.debug("Found TPM Manufacturer: {}", manufacturer); } } } @@ -317,7 +321,7 @@ public class EndorsementCredential extends DeviceAssociatedCertificate { ASN1Integer revision = (ASN1Integer) seq.getObjectAt(ASN1_REV_INDEX); tpmSpecification = new TPMSpecification(family.getString(), level.getValue(), revision.getValue()); - log.debug("Found TPM Spec:" + tpmSpecification); + log.debug("Found TPM Spec:{}", tpmSpecification); } else if (addToMapping && key.equals(TPM_SECURITY_ASSERTIONS)) { // Parse TPM Security Assertions int seqPosition = 0; @@ -343,7 +347,7 @@ public class EndorsementCredential extends DeviceAssociatedCertificate { tpmSecurityAssertions = new TPMSecurityAssertions(ver.getValue(), fieldUpgradeable.isTrue()); - log.debug("Found TPM Assertions: " + tpmSecurityAssertions); + log.debug("Found TPM Assertions: {}", tpmSecurityAssertions); // Iterate through remaining fields to set optional attributes int tag; ASN1TaggedObject obj; @@ -401,7 +405,6 @@ public class EndorsementCredential extends DeviceAssociatedCertificate { * @param key if addToMapping is true, the key in the OID key/value pair * @throws IOException parsing of subcomponents in the tree failed. */ - @SuppressWarnings("checkstyle:methodlength") private void parseSingle(final ASN1Primitive component, final boolean addToMapping, final String key) throws IOException { // null check the key if addToMapping is true @@ -563,7 +566,7 @@ public class EndorsementCredential extends DeviceAssociatedCertificate { } else { // there are some deprecated types that we don't parse - log.error("Unparsed type: " + component.getClass()); + log.error("Unparsed type: {}", component.getClass()); } } } diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/DeviceInfoReport.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/DeviceInfoReport.java index a589dbbe..d6d66edb 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/DeviceInfoReport.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/DeviceInfoReport.java @@ -1,5 +1,6 @@ package hirs.attestationca.persist.entity.userdefined.report; +import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import hirs.attestationca.persist.entity.AbstractEntity; import hirs.attestationca.persist.entity.userdefined.info.FirmwareInfo; import hirs.attestationca.persist.entity.userdefined.info.HardwareInfo; @@ -28,6 +29,10 @@ import java.net.InetAddress; * information about the device. This Report includes the network, * OS, and TPM information. */ +@SuppressFBWarnings(value = "RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE", + justification = "various class properties here are guaranteed to always be non-null/initialized." + + " Warning stems from auto-generated lombok equals and hashcode method doing redundant " + + "null checks.") @NoArgsConstructor @EqualsAndHashCode(callSuper = false) @Log4j2 diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/enums/HealthStatus.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/enums/HealthStatus.java index 86a71142..4ff0c457 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/enums/HealthStatus.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/enums/HealthStatus.java @@ -31,6 +31,12 @@ public enum HealthStatus { private final String healthStatus; + /** + * Determines if the provided health status is a valid health status. + * + * @param healthStatus string representation of the healh status + * @return true if the health status is valid, otherwise false + */ public static boolean isValidStatus(final String healthStatus) { return Arrays.stream(HealthStatus.values()) .map(HealthStatus::name) diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java index 5a1be57a..d164c688 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java @@ -97,7 +97,7 @@ public final class ProvisionUtils { private static final SecureRandom SECURE_RANDOM = new SecureRandom(); /** - * This private constructor was created to silence checkstyle errors. + * This private constructor was created to silence checkstyle error. */ private ProvisionUtils() { } @@ -219,7 +219,8 @@ public final class ProvisionUtils { new PSource.PSpecified("".getBytes(StandardCharsets.UTF_8))); cipher.init(Cipher.PRIVATE_KEY, privateKey, spec); - } else {// initialize the cipher to decrypt using the ACA private key. + } else { + // initialize the cipher to decrypt using the ACA private key. cipher.init(Cipher.DECRYPT_MODE, privateKey); } @@ -532,15 +533,32 @@ public final class ProvisionUtils { credentialBlob[0] = topSize[1]; credentialBlob[1] = topSize[0]; credentialBlob[2] = 0x00; - credentialBlob[3] = 0x20; - System.arraycopy(integrityHmac, 0, credentialBlob, 4, 32); - for (int i = 0; i < 98; i++) { - credentialBlob[36 + i] = 0x00; + + final int credBlobPosition4 = 3; + final byte credBlobFourthPositionValue = 0x20; + credentialBlob[credBlobPosition4] = credBlobFourthPositionValue; + + final int credBlobPosition5 = 4; + final int credBlobSizeFromPosition5 = 32; + System.arraycopy(integrityHmac, 0, credentialBlob, credBlobPosition5, credBlobSizeFromPosition5); + + final int credBlobPosition99 = 98; + final int credBlobPosition37 = 36; + + for (int i = 0; i < credBlobPosition99; i++) { + credentialBlob[credBlobPosition37 + i] = 0x00; } - System.arraycopy(encryptedSecret, 0, credentialBlob, 36, encryptedSecret.length); - credentialBlob[134] = 0x00; - credentialBlob[135] = 0x01; - System.arraycopy(encryptedSeed, 0, credentialBlob, 136, 256); + System.arraycopy(encryptedSecret, 0, credentialBlob, credBlobPosition37, encryptedSecret.length); + + final int credBlobPosition135 = 134; + credentialBlob[credBlobPosition135] = 0x00; + + final int credBlobPosition136 = 135; + credentialBlob[credBlobPosition136] = 0x01; + + final int credBlobPosition137 = 136; + final int credBlobSizeFromPosition137 = 256; + System.arraycopy(encryptedSeed, 0, credentialBlob, credBlobPosition137, credBlobSizeFromPosition137); // return the result return credentialBlob; } @@ -583,7 +601,8 @@ public final class ProvisionUtils { public static byte[] cryptKDFa(final byte[] seed, final String label, final byte[] context, final int sizeInBytes) throws NoSuchAlgorithmException, InvalidKeyException { - ByteBuffer b = ByteBuffer.allocate(4); + final int capacity = 4; + ByteBuffer b = ByteBuffer.allocate(capacity); b.putInt(1); byte[] counter = b.array(); // get the label @@ -592,24 +611,27 @@ public final class ProvisionUtils { labelWithEnding = label + "\0"; } byte[] labelBytes = labelWithEnding.getBytes(StandardCharsets.UTF_8); - b = ByteBuffer.allocate(4); - b.putInt(sizeInBytes * 8); + final int byteOffset = 8; + b = ByteBuffer.allocate(capacity); + b.putInt(sizeInBytes * byteOffset); byte[] desiredSizeInBits = b.array(); - int sizeOfMessage = 8 + labelBytes.length; + int sizeOfMessage = byteOffset + labelBytes.length; if (context != null) { sizeOfMessage += context.length; } byte[] message = new byte[sizeOfMessage]; int marker = 0; - System.arraycopy(counter, 0, message, marker, 4); - marker += 4; + + final int markerLength = 4; + System.arraycopy(counter, 0, message, marker, markerLength); + marker += markerLength; System.arraycopy(labelBytes, 0, message, marker, labelBytes.length); marker += labelBytes.length; if (context != null) { System.arraycopy(context, 0, message, marker, context.length); marker += context.length; } - System.arraycopy(desiredSizeInBits, 0, message, marker, 4); + System.arraycopy(desiredSizeInBits, 0, message, marker, markerLength); Mac hmac; byte[] toReturn = new byte[sizeInBytes]; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java index e051f956..be6a08e5 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java @@ -14,7 +14,7 @@ import java.util.ListIterator; public final class CredentialHelper { /** - * Private constructor was created to silence checkstyle. + * Private constructor was created to silence checkstyle error. */ private CredentialHelper() { } @@ -88,10 +88,13 @@ public final class CredentialHelper { // Look for first ASN.1 Sequence marked by the two bytes (0x30) and (0x82) // The check advances our position in the ByteBuffer by one byte int currentPosition = certificateByteBuffer.position(); - if (certificateByteBuffer.get() == (byte) 0x30 - && certificateByteBuffer.get(currentPosition + 1) == (byte) 0x82) { + final byte byte1 = (byte) 0x30; + final byte byte2 = (byte) 0x82; + if (certificateByteBuffer.get() == byte1 + && certificateByteBuffer.get(currentPosition + 1) == byte2) { // Check if we have anything more in the buffer than an ASN.1 Sequence header - if (certificateByteBuffer.remaining() <= 3) { + final int minByteBufferRemaining = 3; + if (certificateByteBuffer.remaining() <= minByteBufferRemaining) { throw new IllegalArgumentException(malformedCertStringBuilder .append(" Certificate is nothing more than ASN.1 Sequence.") .toString()); @@ -103,7 +106,8 @@ public final class CredentialHelper { certificateLength = Short.toUnsignedInt( certificateByteBuffer.getShort(currentPosition + 2)); // Add the 4 bytes that comprise the start of the ASN.1 Sequence and the length - certificateLength += 4; + final int startOfASN1Bytes = 4; + certificateLength += startOfASN1Bytes; break; } } diff --git a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/provision/helper/CredentialManagementHelperTest.java b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/provision/helper/CredentialManagementHelperTest.java index d51602c1..dfed1311 100644 --- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/provision/helper/CredentialManagementHelperTest.java +++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/provision/helper/CredentialManagementHelperTest.java @@ -3,6 +3,7 @@ package hirs.attestationca.persist.provision.helper; import hirs.attestationca.persist.entity.manager.CertificateRepository; import hirs.attestationca.persist.entity.userdefined.Certificate; import org.apache.commons.io.IOUtils; +import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.mockito.Mock; @@ -22,18 +23,37 @@ public class CredentialManagementHelperTest { private static final String EK_HEADER_TRUNCATED = "/certificates/nuc-1/ek_cert_7_byte_header_removed.cer"; + private static final String EK_UNTOUCHED = "/certificates/nuc-1/ek_cert_untouched.cer"; + @Mock private CertificateRepository certificateRepository; + /** + * Holds the AutoCloseable instance returned by openMocks. + */ + private AutoCloseable mocks; + /** * Setup mocks. */ @BeforeEach public void setUp() { //certificateRepository = mock(CertificateRepository.class); - MockitoAnnotations.initMocks(this); + mocks = MockitoAnnotations.openMocks(this); + } + + /** + * Tears down the mock instances. + * + * @throws Exception if there are any issues closing down mock instances + */ + @AfterEach + public void tearDown() throws Exception { + if (mocks != null) { + mocks.close(); + } } /** @@ -93,7 +113,7 @@ public class CredentialManagementHelperTest { } /** - * Tests processing a valid EK with the 7 byte header in tact. + * Tests processing a valid EK with the 7 byte header intact. * * @throws IOException if an IO error occurs */ diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSApplication.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSApplication.java index bbb35040..6b5cf3fa 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSApplication.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSApplication.java @@ -24,7 +24,8 @@ public class HIRSApplication {//extends SpringBootServletInitializer { public static void main(String[] args) { // SpringApplication springApplication = new SpringApplication(HIRSApplication.class); -// springApplication.setDefaultProperties(Collections.singletonMap("server.servlet.context-path", "/portal")); +// springApplication.setDefaultProperties(Collections.singletonMap("server.servlet.context-path", +// "/portal")); // springApplication.run(args); SpringApplication.run(HIRSApplication.class, args); } diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSDbInitializer.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSDbInitializer.java index ebd34350..6619df89 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSDbInitializer.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSDbInitializer.java @@ -27,7 +27,8 @@ public class HIRSDbInitializer extends AbstractAnnotationConfigDispatcherServlet } catch (NoSuchBeanDefinitionException nsbdEx) { if (log.isDebugEnabled()) { log.debug( - "Unable to locate MultipartResolver with name 'multipartResolver': no multipart request handling provided"); + "Unable to locate MultipartResolver with name 'multipartResolver': no multipart" + + " request handling provided"); } } catch (Exception ex) { log.error(ex.getMessage()); diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/PersistenceJPAConfig.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/PersistenceJPAConfig.java index dae778b7..c2cc0373 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/PersistenceJPAConfig.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/PersistenceJPAConfig.java @@ -251,7 +251,8 @@ public class PersistenceJPAConfig implements WebMvcConfigurer { // @Bean(name="default-settings") // public PolicySettings supplyChainSettings() { -// PolicySettings scSettings = new PolicySettings("Default", "Settings are configured for no validation flags set."); +// PolicySettings scSettings = new PolicySettings("Default", "Settings are configured for no +// validation flags set."); // // return scSettings; // } diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/DataTableResponse.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/DataTableResponse.java index f931d817..e5cc2ebb 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/DataTableResponse.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/DataTableResponse.java @@ -16,16 +16,20 @@ import java.util.List; * * @param the type of object that is being wrapped. */ +@Getter +@Setter @NoArgsConstructor(access = AccessLevel.PUBLIC) public final class DataTableResponse { - private List data = new LinkedList(); - @Getter - @Setter + @Getter(AccessLevel.NONE) + @Setter(AccessLevel.NONE) + private final List data = new LinkedList(); + private int draw; - @Getter - @Setter - private long recordsTotal, recordsFiltered; + + private long recordsTotal; + + private long recordsFiltered; /** * Builds a data table response using a FilteredRecordList. diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/package-info.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/package-info.java new file mode 100644 index 00000000..d7bdd760 --- /dev/null +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/package-info.java @@ -0,0 +1 @@ +package hirs.attestationca.portal.datatables; diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/listener/package-info.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/listener/package-info.java new file mode 100644 index 00000000..9f6fb6a5 --- /dev/null +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/listener/package-info.java @@ -0,0 +1 @@ +package hirs.attestationca.portal.listener; diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/PageParams.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/PageParams.java index c035fb26..0771facd 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/PageParams.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/PageParams.java @@ -14,4 +14,4 @@ public interface PageParams { */ LinkedHashMap asMap(); -} \ No newline at end of file +} diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java index a783101f..7d8454bc 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java @@ -222,4 +222,4 @@ public class DevicePageController extends PageController { return deviceIds; } -} \ No newline at end of file +} diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java index 9cc2faa9..ed6dfca7 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java @@ -115,7 +115,7 @@ public class ReferenceManifestPageController extends PageController records = new FilteredRecordsList<>(); int currentPage = input.getStart() / input.getLength(); @@ -281,10 +281,11 @@ public class ReferenceManifestPageController extends PageController