Merge pull request #886 from nsacyber/v3_issue-879

[#879] Additional renaming and checkstyle  changes

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/PcrValidator.java

@@ -15,6 +15,7 @@ import org.apache.commons.codec.binary.Hex;
 import java.nio.charset.StandardCharsets;
 import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
@@ -62,8 +63,7 @@ public class PcrValidator {
      * @param pcrValues RIM provided baseline PCRs
      */
     public PcrValidator(final String[] pcrValues) {
-        baselinePcrs = new String[TPMMeasurementRecord.MAX_PCR_ID + 1];
+        baselinePcrs = Arrays.copyOf(pcrValues, TPMMeasurementRecord.MAX_PCR_ID + 1);
-        System.arraycopy(pcrValues, 0, baselinePcrs, 0, TPMMeasurementRecord.MAX_PCR_ID + 1);
     }
 
     /**
@@ -149,7 +149,7 @@ public class PcrValidator {
                 }
 
                 if (!baselinePcrs[i].equals(storedPcrs[i])) {
-                    log.error("{} =/= {}", baselinePcrs[i], storedPcrs[i]);
+                    log.error(String.format("%s =/= %s", baselinePcrs[i], storedPcrs[i]));
                     sb.append(String.format(failureMsg, i));
                 }
             }
@@ -163,36 +163,36 @@ public class PcrValidator {
      * will ignore certin PCRs, Event Types and Event Variables present.
      *
      * @param tcgMeasurementLog Measurement log from the client
-     * @param eventValueMap     The events stored as baseline to compare
+     * @param eventLogRecords   The events stored as baseline to compare
      * @param policySettings    db entity that holds all of policy
      * @return the events that didn't pass
      */
     public List<TpmPcrEvent> validateTpmEvents(final TCGEventLog tcgMeasurementLog,
-                                               final Map<String, ReferenceDigestValue> eventValueMap,
+                                               final Map<String, ReferenceDigestValue> eventLogRecords,
                                                final PolicySettings policySettings) {
         List<TpmPcrEvent> tpmPcrEvents = new LinkedList<>();
         for (TpmPcrEvent tpe : tcgMeasurementLog.getEventList()) {
             if (policySettings.isIgnoreImaEnabled() && tpe.getPcrIndex() == IMA_PCR) {
-                log.info("IMA Ignored -> {}", tpe);
+                log.info(String.format("IMA Ignored -> %s", tpe));
             } else if (policySettings.isIgnoretBootEnabled() && (tpe.getPcrIndex() >= TBOOT_PCR_START
                     && tpe.getPcrIndex() <= TBOOT_PCR_END)) {
-                log.info("TBOOT Ignored -> {}", tpe);
+                log.info(String.format("TBOOT Ignored -> %s", tpe));
             } else if (policySettings.isIgnoreOsEvtEnabled() && (tpe.getPcrIndex() >= PXE_PCR_START
                     && tpe.getPcrIndex() <= PXE_PCR_END)) {
-                log.info("OS Evt Ignored -> {}", tpe);
+                log.info(String.format("OS Evt Ignored -> %s", tpe));
             } else {
                 if (policySettings.isIgnoreGptEnabled() && tpe.getEventTypeStr().contains(EVT_EFI_GPT)) {
-                    log.info("GPT Ignored -> {}", tpe);
+                    log.info(String.format("GPT Ignored -> %s", tpe));
                 } else if (policySettings.isIgnoreOsEvtEnabled() && (
                         tpe.getEventTypeStr().contains(EVT_EFI_BOOT)
                                 || tpe.getEventTypeStr().contains(EVT_EFI_VAR))) {
-                    log.info("OS Evt Ignored -> {}", tpe);
+                    log.info(String.format("OS Evt Ignored -> %s", tpe));
                 } else if (policySettings.isIgnoreOsEvtEnabled() && (
                         tpe.getEventTypeStr().contains(EVT_EFI_CFG)
                                 && tpe.getEventContentStr().contains("SecureBoot"))) {
-                    log.info("OS Evt Config Ignored -> {}", tpe);
+                    log.info(String.format("OS Evt Config Ignored -> %s", tpe));
                 } else {
-                    if (!eventValueMap.containsKey(tpe.getEventDigestStr())) {
+                    if (!eventLogRecords.containsKey(tpe.getEventDigestStr())) {
                         tpmPcrEvents.add(tpe);
                     }
                 }
@@ -251,13 +251,12 @@ public class PcrValidator {
             // other information.
             String calculatedString = Hex.encodeHexString(
                     pcrInfoShort.getCalculatedDigest());
-            log.debug(
+            log.debug("Validating PCR information with the following:"
-                    "Validating PCR information with the following:{}calculatedString = {}{}"
+                    + System.lineSeparator() + "calculatedString = " + calculatedString
-                            + "quoteString = {}", System.lineSeparator(), calculatedString,
+                    + System.lineSeparator() + "quoteString = " + quoteString);
-                    System.lineSeparator(), quoteString);
             validated = quoteString.contains(calculatedString);
             if (!validated) {
-                log.warn("{} not found in {}", calculatedString, quoteString);
+                log.warn(calculatedString + " not found in " + quoteString);
             }
         } catch (NoSuchAlgorithmException naEx) {
             log.error(naEx);

HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestDetailsPageController.java

@@ -97,14 +97,12 @@ public class ReferenceManifestDetailsPageController
      * @throws NoSuchAlgorithmException If an unknown Algorithm is encountered.
      * @throws CertificateException     if a certificate doesn't parse.
      */
-    public static HashMap<String, Object> getRimDetailInfo(final UUID uuid,
+    public static HashMap<String, Object> getRimDetailInfo(
-                                                           final ReferenceManifestRepository
+            final UUID uuid,
-                                                                   referenceManifestRepository,
+            final ReferenceManifestRepository referenceManifestRepository,
-                                                           final ReferenceDigestValueRepository
+            final ReferenceDigestValueRepository referenceDigestValueRepository,
-                                                                   referenceDigestValueRepository,
             final CertificateRepository certificateRepository,
-                                                           final CACredentialRepository
+            final CACredentialRepository caCertificateRepository)
-                                                                   caCertificateRepository)
             throws IOException,
             CertificateException, NoSuchAlgorithmException {
         HashMap<String, Object> data = new HashMap<>();
@@ -142,13 +140,15 @@ public class ReferenceManifestDetailsPageController
      * @param caCertificateRepository     the certificate manager.
      * @return mapping of the RIM information from the database.
      * @throws java.io.IOException      error for reading file bytes.
+     * @throws NoSuchAlgorithmException If an unknown Algorithm is encountered.
+     * @throws CertificateException     if a certificate doesn't parse.
      */
     private static HashMap<String, Object> getBaseRimInfo(
             final BaseReferenceManifest baseRim,
             final ReferenceManifestRepository referenceManifestRepository,
             final CertificateRepository certificateRepository,
             final CACredentialRepository caCertificateRepository)
-            throws IOException {
+            throws IOException, CertificateException, NoSuchAlgorithmException {
         HashMap<String, Object> data = new HashMap<>();
 
         // Software Identity
@@ -258,8 +258,8 @@ public class ReferenceManifestDetailsPageController
                                 caCertificateRepository));
                 RIM_VALIDATOR.setTrustStore(truststore);
             } catch (IOException e) {
-                log.error("Error building CA chain for {}: {}", caCert.getSubjectKeyIdentifier(),
+                log.error("Error building CA chain for " + caCert.getSubjectKeyIdentifier() + ": "
-                        e.getMessage());
+                        + e.getMessage());
             }
             if (RIM_VALIDATOR.validateXmlSignature(caCert.getX509Certificate().getPublicKey(),
                     caCert.getSubjectKeyIdString(), caCert.getEncodedPublicKey())) {
@@ -270,7 +270,7 @@ public class ReferenceManifestDetailsPageController
                         break;
                     }
                 } catch (SupplyChainValidatorException scvEx) {
-                    log.error("Error verifying cert chain: {}", scvEx.getMessage());
+                    log.error("Error verifying cert chain: " + scvEx.getMessage());
                 }
             }
         }
@@ -286,7 +286,7 @@ public class ReferenceManifestDetailsPageController
                 }
             }
         } catch (NullPointerException npEx) {
-            log.warn("Unable to link signing certificate: {}", npEx.getMessage());
+            log.warn("Unable to link signing certificate: " + npEx.getMessage());
         }
         return data;
     }
@@ -485,7 +485,7 @@ public class ReferenceManifestDetailsPageController
             final ReferenceDigestValueRepository referenceDigestValueRepository)
             throws IOException, CertificateException, NoSuchAlgorithmException {
         HashMap<String, Object> data = new HashMap<>();
-        LinkedList<TpmPcrEvent> livelogEvents = new LinkedList<>();
+        LinkedList<TpmPcrEvent> evidence = new LinkedList<>();
         BaseReferenceManifest base = null;
         List<SupportReferenceManifest> supports = new ArrayList<>();
         SupportReferenceManifest baseSupport = null;
@@ -498,7 +498,7 @@ public class ReferenceManifestDetailsPageController
         data.put("validationResult", measurements.getOverallValidationResult());
         data.put("swidBase", true);
 
-        List<ReferenceDigestValue> eventValues = new LinkedList<>();
+        List<ReferenceDigestValue> assertions = new LinkedList<>();
         if (measurements.getDeviceName() != null) {
             supports.addAll(referenceManifestRepository.byDeviceName(measurements
                     .getDeviceName()));
@@ -518,19 +518,19 @@ public class ReferenceManifestDetailsPageController
                     data.put("associatedRim", base.getId());
                 }
 
-                eventValues.addAll(referenceDigestValueRepository.findBySupportRimId(baseSupport.getId()));
+                assertions.addAll(referenceDigestValueRepository.findBySupportRimId(baseSupport.getId()));
             }
         }
 
         TCGEventLog measurementLog = new TCGEventLog(measurements.getRimBytes());
         Map<String, ReferenceDigestValue> eventValueMap = new HashMap<>();
 
-        for (ReferenceDigestValue rdv : eventValues) {
+        for (ReferenceDigestValue record : assertions) {
-            eventValueMap.put(rdv.getDigestValue(), rdv);
+            eventValueMap.put(record.getDigestValue(), record);
         }
         for (TpmPcrEvent measurementEvent : measurementLog.getEventList()) {
             if (!eventValueMap.containsKey(measurementEvent.getEventDigestStr())) {
-                livelogEvents.add(measurementEvent);
+                evidence.add(measurementEvent);
             }
         }
 
@@ -544,7 +544,7 @@ public class ReferenceManifestDetailsPageController
             String bootVariable;
             String variablePrefix = "Variable Name:";
             String variableSuffix = "UEFI_GUID";
-            for (TpmPcrEvent tpe : livelogEvents) {
+            for (TpmPcrEvent tpe : evidence) {
                 matchedEvents = new ArrayList<>();
                 for (TpmPcrEvent tpmPcrEvent : combinedBaselines) {
                     if (tpmPcrEvent.getEventType() == tpe.getEventType()) {
@@ -567,7 +567,7 @@ public class ReferenceManifestDetailsPageController
         }
 
         TCGEventLog logProcessor = new TCGEventLog(measurements.getRimBytes());
-        data.put("livelogEvents", livelogEvents);
+        data.put("livelogEvents", evidence);
         data.put("events", logProcessor.getEventList());
         getEventSummary(data, logProcessor.getEventList());
 
@@ -608,6 +608,12 @@ public class ReferenceManifestDetailsPageController
                 String uuidError = "Failed to parse ID from: " + params.getId();
                 messages.addError(uuidError);
                 log.error(uuidError, iaEx);
+            } catch (CertificateException cEx) {
+                log.error(cEx);
+            } catch (NoSuchAlgorithmException nsEx) {
+                log.error(nsEx);
+            } catch (IOException ioEx) {
+                log.error(ioEx);
             } catch (Exception ex) {
                 log.error(ex);
             }

HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java

@@ -76,10 +76,9 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
      * @param referenceDigestValueRepository this is the reference event manager
      */
     @Autowired
-    public ReferenceManifestPageController(final ReferenceManifestRepository
+    public ReferenceManifestPageController(
-                                                   referenceManifestRepository,
+            final ReferenceManifestRepository referenceManifestRepository,
-                                           final ReferenceDigestValueRepository
+            final ReferenceDigestValueRepository referenceDigestValueRepository) {
-                                                   referenceDigestValueRepository) {
         super(Page.REFERENCE_MANIFESTS);
         this.referenceManifestRepository = referenceManifestRepository;
         this.referenceDigestValueRepository = referenceDigestValueRepository;
@@ -113,11 +112,11 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
             method = RequestMethod.GET)
     public DataTableResponse<ReferenceManifest> getTableData(
             @Valid final DataTableInput input) {
-        log.debug("Handling request for summary list: {}", input);
+        log.debug("Handling request for summary list: " + input);
 
         String orderColumnName = input.getOrderColumnName();
-        log.info("Ordering on column: {}", orderColumnName);
+        log.info("Ordering on column: " + orderColumnName);
-        log.info("Querying with the following dataTableInput: {}", input);
+        log.info("Querying with the following dataTableInput: " + input);
 
         FilteredRecordsList<ReferenceManifest> records = new FilteredRecordsList<>();
         int currentPage = input.getStart() / input.getLength();
@@ -138,7 +137,7 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
 
         records.setRecordsFiltered(referenceManifestRepository.findByArchiveFlag(false).size());
 
-        log.debug("Returning list of size: {}", records.size());
+        log.debug("Returning list of size: " + records.size());
         return new DataTableResponse<>(records, input);
     }
 
@@ -163,7 +162,7 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
         Matcher matcher;
         List<BaseReferenceManifest> baseRims = new ArrayList<>();
         List<SupportReferenceManifest> supportRims = new ArrayList<>();
-        log.info("Processing {} uploaded files", files.length);
+        log.info(String.format("Processing %s uploaded files", files.length));
 
         // loop through the files
         for (MultipartFile file : files) {
@@ -183,18 +182,16 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
                         + " Base RIMs support the extension \".swidtag\", and support RIMs support "
                         + "\".rimpcr\", \".rimel\", \".bin\", and \".log\". "
                         + "Please verify your upload and retry.";
-                log.error("File extension in {} not recognized as base or support RIM.", fileName);
+                log.error("File extension in " + fileName + " not recognized as base or support RIM.");
                 messages.addError(errorString);
             }
         }
-
         baseRims.forEach((rim) -> {
-            log.info("Storing swidtag {}", rim.getFileName());
+            log.info(String.format("Storing swidtag %s", rim.getFileName()));
             this.referenceManifestRepository.save(rim);
         });
-
         supportRims.forEach((rim) -> {
-            log.info("Storing event log {}", rim.getFileName());
+            log.info(String.format("Storing event log %s", rim.getFileName()));
             this.referenceManifestRepository.save(rim);
         });
 
@@ -229,7 +226,7 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
     @RequestMapping(value = "/delete", method = RequestMethod.POST)
     public RedirectView delete(@RequestParam final String id,
                                final RedirectAttributes attr) throws URISyntaxException {
-        log.info("Handling request to delete {}", id);
+        log.info("Handling request to delete " + id);
 
         Map<String, Object> model = new HashMap<>();
         PageMessages messages = new PageMessages();
@@ -274,7 +271,7 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
     public void download(@RequestParam final String id,
                          final HttpServletResponse response)
             throws IOException {
-        log.info("Handling RIM request to download {}", id);
+        log.info("Handling RIM request to download " + id);
 
         try {
             ReferenceManifest referenceManifest = getRimFromDb(id);
@@ -285,11 +282,10 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
                 // send a 404 error when invalid Reference Manifest
                 response.sendError(HttpServletResponse.SC_NOT_FOUND);
             } else {
+                StringBuilder fileName = new StringBuilder("filename=\"");
+                fileName.append(referenceManifest.getFileName());
                 // Set filename for download.
-                response.setHeader("Content-Disposition",
+                response.setHeader("Content-Disposition", "attachment;" + fileName);
-                        "attachment;" + "filename=\"" + referenceManifest.getFileName()
-                        // Set filename for download.
-                );
                 response.setContentType("application/octet-stream");
 
                 // write cert to output stream
@@ -363,7 +359,7 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
      *
      * @param id of the RIM
      * @return the associated RIM from the DB
-     * @throws IllegalArgumentException if issues arise from attempting to retrieve the rim from the database
+     * @throws IllegalArgumentException
      */
     private ReferenceManifest getRimFromDb(final String id) throws IllegalArgumentException {
         UUID uuid = UUID.fromString(id);
@@ -502,7 +498,7 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
     }
 
     private void processTpmEvents(final List<SupportReferenceManifest> dbSupportRims) {
-        List<ReferenceDigestValue> tpmEvents;
+        List<ReferenceDigestValue> referenceValues;
         TCGEventLog logProcessor = null;
         ReferenceManifest baseRim;
         ReferenceDigestValue newRdv;
@@ -511,9 +507,9 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
             // So first we'll have to pull values based on support rim
             // get by support rim id NEXT
             if (dbSupport.getPlatformManufacturer() != null) {
-                tpmEvents = referenceDigestValueRepository.findBySupportRimId(dbSupport.getId());
+                referenceValues = referenceDigestValueRepository.findBySupportRimId(dbSupport.getId());
                 baseRim = findBaseRim(dbSupport);
-                if (tpmEvents.isEmpty()) {
+                if (referenceValues.isEmpty()) {
                     try {
                         logProcessor = new TCGEventLog(dbSupport.getRimBytes());
                         for (TpmPcrEvent tpe : logProcessor.getEventList()) {
@@ -526,14 +522,18 @@ public class ReferenceManifestPageController extends PageController<NoPageParams
 
                             this.referenceDigestValueRepository.save(newRdv);
                         }
-                    } catch (CertificateException | NoSuchAlgorithmException | IOException e) {
+                    } catch (CertificateException e) {
+                        e.printStackTrace();
+                    } catch (NoSuchAlgorithmException e) {
+                        e.printStackTrace();
+                    } catch (IOException e) {
                         e.printStackTrace();
                     }
                 } else {
-                    for (ReferenceDigestValue rdv : tpmEvents) {
+                    for (ReferenceDigestValue referenceValue : referenceValues) {
-                        if (!rdv.isUpdated()) {
+                        if (!referenceValue.isUpdated()) {
-                            rdv.updateInfo(dbSupport, baseRim.getId());
+                            referenceValue.updateInfo(dbSupport, baseRim.getId());
-                            this.referenceDigestValueRepository.save(rdv);
+                            this.referenceDigestValueRepository.save(referenceValue);
                         }
                     }
                 }