diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java index ed3d1ffc..66a6ed8f 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java @@ -120,6 +120,11 @@ public class Device extends AbstractEntity { this.lastReportTimestamp = (Timestamp) lastReportTimestamp.clone(); } + /** + * Creates a string representation of the Device object. + * + * @return a string representation of the Device object. + */ @Override public String toString() { return String.format("Device Name: %s%nStatus: %s%nSummary: %s%n", diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java index 4c8a4f2d..3d0d9711 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidation.java @@ -23,16 +23,20 @@ public class SupplyChainValidation extends ArchivableEntity { @Getter @Column private final ValidationType validationType; + @Getter @Column private final AppraisalStatus.Status validationResult; + @ManyToMany(fetch = FetchType.EAGER) @JoinTable(name = "CertificatesUsedToValidate", joinColumns = {@JoinColumn(name = "validation_id", nullable = false)}) private final List certificatesUsed; + @Getter @Column(length = RESULT_MESSAGE_LENGTH) private final String message; + @Getter @Column private String rimId; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/PlatformProperty.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/PlatformProperty.java index d36e5b8e..9f768c63 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/PlatformProperty.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/PlatformProperty.java @@ -27,7 +27,6 @@ public class PlatformProperty { * Number of identifiers for version 1. */ protected static final int IDENTIFIER_NUMBER = 2; - private static final String NOT_SPECIFIED = "Not Specified"; private ASN1UTF8String propertyName; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/TBBSecurityAssertion.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/TBBSecurityAssertion.java index 74d14a55..616d1503 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/TBBSecurityAssertion.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/TBBSecurityAssertion.java @@ -33,9 +33,7 @@ import java.math.BigInteger; public class TBBSecurityAssertion { private static final int CCINFO = 0; - private static final int FIPSLEVEL = 1; - private static final int RTMTYPE = 2; private ASN1Integer version; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/record/TPMMeasurementRecord.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/record/TPMMeasurementRecord.java index 16dc27a6..5543bb75 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/record/TPMMeasurementRecord.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/record/TPMMeasurementRecord.java @@ -51,11 +51,9 @@ public final class TPMMeasurementRecord extends ExaminableRecord { */ public static final int SHA_256_BYTE_LENGTH = 64; - @Column(name = "pcr", nullable = false) @XmlAttribute(name = "PcrNumber", required = true) private final int pcrId; - @Embedded @XmlElement private final Digest hash; diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java index 92de652e..5a1be57a 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java @@ -97,7 +97,7 @@ public final class ProvisionUtils { private static final SecureRandom SECURE_RANDOM = new SecureRandom(); /** - * This private constructor was created to silence one of checkstyle errors. + * This private constructor was created to silence checkstyle errors. */ private ProvisionUtils() { } @@ -109,7 +109,7 @@ public final class ProvisionUtils { * @param identityClaim byte array that should be converted to a Protobuf IdentityClaim * object * @return the Protobuf generated Identity Claim object - * @throws {@link IdentityProcessingException} if byte array could not be parsed + * @throws {@link InvalidProtocolBufferException} if byte array could not be parsed */ public static ProvisionerTpm2.IdentityClaim parseIdentityClaim(final byte[] identityClaim) { try { @@ -695,7 +695,7 @@ public final class ProvisionUtils { final int hoursInADay = 24; final int secondsInAnHour = 3600; final int millisecondsInASecond = 1000; - return (int) ((date2.getTime() - date1.getTime()) / - (millisecondsInASecond * secondsInAnHour * hoursInADay)); + return (int) ((date2.getTime() - date1.getTime()) + / (millisecondsInASecond * secondsInAnHour * hoursInADay)); } } diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/SupplyChainValidationService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/SupplyChainValidationService.java index a0a8f9d9..61120b1a 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/SupplyChainValidationService.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/SupplyChainValidationService.java @@ -66,6 +66,7 @@ public class SupplyChainValidationService { * @param policyRepository the policy manager * @param certificateRepository the cert manager * @param componentResultRepository the comp result manager + * @param componentAttributeRepository component attribute repository * @param referenceManifestRepository the RIM manager * @param supplyChainValidationRepository the scv manager * @param supplyChainValidationSummaryRepository the summary manager diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java index 8967244f..76efb8df 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationService.java @@ -40,7 +40,13 @@ import java.util.Set; import java.util.UUID; @Log4j2 -public class ValidationService { +public final class ValidationService { + + /** + * This private constructor was created to silence checkstyle errors. + */ + private ValidationService() { + } /** * Evaluates the provided endorsement credential status. diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/ReferenceManifestSelector.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/ReferenceManifestSelector.java index d8c1e307..2a0be756 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/ReferenceManifestSelector.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/selector/ReferenceManifestSelector.java @@ -27,23 +27,28 @@ public abstract class ReferenceManifestSelector { * String representing the database field for the manufacturer. */ public static final String PLATFORM_MANUFACTURER = "platformManufacturer"; + /** * String representing the database field for the manufacturer id. */ public static final String PLATFORM_MANUFACTURER_ID = "platformManufacturerId"; + /** * String representing the database field for the model. */ public static final String PLATFORM_MODEL = "platformModel"; + /** * String representing the database field for the filename. */ public static final String RIM_FILENAME_FIELD = "fileName"; + private static final String RIM_TYPE_FIELD = "rimType"; private final Class referenceTypeClass; private final Map fieldValueSelections; + private boolean excludeArchivedRims; /** @@ -142,8 +147,9 @@ public abstract class ReferenceManifestSelector { /** * Construct the criterion that can be used to query for rims matching the - * configuration of this {@link ReferenceManifestSelector}. + * + * configuration of this {@link ReferenceManifestSelector}. * + * @param criteriaBuilder criteria builder * @return a Criterion that can be used to query for rims matching the * configuration of this instance */ diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/AcaPciIds.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/AcaPciIds.java index 6725b13d..73e90f12 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/AcaPciIds.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/AcaPciIds.java @@ -22,15 +22,23 @@ public final class AcaPciIds { * The Component Class TCG Registry OID. */ public static final String COMPCLASS_TCG_OID = "2.23.133.18.3.1"; + /** * The Component Class Value mask for NICs. */ public static final String COMPCLASS_TCG_CAT_NIC = "00090000"; + /** * The Component Class Value mask for GFX cards. */ public static final String COMPCLASS_TCG_CAT_GFX = "00050000"; + /** + * Private constructor created to silence checkstyle error. + */ + private AcaPciIds() { + } + /** * Iterate through all components and translate PCI hardware IDs as necessary. It will only * translate ComponentIdentifierV2+ objects as it relies on Component Class information. diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java index bf336bbf..e051f956 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java @@ -13,6 +13,12 @@ import java.util.ListIterator; @Log4j2 public final class CredentialHelper { + /** + * Private constructor was created to silence checkstyle. + */ + private CredentialHelper() { + } + /** * Small method to check if the certificate is a PEM. * @@ -25,7 +31,7 @@ public final class CredentialHelper { } /** - * Small method to check if there are multi pem files + * Small method to check if there are multi pem files. * * @param possiblePEM header information * @return true if it is. @@ -44,7 +50,7 @@ public final class CredentialHelper { } /** - * Method to remove header footer information from PEM + * Method to remove header footer information from PEM. * * @param pemFile string representation of the file * @return a cleaned up raw byte object diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java index d1567f7f..914ac968 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java @@ -4,7 +4,6 @@ import com.fasterxml.jackson.core.JsonFactory; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import hirs.attestationca.persist.entity.userdefined.info.ComponentInfo; -import lombok.NoArgsConstructor; import lombok.extern.log4j.Log4j2; import org.apache.commons.lang3.StringUtils; import org.bouncycastle.asn1.x500.X500Name; @@ -35,7 +34,6 @@ import java.util.List; import java.util.Set; @Log4j2 -@NoArgsConstructor public class SupplyChainCredentialValidator { /** @@ -46,18 +44,15 @@ public class SupplyChainCredentialValidator { * AppraisalStatus message for a valid endorsement credential appraisal. */ public static final String ENDORSEMENT_VALID = "Endorsement credential validated"; - /** * AppraisalStatus message for a valid platform credential appraisal. */ public static final String PLATFORM_VALID = "Platform credential validated"; - /** * AppraisalStatus message for a valid platform credential attributes appraisal. */ public static final String PLATFORM_ATTRIBUTES_VALID = "Platform credential attributes validated"; - /** * AppraisalStatus message for a valid firmware appraisal. */ @@ -71,6 +66,12 @@ public class SupplyChainCredentialValidator { Security.addProvider(new BouncyCastleProvider()); } + /** + * Protected constructor was created to silence checkstyle. + */ + protected SupplyChainCredentialValidator() { + } + /** * Attempts to check if the certificate is validated by certificates in a cert chain. The cert * chain is expected to be stored in a non-ordered KeyStore (trust store). If the signing diff --git a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java index 677a355c..355fa903 100644 --- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java +++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java @@ -179,12 +179,26 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { Path certPath = Paths.get(resource.toURI()); PlatformCredential credential = new PlatformCredential(certPath); + Calendar calendar = Calendar.getInstance(); calendar.setTimeZone(TimeZone.getTimeZone("UTC")); - calendar.set(2017, 2, 23, 22, 34, 33); + final int year1 = 2017; + final int month1 = 2; + final int day1 = 23; + final int hour1 = 22; + final int minute1 = 34; + final int second1 = 33; + calendar.set(year1, month1, day1, hour1, minute1, second1); calendar.set(Calendar.MILLISECOND, 0); Assertions.assertEquals(credential.getBeginValidity().getTime(), calendar.getTime().getTime()); - calendar.set(2030, 11, 31, 23, 59, 59); + + final int year2 = 2030; + final int month2 = 11; + final int day2 = 31; + final int hour2 = 23; + final int minute2 = 59; + final int second2 = 59; + calendar.set(year2, month2, day2, hour2, minute2, second2); Assertions.assertEquals(credential.getEndValidity().getTime(), calendar.getTime().getTime()); Assertions.assertNotNull(credential.getAttributeCertificate()); @@ -229,10 +243,23 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { PlatformCredential credential = new PlatformCredential(certPath); Calendar calendar = Calendar.getInstance(); calendar.setTimeZone(TimeZone.getTimeZone("UTC")); - calendar.set(2017, 2, 23, 22, 34, 33); + final int year1 = 2017; + final int month1 = 2; + final int day1 = 23; + final int hour1 = 22; + final int minute1 = 34; + final int second1 = 33; + calendar.set(year1, month1, day1, hour1, minute1, second1); calendar.set(Calendar.MILLISECOND, 0); Assertions.assertEquals(credential.getBeginValidity().getTime(), calendar.getTime().getTime()); - calendar.set(2030, 11, 31, 23, 59, 59); + + final int year2 = 2030; + final int month2 = 11; + final int day2 = 31; + final int hour2 = 23; + final int minute2 = 59; + final int second2 = 59; + calendar.set(year2, month2, day2, hour2, minute2, second2); Assertions.assertEquals(credential.getEndValidity().getTime(), calendar.getTime().getTime()); Assertions.assertNotNull(credential.getAttributeCertificate()); @@ -278,10 +305,23 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { Calendar calendar = Calendar.getInstance(); calendar.setTimeZone(TimeZone.getTimeZone("UTC")); - calendar.set(2017, 3, 21, 17, 5, 29); + final int year1 = 2017; + final int month1 = 3; + final int day1 = 21; + final int hour1 = 17; + final int minute1 = 5; + final int second1 = 29; + calendar.set(year1, month1, day1, hour1, minute1, second1); calendar.set(Calendar.MILLISECOND, 0); Assertions.assertEquals(credential.getBeginValidity().getTime(), calendar.getTime().getTime()); - calendar.set(2030, 11, 31, 23, 59, 59); + + final int year2 = 2030; + final int month2 = 11; + final int day2 = 31; + final int hour2 = 23; + final int minute2 = 59; + final int second2 = 59; + calendar.set(year2, month2, day2, hour2, minute2, second2); Assertions.assertEquals(credential.getEndValidity().getTime(), calendar.getTime().getTime()); Assertions.assertNotNull(credential.getAttributeCertificate()); @@ -323,10 +363,23 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { Calendar calendar = Calendar.getInstance(); calendar.setTimeZone(TimeZone.getTimeZone("UTC")); - calendar.set(2017, 3, 21, 17, 5, 30); + final int year1 = 2017; + final int month1 = 3; + final int day1 = 21; + final int hour1 = 17; + final int minute1 = 5; + final int second1 = 30; + calendar.set(year1, month1, day1, hour1, minute1, second1); calendar.set(Calendar.MILLISECOND, 0); Assertions.assertEquals(credential.getBeginValidity().getTime(), calendar.getTime().getTime()); - calendar.set(2030, 11, 31, 23, 59, 59); + + final int year2 = 2030; + final int month2 = 11; + final int day2 = 31; + final int hour2 = 23; + final int minute2 = 59; + final int second2 = 59; + calendar.set(year2, month2, day2, hour2, minute2, second2); Assertions.assertEquals(credential.getEndValidity().getTime(), calendar.getTime().getTime()); Assertions.assertNotNull(credential.getAttributeCertificate()); @@ -394,7 +447,8 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { Assertions.fail("Component Identifier is empty."); } - Assertions.assertEquals(allComponents.size(), 7); + final int expectedComponentsSize = 7; + Assertions.assertEquals(expectedComponentsSize, allComponents.size()); ComponentIdentifier component; //Check component #2 @@ -414,7 +468,8 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { Assertions.assertTrue(component.getFieldReplaceable().isTrue()); //Check component #5 - component = allComponents.get(4); + final int component5Position = 4; + component = allComponents.get(component5Position); Assertions.assertEquals("Ethernet Connection I219-LM", component.getComponentModel() .getString()); Assertions.assertEquals("8c:0f:6f:72:c6:c5", component.getComponentAddress().get(0) @@ -513,7 +568,8 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { Assertions.fail("Component Identifier is empty."); } - Assertions.assertEquals(allComponents.size(), 3); + final int expectedComponentsSize = 3; + Assertions.assertEquals(expectedComponentsSize, allComponents.size()); ComponentIdentifier component; //Check component #2 @@ -581,7 +637,8 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { Assertions.fail("Component Identifier is empty."); } - Assertions.assertEquals(allComponents.size(), 7); + final int expectedComponentsSize = 7; + Assertions.assertEquals(expectedComponentsSize, allComponents.size()); ComponentIdentifier component; //Check component #1 @@ -592,7 +649,8 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { .getString()); //Check component #7 - component = allComponents.get(6); + final int component7Position = 6; + component = allComponents.get(component7Position); Assertions.assertTrue(component.getComponentAddress().size() > 0); Assertions.assertEquals("8c:0f:6f:72:c6:c5", component.getComponentAddress().get(0) .getAddressValue() @@ -647,14 +705,18 @@ public class PlatformCredentialTest extends AbstractUserdefinedEntityTest { //Check component identifier List allComponents = platformConfig.getComponentIdentifier(); Assertions.assertFalse(allComponents.isEmpty()); - ComponentIdentifier component = allComponents.get(5); + + final int component6Position = 5; + ComponentIdentifier component = allComponents.get(component6Position); Assertions.assertTrue(component.isVersion2()); List platformProperties = platformConfig.getPlatformProperties(); if (platformProperties.isEmpty()) { Assertions.fail("Platform Properties is empty."); } - Assertions.assertEquals(platformProperties.size(), 3); + + final int platformPropSize = 3; + Assertions.assertEquals(platformPropSize, platformProperties.size()); PlatformProperty property; diff --git a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfoTest.java b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfoTest.java index 41ba024a..62494a31 100644 --- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfoTest.java +++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfoTest.java @@ -18,16 +18,12 @@ import static org.junit.jupiter.api.Assertions.assertThrows; public class TPMInfoTest extends AbstractUserdefinedEntityTest { private static final String TPM_MAKE = "test tpmMake"; - + private static final int RIGHT_PADDING_SIZE = 65; private static final String LONG_TPM_MAKE = StringUtils.rightPad("test tpmMake", RIGHT_PADDING_SIZE); - private static final short VERSION_MAJOR = 1; - private static final short VERSION_MINOR = 2; - private static final short VERSION_REV_MAJOR = 3; - private static final short VERSION_REV_MINOR = 4; private static final Logger LOGGER = LogManager.getLogger(TPMInfoTest.class); diff --git a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidatorTest.java b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidatorTest.java index 254014b2..7384e4b5 100644 --- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidatorTest.java +++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidatorTest.java @@ -207,11 +207,6 @@ public class SupplyChainCredentialValidatorTest { private static KeyStore emptyKeyStore; - private final SupplyChainCredentialValidator supplyChainCredentialValidator = - new SupplyChainCredentialValidator(); - private final CredentialValidator credentialValidator = - new CredentialValidator(); - /** * Sets up a KeyStore for testing. *