Final changes to mark mismatches between the device component and the

expected platform certificate components.  In addition, some checkstyles
issues are addressed as well.

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentAttributeRepository.java

@@ -7,5 +7,11 @@ import java.util.List;
 import java.util.UUID;
 
 public interface ComponentAttributeRepository extends JpaRepository<ComponentAttributeResult, UUID> {
+    /**
+     * Query to look up Attribute Results based on the PlatformCredential's
+     * db component id.
+     * @param componentId the unique id for the component identifier
+     * @return a list of attribute results
+     */
     List<ComponentAttributeResult> findByComponentId(UUID componentId);
 }

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentInfoRepository.java

@@ -7,6 +7,19 @@ import java.util.List;
 import java.util.UUID;
 
 public interface ComponentInfoRepository extends JpaRepository<ComponentInfo, UUID> {
+    /**
+     * Query that retrieves device components by device name.
+     * @param deviceName string for the host name
+     * @return a list of device components
+     */
     List<ComponentInfo> findByDeviceName(String deviceName);
+
+    /**
+     * Query that retrieves device components by device name and
+     * the component serial number.
+     * @param deviceName string for the host name
+     * @param componentSerial string for the component serial
+     * @return a list of device components
+     */
     List<ComponentInfo> findByDeviceNameAndComponentSerial(String deviceName, String componentSerial);
 }

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentResultRepository.java

@@ -10,6 +10,19 @@ import java.util.UUID;
 @Repository
 public interface ComponentResultRepository extends JpaRepository<ComponentResult, UUID> {
 
+    /**
+     * Query based on the device serial number.
+     * @param boardSerialNumber variable holding the device serial number
+     * @return a list of component result.
+     */
     List<ComponentResult> findByBoardSerialNumber(String boardSerialNumber);
-    List<ComponentResult> findByCertificateSerialNumberAndBoardSerialNumber(String certificateSerialNumber, String boardSerialNumber);
+
+    /**
+     * Query based on certificate serial number and device serial number.
+     * @param certificateSerialNumber certificate specific serial number
+     * @param boardSerialNumber variable holding the device serial number
+     * @return a list of component result.
+     */
+    List<ComponentResult> findByCertificateSerialNumberAndBoardSerialNumber(
+            String certificateSerialNumber, String boardSerialNumber);
 }

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ReferenceDigestValueRepository.java

@@ -2,7 +2,6 @@ package hirs.attestationca.persist.entity.manager;
 
 import hirs.attestationca.persist.entity.userdefined.rim.ReferenceDigestValue;
 import org.springframework.data.jpa.repository.JpaRepository;
-import org.springframework.data.jpa.repository.Query;
 import org.springframework.stereotype.Repository;
 
 import java.util.List;

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java

@@ -90,7 +90,8 @@ public class TPM2ProvisionerState {
     /**
      * Convenience method for finding the {@link TPM2ProvisionerState} associated with the nonce.
      *
-     * @param tpm2ProvisionerStateRepository the {@link TPM2ProvisionerStateRepository} to use when looking for the
+     * @param tpm2ProvisionerStateRepository the {@link TPM2ProvisionerStateRepository}
+     *                                       to use when looking for the
      * {@link TPM2ProvisionerState}
      * @param nonce the nonce to use as the key for the {@link TPM2ProvisionerState}
      * @return the {@link TPM2ProvisionerState} associated with the nonce;

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java

@@ -20,7 +20,6 @@ import java.util.Objects;
  * A component result is a DO to hold the status of a component validation status.  This will
  * also be used to display this common information on the certificate details page.
  */
-
 @Getter
 @Entity
 @EqualsAndHashCode(callSuper = false)
@@ -55,6 +54,8 @@ public class ComponentResult extends ArchivableEntity {
     /**
      * Default constructor.
      * @param boardSerialNumber associated platform certificate serial number.
+     * @param certificateSerialNumber unique number associated with header info.
+     * @param certificateType parameter holds version 1.2 or 2.0.
      * @param componentIdentifier object with information from the platform certificate components.
      */
     public ComponentResult(final String boardSerialNumber, final String certificateSerialNumber,
@@ -72,7 +73,7 @@ public class ComponentResult extends ArchivableEntity {
         }
         StringBuilder sb = new StringBuilder();
         for (ComponentAddress element : componentIdentifier.getComponentAddress()) {
-            sb.append(String.format("%s:%s;",element.getAddressTypeValue(),
+            sb.append(String.format("%s:%s;", element.getAddressTypeValue(),
                     element.getAddressValue().toString()));
         }
         componentAddress = sb.toString();

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredential.java

@@ -7,7 +7,6 @@ import hirs.attestationca.persist.entity.userdefined.certificate.attributes.Plat
 import hirs.attestationca.persist.entity.userdefined.certificate.attributes.TBBSecurityAssertion;
 import hirs.attestationca.persist.entity.userdefined.certificate.attributes.URIReference;
 import hirs.attestationca.persist.entity.userdefined.certificate.attributes.V2.PlatformConfigurationV2;
-import hirs.attestationca.persist.service.selector.CertificateSelector;
 import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
 import jakarta.persistence.Transient;

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java

@@ -636,6 +636,7 @@ public class IdentityClaimProcessor extends AbstractProcessor {
                         platformCredential.getSerialNumber().toString(),
                         platformCredential.getPlatformChainType(),
                         componentIdentifier);
+                componentResult.setMismatched(false);
                 componentResultRepository.save(componentResult);
                 componentResults++;
             }

HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java

@@ -292,10 +292,9 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
                         && identifier.getComponentModel() != null)
                 .collect(Collectors.toList());
 
-        String paccorOutputString = deviceInfoReport.getPaccorOutputString();
-        String unmatchedComponents;
+//        String paccorOutputString = deviceInfoReport.getPaccorOutputString();
+//        String unmatchedComponents;
 
-        // START A NEW
         // populate componentResults list
         List<ComponentResult> componentResults = componentResultRepository
                 .findByCertificateSerialNumberAndBoardSerialNumber(
@@ -345,22 +344,23 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
             });
 
             List<ComponentInfo> componentClassInfo;
+            List<ComponentAttributeResult> attributeResults = new ArrayList<>();
             for (ComponentResult componentResult : remainingComponentResults) {
                 componentClassInfo = componentDeviceMap.get(componentResult.getComponentClassValue());
-                if (componentClassInfo.size() > 1) {
-                    componentResult.setMismatched(!matchBasedOnClass(
-                            componentClassInfo, componentResult, componentAttributeRepository));
+                if (componentClassInfo.size() == 1) {
+                    attributeResults.addAll(generateComponentResults(componentClassInfo, componentResult));
+                } else {
+                    attributeResults.addAll(matchBasedOnAttributes(componentClassInfo, componentResult));
                 }
             }
 
-            for (ComponentResult componentResult : remainingComponentResults) {
-                fieldValidation &= !componentResult.isMismatched();
+            for (ComponentAttributeResult componentAttributeResult : attributeResults) {
+                componentAttributeRepository.save(componentAttributeResult);
+                fieldValidation &= componentAttributeResult.checkMatchedStatus();
             }
         }
 
 
-
-        // END
 //        try {
 //            List<ComponentInfo> componentInfoList
 //                    = getComponentInfoFromPaccorOutput(deviceInfoReport.getNetworkInfo().getHostname(),
@@ -389,27 +389,65 @@ public class CertificateAttributeScvValidator extends SupplyChainCredentialValid
         }
     }
 
-    private static boolean matchBasedOnClass(final List<ComponentInfo> componentInfos,
-                                   final ComponentResult componentResult,
-                                   final ComponentAttributeRepository componentAttributeRepository) {
+    private static List<ComponentAttributeResult> generateComponentResults(
+            final List<ComponentInfo> componentInfos,
+            final ComponentResult componentResult) {
         // there are instances of components with the same class (ie hard disks, memory)
-        int listSize = componentInfos.size();
         List<ComponentAttributeResult> attributeResults = new ArrayList<>();
-        boolean matched = true;
         for (ComponentInfo componentInfo : componentInfos) {
             // just do a single pass and save the values
-            attributeResults.add(new ComponentAttributeResult(componentResult.getId(), componentResult.getManufacturer(), componentInfo.getComponentManufacturer()));
-            attributeResults.add(new ComponentAttributeResult(componentResult.getId(), componentResult.getModel(), componentInfo.getComponentModel()));
-            attributeResults.add(new ComponentAttributeResult(componentResult.getId(), componentResult.getSerialNumber(), componentInfo.getComponentSerial()));
-            attributeResults.add(new ComponentAttributeResult(componentResult.getId(), componentResult.getRevisionNumber(), componentInfo.getComponentRevision()));
+            attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
+                    componentResult.getManufacturer(), componentInfo.getComponentManufacturer()));
+            attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
+                    componentResult.getModel(), componentInfo.getComponentModel()));
+            attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
+                    componentResult.getSerialNumber(), componentInfo.getComponentSerial()));
+            attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
+                    componentResult.getRevisionNumber(), componentInfo.getComponentRevision()));
         }
 
-        for (ComponentAttributeResult componentAttributeResult : attributeResults) {
-            componentAttributeRepository.save(componentAttributeResult);
-            matched &= componentAttributeResult.checkMatchedStatus();
+        return attributeResults;
+    }
+
+    private static List<ComponentAttributeResult> matchBasedOnAttributes(
+            final List<ComponentInfo> componentClassInfo,
+            final ComponentResult componentResult) {
+        // this list only has those of the same class type
+        List<ComponentAttributeResult> attributeResults = new ArrayList<>();
+        Map<String, ComponentInfo> componentSerialMap = new HashMap<>();
+        componentClassInfo.stream().forEach((componentInfo) -> {
+            componentSerialMap.put(componentInfo.getComponentSerial(), componentInfo);
+        });
+        // see if the serial exists
+        ComponentInfo componentInfo = componentSerialMap.get(componentResult.getSerialNumber());
+
+        if (componentInfo != null) {
+            // if the serial, create attribute result and move on
+            attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
+                    componentResult.getManufacturer(), componentInfo.getComponentManufacturer()));
+            attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
+                    componentResult.getModel(), componentInfo.getComponentModel()));
+            attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
+                    componentResult.getSerialNumber(), componentInfo.getComponentSerial()));
+            attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
+                    componentResult.getRevisionNumber(), componentInfo.getComponentRevision()));
+        } else {
+            // didn't find based on serial
+            // look for highest match; otherwise ignore
+            // I already know serial doesn't match
+            componentClassInfo.stream().forEach((ci) -> {
+                boolean manufacturerMatch, modelMatch, revisionMatch;
+                manufacturerMatch = ci.getComponentManufacturer().equals(componentResult.getManufacturer());
+                modelMatch = ci.getComponentModel().equals(componentResult.getModel());
+                revisionMatch = ci.getComponentRevision().equals(componentResult.getRevisionNumber());
+                if (manufacturerMatch && modelMatch && revisionMatch) {
+                    attributeResults.add(new ComponentAttributeResult(componentResult.getId(),
+                            componentResult.getSerialNumber(), ci.getComponentSerial()));
+                }
+            });
         }
 
-        return matched;
+        return attributeResults;
     }
 
     /**