diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CertificateRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CertificateRepository.java
index 4f389d191..e826c4572 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CertificateRepository.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/CertificateRepository.java
@@ -13,53 +13,62 @@
import java.util.List;
import java.util.UUID;
+/**
+ * Repository interface for managing {@link Certificate} entities in the database.
+ *
+ *
+ * The {@link CertificateRepository} interface extends {@link JpaRepository} to provide basic CRUD operations,
+ * including save, find, delete, and query methods. Custom query methods can be defined
+ * using Spring Data JPA's query method naming conventions or with the Query annotation.
+ *
+ */
@Repository
public interface CertificateRepository extends JpaRepository {
/**
- * Query that retrieves a certificate using the provided uuid.
+ * Query that retrieves a {@link Certificate} object using the provided uuid.
*
* @param uuid uuid
- * @return a certificate
+ * @return a {@link Certificate} object
*/
@Query(value = "SELECT * FROM Certificate where id = ?1", nativeQuery = true)
Certificate getCertificate(UUID uuid);
/**
- * Query that retrieves a list of certificates using the provided subject and dtype.
+ * Query that retrieves a list of {@link Certificate} objects using the provided subject and dtype.
*
* @param subject subject
* @param dType dtype
- * @return a list of certificates
+ * @return a list of {@link Certificate} objects
*/
@Query(value = "SELECT * FROM Certificate where subject = ?1 AND DTYPE = ?2", nativeQuery = true)
List findBySubject(String subject, String dType);
/**
- * Query that retrieves a sorted list of certificates using the provided subject and dtype.
+ * Query that retrieves a sorted list of {@link Certificate} objects using the provided subject and dtype.
*
* @param subjectSorted subject
* @param dType dtype
- * @return a list of sorted certificates
+ * @return a list of sorted {@link Certificate} objects
*/
@Query(value = "SELECT * FROM Certificate where subjectSorted = ?1 AND DTYPE = ?2", nativeQuery = true)
List findBySubjectSorted(String subjectSorted, String dType);
/**
- * Query that retrieves a list of certificates using the provided dtype.
+ * Query that retrieves a list of {@link Certificate} objects using the provided dtype.
*
* @param dType dtype
- * @return a list of certificates
+ * @return a list of {@link Certificate} objects
*/
@Query(value = "SELECT * FROM Certificate where DTYPE = ?1", nativeQuery = true)
List findByType(String dType);
/**
- * Query that retrieves a list of certificates using the provided serial number and dtype.
+ * Query that retrieves a list of {@link Certificate} objects using the provided serial number and dtype.
*
* @param serialNumber serial number
* @param dType dtype
- * @return a certificate
+ * @return a {@link Certificate} object
*/
@Query(value = "SELECT * FROM Certificate where serialNumber = ?1 AND DTYPE = ?2", nativeQuery = true)
Certificate findBySerialNumber(BigInteger serialNumber, String dType);
@@ -98,11 +107,11 @@ public interface CertificateRepository extends JpaRepository
List getByHolderSerialNumber(BigInteger holderSerialNumber);
/**
- * Query that retrieves a certificate using the provided certificate hash and dtype.
+ * Query that retrieves a {@link Certificate} object using the provided certificate hash and dtype.
*
* @param certificateHash integer certificate hash
* @param dType dtype
- * @return a certificate
+ * @return a {@link Certificate} object
*/
@Query(value = "SELECT * FROM Certificate where certificateHash = ?1 AND DTYPE = ?2", nativeQuery = true)
Certificate findByCertificateHashAndDType(int certificateHash, String dType);
@@ -116,29 +125,21 @@ public interface CertificateRepository extends JpaRepository
EndorsementCredential findByPublicKeyModulusHexValue(String publicKeyModulusHexValue);
/**
- * Query that retrieves an issued attestation certificate using the provided device id.
- *
- * @param deviceId uuid representation of the device id
- * @return an issued attestation certificate
- */
- IssuedAttestationCertificate findByDeviceId(UUID deviceId);
-
- /**
- * Query that retrieves a list of issued attestation certificates using the provided device id,
+ * Query that retrieves a list of {@link IssuedAttestationCertificate} objects using the provided device id,
* ldevID value and sort value.
*
* @param deviceId device id
* @param ldevID is it a LDevId
* @param sort sort
- * @return a list of issued attestation certificates
+ * @return a list of {@link IssuedAttestationCertificate} objects
*/
List findByDeviceIdAndLdevID(UUID deviceId, boolean ldevID, Sort sort);
/**
- * Query that retrieves a certificates using the provided certificate hash.
+ * Query that retrieves a {@link Certificate} object using the provided certificate hash.
*
* @param certificateHash integer certificate hash
- * @return a certificate
+ * @return a {@link Certificate} object
*/
Certificate findByCertificateHash(int certificateHash);
}
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentAttributeRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentAttributeRepository.java
index 87e4c9b46..6874f0a23 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentAttributeRepository.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentAttributeRepository.java
@@ -6,31 +6,30 @@
import java.util.List;
import java.util.UUID;
+/**
+ * Repository interface for managing {@link ComponentAttributeResult} entities in the database.
+ *
+ *
+ * The {@link ComponentAttributeRepository} interface extends {@link JpaRepository} to provide basic CRUD operations,
+ * including save, find, delete, and query methods. Custom query methods can be defined
+ * using Spring Data JPA's query method naming conventions or with the Query annotation.
+ *
+ */
public interface ComponentAttributeRepository extends JpaRepository {
/**
- * Query to look up Attribute Results based on the PlatformCredential's
+ * Query to retrieves a list of {@link ComponentAttributeResult} objects based on the PlatformCredential's
* db component id.
*
* @param componentId the unique id for the component identifier
- * @return a list of attribute results
+ * @return a list of {@link ComponentAttributeResult} objects
*/
List findByComponentId(UUID componentId);
/**
- * Query to look up Attribute Results based on the validation id.
+ * Query that retrieves a list of {@link ComponentAttributeResult} objects based on the validation id.
*
* @param provisionSessionId unique id generated to link supply chain summary
- * @return a list of attribute results
+ * @return a list of {@link ComponentAttributeResult} objects
*/
List findByProvisionSessionId(UUID provisionSessionId);
-
- /**
- * Query to look up Attribute Results based on the component id and the session id.
- *
- * @param componentId the unique id for the component identifier
- * @param provisionSessionId unique id generated to link supply chain summary
- * @return a list of attribute results
- */
- List findByComponentIdAndProvisionSessionId(UUID componentId,
- UUID provisionSessionId);
}
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentInfoRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentInfoRepository.java
index 919c0494c..9ec614b34 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentInfoRepository.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentInfoRepository.java
@@ -6,22 +6,21 @@
import java.util.List;
import java.util.UUID;
+/**
+ * Repository interface for managing {@link ComponentInfo} entities in the database.
+ *
+ *
+ * The {@link ComponentInfoRepository} interface extends {@link JpaRepository} to provide basic CRUD operations,
+ * including save, find, delete, and query methods. Custom query methods can be defined
+ * using Spring Data JPA's query method naming conventions or with the Query annotation.
+ *
+ */
public interface ComponentInfoRepository extends JpaRepository {
/**
- * Query that retrieves device components by device name.
+ * Query that retrieves a list of {@link ComponentInfo} objects (device components) by device name.
*
* @param deviceName string for the host name
- * @return a list of device components
+ * @return a list of {@link ComponentInfo} objects (device components)
*/
List findByDeviceName(String deviceName);
-
- /**
- * Query that retrieves device components by device name and
- * the component serial number.
- *
- * @param deviceName string for the host name
- * @param componentSerial string for the component serial
- * @return a list of device components
- */
- List findByDeviceNameAndComponentSerial(String deviceName, String componentSerial);
}
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentResultRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentResultRepository.java
index 6daa861de..d21abd1e4 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentResultRepository.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ComponentResultRepository.java
@@ -7,32 +7,43 @@
import java.util.List;
import java.util.UUID;
+/**
+ * Repository interface for managing {@link ComponentResult} entities in the database.
+ *
+ *
+ * The {@link ComponentResultRepository} interface extends {@link JpaRepository} to provide basic CRUD operations,
+ * including save, find, delete, and query methods. Custom query methods can be defined
+ * using Spring Data JPA's query method naming conventions or with the Query annotation.
+ *
+ */
@Repository
public interface ComponentResultRepository extends JpaRepository {
/**
- * Query based on the device serial number.
+ * Query that retrieves a list of {@link ComponentResult} objects based on the device serial number.
*
* @param boardSerialNumber variable holding the device serial number
- * @return a list of component result.
+ * @return a list of {@link ComponentResult} objects
*/
List findByBoardSerialNumber(String boardSerialNumber);
/**
- * Query based on the device serial number.
+ * Query that retrieves a list of {@link ComponentResult} objects based on the device serial number and a boolean
+ * value.
*
* @param boardSerialNumber variable holding the device serial number
* @param delta flag indicating if the component is associated with a delta certificate
- * @return a list of component result.
+ * @return a list of {@link ComponentResult} objects
*/
List findByBoardSerialNumberAndDelta(String boardSerialNumber, boolean delta);
/**
- * Query based on certificate serial number and device serial number.
+ * Query that retrieves a list of {@link ComponentResult} objects based on certificate serial number
+ * and device serial number.
*
* @param certificateSerialNumber certificate specific serial number
* @param boardSerialNumber variable holding the device serial number
- * @return a list of component result.
+ * @return a list of {@link ComponentResult} objects
*/
List findByCertificateSerialNumberAndBoardSerialNumber(
String certificateSerialNumber, String boardSerialNumber);
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/DeviceRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/DeviceRepository.java
index e708812eb..72959b055 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/DeviceRepository.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/DeviceRepository.java
@@ -6,13 +6,22 @@
import java.util.UUID;
+/**
+ * Repository interface for managing {@link Device} entities in the database.
+ *
+ *
+ * The {@link DeviceRepository} interface extends {@link JpaRepository} to provide basic CRUD operations,
+ * including save, find, delete, and query methods. Custom query methods can be defined
+ * using Spring Data JPA's query method naming conventions or with the Query annotation.
+ *
+ */
@Repository
public interface DeviceRepository extends JpaRepository {
/**
- * Query that retrieves a device using the provided device name.
+ * Query that retrieves a {@link Device} object using the provided device name.
*
* @param deviceName device name
- * @return a device
+ * @return a {@link Device} object
*/
Device findByName(String deviceName);
}
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/PolicyRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/PolicyRepository.java
index ae30b9663..9b8282e68 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/PolicyRepository.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/PolicyRepository.java
@@ -6,14 +6,23 @@
import java.util.UUID;
+/**
+ * Repository interface for managing the ACA's {@link PolicySettings} in the database.
+ *
+ *
+ * The {@link PolicyRepository} interface extends {@link JpaRepository} to provide basic CRUD operations,
+ * including save, find, delete, and query methods. Custom query methods can be defined
+ * using Spring Data JPA's query method naming conventions or with the Query annotation.
+ *
+ */
@Repository
public interface PolicyRepository extends JpaRepository {
/**
- * Query that retrieves policy settings using the provided name.
+ * Query that retrieves a {@link PolicySettings} object using the provided name.
*
* @param name name
- * @return policy settings
+ * @return a {@link PolicySettings} object
*/
PolicySettings findByName(String name);
}
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ReferenceDigestValueRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ReferenceDigestValueRepository.java
index 008c2abe8..9cbc329d4 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ReferenceDigestValueRepository.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/ReferenceDigestValueRepository.java
@@ -7,55 +7,48 @@
import java.util.List;
import java.util.UUID;
+/**
+ * Repository interface for managing {@link ReferenceDigestValue} entities in the database.
+ *
+ *
+ * The {@link ReferenceDigestValueRepository} interface extends {@link JpaRepository} to provide basic CRUD operations,
+ * including save, find, delete, and query methods. Custom query methods can be defined
+ * using Spring Data JPA's query method naming conventions or with the Query annotation.
+ *
+ */
@Repository
public interface ReferenceDigestValueRepository extends JpaRepository {
/**
- * Query that retrieves a list of reference digest values using the provided model.
- *
- * @param model string representation of the model
- * @return a list of reference digest values
- */
- List findByModel(String model);
-
- /**
- * Query that retrieves a list of reference digest values using the provided manufacturer.
- *
- * @param manufacturer string representation of the manufacturer
- * @return a list of reference digest values
- */
- List findByManufacturer(String manufacturer);
-
- /**
- * Query that retrieves a list of reference digest values using the provided associated rim id.
+ * Query that retrieves a list of {@link ReferenceDigestValue} objects using the provided associated rim id.
*
* @param associatedRimId uuid representation of the associated rim ID
- * @return a list of reference digest values
+ * @return a list of {@link ReferenceDigestValue} objects
*/
List findValuesByBaseRimId(UUID associatedRimId);
/**
- * Query that retrieves a list of reference digest values using the provided support rim id.
+ * Query that retrieves a list of {@link ReferenceDigestValue} objects using the provided support rim id.
*
* @param supportRimId uuid representation of the support rim ID
- * @return a list of reference digest values
+ * @return a list of {@link ReferenceDigestValue} objects
*/
List findBySupportRimId(UUID supportRimId);
/**
- * Query that retrieves a list of reference digest values using the provided support rim hash.
+ * Query that retrieves a list of {@link ReferenceDigestValue} objects using the provided support rim hash.
*
* @param supportRimHash a string representation of the support rim hash
- * @return a list of reference digest values
+ * @return a list of {@link ReferenceDigestValue} objects
*/
List findBySupportRimHash(String supportRimHash);
/**
- * Query that retrieves a list of reference digest values using the provided manufacturer and model.
+ * Query that retrieves a list of {@link ReferenceDigestValue} objects using the provided manufacturer and model.
*
* @param manufacturer string representation of the manufacturer
* @param model string representation of the model
- * @return a list of reference digest values
+ * @return a list of {@link ReferenceDigestValue} objects
*/
List findByManufacturerAndModel(String manufacturer, String model);
}
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/SupplyChainValidationRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/SupplyChainValidationRepository.java
index b7571b423..c69228f5e 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/SupplyChainValidationRepository.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/SupplyChainValidationRepository.java
@@ -1,28 +1,20 @@
package hirs.attestationca.persist.entity.manager;
import hirs.attestationca.persist.entity.userdefined.SupplyChainValidation;
-import hirs.attestationca.persist.enums.AppraisalStatus;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
-import java.util.List;
import java.util.UUID;
+/**
+ * Repository interface for managing {@link SupplyChainValidation} entities in the database.
+ *
+ *
+ * The {@link SupplyChainValidationRepository} interface extends {@link JpaRepository} to provide basic CRUD
+ * operations, including save, find, delete, and query methods. Custom query methods can be defined
+ * using Spring Data JPA's query method naming conventions or with the Query annotation.
+ *
+ */
@Repository
public interface SupplyChainValidationRepository extends JpaRepository {
- /**
- * Query that retrieves a list of supply chain validation using the provided validate type.
- *
- * @param validationType string representation of the validate type
- * @return a list of supply chain validation
- */
- List findByValidationType(SupplyChainValidation.ValidationType validationType);
-
- /**
- * Query that retrieves a list of supply chain validation using the provided validation result.
- *
- * @param validationResult string representation of the validation result
- * @return a list of supply chain validation
- */
- List findByValidationResult(AppraisalStatus.Status validationResult);
}
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/TPM2ProvisionerStateRepository.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/TPM2ProvisionerStateRepository.java
index ea6c7e91d..bb3af76f5 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/TPM2ProvisionerStateRepository.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/TPM2ProvisionerStateRepository.java
@@ -4,14 +4,23 @@
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
+/**
+ * Repository interface for managing {@link TPM2ProvisionerState} entities in the database.
+ *
+ *
+ * The {@link TPM2ProvisionerStateRepository} interface extends {@link JpaRepository} to provide basic CRUD operations,
+ * including save, find, delete, and query methods. Custom query methods can be defined
+ * using Spring Data JPA's query method naming conventions or with the Query annotation.
+ *
+ */
@Repository
public interface TPM2ProvisionerStateRepository extends JpaRepository {
/**
- * Query that retrieves the TPM2 Provisioner State using the provided first part of nonce.
+ * Query that retrieves the {@link TPM2ProvisionerState} object using the provided first part of nonce.
*
* @param findByFirstPartOfNonce long representation of the first part of nonce
- * @return TPM2 Provisioner State
+ * @return a {@link TPM2ProvisionerState} object
*/
TPM2ProvisionerState findByFirstPartOfNonce(Long findByFirstPartOfNonce);
}
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/package-info.java
index a71f8943b..1d6bc1772 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/manager/package-info.java
@@ -1 +1,6 @@
+/**
+ * Contains all the HIRS manager classes responsible for interacting with the database.
+ * These managers encapsulate the logic for data retrieval, persistence, and manipulation,
+ * providing a higher-level interface for accessing and modifying the underlying data models.
+ */
package hirs.attestationca.persist.entity.manager;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/package-info.java
index fa1fa47f5..c03d9b53f 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/package-info.java
@@ -1,4 +1,5 @@
/**
- * This package has objects for hibernate entity.
+ * Contains Hibernate entity classes that define the data model and map to database tables,
+ * providing the necessary structure for data persistence and retrieval.
*/
package hirs.attestationca.persist.entity;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java
index 6a6a4f72d..cf6a0c730 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java
@@ -1,6 +1,5 @@
package hirs.attestationca.persist.entity.tpm;
-import hirs.attestationca.persist.entity.manager.TPM2ProvisionerStateRepository;
import jakarta.persistence.Column;
import jakarta.persistence.Entity;
import jakarta.persistence.Id;
@@ -18,12 +17,16 @@
* This class is for saving the Identity Claim and the Nonce between the two passes of the
* TPM 2.0 Provisioner.
*/
-@Log4j2
-@NoArgsConstructor
@Entity
+@NoArgsConstructor
+@Log4j2
public class TPM2ProvisionerState {
+
private static final int MAX_BLOB_SIZE = 16777215;
+ @Column(nullable = false)
+ private final Date timestamp = new Date();
+
@Id
private Long firstPartOfNonce;
@@ -34,9 +37,6 @@ public class TPM2ProvisionerState {
@Column(nullable = false, length = MAX_BLOB_SIZE)
private byte[] identityClaim;
- @Column(nullable = false)
- private final Date timestamp = new Date();
-
/**
* Constructor.
*
@@ -69,34 +69,6 @@ public TPM2ProvisionerState(final byte[] nonce, final byte[] identityClaim) {
}
}
- /**
- * Convenience method for finding the {@link TPM2ProvisionerState} associated with the nonce.
- *
- * @param tpm2ProvisionerStateRepository the {@link TPM2ProvisionerStateRepository}
- * to use when looking for the
- * {@link TPM2ProvisionerState}
- * @param nonce the nonce to use as the key for the {@link TPM2ProvisionerState}
- * @return the {@link TPM2ProvisionerState} associated with the nonce;
- * null if a match is not found
- */
- public static TPM2ProvisionerState getTPM2ProvisionerState(
- final TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository,
- final byte[] nonce) {
- try (DataInputStream dis
- = new DataInputStream(new ByteArrayInputStream(nonce))) {
- long firstPartOfNonce = dis.readLong();
- TPM2ProvisionerState stateFound = tpm2ProvisionerStateRepository
- .findByFirstPartOfNonce(firstPartOfNonce);
- if (stateFound != null && Arrays.areEqual(stateFound.getNonce(), nonce)) {
- return stateFound;
- }
- } catch (IOException ioEx) {
- log.error(ioEx.getMessage());
- return null;
- }
- return null;
- }
-
/**
* Get the nonce.
*
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/package-info.java
index 247ff4f63..4fa0ab9c9 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/tpm/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains files for capturing information about the TPM Provisioning state.
+ */
package hirs.attestationca.persist.entity.tpm;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Certificate.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Certificate.java
index b9eaeed39..f7d25f613 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Certificate.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Certificate.java
@@ -489,7 +489,8 @@ public static byte[] readBytes(final Path certificatePath) throws IOException {
* found in various RFCs.
*
* @param certificate the certificate holding subject DNs
- * @return IOException if there is an issue decoding the subject DNs
+ * @return subject distinguished name
+ * @throws IOException if there is an issue decoding the subject DNs
*/
public static String getSubjectDNString(final X509Certificate certificate)
throws IOException {
@@ -509,7 +510,8 @@ public static String getSubjectDNString(final X509Certificate certificate)
* in various RFCs.
*
* @param certificate the certificate holding issuer DNs
- * @return IOException if there is an issue decoding the issuer DNs
+ * @return issuer distinguished name
+ * @throws IOException if there is an issue decoding the issuer distinguished names
*/
public static String getIssuerDNString(final X509Certificate certificate)
throws IOException {
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java
index 66a6ed8f2..cd9401e24 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/Device.java
@@ -22,6 +22,9 @@
import java.sql.Timestamp;
import java.time.LocalDateTime;
+/**
+ * User-defined, Java representation of a physical Device.
+ */
@Entity
@Table(name = "Device")
@Setter
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java
index 472c4ac77..65eb06a8d 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/CertificateVariables.java
@@ -1,173 +1,217 @@
package hirs.attestationca.persist.entity.userdefined.certificate;
+/**
+ * User-defined variables used for the validation, processing, and management of certificates.
+ */
public final class CertificateVariables {
/**
- *
+ * PEM format header for certificate data.
*/
public static final String PEM_HEADER = "-----BEGIN CERTIFICATE-----";
+
/**
- *
+ * PEM format footer for certificate data.
*/
public static final String PEM_FOOTER = "-----END CERTIFICATE-----";
+
/**
- *
+ * PEM format header for attribute certificate data.
*/
public static final String PEM_ATTRIBUTE_HEADER = "-----BEGIN ATTRIBUTE CERTIFICATE-----";
+
/**
- *
+ * PEM format footer for attribute certificate data.
*/
public static final String PEM_ATTRIBUTE_FOOTER = "-----END ATTRIBUTE CERTIFICATE-----";
+
/**
- *
+ * Message indicating a malformed certificate.
*/
public static final String MALFORMED_CERT_MESSAGE = "Malformed certificate detected.";
+
/**
* Maximum certificate length in bytes.
*/
public static final int MAX_CERT_LENGTH_BYTES = 2048;
+
/**
- *
+ * Maximum numeric precision allowed.
*/
public static final int MAX_NUMERIC_PRECISION = 49;
+
/**
* Can store up to 160 bit values.
*/
public static final int MAX_PUB_KEY_MODULUS_HEX_LENGTH = 1024;
+
/**
- *
+ * Key usage bit for the first key operation.
*/
public static final int KEY_USAGE_BIT0 = 0;
+
/**
- *
+ * Key usage bit for the second key operation.
*/
public static final int KEY_USAGE_BIT1 = 1;
+
/**
- *
+ * Key usage bit for the third key operation.
*/
public static final int KEY_USAGE_BIT2 = 2;
+
/**
- *
+ * Key usage bit for the fourth key operation.
*/
public static final int KEY_USAGE_BIT3 = 3;
+
/**
- *
+ * Key usage bit for the fifth key operation.
*/
public static final int KEY_USAGE_BIT4 = 4;
+
/**
- *
+ * Key usage bit for the sixth key operation.
*/
public static final int KEY_USAGE_BIT5 = 5;
+
/**
- *
+ * Key usage bit for the seventh key operation.
*/
public static final int KEY_USAGE_BIT6 = 6;
+
/**
- *
+ * Key usage bit for the eighth key operation.
*/
public static final int KEY_USAGE_BIT7 = 7;
+
/**
- *
+ * Key usage bit for the ninth key operation.
*/
public static final int KEY_USAGE_BIT8 = 8;
+
/**
- *
+ * Digital signature key usage.
*/
public static final String KEY_USAGE_DS = "DIGITAL SIGNATURE";
+
/**
- *
+ * Non-repudiation key usage.
*/
public static final String KEY_USAGE_NR = "NON-REPUDIATION";
+
/**
- *
+ * Key encipherment key usage.
*/
public static final String KEY_USAGE_KE = "KEY ENCIPHERMENT";
+
/**
- *
+ * Data encipherment key usage.
*/
public static final String KEY_USAGE_DE = "DATA ENCIPHERMENT";
+
/**
- *
+ * Key agreement key usage.
*/
public static final String KEY_USAGE_KA = "KEY AGREEMENT";
+
/**
- *
+ * Key certification signature key usage.
*/
public static final String KEY_USAGE_KC = "KEY CERT SIGN";
+
/**
- *
+ * Certificate revocation list signature key usage.
*/
public static final String KEY_USAGE_CS = "CRL SIGN";
+
/**
- *
+ * Key usage for enciphering only.
*/
public static final String KEY_USAGE_EO = "ENCIPHER ONLY";
+
/**
- *
+ * Key usage for deciphering only.
*/
public static final String KEY_USAGE_DO = "DECIPHER ONLY";
+
/**
- *
+ * OID for ECDSA (Elliptic Curve Digital Signature Algorithm).
*/
public static final String ECDSA_OID = "1.2.840.10045.4.3.2";
+
/**
- *
+ * OID for ECDSA with SHA224 hash function.
*/
public static final String ECDSA_SHA224_OID = "1.2.840.10045.4.1";
+
/**
- *
+ * OID for RSA with SHA-256 hash function.
*/
public static final String RSA256_OID = "1.2.840.113549.1.1.11";
+
/**
- *
+ * OID for RSA with SHA-384 hash function.
*/
public static final String RSA384_OID = "1.2.840.113549.1.1.12";
+
/**
- *
+ * OID for RSA with SHA-512 hash function.
*/
public static final String RSA512_OID = "1.2.840.113549.1.1.13";
+
/**
- *
+ * OID for RSA with SHA-224 hash function.
*/
public static final String RSA224_OID = "1.2.840.113549.1.1.14";
+
/**
- *
+ * OID for RSA with SHA-512/224 hash function.
*/
public static final String RSA512_224_OID = "1.2.840.113549.1.1.15";
+
/**
- *
+ * OID for RSA with SHA-512/256 hash function.
*/
public static final String RSA512_256_OID = "1.2.840.113549.1.1.16";
+
/**
- *
+ * Algorithm string for RSA with SHA-256.
*/
public static final String RSA256_STRING = "SHA256WithRSA";
+
/**
- *
+ * Algorithm string for RSA with SHA-384.
*/
public static final String RSA384_STRING = "SHA384WithRSA";
+
/**
- *
+ * Algorithm string for RSA with SHA-224.
*/
public static final String RSA224_STRING = "SHA224WithRSA";
+
/**
- *
+ * Algorithm string for RSA with SHA-512.
*/
public static final String RSA512_STRING = "SHA512WithRSA";
+
/**
- *
+ * Algorithm string for RSA with SHA-512/224.
*/
public static final String RSA512_224_STRING = "SHA512-224WithRSA";
+
/**
- *
+ * Algorithm string for RSA with SHA-512/256.
*/
public static final String RSA512_256_STRING = "SHA512-256WithRSA";
+
/**
- *
+ * Algorithm string for ECDSA with SHA-256.
*/
public static final String ECDSA_STRING = "SHA256WithECDSA";
+
/**
- *
+ * Algorithm string for ECDSA with SHA-224.
*/
public static final String ECDSA_SHA224_STRING = "SHA224WithECDSA";
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java
index 118b8228d..d9d36244e 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/ComponentResult.java
@@ -128,6 +128,8 @@ public ComponentResult(final String boardSerialNumber, final String certificateS
}
/**
+ * Constructor.
+ *
* @param boardSerialNumber associated platform certificate serial number
* @param certificateSerialNumber unique number associated with header info
* @param certificateType type of certificate. Parameter holds version 1.2 or 2.0.
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/IDevIDCertificate.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/IDevIDCertificate.java
index 2a30a6d4c..af72ce8ce 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/IDevIDCertificate.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/IDevIDCertificate.java
@@ -26,6 +26,15 @@
import java.util.Iterator;
import java.util.Map;
+/**
+ * Represents the IEEE 802.1AR secure Device Identifier (DevID).
+ *
+ * The IDevID is a cryptographic identity bound to a device, used to assert its identity in secure networks.
+ * It is generated during manufacturing (e.g., in factories) and remains valid throughout the device's
+ * lifecycle. The IDevID, along with the Initial Attestation Key (IAK), provides a unique and
+ * persistent identity for the device, enabling secure authentication and communication within
+ * 802.1AR-compliant networks.
+ */
@Entity
@Getter
@EqualsAndHashCode(callSuper = true)
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/V2/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/V2/package-info.java
index 12ec500e2..e81fd1a38 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/V2/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/V2/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains V2 certificate attributes/components.
+ */
package hirs.attestationca.persist.entity.userdefined.certificate.attributes.V2;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/package-info.java
index e165d514a..315e92471 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/attributes/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains certificate attributes/components.
+ */
package hirs.attestationca.persist.entity.userdefined.certificate.attributes;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/package-info.java
index dea4ad9bd..62ec028fb 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/certificate/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains the different types of certificates and certificate components.
+ */
package hirs.attestationca.persist.entity.userdefined.certificate;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/package-info.java
index 3e4d9b763..000e2a4a0 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/package-info.java
@@ -1 +1,5 @@
+/**
+ * Contains classes that represent various information components that are embedded
+ * within larger entities.
+ */
package hirs.attestationca.persist.entity.userdefined.info;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/package-info.java
index 0962e038c..63f65b3fd 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/package-info.java
@@ -1 +1,5 @@
+/**
+ * Contains user-defined classes that are mapped to database entities or serve
+ * as supporting components for the retrieval and storage of other entities.
+ */
package hirs.attestationca.persist.entity.userdefined;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/record/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/record/package-info.java
index a297fc9c9..98bfb8fcf 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/record/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/record/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains files that store TPM information as a record.
+ */
package hirs.attestationca.persist.entity.userdefined.record;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/package-info.java
index fca94e7e8..a20cd4c9a 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/report/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains all user defined reports.
+ */
package hirs.attestationca.persist.entity.userdefined.report;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/package-info.java
index aa6343835..457a759b8 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/rim/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains user-defined Reference Integrity Manifest (RIM) files and supporting components.
+ */
package hirs.attestationca.persist.entity.userdefined.rim;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/enums/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/enums/package-info.java
index e1b0239f2..03821eaad 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/enums/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/enums/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains various enumeration types (enums) used across this module.
+ */
package hirs.attestationca.persist.enums;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/IdentityProcessingException.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/IdentityProcessingException.java
index 27efa4728..680a2f4e2 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/IdentityProcessingException.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/IdentityProcessingException.java
@@ -1,8 +1,7 @@
package hirs.attestationca.persist.exceptions;
/**
- * Generic exception thrown when the Attestation Certificate Authority Service
- * is processing a newly submitted Identity.
+ * Generic exception thrown while processing a newly submitted Identity Claim.
*/
public class IdentityProcessingException extends RuntimeException {
/**
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/UnexpectedServerException.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/UnexpectedServerException.java
index 59dbe2102..b0fd2d26c 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/UnexpectedServerException.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/UnexpectedServerException.java
@@ -1,7 +1,7 @@
package hirs.attestationca.persist.exceptions;
/**
- * Generic exception thrown when the Attestation Certificate Authority Service
+ * Generic exception thrown when processing the REST requests made by the provisioner
* encounters an unexpected condition that can't be handled.
*/
public class UnexpectedServerException extends RuntimeException {
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/package-info.java
index 4bc1b6248..1bd34b0a4 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/exceptions/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains user-defined exceptions.
+ */
package hirs.attestationca.persist.exceptions;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/package-info.java
index 625de584d..d0a37f99e 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/package-info.java
@@ -1 +1,7 @@
+/**
+ * This package contains classes and interfaces related to persistence operations
+ * and data management in the application backend. It includes database entities,
+ * Data Access Objects (DAOs), and services responsible for handling database
+ * transactions, data validation, and provisioning logic.
+ */
package hirs.attestationca.persist;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java
index 4e0db30a5..0a79d24d7 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/ProvisionUtils.java
@@ -39,6 +39,9 @@
import java.security.spec.RSAPublicKeySpec;
import java.util.Date;
+/**
+ * Utility class that provides utility methods to assist with the device provisioning process.
+ */
@Log4j2
public final class ProvisionUtils {
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/package-info.java
index 52e582fe1..86d03f715 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/helper/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains all the helper function files that are used to support the provisioning process.
+ */
package hirs.attestationca.persist.provision.helper;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/package-info.java
index d995e10f1..a40871f5b 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains all the files and components involved in the provisioning process.
+ */
package hirs.attestationca.persist.provision;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/CertificatePageService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/CertificatePageService.java
index 613d12632..fcd4e1a0d 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/CertificatePageService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/CertificatePageService.java
@@ -78,15 +78,15 @@ public CertificatePageService(final CertificateRepository certificateRepository,
/**
* Takes the provided column names, the search term that the user entered and attempts to find
- * certificates whose field values matches the provided search term.
+ * {@link Certificate} objects whose field values matches the provided search term.
*
* @param entityClass generic certificate entity class
* @param searchableColumnNames list of the searchable column names
* @param globalSearchTerm text that was input in the global search textbox
* @param archiveFlag archive flag
* @param pageable pageable
- * @param generic entity class that extends from certificate
- * @return page full of the generic certificates.
+ * @param generic entity class that extends from {@link Certificate}
+ * @return page full of the generic {@link Certificate} objects.
*/
public Page findCertificatesByGlobalSearchTermAndArchiveFlag(
final Class entityClass,
@@ -124,14 +124,14 @@ public Page findCertificatesByGlobalSearchTermAndArch
/**
* Takes the provided columns that come with a search criteria and attempts to find
- * certificates that match the column's specific search criteria's search value.
+ * {@link Certificate} objects that match the column's specific search criteria's search value.
*
* @param entityClass generic certificate entity class
* @param columnsWithSearchCriteria columns that have a search criteria applied to them
* @param archiveFlag archive flag
* @param pageable pageable
- * @param generic entity class that extends from certificate
- * @return page full of the generic certificates.
+ * @param generic entity class that extends from {@link Certificate}
+ * @return page full of the generic {@link Certificate} objects.
*/
public Page findCertificatesByColumnSpecificSearchTermAndArchiveFlag(
final Class entityClass,
@@ -167,16 +167,17 @@ public Page findCertificatesByColumnSpecificSearchTer
}
/**
- * Finds certificates based on both global search and column-specific search criteria.
+ * Finds {@link Certificate} objects based on both global search and column-specific search criteria.
* The method applies the provided global search term across all searchable columns
* and also applies column-specific filters based on the individual column search criteria.
* The results are returned with pagination support.
*
* This method combines the logic of two search functionalities:
- * - Global search: Searches across all specified columns for a matching term.
- * - Column-specific search: Filters based on individual column search criteria, such as text
- * or date searches.
- *
+ *
+ *
Global search: Searches across all specified columns for a matching term.
+ *
Column-specific search: Filters based on individual column search criteria,
+ * such as text or date searches.
+ *
*
* @param entityClass generic certificate entity class
* @param searchableColumnNames list of the searchable column names
@@ -184,8 +185,8 @@ public Page findCertificatesByColumnSpecificSearchTer
* @param columnsWithSearchCriteria columns that have a search criteria applied to them
* @param pageable pageable
* @param archiveFlag archive flag
- * @param generic entity class that extends from certificate
- * @return page full of the generic certificates.
+ * @param generic entity class that extends from {@link Certificate}
+ * @return page full of the generic {@link Certificate} objects.
*/
public Page findCertificatesByGlobalAndColumnSpecificSearchTerm(
final Class entityClass,
@@ -230,24 +231,23 @@ public Page findCertificatesByGlobalAndColumnSpecific
}
/**
- * Attempts to find a certificate whose uuid matches the provided uuid.
+ * Attempts to find a {@link Certificate} object whose uuid matches the provided uuid.
*
* @param uuid certificate uuid
- * @return certificate
+ * @return a {@link Certificate} object
*/
public Certificate findCertificate(final UUID uuid) {
return this.certificateRepository.getCertificate(uuid);
}
/**
- * Stores the given certificate in the database.
+ * Stores the given {@link Certificate} object in the database.
*
* @param certificateType String containing the certificate type
- * @param fileName contain the name of the file of the certificate to
- * be stored
+ * @param fileName contain the name of the file of the certificate to be stored
* @param successMessages contains any success messages that will be displayed on the page
* @param errorMessages contains any error messages that will be displayed on the page
- * @param certificate the certificate to store
+ * @param certificate the {@link Certificate} object to store
*/
public void storeCertificate(final CertificateType certificateType,
final String fileName,
@@ -348,7 +348,7 @@ public void storeCertificate(final CertificateType certificateType,
}
/**
- * Soft deletes the provided certificate from the database.
+ * Soft deletes the provided {@link Certificate} object from the database.
*
* @param uuid the UUID of the cert to delete
* @param successMessages contains any success messages that will be displayed on the page
@@ -393,7 +393,7 @@ public void deleteCertificate(final UUID uuid,
}
/**
- * Bulk deletes the provided list of certificates from the database.
+ * Bulk deletes the provided list of {@link Certificate} objects from the database.
*
* @param ids the list of certificate ids to delete
* @param successMessages contains any success messages that will be displayed on the page
@@ -412,7 +412,7 @@ public void bulkDeleteCertificates(final List ids,
}
/**
- * Packages a collection of certificates into a zip file for download.
+ * Packages a collection of {@link Certificate} objects into a zip file for download.
*
* @param zipOut zip outputs stream
* @param singleFileName zip file name
@@ -441,12 +441,12 @@ public void bulkDownloadCertificates(final ZipOutputStream zipOut,
}
/**
- * Retrieves a certificate from the database and prepares its contents for download.
+ * Retrieves a {@link Certificate} object from the database and prepares its contents for download.
*
* @param certificateClass generic certificate class
* @param uuid certificate uuid
* @param certificate type
- * @return download file of a certificate
+ * @return download file of a {@link Certificate} object
*/
public DownloadFile downloadCertificate(final Class certificateClass,
final UUID uuid) {
@@ -591,7 +591,7 @@ private List getSortingOrders(final CriteriaBuild
*
* @param searchableColumnNames the columns to be searched globally
* @param criteriaBuilder the criteria builder to construct the predicates
- * @param certificateRoot the root entity representing the certificate
+ * @param certificateRoot the root entity representing the {@link Certificate} object
* @param globalSearchTerm the term to search for across columns
* @param the entity type that extends `Certificate`
* @return a combined `Predicate` representing the global search conditions
@@ -640,7 +640,7 @@ private Predicate createPredicatesForGlobalSearch(
*
* @param columnsWithSearchCriteria the columns and their associated search criteria
* @param criteriaBuilder the criteria builder to construct the predicates
- * @param certificateRoot the root entity representing the certificate
+ * @param certificateRoot the root entity representing the {@link Certificate} object
* @param the entity type that extends `Certificate`
* @return a combined `Predicate` representing the column-specific search conditions
*/
@@ -687,10 +687,10 @@ private Predicate createPredicatesForColumnSpecificSearc
}
/**
- * Retrieves the platform certificate by the platform serial number.
+ * Retrieves the {@link PlatformCredential} object by the platform serial number.
*
* @param serialNumber the platform serial number
- * @return the certificate or null if none is found
+ * @return the list of {@link PlatformCredential} objects or null if none is found
*/
private List getPlatformCertificateByBoardSN(final String serialNumber) {
List associatedCertificates = new ArrayList<>();
@@ -702,10 +702,10 @@ private List getPlatformCertificateByBoardSN(final String se
}
/**
- * Helper method that utilizes the components of the provided platform certificate to generate
- * a collection of component results and subsequently stores these results in the database.
+ * Helper method that utilizes the components of the provided {@link PlatformCredential} object to generate
+ * a list of {@link ComponentResult} objects and subsequently stores these results in the database.
*
- * @param platformCredential certificate
+ * @param platformCredential platform certificate
*/
private void parseAndSaveComponentResults(final PlatformCredential platformCredential)
throws IOException {
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/DevicePageService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/DevicePageService.java
index 36c50249e..d47733642 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/DevicePageService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/DevicePageService.java
@@ -70,7 +70,7 @@ public DevicePageService(final DeviceRepository deviceRepository,
/**
* Takes the provided column names, the search term that the user entered and attempts to find
- * devices whose field values matches the provided search term.
+ * {@link Device} objects whose field values matches the provided search term.
*
* @param searchableColumnNames list of the searchable column name
* @param globalSearchTerm text that was input in the global search textbox
@@ -109,7 +109,7 @@ public Page findDevicesByGlobalSearchTerm(
/**
* Takes the provided columns that come with a search criteria and attempts to find
- * devices that match the column's specific search criteria's search value.
+ * {@link Device} objects that match the column's specific search criteria's search value.
*
* @param columnsWithSearchCriteria columns that have a search criteria applied to them
* @param pageable pageable
@@ -145,21 +145,23 @@ public Page findDevicesByColumnSpecificSearchTerm(
/**
- * Finds devices based on both global search and column-specific search criteria.
+ * Finds {@link Device} objects based on both global search and column-specific search criteria.
* The method applies the provided global search term across all searchable columns
* and also applies column-specific filters based on the individual column search criteria.
* The results are returned with pagination support.
*
* This method combines the logic of two search functionalities:
- * - Global search: Searches across all specified columns for a matching term.
- * - Column-specific search: Filters based on individual column search criteria, such as text or date searches.
- *
+ *
+ *
Global search: Searches across all specified columns for a matching term.
+ *
Column-specific search: Filters based on individual column search criteria,
+ * such as text or date searches.
+ *
*
* @param searchableColumnNames list of the searchable column names
* @param globalSearchTerm The term that the user enters in the global search box.
* @param columnsWithSearchCriteria columns that have a search criteria applied to them
* @param pageable pageable
- * @return A Page containing a list of devices that match both the global search term and
+ * @return A Page containing a list of {@link Device} objects that match both the global search term and
* the column-specific search criteria.
*/
public Page findDevicesByGlobalAndColumnSpecificSearchTerm(
@@ -200,28 +202,28 @@ public Page findDevicesByGlobalAndColumnSpecificSearchTerm(
/**
- * Retrieves all devices from the database.
+ * Retrieves all {@link Device} objects from the database.
*
* @param pageable pageable
- * @return a page of all devices
+ * @return a page of all {@link Device} objects
*/
public Page findAllDevices(final Pageable pageable) {
return deviceRepository.findAll(pageable);
}
/**
- * Retrieves the total number of records in the device repository.
+ * Retrieves the total number of records stored in the {@link DeviceRepository}.
*
- * @return total number of records in the device repository.
+ * @return total number of records stored in the {@link DeviceRepository}
*/
public long findDeviceRepositoryCount() {
return deviceRepository.count();
}
/**
- * Returns the list of devices associated with the platform and endorsement certificates.
+ * Returns the list of {@link Device} objects associated with the platform and endorsement certificates.
*
- * @param deviceList list containing the devices
+ * @param deviceList list containing the {@link Device} objects
* @return a record list after the device and certificate was mapped together.
*/
public FilteredRecordsList> retrieveDevicesAndAssociatedCertificates(
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/IDevIdCertificatePageService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/IDevIdCertificatePageService.java
index 2c1903f34..a600d9b29 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/IDevIdCertificatePageService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/IDevIdCertificatePageService.java
@@ -24,7 +24,7 @@ public class IDevIdCertificatePageService {
/**
* Constructor for the IDevId Certificate Page Service.
*
- * @param iDevIDCertificateRepository idevid certificate repository
+ * @param iDevIDCertificateRepository IDevId Certificate Repository
*/
@Autowired
public IDevIdCertificatePageService(final IDevIDCertificateRepository iDevIDCertificateRepository) {
@@ -32,11 +32,11 @@ public IDevIdCertificatePageService(final IDevIDCertificateRepository iDevIDCert
}
/**
- * Retrieves a page of idevid certificates using the provided archive flag and pageable value.
+ * Retrieves a page of {@link IDevIDCertificate} objects using the provided archive flag and pageable value.
*
* @param archiveFlag archive flag
* @param pageable pageable
- * @return page of idevid certificates
+ * @return page of {@link IDevIDCertificate} objects
*/
public Page findIDevCertificatesByArchiveFlag(final boolean archiveFlag,
final Pageable pageable) {
@@ -44,20 +44,20 @@ public Page findIDevCertificatesByArchiveFlag(final boolean a
}
/**
- * Retrieves the total number of records in the idevid certificate repository.
+ * Retrieves the total number of records stored in the {@link IDevIDCertificateRepository}.
*
- * @return total number of records in the idevid certificate repository.
+ * @return total number of records stored in the {@link IDevIDCertificateRepository}.
*/
public long findIDevIdCertificateRepositoryCount() {
return iDevIDCertificateRepository.countByArchiveFlag(false);
}
/**
- * Attempts to parse the provided file in order to create an IDevId Certificate.
+ * Attempts to parse the provided file in order to create an {@link IDevIDCertificate} object.
*
* @param file file
* @param errorMessages contains any error messages that will be displayed on the page
- * @return IDevId certificate
+ * @return an {@link IDevIDCertificate} object
*/
public IDevIDCertificate parseIDevIDCertificate(final MultipartFile file, final List errorMessages) {
log.info("Received IDevId certificate file of size: {}", file.getSize());
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/PolicyPageService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/PolicyPageService.java
index 750149dc3..56397bb2c 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/PolicyPageService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/PolicyPageService.java
@@ -374,7 +374,6 @@ public boolean updateAttestationCertExpirationPolicy(
/**
* Updates the Attestation Certificate generation threshold value under the generate attestation
* certificate policy setting using the provided user input.
- *
*
* @param canGenerateAttestationCertificateOnExpiration boolean value representation of the current
* policy option's state
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ReferenceDigestValuePageService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ReferenceDigestValuePageService.java
index 954f312f4..29be4b12d 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ReferenceDigestValuePageService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ReferenceDigestValuePageService.java
@@ -56,13 +56,13 @@ public ReferenceDigestValuePageService(final ReferenceManifestRepository referen
/**
* Takes the provided column names, the search term that the user entered and attempts to find
- * reference digest values whose field values matches the provided search term.
+ * {@link ReferenceDigestValue} objects whose field values matches the provided search term.
*
* @param searchableColumnNames list of the searchable column names
* @param globalSearchTerm text that was input in the global search textbox
* @param pageable pageable
- * @return A Page containing a list of reference digest values that match the global search term entered
- * in the global search textbox
+ * @return A Page containing a list of {@link ReferenceDigestValue} objects that match the global search term
+ * entered in the global search textbox
*/
public Page findReferenceDigestValuesByGlobalSearchTerm(
final Set searchableColumnNames,
@@ -96,11 +96,11 @@ public Page findReferenceDigestValuesByGlobalSearchTerm(
/**
* Takes the provided columns that come with a search criteria and attempts to find
- * reference digest values that match the column's specific search criteria's search value.
+ * {@link ReferenceDigestValue} objects that match the column's specific search criteria's search value.
*
* @param columnsWithSearchCriteria columns that have a search criteria applied to them
* @param pageable pageable
- * @return A Page containing a list of reference digest values that match the column specific search
+ * @return A Page containing a list of {@link ReferenceDigestValue} objects that match the column specific search
* criteria
*/
public Page findReferenceDigestValuesByColumnSpecificSearchTerm(
@@ -132,23 +132,24 @@ public Page findReferenceDigestValuesByColumnSpecificSearc
}
/**
- * Finds reference digest values based on both global search and column-specific search criteria.
+ * Finds {@link ReferenceDigestValue} objects based on both global search and column-specific search criteria.
* The method applies the provided global search term across all searchable columns
* and also applies column-specific filters based on the individual column search criteria.
* The results are returned with pagination support.
*
* This method combines the logic of two search functionalities:
- * - Global search: Searches across all specified columns for a matching term.
- * - Column-specific search: Filters based on individual column search criteria, such as text
- * or date searches.
- *
+ *
+ *
Global search: Searches across all specified columns for a matching term.
+ *
Column-specific search: Filters based on individual column search criteria,
+ * such as text or date searches.
+ *
*
* @param searchableColumnNames list of the searchable column names
* @param globalSearchTerm text that was input in the global search textbox
* @param columnsWithSearchCriteria columns that have a search criteria applied to them
* @param pageable pageable
- * @return A Page containing a list of reference digest values that match both the global search term and
- * the column-specific search criteria.
+ * @return A Page containing a list of {@link ReferenceDigestValue} objects that match both the global search term
+ * and the column-specific search criteria.
*/
public Page findReferenceDigestValuesByGlobalAndColumnSpecificSearchTerm(
final Set searchableColumnNames,
@@ -189,17 +190,17 @@ public Page findReferenceDigestValuesByGlobalAndColumnSpec
}
/**
- * Retrieves a page full of reference digest values using the provided pageable value.
+ * Retrieves a page full of {@link ReferenceDigestValue} objects using the provided pageable value.
*
* @param pageable pageable
- * @return page full of reference digest values
+ * @return page full of {@link ReferenceDigestValue} objects
*/
public Page findAllReferenceDigestValues(final Pageable pageable) {
return referenceDigestValueRepository.findAll(pageable);
}
/**
- * Saves the provided reference digest value in the reference digest value repository.
+ * Saves the provided {@link ReferenceDigestValue} object in the reference digest value repository.
*
* @param referenceDigestValue reference digest value
*/
@@ -208,16 +209,16 @@ public void saveReferenceDigestValue(final ReferenceDigestValue referenceDigestV
}
/**
- * Retrieves the total number of records in the reference digest value repository.
+ * Retrieves the total number of records stored in the {@link ReferenceDigestValueRepository}.
*
- * @return total number of records in the reference digest value repository.
+ * @return total number of records stored in the {@link ReferenceDigestValueRepository}.
*/
public long findReferenceDigestValueRepositoryCount() {
return referenceDigestValueRepository.count();
}
/**
- * Determines if the RIM, using the provided id, exists in the repository.
+ * Determines if the RIM, using the provided id, exists in the {@link ReferenceManifestRepository}.
*
* @param uuid uuid representation of the reference manifest id
* @return true if the provided RIM exists in the database,
@@ -228,10 +229,11 @@ public boolean doesRIMExist(final UUID uuid) {
}
/**
- * Retrieves the Reference Manifest in the repository using the provided id.
+ * Retrieves the {@link ReferenceManifest} object from the {@link ReferenceManifestRepository} using the
+ * provided id.
*
* @param uuid uuid representation of the RIM
- * @return the found Reference Manifest
+ * @return the found {@link ReferenceManifest} object
*/
public ReferenceManifest findRIMById(final UUID uuid) {
return referenceManifestRepository.getReferenceById(uuid);
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ReferenceManifestPageService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ReferenceManifestPageService.java
index d5ae038bd..be725e8e3 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ReferenceManifestPageService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ReferenceManifestPageService.java
@@ -166,10 +166,11 @@ public Page findRIMSByColumnSpecificSearchTermAndArchiveFlag(
* The results are returned with pagination support.
*
* This method combines the logic of two search functionalities:
- * - Global search: Searches across all specified columns for a matching term.
- * - Column-specific search: Filters based on individual column search criteria, such as text
- * or date searches.
- *
+ *
+ *
Global search: Searches across all specified columns for a matching term.
+ *
Column-specific search: Filters based on individual column search criteria,
+ * such as text or date searches.
+ *
*
* @param searchableColumnNames list of the searchable column names
* @param globalSearchTerm text that was input in the global search textbox
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationSummaryPageService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationSummaryPageService.java
index 3a5dcc2c6..15cea0f9c 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationSummaryPageService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/ValidationSummaryPageService.java
@@ -97,7 +97,7 @@ public ValidationSummaryPageService(final SupplyChainValidationSummaryRepository
/**
* Takes the provided column names, the search term that the user entered and attempts to find
- * validation summaries whose field values matches the provided search term.
+ * {@link SupplyChainValidationSummary} objects whose field values matches the provided search term.
*
* @param searchableColumnNames list of the searchable column name
* @param globalSearchTerm text that was input in the global search textbox
@@ -144,7 +144,7 @@ public Page findValidationReportsByGlobalSearchTer
/**
* Takes the provided columns that come with a search criteria and attempts to find
- * supply chain validation summary reports that match the column's specific search criteria's search
+ * {@link SupplyChainValidationSummary} objects that match the column's specific search criteria's search
* value.
*
* @param columnsWithSearchCriteria columns that have a search criteria applied to them
@@ -187,16 +187,18 @@ public Page findValidationReportsByGlobalSearchTer
/**
- * Finds supply chain validation summaries based on both global search and
+ * Finds {@link SupplyChainValidationSummary} objects based on both global search and
* column-specific search criteria.
* The method applies the provided global search term across all searchable columns
* and also applies column-specific filters based on the individual column search criteria.
* The results are returned with pagination support.
*
* This method combines the logic of two search functionalities:
- * - Global search: Searches across all specified columns for a matching term.
- * - Column-specific search: Filters based on individual column search criteria, such as text or date searches.
- *
+ *
+ *
Global search: Searches across all specified columns for a matching term.
+ *
Column-specific search: Filters based on individual column search criteria,
+ * such as text or date searches.
+ *
*
* @param searchableColumnNames list of the searchable column names
* @param globalSearchTerm The term that the user enters in the global search box.
@@ -261,9 +263,9 @@ public Page findValidationSummaryReportsByPageable
}
/**
- * Retrieves the total number of records in the supply chain validation summary repository.
+ * Retrieves the total number of records stored in the {@link SupplyChainValidationSummaryRepository}.
*
- * @return total number of records in the supply chain validation summary repository
+ * @return total number of records stored in the {@link SupplyChainValidationSummaryRepository}
*/
public long findValidationSummaryRepositoryCount() {
return supplyChainValidationSummaryRepository.count();
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/package-info.java
index 0210df6cb..452f3da67 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains all the HIRS service classes and supporting files.
+ */
package hirs.attestationca.persist.service;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/util/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/util/package-info.java
index 6c8ce4b49..3c0f7eae7 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/util/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/service/util/package-info.java
@@ -1 +1,5 @@
+/**
+ * Contains utility classes and supporting components that assist service classes
+ * in performing various tasks.
+ */
package hirs.attestationca.persist.service.util;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/tpm/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/tpm/package-info.java
index 798996299..46f620c6a 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/tpm/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/tpm/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains the plain java objects (POJOs) that are used for PCR validation.
+ */
package hirs.attestationca.persist.tpm;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java
index 89dca5f75..4e3fab26a 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/CredentialHelper.java
@@ -1,15 +1,23 @@
package hirs.attestationca.persist.util;
+import hirs.attestationca.persist.entity.userdefined.certificate.CertificateAuthorityCredential;
import hirs.attestationca.persist.entity.userdefined.certificate.CertificateVariables;
import lombok.extern.log4j.Log4j2;
import org.bouncycastle.util.encoders.Base64;
+import java.io.IOException;
import java.nio.ByteBuffer;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.ListIterator;
+import java.util.Set;
+/**
+ * Helper class that provides various utility methods for handling credential-related tasks.
+ */
@Log4j2
public final class CredentialHelper {
@@ -19,11 +27,31 @@ public final class CredentialHelper {
private CredentialHelper() {
}
+ /**
+ * Converts a set of {@link CertificateAuthorityCredential} certificates to a list of
+ * {@link X509Certificate} Certificates.
+ *
+ * @param certificateAuthorityCredentials Set of {@link CertificateAuthorityCredential} certificates
+ * to convert
+ * @return list of {@link X509Certificate} certificates
+ * @throws IOException if any issues arise attempting to convert the list of certificate
+ * authority credentials to X509 certificates
+ */
+ public static List convertCACsToX509Certificates(
+ final Set certificateAuthorityCredentials)
+ throws IOException {
+ List certs = new ArrayList<>(certificateAuthorityCredentials.size());
+ for (CertificateAuthorityCredential cac : certificateAuthorityCredentials) {
+ certs.add(cac.getX509Certificate());
+ }
+ return certs;
+ }
+
/**
* Small method to check if the certificate is a PEM.
*
* @param possiblePEM header information
- * @return true if it is.
+ * @return true if the provided string is a PEM.
*/
public static boolean isPEM(final String possiblePEM) {
return possiblePEM.contains(CertificateVariables.PEM_HEADER)
@@ -34,7 +62,7 @@ public static boolean isPEM(final String possiblePEM) {
* Small method to check if there are multi pem files.
*
* @param possiblePEM header information
- * @return true if it is.
+ * @return true if the provided string is a Multi-PEM.
*/
public static boolean isMultiPEM(final String possiblePEM) {
boolean multiPem = false;
@@ -80,7 +108,6 @@ public static byte[] stripPemHeaderFooter(final String pemFile) {
* @param certificateBytes raw byte form
* @return a cleaned up byte form
*/
-
public static byte[] trimCertificate(final byte[] certificateBytes) {
int certificateStart = 0;
int certificateLength = 0;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/package-info.java
index 736028a84..a589900c9 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/util/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains general util classes used for all packages within the module.
+ */
package hirs.attestationca.persist.util;
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
index b4d2441c0..d6ceab408 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CertificateAttributeScvValidator.java
@@ -35,6 +35,9 @@
import static hirs.attestationca.persist.enums.AppraisalStatus.Status.FAIL;
import static hirs.attestationca.persist.enums.AppraisalStatus.Status.PASS;
+/**
+ * Validator class responsible for validating certificate attributes.
+ */
@Log4j2
public class CertificateAttributeScvValidator extends SupplyChainCredentialValidator {
@@ -153,6 +156,7 @@ public static AppraisalStatus validatePlatformCredentialAttributesV1p2(
* @param ignoreRevisionAttribute policy flag to ignore the revision attribute
* @param ignorePcieVpdAttribute policy flag to ignore the pcie vpd attribute
* @return either PASS or FAIL
+ * @throws IOException if any issues arise while validating v2 platform credential attributes
*/
public static AppraisalStatus validatePlatformCredentialAttributesV2p0(
final PlatformCredential platformCredential,
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CredentialValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CredentialValidator.java
index bb2029acd..629f4540c 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CredentialValidator.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/CredentialValidator.java
@@ -28,6 +28,9 @@
import static hirs.attestationca.persist.enums.AppraisalStatus.Status.FAIL;
import static hirs.attestationca.persist.enums.AppraisalStatus.Status.PASS;
+/**
+ * Validator class responsible for validating certificates.
+ */
@Log4j2
public class CredentialValidator extends SupplyChainCredentialValidator {
@@ -177,6 +180,7 @@ public static AppraisalStatus validatePlatformCredential(final PlatformCredentia
* @param ignoreRevisionAttribute policy flag to ignore the revision attribute
* @param ignorePcieVpdAttribute policy flag to ignore the pcie vpd attribute
* @return The result of the validation.
+ * @throws IOException if any issues arise while validating platform credential attributes
*/
public static AppraisalStatus validatePlatformCredentialAttributes(
final PlatformCredential platformCredential,
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java
index 8024fa568..c6a02683a 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/FirmwareScvValidator.java
@@ -36,6 +36,9 @@
import static hirs.attestationca.persist.enums.AppraisalStatus.Status.FAIL;
import static hirs.attestationca.persist.enums.AppraisalStatus.Status.PASS;
+/**
+ * Validator class responsible for validating firmware-related information.
+ */
@Log4j2
public class FirmwareScvValidator extends SupplyChainCredentialValidator {
@@ -43,6 +46,8 @@ public class FirmwareScvValidator extends SupplyChainCredentialValidator {
private static ReferenceManifest supportReferenceManifest;
/**
+ * Validates the firmware and returns an {@link AppraisalStatus}.
+ *
* @param device device
* @param policySettings policy settings
* @param referenceManifestRepository reference manifest repository
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java
index f33112a31..bb74ab85d 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainCredentialValidator.java
@@ -34,6 +34,10 @@
import java.util.List;
import java.util.Set;
+/**
+ * Base class used for supply chain credential validators. This class provides common functionality and
+ * structure for validators
+ */
@Log4j2
public class SupplyChainCredentialValidator {
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainValidationService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainValidationService.java
index d1bc22c0d..f602177ac 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainValidationService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/SupplyChainValidationService.java
@@ -8,7 +8,6 @@
import hirs.attestationca.persist.entity.manager.PolicyRepository;
import hirs.attestationca.persist.entity.manager.ReferenceDigestValueRepository;
import hirs.attestationca.persist.entity.manager.ReferenceManifestRepository;
-import hirs.attestationca.persist.entity.manager.SupplyChainValidationRepository;
import hirs.attestationca.persist.entity.manager.SupplyChainValidationSummaryRepository;
import hirs.attestationca.persist.entity.userdefined.Device;
import hirs.attestationca.persist.entity.userdefined.PolicySettings;
@@ -43,6 +42,9 @@
import static hirs.attestationca.persist.enums.AppraisalStatus.Status.FAIL;
import static hirs.attestationca.persist.enums.AppraisalStatus.Status.PASS;
+/**
+ * A service layer class responsible for validating the supply chain based on the policy settings.
+ */
@Log4j2
@Service
public class SupplyChainValidationService {
@@ -66,7 +68,6 @@ public class SupplyChainValidationService {
* @param componentResultRepository the comp result manager
* @param componentAttributeRepository component attribute repository
* @param referenceManifestRepository the RIM manager
- * @param supplyChainValidationRepository the scv manager
* @param supplyChainValidationSummaryRepository the summary manager
* @param referenceDigestValueRepository the even manager
*/
@@ -78,7 +79,6 @@ public SupplyChainValidationService(
final ComponentResultRepository componentResultRepository,
final ComponentAttributeRepository componentAttributeRepository,
final ReferenceManifestRepository referenceManifestRepository,
- final SupplyChainValidationRepository supplyChainValidationRepository,
final SupplyChainValidationSummaryRepository supplyChainValidationSummaryRepository,
final ReferenceDigestValueRepository referenceDigestValueRepository) {
this.caCredentialRepository = caCredentialRepository;
@@ -101,6 +101,7 @@ public SupplyChainValidationService(
* @param device The device to be validated.
* @param componentInfos list of components from the device
* @return A summary of the validation results.
+ * @throws IOException if any issues arise from validating the supply chain
*/
public SupplyChainValidationSummary validateSupplyChain(final EndorsementCredential ec,
final List pcs,
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/ValidationService.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/ValidationService.java
index b1066136c..40f05b6e9 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/ValidationService.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/ValidationService.java
@@ -37,6 +37,10 @@
import java.util.Set;
import java.util.UUID;
+/**
+ * Service class responsible for validating platform credentials, endorsement credentials, firmware
+ * components and other types of data based on what was set in the {@link PolicySettings}.
+ */
@Log4j2
public final class ValidationService {
@@ -131,6 +135,7 @@ public static SupplyChainValidation evaluatePlatformCredentialStatus(
* @param ignoreRevisionAttribute whether to ignore revision attribute
* @param ignorePcieVpdAttribute whether to ignore the pcie vpd attribute
* @return a supply chain validation
+ * @throws IOException if any issues arise while evaluating the platform credential attributes
*/
public static SupplyChainValidation evaluatePCAttributesStatus(
final PlatformCredential platformCredential, final DeviceInfoReport deviceInfoReport,
diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/package-info.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/package-info.java
index 27ae86db3..ad7ab12bd 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/package-info.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/validation/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains validator classes.
+ */
package hirs.attestationca.persist.validation;
diff --git a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerStateTest.java b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerStateServiceTest.java
similarity index 60%
rename from HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerStateTest.java
rename to HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerStateServiceTest.java
index 6ce900c9d..f461e7204 100644
--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerStateTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerStateServiceTest.java
@@ -1,7 +1,13 @@
package hirs.attestationca.persist.entity.tpm;
import hirs.attestationca.persist.entity.manager.TPM2ProvisionerStateRepository;
+import hirs.attestationca.persist.provision.service.Tpm2ProvisionerStateService;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
@@ -12,16 +18,44 @@
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
/**
- * Contains unit tests for {@link TPM2ProvisionerState}.
+ * Contains unit tests for {@link TPM2ProvisionerState} and {@link Tpm2ProvisionerStateService}.
*/
-public class TPM2ProvisionerStateTest {
+public class TPM2ProvisionerStateServiceTest {
private static final Random RANDOM_GENERATOR = new Random();
+ @InjectMocks
+ private Tpm2ProvisionerStateService tpm2ProvisionerStateService;
+
+ @Mock
+ private TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository;
+
+ private AutoCloseable mocks;
+
+ /**
+ * Setups configuration prior to each test method.
+ */
+ @BeforeEach
+ public void setupTests() {
+ // Initializes mocks before each test
+ mocks = MockitoAnnotations.openMocks(this);
+ }
+
+ /**
+ * Closes mocks after the completion of each test method.
+ *
+ * @throws Exception if any issues arise while closing mocks.
+ */
+ @AfterEach
+ public void afterEach() throws Exception {
+ if (mocks != null) {
+ mocks.close();
+ }
+ }
+
/**
* Tests that the values passed to the constructor are equal to the values
* returned by the getters.
@@ -36,7 +70,7 @@ public final void testTPM2ProvisionerState() {
RANDOM_GENERATOR.nextBytes(nonce);
RANDOM_GENERATOR.nextBytes(identityClaim);
- TPM2ProvisionerState state = new TPM2ProvisionerState(nonce, identityClaim);
+ final TPM2ProvisionerState state = new TPM2ProvisionerState(nonce, identityClaim);
assertArrayEquals(nonce, state.getNonce());
assertArrayEquals(identityClaim, state.getIdentityClaim());
@@ -46,7 +80,7 @@ public final void testTPM2ProvisionerState() {
* Test that the constructor throws an {@link IllegalArgumentException} when a null is
* passed in for the nonce.
*
- * @throws IllegalArgumentException this will never happen
+ * @throws IllegalArgumentException if any issues any arise while retrieving the TPM Provisioner State
*/
@Test
public final void testNullNonce() throws IllegalArgumentException {
@@ -54,15 +88,14 @@ public final void testNullNonce() throws IllegalArgumentException {
byte[] identityClaim = new byte[identityClaimSize];
RANDOM_GENERATOR.nextBytes(identityClaim);
- assertThrows(IllegalArgumentException.class, () ->
- new TPM2ProvisionerState(null, identityClaim));
+ assertThrows(IllegalArgumentException.class, () -> new TPM2ProvisionerState(null, identityClaim));
}
/**
* Test that the constructor throws an {@link IllegalArgumentException} when a null is
* passed in for the identity claim.
*
- * @throws IllegalArgumentException this will never happen
+ * @throws IllegalArgumentException if any issues any arise while retrieving the TPM Provisioner State
*/
@Test
public final void testNullIdentityClaim() throws IllegalArgumentException {
@@ -71,15 +104,14 @@ public final void testNullIdentityClaim() throws IllegalArgumentException {
RANDOM_GENERATOR.nextBytes(nonce);
- assertThrows(IllegalArgumentException.class, () ->
- new TPM2ProvisionerState(nonce, null));
+ assertThrows(IllegalArgumentException.class, () -> new TPM2ProvisionerState(nonce, null));
}
/**
* Test that the constructor throws an {@link IllegalArgumentException} when a nonce is
* passed in that is less than 8 bytes.
*
- * @throws IllegalArgumentException this will never happen
+ * @throws IllegalArgumentException if any issues any arise while retrieving the TPM Provisioner State
*/
@Test
public final void testNonceToSmall() throws IllegalArgumentException {
@@ -90,23 +122,17 @@ public final void testNonceToSmall() throws IllegalArgumentException {
RANDOM_GENERATOR.nextBytes(nonce);
RANDOM_GENERATOR.nextBytes(identityClaim);
- assertThrows(IllegalArgumentException.class, () ->
- new TPM2ProvisionerState(nonce, identityClaim));
+ assertThrows(IllegalArgumentException.class, () -> new TPM2ProvisionerState(nonce, identityClaim));
}
-
/**
- * Test that {@link TPM2ProvisionerState#getTPM2ProvisionerState(
- *TPM2ProvisionerStateRepository, byte[])} works.
- * {@link TPM2ProvisionerState#getTPM2ProvisionerState(
- *TPM2ProvisionerStateRepository, byte[])}, null is returned.
+ * Test the {@link Tpm2ProvisionerStateService#getTPM2ProvisionerState(byte[])} function call.
*
- * @throws IOException this will never happen
+ * @throws IOException if any issues any arise while retrieving the TPM Provisioner State
*/
@Test
public final void testGetTPM2ProvisionerStateNominal() throws IOException {
- TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository =
- mock(TPM2ProvisionerStateRepository.class);
+
final int nonceSize = 32;
final int identityClaimSize = 360;
byte[] nonce = new byte[nonceSize];
@@ -118,25 +144,23 @@ public final void testGetTPM2ProvisionerStateNominal() throws IOException {
DataInputStream dis = new DataInputStream(new ByteArrayInputStream(nonce));
Long index = dis.readLong();
dis.close();
- TPM2ProvisionerState value = new TPM2ProvisionerState(nonce, identityClaim);
+
+ final TPM2ProvisionerState value = new TPM2ProvisionerState(nonce, identityClaim);
when(tpm2ProvisionerStateRepository.findByFirstPartOfNonce(index)).thenReturn(value);
- TPM2ProvisionerState tpm2ProvisionerState
- = TPM2ProvisionerState.getTPM2ProvisionerState(tpm2ProvisionerStateRepository, nonce);
+
+ final TPM2ProvisionerState tpm2ProvisionerState = tpm2ProvisionerStateService.getTPM2ProvisionerState(nonce);
assertNotNull(tpm2ProvisionerState);
assertArrayEquals(value.getIdentityClaim(), tpm2ProvisionerState.getIdentityClaim());
}
/**
* Test that if a null is passed as a nonce to
- * {@link TPM2ProvisionerState#getTPM2ProvisionerState(
- *TPM2ProvisionerStateRepository, byte[])}, null is returned.
+ * {@link Tpm2ProvisionerStateService#getTPM2ProvisionerState(byte[])}, null is returned.
*
- * @throws IOException this will never happen
+ * @throws IOException if any issues any arise while retrieving the TPM Provisioner State
*/
@Test
public final void testGetTPM2ProvisionerStateNullNonce() throws IOException {
- TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository =
- mock(TPM2ProvisionerStateRepository.class);
final int nonceSize = 32;
final int identityClaimSize = 360;
byte[] nonce = new byte[nonceSize];
@@ -148,23 +172,21 @@ public final void testGetTPM2ProvisionerStateNullNonce() throws IOException {
DataInputStream dis = new DataInputStream(new ByteArrayInputStream(nonce));
Long index = dis.readLong();
dis.close();
- TPM2ProvisionerState value = new TPM2ProvisionerState(nonce, identityClaim);
+
+ final TPM2ProvisionerState value = new TPM2ProvisionerState(nonce, identityClaim);
when(tpm2ProvisionerStateRepository.findByFirstPartOfNonce(index)).thenReturn(value);
- assertThrows(NullPointerException.class, () ->
- TPM2ProvisionerState.getTPM2ProvisionerState(tpm2ProvisionerStateRepository, null));
+
+ assertThrows(NullPointerException.class, () -> tpm2ProvisionerStateService.getTPM2ProvisionerState(null));
}
/**
* Test that if a nonce that is less than 8 bytes is passed to
- * {@link TPM2ProvisionerState#getTPM2ProvisionerState(
- *TPM2ProvisionerStateRepository, byte[])}, null is returned.
+ * {@link Tpm2ProvisionerStateService#getTPM2ProvisionerState(byte[])}, null is returned.
*
- * @throws IOException this will never happen
+ * @throws IOException if any issues any arise while retrieving the TPM Provisioner State
*/
@Test
public final void testGetTPM2ProvisionerStateNonceTooSmall() throws IOException {
- TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository =
- mock(TPM2ProvisionerStateRepository.class);
final int nonceSize = 32;
final int identityClaimSize = 360;
byte[] nonce = new byte[nonceSize];
@@ -177,14 +199,12 @@ public final void testGetTPM2ProvisionerStateNonceTooSmall() throws IOException
Long index = dis.readLong();
dis.close();
- TPM2ProvisionerState value = new TPM2ProvisionerState(nonce, identityClaim);
+ final int nonce2Size = 7;
+ final TPM2ProvisionerState value = new TPM2ProvisionerState(nonce, identityClaim);
when(tpm2ProvisionerStateRepository.findByFirstPartOfNonce(index)).thenReturn(value);
-
- final int nonce2Size = 7;
- TPM2ProvisionerState tpm2ProvisionerState =
- TPM2ProvisionerState.getTPM2ProvisionerState(tpm2ProvisionerStateRepository,
- new byte[nonce2Size]);
+ final TPM2ProvisionerState tpm2ProvisionerState =
+ tpm2ProvisionerStateService.getTPM2ProvisionerState(new byte[nonce2Size]);
assertNull(tpm2ProvisionerState);
}
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSApplication.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSApplication.java
index 3ab0ebcb3..6d1e61adc 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSApplication.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/HIRSApplication.java
@@ -3,6 +3,9 @@
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+/**
+ * Spring Boot Application starting point for the HIRS application.
+ */
@SuppressWarnings("checkstyle:hideutilityclassconstructor")
@SpringBootApplication
public class HIRSApplication {
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/package-info.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/package-info.java
index d7bdd760c..a69f4481d 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/package-info.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/datatables/package-info.java
@@ -1 +1,8 @@
+/**
+ * Contains Java class representation of DataTable objects used for managing
+ * and rendering tabular data with features like pagination, sorting, and filtering.
+ *
+ *
Classes in this package are used to facilitate communication between the front-end
+ * (DataTable UI) and the back-end logic, ensuring seamless data representation and manipulation.
+ */
package hirs.attestationca.portal.datatables;
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/PageMessages.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/PageMessages.java
index 3559ee00f..eac5929c9 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/PageMessages.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/PageMessages.java
@@ -10,13 +10,23 @@
*/
@Getter
public class PageMessages {
-
+ /**
+ * A list of error messages to be displayed on the page.
+ */
private final List errorMessages = new ArrayList<>();
+
+ /**
+ * A list of success messages to be displayed on the page.
+ */
private final List successMessages = new ArrayList<>();
+
+ /**
+ * A list of informational messages to be displayed on the page.
+ */
private final List infoMessages = new ArrayList<>();
/**
- * Adds an error message.
+ * Adds an error message to the list of error messages.
*
* @param error the error message to add
*/
@@ -25,7 +35,7 @@ public void addErrorMessage(final String error) {
}
/**
- * Adds multiple error messages.
+ * Adds multiple error messages to the list of error messages.
*
* @param multipleErrors list of error messages
*/
@@ -34,7 +44,7 @@ public void addErrorMessages(final List multipleErrors) {
}
/**
- * Adds a success message.
+ * Adds a success message to the list of success messages.
*
* @param success the success message to add
*/
@@ -43,7 +53,7 @@ public void addSuccessMessage(final String success) {
}
/**
- * Adds multiple success messages.
+ * Adds multiple success messages to the list of success messages.
*
* @param multipleSuccessMessages list of success messages to add
*/
@@ -52,7 +62,7 @@ public void addSuccessMessages(final List multipleSuccessMessages) {
}
/**
- * Adds an informational message.
+ * Adds an informational message to the list of info messages.
*
* @param info the informational message to add
*/
@@ -61,11 +71,11 @@ public void addInfoMessage(final String info) {
}
/**
- * Adds multiple informational messages.
+ * Adds multiple informational messages to the list of info messages.
*
* @param multipleInfoMessages list of informational messages to add
*/
public void addInfoMessages(final List multipleInfoMessages) {
- this.errorMessages.addAll(multipleInfoMessages);
+ this.infoMessages.addAll(multipleInfoMessages);
}
}
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java
index 01c99a5cb..a67b16b33 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/DevicePageController.java
@@ -60,8 +60,8 @@ public ModelAndView initPage(final NoPageParams params, final Model model) {
}
/**
- * Processes the request to retrieve a list of devices and device related information for display on the
- * devices page.
+ * Processes the request to retrieve a list of {@link Device} and device related information for display on the
+ * Devices page.
*
* @param dataTableInput data table input.
* @return data table of devices
@@ -117,29 +117,31 @@ public DataTableResponse> getDevicesTableData(
/**
- * Helper method that retrieves a filtered and paginated list of devices based on the provided search criteria.
+ * Helper method that retrieves a filtered and paginated list of {@link Device} objects based on the provided
+ * search criteria.
+ *
>
* The method allows filtering based on a global search term and column-specific search criteria,
* and returns the result in a paginated format.
- *
*
* The method handles four cases:
*
*
If no global search term and no column-specific search criteria are provided,
- * all devices are returned.
+ * all {@link Device} objects are returned.
*
If both a global search term and column-specific search criteria are provided,
- * it performs filtering on both.
- *
If only column-specific search criteria are provided, it filters based on the column-specific
- * criteria.
- *
If only a global search term is provided, it filters based on the global search term.
+ * {@link Device} objects are filtered based on both criteria.
+ *
If only column-specific search criteria are provided, {@link Device} objects
+ * are filtered according to the column-specific criteria.
+ *
If only a global search term is provided, {@link Device} objects
+ * are filtered according to the global search term.
*
*
*
- * @param globalSearchTerm A global search term that will be used to filter the devices by the
+ * @param globalSearchTerm A global search term that will be used to filter the {@link Device} by the
* searchable fields.
* @param columnsWithSearchCriteria A set of columns with specific search criteria entered by the user.
* @param searchableColumnNames A set of searchable column names that are for the global search term.
* @param pageable pageable
- * @return A {@link FilteredRecordsList} containing the filtered and paginated list of devices,
+ * @return A {@link FilteredRecordsList} containing the filtered and paginated list of {@link Device} objects
* along with the total number of records and the number of records matching the filter criteria.
*/
private FilteredRecordsList getFilteredDeviceList(
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/HelpPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/HelpPageController.java
index d42eae63f..2402d231b 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/HelpPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/HelpPageController.java
@@ -123,6 +123,7 @@ public void downloadHIRSLogs(final HttpServletResponse response) throws IOExcept
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
* @return the redirection view
+ * @throws URISyntaxException if any issues arise from redirecting to the Help page.
*/
@PostMapping("/setLogLevel")
public RedirectView setLogLevel(@RequestParam final String loggerName,
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/IDevIdCertificatePageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/IDevIdCertificatePageController.java
index 4f76718c3..0f62408f1 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/IDevIdCertificatePageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/IDevIdCertificatePageController.java
@@ -81,7 +81,8 @@ public ModelAndView initPage(final NoPageParams params, final Model model) {
}
/**
- * Processes the request to retrieve a list of idevid certificates for display on the idevid certificates page.
+ * Processes the request to retrieve a list of {@link IDevIDCertificate} objects for display on the
+ * idevid certificates page.
*
* @param dataTableInput data table input received from the front-end
* @return data table of idevid certificates
@@ -128,9 +129,9 @@ public DataTableResponse getIDevIdCertificatesTableData(
}
/**
- * Processes the request to download the specified IDevId certificate.
+ * Processes the request to download the specified {@link IDevIDCertificate} object.
*
- * @param id the UUID of the idevid certificate to download
+ * @param id the UUID of the {@link IDevIDCertificate} object to download
* @param response the response object (needed to update the header with the
* file name)
* @throws IOException when writing to response output stream
@@ -154,7 +155,7 @@ public void downloadIDevIdCertificate(@RequestParam final String id, final HttpS
}
/**
- * Processes the request to bulk download all the IDevID Certificates.
+ * Processes the request to bulk download all the {@link IDevIDCertificate} objects.
*
* @param response the response object (needed to update the header with the
* file name)
@@ -181,11 +182,11 @@ public void bulkDownloadIDevIdCertificates(final HttpServletResponse response) t
}
/**
- * Processes the request to upload one or more idevid certificates to the ACA.
+ * Processes the request to upload one or more {@link IDevIDCertificate} objects to the ACA.
*
* @param files the files to process
* @param redirectAttributes RedirectAttributes used to forward data back to the original page.
- * @return the redirection view
+ * @return a redirect to the IDevID Certificate Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("/upload")
@@ -218,12 +219,12 @@ protected RedirectView uploadIDevIdCertificate(@RequestParam("file") final Multi
}
/**
- * Processes the request to archive/soft delete the provided idevid certificate.
+ * Processes the request to archive/soft delete the provided {@link IDevIDCertificate} object.
*
- * @param id the UUID of the idevid certificate to delete
+ * @param id the UUID of the {@link IDevIDCertificate} object to delete
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return redirect to this page
+ * @return a redirect to the IDevID Certificate Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("/delete")
@@ -255,9 +256,9 @@ public RedirectView deleteIdevIdCertificate(@RequestParam final String id,
}
/**
- * Processes the request to delete multiple idevid certificates.
+ * Processes the request to delete multiple {@link IDevIDCertificate} objects.
*
- * @param ids the list of UUIDs of the idevid certificates to be deleted
+ * @param ids the list of UUIDs of the {@link IDevIDCertificate} objects to be deleted
* @param redirectAttributes used to pass data back to the original page after the operation
* @return a redirect to the IDevId certificate page
* @throws URISyntaxException if the URI is malformed
@@ -290,8 +291,9 @@ public RedirectView bulkDeleteIDevIdCertificates(@RequestParam final List
* The method allows filtering based on a global search term and column-specific search criteria,
* and returns the result in a paginated format.
*
@@ -299,22 +301,23 @@ public RedirectView bulkDeleteIDevIdCertificates(@RequestParam final List
*
If no global search term and no column-specific search criteria are provided,
- * all idevid certificates are returned.
+ * all {@link IDevIDCertificate} objects are returned.
*
If both a global search term and column-specific search criteria are provided,
- * it performs filtering on both.
- *
If only column-specific search criteria are provided, it filters based on the column-specific
- * criteria.
- *
If only a global search term is provided, it filters based on the global search term.
+ * {@link IDevIDCertificate} objects are filtered based on both criteria.
+ *
If only column-specific search criteria are provided, {@link IDevIDCertificate} objects
+ * are filtered according to the column-specific criteria.
+ *
If only a global search term is provided, {@link IDevIDCertificate} objects
+ * are filtered according to the global search term.
*
*
*
- * @param globalSearchTerm A global search term that will be used to filter the idevid certificates
- * by the searchable fields.
+ * @param globalSearchTerm A global search term that will be used to filter the
+ * {@link IDevIDCertificate} objects by the searchable fields.
* @param columnsWithSearchCriteria A set of columns with specific search criteria entered by the user.
* @param searchableColumnNames A set of searchable column names that are for the global search term.
* @param pageable pageable
* @return A {@link FilteredRecordsList} containing the filtered and paginated list of
- * idevid certificates, along with the total number of records and the number of records matching the
+ * {@link IDevIDCertificate} objects, along with the total number of records and the number of records matching the
* filter criteria.
*/
private FilteredRecordsList getFilteredIDevIdCertificateList(
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/IssuedCertificatePageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/IssuedCertificatePageController.java
index 17d3c7132..50ebe3096 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/IssuedCertificatePageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/IssuedCertificatePageController.java
@@ -49,11 +49,11 @@
@RequestMapping("/HIRS_AttestationCAPortal/portal/certificate-request/issued-certificates")
@Log4j2
public class IssuedCertificatePageController extends PageController {
- private final IssuedCertificatePageService issuedAttestationCertificateService;
+ private final IssuedCertificatePageService issuedCertificatePageService;
private final CertificatePageService certificatePageService;
/**
- * Constructor for the Issued Attestation Certificate page.
+ * Constructor for the Issued Certificate page.
*
* @param issuedCertificatePageService issued certificate page service
* @param certificatePageService certificate page service
@@ -63,17 +63,17 @@ public IssuedCertificatePageController(
final IssuedCertificatePageService issuedCertificatePageService,
final CertificatePageService certificatePageService) {
super(Page.ISSUED_CERTIFICATES);
- this.issuedAttestationCertificateService = issuedCertificatePageService;
+ this.issuedCertificatePageService = issuedCertificatePageService;
this.certificatePageService = certificatePageService;
}
/**
- * Returns the path for the view and the data model for the Issued Attestation Certificate page.
+ * Returns the path for the view and the data model for the Issued Certificate page.
*
* @param params The object to map url parameters into.
* @param model The data model for the request. Can contain data from
* redirect.
- * @return the path for the view and data model for the Issued Attestation Certificate page.
+ * @return the path for the view and data model for the Issued Certificate page.
*/
@RequestMapping
public ModelAndView initPage(final NoPageParams params, final Model model) {
@@ -81,8 +81,8 @@ public ModelAndView initPage(final NoPageParams params, final Model model) {
}
/**
- * Processes the request to retrieve a list of issued attestation certificates for display on the issued
- * certificates page.
+ * Processes the request to retrieve a list of {@link IssuedAttestationCertificate} objects for display on the
+ * issued certificates page.
*
* @param dataTableInput data table input received from the front-end
* @return data table of issued certificates
@@ -91,8 +91,8 @@ public ModelAndView initPage(final NoPageParams params, final Model model) {
@GetMapping(value = "/list", produces = MediaType.APPLICATION_JSON_VALUE)
public DataTableResponse getIssuedCertificatesTableData(
final DataTableInput dataTableInput) {
- log.info("Received request to display list of issued attestation certificates");
- log.debug("Request received a datatable input object for the issued attestation"
+ log.info("Received request to display list of issued certificates");
+ log.debug("Request received a datatable input object for the issued"
+ " certificate page: {}", dataTableInput);
// grab the column to which ordering has been applied
@@ -130,9 +130,9 @@ public DataTableResponse getIssuedCertificatesTabl
}
/**
- * Processes the request to download the specified issued attestation certificate.
+ * Processes the request to download the specified {@link IssuedAttestationCertificate} object.
*
- * @param id the UUID of the issued attestation certificate to download
+ * @param id the UUID of the {@link IssuedAttestationCertificate} object to download
* @param response the response object (needed to update the header with the
* file name)
* @throws IOException when writing to response output stream
@@ -150,13 +150,13 @@ public void downloadIssuedCertificate(@RequestParam final String id, final HttpS
response.getOutputStream().write(downloadFile.getFileBytes());
} catch (Exception exception) {
log.error("An exception was thrown while attempting to download the"
- + " specified issued attestation certificate", exception);
+ + " specified issued certificate", exception);
response.sendError(HttpServletResponse.SC_NOT_FOUND);
}
}
/**
- * Processes the request to bulk download all the issued attestation certificates.
+ * Processes the request to bulk download all the {@link IssuedAttestationCertificate} objects.
*
* @param response the response object (needed to update the header with the
* file name)
@@ -178,25 +178,25 @@ public void bulkDownloadIssuedCertificates(final HttpServletResponse response)
singleFileName);
} catch (Exception exception) {
log.error("An exception was thrown while attempting to bulk download all the "
- + "issued attestation certificates", exception);
+ + "issued certificates", exception);
response.sendError(HttpServletResponse.SC_NOT_FOUND);
}
}
/**
- * Processes the request to archive/soft delete the specified issued attestation certificate.
+ * Processes the request to archive/soft delete the specified {@link IssuedAttestationCertificate} object.
*
- * @param id the UUID of the issued attestation certificate to delete
+ * @param id the UUID of the {@link IssuedAttestationCertificate} object to delete
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return redirect to this page
+ * @return a redirect to the Issued Certificate Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("/delete")
public RedirectView deleteIssuedCertificate(@RequestParam final String id,
final RedirectAttributes redirectAttributes)
throws URISyntaxException {
- log.info("Received request to delete issued attestation certificate id {}", id);
+ log.info("Received request to delete issued certificate id {}", id);
Map model = new HashMap<>();
PageMessages messages = new PageMessages();
@@ -210,7 +210,7 @@ public RedirectView deleteIssuedCertificate(@RequestParam final String id,
messages.addErrorMessages(errorMessages);
} catch (Exception exception) {
final String errorMessage = "An exception was thrown while attempting to delete"
- + " the specified issued attestation certificate";
+ + " the specified issued certificate";
messages.addErrorMessage(errorMessage);
log.error(errorMessage, exception);
}
@@ -220,18 +220,18 @@ public RedirectView deleteIssuedCertificate(@RequestParam final String id,
}
/**
- * Processes the request to delete multiple issued attestation certificates.
+ * Processes the request to delete multiple {@link IssuedAttestationCertificate} objects.
*
- * @param ids the list of UUIDs of the issued attestation certificates to be deleted
+ * @param ids the list of UUIDs of the {@link IssuedAttestationCertificate} objects to be deleted
* @param redirectAttributes used to pass data back to the original page after the operation
- * @return a redirect to the issued attestation certificate page
+ * @return a redirect to the Issued Certificate Page
* @throws URISyntaxException if the URI is malformed
*/
@PostMapping("/bulk-delete")
public RedirectView bulkDeleteIssuedCertificates(@RequestParam final List ids,
final RedirectAttributes redirectAttributes)
throws URISyntaxException {
- log.info("Received request to delete multiple issued attestation certificates");
+ log.info("Received request to delete multiple issued certificates");
Map model = new HashMap<>();
PageMessages messages = new PageMessages();
@@ -245,7 +245,7 @@ public RedirectView bulkDeleteIssuedCertificates(@RequestParam final List
*
If no global search term and no column-specific search criteria are provided,
- * all issued certificates are returned.
+ * all {@link IssuedAttestationCertificate} objects are returned.
*
If both a global search term and column-specific search criteria are provided,
- * it performs filtering on both.
- *
If only column-specific search criteria are provided, it filters based on the column-specific
- * criteria.
- *
If only a global search term is provided, it filters based on the global search term.
+ * {@link IssuedAttestationCertificate} objects are filtered based on both criteria.
+ *
If only column-specific search criteria are provided, {@link IssuedAttestationCertificate} objects
+ * are filtered according to the column-specific criteria.
+ *
If only a global search term is provided, {@link IssuedAttestationCertificate} objects
+ * are filtered according to the global search term.
*
*
*
- * @param globalSearchTerm A global search term that will be used to filter the issued certificates
- * by the searchable fields.
+ * @param globalSearchTerm A global search term that will be used to filter the
+ * {@link IssuedAttestationCertificate} objects by the searchable fields.
* @param columnsWithSearchCriteria A set of columns with specific search criteria entered by the user.
* @param searchableColumnNames A set of searchable column names that are for the global search term.
* @param pageable pageable
* @return A {@link FilteredRecordsList} containing the filtered and paginated list of
- * issued certificates, along with the total number of records and the number of records matching the
- * filter criteria.
+ * {@link IssuedAttestationCertificate} objects, along with the total number of records and the number of records
+ * matching the filter criteria.
*/
private FilteredRecordsList getFilteredIssuedCertificateList(
final String globalSearchTerm,
@@ -292,7 +293,7 @@ private FilteredRecordsList getFilteredIssuedCerti
// if no value has been entered in the global search textbox and in the column search dropdown
if (StringUtils.isBlank(globalSearchTerm) && columnsWithSearchCriteria.isEmpty()) {
pagedResult =
- issuedAttestationCertificateService.findIssuedCertificatesByArchiveFlag(false, pageable);
+ issuedCertificatePageService.findIssuedCertificatesByArchiveFlag(false, pageable);
} else if (!StringUtils.isBlank(globalSearchTerm) && !columnsWithSearchCriteria.isEmpty()) {
// if a value has been entered in both the global search textbox and in the column search dropdown
pagedResult =
@@ -330,7 +331,7 @@ private FilteredRecordsList getFilteredIssuedCerti
issuedCertificateFilteredRecordsList.setRecordsFiltered(pagedResult.getTotalElements());
issuedCertificateFilteredRecordsList.setRecordsTotal(
- issuedAttestationCertificateService.findIssuedCertificateRepoCount());
+ issuedCertificatePageService.findIssuedCertificateRepoCount());
return issuedCertificateFilteredRecordsList;
}
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/PolicyPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/PolicyPageController.java
index 3478647ce..e835c3dd7 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/PolicyPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/PolicyPageController.java
@@ -77,7 +77,7 @@ public ModelAndView initPage(final NoPageParams params, final Model model) {
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-ec-validation")
@@ -124,7 +124,7 @@ public RedirectView updateECValidationPolicy(@ModelAttribute final PolicyPageMod
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-pc-validation")
@@ -170,7 +170,7 @@ public RedirectView updatePCValidationPolicy(@ModelAttribute final PolicyPageMod
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-pc-attribute-validation")
@@ -220,7 +220,7 @@ public RedirectView updatePCAttributeValPolicy(@ModelAttribute final PolicyPageM
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-revision-ignore")
@@ -269,7 +269,7 @@ public RedirectView updateIgnoreRevisionAttributePolicy(@ModelAttribute final Po
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-pcie-vpd-ignore")
@@ -317,7 +317,7 @@ public RedirectView updateIgnorePCIEVpdAttributePolicy(@ModelAttribute final Pol
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-firmware-validation")
@@ -364,7 +364,7 @@ public RedirectView updateFirmwareValidationPolicy(@ModelAttribute final PolicyP
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-ima-ignore")
@@ -410,7 +410,7 @@ public RedirectView updateIgnoreImaPolicy(@ModelAttribute final PolicyPageModel
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-tboot-ignore")
@@ -457,7 +457,7 @@ public RedirectView updateIgnoreTbootPolicy(@ModelAttribute final PolicyPageMode
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-gpt-ignore")
@@ -503,7 +503,7 @@ public RedirectView updateIgnoreGptEventsPolicy(@ModelAttribute final PolicyPage
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-os-events-ignore")
@@ -548,7 +548,7 @@ public RedirectView updateIgnoreOsEventsPolicy(@ModelAttribute final PolicyPageM
*
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the Policy Settings page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-issued-attestation-generation")
@@ -585,7 +585,7 @@ public RedirectView updateAttestationCertGenerationPolicy(@ModelAttribute final
*
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the Policy Settings page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-attestation-certificate-expiration")
@@ -637,7 +637,7 @@ public RedirectView updateAttestationCertExpirationPolicy(@ModelAttribute final
*
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the Policy Settings page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-issued-cert-threshold")
@@ -688,7 +688,7 @@ public RedirectView updateAttestationCertThresholdPolicy(@ModelAttribute final P
*
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the Policy Settings page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-issued-ldevid-generation")
@@ -726,7 +726,7 @@ public RedirectView updateLDevIdGenerationPolicy(@ModelAttribute final PolicyPag
*
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the Policy Settings page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-ldevid-certificate-expiration")
@@ -778,7 +778,7 @@ public RedirectView updateLDevIDCertExpirationPolicy(@ModelAttribute final Polic
*
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the Policy Settings page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-ldevid-threshold")
@@ -830,7 +830,7 @@ public RedirectView updateLDevIDThresholdValPolicy(@ModelAttribute final PolicyP
* @param ppModel The data posted by the form mapped into an object.
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return View containing the url and parameters
+ * @return a redirect to the Policy Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("update-save-protobuf-data-to-log")
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java
index e9d6b60cd..3a2c0d11b 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java
@@ -83,10 +83,10 @@ public ModelAndView initPage(final NoPageParams params, final Model model) {
}
/**
- * Processes the request to retrieve a list of RIMs for display on the RIM page.
+ * Processes the request to retrieve a list of {@link ReferenceManifest} objects for display on the RIM page.
*
* @param dataTableInput data table input
- * @return data table of RIMs
+ * @return data table of {@link ReferenceManifest} objects
*/
@ResponseBody
@GetMapping(value = "/list", produces = MediaType.APPLICATION_JSON_VALUE)
@@ -129,11 +129,11 @@ public DataTableResponse getRIMTableData(@Valid final DataTab
}
/**
- * Processes the request to upload one or more reference manifest(s) to the ACA.
+ * Processes the request to upload one or more {@link ReferenceManifest} objects to the ACA.
*
* @param files the files to process
* @param redirectAttributes RedirectAttributes used to forward data back to the original page.
- * @return the redirection view
+ * @return a redirect to the Reference Manifest Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("/upload")
@@ -193,9 +193,9 @@ protected RedirectView uploadRIMs(@RequestParam("file") final MultipartFile[] fi
}
/**
- * Processes the request to download the RIM .
+ * Processes the request to download the {@link ReferenceManifest} object.
*
- * @param id the UUID of the rim to download
+ * @param id the UUID of the {@link ReferenceManifest} object to download
* @param response the response object (needed to update the header with the
* file name)
* @throws java.io.IOException when writing to response output stream
@@ -219,7 +219,7 @@ public void downloadRIM(@RequestParam final String id, final HttpServletResponse
}
/**
- * Processes the request to bulk download RIMs .
+ * Processes the request to bulk download {@link ReferenceManifest} objects.
*
* @param response the response object (needed to update the header with the
* file name)
@@ -243,12 +243,12 @@ public void bulkDownloadRIMs(final HttpServletResponse response) throws IOExcept
}
/**
- * Processes the request to archive/soft delete the provided Reference Integrity Manifest.
+ * Processes the request to archive/soft delete the provided {@link ReferenceManifest} object.
*
- * @param id the UUID of the rim to delete
+ * @param id the UUID of the {@link ReferenceManifest} object to delete
* @param redirectAttributes RedirectAttributes used to forward data back to the original
* page.
- * @return redirect to this page
+ * @return a redirect to the Reference Manifest Page
* @throws URISyntaxException if malformed URI
*/
@PostMapping("/delete")
@@ -278,11 +278,11 @@ public RedirectView deleteRIM(@RequestParam final String id, final RedirectAttri
}
/**
- * Processes the request to delete multiple RIMs.
+ * Processes the request to delete multiple {@link ReferenceManifest} objects.
*
- * @param ids the list of UUIDs of the RIMs to be deleted
+ * @param ids the list of UUIDs of the {@link ReferenceManifest} objects to be deleted
* @param redirectAttributes used to pass data back to the original page after the operation
- * @return a redirect to the trust chain certificate page
+ * @return a redirect to the reference manifest page
* @throws URISyntaxException if the URI is malformed
*/
@PostMapping("/bulk-delete")
@@ -313,7 +313,7 @@ public RedirectView bulkDeleteRIMs(@RequestParam final List ids,
}
/**
- * Helper method that retrieves a filtered and paginated list of reference manifests based on the
+ * Helper method that retrieves a filtered and paginated list of {@link ReferenceManifest} objects based on the
* provided search criteria.
* The method allows filtering based on a global search term and column-specific search criteria,
* and returns the result in a paginated format.
@@ -322,22 +322,23 @@ public RedirectView bulkDeleteRIMs(@RequestParam final List ids,
* The method handles four cases:
*
*
If no global search term and no column-specific search criteria are provided,
- * all reference manifests are returned.
+ * all {@link ReferenceManifest} objects are returned.
*
If both a global search term and column-specific search criteria are provided,
- * it performs filtering on both.
- *
If only column-specific search criteria are provided, it filters based on the column-specific
- * criteria.
- *
If only a global search term is provided, it filters based on the global search term.
+ * {@link ReferenceManifest} objects are filtered based on both criteria.
+ *
If only column-specific search criteria are provided, {@link ReferenceManifest} objects
+ * are filtered according to the column-specific criteria.
+ *
If only a global search term is provided, {@link ReferenceManifest} objects
+ * are filtered according to the global search term.
*
*
*
- * @param globalSearchTerm A global search term that will be used to filter the endorsement
- * credentials by the searchable fields.
+ * @param globalSearchTerm A global search term that will be used to filter the {@link ReferenceManifest}
+ * objects by the searchable fields.
* @param columnsWithSearchCriteria A set of columns with specific search criteria entered by the user.
* @param searchableColumnNames A set of searchable column names that are for the global search term.
* @param pageable pageable
* @return A {@link FilteredRecordsList} containing the filtered and paginated list of
- * reference manifests, along with the total number of records and the number of records matching the
+ * {@link ReferenceManifest} objects, along with the total number of records and the number of records matching the
* filter criteria.
*/
private FilteredRecordsList getFilteredReferenceManifestList(
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/RimDatabasePageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/RimDatabasePageController.java
index eba1dcaf7..95a713c59 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/RimDatabasePageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/RimDatabasePageController.java
@@ -28,7 +28,7 @@
import java.util.Set;
/**
- * Controller for the TPM Events page.
+ * Controller for the RIM Database page.
*/
@Controller
@RequestMapping("/HIRS_AttestationCAPortal/portal/rim-database")
@@ -61,8 +61,8 @@ public ModelAndView initPage(final NoPageParams params, final Model model) {
}
/**
- * Processes the request to retrieve a list of reference digest values for display
- * on the rim database page.
+ * Processes the request to retrieve a list of {@link ReferenceDigestValue} objects for display
+ * on the RIM Database page.
*
* @param dataTableInput the data tables input
* @return the data tables response, including the result set and paging
@@ -125,8 +125,9 @@ public DataTableResponse getRDVTableData(
}
/**
- * Helper method that retrieves a filtered and paginated list of reference digest values based on the
- * provided search criteria.
+ * Helper method that retrieves a filtered and paginated list of {@link ReferenceDigestValue} objects based on
+ * the provided search criteria.
+ *
* The method allows filtering based on a global search term and column-specific search criteria,
* and returns the result in a paginated format.
*
@@ -134,23 +135,24 @@ public DataTableResponse getRDVTableData(
* The method handles four cases:
*
*
If no global search term and no column-specific search criteria are provided,
- * all reference digest values are returned.
+ * all {@link ReferenceDigestValue} objects are returned.
*
If both a global search term and column-specific search criteria are provided,
- * it performs filtering on both.
- *
If only column-specific search criteria are provided, it filters based on the column-specific
- * criteria.
- *
If only a global search term is provided, it filters based on the global search term.
+ * {@link ReferenceDigestValue} objects are filtered based on both criteria.
+ *
If only column-specific search criteria are provided, {@link ReferenceDigestValue} objects
+ * are filtered according to the column-specific criteria.
+ *
If only a global search term is provided, {@link ReferenceDigestValue} objects
+ * are filtered according to the global search term.
*
*
*
- * @param globalSearchTerm A global search term that will be used to filter the endorsement
- * credentials by the searchable fields.
+ * @param globalSearchTerm A global search term that will be used to filter the
+ * {@link ReferenceDigestValue} objects by the searchable fields.
* @param columnsWithSearchCriteria A set of columns with specific search criteria entered by the user.
* @param searchableColumnNames A set of searchable column names that are for the global search term.
* @param pageable pageable
* @return A {@link FilteredRecordsList} containing the filtered and paginated list of
- * reference digest values , along with the total number of records and the number of records matching the
- * filter criteria.
+ * {@link ReferenceDigestValue} objects , along with the total number of records and the number of records
+ * matching the filter criteria.
*/
private FilteredRecordsList getFilteredRDVList(
final String globalSearchTerm,
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
index 538f3c8c8..c7a3e5a41 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
@@ -115,6 +115,7 @@ public DataTableResponse getValidationReportsTable
*
* @param request http request
* @param response http response
+ * @throws IOException if any issues arise from downloading the validation report.
*/
@PostMapping("/download")
public void downloadValidationReports(final HttpServletRequest request,
@@ -125,8 +126,9 @@ public void downloadValidationReports(final HttpServletRequest request,
}
/**
- * Helper method that retrieves a filtered and paginated list of endorsement credentials based on the
- * provided search criteria.
+ * Helper method that retrieves a filtered and paginated list of {@link SupplyChainValidationSummary} objects
+ * based on the provided search criteria.
+ *
* The method allows filtering based on a global search term and column-specific search criteria,
* and returns the result in a paginated format.
*
@@ -134,23 +136,24 @@ public void downloadValidationReports(final HttpServletRequest request,
* The method handles four cases:
*
*
If no global search term and no column-specific search criteria are provided,
- * all endorsement credentials are returned.
+ * all {@link SupplyChainValidationSummary} objects are returned.
*
If both a global search term and column-specific search criteria are provided,
- * it performs filtering on both.
- *
If only column-specific search criteria are provided, it filters based on the column-specific
- * criteria.
- *
If only a global search term is provided, it filters based on the global search term.
+ * {@link SupplyChainValidationSummary} objects are filtered based on both criteria.
+ *
If only column-specific search criteria are provided, {@link SupplyChainValidationSummary} objects
+ * are filtered according to the column-specific criteria.
+ *
If only a global search term is provided, {@link SupplyChainValidationSummary} objects
+ * are filtered according to the global search term.
*
*
*
- * @param globalSearchTerm A global search term that will be used to filter the endorsement
- * credentials by the searchable fields.
+ * @param globalSearchTerm A global search term that will be used to filter the
+ * {@link SupplyChainValidationSummary} objects by the searchable fields.
* @param columnsWithSearchCriteria A set of columns with specific search criteria entered by the user.
* @param searchableColumnNames A set of searchable column names that are for the global search term.
* @param pageable pageable
* @return A {@link FilteredRecordsList} containing the filtered and paginated list of
- * endorsement credentials, along with the total number of records and the number of records matching the
- * filter criteria.
+ * {@link SupplyChainValidationSummary} objects, along with the total number of records and the number of records
+ * matching the filter criteria.
*/
private FilteredRecordsList getFilteredValidationSummaryList(
final String globalSearchTerm,
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/package-info.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/package-info.java
index f64398906..ad279692a 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/package-info.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/package-info.java
@@ -1 +1,7 @@
+/**
+ * Contains all the classes and resources required to support the HIRS Attestation Portal's
+ * REST controllers. The components in this package are responsible for
+ * routing incoming requests to the appropriate controllers, processing the requests, and
+ * returning the necessary responses.
+ */
package hirs.attestationca.portal.page.controllers;
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/package-info.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/package-info.java
index 5b9018e21..e0b0c23ed 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/package-info.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains classes and utilities for managing page-related functionality.
+ */
package hirs.attestationca.portal.page;
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/params/package-info.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/params/package-info.java
index 6721ad964..dcf0bd642 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/params/package-info.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/params/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains the files that hold the parameters used on the Details pages.
+ */
package hirs.attestationca.portal.page.params;
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java
index 27227934c..cda87012f 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/CertificateStringMapBuilder.java
@@ -140,7 +140,8 @@ public static HashMap getGeneralCertificateInfo(
if (publicKey != null) {
String keySizeStr;
if (publicKey instanceof ECPublicKey ecKey) {
- keySizeStr = Integer.toString(ecKey.getParams().getCurve().getField().getFieldSize());
+ keySizeStr =
+ Integer.toString(ecKey.getParams().getCurve().getField().getFieldSize());
} else {
keySizeStr = String.valueOf(certificate.getPublicKeySize());
}
@@ -389,7 +390,8 @@ public static HashMap getEndorsementInformation(
try {
certificate.parseCertificate();
} catch (IOException e) {
- throw new RuntimeException("Failed to re-parse Endorsement Credential for details display", e);
+ throw new RuntimeException("Failed to re-parse Endorsement Credential for details display",
+ e);
}
// Add hashmap with TPM information if available
if (certificate.getTpmSpecification() != null) {
diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/package-info.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/package-info.java
index 442ddcc8e..a42b4bd69 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/package-info.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/utils/package-info.java
@@ -1 +1,7 @@
+/**
+ * Contains utility classes and methods for supporting the REST controller and frontend construction.
+ * This package includes functionality for common operations like data formatting, request handling,
+ * response building, and any other helper functions needed for seamless integration between
+ * the backend and frontend.
+ */
package hirs.attestationca.portal.page.utils;
diff --git a/HIRS_Utils/src/main/java/hirs/utils/PciIds.java b/HIRS_Utils/src/main/java/hirs/utils/PciIds.java
index e55e94581..cd429fb89 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/PciIds.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/PciIds.java
@@ -226,7 +226,7 @@ public static String translateDevice(final String refManufacturer,
* . Class: "01"
* . Subclass: "08"
* . Programming Interface: "02"
- * @return List 3-element list with the class code
+ * @return 3-element string list with the class code
* . 1st element: human-readable description of Class
* . 2nd element: human-readable description of Subclass
* . 3rd element: human-readable description of Programming Interface
diff --git a/HIRS_Utils/src/main/java/hirs/utils/digest/AbstractDigest.java b/HIRS_Utils/src/main/java/hirs/utils/digest/AbstractDigest.java
index 763ba8f64..6be803b93 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/digest/AbstractDigest.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/digest/AbstractDigest.java
@@ -15,31 +15,37 @@
*
* Two classes were made to facilitate persisting them with Hibernate in different ways.
* To persist non-nullable entries in an embedded collection, use {@link hirs.utils.digest.Digest} (see
- * {@link TPMBaseline} for reference.) To persist nullable entries,
- * use {@link hirs.utils.digest.OptionalDigest} (see {@link ImaBlacklistRecord} for reference.)
+ * TPMBaseline for reference.) To persist nullable entries,
+ * use {@link hirs.utils.digest.OptionalDigest} (see ImaBlacklistRecord for reference.)
*/
@Log4j2
public abstract class AbstractDigest {
+
/**
* Length of MD2 digest.
*/
public static final int MD2_DIGEST_LENGTH = 16;
+
/**
* Length of MD5 digest.
*/
public static final int MD5_DIGEST_LENGTH = 16;
+
/**
* Length of SHA1 digest.
*/
public static final int SHA1_DIGEST_LENGTH = 20;
+
/**
* Length of SHA256 digest.
*/
public static final int SHA256_DIGEST_LENGTH = 32;
+
/**
* Length of SHA384 digest.
*/
public static final int SHA384_DIGEST_LENGTH = 48;
+
/**
* Length of SHA512 digest.
*/
@@ -52,25 +58,19 @@ public abstract class AbstractDigest {
* @param digest list of pcr values.
* @return the associated algorithm.
*/
- public static final DigestAlgorithm getDigestAlgorithm(final byte[] digest) {
+ public static DigestAlgorithm getDigestAlgorithm(final byte[] digest) {
if (digest == null || ArrayUtils.isEmpty(digest)) {
return DigestAlgorithm.UNSPECIFIED;
}
- switch (digest.length) {
- case MD2_DIGEST_LENGTH:
- return DigestAlgorithm.MD5;
- case SHA1_DIGEST_LENGTH:
- return DigestAlgorithm.SHA1;
- case SHA256_DIGEST_LENGTH:
- return DigestAlgorithm.SHA256;
- case SHA384_DIGEST_LENGTH:
- return DigestAlgorithm.SHA384;
- case SHA512_DIGEST_LENGTH:
- return DigestAlgorithm.SHA512;
- default:
- return DigestAlgorithm.UNSPECIFIED;
- }
+ return switch (digest.length) {
+ case MD2_DIGEST_LENGTH -> DigestAlgorithm.MD5;
+ case SHA1_DIGEST_LENGTH -> DigestAlgorithm.SHA1;
+ case SHA256_DIGEST_LENGTH -> DigestAlgorithm.SHA256;
+ case SHA384_DIGEST_LENGTH -> DigestAlgorithm.SHA384;
+ case SHA512_DIGEST_LENGTH -> DigestAlgorithm.SHA512;
+ default -> DigestAlgorithm.UNSPECIFIED;
+ };
}
/**
@@ -80,7 +80,7 @@ public static final DigestAlgorithm getDigestAlgorithm(final byte[] digest) {
* @param digest list of pcr values.
* @return the associated algorithm.
*/
- public static final DigestAlgorithm getDigestAlgorithm(final String digest) {
+ public static DigestAlgorithm getDigestAlgorithm(final String digest) {
try {
return getDigestAlgorithm(Hex.decodeHex(digest.toCharArray()));
} catch (Exception deEx) {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/digest/package-info.java b/HIRS_Utils/src/main/java/hirs/utils/digest/package-info.java
index 2d2e9eca2..252552b44 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/digest/package-info.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/digest/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains all classes and supporting files that represent the digest event.
+ */
package hirs.utils.digest;
diff --git a/HIRS_Utils/src/main/java/hirs/utils/enums/DeviceInfoEnums.java b/HIRS_Utils/src/main/java/hirs/utils/enums/DeviceInfoEnums.java
index 418fb0594..7c2f058d9 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/enums/DeviceInfoEnums.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/enums/DeviceInfoEnums.java
@@ -1,19 +1,25 @@
package hirs.utils.enums;
+/**
+ * Enum values that are used for the embedded info objects.
+ */
public final class DeviceInfoEnums {
/**
* A variable used to describe unavailable hardware, firmware, or OS info.
*/
public static final String NOT_SPECIFIED = "Not Specified";
+
/**
* Constant variable representing the various Short sized strings.
*/
public static final int SHORT_STRING_LENGTH = 32;
+
/**
* Constant variable representing the various Medium sized strings.
*/
public static final int MED_STRING_LENGTH = 64;
+
/**
* Constant variable representing the various Long sized strings.
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/enums/package-info.java b/HIRS_Utils/src/main/java/hirs/utils/enums/package-info.java
index 3ff5c9ba5..b21dcf0d9 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/enums/package-info.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/enums/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains all the generic enums that are used throughout the HIRS UTILS module.
+ */
package hirs.utils.enums;
diff --git a/HIRS_Utils/src/main/java/hirs/utils/package-info.java b/HIRS_Utils/src/main/java/hirs/utils/package-info.java
index 361ebc748..9b9ea208d 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/package-info.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/package-info.java
@@ -1 +1,5 @@
+/**
+ * Contains all the utility classes, enums and other supporting files that are used to support HIRS
+ * application.
+ */
package hirs.utils;
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/GenericRim.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/GenericRim.java
index 3eb634e0c..0e0886fc5 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/GenericRim.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/GenericRim.java
@@ -14,12 +14,12 @@
*
SIGTYPE_COSE: IETF RFC 9052 defined CBOR Signatures
* (https://datatracker.ietf.org/doc/html/rfc9052)
*
SIGTYPE_DSIG: W3C Defined Signatures for XML (https://www.w3.org/TR/xmldsig-core1/)
- *
+ *
*
Unsigned RIM Types used for PC
*
*
RIMTYPE_PCRIM: TCG Defined PC Client RIM which uses SWID
*
RIMTYPE_COMP_SWID: TCG Component-RIM which uses SWID
- *
+ *
*
Unsigned RIM Types used for PC Components
*
*
RIMTYPE_COSWID: IETF RFC 9393 defined CoSWID (Concise SWID) tags
@@ -27,7 +27,6 @@
*
RIMTYPE_CORIM_COMID: IETF CoRIM (Concise RIM) which envelopes a comid
*
RIMTYPE_CORIM_COSWID: IETF CoRIM which envelopes a CoSWID
*
- *
*/
public interface GenericRim {
@@ -137,7 +136,7 @@ static String getSigType(final String rimType) {
/**
* Returns a list of Measurement objects for given RIM identifier that were found in payload (if any).
*
- * @return List that holds the reference measurements
+ * @return list of reference measurements
*/
List getReferenceMeasurements();
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCorim/CoRimDigest.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCorim/CoRimDigest.java
index bc41ce061..b58dd0156 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCorim/CoRimDigest.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCorim/CoRimDigest.java
@@ -1,26 +1,26 @@
package hirs.utils.rim.unsignedRim.cbor.ietfCorim;
-import java.util.ArrayList;
-import java.util.List;
-
import com.authlete.cbor.CBORByteArray;
import com.authlete.cbor.CBORInteger;
import com.authlete.cbor.CBORItem;
import com.authlete.cbor.CBORItemList;
-
import lombok.Getter;
import lombok.Setter;
+import java.util.ArrayList;
+import java.util.List;
+
/**
* Represents a {@code digest} containing hash information relevant to CoMID
* measurements. See Section 7.7 of the IETF CoRIM specification.
*
* Note that this is conceptually the same as
- * {@link hirs.rim.unsignedRim.cbor.ietfCorim.comid.ComidDigest}, though this
+ * {@link hirs.utils.rim.unsignedRim.cbor.ietfCorim.comid.ComidDigest}, though this
* class is used exclusively for CoRIM CBOR building.
*/
public class CoRimDigest {
- @Getter @Setter
+ @Getter
+ @Setter
private int alg;
private byte[] val;
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/Coswid.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/Coswid.java
index 667df11cf..a50afc5af 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/Coswid.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/Coswid.java
@@ -15,16 +15,25 @@
* Class that holds CoSWID (rfc 9393) Defined attributes, attribute names, and assigned indexes.
* All variable names match those defined in rfc 9393.
*/
-@Setter @Getter
+@Setter
+@Getter
public class Coswid extends Swid implements GenericRim {
- /** Reference to the primary CoSWID JsonNode object. */
+ /**
+ * IANA CBOR registry define Coswid Tag.
+ */
+ @Setter
+ public static int coswidTag = 1398229316;
+ /**
+ * Reference to the primary CoSWID JsonNode object.
+ */
protected JsonNode rootNode = null;
- /** Reference to a Payload JsonNode object. */
- protected JsonNode payloadNode = null;
// CoSWID defined attributes (not Sets or Arrays) found in rfc 9393
// ------------------------------------
-
+ /**
+ * Reference to a Payload JsonNode object.
+ */
+ protected JsonNode payloadNode = null;
// concise-swid-tag map
protected String tagId = null;
protected String softwareName = null;
@@ -36,27 +45,22 @@ public class Coswid extends Swid implements GenericRim {
protected String softwareVersion = null;
protected String softwareScheme = null; // versionScheme
- // global-attributes group
- protected String lang = null;
-
// resource-collection group
// (reserved for future values)
-
+ // global-attributes group
+ protected String lang = null;
// entity-entry map
protected String entityName = null;
protected String regId = null;
protected List roleCoswid = new ArrayList<>();
protected String thumbprint = null;
-
// evidence-entry map
protected String date = null;
protected String deviceId = null;
-
// link-entry map
protected String ownership = null;
protected String mediaType = null;
protected String use = null;
-
// software-meta-entry map
protected String activationStatus = null;
protected String channelType = null;
@@ -71,15 +75,13 @@ public class Coswid extends Swid implements GenericRim {
protected String revision = null;
protected String summary = null;
protected String unspscCode = null;
- protected String unspscVersion = null;
// End CoSWID defined attributes
// -----------------------------------------------------------------------
-
+ protected String unspscVersion = null;
// Payload (including measurement) data
protected String nonpayloadPrintOneline = null;
protected String nonpayloadPrintPretty = null;
-
// Payload (including measurement) data
protected String payloadPrintOneline = null;
protected String payloadPrintPretty = null;
@@ -87,65 +89,68 @@ public class Coswid extends Swid implements GenericRim {
// List of hash measurements in this CoSWID and their associated data
protected List measurements = new ArrayList<>();
- /** IANA CBOR registry define Coswid Tag.*/
- @Setter
- public static int coswidTag = 1398229316;
-
/**
* Returns a unique identifier String describing the type of RIM.
+ *
* @return the RIM type
*/
public String getRimType() {
return GenericRim.RIMTYPE_COSWID;
- };
+ }
/**
* Returns a unique identifier String (Manufacturer+Model in most cases)
* or perhaps hash of a string to use as a DB lookup value for the RIMs Digests and the RIM itself.
+ *
* @return the Rim ID
*/
public String getRimID() {
return ""; // TBD
- };
+ }
/**
* Retrieves the Signer info for the RIM.
+ *
* @return String representing the SKID of the RIM Signer
*/
public String getSignerId() {
// signer ID does not apply to unsigned CoSWID
return "";
- };
+ }
/**
* Runs checks on the rim to check validity
* Should include signature checks, content checks, and formatting checks.
* Requires a cert chain to verify the RIMs signature.
* SignerId would provide the reference for the ACA to look up the certs
+ *
* @return true if valid, false if not
*/
public boolean isValid() {
return false; // TODO
- };
+ }
/**
* Returns a list of Measurement objects for the given rim identifier that were found in the payload.
- * @return List that holds the reference measurements
+ *
+ * @return the reference measurements
*/
public List getReferenceMeasurements() {
return measurements;
- };
+ }
/**
* ReferencedRims is a list of RimId's references found in the payload (if any).
- * @return String contianing a list of reference RIMs.
+ *
+ * @return String contianing a list of reference RIMs.
*/
public String getReferencedRims() {
return ""; // TODO
- };
+ }
/**
* Default toString that contains all key/value pairs in the CoSWID data with no line breaks.
+ *
* @return Human-readable form of the measurement
*/
public String measurementsToString() {
@@ -162,6 +167,7 @@ public String measurementsToString() {
/**
* Default toString that contains all key/value pairs in the CoSWID data with no line breaks.
+ *
* @return Human-readable form of this coswid objec
*/
public String toString() {
@@ -170,6 +176,7 @@ public String toString() {
/**
* Prints the processed CoSWID data that was stored when initially parsed.
+ *
* @param format options: "pretty" (default is anything else)
* @return Human-readable form of this coswid object
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/CoswidBuilder.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/CoswidBuilder.java
index e5d199771..5213009f8 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/CoswidBuilder.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/CoswidBuilder.java
@@ -71,6 +71,7 @@ public CoswidBuilder(final CoswidConfig conf) {
*
* @param out Byte array to write Coswid data to
* @return updated Byte array.
+ * @throws IOException if an I/O error occurs during the COSWID data creation.
*/
public ByteArrayOutputStream createCoswidData(final ByteArrayOutputStream out) throws IOException {
initCoswid(out);
@@ -85,6 +86,7 @@ public ByteArrayOutputStream createCoswidData(final ByteArrayOutputStream out) t
* Note 1398229316 is the IANA CBOR Tag for coswid
*
* @param fileName File name to place the encoded Coswid data
+ * @throws IOException if an I/O error occurs during the creation of the COSWID data.
*/
public void createCoswidData(final String fileName) throws IOException {
ByteArrayOutputStream out = new ByteArrayOutputStream();
@@ -411,7 +413,8 @@ protected void prepFile(final JsonNode node, final ByteArrayOutputStream out) th
* hash-value: bytes,
* ]
* where hash-alg-id value is defined by Iana :
- * https://www.iana.org/assignments/named-information/named-information.xhtml
+ *
+ * named-information
*
* @param out ByteArrayOutputStream to add the tagid into.
* @param hash String holding the text representation of the hash value
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/CoswidConfig.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/CoswidConfig.java
index b5298be54..f6918e649 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/CoswidConfig.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/ietfCoswid/CoswidConfig.java
@@ -6,8 +6,8 @@
import java.io.ByteArrayInputStream;
import java.io.File;
-import java.nio.file.Files;
import java.io.IOException;
+import java.nio.file.Files;
import java.util.Map;
/**
@@ -16,10 +16,12 @@
@NoArgsConstructor
public class CoswidConfig extends Coswid {
protected JsonNode rootNode = null;
+
/**
* Constructor that takes in a filename and runs a validation on the config file.
+ *
* @param filename name of the Json formatted configration file.
- * @throws IOException if parsing errrors are encountered.
+ * @throws IOException if parsing errrors are encountered.
*/
public CoswidConfig(final String filename) throws IOException {
try {
@@ -48,7 +50,8 @@ public CoswidConfig(final String filename) throws IOException {
/**
* Initializes Class variables based upon a JsonNode object.
* Used by inherited classes to fill in Coswid variables from a json node
- * @param initNode
+ *
+ * @param initNode initial node
*/
protected void init(final JsonNode initNode) {
lang = rootNode.path(CoswidItems.LANG_STR).asText();
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/tcgCompRimCoswid/TcgCompRimCoswidBuilder.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/tcgCompRimCoswid/TcgCompRimCoswidBuilder.java
index bfecd1381..341945397 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/tcgCompRimCoswid/TcgCompRimCoswidBuilder.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/tcgCompRimCoswid/TcgCompRimCoswidBuilder.java
@@ -18,10 +18,11 @@ public class TcgCompRimCoswidBuilder extends CoswidBuilder {
/**
* Holds the TCG Component RIM Coswid.
*/
- private TcgCompRimCoswid tcRim = new TcgCompRimCoswid();
+ private final TcgCompRimCoswid tcRim = new TcgCompRimCoswid();
/**
* Constructor for the Component Rim Builder.
+ *
* @param config TcgComponentRimConfig config created from a json file.
*/
public TcgCompRimCoswidBuilder(final TcgCompRimCoswidConfig config) {
@@ -41,7 +42,9 @@ public TcgCompRimCoswidBuilder(final TcgCompRimCoswidConfig config) {
/**
* Writes a TCG Component RIM Coswid object to a file.
+ *
* @param fileName file to hold the new TCG Component rim
+ * @throws IOException if any issues arise attempting to create a TCG Component RIM
*/
public void createTcgComponentRim(final String fileName) throws IOException {
ByteArrayOutputStream out = new ByteArrayOutputStream();
@@ -56,6 +59,7 @@ public void createTcgComponentRim(final String fileName) throws IOException {
/**
* Creates a TCG Component RIM Coswid object.
+ *
* @param out ByteArrayOutputStream to wite the object to
*/
public void initTcgRim(final ByteArrayOutputStream out) {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/tcgCompRimCoswid/TcgCompRimCoswidConfig.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/tcgCompRimCoswid/TcgCompRimCoswidConfig.java
index 1d5db8196..6a2c9c484 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/tcgCompRimCoswid/TcgCompRimCoswidConfig.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/cbor/tcgCompRimCoswid/TcgCompRimCoswidConfig.java
@@ -17,6 +17,8 @@
*/
@Getter
public class TcgCompRimCoswidConfig extends CoswidConfig {
+ private final String componentLocator = null;
+ private final String firmwareVersion = null;
/*
* Attributes from the TCG Component RIM Binding for SWID and CoSWID specification.
* Not found in the CoSWID or SWID specifications.
@@ -28,8 +30,6 @@ public class TcgCompRimCoswidConfig extends CoswidConfig {
private String persistentId = null;
private String componentManufacturerStr = null;
private String componentManufacturerID = null;
- private String componentLocator = null;
- private String firmwareVersion = null;
private String supportRimType = null;
private String supportRimFormat = null;
private String supportRimUriGlobal = null;
@@ -43,9 +43,10 @@ public class TcgCompRimCoswidConfig extends CoswidConfig {
/**
* Constructor for the TCG Component Rim Coswid Config.
+ *
* @param filename TcgComponentRimConfig config created from a json file.
*/
- public TcgCompRimCoswidConfig(final String filename) throws IOException {
+ public TcgCompRimCoswidConfig(final String filename) {
super();
try {
String errMsg = "";
@@ -109,7 +110,7 @@ public TcgCompRimCoswidConfig(final String filename) throws IOException {
.path(TcgCompRimCoswid.CRIM_SPDM_MEASUREMENT_RAW_DATA_STR).asText();
} catch (Exception e) {
throw new RuntimeException("Error processing TCG Component RIM configuration file "
- + filename + ": " + e.getMessage(), e);
+ + filename + ": " + e.getMessage(), e);
}
}
}
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/Swid.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/Swid.java
index 6f1076ca8..b10122635 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/Swid.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/Swid.java
@@ -7,7 +7,8 @@
* Class that contains definitions found in the SWID specification ISO/IEC 19770-2:2015.
* Used by Coswid (Rfc 9393) which is based upon SWID specification.
*/
-@Setter @Getter
+@Setter
+@Getter
public class Swid {
// Order of variables follows the order listed in the table in section 8.5.1 of the SWID spec
@@ -15,144 +16,227 @@ public class Swid {
// SWID Elements are listed first
public static final String SWID_SOFTWARE_IDENTITY_STR = "SoftwareIdentity";
// Software Identity Element Attributes
- /** Flag set to true if tag is a patch tag which indicates this tag applies to pre-installation data. */
- protected boolean corpus = false;
public static final String SWID_CORPUS_STR = "corpus";
- /** Flag set to true if tag is a patch tag that implies modification to the software. */
- protected boolean patch = false;
public static final String SWID_PATCH_STR = "patch";
- /** String that desribes the "Platform" this software applies to. */
- protected String swidMedia = null;
public static final String SWID_MEDIA_STR = "media";
- /** String that provides the software component name. */
- protected String softwareName = null;
public static final String SWID_NAME_STR = "name";
- /** Flag set to true if tag is a Supplemental tag which is generally provided by different entities. */
- protected boolean supplemental = false;
public static final String SWID_SUPPLEMENTAL_STR = "supplemental";
- /** Tag Identifier - usually a UUID. */
- protected String swidTagId = null;
public static final String SWID_TAG_ID_STR = "tagId";
- /** Version of the tag. */
- protected String tagVersion = null;
public static final String SWID_TAG_VERSION_STR = "tagVersion";
- /** Swid spec version. */
- protected String softwareVersion = null;
public static final String SWID_VERSION_STR = "version";
- /** Swid spec version. */
- protected String swidVersionScheme = null;
public static final String SWID_VERSION_SCHEME_STR = "versionScheme";
-
- /** Entity Element. */
+ /**
+ * Entity Element.
+ */
public static final String SWID_ENTITY_STR = "Entity";
- /** Name of the Entity that created this tag. */
- protected String swidEntityName = null;
public static final String SWID_ENTITY_NAME_STR = "name";
- /** IANA ID of the Entity that created this tag. */
- protected String regId = null;
public static final String SWID_ENTITY_REGID_STR = "regid";
- /** Role of the entity had in creating this tag. */
- protected String role = null;
public static final String SWID_ENTITY_ROL_STR = "role";
- /** hash of the cert used to sign this tag. */
- protected String thumbprint = null;
public static final String SWID_ENTITY_THUMBPRINT_STR = "thumbprint";
-
- // Evidence Element
- /** Evidence is a scan of the system where software which does not have a swid tag is discovered. */
+ /**
+ * Evidence is a scan of the system where software which does not have a swid tag is discovered.
+ */
public static final String SWID_EVIDENCE_STR = "Evidence";
- /** Date and time the evidence was collected. */
- protected String swidEvidenceDate = null;
public static final String SWID_EVIDENCE_DATE_STR = "date";
- /** Identifier of the device the evidence was collected from. */
- protected String swidEvidenceDeviceId = null;
public static final String SWID_EVIDENCE_DEVICE_ID_STR = "deviceId";
-
- // Link Element
- /** Link is a reference to any other item. */
+ /**
+ * Link is a reference to any other item.
+ */
public static final String SWID_LINK_STR = "Link";
- /** Canonical name for the item being referenced. */
- protected String swidLinkArtifact = null;
public static final String SWID_LINK_ARTIFACT_STR = "artifact";
- /** Link to the item being referenced. */
- protected String href = null;
public static final String SWID_LINK_HREF_STR = "href";
- /** String that describes the "Platform" this software applies to. */
- protected String swidLinkMedia = null;
public static final String SWID_LINK_MEDIA_STR = "media";
- /** String that describes the "Strength of ownership" of the target piece of software. */
- protected String swidLinkOwnership = null;
public static final String SWID_LINK_OWNERSHIP_STR = "ownership";
- /** String that describes the "relationship" betwen the tag abd the target software. */
- protected String rel = null;
public static final String SWID_LINK_REL_STR = "rel";
- /** String type of media the device the link refers to. */
- protected String swidLinkType = null;
public static final String SWID_LINK_TYPE_STR = "type";
- /** Determines if the target is a hard requirement. */
- protected String swidLinkUse = null;
public static final String SWID_LINK_USE_STR = "use";
-
// Meta Element
public static final String SWID_META_STR = "Meta";
-
// Payload Element
public static final String SWID_PAYLOAD_STR = "Payload";
- /** Directory where the payload is located. */
- protected String swidPayloadDirectory = null;
+
+ // Evidence Element
public static final String SWID_PAYLOAD_DIR_STR = "directory";
- /** Flag to denote the importance of the directory. */
- private boolean swidPayloadDirectoryKey = false;
public static final String SWID_PAYLOAD_DIR_KEY_STR = "payloadDirKey";
- /** location of the directory. */
- protected String swidPayloadDirectoryLocation = null;
public static final String SWID_PAYLOAD_DIR_LOC_STR = "location";
- /** name of the directory. */
- protected String swidPayloadDirectoryName = null;
public static final String SWID_PAYLOAD_DIR_NAME_STR = "directoryName";
- /** Root directory the directory os relative to. */
- protected String swidPayloadDirectoryRoot = null;
public static final String SWID_PAYLOAD_DIR_ROOT_STR = "rootDirectory";
- /** file the payload refers to. */
- protected String swidPayloadFile = null;
+
+ // Link Element
public static final String SWID_PAYLOAD_FILE_STR = "file";
- /** name of the file the payload refers to. */
- protected String swidPayloadFileName = null;
public static final String SWID_PAYLOAD_FILE_NAME = "fileName";
- /** size the payload refers to. */
- protected int swidPayloadFileSize = 0;
public static final String SWID_PAYLOAD_FILE_SIZE = "size";
- /** version of the file the payload refers to. */
- protected String swidPayloadFileVersion = null;
public static final String SWID_PAYLOAD_FILE_VER_STR = "file-version";
-
- // Process
- /** OS Process information. */
+ /**
+ * OS Process information.
+ */
public static final String SWID_PROCESS_STR = "process";
- /** Process id string (name). */
- protected String swidProcessName = null;
public static final String SWID_PROCESS_NAME_STR = "process";
- /** Process id int (name). */
- protected int swidProcessPid = 0;
public static final String SWID_PROCESS_PID_STR = "processId";
-
- // Resource
- /** OS Process information. */
+ /**
+ * OS Process information.
+ */
public static final String SWID_RESOURCE_STR = "resource";
- /** Genric description of the resource (name). */
- protected String swidResourceType = null;
public static final String SWID_RESOURCE_TYPE_STR = "resourceType";
+ public static final String SWID_META_COL_VER_STR = "colloquialVersion";
+ public static final String SWID_META_COL_PRODUCT_STR = "product";
+ public static final String SWID_META_REV_STR = "revision";
+ public static final String SWID_META_EDITION_STR = "edition";
+ /**
+ * Flag set to true if tag is a patch tag which indicates this tag applies to pre-installation data.
+ */
+ protected boolean corpus = false;
+ /**
+ * Flag set to true if tag is a patch tag that implies modification to the software.
+ */
+ protected boolean patch = false;
+ /**
+ * String that desribes the "Platform" this software applies to.
+ */
+ protected String swidMedia = null;
+ /**
+ * String that provides the software component name.
+ */
+ protected String softwareName = null;
+ /**
+ * Flag set to true if tag is a Supplemental tag which is generally provided by different entities.
+ */
+ protected boolean supplemental = false;
+ /**
+ * Tag Identifier - usually a UUID.
+ */
+ protected String swidTagId = null;
+ /**
+ * Version of the tag.
+ */
+ protected String tagVersion = null;
+ /**
+ * Swid spec version.
+ */
+ protected String softwareVersion = null;
+ /**
+ * Swid spec version.
+ */
+ protected String swidVersionScheme = null;
+ /**
+ * Name of the Entity that created this tag.
+ */
+ protected String swidEntityName = null;
+ /**
+ * IANA ID of the Entity that created this tag.
+ */
+ protected String regId = null;
+ /**
+ * Role of the entity had in creating this tag.
+ */
+ protected String role = null;
+ /**
+ * hash of the cert used to sign this tag.
+ */
+ protected String thumbprint = null;
+ /**
+ * Date and time the evidence was collected.
+ */
+ protected String swidEvidenceDate = null;
+ /**
+ * Identifier of the device the evidence was collected from.
+ */
+ protected String swidEvidenceDeviceId = null;
+ /**
+ * Canonical name for the item being referenced.
+ */
+ protected String swidLinkArtifact = null;
+ /**
+ * Link to the item being referenced.
+ */
+ protected String href = null;
+ /**
+ * String that describes the "Platform" this software applies to.
+ */
+ protected String swidLinkMedia = null;
+ /**
+ * String that describes the "Strength of ownership" of the target piece of software.
+ */
+ protected String swidLinkOwnership = null;
+ /**
+ * String that describes the "relationship" betwen the tag abd the target software.
+ */
+ protected String rel = null;
+ /**
+ * String type of media the device the link refers to.
+ */
+ protected String swidLinkType = null;
+ /**
+ * Determines if the target is a hard requirement.
+ */
+ protected String swidLinkUse = null;
+
+ // Process
+ /**
+ * Directory where the payload is located.
+ */
+ protected String swidPayloadDirectory = null;
+ /**
+ * location of the directory.
+ */
+ protected String swidPayloadDirectoryLocation = null;
+ /**
+ * name of the directory.
+ */
+ protected String swidPayloadDirectoryName = null;
+ /**
+ * Root directory the directory os relative to.
+ */
+ protected String swidPayloadDirectoryRoot = null;
+ /**
+ * file the payload refers to.
+ */
+ protected String swidPayloadFile = null;
+
+ // Resource
+ /**
+ * name of the file the payload refers to.
+ */
+ protected String swidPayloadFileName = null;
+ /**
+ * size the payload refers to.
+ */
+ protected int swidPayloadFileSize = 0;
+ /**
+ * version of the file the payload refers to.
+ */
+ protected String swidPayloadFileVersion = null;
// NIST IR 8060 defined Meta fields used by Coswid and TCG PC Client RIM
- /** Version defined by NIST IR 8060. */
+ /**
+ * Process id string (name).
+ */
+ protected String swidProcessName = null;
+ /**
+ * Process id int (name).
+ */
+ protected int swidProcessPid = 0;
+ /**
+ * Genric description of the resource (name).
+ */
+ protected String swidResourceType = null;
+ /**
+ * Version defined by NIST IR 8060.
+ */
protected String colloquialVersion = null;
- public static final String SWID_META_COL_VER_STR = "colloquialVersion";
- /** Product defined by NIST IR 8060. */
+ /**
+ * Product defined by NIST IR 8060.
+ */
protected String product = null;
- public static final String SWID_META_COL_PRODUCT_STR = "product";
- /** Revision defined by NIST IR 8060. */
+ /**
+ * Revision defined by NIST IR 8060.
+ */
protected String revision = null;
- public static final String SWID_META_REV_STR = "revision";
- /** Edition defined by NIST IR 8060. */
+ /**
+ * Edition defined by NIST IR 8060.
+ */
protected String edition = null;
- public static final String SWID_META_EDITION_STR = "edition";
+ /**
+ * Flag to denote the importance of the directory.
+ */
+ private boolean swidPayloadDirectoryKey = false;
}
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/pcclientrim/PcClientRim.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/pcclientrim/PcClientRim.java
index 7bdf68ce6..1b559c8d5 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/pcclientrim/PcClientRim.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/pcclientrim/PcClientRim.java
@@ -1,14 +1,18 @@
package hirs.utils.rim.unsignedRim.xml.pcclientrim;
-import java.io.ByteArrayInputStream;
-import java.io.File;
-import java.io.IOException;
-import java.nio.file.Files;
-import java.rmi.RemoteException;
-import java.util.ArrayList;
-import java.util.HexFormat;
-import java.util.List;
-import java.util.UUID;
+import hirs.utils.rim.ReferenceManifestValidator;
+import hirs.utils.rim.unsignedRim.GenericRim;
+import hirs.utils.rim.unsignedRim.common.measurement.Measurement;
+import hirs.utils.swid.SwidTagConstants;
+import hirs.utils.swid.SwidTagGateway;
+import jakarta.xml.bind.JAXBContext;
+import jakarta.xml.bind.JAXBException;
+import jakarta.xml.bind.UnmarshalException;
+import jakarta.xml.bind.Unmarshaller;
+import lombok.NoArgsConstructor;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
@@ -18,21 +22,15 @@
import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.Schema;
-
-import lombok.NoArgsConstructor;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
-import hirs.utils.rim.unsignedRim.GenericRim;
-import hirs.utils.rim.unsignedRim.common.measurement.Measurement;
-import hirs.utils.swid.SwidTagConstants;
-import hirs.utils.swid.SwidTagGateway;
-import hirs.utils.rim.ReferenceManifestValidator;
-import jakarta.xml.bind.JAXBContext;
-import jakarta.xml.bind.JAXBException;
-import jakarta.xml.bind.UnmarshalException;
-import jakarta.xml.bind.Unmarshaller;
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.rmi.RemoteException;
+import java.util.ArrayList;
+import java.util.HexFormat;
+import java.util.List;
+import java.util.UUID;
/**
* Class that holds a PC Client RIM.
@@ -40,10 +38,11 @@
@NoArgsConstructor
public class PcClientRim extends SwidTagGateway implements GenericRim {
- private boolean isValid = false;
- private Unmarshaller unmarshaller;
private static final String SCHEMA_PACKAGE = "hirs.utils.xjc";
private static final String IDENTITY_TRANSFORM = "identity_transform.xslt";
+ private final List measurements = new ArrayList<>();
+ private boolean isValid = false;
+ private Unmarshaller unmarshaller;
private Schema schema;
private Document rim;
// private Measurement measurement = new Measurement();
@@ -53,15 +52,16 @@ public class PcClientRim extends SwidTagGateway implements GenericRim {
private String revision = "";
private String digest = "";
private UUID tagUuid = null; // private String tagId = "";
- private List measurements = new ArrayList<>();;
/**
* Validate a PC Client RIM.
- * @param verifyFile RIM to verify
+ *
+ * @param verifyFile RIM to verify
* @param certificateFile certificate
- * @param rimel RIM event log
- * @param trustStore certificate chain
+ * @param rimel RIM event log
+ * @param trustStore certificate chain
* @return true if validated
+ * @throws IOException if there is an I/O error during the operation.
*/
public boolean validate(final String verifyFile, final String certificateFile, final String rimel,
final String trustStore) throws IOException {
@@ -136,6 +136,7 @@ public boolean validate(final String verifyFile, final String certificateFile, f
/**
* Get RIM type.
+ *
* @return PC Client RIM
*/
@Override
@@ -145,12 +146,13 @@ public String getRimType() {
/**
* Create a PC Client RIM.
- * @param configFile config file
- * @param rimEventLog event log
+ *
+ * @param configFile config file
+ * @param rimEventLog event log
* @param certificateFile certificate
- * @param privateKeyFile private key
- * @param embeddedCert true if cert should be embedded
- * @param outFile ouptut RIM
+ * @param privateKeyFile private key
+ * @param embeddedCert true if cert should be embedded
+ * @param outFile ouptut RIM
*/
public void create(final String configFile, final String rimEventLog, final String certificateFile,
final String privateKeyFile, final boolean embeddedCert, final String outFile) {
@@ -183,6 +185,7 @@ public void create(final String configFile, final String rimEventLog, final Stri
/**
* Default getRimID.
+ *
* @return n/a
*/
@Override
@@ -192,6 +195,7 @@ public String getRimID() {
/**
* Default getSignerId.
+ *
* @return n/a
*/
@Override
@@ -201,6 +205,7 @@ public String getSignerId() {
/**
* Default isValid.
+ *
* @return n/a
*/
@Override
@@ -210,6 +215,7 @@ public boolean isValid() {
/**
* Default getReferenceMeasurements.
+ *
* @return n/a
*/
@Override
@@ -219,6 +225,7 @@ public List getReferenceMeasurements() {
/**
* Default getReferencedRims.
+ *
* @return n/a
*/
@Override
@@ -228,6 +235,7 @@ public String getReferencedRims() {
/**
* Default toString.
+ *
* @return n/a
*/
@Override
@@ -264,7 +272,7 @@ private Document validateSwidtagSchema(final Document doc) {
* @param source of the input xml.
* @return Document representation of the xml.
*/
- private Document removeXMLWhitespace(final StreamSource source) throws IOException {
+ private Document removeXMLWhitespace(final StreamSource source) {
TransformerFactory tf = TransformerFactory.newInstance();
Source identitySource = new StreamSource(
ReferenceManifestValidator.class.getClassLoader().getResourceAsStream(IDENTITY_TRANSFORM));
diff --git a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/pcclientrim/PcClientRimBuilder.java b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/pcclientrim/PcClientRimBuilder.java
index dbbb99639..4ff21e12e 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/pcclientrim/PcClientRimBuilder.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/rim/unsignedRim/xml/pcclientrim/PcClientRimBuilder.java
@@ -3,7 +3,20 @@
import hirs.utils.swid.CredentialParser;
import hirs.utils.swid.HashSwid;
import hirs.utils.swid.SwidTagConstants;
+import hirs.utils.xjc.Directory;
+import hirs.utils.xjc.Entity;
import hirs.utils.xjc.File;
+import hirs.utils.xjc.FilesystemItem;
+import hirs.utils.xjc.Link;
+import hirs.utils.xjc.ObjectFactory;
+import hirs.utils.xjc.ResourceCollection;
+import hirs.utils.xjc.SoftwareIdentity;
+import hirs.utils.xjc.SoftwareMeta;
+import jakarta.json.Json;
+import jakarta.json.JsonArray;
+import jakarta.json.JsonException;
+import jakarta.json.JsonObject;
+import jakarta.json.JsonReader;
import jakarta.xml.bind.JAXBContext;
import jakarta.xml.bind.JAXBElement;
import jakarta.xml.bind.JAXBException;
@@ -16,6 +29,14 @@
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dom.DOMStructure;
+import javax.xml.crypto.dsig.Reference;
+import javax.xml.crypto.dsig.SignatureProperties;
+import javax.xml.crypto.dsig.SignatureProperty;
+import javax.xml.crypto.dsig.SignedInfo;
+import javax.xml.crypto.dsig.XMLObject;
+import javax.xml.crypto.dsig.XMLSignature;
+import javax.xml.crypto.dsig.XMLSignatureException;
+import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
@@ -27,58 +48,34 @@
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.Source;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
-import java.math.BigInteger;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.Files;
-import java.nio.file.Paths;
-import java.security.cert.X509Certificate;
-import java.time.LocalDateTime;
-
-import hirs.utils.xjc.Directory;
-import hirs.utils.xjc.Entity;
-import hirs.utils.xjc.FilesystemItem;
-import hirs.utils.xjc.Link;
-import hirs.utils.xjc.ObjectFactory;
-import hirs.utils.xjc.ResourceCollection;
-import hirs.utils.xjc.SoftwareIdentity;
-import hirs.utils.xjc.SoftwareMeta;
-import jakarta.json.Json;
-import jakarta.json.JsonArray;
-import jakarta.json.JsonException;
-import jakarta.json.JsonObject;
-import jakarta.json.JsonReader;
-
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
+import java.math.BigInteger;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Paths;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
-import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import javax.xml.crypto.dsig.Reference;
-import javax.xml.crypto.dsig.SignatureProperties;
-import javax.xml.crypto.dsig.SignatureProperty;
-import javax.xml.crypto.dsig.SignedInfo;
-import javax.xml.crypto.dsig.XMLObject;
-import javax.xml.crypto.dsig.XMLSignature;
-import javax.xml.crypto.dsig.XMLSignatureException;
-import javax.xml.crypto.dsig.XMLSignatureFactory;
-import javax.xml.transform.Source;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerConfigurationException;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactory;
/**
* Class that builds a PC Client RIM.
@@ -129,6 +126,7 @@ public PcClientRimBuilder() {
/**
* Generate a SWIDtag from a file.
+ *
* @param filename path to the file
*/
public void generateSwidTag(final String filename) {
@@ -177,6 +175,7 @@ public void generateSwidTag(final String filename) {
/**
* Assemble a composite payload from json config properties.
+ *
* @param configProperties the json config
* @return the assembled composite payload as a Document object
*/
@@ -187,10 +186,9 @@ private Document assembleCompositePayload(final JsonObject configProperties) thr
Document dirDoc = this.convertToDocument(jaxbDirectory);
JsonArray files = configProperties.getJsonObject("Payload").getJsonObject("Directory")
.getJsonArray("File");
- Iterator itr = files.iterator();
- while (itr.hasNext()) {
- File file = this.createFile((JsonObject) itr.next());
+ for (jakarta.json.JsonValue jsonValue : files) {
+ File file = this.createFile((JsonObject) jsonValue);
JAXBElement jaxbFile = this.objectFactory.createDirectoryFile(file);
Document fileDoc = this.convertToDocument(jaxbFile);
Node fileNode = dirDoc.importNode(fileDoc.getDocumentElement(), true);
@@ -208,8 +206,9 @@ private Document assembleCompositePayload(final JsonObject configProperties) thr
/**
* Transform a SWIDtag Document to a string output.
+ *
* @param swidTag the Document object with the SWIDtag
- * @param output the output string
+ * @param output the output string
*/
public void writeSwidTagFile(final Document swidTag, final String output) {
try {
@@ -234,6 +233,7 @@ public void writeSwidTagFile(final Document swidTag, final String output) {
/**
* Create software identity from a json object.
+ *
* @param jsonObject the object with the attributes
* @return the created SoftwareIdentity object
*/
@@ -269,6 +269,7 @@ private SoftwareIdentity createSwidTag(final JsonObject jsonObject) {
/**
* Create entity from a json object.
+ *
* @param jsonObject the object with the attributes
* @return the created entity object
*/
@@ -285,9 +286,9 @@ private Entity createEntity(final JsonObject jsonObject) {
String[] roles = jsonObject.getString("role", "").split(",");
- for (int i = 0; i < roles.length; ++i) {
- entity.getRole().add(roles[i]);
- if (roles[i].equals("tagCreator")) {
+ for (String role : roles) {
+ entity.getRole().add(role);
+ if (role.equals("tagCreator")) {
isTagCreator = true;
}
}
@@ -312,6 +313,7 @@ private Entity createEntity(final JsonObject jsonObject) {
/**
* Create link from a json object.
+ *
* @param jsonObject the object with the attributes
* @return the created link object
*/
@@ -332,6 +334,7 @@ private Link createLink(final JsonObject jsonObject) {
/**
* Create software metadata from a json object.
+ *
* @param jsonObject the object with the attributes
* @return the created SoftwareMeta object
*/
@@ -379,6 +382,7 @@ protected SoftwareMeta createSoftwareMeta(final JsonObject jsonObject) {
/**
* Create a payload from a json object.
+ *
* @param jsonObject the object with the attributes
* @return the created ResourceCollection object that holds the payload
*/
@@ -401,6 +405,7 @@ private ResourceCollection createPayload(final JsonObject jsonObject) {
/**
* Create a directory from a json object.
+ *
* @param jsonObject the object with the attributes
* @return the created directory
*/
@@ -409,10 +414,12 @@ private Directory createDirectory(final JsonObject jsonObject) {
directory.setName(jsonObject.getString(SwidTagConstants.NAME, ""));
directory.setLocation(jsonObject.getString(SwidTagConstants.LOCATION, ""));
Map attributes = directory.getOtherAttributes();
- String supportRimFormat = jsonObject.getString(SwidTagConstants.SUPPORT_RIM_FORMAT, "supportRIMFormat missing");
+ String supportRimFormat =
+ jsonObject.getString(SwidTagConstants.SUPPORT_RIM_FORMAT, "supportRIMFormat missing");
if (!supportRimFormat.equals("supportRIMFormat missing")) {
if (supportRimFormat.isEmpty()) {
- attributes.put(SwidTagConstants.QNAME_SUPPORT_RIM_FORMAT, SwidTagConstants.TCG_EVENTLOG_ASSERTION);
+ attributes.put(SwidTagConstants.QNAME_SUPPORT_RIM_FORMAT,
+ SwidTagConstants.TCG_EVENTLOG_ASSERTION);
} else {
attributes.put(SwidTagConstants.QNAME_SUPPORT_RIM_FORMAT, supportRimFormat);
}
@@ -429,6 +436,7 @@ private Directory createDirectory(final JsonObject jsonObject) {
/**
* Create a file from a json object.
+ *
* @param jsonObject the object with the attributes
* @return the created file
*/
@@ -450,7 +458,8 @@ private File createFile(final JsonObject jsonObject) throws Exception {
"supportRIMFormat missing");
if (!supportRimFormat.equals("supportRIMFormat missing")) {
if (supportRimFormat.isEmpty()) {
- attributes.put(SwidTagConstants.QNAME_SUPPORT_RIM_FORMAT, SwidTagConstants.TCG_EVENTLOG_ASSERTION);
+ attributes.put(SwidTagConstants.QNAME_SUPPORT_RIM_FORMAT,
+ SwidTagConstants.TCG_EVENTLOG_ASSERTION);
} else {
attributes.put(SwidTagConstants.QNAME_SUPPORT_RIM_FORMAT, supportRimFormat);
}
@@ -465,10 +474,11 @@ private File createFile(final JsonObject jsonObject) throws Exception {
/**
* Add an attribute.
+ *
* @param attributes the map of attributes
- * @param key key for the added attribute
- * @param value value for the added attribute
- * @param required true if the attribute is required
+ * @param key key for the added attribute
+ * @param value value for the added attribute
+ * @param required true if the attribute is required
*/
protected void addNonNullAttribute(final Map attributes, final QName key,
final String value, final boolean required) {
@@ -482,9 +492,10 @@ protected void addNonNullAttribute(final Map attributes, final QN
/**
* Add an attribute.
+ *
* @param attributes the map of attributes
- * @param key key for the added attribute
- * @param value value for the added attribute
+ * @param key key for the added attribute
+ * @param value value for the added attribute
*/
protected void addNonNullAttribute(final Map attributes, final QName key,
final String value) {
@@ -495,6 +506,7 @@ protected void addNonNullAttribute(final Map attributes, final QN
/**
* Convert a JAXBElement to Document type.
+ *
* @param element the element to convert
* @return the created Document
*/
@@ -513,6 +525,7 @@ private Document convertToDocument(final JAXBElement element) {
/**
* Sign an XML document.
+ *
* @param doc document to sign
* @return the signed document
*/
@@ -616,7 +629,8 @@ private Document signXMLDocument(final Document doc) {
/**
* Create XML timestamp.
- * @param doc data to be timestamped
+ *
+ * @param doc data to be timestamped
* @param sigFactory class used for generating the signature
* @return XMLObject the created timestamp
*/
@@ -666,6 +680,7 @@ private XMLObject createXmlTimestamp(final Document doc, final XMLSignatureFacto
/**
* Sets RIM config file.
+ *
* @param configFile the RIM config file
*/
@Generated
@@ -675,6 +690,7 @@ public void setConfigFile(final String configFile) {
/**
* Sets RIM default credentials.
+ *
* @param defaultCredentials the RIM default credentials
*/
@Generated
@@ -684,6 +700,7 @@ public void setDefaultCredentials(final boolean defaultCredentials) {
/**
* Sets RIM truststore file.
+ *
* @param jksTruststoreFile the truststore file
*/
@Generated
@@ -693,6 +710,7 @@ public void setJksTruststoreFile(final String jksTruststoreFile) {
/**
* Sets RIM private key file.
+ *
* @param pemPrivateKeyFile the RIM private key file
*/
@Generated
@@ -702,6 +720,7 @@ public void setPemPrivateKeyFile(final String pemPrivateKeyFile) {
/**
* Sets RIM certificate file.
+ *
* @param pemCertificateFile the RIM certifcate file
*/
@Generated
@@ -711,6 +730,7 @@ public void setPemCertificateFile(final String pemCertificateFile) {
/**
* Sets true/false for embedded certificate.
+ *
* @param embeddedCert true if cert is embedded
*/
@Generated
@@ -720,6 +740,7 @@ public void setEmbeddedCert(final boolean embeddedCert) {
/**
* Sets RIM event log.
+ *
* @param rimEventLog the RIM event log
*/
@Generated
@@ -729,6 +750,7 @@ public void setRimEventLog(final String rimEventLog) {
/**
* Sets timestamp format.
+ *
* @param timestampFormat the timestamp format
*/
@Generated
@@ -738,6 +760,7 @@ public void setTimestampFormat(final String timestampFormat) {
/**
* Sets timestamp.
+ *
* @param timestampArgument the timestamp
*/
@Generated
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/SignatureFormat.java b/HIRS_Utils/src/main/java/hirs/utils/signature/SignatureFormat.java
index ed4293250..6547cf65d 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/SignatureFormat.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/SignatureFormat.java
@@ -12,27 +12,36 @@ public interface SignatureFormat {
/**
* Creates a signature structure to be signed by a cryptographic engine.
- * @param algId IANA registered COSE Algorithm String
- * @param kid Key Identifier
- * @param payload data to be placed in the payload
- * @param signingCert signing cert to embed (if embedded parameter is set to true)
+ *
+ * @param algId IANA registered COSE Algorithm String
+ * @param kid Key Identifier
+ * @param payload data to be placed in the payload
+ * @param signingCert signing cert to embed (if embedded parameter is set to true)
* @param useUnprotectedKid if supported and true kid will be placed in an unprotected header
- * @param embedded if true embed a signing certificate
- * @param rimType RIM type used to match a CoAP content-type
+ * @param embedded if true embed a signing certificate
+ * @param rimType RIM type used to match a CoAP content-type
* @return byte array holding the to be signed data
+ * @throws IOException if there is an I/O error during the operation.
+ * @throws CertificateEncodingException if there is an error encoding the certificate.
+ * @throws NoSuchAlgorithmException if the specified algorithm is not available.
*/
byte[] createToBeSigned(int algId, byte[] kid, byte[] payload, X509Certificate signingCert,
- boolean useUnprotectedKid, boolean embedded, String rimType)
+ boolean useUnprotectedKid, boolean embedded, String rimType)
throws IOException, CertificateEncodingException, NoSuchAlgorithmException;
/**
* Adds a signature of the toBeSignedData to the Signature structure generated by a Cryptographic engine.
+ *
* @param signature byte array holding signature data
+ * @throws IOException if there is an I/O error while adding signature.
*/
- void addSignature(byte[] signature) throws IOException;
+ void addSignature(byte[] signature) throws IOException;
+
/**
* Gets the signed data after the signature has been added.
- * @return byte array holding the signature structure with the payload
+ *
+ * @return byte array holding the signature structure with the payload
+ * @throws IOException if there is an I/O error while retrieving the signed data.
*/
byte[] getSignedData() throws IOException;
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/SignatureHelper.java b/HIRS_Utils/src/main/java/hirs/utils/signature/SignatureHelper.java
index d1243beb6..e053ddd84 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/SignatureHelper.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/SignatureHelper.java
@@ -16,23 +16,26 @@ public final class SignatureHelper {
*/
private SignatureHelper() {
}
+
/**
* Extracts the SKID from an X.509 certificate.
* The TCG PC Client RIM and TCG Component RIM defines the key identifier as the
* Subject Key identifier (SKID) of the certificate to be used for verification.
* SKID is usually a hash of the public key.
+ *
* @param signCert x.509 certificate
* @return byte array holding the certificates SKID
*/
- public static byte[] getKidFromCert(final X509Certificate signCert) {
- return signCert.getExtensionValue("2.5.29.14");
+ public static byte[] getKidFromCert(final X509Certificate signCert) {
+ return signCert.getExtensionValue("2.5.29.14");
}
/**
* Extracts the COSE defined algorithm identifier associated with a certificates signing algorithm.
+ *
* @param signCert X.509 certificate to extract the algorithm identifier from
* @return a COSE defined algorithm identifier
- * @throws NoSuchAlgorithmException
+ * @throws NoSuchAlgorithmException if the specified algorithm is not available
*/
public static int getCoseAlgFromCert(final X509Certificate signCert)
throws NoSuchAlgorithmException {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/Cbor/CborBstr.java b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/Cbor/CborBstr.java
index c9195bd61..1eb80c90e 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/Cbor/CborBstr.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/Cbor/CborBstr.java
@@ -8,46 +8,49 @@
* Note: use getContent() to retrieve the data with the byteSting encoding stripped off.
*/
public class CborBstr {
+ private static final int TYPE_MASK = 0xE0;
+ private static final int INFO_MASK = 0x1F;
+ private static final int SHIFT_OFFSET = 0x05;
+ private static final int BYTE_STRING_TYPE = 0x02;
+ private static final int BYTE_STRING_LENGTH = 0x03;
+ private static final int COSE_NIL_BYTE = 0xa0; // Cose defined nil byte for empty payloads.
private byte[] contents = null;
- private static int typeMask = 0xE0;
- private static int infoMask = 0x1F;
- private static int shiftOffset = 0x05;
- private static int byteStringType = 0x02;
- private static int byteStringLength = 0x03;
- private static int coseNilByte = 0xa0; // Cose defined nil byte for empty payloads.
+
/**
* Constructor for the Cbor Byte String.
+ *
* @param data data holding the Cbor Byte String data.
*/
public CborBstr(final byte[] data) {
byte type = data[0];
// Check if byte 0 is of major type 0x02 (Byte String)
- byte cborType = (byte) ((type & typeMask) >> shiftOffset);
- if (cborType != byteStringType) {
+ byte cborType = (byte) ((type & TYPE_MASK) >> SHIFT_OFFSET);
+ if (cborType != BYTE_STRING_TYPE) {
throw new RuntimeException("Byte Array Decode Error, expecting a byte String (Type 2) but found "
+ cborType);
}
- contents = new byte[data.length - byteStringLength];
- System.arraycopy(data, byteStringLength, contents, 0, data.length - byteStringLength);
+ contents = new byte[data.length - BYTE_STRING_LENGTH];
+ System.arraycopy(data, BYTE_STRING_LENGTH, contents, 0, data.length - BYTE_STRING_LENGTH);
}
+
/**
* Checks to see if byte array is a string.
+ *
* @param data byte array holding the cbor data to check.
- * @return true if the byte array holds a string.
+ * @return true if the byte array holds a string.
*/
public static boolean isByteString(final byte[] data) {
byte type = data[0];
// Check if byte 0 is of major type 0x02 (Byte String)
- byte cborType = (byte) ((type & typeMask) >> shiftOffset);
- if (cborType == byteStringType) {
- return true;
- }
- return false;
+ byte cborType = (byte) ((type & TYPE_MASK) >> SHIFT_OFFSET);
+ return cborType == BYTE_STRING_TYPE;
}
+
/**
* Checks to see if a byte array is empty.
- * @param data byte array to check.
+ *
+ * @param data byte array to check.
* @return true of the byte array is empty.
*/
public static boolean isEmptyByteString(final byte[] data) {
@@ -55,26 +58,25 @@ public static boolean isEmptyByteString(final byte[] data) {
return false;
}
// per the cose spec 0xa0 is equivalent to {}
- if ((data[3] & 0xFF) == coseNilByte) {
- return true;
- }
- return false;
+ return (data[3] & 0xFF) == COSE_NIL_BYTE;
}
+
/**
* Processes byte string length rfc 8489.
- * @param data
+ *
+ * @param data byte array representation of the data
* @return length of the byte string in bytes
*/
public static int getByteStringLength(final byte[] data) {
int length = 0;
byte type = data[0];
- byte tagInfo = (byte) (type & infoMask);
+ byte tagInfo = (byte) (type & INFO_MASK);
if (tagInfo < CborTagProcessor.CBOR_ONE_BYTE_UNSIGNED_INT) {
length = tagInfo; // values 0 to 0x17
} else if (tagInfo == CborTagProcessor.CBOR_ONE_BYTE_UNSIGNED_INT) {
- length = (int) data[1];
+ length = data[1];
} else if (tagInfo == CborTagProcessor.CBOR_TWO_BYTE_UNSIGNED_INT) {
- byte[] tmpArray = {0, 0, data[1], data[2] };
+ byte[] tmpArray = {0, 0, data[1], data[2]};
ByteBuffer buf = ByteBuffer.wrap(tmpArray);
length = buf.getInt();
} else if (tagInfo == CborTagProcessor.CBOR_FOUR_BYTE_UNSIGNED_INT) {
@@ -84,16 +86,18 @@ public static int getByteStringLength(final byte[] data) {
}
return length;
}
+
/**
* Determines length of the byte sting header per rfc 8489.
+ *
* @param data byte array holding cbor data
* @return length of the byte string tag in bytes
*/
public static int getByteStringTagLength(final byte[] data) {
int length = 0;
byte type = data[0];
- byte tagInfo = (byte) (type & infoMask);
- if (tagInfo < CborTagProcessor.CBOR_ONE_BYTE_UNSIGNED_INT) {
+ byte tagInfo = (byte) (type & INFO_MASK);
+ if (tagInfo < CborTagProcessor.CBOR_ONE_BYTE_UNSIGNED_INT) {
length = 1; // values 0 to 0x17
} else if (tagInfo == CborTagProcessor.CBOR_ONE_BYTE_UNSIGNED_INT) {
length = 2;
@@ -104,8 +108,10 @@ public static int getByteStringTagLength(final byte[] data) {
}
return length;
}
+
/**
- * Removes a preceeding byte string from the byte array.
+ * Removes a preceding byte string from the byte array.
+ *
* @param data bate array holding cbor data.
* @return new byte array with the byte string stripped off.
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/Cbor/CborItems.java b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/Cbor/CborItems.java
index 1e9b2e564..6dbe691bf 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/Cbor/CborItems.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/Cbor/CborItems.java
@@ -7,12 +7,18 @@
*/
public class CborItems {
- /** Array of item names.*/
- private static final String[][] INDEX_NAMES = new String[0][0];
- /** Default item name. */
+ /**
+ * Default item name.
+ */
public static final String UNKNOWN_STR = "Unknown";
- /** Default item id. */
+ /**
+ * Default item id.
+ */
public static final int UNKNOWN_INT = 99;
+ /**
+ * Array of item names.
+ */
+ private static final String[][] INDEX_NAMES = new String[0][0];
/**
* Default constructor.
@@ -22,7 +28,8 @@ protected CborItems() {
/**
* Converts the Item name to an item id.
- * @param itemName
+ *
+ * @param itemName item name
* @return id of the item.
*/
public static int getIndex(final String itemName) {
@@ -33,8 +40,10 @@ public static int getIndex(final String itemName) {
}
return UNKNOWN_INT;
}
+
/**
* Searches for an Rfc 9393 specified index and returns the item name associated with the index.
+ *
* @param index int rfc 939 sepcified index value
* @return String item name associated with the index
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseAlgorithm.java b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseAlgorithm.java
index e75ada155..c07ca5270 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseAlgorithm.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseAlgorithm.java
@@ -9,45 +9,104 @@
* Processing is limited to the Algorithm Combinations suited to TCG registered signatures.
*/
public final class CoseAlgorithm {
- /** IANA Registered COSE Algorithm. */
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_RSA_SHA_512 = -259; // Uses PKCS-v1_5 padding
- /** IANA Registered COSE Algorithm. */
+
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_RSA_SHA_384 = -258;
- /** IANA Registered COSE Algorithm. */
+
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_RSA_SHA_256 = -257;
- /** IANA Registered COSE Algorithm. */
+
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_ES_SHA_512 = -36;
- /** IANA Registered COSE Algorithm. */
+
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_ES_SHA_384 = -35;
- /** IANA Registered COSE Algorithm. */
+
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_ES_SHA_256 = -7;
- /** IANA Registered COSE Algorithm. */
+
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_RSA_PSS_512 = -39;
- /** IANA Registered COSE Algorithm. */
+
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_RSA_PSS_384 = -38;
- /** IANA Registered COSE Algorithm. */
+
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_RSA_PSS_256 = -37;
- /** IANA Registered COSE Algorithm. */
+
+ /**
+ * IANA Registered COSE Algorithm.
+ */
public static final int COSE_SHA_256 = -16;
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String RSA_SHA512_PKCS1 = "RS512";
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String RSA_SHA384_PKCS1 = "RS384";
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String RSA_SHA256_PKCS1 = "RS256";
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String RSA_SHA512_PSS = "PS512";
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String RSA_SHA384_PSS = "PS384";
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String RSA_SHA256_PSS = "PS256";
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String ECDSA_SHA256 = "ES256";
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String ECDSA_SHA384 = "ES384";
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String ECDSA_SHA512 = "ES512";
- /** IANA Registered COSE Algorithm Name. */
+
+ /**
+ * IANA Registered COSE Algorithm Name.
+ */
public static final String SHA256 = "SHA-256";
private static final String[][] ALG_NAMES = {
@@ -68,64 +127,66 @@ public final class CoseAlgorithm {
*/
private CoseAlgorithm() {
}
+
/**
* Searches Rfc 9393 Items Names for match to a specified item name and returns the index.
- * @param coseAlg Iem Name specified in rfc 8152
+ *
+ * @param coseAlg Iem Name specified in rfc 8152
* @return int tag of the cose type
*/
public static int getAlgId(final String coseAlg) {
- int algId = 0;
- for (int i = 0; i < ALG_NAMES.length; i++) {
- if (coseAlg.compareToIgnoreCase(ALG_NAMES[i][1]) == 0) {
- return (Integer.parseInt(ALG_NAMES[i][0]));
+ for (String[] algName : ALG_NAMES) {
+ if (coseAlg.compareToIgnoreCase(algName[1]) == 0) {
+ return (Integer.parseInt(algName[0]));
}
}
return CoswidItems.UNKNOWN_INT;
}
+
/**
* Searches for an Rfc 8152 specified index and returns the item name associated with the index.
+ *
* @param coseAlId IANA registered COSE Algorithm Value (ID)
* @return String Algorithm name associated with the Algorithm Value (ID)
*/
public static String getAlgName(final int coseAlId) {
- int algId = 0;
- for (int i = 0; i < ALG_NAMES.length; i++) {
- if (coseAlId == Integer.parseInt(ALG_NAMES[i][0])) {
- return ALG_NAMES[i][1];
+ for (String[] algName : ALG_NAMES) {
+ if (coseAlId == Integer.parseInt(algName[0])) {
+ return algName[1];
}
}
return CoswidItems.UNKNOWN_STR;
}
+
/**
* Returns true if the specified COSE algorithm identifier is a supported algorithm.
* from the ECDSA family of algorithms.
- * @param cosAlId
+ *
+ * @param cosAlId IANA registered COSE Algorithm Value (ID)
* @return true if algorithm is COSE supported
*/
public static boolean isEcdsa(final int cosAlId) {
- if ((cosAlId == CoseAlgorithm.COSE_ES_SHA_256) || (cosAlId == CoseAlgorithm.COSE_ES_SHA_384)
- || (cosAlId == CoseAlgorithm.COSE_ES_SHA_512)) {
- return true;
- }
- return false;
+ return (cosAlId == CoseAlgorithm.COSE_ES_SHA_256) || (cosAlId == CoseAlgorithm.COSE_ES_SHA_384)
+ || (cosAlId == CoseAlgorithm.COSE_ES_SHA_512);
}
+
/**
* Returns true of the specified COSE algorithm identifier is a supported algorithm
* from the ECDSA family of algorithms.
+ *
* @param coseAlgorithmName a IANA Registered COSE algorithm name
* @return true if algorithm is an ecdsa variant
*/
public static boolean isEcdsaName(final String coseAlgorithmName) {
- if ((coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.ECDSA_SHA256) == 0)
+ return (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.ECDSA_SHA256) == 0)
|| (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.ECDSA_SHA384) == 0)
- || (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.ECDSA_SHA512) == 0)) {
- return true;
- }
- return false;
+ || (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.ECDSA_SHA512) == 0);
}
+
/**
* Returns true of the specified COSE algorithm identifier is a supported algorithm
* from the RSA family of algorithms.
+ *
* @param cosAlId cose registered algorithm id
* @return true if algorithm is a rsa variant
*/
@@ -138,32 +199,28 @@ public static boolean isRsa(final int cosAlId) {
/**
* Returns true of the specified COSE algorithm identifier is a supported algorithm
* from the ECDSA family of algorithms.
+ *
* @param coseAlgorithmName a IANA Registered COSE algorithm name
* @return true if algorithm is a rsa variant
*/
public static boolean isRsaName(final String coseAlgorithmName) {
- if ((coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA256_PKCS1) == 0)
+ return (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA256_PKCS1) == 0)
|| (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA384_PKCS1) == 0)
|| (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA512_PKCS1) == 0)
|| (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA256_PSS) == 0)
|| (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA384_PSS) == 0)
- || (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA512_PSS) == 0)) {
- return true;
- }
- return false;
+ || (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA512_PSS) == 0);
}
/**
* Returns true of the specified COSE algorithm is an RSA PSS variant.
+ *
* @param coseAlgorithmName name of the algorithm
* @return true if algorithm is a rsa-pss variant
*/
public static boolean isRsaPssName(final String coseAlgorithmName) {
- if ((coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA256_PSS) == 0)
+ return (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA256_PSS) == 0)
|| (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA384_PSS) == 0)
- || (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA512_PSS) == 0)) {
- return true;
- }
- return false;
+ || (coseAlgorithmName.compareToIgnoreCase(CoseAlgorithm.RSA_SHA512_PSS) == 0);
}
}
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeader.java b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeader.java
index fe6d49060..9dd838649 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeader.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeader.java
@@ -3,7 +3,6 @@
import lombok.Getter;
import lombok.Setter;
-import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
@@ -11,28 +10,33 @@
import java.util.Map;
/**
- * Class to hold COSE header components common to both Protected and Unprotected headers,
- * specified in rfc rfc8152 (https://datatracker.ietf.org/doc/html/rfc8152#section-3.1).
+ * Class to hold COSE header components common to both Protected and Unprotected headers, specified in
+ * rfc rfc8152 (rfc rfc8152).
*/
public class CoseHeader {
@Setter
@Getter
protected String algIdentifier = "";
+
@Setter
@Getter
protected String keyIdentifier = "";
+
@Setter
@Getter
protected String contentType = "";
+
protected Map parameters = null;
+
protected List x5chain = null;
/**
* Prints the processed COSE Header data that is common to both Protected and Unprotected headers.
+ *
* @return a formated string representation of the data in the COSE header object
*/
- public String printHeaderCommonContentsPretty() throws IOException {
+ public String printHeaderCommonContentsPretty() {
String returnString = "";
if (!algIdentifier.isEmpty()) {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeaderProtected.java b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeaderProtected.java
index bb5d8a1ff..23495c111 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeaderProtected.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeaderProtected.java
@@ -9,8 +9,8 @@
import hirs.utils.rim.unsignedRim.cbor.ietfCorim.CoRim;
import hirs.utils.rim.unsignedRim.cbor.ietfCorim.MetaMap;
import lombok.Getter;
+
import java.io.IOException;
-import java.util.Iterator;
import java.util.List;
/**
@@ -20,16 +20,21 @@
public class CoseHeaderProtected extends CoseHeader {
// criticality
@Getter
- private String crit = "";
+ private static final String CRIT = "";
+
// CBor Pairs (currently only 2 being processed: metamap and x5t for corim)
private MetaMap mmap = null;
+
@Getter
private String x5tHashAlg = "";
+
@Getter
private String x5tHashVal = "";
private String toStringCborDiag = "";
+
/**
* Parser constructor to fill class variables.
+ *
* @param pheader COSEUnprotectedHeader holding the COSE protected header
*/
public CoseHeaderProtected(final COSEProtectedHeader pheader) {
@@ -54,9 +59,7 @@ public CoseHeaderProtected(final COSEProtectedHeader pheader) {
// Cbor pairs
if (pheader.getDecodedContent() != null) {
List cborPairs = (List) pheader.getPairs();
- Iterator pairs = cborPairs.iterator();
- while (pairs.hasNext()) {
- CBORPair pair = (CBORPair) pairs.next();
+ for (CBORPair pair : cborPairs) {
// Look for corim-meta (index 8)
if (Integer.parseInt(pair.getKey().toString()) == CoRim.CORIM_META_MAP) {
byte[] corimMap = pair.getValue().encode();
@@ -79,21 +82,27 @@ public CoseHeaderProtected(final COSEProtectedHeader pheader) {
}
}
}
+
/**
* Default toString.
+ *
* @return default "pretty" version
*/
- public String toString() {
+ public String toString() {
try {
return toString("pretty");
} catch (IOException e) {
throw new RuntimeException(e);
}
}
+
/**
* Prints the processed COSE Protected Header data.
- * @param format empty (default String) or "pretty"
+ *
+ * @param format empty (default String) or "pretty"
* @return a formated string representation of the data in the COSE protected header object
+ * @throws IOException if any issues trying to create the string representation of the COSE Protected
+ * Header object.
*/
public String toString(final String format) throws IOException {
String returnString = "";
@@ -101,8 +110,8 @@ public String toString(final String format) throws IOException {
returnString = "Protected Header Contents: " + "\n";
returnString += printHeaderCommonContentsPretty();
- if (!crit.isEmpty()) {
- returnString += " Criticality = " + crit + "\n";
+ if (!CRIT.isEmpty()) {
+ returnString += " Criticality = " + CRIT + "\n";
}
if (mmap != null) {
returnString += " Signer Name = " + mmap.getSignerName() + "\n";
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeaderUnprotected.java b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeaderUnprotected.java
index e8fe40968..20b1534e8 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeaderUnprotected.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseHeaderUnprotected.java
@@ -15,6 +15,7 @@ public class CoseHeaderUnprotected extends CoseHeader {
/**
* Parser constructor to fill class variables.
+ *
* @param uheader COSEUnprotectedHeader holding the COSE unprotected header
*/
public CoseHeaderUnprotected(final COSEUnprotectedHeader uheader) {
@@ -37,9 +38,10 @@ public CoseHeaderUnprotected(final COSEUnprotectedHeader uheader) {
/**
* Default toString.
+ *
* @return default "pretty" version
*/
- public String toString() {
+ public String toString() {
try {
return toString("pretty");
} catch (IOException e) {
@@ -49,8 +51,11 @@ public String toString() {
/**
* Prints the processed COSE Unprotected Header data.
- * @param format empty (default String) or "pretty"
- * @return a formated string representation of the data in the COSE unproteced header object
+ *
+ * @param format empty (default String) or "pretty"
+ * @return a formated string representation of the data in the COSE unprotected header object
+ * @throws IOException if any issues arise while building the string representation of the COSE
+ * Unprotected Header data
*/
public String toString(final String format) throws IOException {
String returnString = "";
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseParser.java b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseParser.java
index 842ff4717..29b2113c0 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseParser.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseParser.java
@@ -1,19 +1,20 @@
package hirs.utils.signature.cose;
-import com.authlete.cbor.CBORItem;
import com.authlete.cbor.CBORDecoder;
+import com.authlete.cbor.CBORItem;
+import com.authlete.cose.COSEException;
+import com.authlete.cose.COSEProtectedHeader;
import com.authlete.cose.COSESign1;
import com.authlete.cose.COSEUnprotectedHeader;
-import com.authlete.cose.COSEProtectedHeader;
-import com.authlete.cose.COSEException;
import hirs.utils.rim.unsignedRim.cbor.ietfCorim.CoRim;
import hirs.utils.rim.unsignedRim.cbor.ietfCorim.CoRimParser;
import hirs.utils.rim.unsignedRim.cbor.ietfCoswid.Coswid;
-import hirs.utils.signature.cose.Cbor.CborTagProcessor;
import hirs.utils.rim.unsignedRim.cbor.tcgCompRimCoswid.TcgCompRimCoswidParser;
import hirs.utils.signature.cose.Cbor.CborBstr;
+import hirs.utils.signature.cose.Cbor.CborTagProcessor;
import lombok.Getter;
import lombok.Setter;
+
import java.io.IOException;
import java.util.ArrayList;
@@ -24,24 +25,36 @@ public class CoseParser {
@Setter
@Getter
private int coseTag = 0;
+
private byte[] toBeSigned = null;
+
private byte[] payload = null;
+
private byte[] signature = null;
+
@Setter
@Getter
private String algIdentifier = "";
+
private byte[] keyIdBytes = null;
+
@Setter
@Getter
private String keyIdentifier = "";
+
private CoseHeaderProtected coseHeaderP = null;
+
private CoseHeaderUnprotected coseHeaderU = null;
+
@Getter
private String contentType = "";
+
private byte[] protectedHeaders = null;
+
@Setter
@Getter
private String toStringCborDiag = "";
+
private CborTagProcessor cborTag = null;
/**
@@ -51,6 +64,7 @@ public class CoseParser {
* If alg is not found, an error will be thrown.
* Key Identifier (kid) should be in the protected header but can be in the unprotected header,
* or not provided.
+ *
* @param coseData Byte array holding the COSE data
*/
public CoseParser(final byte[] coseData) {
@@ -113,11 +127,26 @@ public CoseParser(final byte[] coseData) {
}
}
+ /**
+ * Method to print hex data.
+ *
+ * @param data byte containing hex data to be print
+ * @return String containing hex representation of the data
+ */
+ public static String hexToString(final byte[] data) {
+ StringBuilder sb2 = new StringBuilder();
+ for (byte b : data) {
+ sb2.append(String.format("%02X", b));
+ }
+ return sb2.toString();
+ }
+
/**
* Checks the payload for a valid tag.
* by parsing the first byte of the payload as a tag
* and checking for one of the supported tags by this application
* If a supported tag is found the payload and coswid tag references are adjusted
+ *
* @param payloadData
* @return true if a valid tag is found
*/
@@ -134,22 +163,10 @@ private boolean checkForTag(final byte[] payloadData) {
return tagFound;
}
- /**
- * Method to print hex data.
- * @param data byte containing hex data to be print
- * @return String containing hex representation of the data
- */
- public static String hexToString(final byte[] data) {
- StringBuilder sb2 = new StringBuilder();
- for (byte b : data) {
- sb2.append(String.format("%02X", b));
- }
- return sb2.toString();
- }
-
/**
* Looks up the COSE types defined in Table 1 of RFC 9052.
* Also processes CoRim options for COSE.
+ *
* @param tag the CBOR Tag (int) defined in Table 1
* @return a String defined in Table 1 that corresponds to the tag
*/
@@ -162,21 +179,29 @@ public String coseTagLookup(final int tag) {
final int coseMac0 = 17;
switch (tag) {
- case coseSign: return "cose-sign";
- case coseSignOne: return "cose-sign1";
- case coseEncrypt: return "cose-encrypt";
- case coseEncrypt0: return "cose-encrypt0";
- case coseMac: return "cose-mac";
- case coseMac0: return "cose-mac0";
- default: return CoRim.getTagLabel(tag);
+ case coseSign:
+ return "cose-sign";
+ case coseSignOne:
+ return "cose-sign1";
+ case coseEncrypt:
+ return "cose-encrypt";
+ case coseEncrypt0:
+ return "cose-encrypt0";
+ case coseMac:
+ return "cose-mac";
+ case coseMac0:
+ return "cose-mac0";
+ default:
+ return CoRim.getTagLabel(tag);
}
}
/**
* Default toString.
+ *
* @return default "pretty" version
*/
- public String toString() {
+ public String toString() {
try {
return toString("pretty");
} catch (IOException e) {
@@ -186,12 +211,15 @@ public String toString() {
/**
* Creates human-readable text from a Cose Object.
+ *
* @param format empty (default String) or "pretty"
* @return a formated string representation of the data in the COSE object
+ * @throws IOException if issues arrise while trying to create the string representation
+ * of the provided string format.
*/
public String toString(final String format) throws IOException {
String returnString = "";
- final int lineLength = 100;
+ final int lineLength = 100;
if (format.compareToIgnoreCase("pretty") == 0) {
returnString = " COSE Signed object:\n";
returnString += " tag = " + coseTagLookup(coseTag) + "\n";
@@ -199,7 +227,7 @@ public String toString(final String format) throws IOException {
returnString += coseHeaderU.toString("pretty");
returnString += "COSE Payload: " + "\n";
if (contentType.compareToIgnoreCase("application/rim+cbor") == 0) {
- returnString += " Processing payload as CoRim:" + "\n";
+ returnString += " Processing payload as CoRim:" + "\n";
CoRimParser cparser = new CoRimParser(payload);
returnString += cparser.toString();
} else if (!cborTag.isTagged()) {
@@ -233,6 +261,7 @@ public String toString(final String format) throws IOException {
/**
* Returns a copy of the toBeSigned bytes.
+ *
* @return copy of toBeSigned
*/
public byte[] getToBeSigned() {
@@ -241,6 +270,7 @@ public byte[] getToBeSigned() {
/**
* Sets a copy of the toBeSigned bytes.
+ *
* @param toBeSigned byte array to set
*/
public void setToBeSigned(final byte[] toBeSigned) {
@@ -249,6 +279,7 @@ public void setToBeSigned(final byte[] toBeSigned) {
/**
* Returns a copy of the payload bytes.
+ *
* @return copy of payload
*/
public byte[] getPayload() {
@@ -257,6 +288,7 @@ public byte[] getPayload() {
/**
* Sets a copy of the payload bytes.
+ *
* @param payload byte array to set
*/
public void setPayload(final byte[] payload) {
@@ -265,6 +297,7 @@ public void setPayload(final byte[] payload) {
/**
* Returns a copy of the signature bytes.
+ *
* @return copy of signature
*/
public byte[] getSignature() {
@@ -273,6 +306,7 @@ public byte[] getSignature() {
/**
* Sets a copy of the signature bytes.
+ *
* @param signature byte array to set
*/
public void setSignature(final byte[] signature) {
@@ -281,6 +315,7 @@ public void setSignature(final byte[] signature) {
/**
* Returns a copy of the keyIdBytes.
+ *
* @return copy of keyIdBytes
*/
public byte[] getKeyIdBytes() {
@@ -289,6 +324,7 @@ public byte[] getKeyIdBytes() {
/**
* Sets a copy of the keyIdBytes.
+ *
* @param keyIdBytes byte array to set
*/
public void setKeyIdBytes(final byte[] keyIdBytes) {
@@ -297,6 +333,7 @@ public void setKeyIdBytes(final byte[] keyIdBytes) {
/**
* Returns a copy of the protected headers.
+ *
* @return copy of protected headers
*/
public byte[] getProtectedHeaders() {
@@ -305,6 +342,7 @@ public byte[] getProtectedHeaders() {
/**
* Sets a copy of the protected headers.
+ *
* @param protectedHeaders byte array to set
*/
public void setProtectedHeaders(final byte[] protectedHeaders) {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseSignature.java b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseSignature.java
index df507a90b..85fc64d7d 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseSignature.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/signature/cose/CoseSignature.java
@@ -1,64 +1,66 @@
package hirs.utils.signature.cose;
-import lombok.Getter;
-import lombok.NoArgsConstructor;
-import lombok.Setter;
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.Objects;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.List;
import com.authlete.cbor.CBORByteArray;
+import com.authlete.cbor.CBORDecoder;
import com.authlete.cbor.CBORInteger;
import com.authlete.cbor.CBORItem;
import com.authlete.cbor.CBORItemList;
-import com.authlete.cbor.CBORDecoder;
-import com.authlete.cbor.CBORTaggedItem;
import com.authlete.cbor.CBORNull;
-import com.authlete.cose.COSESign1;
-import com.authlete.cose.COSEUnprotectedHeader;
+import com.authlete.cbor.CBORTaggedItem;
+import com.authlete.cose.COSEException;
import com.authlete.cose.COSEProtectedHeader;
import com.authlete.cose.COSEProtectedHeaderBuilder;
-import com.authlete.cose.COSEUnprotectedHeaderBuilder;
-import com.authlete.cose.COSEException;
+import com.authlete.cose.COSESign1;
import com.authlete.cose.COSESign1Builder;
+import com.authlete.cose.COSEUnprotectedHeader;
+import com.authlete.cose.COSEUnprotectedHeaderBuilder;
import com.authlete.cose.SigStructure;
import com.authlete.cose.SigStructureBuilder;
import hirs.utils.signature.SignatureFormat;
import hirs.utils.signature.SignatureHelper;
import hirs.utils.signature.cose.Cbor.CborContentTypes;
import hirs.utils.signature.cose.Cbor.CborTagProcessor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import java.io.IOException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Objects;
+
/**
* Class for implementing rfc rfc9052 CBOR Object Signing and Encryption (COSE)
* Refer to https://datatracker.ietf.org/doc/html/rfc9053
- *
+ *
* COSE_Sign = [
- * Headers,
- * payload : bstr / nil,
- * signatures : [+ COSE_Signature]
- * ]
- * From section 4.4 of rfc 9052 "How to compute a signature:
- * 1. Create a Sig_structure and populate it with the appropriate fields.
- * 2. Create the value ToBeSigned by encoding the Sig_structure to a
- * byte string, using the encoding described in Section 9.
- * 3. Call the signature creation algorithm, passing in K (the key to
- * sign with), alg (the algorithm to sign with), and ToBeSigned (the value to sign).
- * 4. Strip off the DER encoding from the Signature field placed on by
- * Java.Security. Even though RFC 9052 does not specify a format,
- * The COSE Working Groups test patterns use a "Raw" (IEEE P1363) format.
- * 5. Place the resulting signature value in the correct location.
- * This is the "signature" field of the COSE_Signature or COSE_Sign1 structure.
+ * Headers,
+ * payload : bstr / nil,
+ * signatures : [+ COSE_Signature]
+ * ]
+ * From section 4.4 of rfc 9052 "How to compute a signature:
+ * 1. Create a Sig_structure and populate it with the appropriate fields.
+ * 2. Create the value ToBeSigned by encoding the Sig_structure to a
+ * byte string, using the encoding described in Section 9.
+ * 3. Call the signature creation algorithm, passing in K (the key to
+ * sign with), alg (the algorithm to sign with), and ToBeSigned (the value to sign).
+ * 4. Strip off the DER encoding from the Signature field placed on by
+ * Java.Security. Even though RFC 9052 does not specify a format,
+ * The COSE Working Groups test patterns use a "Raw" (IEEE P1363) format.
+ * 5. Place the resulting signature value in the correct location.
+ * This is the "signature" field of the COSE_Signature or COSE_Sign1 structure.
*/
@NoArgsConstructor
public class CoseSignature implements SignatureFormat {
+ private static final Logger LOGGER = LogManager.getLogger(CoseSignature.class);
// COSE Generic Header
@Setter
@Getter
@@ -69,21 +71,36 @@ public class CoseSignature implements SignatureFormat {
private byte[] keyId = null;
private byte[] protectedHeaders = null;
private COSESign1Builder coseBuilder = null;
- private static final Logger LOGGER = LogManager.getLogger(CoseSignature.class);
+
+ /**
+ * Obtain the SHA-256 thumbprint of an X.509 certificate (used for embedding).
+ *
+ * @param cert The input X.509 certificate.
+ * @return The SHA-256 thumbprint corresponding to the certificate.
+ * @throws NoSuchAlgorithmException if the SHA-256 algorithm is unsupported
+ * @throws CertificateEncodingException if the certificate cannot be encoded to DER
+ */
+ public static byte[] getThumbprint(final X509Certificate cert) throws NoSuchAlgorithmException,
+ CertificateEncodingException {
+ MessageDigest md = MessageDigest.getInstance("SHA-256");
+ md.update(cert.getEncoded());
+ return md.digest();
+ }
/**
* Create toBeSigned using supplied kid and algorithm for testing only.
* Kid will be assigned to the unprotected header for tests.
- * @param algId IANA registered COSE Algorithm String
- * @param kid Key Identifier
- * @param payload data to be placed in the payload
- * @param signingCert a signing certificate used if the embedded parameter is true
- * @param embedded if true, embeds the signing certificate and thumbprint per RFC 9360
- * @param rimType the type of RIM, for use with the protected header content-type
+ *
+ * @param algId IANA registered COSE Algorithm String
+ * @param kid Key Identifier
+ * @param payload data to be placed in the payload
+ * @param signingCert a signing certificate used if the embedded parameter is true
+ * @param embedded if true, embeds the signing certificate and thumbprint per RFC 9360
+ * @param rimType the type of RIM, for use with the protected header content-type
* @param useUnprotectedKid will place kid in unprotected header if true
* @return the COSE_Sign1 toBeSigned data
- * @throws CertificateEncodingException
- * @throws NoSuchAlgorithmException
+ * @throws CertificateEncodingException if an error occurs during certificate encoding or decoding.
+ * @throws NoSuchAlgorithmException if the requested algorithm is not available in the system.
*/
public byte[] createToBeSigned(final int algId, final byte[] kid, final byte[] payload,
final X509Certificate signingCert, final boolean useUnprotectedKid,
@@ -133,12 +150,14 @@ public byte[] createToBeSigned(final int algId, final byte[] kid, final byte[] p
/**
* Follows the "The steps for verifying a signature are" of section 4.4. of rfc9052 Signing
* and Verification Process.
- * https://datatracker.ietf.org/doc/html/rfc9052#section-4.4
- * Steps 1 and 2.
- * Note that step 3 (verify, the final step) is handled by a Cryptographic Engine
+ * rfc9052 Signing
+ * * and Verification Process
+ * Steps 1 and 2.
+ * Note that step 3 (verify, the final step) is handled by a Cryptographic Engine
*
* @param coseData byte array holding the data to be verified
* @return toBeVerified data
+ * @throws IOException if an I/O error occurs during processing.
*/
public byte[] getToBeVerified(final byte[] coseData) throws IOException {
processCose(coseData, true);
@@ -150,10 +169,11 @@ public byte[] getToBeVerified(final byte[] coseData) throws IOException {
* used for signature verification.
* Uses the protected header from the signed structure and the supplied payload
* to create the toBeVerified data.
- * @param coseData
+ *
+ * @param coseData byte array representation of the sCOSE data
* @param detachedPayload a detached signature (Cose detached content) which is actually just the payload
* @return toBeVerfied data to be used with the java signature verification
- * @throws IOException
+ * @throws IOException if an I/O error occurs during processing.
*/
public byte[] getToBeVerified(final byte[] coseData, final byte[] detachedPayload) throws IOException {
COSEProtectedHeader pheader = processCose(coseData, false);
@@ -162,11 +182,12 @@ public byte[] getToBeVerified(final byte[] coseData, final byte[] detachedPayloa
/**
* Parses a cose object and populated this classes member variables.
- * @param coseData signed cose object
+ *
+ * @param coseData signed cose object
* @param genToBeSinged if true the toBeSigned variable will be populated.
* Should be set to false when processing a detached signature
* @return a protected header object
- * @throws IOException
+ * @throws IOException if an I/O error occurs while attempting to process the COSE data.
*/
private COSEProtectedHeader processCose(final byte[] coseData, final boolean genToBeSinged)
throws IOException {
@@ -195,7 +216,7 @@ private COSEProtectedHeader processCose(final byte[] coseData, final boolean gen
COSEUnprotectedHeader uheader = signOne.getUnprotectedHeader();
status = "Checking Cose headers for required Algorithm Identifier";
if (pheader.getAlg() != null) {
- Object algObject = (Object) pheader.getAlg();
+ Object algObject = pheader.getAlg();
if (algObject instanceof String) { // library will return a String if algorithm is unknown
String sAlg = (String) pheader.getAlg();
if (sAlg.compareToIgnoreCase("unknown") == 0) {
@@ -235,7 +256,8 @@ private COSEProtectedHeader processCose(final byte[] coseData, final boolean gen
/**
* Creates the toBeSigned structure from a pre-processed header and payload data.
- * @param data byte array holding to be signed data
+ *
+ * @param data byte array holding to be signed data
* @param pHeader cose header to be included in final cose object
* @return the COSE_Sign1 toBeSigned data
*/
@@ -254,26 +276,27 @@ private byte[] finalizeToBeSigned(final byte[] data, final COSEProtectedHeader p
}
/**
- * Performs step 4 of the "How to compute a signature" section.
- * from https://datatracker.ietf.org/doc/html/rfc9052#section-4.4
- *
- * 4. Place the resulting signature value in the correct location.
- * This is the "signature" field of the COSE_Signature or COSE_Sign1 structure.
+ * Performs step 4 of the "How to compute a signature" section.
+ * from https://datatracker.ietf.org/doc/html/rfc9052#section-4.4
+ *
+ * 4. Place the resulting signature value in the correct location.
+ * This is the "signature" field of the COSE_Signature or COSE_Sign1 structure.
*
- * @param signatureBytes data generated from step 3. Note step 3 is performed by a Cryptographic Engine
+ * @param signatureBytes data generated from step 3. Note step 3 is performed by a Cryptographic Engine
*/
@Override
- public void addSignature(final byte[] signatureBytes) throws IOException {
+ public void addSignature(final byte[] signatureBytes) {
signature = signatureBytes.clone();
coseBuilder.signature(signatureBytes);
}
/**
* Encodes the signature data an updates class variables.
- * @return byte array holding the singed data
+ *
+ * @return byte array holding the signed data
*/
@Override
- public byte[] getSignedData() throws IOException {
+ public byte[] getSignedData() {
COSESign1 sigData = coseBuilder.build();
// Set local variables for future use
// byte[] rawSignature = sigData.getSignature().getValue();
@@ -282,21 +305,6 @@ public byte[] getSignedData() throws IOException {
return taggedCose.encode().clone();
}
- /**
- * Obtain the SHA-256 thumbprint of an X.509 certificate (used for embedding).
- *
- * @param cert The input X.509 certificate.
- * @return The SHA-256 thumbprint corresponding to the certificate.
- * @throws NoSuchAlgorithmException if the SHA-256 algorithm is unsupported
- * @throws CertificateEncodingException if the certificate cannot be encoded to DER
- */
- public static byte[] getThumbprint(final X509Certificate cert) throws NoSuchAlgorithmException,
- CertificateEncodingException {
- MessageDigest md = MessageDigest.getInstance("SHA-256");
- md.update(cert.getEncoded());
- return md.digest();
- }
-
/**
* Provides a nil CBOR object as defined for supporting "Detached signatures"
* (referred to as "detached content" in rfc 9052).
@@ -307,7 +315,8 @@ public void setNilPayload() {
/**
* Validates the thumbprint of a given protected header and certificate contents.
- * @param cert The embedded cert to validate.
+ *
+ * @param cert The embedded cert to validate.
* @param pHeader The protected header contents (containing thumbprint) to validate against.
* @return True if the contents are validated; false otherwise.
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/specificationLookups/PlatformClass.java b/HIRS_Utils/src/main/java/hirs/utils/specificationLookups/PlatformClass.java
index c56cc8107..29b116aa1 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/specificationLookups/PlatformClass.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/specificationLookups/PlatformClass.java
@@ -8,9 +8,9 @@
/**
* Enum to lookup values for platform class specified by section 4 of the following registry.
- * @see
- * Registry of Reserved TPM 2.0 Handles and Localities
+ *
+ * @see
+ * Registry of Reserved TPM 2.0 Handles and Localities
*/
@Getter
@AllArgsConstructor
@@ -32,9 +32,6 @@ public enum PlatformClass {
MULTITENANT(0xE, "Multi Tenant (Deprecated)"),
TC(0xF, "TC (Deprecated)");
- private final int platformClassId;
- private final String comments;
-
/**
* Map of PlatformClass values.
*/
@@ -46,8 +43,12 @@ public enum PlatformClass {
}
}
+ private final int platformClassId;
+ private final String comments;
+
/**
* Searches platform class array for match to an enum value.
+ *
* @param platformClassId int id of the platform class you want to look up
* @return the corresponding platform class
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/specificationLookups/package-info.java b/HIRS_Utils/src/main/java/hirs/utils/specificationLookups/package-info.java
index c202bb398..96a012d37 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/specificationLookups/package-info.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/specificationLookups/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains utility classes that do quick specification lookups.
+ */
package hirs.utils.specificationLookups;
diff --git a/HIRS_Utils/src/main/java/hirs/utils/swid/CredentialParser.java b/HIRS_Utils/src/main/java/hirs/utils/swid/CredentialParser.java
index 0e276633d..cafe9283f 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/swid/CredentialParser.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/swid/CredentialParser.java
@@ -84,7 +84,7 @@ public void parseJKSCredentials(final String jksKeystore) {
* extracting the certificate, private key, and public key.
*
* @param certificateFile the path to the PEM-encoded certificate file
- * @param privateKeyFile the path to the PEM-encoded private key file
+ * @param privateKeyFile the path to the PEM-encoded private key file
* @throws Exception if parsing fails or the certificate is self-signed
*/
public void parsePEMCredentials(final String certificateFile, final String privateKeyFile)
@@ -126,8 +126,7 @@ public X509Certificate parseCertFromPEMString(final String pemString) throws Cer
* @param certificateFile the path to the PEM certificate file
* @return a list of X509Certificate objects parsed from the file
*/
- public List parseCertsFromPEM(final String certificateFile)
- throws FileNotFoundException {
+ public List parseCertsFromPEM(final String certificateFile) {
return parsePEMCertificates(certificateFile);
}
@@ -250,8 +249,8 @@ private KeyPair getPKCS1KeyPair(final String filename) throws IOException {
* This method returns the private key from a JKS keystore.
*
* @param keystoreFile the path to the JKS keystore file
- * @param alias the alias of the key entry in the keystore
- * @param password the password for the keystore and key entry
+ * @param alias the alias of the key entry in the keystore
+ * @param password the password for the keystore and key entry
* @return the PrivateKeyEntry containing the private key and certificate
*/
private KeyStore.PrivateKeyEntry parseKeystorePrivateKey(final String keystoreFile,
@@ -275,6 +274,8 @@ private KeyStore.PrivateKeyEntry parseKeystorePrivateKey(final String keystoreFi
* This method returns the authorityInfoAccess from an X509Certificate.
*
* @return a formatted string listing the AIA information from the certificate
+ * @throws IOException if an I/O error occurs while trying to retrieve the certificate authority info
+ * access.
*/
public String getCertificateAuthorityInfoAccess() throws IOException {
StringBuilder sb = new StringBuilder("Authority Info Access:\n");
@@ -298,7 +299,7 @@ public String getCertificateAuthorityInfoAccess() throws IOException {
* This method returns the subjectKeyIdentifier from the local X509Certificate.
*
* @return the String representation of the subjectKeyIdentifier
- * @throws IOException
+ * @throws IOException if an I/O error occurs while retrieving the certificate subject key identifier.
*/
public String getCertificateSubjectKeyIdentifier() throws IOException {
byte[] extension = certificate.getExtensionValue(Extension.subjectKeyIdentifier.getId());
@@ -314,7 +315,7 @@ public String getCertificateSubjectKeyIdentifier() throws IOException {
*
* @param certificate the cert to pull the subjectKeyIdentifier from
* @return the String representation of the subjectKeyIdentifier
- * @throws IOException
+ * @throws IOException if an I/O error occurs while retrieving the certificate subject key identifier.
*/
public String getCertificateSubjectKeyIdentifier(final X509Certificate certificate) throws IOException {
byte[] extension = certificate.getExtensionValue(Extension.subjectKeyIdentifier.getId());
diff --git a/HIRS_Utils/src/main/java/hirs/utils/swid/HashSwid.java b/HIRS_Utils/src/main/java/hirs/utils/swid/HashSwid.java
index 1cdda7f69..fb39e3d2d 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/swid/HashSwid.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/swid/HashSwid.java
@@ -23,31 +23,15 @@ public class HashSwid {
/**
* Getter method for the hash that uses 256 bit hash.
+ *
* @param filepath the file to hash.
* @return the SHA-256 hash of the file's contents, as a hexadecimal string.
+ * @throws Exception if any issues arise while retrieving the SHA256 hash
*/
public static String get256Hash(final String filepath) throws Exception {
return getHashValue(filepath, SHA256);
}
- /**
- * Getter method for the hash that uses 384 bit hash.
- * @param filepath the file to hash.
- * @return the SHA-384 hash of the file's contents, as a hexadecimal string.
- */
- public String get384Hash(final String filepath) throws Exception {
- return getHashValue(filepath, SHA384);
- }
-
- /**
- * Getter method for the hash that uses 512 bit hash.
- * @param filepath the file to hash.
- * @return the SHA-512 hash of the file's contents, as a hexadecimal string.
- */
- public String get512Hash(final String filepath) throws Exception {
- return getHashValue(filepath, SHA512);
- }
-
/**
* This method creates the hash based on the provided algorithm
* only accessible through helper methods.
@@ -56,8 +40,9 @@ public String get512Hash(final String filepath) throws Exception {
* getHashValue() below.
*
* @param filepath file contents to hash
- * @param sha the algorithm to use for the hash
+ * @param sha the algorithm to use for the hash
* @return the hash of the file's contents, as a hexadecimal string
+ * @throws Exception if any issues arise while retrieving the hash value
*/
private static String getHashValue(final String filepath, final String sha) throws Exception {
String resultString = null;
@@ -74,7 +59,7 @@ private static String getHashValue(final String filepath, final String sha) thro
String errorMessage = "Error hashing file " + filepath + ": ";
if (e instanceof UnsupportedEncodingException
|| e instanceof NoSuchAlgorithmException) {
- errorMessage += ((Exception) e).getMessage();
+ errorMessage += e.getMessage();
} else if (e instanceof IOException) {
errorMessage += "error reading file.";
}
@@ -87,6 +72,7 @@ private static String getHashValue(final String filepath, final String sha) thro
/**
* This method is a public access hash function that operates on a string
* value and uses default assumptions on the salt and algorithm.
+ *
* @param value string object to hash
* @return the Base64-encoded SHA-256 hash of the file
*/
@@ -107,8 +93,8 @@ public static String getHashValue(final String value) {
} catch (UnsupportedEncodingException | NoSuchAlgorithmException grex) {
System.out.println(grex.getMessage());
} catch (IOException ioEx) {
- System.out.println(String.format("%s: %n%s is not valid...",
- ioEx.getMessage(), value));
+ System.out.printf("%s: %n%s is not valid...%n",
+ ioEx.getMessage(), value);
} finally {
try {
if (bis != null) {
@@ -125,5 +111,27 @@ public static String getHashValue(final String value) {
return Base64.getEncoder().encodeToString(hash);
}
+
+ /**
+ * Getter method for the hash that uses 384 bit hash.
+ *
+ * @param filepath the file to hash.
+ * @return the SHA-384 hash of the file's contents, as a hexadecimal string.
+ * @throws Exception if any issues arise while retrieving the SHA384 hash.
+ */
+ public String get384Hash(final String filepath) throws Exception {
+ return getHashValue(filepath, SHA384);
+ }
+
+ /**
+ * Getter method for the hash that uses 512 bit hash.
+ *
+ * @param filepath the file to hash.
+ * @return the SHA-512 hash of the file's contents, as a hexadecimal string.
+ * @throws Exception if any issues arise while retrieving the SHA512 hash.
+ */
+ public String get512Hash(final String filepath) throws Exception {
+ return getHashValue(filepath, SHA512);
+ }
}
diff --git a/HIRS_Utils/src/main/java/hirs/utils/swid/SwidTagGateway.java b/HIRS_Utils/src/main/java/hirs/utils/swid/SwidTagGateway.java
index d701d7ed9..e6ba1d053 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/swid/SwidTagGateway.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/swid/SwidTagGateway.java
@@ -175,7 +175,7 @@ public SwidTagGateway() {
/**
* This method generates a base RIM from the values in a JSON file.
*
- * @param filename
+ * @param filename json filename
*/
public void generateSwidTag(final String filename) {
Document swidtag = builder.newDocument();
@@ -261,7 +261,7 @@ private Document assembleCompositePayload(final JsonObject configProperties) thr
* This method writes a Document object out to the file specified by generatedFile.
*
* @param swidTag the XML representing the SWID tag to write
- * @param output the file path to write the SWID tag to
+ * @param output the file path to write the SWID tag to
*/
public void writeSwidTagFile(final Document swidTag, final String output) {
try {
@@ -571,6 +571,7 @@ private Document convertToDocument(final JAXBElement element) {
/**
* This method signs a SoftwareIdentity with an xmldsig in compatibility mode.
* Current assumptions: digest method SHA256, signature method SHA256, enveloped signature
+ *
* @param doc the XML {@link Document} representing the SoftwareIdentity to sign
* @return the signed XML {@link Document}
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/swid/package-info.java b/HIRS_Utils/src/main/java/hirs/utils/swid/package-info.java
index 91c5a00fb..53e2b1fd0 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/swid/package-info.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/swid/package-info.java
@@ -1 +1,4 @@
+/**
+ * Contains all Swid and Swid-related files.
+ */
package hirs.utils.swid;
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java
index c6a1e2659..497a45664 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java
@@ -8,36 +8,44 @@
* Abstract base class to process the DEVICE_SECURITY_EVENT_DATA or ..DATA2 event.
* Parses event data per PFP v1.06 Rev52 Tables 20 and 26.
* The event data comes in 2 forms:
- * . 1) DEVICE_SECURITY_EVENT_DATA or
- * . 2) DEVICE_SECURITY_EVENT_DATA2
+ * 1) DEVICE_SECURITY_EVENT_DATA or
+ * 2) DEVICE_SECURITY_EVENT_DATA2
+ *
* The first 2 fields of the respective headers are the same in both ..DATA and ..DATA2.
+ *
* Field 1:
- * . The first 16 bytes of the event data header MUST be a String based identifier (Signature),
- * . per PFP. The only currently defined Signatures are "SPDM Device Sec" and "SPDM Device Sec2",
- * . which implies the data is a DEVICE_SECURITY_EVENT_DATA or ..DATA2, respectively.
+ * The first 16 bytes of the event data header MUST be a String based identifier (Signature),
+ * per PFP. The only currently defined Signatures are "SPDM Device Sec" and "SPDM Device Sec2",
+ * which implies the data is a DEVICE_SECURITY_EVENT_DATA or ..DATA2, respectively.
+ *
* Field 2:
- * . The Version field also indicates whether the Device Security Event is ..DATA or ..DATA2.
+ * The Version field also indicates whether the Device Security Event is ..DATA or ..DATA2.
*
* DEVICE SECURITY EVENT structures defined by PFP v1.06 Rev 52:
- *
* typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER or HEADER2 {
* . UINT8 Signature[16];
* . UINT16 Version;
* . ... ...
* . (The rest of the components are different for HEADER vs HEADER2)
* }
- *
+ *
*/
@Getter
public abstract class DeviceSecurityEvent {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java
index 2fe954746..bb6181f7d 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java
@@ -5,12 +5,13 @@
/**
* Class to process DEVICE_SECURITY_EVENT_DATA.
* Parses event data per PFP v1.06 Rev52 Table 20.
- *
*/
public class DeviceSecurityEventData extends DeviceSecurityEvent {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java
index bc3813b4b..c774405b6 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java
@@ -5,13 +5,13 @@
/**
* Class to process DEVICE_SECURITY_EVENT_DATA2.
* Parses event data per PFP v1.06 Rev52 Table 26.
- *
*/
public class DeviceSecurityEventData2 extends DeviceSecurityEvent {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java
index f984ad39c..389cd888c 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java
@@ -8,12 +8,13 @@
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT is a common SPDM structure which includes the
* identification of the device, device vendor, subsystem, etc. Device can be either a PCI
* or USB connection.
- *
*/
@Getter
public abstract class DeviceSecurityEventDataDeviceContext {
@@ -22,18 +23,22 @@ public abstract class DeviceSecurityEventDataDeviceContext {
* Device Security Event Data Device Type = no device type.
*/
public static final int DEVICE_TYPE_NONE = 0;
+
/**
* Device Security Event Data Device Type = DEVICE_TYPE_PCI.
*/
public static final int DEVICE_TYPE_PCI = 1;
+
/**
* Device Security Event Data Device Type = DEVICE_TYPE_USB.
*/
public static final int DEVICE_TYPE_USB = 2;
+
/**
* PCI Version.
*/
private int version = 0;
+
/**
* PCI Length.
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java
index ecacfdbf7..55154413d 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java
@@ -9,7 +9,7 @@
* returned by the SPDM "GET_MEASUREMENTS" function.
*
*/
public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader {
@@ -31,38 +31,46 @@ public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader {
* Auth state - success.
*/
public static final int AUTH_SUCCESS = 0;
+
/**
* Auth state - digital signature of the data is valid, but the public key certificate chain is not
* validated with the entry in the UEFI device signature variable.
*/
public static final int AUTH_NO_AUTHORITY = 1;
+
/**
* Auth state - digital signature of the measurement data is valid, but the reported device capabilities,
* negotiated parameters or certificate chains were not validated by a transcript.
*/
public static final int AUTH_NO_BINDING = 2;
+
/**
* Auth state - data has no digital signature.
*/
public static final int AUTH_FAIL_NO_SIG = 3;
+
/**
* Auth state - data is invalid.
*/
public static final int AUTH_FAIL_INVALID = 4;
+
/**
* Auth state - device is not an SPDM-capable device.
*/
public static final int AUTH_NO_SPDM = 0xFF;
+
/**
* Event auth state.
*/
@Getter
private int authState = 0;
+
/**
* Event data length.
*/
@Getter
private int length = 0;
+
/**
* Event sub headerType.
* SUBHEADERTYPE_MEAS_BLOCK = 0
@@ -70,11 +78,13 @@ public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader {
*/
@Getter
private int subHeaderType = -1;
+
/**
* Event sub header length.
*/
@Getter
private int subHeaderLength = 0;
+
/**
* Event sub header UID.
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeader.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeader.java
index 620c9a906..442dfdd3a 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeader.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeader.java
@@ -3,13 +3,13 @@
/**
* Class to process the DEVICE_SECURITY_EVENT_DATA_SUB_HEADER event per PFP.
*
- *
*/
public abstract class DeviceSecurityEventDataSubHeader {
@@ -17,6 +17,7 @@ public abstract class DeviceSecurityEventDataSubHeader {
* Sub header type - SPDM measurement block.
*/
public static final int SUBHEADERTYPE_MEAS_BLOCK = 0;
+
/**
* Sub header type - SPDM cert chain.
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java
index 348a26c70..b7a9123a9 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java
@@ -13,7 +13,7 @@
/**
* Class to process the DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK event per PFP.
*
- *
* SpdmMeasurementBlock is an array of SPDM_MEASUREMENT_BLOCKs
* . The size of each block is the same and can be found by either:
* . 1) 4 + SpdmMeasurementBlock MeasurementSize
@@ -30,6 +30,7 @@
* . 2) 4 + hash length of the hash algorithm found in
* . DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK SpdmMeasurementHashAlgo
* . where 4 is the size of the SpdmMeasurementBlock header
+ *
*/
public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends DeviceSecurityEventDataSubHeader {
@@ -37,21 +38,25 @@ public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends Device
* List of SPDM Measurement Blocks.
*/
private final List spdmMeasurementBlockList;
+
/**
* SPDM version.
*/
@Getter
private int spdmVersion = 0;
+
/**
* SPDM measurement block count.
*/
@Getter
private int spdmMeasurementBlockCount = 0;
+
/**
* SPDM measurement hash algorithm.
*/
@Getter
private int spdmMeasurementHashAlgo = -1;
+
/**
* Error reading SPDM Measurement Block.
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java
index 2b6760219..0137d0d23 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java
@@ -15,7 +15,8 @@
*
* HEADERS defined by PFP v1.06 Rev 52.
* Certain fields are common to both ..HEADER and ..HEADER2, and are noted below the structures.
- *
*/
public class NvIndexInstanceEventLogData {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmCertificateChain.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmCertificateChain.java
index 1d89495c0..8a0b66704 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmCertificateChain.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmCertificateChain.java
@@ -12,15 +12,18 @@
/**
* Class to process the SpdmCertificateChain.
- *
* Length: total length of cert chain including all fields in this block
* H: the output size of the hash algorithm selected by the most recent ALGORITHMS response
* . this field shall be in hash byte order
@@ -31,6 +34,7 @@
* . the hash algorithm is the DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN SpdmBaseHashAlgo
* Certificates: Complete cert chain consisting of 1 or more ASN.1 DER-encoded X.509 v3 certs
* . this field shall be in Encoded ASN.1 byte order
+ *
*/
public class SpdmCertificateChain {
@@ -41,19 +45,23 @@ public class SpdmCertificateChain {
/**
* Array List of certs found in the chain.
*/
- private final ArrayList certList = new ArrayList();
+ private final ArrayList certList = new ArrayList<>();
+
/**
* Root hash.
*/
private byte[] rootHash = null;
+
/**
* Number of certs in the SPDM cert chain.
*/
private int numberOfCerts = 0;
+
/**
* Human-readable description of any error associated with SPDM base hash alg.
*/
private String spdmBaseHashAlgoError = "";
+
/**
* Human-readable description of any error associated with parsing the X509 certs.
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java
index 9c056a27c..fb124f8d6 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java
@@ -5,14 +5,17 @@
/**
* Class to process the SpdmMeasurement.
- *
* DMTFSpecMeasurementValueType[7]
* . Indicates how bits [0:6] are represented
* . Bit = 0: Digest
@@ -23,7 +26,7 @@
* . Hardware configuration 0x2
* . Firmware configuration 0x3
* . etc.
- *
+ *
*/
public class SpdmMeasurement {
@@ -86,6 +89,7 @@ public class SpdmMeasurement {
* Measurement value (digest).
*/
private final byte[] dmtfSpecMeasurementValue;
+
/**
* Measurement value type (such as mutable firmware, etc).
*/
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java
index 8a26ac942..6cbb0db51 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java
@@ -8,14 +8,16 @@
/**
* Class to process the SpdmMeasurementBlock.
- *
+ *
+ *
* Measurement block format, defined by SPDM v1.03, Sect 10.11.1, Table 53:
* Measurement block format {
* Index 1 byte;
* MeasurementSpec 1 byte;
* MeasurementSize 2 bytes;
- * Measurement bytes;
+ * Measurement (MeasurementSize) bytes;
* }
+ *
*
* Index: index of the measurement block, as there can be more than one
* MeasurementSpec: bit mask; the measurement specification that the requested Measurement follows
@@ -26,25 +28,28 @@
*/
public class SpdmMeasurementBlock {
+ /**
+ * SPDM Measurement.
+ */
+ private final SpdmMeasurement spdmMeasurement;
+
/**
* Measurement block index, as an SPDM measurement exchange can contain several measurements.
*/
@Getter
private int index = 0;
+
/**
* Measurement Spec.
*/
@Getter
private int measurementSpec = 0;
- /**
- * SPDM Measurement.
- */
- private final SpdmMeasurement spdmMeasurement;
/**
* SpdmMeasurementBlock Constructor.
*
* @param spdmMeasBlocks byte array holding the SPDM Measurement Block bytes.
+ * @throws IOException if any issues arise creating the SPDM Measurement Block object.
*/
public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) throws IOException {
diff --git a/HIRS_Utils/src/main/java/hirs/utils/xjc/CanonicalizationMethodType.java b/HIRS_Utils/src/main/java/hirs/utils/xjc/CanonicalizationMethodType.java
index 33d09ea8c..4025f452e 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/xjc/CanonicalizationMethodType.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/xjc/CanonicalizationMethodType.java
@@ -76,10 +76,12 @@ public class CanonicalizationMethodType {
* Objects of the following type(s) are allowed in the list
* {@link Object }
* {@link String }
+ *
+ * @return list of objects that represent the content
*/
public List