TrustReport.java

/*
 * Copyright (C) 2013 Intel Corporation
 * All rights reserved.
 */
package com.intel.mtwilson.policy;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Note: passing policy name instead of policy itself because do not want to just "return policy", 
 * since that will have all the same information that you already get in the reports, and anything
 * that serializes this class would then show redundant info.  Every rule result already includes
 * the rule itself, and since there is a result for every rule in the policy,  the entire policy
 * is represented by the set of rule results.
 * 
 * The host report is also included, which is somewhat redundant but not completely, because it
 * has information that may not be present in the rules, which the UI may want to show. For example,
 * for vmware PCR 19 which has a different value for every host due to a host-specific UUID
 * being extended into it,  the UI may want to show the actual value of PCR 19. however, if the
 * rules only check for PCR integrity and for some modules to be included, then it doesn't really
 * say what is the PCR value (and if it did, it would show the expected PCR, not the actual PCR).
 * Also if module names mismatch even though their digests are the same, that wouldn't normally
 * be reflected in the results.
 * 
 * @author jbuhacoff
 */
@JsonInclude(JsonInclude.Include.NON_EMPTY)
@JsonIgnoreProperties(ignoreUnknown=true)
public class TrustReport {
    private HostReport hostReport;
    private String policyName;
    private ArrayList<RuleResult> results = new ArrayList<RuleResult>();
    private Logger log = LoggerFactory.getLogger(getClass());
    
    public TrustReport() { } // for desearializing jackson
    
    public TrustReport(HostReport hostReport, String policyName) {
        this.hostReport = hostReport;
        this.policyName = policyName;
    }
    
    public HostReport getHostReport() { return hostReport; }
    public String getPolicyName() { return policyName; }
    
    public void addResult(RuleResult result) {
        results.add(result);
    }
    
    public List<RuleResult> getResults() { return results; } // contains the set of rules and their parameters AND faults AND isTrusted for each one
 
    private boolean isTrustedForResults(List<RuleResult> list) {
        if( list.isEmpty() ) {
            return false; // empty policy is not trusted;  like RequireAllEmptySet fault.
        }
        boolean trusted = true;
        Iterator<RuleResult> it = list.iterator();
        while(it.hasNext()) {
            RuleResult result = it.next();
            trusted = trusted && result.isTrusted();
        }
        return trusted;        
    }
    
    public boolean isTrusted() {
        return isTrustedForResults(results);
    }
    
    // returns a list of trust reports corresponding to the specified marker
    // they are already included in the overall "getReports" but this allows
    // you to look specifically at what caused a specific marker to be trusted
    // or untrusted
    public List<RuleResult> getResultsForMarker(String marker) {
        ArrayList<RuleResult> markerReports = new ArrayList<RuleResult>();
        for(RuleResult report : results) {
            String[] markers = report.getRule().getMarkers();
            if( markers != null ) {
                List<String> markerList = Arrays.asList(markers);
                if( markerList.contains(marker) ) {
                    markerReports.add(report);
                }
            }
        }
        return markerReports;
    }
    
    public boolean isTrustedForMarker(String marker) {
        return isTrustedForResults(getResultsForMarker(marker));
    }
}