nsacyber · ThatSilentCoder · Feb 19, 2026 · Feb 20, 2026 · Feb 20, 2026 · Feb 20, 2026
diff --git a/.ci/system-tests/sys_test_common.sh b/.ci/system-tests/sys_test_common.sh
@@ -13,11 +13,11 @@ tpm2_container=hirs-provisioner1-tpm2
 checkContainerStatus() {
   container_name=$1
   container_id="$(docker ps -aqf "name=$container_name")"
-  container_status="$(docker inspect $container_id --format='{{.State.Status}}')"
+  container_status="$(docker inspect "$container_id" --format='{{.State.Status}}')"
   echo "Container id is $container_id and the status is $container_status"
 
   if [ "$container_status" != "running" ]; then
-     container_exit_code="$(docker inspect $container_id --format='{{.State.ExitCode}}')"
+     container_exit_code="$(docker inspect "$container_id" --format='{{.State.ExitCode}}')"
      echo "Container Exit Code: $container_exit_code"
      docker info
      exit 1;
@@ -146,6 +146,6 @@ setAppsettings() {
 # write_to_logs <log statement>
 writeToLogs() {
   line=$1
-  echo $line;
+  echo "$line";
   docker exec -i $aca_container /bin/bash -c "cd .. && echo '$line' >> /var/log/hirs/HIRS_AttestationCA_Portal.log"
 }
diff --git a/HIRS_AttestationCA/config/spotbugs/spotbugs-exclude.xml b/HIRS_AttestationCA/config/spotbugs/spotbugs-exclude.xml
@@ -15,9 +15,5 @@
     <Match>
         <Bug pattern="EI_EXPOSE_REP2"/>
     </Match>
-    <Match>
-        <Class name="hirs.attestationca.persist.AttestationCertificateAuthorityTest"/>
-        <Bug pattern="NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"/>
-    </Match>
 </FindBugsFilter>
 
diff --git a/...testationCA/src/main/java/hirs/attestationca/persist/AttestationCertificateAuthority.java b/...testationCA/src/main/java/hirs/attestationca/persist/AttestationCertificateAuthority.java
diff --git a/...onCA/src/main/java/hirs/attestationca/persist/RestfulAttestationCertificateAuthority.java b/...onCA/src/main/java/hirs/attestationca/persist/RestfulAttestationCertificateAuthority.java
diff --git a/...ava/hirs/attestationca/persist/entity/manager/SupplyChainValidationSummaryRepository.java b/...ava/hirs/attestationca/persist/entity/manager/SupplyChainValidationSummaryRepository.java
@@ -11,8 +11,7 @@
 import java.util.UUID;
 
 @Repository
-public interface SupplyChainValidationSummaryRepository
-        extends JpaRepository<SupplyChainValidationSummary, UUID> {
+public interface SupplyChainValidationSummaryRepository extends JpaRepository<SupplyChainValidationSummary, UUID> {
 
     /**
      * Query that retrieves a supply chain validation summary using the provided device.

diff --git a/...testationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java b/...testationCA/src/main/java/hirs/attestationca/persist/entity/tpm/TPM2ProvisionerState.java
@@ -1,6 +1,5 @@
 package hirs.attestationca.persist.entity.tpm;
 
-import hirs.attestationca.persist.entity.manager.TPM2ProvisionerStateRepository;
 import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
 import jakarta.persistence.Id;
@@ -15,15 +14,17 @@
 import java.util.Date;
 
 /**
- * This class is for saving the Identity Claim and the Nonce between the two passes of the
- * TPM 2.0 Provisioner.
+ * This class is for saving the Identity Claim and the Nonce between the two passes of the TPM 2.0 Provisioner.
  */
 @Log4j2
 @NoArgsConstructor
 @Entity
 public class TPM2ProvisionerState {
     private static final int MAX_BLOB_SIZE = 16777215;
 
+    @Column(nullable = false)
+    private final Date timestamp = new Date();
+
     @Id
     private Long firstPartOfNonce;
 
@@ -34,9 +35,6 @@ public class TPM2ProvisionerState {
     @Column(nullable = false, length = MAX_BLOB_SIZE)
     private byte[] identityClaim;
 
-    @Column(nullable = false)
-    private final Date timestamp = new Date();
-
     /**
      * Constructor.
      *
@@ -69,34 +67,6 @@ public TPM2ProvisionerState(final byte[] nonce, final byte[] identityClaim) {
         }
     }
 
-    /**
-     * Convenience method for finding the {@link TPM2ProvisionerState} associated with the nonce.
-     *
-     * @param tpm2ProvisionerStateRepository the {@link TPM2ProvisionerStateRepository}
-     *                                       to use when looking for the
-     *                                       {@link TPM2ProvisionerState}
-     * @param nonce                          the nonce to use as the key for the {@link TPM2ProvisionerState}
-     * @return the {@link TPM2ProvisionerState} associated with the nonce;
-     * null if a match is not found
-     */
-    public static TPM2ProvisionerState getTPM2ProvisionerState(
-            final TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository,
-            final byte[] nonce) {
-        try (DataInputStream dis
-                     = new DataInputStream(new ByteArrayInputStream(nonce))) {
-            long firstPartOfNonce = dis.readLong();
-            TPM2ProvisionerState stateFound = tpm2ProvisionerStateRepository
-                    .findByFirstPartOfNonce(firstPartOfNonce);
-            if (stateFound != null && Arrays.areEqual(stateFound.getNonce(), nonce)) {
-                return stateFound;
-            }
-        } catch (IOException ioEx) {
-            log.error(ioEx.getMessage());
-            return null;
-        }
-        return null;
-    }
-
     /**
      * Get the nonce.
      *