diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/configuration/PersistenceConfiguration.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/configuration/PersistenceConfiguration.java index 4b964a3b..ba01e313 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/configuration/PersistenceConfiguration.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/configuration/PersistenceConfiguration.java @@ -6,11 +6,7 @@ import hirs.attestationca.service.DeviceServiceImpl; import hirs.attestationca.service.PolicyServiceImpl; import hirs.attestationca.service.ReferenceDigestValueServiceImpl; import hirs.attestationca.service.ReferenceManifestServiceImpl; -import hirs.attestationca.servicemanager.DBManager; -import hirs.attestationca.servicemanager.DBPortalInfoManager; import hirs.data.persist.SupplyChainValidationSummary; -import hirs.persist.CrudManager; -import hirs.persist.PortalInfoManager; import hirs.persist.service.CertificateService; import hirs.persist.service.DeviceService; import hirs.persist.service.PolicyService; @@ -134,14 +130,13 @@ public class PersistenceConfiguration { * @return {@link hirs.attestationca.servicemanager.DBManager} */ @Bean - public CrudManager supplyChainValidationSummaryManager() { - DbServiceImpl manager - = new DbServiceImpl<>( - SupplyChainValidationSummary.class, + public DbServiceImpl supplyChainValidationSummaryManager() { + DbServiceImpl serviceImpl + = new DbServiceImpl( entityManager ); - setDbServiceRetrySettings(manager); - return manager; + setDbServiceRetrySettings(serviceImpl); + return serviceImpl; } /** diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/repository/AppraiserRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/repository/AppraiserRepository.java new file mode 100644 index 00000000..a3e1fcc5 --- /dev/null +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/repository/AppraiserRepository.java @@ -0,0 +1,14 @@ +package hirs.attestationca.repository; + +import hirs.appraiser.Appraiser; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +import java.util.UUID; + +/** + * Setting up for new creation for CRUD operations. + */ +@Repository +public interface AppraiserRepository extends JpaRepository { +} diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/AppraiserServiceImpl.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/AppraiserServiceImpl.java new file mode 100644 index 00000000..d3efd31b --- /dev/null +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/AppraiserServiceImpl.java @@ -0,0 +1,110 @@ +package hirs.attestationca.service; + +import hirs.appraiser.Appraiser; +import hirs.attestationca.repository.AppraiserRepository; +import hirs.persist.AppraiserManagerException; +import hirs.persist.DBManagerException; +import hirs.persist.service.AppraiserService; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.retry.RetryCallback; +import org.springframework.retry.RetryContext; +import org.springframework.stereotype.Service; + +import javax.persistence.EntityManager; +import java.util.List; +import java.util.UUID; + +/** + * A AppraiserServiceImpl manages Appraisers. A + * AppraiserServiceImpl is used to store and manage certificates. It has + * support for the basic create, read, update, and delete methods. + */ +@Service +public class AppraiserServiceImpl extends DbServiceImpl + implements AppraiserService { + private static final Logger LOGGER = LogManager.getLogger(); + @Autowired + private AppraiserRepository appraiserRepository; + + /** + * Default constructor. + * @param em entity manager for jpa hibernate events + */ + public AppraiserServiceImpl(final EntityManager em) { + } + + @Override + public Appraiser saveAppraiser(final Appraiser appraiser) throws AppraiserManagerException { + LOGGER.debug("saving appraiser: {}", appraiser); + + return getRetryTemplate().execute(new RetryCallback() { + @Override + public Appraiser doWithRetry(final RetryContext context) + throws DBManagerException { + return appraiserRepository.save(appraiser); + } + }); + } + + @Override + public void updateAppraiser(final Appraiser appraiser) throws AppraiserManagerException { + LOGGER.debug("updating appraiser: {}", appraiser); + Appraiser dBAppraiser; + + if (appraiser.getId() == null) { + LOGGER.debug("Appraiser not found: {}", appraiser); + dBAppraiser = appraiser; + } else { + // will not return null, throws and exception + dBAppraiser = appraiserRepository.getReferenceById( + UUID.fromString(appraiser.getId().toString())); + + // run through things that aren't equal and update + + if (!dBAppraiser.getName().equals(appraiser.getName())) { + dBAppraiser.setName(appraiser.getName()); + } + + } + + saveAppraiser(dBAppraiser); + } + + @Override + public Appraiser getAppraiser(final String name) throws AppraiserManagerException { + LOGGER.debug("retrieve appraiser: {}", name); + + return getRetryTemplate().execute(new RetryCallback() { + @Override + public Appraiser doWithRetry(final RetryContext context) + throws DBManagerException { + List appraiserList = appraiserRepository.findAll(); + for (Appraiser appraiser : appraiserList) { + if (appraiser.getName().equals(name)) { + return appraiser; + } + } + return null; } + }); + } + + @Override + public final void deleteAppraiser(final Appraiser appraiser) + throws AppraiserManagerException { + LOGGER.debug("Deleting appraiser by name: {}", appraiser.getName()); + + getRetryTemplate().execute(new RetryCallback() { + @Override + public Void doWithRetry(final RetryContext context) + throws DBManagerException { + appraiserRepository.delete(appraiser); + appraiserRepository.flush(); + return null; + } + }); + } +} diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/CertificateServiceImpl.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/CertificateServiceImpl.java index d3da25d8..a0d58edb 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/CertificateServiceImpl.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/CertificateServiceImpl.java @@ -48,7 +48,7 @@ public class CertificateServiceImpl extends DbServiceImpl public CertificateServiceImpl(final EntityManager em) { } - @Override + @Override public Certificate saveCertificate(final Certificate certificate) { LOGGER.debug("Saving certificate: {}", certificate); diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/DbServiceImpl.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/DbServiceImpl.java index 5540cbb5..e6cfa248 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/DbServiceImpl.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/DbServiceImpl.java @@ -10,6 +10,7 @@ import org.springframework.retry.policy.SimpleRetryPolicy; import org.springframework.retry.support.RetryTemplate; import org.springframework.stereotype.Service; +import javax.persistence.EntityManager; import java.util.HashMap; import java.util.Map; @@ -35,6 +36,7 @@ public class DbServiceImpl { // structure for retrying methods in the database private RetryTemplate retryTemplate; + private EntityManager em; /** * Creates a new DbServiceImpl that uses the default database. The @@ -45,6 +47,16 @@ public class DbServiceImpl { setRetryTemplate(DEFAULT_MAX_RETRY_ATTEMPTS, DEFAULT_RETRY_WAIT_TIME_MS); } + /** + * Creates a new DbServiceImpl that uses the default database. The + * default database is used to store all of the objects. + * + */ + public DbServiceImpl(final EntityManager em) { + setRetryTemplate(DEFAULT_MAX_RETRY_ATTEMPTS, DEFAULT_RETRY_WAIT_TIME_MS); + this.em = em; + } + /** * Set the parameters used to retry database transactions. The retry template will * retry transactions that throw a LockAcquisitionException or StaleObjectStateException. @@ -86,4 +98,12 @@ public class DbServiceImpl { public void addRetryListener(final RetryListener retryListener) { retryTemplate.registerListener(retryListener); } + + /** + * Getter for the EntityManager. + * @return instance of the manager + */ + public final EntityManager getEm() { + return em; + } } diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/PolicyServiceImpl.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/PolicyServiceImpl.java index 85c72d9b..a575c98f 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/PolicyServiceImpl.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/PolicyServiceImpl.java @@ -1,21 +1,30 @@ package hirs.attestationca.service; import hirs.FilteredRecordsList; +import hirs.appraiser.Appraiser; import hirs.attestationca.repository.PolicyRepository; import hirs.data.persist.policy.Policy; import hirs.persist.CriteriaModifier; import hirs.persist.DBManagerException; import hirs.persist.OrderedQuery; +import hirs.persist.PolicyMapper; import hirs.persist.service.DefaultService; import hirs.persist.service.PolicyService; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; +import org.hibernate.Session; +import org.hibernate.Transaction; +import org.hibernate.query.Query; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.retry.RetryCallback; import org.springframework.retry.RetryContext; import org.springframework.stereotype.Service; import javax.persistence.EntityManager; +import javax.persistence.criteria.CriteriaBuilder; +import javax.persistence.criteria.CriteriaQuery; +import javax.persistence.criteria.Predicate; +import javax.persistence.criteria.Root; import java.util.List; import java.util.Map; import java.util.UUID; @@ -37,6 +46,7 @@ public class PolicyServiceImpl extends DbServiceImpl implements DefaultS * Default Constructor. */ public PolicyServiceImpl(final EntityManager em) { + super(em); } @Override @@ -111,6 +121,53 @@ public class PolicyServiceImpl extends DbServiceImpl implements DefaultS return savePolicy(dbPolicy); } + @Override + public final Policy getDefaultPolicy(final Appraiser appraiser) { + if (appraiser == null) { + LOGGER.error("cannot get default policy for null appraiser"); + return null; + } + + Policy ret = null; + Transaction tx = null; + Session session = getEm().unwrap(org.hibernate.Session.class); + try { + tx = session.beginTransaction(); + LOGGER.debug("retrieving policy mapper from db where appraiser = {}", + appraiser); + CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder(); + CriteriaQuery criteriaQuery = criteriaBuilder + .createQuery(PolicyMapper.class); + Root root = criteriaQuery.from(PolicyMapper.class); + Predicate recordPredicate = criteriaBuilder.and( + criteriaBuilder.equal(root.get("appraiser"), appraiser)); + criteriaQuery.select(root).where(recordPredicate); + Query query = session.createQuery(criteriaQuery); + List results = query.getResultList(); + PolicyMapper mapper = null; + if (results != null && !results.isEmpty()) { + mapper = results.get(0); + } + + if (mapper == null) { + LOGGER.debug("no policy mapper found for appraiser {}", + appraiser); + } else { + ret = mapper.getPolicy(); + } + session.getTransaction().commit(); + } catch (Exception e) { + final String msg = "unable to get default policy"; + LOGGER.error(msg, e); + if (tx != null) { + LOGGER.debug("rolling back transaction"); + tx.rollback(); + } + throw new DBManagerException(msg, e); + } + return ret; + } + @Override public FilteredRecordsList getOrderedList( final Class clazz, final String columnToOrder, diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/ReferenceDigestValueServiceImpl.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/ReferenceDigestValueServiceImpl.java index 646a0f16..b5679286 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/ReferenceDigestValueServiceImpl.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/ReferenceDigestValueServiceImpl.java @@ -16,6 +16,7 @@ import org.springframework.retry.RetryContext; import org.springframework.stereotype.Service; import javax.persistence.EntityManager; +import java.util.LinkedList; import java.util.List; import java.util.Map; import java.util.UUID; @@ -113,6 +114,14 @@ public class ReferenceDigestValueServiceImpl extends DbServiceImpl getValuesByRimId(final UUID uuid) { + // this isn't right, it will look for the ids in the wrong column (CYRUYS) + // need to figure out repo search based on criteria associated with a specific column + + return new LinkedList<>(this.referenceDigestValueRepository.findAllById(uuid)); + } + @Override public FilteredRecordsList getOrderedList( final Class clazz, final String columnToOrder, diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java index ad09bd59..6d0c0093 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/service/SupplyChainValidationServiceImpl.java @@ -22,14 +22,13 @@ import hirs.data.persist.certificate.EndorsementCredential; import hirs.data.persist.certificate.PlatformCredential; import hirs.data.persist.policy.PCRPolicy; import hirs.data.persist.policy.SupplyChainPolicy; -import hirs.persist.AppraiserManager; import hirs.persist.CrudManager; import hirs.persist.DBManagerException; -import hirs.persist.PolicyManager; -import hirs.persist.ReferenceDigestManager; -import hirs.persist.ReferenceEventManager; -import hirs.persist.ReferenceManifestManager; +import hirs.persist.service.AppraiserService; import hirs.persist.service.CertificateService; +import hirs.persist.service.PolicyService; +import hirs.persist.service.ReferenceDigestValueService; +import hirs.persist.service.ReferenceManifestService; import hirs.tpm.eventlog.TCGEventLog; import hirs.tpm.eventlog.TpmPcrEvent; import hirs.utils.BouncyCastleUtils; @@ -76,11 +75,11 @@ import static hirs.data.persist.AppraisalStatus.Status.PASS; @Import(PersistenceConfiguration.class) public class SupplyChainValidationServiceImpl implements SupplyChainValidationService { - private PolicyManager policyManager; - private AppraiserManager appraiserManager; - private ReferenceManifestManager referenceManifestManager; - private ReferenceDigestManager referenceDigestManager; - private ReferenceEventManager referenceEventManager; + private PolicyService policyService; + private AppraiserService appraiserService; + private ReferenceManifestService referenceManifestService; +// private ReferenceDigestValue referenceDigestManager; + private ReferenceDigestValueService referenceDigestValueService; private CertificateService certificateService; private CredentialValidator supplyChainCredentialValidator; private CrudManager supplyChainValidatorSummaryManager; @@ -101,33 +100,30 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe /** * Constructor. * - * @param policyManager the policy manager - * @param appraiserManager the appraiser manager + * @param policyService the policy service + * @param appraiserService the appraiser service * @param certificateService the cert service - * @param referenceManifestManager the RIM manager + * @param referenceManifestService the RIM service * @param supplyChainValidatorSummaryManager the summary manager * @param supplyChainCredentialValidator the credential validator - * @param referenceDigestManager the digest manager - * @param referenceEventManager the even manager + * @param referenceDigestValueService the event service */ @Autowired @SuppressWarnings("ParameterNumberCheck") public SupplyChainValidationServiceImpl( - final PolicyManager policyManager, final AppraiserManager appraiserManager, + final PolicyService policyService, final AppraiserService appraiserService, final CertificateService certificateService, - final ReferenceManifestManager referenceManifestManager, + final ReferenceManifestService referenceManifestService, final CrudManager supplyChainValidatorSummaryManager, final CredentialValidator supplyChainCredentialValidator, - final ReferenceDigestManager referenceDigestManager, - final ReferenceEventManager referenceEventManager) { - this.policyManager = policyManager; - this.appraiserManager = appraiserManager; + final ReferenceDigestValueService referenceDigestValueService) { + this.policyService = policyService; + this.appraiserService = appraiserService; this.certificateService = certificateService; - this.referenceManifestManager = referenceManifestManager; + this.referenceManifestService = referenceManifestService; this.supplyChainValidatorSummaryManager = supplyChainValidatorSummaryManager; this.supplyChainCredentialValidator = supplyChainCredentialValidator; - this.referenceDigestManager = referenceDigestManager; - this.referenceEventManager = referenceEventManager; + this.referenceDigestValueService = referenceDigestValueService; } /** @@ -136,9 +132,9 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe * @return supply chain policy */ public SupplyChainPolicy getPolicy() { - final Appraiser supplyChainAppraiser = appraiserManager.getAppraiser( + final Appraiser supplyChainAppraiser = appraiserService.getAppraiser( SupplyChainAppraiser.NAME); - return (SupplyChainPolicy) policyManager.getDefaultPolicy( + return (SupplyChainPolicy) policyService.getDefaultPolicy( supplyChainAppraiser); } @@ -157,9 +153,9 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe public SupplyChainValidationSummary validateSupplyChain(final EndorsementCredential ec, final Set pcs, final Device device) { - final Appraiser supplyChainAppraiser = appraiserManager.getAppraiser( + final Appraiser supplyChainAppraiser = appraiserService.getAppraiser( SupplyChainAppraiser.NAME); - SupplyChainPolicy policy = (SupplyChainPolicy) policyManager.getDefaultPolicy( + SupplyChainPolicy policy = (SupplyChainPolicy) policyService.getDefaultPolicy( supplyChainAppraiser); boolean acceptExpiredCerts = policy.isExpiredCertificateValidationEnabled(); PlatformCredential baseCredential = null; @@ -390,7 +386,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe ReferenceManifest supportReferenceManifest = null; EventLogMeasurements measurement = null; - baseReferenceManifests = BaseReferenceManifest.select(referenceManifestManager) + baseReferenceManifests = BaseReferenceManifest.select(referenceManifestService) .byModel(model).getRIMs(); for (BaseReferenceManifest bRim : baseReferenceManifests) { @@ -405,11 +401,11 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe failedString = "Base Reference Integrity Manifest\n"; passed = false; } else { - measurement = EventLogMeasurements.select(referenceManifestManager) + measurement = EventLogMeasurements.select(referenceManifestService) .byHexDecHash(baseReferenceManifest.getEventLogHash()).getRIM(); if (measurement == null) { - measurement = EventLogMeasurements.select(referenceManifestManager) + measurement = EventLogMeasurements.select(referenceManifestService) .byModel(baseReferenceManifest.getPlatformModel()).getRIM(); } } @@ -458,7 +454,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe } for (SwidResource swidRes : resources) { - supportReferenceManifest = SupportReferenceManifest.select(referenceManifestManager) + supportReferenceManifest = SupportReferenceManifest.select(referenceManifestService) .byHexDecHash(swidRes.getHashValue()).getRIM(); if (supportReferenceManifest != null) { // Removed the filename check from this if statement @@ -536,8 +532,8 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe try { if (measurement.getPlatformManufacturer().equals(manufacturer)) { tcgMeasurementLog = new TCGEventLog(measurement.getRimBytes()); - eventValue = this.referenceEventManager - .getValuesByRimId(baseReferenceManifest); + eventValue = this.referenceDigestValueService + .getValuesByRimId(baseReferenceManifest.getId()); for (ReferenceDigestValue rdv : eventValue) { eventValueMap.put(rdv.getDigestValue(), rdv); } @@ -578,13 +574,14 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe EventLogMeasurements eventLog = (EventLogMeasurements) measurement; eventLog.setOverallValidationResult(fwStatus.getAppStatus()); - this.referenceManifestManager.update(eventLog); + this.referenceManifestService.updateReferenceManifest(eventLog, eventLog.getId()); } else { fwStatus = new AppraisalStatus(FAIL, String.format("Firmware Validation failed: " + "%s for %s can not be found", failedString, manufacturer)); if (measurement != null) { measurement.setOverallValidationResult(fwStatus.getAppStatus()); - this.referenceManifestManager.update(measurement); + this.referenceManifestService.updateReferenceManifest( + measurement, measurement.getId()); } } @@ -600,9 +597,9 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe */ @Override public SupplyChainValidationSummary validateQuote(final Device device) { - final Appraiser supplyChainAppraiser = appraiserManager.getAppraiser( + final Appraiser supplyChainAppraiser = appraiserService.getAppraiser( SupplyChainAppraiser.NAME); - SupplyChainPolicy policy = (SupplyChainPolicy) policyManager.getDefaultPolicy( + SupplyChainPolicy policy = (SupplyChainPolicy) policyService.getDefaultPolicy( supplyChainAppraiser); SupplyChainValidation quoteScv = null; SupplyChainValidationSummary summary = null; @@ -620,7 +617,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe try { Set supportRims = SupportReferenceManifest - .select(this.referenceManifestManager) + .select(this.referenceManifestService) .byManufacturerModel( device.getDeviceInfo().getHardwareInfo().getManufacturer(), device.getDeviceInfo().getHardwareInfo().getProductName()) @@ -631,7 +628,7 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe } } eventLog = EventLogMeasurements - .select(this.referenceManifestManager) + .select(this.referenceManifestService) .byHexDecHash(sRim.getEventLogHash()).getRIM(); if (sRim == null) { @@ -663,7 +660,8 @@ public class SupplyChainValidationServiceImpl implements SupplyChainValidationSe + "\nPCR hash and Quote hash do not match."); } eventLog.setOverallValidationResult(fwStatus.getAppStatus()); - this.referenceManifestManager.update(eventLog); + this.referenceManifestService.updateReferenceManifest( + eventLog, eventLog.getId()); } } catch (Exception ex) { LOGGER.error(ex); diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/servicemanager/DBPolicyManager.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/servicemanager/DBPolicyManager.java index 471cfa54..5dc88ccb 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/servicemanager/DBPolicyManager.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/servicemanager/DBPolicyManager.java @@ -417,8 +417,7 @@ public class DBPolicyManager extends DBManager implements PolicyManager * there is none */ @Override - public final Policy getPolicy(final Appraiser appraiser, - final DeviceGroup deviceGroup) { + public final Policy getPolicy(final Appraiser appraiser) { if (appraiser == null) { LOGGER.error("cannot get policy for null appraiser"); return null; @@ -430,14 +429,13 @@ public class DBPolicyManager extends DBManager implements PolicyManager try { tx = session.beginTransaction(); LOGGER.debug("retrieving policy mapper from db where appraiser = " - + "{} and device group = {}", appraiser, deviceGroup); + + "{}", appraiser); CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder(); CriteriaQuery criteriaQuery = criteriaBuilder .createQuery(PolicyMapper.class); Root root = criteriaQuery.from(PolicyMapper.class); Predicate recordPredicate = criteriaBuilder.and( - criteriaBuilder.equal(root.get("appraiser"), appraiser), - criteriaBuilder.equal(root.get("deviceGroup"), deviceGroup)); + criteriaBuilder.equal(root.get("appraiser"), appraiser)); criteriaQuery.select(root).where(recordPredicate); Query query = session.createQuery(criteriaQuery); List results = query.getResultList(); @@ -447,8 +445,7 @@ public class DBPolicyManager extends DBManager implements PolicyManager } if (mapper == null) { - LOGGER.debug("no policy mapper found for appraiser {} and " - + "device group {}", appraiser, deviceGroup); + LOGGER.debug("no policy mapper found for appraiser {}", appraiser); } else { ret = mapper.getPolicy(); } diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/BaseReferenceManifest.java b/HIRS_Utils/src/main/java/hirs/data/persist/BaseReferenceManifest.java index 215e075f..34628876 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/BaseReferenceManifest.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/BaseReferenceManifest.java @@ -1,8 +1,8 @@ package hirs.data.persist; import com.fasterxml.jackson.annotation.JsonIgnore; -import hirs.persist.ReferenceManifestManager; import hirs.persist.ReferenceManifestSelector; +import hirs.persist.service.ReferenceManifestService; import hirs.utils.xjc.BaseElement; import hirs.utils.xjc.Directory; import hirs.utils.xjc.FilesystemItem; @@ -96,14 +96,14 @@ public class BaseReferenceManifest extends ReferenceManifest { public static class Selector extends ReferenceManifestSelector { /** * Construct a new ReferenceManifestSelector that will use - * the given (@link ReferenceManifestManager} + * the given (@link ReferenceManifestService} * to retrieve one or may BaseReferenceManifest. * - * @param referenceManifestManager the reference manifest manager to be used to retrieve + * @param referenceManifestService the reference manifest manager to be used to retrieve * reference manifests. */ - public Selector(final ReferenceManifestManager referenceManifestManager) { - super(referenceManifestManager, BaseReferenceManifest.class); + public Selector(final ReferenceManifestService referenceManifestService) { + super(referenceManifestService, BaseReferenceManifest.class); } /** @@ -289,12 +289,12 @@ public class BaseReferenceManifest extends ReferenceManifest { /** * Get a Selector for use in retrieving ReferenceManifest. * - * @param rimMan the ReferenceManifestManager to be used to retrieve + * @param rimService the ReferenceManifestService to be used to retrieve * persisted RIMs * @return a Selector instance to use for retrieving RIMs */ - public static Selector select(final ReferenceManifestManager rimMan) { - return new Selector(rimMan); + public static Selector select(final ReferenceManifestService rimService) { + return new Selector(rimService); } /** diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/EventLogMeasurements.java b/HIRS_Utils/src/main/java/hirs/data/persist/EventLogMeasurements.java index 66b053cf..7f0e9e67 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/EventLogMeasurements.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/EventLogMeasurements.java @@ -1,8 +1,8 @@ package hirs.data.persist; import com.fasterxml.jackson.annotation.JsonIgnore; -import hirs.persist.ReferenceManifestManager; import hirs.persist.ReferenceManifestSelector; +import hirs.persist.service.ReferenceManifestService; import hirs.tpm.eventlog.TCGEventLog; import hirs.tpm.eventlog.TpmPcrEvent; import org.apache.logging.log4j.LogManager; @@ -40,14 +40,14 @@ public class EventLogMeasurements extends ReferenceManifest { public static class Selector extends ReferenceManifestSelector { /** * Construct a new ReferenceManifestSelector that - * will use the given (@link ReferenceManifestManager} + * will use the given (@link ReferenceManifestService} * to retrieve one or may SupportReferenceManifest. * - * @param referenceManifestManager the reference manifest manager to be used to retrieve + * @param referenceManifestService the reference manifest manager to be used to retrieve * reference manifests. */ - public Selector(final ReferenceManifestManager referenceManifestManager) { - super(referenceManifestManager, EventLogMeasurements.class, false); + public Selector(final ReferenceManifestService referenceManifestService) { + super(referenceManifestService, EventLogMeasurements.class, false); } /** @@ -131,12 +131,12 @@ public class EventLogMeasurements extends ReferenceManifest { /** * Get a Selector for use in retrieving ReferenceManifest. * - * @param rimMan the ReferenceManifestManager to be used to retrieve + * @param rimService the ReferenceManifestService to be used to retrieve * persisted RIMs * @return a Selector instance to use for retrieving RIMs */ - public static Selector select(final ReferenceManifestManager rimMan) { - return new Selector(rimMan); + public static Selector select(final ReferenceManifestService rimService) { + return new Selector(rimService); } /** diff --git a/HIRS_Utils/src/main/java/hirs/data/persist/SupportReferenceManifest.java b/HIRS_Utils/src/main/java/hirs/data/persist/SupportReferenceManifest.java index fcee4586..2248c76a 100644 --- a/HIRS_Utils/src/main/java/hirs/data/persist/SupportReferenceManifest.java +++ b/HIRS_Utils/src/main/java/hirs/data/persist/SupportReferenceManifest.java @@ -1,8 +1,8 @@ package hirs.data.persist; import com.fasterxml.jackson.annotation.JsonIgnore; -import hirs.persist.ReferenceManifestManager; import hirs.persist.ReferenceManifestSelector; +import hirs.persist.service.ReferenceManifestService; import hirs.tpm.eventlog.TCGEventLog; import hirs.tpm.eventlog.TpmPcrEvent; import org.apache.logging.log4j.LogManager; @@ -40,11 +40,11 @@ public class SupportReferenceManifest extends ReferenceManifest { * use the given (@link ReferenceManifestManager} * to retrieve one or may SupportReferenceManifest. * - * @param referenceManifestManager the reference manifest manager to be used to retrieve + * @param referenceManifestService the reference manifest manager to be used to retrieve * reference manifests. */ - public Selector(final ReferenceManifestManager referenceManifestManager) { - super(referenceManifestManager, SupportReferenceManifest.class); + public Selector(final ReferenceManifestService referenceManifestService) { + super(referenceManifestService, SupportReferenceManifest.class); } /** @@ -141,12 +141,12 @@ public class SupportReferenceManifest extends ReferenceManifest { /** * Get a Selector for use in retrieving ReferenceManifest. * - * @param rimMan the ReferenceManifestManager to be used to retrieve + * @param rimService the ReferenceManifestService to be used to retrieve * persisted RIMs * @return a Selector instance to use for retrieving RIMs */ - public static Selector select(final ReferenceManifestManager rimMan) { - return new Selector(rimMan); + public static Selector select(final ReferenceManifestService rimService) { + return new Selector(rimService); } /** diff --git a/HIRS_Utils/src/main/java/hirs/persist/ReferenceManifestSelector.java b/HIRS_Utils/src/main/java/hirs/persist/ReferenceManifestSelector.java index 556029cd..5397b184 100644 --- a/HIRS_Utils/src/main/java/hirs/persist/ReferenceManifestSelector.java +++ b/HIRS_Utils/src/main/java/hirs/persist/ReferenceManifestSelector.java @@ -3,6 +3,7 @@ package hirs.persist; import com.google.common.base.Preconditions; import hirs.data.persist.ReferenceManifest; import hirs.data.persist.certificate.Certificate; +import hirs.persist.service.ReferenceManifestService; import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.StringUtils; @@ -45,7 +46,7 @@ public abstract class ReferenceManifestSelector { public static final String RIM_FILENAME_FIELD = "fileName"; private static final String RIM_TYPE_FIELD = "rimType"; - private final ReferenceManifestManager referenceManifestManager; + private final ReferenceManifestService referenceManifestService; private final Class referenceTypeClass; private final Map fieldValueSelections; @@ -54,26 +55,26 @@ public abstract class ReferenceManifestSelector { /** * Default Constructor. * - * @param referenceManifestManager the RIM manager to be used to retrieve RIMs + * @param referenceManifestService the RIM service to be used to retrieve RIMs * @param referenceTypeClass the type of Reference Manifest to process. */ - public ReferenceManifestSelector(final ReferenceManifestManager referenceManifestManager, + public ReferenceManifestSelector(final ReferenceManifestService referenceManifestService, final Class referenceTypeClass) { - this(referenceManifestManager, referenceTypeClass, true); + this(referenceManifestService, referenceTypeClass, true); } /** * Standard Constructor for the Selector. * - * @param referenceManifestManager the RIM manager to be used to retrieve RIMs + * @param referenceManifestService the RIM service to be used to retrieve RIMs * @param referenceTypeClass the type of Reference Manifest to process. * @param excludeArchivedRims true if excluding archived RIMs */ - public ReferenceManifestSelector(final ReferenceManifestManager referenceManifestManager, + public ReferenceManifestSelector(final ReferenceManifestService referenceManifestService, final Class referenceTypeClass, final boolean excludeArchivedRims) { Preconditions.checkArgument( - referenceManifestManager != null, + referenceManifestService != null, "reference manifest manager cannot be null" ); @@ -82,7 +83,7 @@ public abstract class ReferenceManifestSelector { "type cannot be null" ); - this.referenceManifestManager = referenceManifestManager; + this.referenceManifestService = referenceManifestService; this.referenceTypeClass = referenceTypeClass; this.excludeArchivedRims = excludeArchivedRims; this.fieldValueSelections = new HashMap<>(); @@ -218,7 +219,7 @@ public abstract class ReferenceManifestSelector { // construct and execute query private Set execute() { - Set results = this.referenceManifestManager.get(this); + Set results = this.referenceManifestService.get(this); return results; } diff --git a/HIRS_Utils/src/main/java/hirs/persist/service/AppraiserService.java b/HIRS_Utils/src/main/java/hirs/persist/service/AppraiserService.java new file mode 100644 index 00000000..9a9a52cb --- /dev/null +++ b/HIRS_Utils/src/main/java/hirs/persist/service/AppraiserService.java @@ -0,0 +1,65 @@ +package hirs.persist.service; + +import hirs.appraiser.Appraiser; +import hirs.persist.AppraiserManagerException; + +/** + * A AppraiserService manages Appraisers. A + * AppraiserService is used to store and manage Appraisers. It has + * support for the basic create, read, update, and delete methods. + */ +public interface AppraiserService { + /** + * Stores a new Appraiser. This stores a new + * Appraiser to be managed by the AppraiserManager + * . If the Appraiser is successfully saved then a reference to + * it is returned. + * + * @param appraiser + * appraiser to save + * @return reference to saved appraiser + * @throws hirs.persist.AppraiserManagerException + * if the appraiser has previously been saved or unexpected + * error occurs + */ + Appraiser saveAppraiser(Appraiser appraiser) + throws AppraiserManagerException; + + /** + * Updates an Appraiser. This updates the Appraiser + * that is managed so subsequent calls to get this Appraiser + * will return the values set by the incoming Appraiser. + * + * @param appraiser + * appraiser + * @throws AppraiserManagerException + * if unable to update the appraiser + */ + void updateAppraiser(Appraiser appraiser) throws AppraiserManagerException; + + /** + * Retrieves the Appraiser identified by name. If + * the Appraiser cannot be found then null is returned. + * + * @param name + * name of the Appraiser + * @return Appraiser whose name is name or null + * if not found + * @throws AppraiserManagerException + * if unable to retrieve the appraiser + */ + Appraiser getAppraiser(String name) throws AppraiserManagerException; + + /** + * Deletes the Appraiser identified by name. If + * the Appraiser is found and deleted then true is returned, + * otherwise false. + * + * @param appraiser + * name of the Appraiser to delete + * @throws AppraiserManagerException + * if unable to delete the appraiser for any reason other than + * not found + */ + void deleteAppraiser(Appraiser appraiser) throws AppraiserManagerException; +} diff --git a/HIRS_Utils/src/main/java/hirs/persist/service/DefaultService.java b/HIRS_Utils/src/main/java/hirs/persist/service/DefaultService.java index 28de926d..1a0b39a9 100644 --- a/HIRS_Utils/src/main/java/hirs/persist/service/DefaultService.java +++ b/HIRS_Utils/src/main/java/hirs/persist/service/DefaultService.java @@ -1,5 +1,7 @@ package hirs.persist.service; +import hirs.persist.OrderedQuery; + import java.util.List; import java.util.UUID; @@ -9,7 +11,7 @@ import java.util.UUID; * support for the basic create, read, update, and delete methods. * @param class type */ -public interface DefaultService { +public interface DefaultService extends OrderedQuery { /** * Returns a list of all T. This searches through diff --git a/HIRS_Utils/src/main/java/hirs/persist/service/PolicyService.java b/HIRS_Utils/src/main/java/hirs/persist/service/PolicyService.java index 7fc4636e..9846391b 100644 --- a/HIRS_Utils/src/main/java/hirs/persist/service/PolicyService.java +++ b/HIRS_Utils/src/main/java/hirs/persist/service/PolicyService.java @@ -1,5 +1,6 @@ package hirs.persist.service; +import hirs.appraiser.Appraiser; import hirs.data.persist.policy.Policy; import java.util.UUID; @@ -29,4 +30,15 @@ public interface PolicyService { * @return a Policy object */ Policy updatePolicy(Policy policy, UUID uuid); + + /** + * Returns the default Policy for the Appraiser. + * If the default Policy has not been set then this returns + * null. + * + * @param appraiser + * appraiser + * @return default policy + */ + Policy getDefaultPolicy(Appraiser appraiser); } diff --git a/HIRS_Utils/src/main/java/hirs/persist/service/ReferenceDigestValueService.java b/HIRS_Utils/src/main/java/hirs/persist/service/ReferenceDigestValueService.java index e455b8b4..83f694f8 100644 --- a/HIRS_Utils/src/main/java/hirs/persist/service/ReferenceDigestValueService.java +++ b/HIRS_Utils/src/main/java/hirs/persist/service/ReferenceDigestValueService.java @@ -2,6 +2,7 @@ package hirs.persist.service; import hirs.data.persist.ReferenceDigestValue; +import java.util.List; import java.util.UUID; /** @@ -29,4 +30,12 @@ public interface ReferenceDigestValueService { * @return a ReferenceDigestValue object */ ReferenceDigestValue updateDigestValue(ReferenceDigestValue digestValue, UUID uuid); + + /** + * Persists a new Reference Digest value. + * + * @param uuid associated with the base rim or potentially support rim. + * @return the persisted list of ReferenceDigestValue + */ + List getValuesByRimId(UUID uuid); }