Additional updates to clear issues spotbugs have found. While I am

going to put in an exclude for what is left, I am attempting to resolving some of these that make sense.
2024-12-19 21:17:59 +00:00 · 2023-12-29 06:28:34 -05:00 · 2023-12-29 06:28:34 -05:00 · e75a4c2128
commit e75a4c2128
parent 39da434f1f
8 changed files with 56 additions and 36 deletions
--- a/HIRS_AttestationCA/config/spotbugs/spotbugs-exclude.xml
+++ b/HIRS_AttestationCA/config/spotbugs/spotbugs-exclude.xml
@ -2,7 +2,7 @@
 <!-- Docs at http://findbugs.sourceforge.net/manual/filter.html -->
 <FindBugsFilter>
    <Match>
-        <Package name="~hirs\.attestationca\.configuration*" />
+        <Package name="~hirs\.attestationca\.configuration.*" />
    </Match>
    <Match>
        <!-- https://github.com/spotbugs/spotbugs/pull/2748 -->
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/AbstractEntity.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/AbstractEntity.java
@ -4,7 +4,6 @@ import jakarta.persistence.Column;
 import jakarta.persistence.GeneratedValue;
 import jakarta.persistence.Id;
 import jakarta.persistence.MappedSuperclass;
-import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.ToString;
 import org.hibernate.annotations.ColumnDefault;
@ -19,7 +18,6 @@ import java.util.UUID;
 /**
 * An abstract database entity.
 */
-@EqualsAndHashCode
@ToString
@MappedSuperclass
 public abstract class AbstractEntity implements Serializable {
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java
@ -31,7 +31,6 @@ public class Device extends AbstractEntity {
    @Column(name = "name", unique = true)
    private String name;

-    @Getter
    @OneToOne(cascade = CascadeType.ALL, fetch = FetchType.EAGER,
            optional = true, orphanRemoval = true)
    private DeviceInfoReport deviceInfo;
@ -74,6 +73,19 @@ public class Device extends AbstractEntity {
        }
    }

+    /**
+     * Returns a report with information about this device. This may return null
+     * if this property has not been set.
+     *
+     * @return device info report
+     */
+    public final DeviceInfoReport getDeviceInfo() {
+        return new DeviceInfoReport(deviceInfo.getNetworkInfo(),
+                deviceInfo.getOSInfo(), deviceInfo.getFirmwareInfo(),
+                deviceInfo.getHardwareInfo(), deviceInfo.getTpmInfo(),
+                deviceInfo.getClientApplicationVersion());
+    }
+
    /**
     * Getter for the report time stamp.
     * @return a cloned version
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/CommonCriteriaMeasures.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/CommonCriteriaMeasures.java
@ -173,9 +173,10 @@ public class CommonCriteriaMeasures {
    private ASN1Boolean plus;
    private StrengthOfFunction strengthOfFunction;
    private ASN1ObjectIdentifier profileOid;
-    private URIReference profileUri;
    private ASN1ObjectIdentifier targetOid;
+    private URIReference profileUri;
    private URIReference targetUri;
+    private ASN1Sequence sequence;

    /**
     * Default constructor.
@ -187,8 +188,8 @@ public class CommonCriteriaMeasures {
        this.plus = ASN1Boolean.FALSE;
        this.strengthOfFunction = null;
        this.profileOid = null;
-        this.profileUri = null;
        this.targetOid = null;
+        this.profileUri = null;
        this.targetUri = null;
    }

@ -198,7 +199,6 @@ public class CommonCriteriaMeasures {
     * @throws IllegalArgumentException if there was an error on the parsing
     */
    public CommonCriteriaMeasures(final ASN1Sequence sequence) throws IllegalArgumentException {
-
        //Get all the mandatory values
        int index = 0;
        version = DERIA5String.getInstance(sequence.getObjectAt(index));
@ -261,8 +261,25 @@ public class CommonCriteriaMeasures {
                            + "invalid tagged object.");
            }
        }
+
+        this.sequence = ASN1Sequence.getInstance(sequence);
    }

+    public URIReference getProfileUri() {
+        return new URIReference(profileUri.getSequence());
+    }
+
+    public void setProfileUri(final URIReference profileUri) {
+        this.profileUri = new URIReference(profileUri.getSequence());
+    }
+
+    public URIReference getTargetUri() {
+        return new URIReference(targetUri.getSequence());
+    }
+
+    public void setTargetUri(final URIReference targetUri) {
+        this.targetUri = new URIReference(targetUri.getSequence());
+    }

    @Override
    public String toString() {
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/URIReference.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/URIReference.java
@ -27,6 +27,7 @@ public class URIReference {
    private AlgorithmIdentifier hashAlgorithm;
    @JsonIgnore
    private DERBitString hashValue;
+    private ASN1Sequence sequence;

    private static final int PLATFORM_PROPERTIES_URI_MAX = 3;
    private static final int PLATFORM_PROPERTIES_URI_MIN = 1;
@ -69,6 +70,8 @@ public class URIReference {
                        + sequence.getObjectAt(j).getClass().getName() + " found at index " + j + ".");
            }
        }
+
+        this.sequence = ASN1Sequence.getInstance(sequence);
    }

    @Override
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/tpm/PcrComposite.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/tpm/PcrComposite.java
@ -86,7 +86,7 @@ public class PcrComposite {
            throw new NullPointerException("pcrValueList");
        }
        this.pcrSelection = pcrSelection;
-        this.pcrValueList = pcrValueList;
+        this.pcrValueList = pcrValueList.stream().toList();
    }


--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerStateTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerStateTest.java
@ -20,6 +20,8 @@ import java.util.Random;
 */
 public class TPM2ProvisionerStateTest {

+    private static final Random random = new Random();
+
    /**
     * Tests that the values passed to the constructor are equal to the values
     * returned by the getters.
@ -28,11 +30,10 @@ public class TPM2ProvisionerStateTest {
     */
    @Test
    public final void testTPM2ProvisionerState() throws IOException {
-        Random rand = new Random();
        byte[] nonce = new byte[32];
        byte[] identityClaim = new byte[360];
-        rand.nextBytes(nonce);
-        rand.nextBytes(identityClaim);
+        random.nextBytes(nonce);
+        random.nextBytes(identityClaim);

        TPM2ProvisionerState state = new TPM2ProvisionerState(nonce, identityClaim);

@ -48,12 +49,10 @@ public class TPM2ProvisionerStateTest {
     */
    @Test
    public final void testNullNonce() throws IOException {
-        Random rand = new Random();
-        byte[] nonce = null;
        byte[] identityClaim = new byte[360];
-        rand.nextBytes(identityClaim);
+        random.nextBytes(identityClaim);
        assertThrows(IllegalArgumentException.class, () ->
-                new TPM2ProvisionerState(nonce, identityClaim));
+                new TPM2ProvisionerState(null, identityClaim));
    }

    /**
@ -64,12 +63,10 @@ public class TPM2ProvisionerStateTest {
     */
    @Test
    public final void testNullIdentityClaim() throws IOException {
-        Random rand = new Random();
        byte[] nonce = new byte[32];
-        byte[] identityClaim = null;
-        rand.nextBytes(nonce);
+        random.nextBytes(nonce);
        assertThrows(IllegalArgumentException.class, () ->
-                new TPM2ProvisionerState(nonce, identityClaim));
+                new TPM2ProvisionerState(nonce, null));
    }

    /**
@ -80,11 +77,10 @@ public class TPM2ProvisionerStateTest {
     */
    @Test
    public final void testNonceToSmall() throws IOException {
-        Random rand = new Random();
        byte[] nonce = new byte[7];
        byte[] identityClaim = new byte[360];
-        rand.nextBytes(nonce);
-        rand.nextBytes(identityClaim);
+        random.nextBytes(nonce);
+        random.nextBytes(identityClaim);
        assertThrows(IllegalArgumentException.class, () ->
                new TPM2ProvisionerState(nonce, identityClaim));
    }
@ -98,11 +94,10 @@ public class TPM2ProvisionerStateTest {
    @Test
    public final void testGetTPM2ProvisionerStateNominal() throws IOException {
        TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository = mock(TPM2ProvisionerStateRepository.class);
-        Random rand = new Random();
        byte[] nonce = new byte[32];
        byte[] identityClaim = new byte[360];
-        rand.nextBytes(nonce);
-        rand.nextBytes(identityClaim);
+        random.nextBytes(nonce);
+        random.nextBytes(identityClaim);

        DataInputStream dis = new DataInputStream(new ByteArrayInputStream(nonce));
        Long index = dis.readLong();
@ -123,20 +118,17 @@ public class TPM2ProvisionerStateTest {
    @Test
    public final void testGetTPM2ProvisionerStateNullNonce() throws IOException {
        TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository = mock(TPM2ProvisionerStateRepository.class);
-        Random rand = new Random();
        byte[] nonce = new byte[32];
        byte[] identityClaim = new byte[360];
-        rand.nextBytes(nonce);
-        rand.nextBytes(identityClaim);
+        random.nextBytes(nonce);
+        random.nextBytes(identityClaim);
        DataInputStream dis = new DataInputStream(new ByteArrayInputStream(nonce));
        Long index = dis.readLong();
        dis.close();
        TPM2ProvisionerState value = new TPM2ProvisionerState(nonce, identityClaim);
        when(tpm2ProvisionerStateRepository.findByFirstPartOfNonce(index)).thenReturn(value);
-        TPM2ProvisionerState tpm2ProvisionerState
-                = TPM2ProvisionerState.getTPM2ProvisionerState(tpm2ProvisionerStateRepository, null);
-        assertNull(tpm2ProvisionerState);
-
+        assertThrows(NullPointerException.class, () ->
+                TPM2ProvisionerState.getTPM2ProvisionerState(tpm2ProvisionerStateRepository, null));
    }

    /**
@ -147,11 +139,10 @@ public class TPM2ProvisionerStateTest {
    @Test
    public final void testGetTPM2ProvisionerStateNonceTooSmall() throws IOException {
        TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository = mock(TPM2ProvisionerStateRepository.class);
-        Random rand = new Random();
        byte[] nonce = new byte[32];
        byte[] identityClaim = new byte[360];
-        rand.nextBytes(nonce);
-        rand.nextBytes(identityClaim);
+        random.nextBytes(nonce);
+        random.nextBytes(identityClaim);
        DataInputStream dis = new DataInputStream(new ByteArrayInputStream(nonce));
        Long index = dis.readLong();
        dis.close();
--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfoTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfoTest.java
@ -40,7 +40,6 @@ public class TPMInfoTest {
                new TPMInfo(TPM_MAKE, VERSION_MAJOR, VERSION_MINOR,
                        VERSION_REV_MAJOR, VERSION_REV_MINOR,
                        getTestIdentityCertificate());
-        String yea = tpmInfo.getTpmMake();
        assertEquals(tpmInfo.getTpmMake(), TPM_MAKE);
        assertEquals(tpmInfo.getTpmVersionMajor(), VERSION_MAJOR);
        assertEquals(tpmInfo.getTpmVersionMinor(), VERSION_MINOR);