From 9e94a527af250eaa3c3e27d31a7b5a48340614a5 Mon Sep 17 00:00:00 2001
From: TheSilentCoder <184309164+ThatSilentCoder@users.noreply.github.com>
Date: Thu, 30 Jan 2025 17:20:08 -0500
Subject: [PATCH] issue_896: Added more javadocs, still going through the
 process and figuring out places where this will work. Can successfully debug
 provisioner+aca.

---
 ...estfulAttestationCertificateAuthority.java |  2 +-
 .../persist/provision/AbstractProcessor.java  |  4 +++-
 .../provision/IdentityClaimProcessor.java     | 24 ++++++++++++++++---
 .../CertificateAttributeScvValidator.java     | 10 ++++----
 .../SupplyChainCredentialValidator.java       |  2 +-
 5 files changed, 31 insertions(+), 11 deletions(-)

diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/RestfulAttestationCertificateAuthority.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/RestfulAttestationCertificateAuthority.java
index db00267d..1cc40302 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/RestfulAttestationCertificateAuthority.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/RestfulAttestationCertificateAuthority.java
@@ -108,7 +108,7 @@ public class RestfulAttestationCertificateAuthority extends AttestationCertifica
      * the client's desired attestation key, if the correct nonce is supplied.
      *
      * @param certificateRequest request containing nonce from earlier identity
-     *                           *                           claim handshake
+     *                           claim handshake
      * @return The response to the client provisioner.
      */
     @Override
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/AbstractProcessor.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/AbstractProcessor.java
index 087f4be1..64e567b5 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/AbstractProcessor.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/AbstractProcessor.java
@@ -159,6 +159,7 @@ public class AbstractProcessor {
             final ProvisionerTpm2.IdentityClaim identityClaim,
             final PublicKey ekPub, final CertificateRepository certificateRepository) {
         EndorsementCredential endorsementCredential = null;
+
         if (identityClaim.hasEndorsementCredential()) {
             endorsementCredential = CredentialManagementHelper.storeEndorsementCredential(
                     certificateRepository,
@@ -172,6 +173,7 @@ public class AbstractProcessor {
             log.warn("No endorsement credential was received in identity claim and no EK Public"
                     + " Key was provided to check for uploaded certificates.");
         }
+
         return endorsementCredential;
     }
 
@@ -254,7 +256,7 @@ public class AbstractProcessor {
      * @param endorsementCredential            the endorsement credential used to generate the AC
      * @param platformCredentials              the platform credentials used to generate the AC
      * @param device                           the device to which the attestation certificate is tied
-     * @param ldevID                         whether the certificate is a ldevid
+     * @param ldevID                           whether the certificate is a ldevid
      * @return whether the certificate was saved successfully
      * @throws {@link CertificateProcessingException} if error occurs in persisting the Attestation
      *                Certificate
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java
index cbe87597..c63b4e36 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java
@@ -215,6 +215,7 @@ public class IdentityClaimProcessor extends AbstractProcessor {
 //        device.getDeviceInfo().setPaccorOutputString(claim.getPaccorOutput());
         handleDeviceComponents(device.getDeviceInfo().getNetworkInfo().getHostname(),
                 claim.getPaccorOutput());
+
         // There are situations in which the claim is sent with no PCs
         // or a PC from the tpm which will be deprecated
         // this is to check what is in the platform object and pull
@@ -230,6 +231,7 @@ public class IdentityClaimProcessor extends AbstractProcessor {
 
             platformCredentials.addAll(tempList);
         }
+
         // store component results objects
         for (PlatformCredential platformCredential : platformCredentials) {
             List<ComponentResult> componentResults = componentResultRepository
@@ -239,7 +241,7 @@ public class IdentityClaimProcessor extends AbstractProcessor {
             if (componentResults.isEmpty()) {
                 savePlatformComponents(platformCredential);
             } else {
-                componentResults.stream().forEach((componentResult) -> {
+                componentResults.forEach((componentResult) -> {
                     componentResult.restore();
                     componentResult.resetCreateTime();
                     componentResultRepository.save(componentResult);
@@ -256,9 +258,16 @@ public class IdentityClaimProcessor extends AbstractProcessor {
         AppraisalStatus.Status validationResult = summary.getOverallValidationResult();
         device.setSupplyChainValidationStatus(validationResult);
         this.deviceRepository.save(device);
+
         return validationResult;
     }
 
+    /**
+     * Helper method that utilizes the identity claim to produce a device info report.
+     *
+     * @param claim identity claim
+     * @return device info
+     */
     private Device processDeviceInfo(final ProvisionerTpm2.IdentityClaim claim) {
         DeviceInfoReport deviceInfoReport = null;
 
@@ -620,7 +629,7 @@ public class IdentityClaimProcessor extends AbstractProcessor {
                 .findByManufacturerAndModel(manufacturer, model);
 
         Map<String, ReferenceDigestValue> digestValueMap = new HashMap<>();
-        expectedValues.stream().forEach((rdv) -> {
+        expectedValues.forEach((rdv) -> {
             digestValueMap.put(rdv.getDigestValue(), rdv);
         });
 
@@ -728,6 +737,13 @@ public class IdentityClaimProcessor extends AbstractProcessor {
         }
     }
 
+    /**
+     * Helper method that attempts to find all the provided device's components.
+     *
+     * @param hostName     device's host name
+     * @param paccorString
+     * @return number of components
+     */
     private int handleDeviceComponents(final String hostName, final String paccorString) {
         int deviceComponents = 0;
         Map<Integer, ComponentInfo> componentInfoMap = new HashMap<>();
@@ -735,9 +751,11 @@ public class IdentityClaimProcessor extends AbstractProcessor {
             List<ComponentInfo> componentInfos = SupplyChainCredentialValidator
                     .getComponentInfoFromPaccorOutput(hostName, paccorString);
 
+            deviceComponents = componentInfos.size();
+
             // check the DB for like component infos
             List<ComponentInfo> dbComponentInfos = this.componentInfoRepository.findByDeviceName(hostName);
-            dbComponentInfos.stream().forEach((infos) -> {
+            dbComponentInfos.forEach((infos) -> {
                 componentInfoMap.put(infos.hashCode(), infos);
             });
 
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
index 4f5a34f8..532f7718 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
@@ -238,11 +238,11 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
         // All components listed in the Platform Credential must have a manufacturer and model
         for (ComponentIdentifierV2 pcComponent : allPcComponents) {
 
-            fieldValidation = pcComponent.getComponentClass() != null;
-
-            if (!fieldValidation) {
-                resultMessage.append("Component class is null\n");
-            }
+//            fieldValidation = pcComponent.getComponentClass() != null;
+//
+//            if (!fieldValidation) {
+//                resultMessage.append("Component class is null\n");
+//            }
 
             fieldValidation = !hasEmptyValueForRequiredField("componentManufacturer",
                     pcComponent.getComponentManufacturer());
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java
index 914ac968..bb9181d1 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java
@@ -270,7 +270,7 @@ public class SupplyChainCredentialValidator {
      * Parses the output from PACCOR's allcomponents.sh script into ComponentInfo objects.
      *
      * @param hostName     the host machine associated with the component
-     * @param paccorOutput the output from PACCOR's allcomoponents.sh
+     * @param paccorOutput the output from PACCOR's allcomponents.sh
      * @return a list of ComponentInfo objects built from paccorOutput
      * @throws java.io.IOException if something goes wrong parsing the JSON
      */