ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-31 00:24:00 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

[#863] Placed Dependencies and Dependency Versions In TOML file (#885)
Some checks failed
Dotnet Provisioner Unit Tests / Restore and Run Unit Tests (ubuntu-20.04) (push) Has been cancelled
Details
Dotnet Provisioner Unit Tests / Restore and Run Unit Tests (windows-2022) (push) Has been cancelled
Details
HIRS Build and Unit Test / ACA_Provisioner_Unit_Tests (push) Has been cancelled
Details
HIRS System Tests / DockerTests (push) Has been cancelled
Details
Dotnet Provisioner Unit Tests / Evaluate Tests (push) Has been cancelled
Details

Browse Source 
* issue_863: Successfully moved all the dependencies to toml file and currently replacing dependencies listed in the build.gradle file with the ones referenced in the toml file

* issue_863: finished updating dependency versions. Ready for PR

* issue_863: downgraded versions since there was an issue with the dependencies versions and the ci/cd pipeline in git. will update each depedency slowly to ensure that upgrades are down correctly.

* issue_863: upgrading this slowly but surely

* issue_863: upgrading this slowly but surely again. testing to see if github's ci/cd is happy still with these set of changes.

* issue_863: upgrading this slowly but surely again. testing to see if github's ci/cd is happy still with these set of changes (again)

* issue_863: upgrading this slowly but surely again. testing to see if github's ci/cd is happy still with these set of changes (again) partIII

* issue_863: Part IV of upgrading this slowly  to see if github's ci/cd is happy still with these set of changes (again)

* issue_863: Part V of upgrading this slowly  to see if github's ci/cd is happy still with these set of changes (again)

* issue_863: Part VI of updating dependencies slowly

* issue_863: Part VII of updating dependencies

* issue_863: Part 8 of updating dependencies

* issue_863: Part 9 of updating dependencies

* issue_863: Part 10 of updating dependencies

* issue_863: Part 12 of updating dependencies

* issue_863: Part 13 of updating dependencies

* issue_863: Part 14 of updating dependencies

* issue_863: Part 15 of updating dependencies

* issue_863: Updating tomcat core.

* issue_863: removed some critical vulnerable dependencies

* issue_863: updated spring boot version. second try at it.

* issue_863: undid spring update. need to figure out how to smoothly transition to newer spring.

* issue_863: updated spring boot, hibernate, and spring retry. Removed an unused dependency.

* issue_863: removed unused dependencies and am currently resolving critical vulnerable dependendcies

* issue_863: reverted changes from last commit. let's see if that makes a difference

* issue_863: Updated gradle version, fixed more vulnerabilities, now figuring what to do with the remaining vulnerabilities.

* issue_863: Updated gradle plugins version, fixed more vulnerabilities, now figuring what to do with the remaining vulnerabilities.

* issue_863: Updated gradle plugins version again. Ready for PR. Vulnerability issues will be addressed in another PR. I've cut down vulnerabilities by quite a lot and I want to test the new OWASP plugin against the remaining vulnerabilities.

* issue_863: Finishing touches to the PR. Upgraded some more dependencies and removed unused one.

* issue_863: Removed testng from codebase. Has been officially replaced with spring junit.
This commit is contained in:
ThatSilentCoder 2025-01-13 09:53:04 -05:00 committed by GitHub
parent ad0966941d
commit 11691e5b29
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
14 changed files with 491 additions and 615 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
HIRS_AttestationCA/build.gradle
View File

@ -1,20 +1,6 @@
plugins {
id 'java'
id 'io.spring.dependency-management' version '1.1.0'
id 'io.spring.dependency-management' version '1.1.7'
id 'com.google.protobuf' version '0.9.4'
id 'checkstyle'
}
java {
toolchain {
languageVersion = JavaLanguageVersion.of(17)
}
}
repositories {
mavenCentral()
flatDir { dirs "lib" }
}
configurations {
@ -27,63 +13,42 @@ dependencies {
implementation project(':HIRS_Utils')
implementation project(':HIRS_Structs')
implementation 'org.springframework.boot:spring-boot-starter-data-jpa:3.0.1'
implementation 'com.github.darrachequesne:spring-data-jpa-datatables:6.0.1'
implementation 'org.springframework.retry:spring-retry:2.0.0'
implementation libs.springdatajpa
implementation libs.bouncycastle
implementation libs.commons.codec
implementation libs.commons.io
implementation libs.commons.lang3
implementation libs.jakarta.api
implementation libs.jakarta.xml
implementation libs.hibernate.core
implementation libs.pci
implementation libs.guava
implementation libs.jackson.core
implementation libs.jackson.databind
implementation libs.jakarta.persistence.api
implementation libs.jakarta.xml
implementation libs.spring.boot.starter.log4j2
implementation libs.minimal.json
// pull the pci dependency and ...
implementation libs.pci
// and explicitly include the patched version of the apache http client dependency
implementation libs.apacheHttpClient
implementation libs.protobuf.java
implementation 'org.apache.logging.log4j:log4j-core:2.19.0'
implementation 'org.apache.logging.log4j:log4j-api:2.19.0'
implementation libs.spring.boot.starter.data.jpa
implementation libs.spring.retry
implementation libs.spring.boot.starter.web
implementation libs.spring.framework.webmvc
testImplementation 'org.apache.directory.studio:org.apache.commons.io:2.4'
testImplementation 'org.hamcrest:hamcrest:2.2'
testImplementation 'org.junit.jupiter:junit-jupiter:5.9.3'
testImplementation 'org.junit.platform:junit-platform-launcher:1.9.3'
testImplementation 'org.mockito:mockito-core:4.2.0'
testImplementation 'org.springframework:spring-test:6.0.8'
compileOnly "com.github.spotbugs:spotbugs-annotations:${spotBugAnnotationVersion}"
annotationProcessor "com.github.spotbugs:spotbugs-annotations:${spotBugAnnotationVersion}"
// spring management
compileOnly libs.lombok
implementation libs.lombok
annotationProcessor libs.lombok
compileOnly libs.spotbugs.annotations
annotationProcessor libs.spotbugs.annotations
testImplementation libs.commons.io
testImplementation libs.spring.boot.starter.test
testCompileOnly libs.lombok
testAnnotationProcessor libs.lombok
}
checkstyle {
toolVersion = '10.12.7'
configFile file("${rootDir}/config/checkstyle/checkstyle.xml")
}
// https://github.com/checkstyle/checkstyle/issues/14211#issuecomment-1884129948
configurations.checkstyle {
resolutionStrategy.capabilitiesResolution.withCapability("com.google.collections:google-collections") {
select("com.google.guava:guava:0")
}
}
checkstyleMain {
source = 'src/main/java'
}
checkstyleTest {
source = 'src/test/java'
}
tasks.withType(Checkstyle) {
reports {
xml.required = false
html.required = true
}
}
protobuf {
protoc {
artifact = 'com.google.protobuf:protoc:3.24.3'

4
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/UserDefinedEntity.java
View File

@ -19,10 +19,10 @@ public abstract class UserDefinedEntity extends ArchivableEntity {
@Column(nullable = false, unique = true)
@NonNull
private String name;
private String name = "";
@ToString.Exclude
@Column(nullable = false, unique = false)
@Column(nullable = false)
@NonNull
private String description = "";

87
HIRS_AttestationCAPortal/build.gradle
View File

@ -1,25 +1,17 @@
plugins {
id 'application'
id 'java'
id 'war'
id 'com.netflix.nebula.ospackage' version '11.8.0'
id 'org.springframework.boot' version '3.0.6'
id 'io.spring.dependency-management' version '1.1.0'
id 'checkstyle'
id 'com.netflix.nebula.ospackage' version '11.10.0'
id 'org.springframework.boot' version '3.0.13'
id 'io.spring.dependency-management' version '1.1.7'
}
// Get version from main project gradle
def packVersion = properties.get("packageVersion");
def jarVersion = properties.get("jarVersion");
def projVersion = properties.get("projVersion");
def packVersion = properties.get("packageVersion")
def jarVersion = properties.get("jarVersion")
def projVersion = properties.get("projVersion")
//println "packageVersion is ${projVersion}"
java {
toolchain {
languageVersion = JavaLanguageVersion.of(17)
}
}
bootRun {
if (project.hasProperty('debug')) {
jvmArgs project.debug
@ -33,63 +25,40 @@ configurations {
all*.exclude module: 'spring-boot-starter-logging'
}
repositories {
flatDir { dirs "lib" }
mavenCentral()
}
dependencies {
implementation project(':HIRS_Utils')
implementation project(':HIRS_AttestationCA')
implementation libs.pci
implementation libs.gson
implementation libs.bouncycastle
implementation libs.guava
implementation libs.gson
implementation libs.jakarta.persistence.api
implementation libs.jakarta.servlet
implementation libs.jakarta.api
implementation libs.jakarta.xml
implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-validation'
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
implementation 'org.springframework.boot:spring-boot-starter-log4j2'
implementation 'org.apache.logging.log4j:log4j-spring-boot'
implementation 'org.projectlombok:lombok'
implementation 'commons-fileupload:commons-fileupload:1.5'
implementation 'org.apache.tomcat.embed:tomcat-embed-jasper:10.1.5'
// pull the pci dependency and ...
implementation libs.pci
// and explicitly include the patched version of the apache http client dependency
implementation libs.apacheHttpClient
compileOnly 'org.projectlombok:lombok'
implementation 'org.mariadb.jdbc:mariadb-java-client:3.1.4'
annotationProcessor 'org.projectlombok:lombok'
providedRuntime 'org.springframework.boot:spring-boot-starter-tomcat'
implementation libs.mariadb.java.client
implementation libs.spring.boot.starter.web
//implementation libs.spring.framework.webmvc
implementation libs.spring.boot.starter.validation
implementation libs.spring.boot.starter.data.jpa
implementation libs.spring.boot.starter.log4j2
implementation libs.tomcat.embed.jasper
testImplementation 'org.springframework.boot:spring-boot-starter-test'
testImplementation 'org.junit.jupiter:junit-jupiter:5.9.3'
testImplementation 'org.hsqldb:hsqldb'
}
compileOnly libs.lombok
annotationProcessor libs.lombok
checkstyle {
toolVersion = '10.12.7'
configFile file("${rootDir}/config/checkstyle/checkstyle.xml")
}
// https://github.com/checkstyle/checkstyle/issues/14211#issuecomment-1884129948
configurations.checkstyle {
resolutionStrategy.capabilitiesResolution.withCapability("com.google.collections:google-collections") {
select("com.google.guava:guava:0")
}
}
checkstyleMain {
source = 'src/main/java'
}
checkstyleTest {
source = 'src/test/java'
}
tasks.withType(Checkstyle) {
reports {
xml.required = false
html.required = true
}
providedRuntime libs.spring.boot.starter.tomcat
testImplementation libs.hsqldb
testImplementation libs.spring.boot.starter.test
testCompileOnly libs.lombok
testAnnotationProcessor libs.lombok
}
test {

55
HIRS_Structs/build.gradle
View File

@ -1,56 +1,19 @@
plugins {
id 'java'
id 'checkstyle'
}
java {
toolchain {
languageVersion = JavaLanguageVersion.of(17)
}
}
repositories {
mavenCentral()
flatDir { dirs "lib" }
}
dependencies {
implementation 'org.apache.commons:commons-lang3:3.13.0'
implementation libs.commons.lang3
// testCompile libs.mockito
testImplementation 'org.junit.jupiter:junit-jupiter:5.9.3'
testImplementation 'org.junit.platform:junit-platform-launcher:1.9.3'
testImplementation 'org.hamcrest:hamcrest:2.2'
compileOnly libs.lombok
annotationProcessor libs.lombok
testImplementation libs.spring.boot.starter.test
testCompileOnly libs.lombok
testAnnotationProcessor libs.lombok
}
test {
useJUnitPlatform()
}
checkstyle {
toolVersion = '10.12.7'
configFile file("${rootDir}/config/checkstyle/checkstyle.xml")
}
// https://github.com/checkstyle/checkstyle/issues/14211#issuecomment-1884129948
configurations.checkstyle {
resolutionStrategy.capabilitiesResolution.withCapability("com.google.collections:google-collections") {
select("com.google.guava:guava:0")
}
}
checkstyleMain {
source = 'src/main/java'
}
checkstyleTest {
source = 'src/test/java'
}
tasks.withType(Checkstyle) {
reports {
xml.required = false
html.required = true
}
}
//publishing {
// publications {
// maven(MavenPublication) {
@ -59,5 +22,3 @@ tasks.withType(Checkstyle) {
// }
// }
//}

71
HIRS_Utils/build.gradle
View File

@ -1,24 +1,8 @@
plugins {
id 'java'
id 'checkstyle'
}
// Get version from main project gradle
def packVersion = properties.get("packageVersion")
def jarVersion = properties.get("jarVersion")
//println "packageVersion is ${projVersion}"
java {
toolchain {
languageVersion = JavaLanguageVersion.of(17)
}
}
repositories {
mavenCentral()
flatDir { dirs "lib" }
}
configurations {
compileOnly {
extendsFrom annotationProcessor
@ -28,54 +12,33 @@ configurations {
dependencies {
implementation libs.bouncycastle
implementation libs.lombok
implementation libs.jackson.core
implementation libs.jackson.databind
implementation libs.jakarta.api
implementation libs.jakarta.xml
implementation libs.guava
implementation libs.commons.codec
implementation libs.commons.lang3
implementation libs.commons.io
implementation libs.glassfish.jaxb.runtime
implementation libs.guava
implementation libs.jackson.core
implementation libs.jackson.databind
implementation libs.jakarta.persistence.api
implementation libs.jakarta.xml
implementation libs.spring.boot.starter.log4j2
implementation libs.minimal.json
// pull the pci dependency and ...
implementation libs.pci
// and explicitly include the patched version of the apache http client dependency
implementation libs.apacheHttpClient
implementation 'org.apache.logging.log4j:log4j-core:2.19.0'
implementation 'org.apache.logging.log4j:log4j-api:2.19.0'
implementation 'org.glassfish.jaxb:jaxb-runtime:4.0.1'
implementation 'org.slf4j:slf4j-simple:1.7.30'
testImplementation 'org.junit.jupiter:junit-jupiter:5.9.3'
testImplementation 'org.junit.platform:junit-platform-launcher:1.9.3'
testImplementation 'org.hamcrest:hamcrest:2.2'
testImplementation 'org.mockito:mockito-core:4.2.0'
testImplementation project(path: ':HIRS_AttestationCA')
implementation libs.slf4j.simple
compileOnly libs.lombok
annotationProcessor libs.lombok
}
checkstyle {
toolVersion = '10.12.7'
configFile file("${rootDir}/config/checkstyle/checkstyle.xml")
}
// https://github.com/checkstyle/checkstyle/issues/14211#issuecomment-1884129948
configurations.checkstyle {
resolutionStrategy.capabilitiesResolution.withCapability("com.google.collections:google-collections") {
select("com.google.guava:guava:0")
}
}
checkstyleMain {
source = 'src/main/java'
}
checkstyleTest {
source = 'src/test/java'
}
tasks.withType(Checkstyle) {
reports {
xml.required = false
html.required = true
}
testImplementation libs.spring.boot.starter.test
testImplementation project(path: ':HIRS_AttestationCA')
testCompileOnly libs.lombok
testAnnotationProcessor libs.lombok
}
test {

40
build.gradle
View File

@ -1,9 +1,13 @@
import com.github.spotbugs.snom.SpotBugsTask
import java.util.concurrent.TimeUnit
plugins {
// Apply the application plugin to add support for building a CLI application in Java.
id 'application'
id 'com.github.spotbugs' version '6.0.4' apply false
id 'checkstyle'
id 'com.github.spotbugs' version '6.0.13' apply false
id 'java'
}
// Global checkstyle file
@ -11,12 +15,44 @@ ext.checkstyleConfigFile = new File(rootDir, "/config/checkstyle/sun_checks.xml"
subprojects {
apply plugin: "com.github.spotbugs"
apply plugin: "java"
apply plugin: "checkstyle"
repositories {
flatDir { dirs "lib" }
mavenCentral()
}
java {
toolchain {
languageVersion = JavaLanguageVersion.of(17)
}
}
checkstyle {
toolVersion = '10.20.0'
configFile file("${rootDir}/config/checkstyle/checkstyle.xml")
}
checkstyleMain {
source = 'src/main/java'
}
checkstyleTest {
source = 'src/test/java'
}
tasks.withType(Checkstyle).configureEach {
reports {
xml.required = false
html.required = true
}
}
spotbugs {
excludeFilter = file('config/spotbugs/spotbugs-exclude.xml')
}
tasks.withType(com.github.spotbugs.snom.SpotBugsTask) {
tasks.withType(SpotBugsTask).configureEach {
reports {
html.required = true
}

6
gradle.properties
View File

@ -1,7 +1,5 @@
excludeGroups=rhel-6,performance
includeGroups=
org.gradle.daemon=true
org.gradle.jvmargs=-Xms256m -Xmx1024m
org.gradle.caching=true
#dependency versions
spotBugAnnotationVersion=4.8.6
org.gradle.jvmargs=-Xms1g -Xmx4g
org.gradle.caching=true

68
gradle/versions.toml Normal file
View File

@ -0,0 +1,68 @@
[versions]
apacheHttpClientVersion = "4.5.14"
bouncyCastleVersion = "1.79"
commonsCodecVersion = "1.17.1"
commonsIoVersion = "2.18.0"
commonsLang3Version = "3.17.0"
gsonVersion = "2.11.0"
glassfishJakartaJsonVersion = "2.0.1"
glassfishJaxbRuntimeVersion = "4.0.5"
guavaVersion = "33.3.1-jre"
jacksonVersion = "2.18.2"
jakartaPersistenceApiVersion = "3.2.0"
jakartaServletVersion = "3.0.0"
jakartaXmlVersion = "4.0.2"
jcommanderVersion = "2.0"
lombokVersion = "1.18.36"
mariadbVersion = "3.5.1"
minimalJsonVersion = "0.9.5"
ospackageVersion = "11.2.0"
pciVersion = "0.3"
protobufJavaVersion = "4.28.3"
springBootVersion = "3.4.0"
springCoreVersion = "6.2.1"
springRetryVersion = "2.0.10"
tomcatVersion = "10.1.33"
#test dependencies versions
hsqldbVersion = "2.7.3"
slf4jVersion = "2.0.16"
spotBugAnnotationVersion = "4.8.6"
[libraries]
apacheHttpClient = { module = "org.apache.httpcomponents:httpclient", version.ref = "apacheHttpClientVersion" }
bouncycastle = { module = "org.bouncycastle:bcmail-jdk18on", version.ref = "bouncyCastleVersion" }
commons-codec = { module = "commons-codec:commons-codec", version.ref = "commonsCodecVersion" }
commons-io = { module = "commons-io:commons-io", version.ref = "commonsIoVersion" }
commons-lang3 = { module = "org.apache.commons:commons-lang3", version.ref = "commonsLang3Version" }
gson = { module = "com.google.code.gson:gson", version.ref = "gsonVersion" }
glassfish-jakarta-json = { module = "org.glassfish:jakarta.json", version.ref = "glassfishJakartaJsonVersion" }
glassfish-jaxb-runtime = { module = "org.glassfish.jaxb:jaxb-runtime", version.ref = "glassfishJaxbRuntimeVersion" }
guava = { module = "com.google.guava:guava", version.ref = "guavaVersion" }
jackson-core = { module = "com.fasterxml.jackson.core:jackson-core", version.ref = "jacksonVersion" }
jackson-databind = { module = "com.fasterxml.jackson.core:jackson-databind", version.ref = "jacksonVersion" }
jakarta-persistence-api = { module = "jakarta.persistence:jakarta.persistence-api", version.ref = "jakartaPersistenceApiVersion" }
jakarta-servlet = { module = "org.glassfish.web:jakarta.servlet.jsp.jstl", version.ref = "jakartaServletVersion" }
jakarta-xml = { module = "jakarta.xml.bind:jakarta.xml.bind-api", version.ref = "jakartaXmlVersion" }
jcommander = { module = "org.jcommander:jcommander", version.ref = "jcommanderVersion" }
lombok = { module = "org.projectlombok:lombok", version.ref = "lombokVersion" }
mariadb-java-client = { module = "org.mariadb.jdbc:mariadb-java-client", version.ref = "mariadbVersion" }
minimal-json = { module = "com.eclipsesource.minimal-json:minimal-json", version.ref = "minimalJsonVersion" }
pci = { module = "com.github.marandus:pci-ids", version.ref = "pciVersion" }
protobuf-java = { module = "com.google.protobuf:protobuf-java", version.ref = "protobufJavaVersion" }
slf4j-simple = { module = "org.slf4j:slf4j-simple", version.ref = "slf4jVersion" }
spring-boot-starter-data-jpa = { module = "org.springframework.boot:spring-boot-starter-data-jpa", version.ref = "springBootVersion" }
spring-boot-starter-log4j2 = { module = "org.springframework.boot:spring-boot-starter-log4j2", version.ref = "springBootVersion" }
spring-boot-starter-tomcat = { module = "org.springframework.boot:spring-boot-starter-tomcat", version.ref = "springBootVersion" }
spring-boot-starter-validation = { module = "org.springframework.boot:spring-boot-starter-validation", version.ref = "springBootVersion" }
spring-boot-starter-web = { module = "org.springframework.boot:spring-boot-starter-web", version.ref = "springBootVersion" }
spring-framework-webmvc = { module = "org.springframework:spring-webmvc", version.ref = "springCoreVersion" }
spring-retry = { module = "org.springframework.retry:spring-retry", version.ref = "springRetryVersion" }
tomcat-embed-jasper = { module = "org.apache.tomcat.embed:tomcat-embed-jasper", version.ref = "tomcatVersion" }
# test dependencies
hsqldb = { module = "org.hsqldb:hsqldb", version.ref = "hsqldbVersion" }
spring-boot-starter-test = { module = "org.springframework.boot:spring-boot-starter-test", version.ref = "springBootVersion" }
spotbugs-annotations = { module = "com.github.spotbugs:spotbugs-annotations", version.ref = "spotBugAnnotationVersion" }
[plugins]

2
gradle/wrapper/gradle-wrapper.properties vendored
View File

@ -1,6 +1,6 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.3-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.11.1-bin.zip
networkTimeout=10000
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists

32
settings.gradle
View File

@ -9,34 +9,8 @@ include 'HIRS_Utils',
dependencyResolutionManagement {
versionCatalogs {
libs {
version('springboot', '3.0.1')
version('jackson', '2.14.2')
library('commons-codec', 'commons-codec:commons-codec:1.15')
library('commons_io', 'commons-io:commons-io:2.11.0')
library('commons-lang3', 'org.apache.commons:commons-lang3:3.13.0')
library('bouncycastle', 'org.bouncycastle:bcmail-jdk18on:1.77')
library('glassfish_json', 'org.glassfish:javax.json:1.1.4')
library('glassfish_jaxb_runtime', 'org.glassfish.jaxb:jaxb-runtime:2.3.1')
library('gson', 'com.google.code.gson:gson:2.10.1')
library('guava', 'com.google.guava:guava:31.1-jre')
library('minimal-json', 'com.eclipsesource.minimal-json:minimal-json:0.9.5')
library('protobuf-java', 'com.google.protobuf:protobuf-java:3.24.1')
library('jakarta-servlet', 'org.glassfish.web:jakarta.servlet.jsp.jstl:3.0.0')
library('jakarta-api', 'jakarta.persistence:jakarta.persistence-api:3.1.0')
library('jakarta-xml', 'jakarta.xml.bind:jakarta.xml.bind-api:4.0.0')
library('jcommander', 'org.jcommander:jcommander:1.83')
library('hibernate-core', 'org.hibernate:hibernate-core:6.1.7.Final')
library('jackson-core', 'com.fasterxml.jackson.core', 'jackson-core').versionRef('jackson')
library('jackson-databind', 'com.fasterxml.jackson.core', 'jackson-databind').versionRef('jackson')
library('pci', 'com.github.marandus:pci-ids:0.3')
library('ospackage', 'com.netflix.nebula:gradle-ospackage-plugin:11.2.0')
library('springdatajpa', 'org.springframework.boot:spring-boot-starter-web:3.0.1')
// library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-data-jpa').version('springboot')
// library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-web').version('springboot')
// library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-validation').version('springboot')
library('lombok', 'org.projectlombok:lombok:1.18.26')
library('testng', 'org.testng:testng:7.4.0')
create("libs") {
from(files("gradle/versions.toml"))
}
}
}
}

114
tools/tcg_eventlog_tool/build.gradle
View File

@ -1,67 +1,33 @@
import java.util.concurrent.TimeUnit
plugins {
id "java"
id "com.netflix.nebula.ospackage" version "11.4.0"
id 'checkstyle'
id "com.netflix.nebula.ospackage" version "11.10.0"
}
// Get version from main project gradle
def packVersion = properties.get("packageVersion");
def jarVersion = properties.get("jarVersion");
java {
toolchain {
languageVersion = JavaLanguageVersion.of(17)
}
}
repositories {
mavenCentral()
flatDir { dirs "lib" }
}
dependencies {
dependencies {
implementation project(':HIRS_Utils')
implementation libs.jcommander
implementation libs.commons.io
implementation libs.jcommander
}
ext.configDir = new File(projectDir, 'config')
checkstyle {
toolVersion = '10.12.7'
configFile file("${rootDir}/config/checkstyle/checkstyle.xml")
}
// https://github.com/checkstyle/checkstyle/issues/14211#issuecomment-1884129948
configurations.checkstyle {
resolutionStrategy.capabilitiesResolution.withCapability("com.google.collections:google-collections") {
select("com.google.guava:guava:0")
}
}
checkstyleMain {
source ='src/main/java'
}
tasks.withType(Checkstyle) {
reports {
xml.required = false
html.required = true
}
}
jar {
// Keep jar clean:
exclude 'META-INF/*.SF', 'META-INF/*.DSA', 'META-INF/*.RSA', 'META-INF/*.MF'
duplicatesStrategy = DuplicatesStrategy.EXCLUDE
manifest {
attributes(
"Main-Class": "hirs.tcg_eventlog.Main",
'Class-Path':configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
)
}
from {
configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) }
}
//jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
archiveVersion = jarVersion
"Main-Class": "hirs.tcg_eventlog.Main",
'Class-Path': configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
)
}
from {
configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) }
}
//jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
archiveVersion = jarVersion
}
// Produce packages
@ -75,37 +41,37 @@ ospackage {
user 'root'
fileMode = 0755
into ('/opt/eltool/lib') {
from jar.outputs.files
from configurations.runtimeClasspath
into('/opt/eltool/lib') {
from jar.outputs.files
from configurations.runtimeClasspath
}
into ('/opt/eltool/scripts') {
from ('scripts') {
exclude {
FileTreeElement details ->
details.file.name.endsWith('.bat')
into('/opt/eltool/scripts') {
from('scripts') {
exclude {
FileTreeElement details ->
details.file.name.endsWith('.bat')
}
}
}
}
into ('/opt/eltool/docs') {
from ('docs') {
exclude {
FileTreeElement details ->
details.file.name.endsWith('.odt')
}
into('/opt/eltool/docs') {
from('docs') {
exclude {
FileTreeElement details ->
details.file.name.endsWith('.odt')
}
}
from('./') {
include {
FileTreeElement details ->
details.file.name.endsWith('.md')
}
}
from('./') {
include {
FileTreeElement details ->
details.file.name.endsWith('.md')
}
}
}
// Copy vendor-table into /tmp to avoid conflict with the ACA
into('/opt/eltool/default-properties') {
from ('../../HIRS_Utils/src/main/resources/vendor-table.json') {
fileMode 0664
addParentDirs = true
from('../../HIRS_Utils/src/main/resources/vendor-table.json') {
fileMode 0664
addParentDirs = true
}
}
@ -129,11 +95,11 @@ ospackage {
}
task buildZip(type: Zip){
task buildZip(type: Zip) {
dependsOn jar
from(tasks.jar.archiveFile){
rename( filename ->
"${project.name}.jar")
from(tasks.jar.archiveFile) {
rename(filename ->
"${project.name}.jar")
into '/'
}

148
tools/tcg_rim_tool/build.gradle
View File

@ -1,83 +1,53 @@
plugins {
id "java"
id 'com.netflix.nebula.ospackage' version '11.4.0'
id 'com.intershop.gradle.jaxb' version '5.1.0'
id 'checkstyle'
id 'com.netflix.nebula.ospackage' version '11.10.0'
id 'com.intershop.gradle.jaxb' version '7.0.1'
}
// Get version from main project gradle
def packVersion = properties.get("packageVersion");
def jarVersion = properties.get("jarVersion");
java {
toolchain {
languageVersion = JavaLanguageVersion.of(17)
}
}
repositories {
mavenCentral()
flatDir { dirs "lib" }
}
dependencies {
implementation project(':HIRS_Utils')
implementation project(':HIRS_Utils')
implementation libs.bouncycastle
implementation libs.glassfish.json
implementation libs.glassfish.jaxb.runtime
implementation libs.jcommander
implementation libs.jakarta.api
implementation libs.jakarta.xml
implementation libs.commons.codec
implementation libs.hibernate.core
implementation libs.jackson.databind
implementation 'org.apache.logging.log4j:log4j-core:2.19.0'
implementation libs.guava
implementation libs.bouncycastle
implementation libs.commons.codec
implementation libs.glassfish.jakarta.json
implementation libs.glassfish.jaxb.runtime
implementation libs.guava
implementation libs.jcommander
implementation libs.jackson.databind
implementation libs.jakarta.persistence.api
implementation libs.jakarta.xml
implementation libs.spring.boot.starter.log4j2
implementation libs.spring.boot.starter.data.jpa
compileOnly libs.lombok
implementation libs.lombok
compileOnly libs.lombok
annotationProcessor libs.lombok
testImplementation libs.testng
testImplementation libs.spring.boot.starter.test
testCompileOnly libs.lombok
testAnnotationProcessor libs.lombok
}
test {
testLogging.showStandardStreams true
}
checkstyle {
toolVersion = '10.12.7'
configFile file("${rootDir}/config/checkstyle/checkstyle.xml")
}
// https://github.com/checkstyle/checkstyle/issues/14211#issuecomment-1884129948
configurations.checkstyle {
resolutionStrategy.capabilitiesResolution.withCapability("com.google.collections:google-collections") {
select("com.google.guava:guava:0")
}
}
checkstyleMain {
source ='src/main/java'
}
tasks.withType(Checkstyle) {
reports {
xml.required = false
html.required = true
}
testLogging.showStandardStreams true
}
jar {
exclude 'META-INF/*.SF', 'META-INF/*.DSA', 'META-INF/*.RSA', 'META-INF/*.MF'
duplicatesStrategy = DuplicatesStrategy.EXCLUDE
manifest {
attributes "Main-Class": "hirs.swid.Main"
}
manifest {
attributes "Main-Class": "hirs.swid.Main"
from {
configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) }
}
//jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
archiveVersion = jarVersion
}
from {
configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) }
}
//jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
archiveVersion = jarVersion
}
ospackage {
@ -90,32 +60,32 @@ ospackage {
user 'root'
fileMode = 0755
into ('/opt/rimtool/lib') {
into('/opt/rimtool/lib') {
from jar.outputs.files
from configurations.runtimeClasspath
from 'libs'
}
into ('/opt/rimtool/scripts') {
from ('scripts') {
exclude {
FileTreeElement details ->
details.file.name.endsWith('.bat')
into('/opt/rimtool/scripts') {
from('scripts') {
exclude {
FileTreeElement details ->
details.file.name.endsWith('.bat')
}
}
}
into('/opt/rimtool/docs') {
from('./') {
include {
FileTreeElement details ->
details.file.name.endsWith('.md')
}
}
}
into('/opt/rimtool/data') {
from('src/test/resources/') {
}
}
}
into ('/opt/rimtool/docs') {
from('./') {
include {
FileTreeElement details ->
details.file.name.endsWith('.md')
}
}
}
into ('/opt/rimtool/data') {
from('src/test/resources/') {
}
}
link("/usr/local/bin/rim", "/opt/rimtool/scripts/rimtool.sh", 0x755)
// Post Install
@ -125,37 +95,37 @@ ospackage {
}
buildRpm {
arch = X86_64
arch = X86_64
}
buildDeb {
arch = 'amd64'
}
task buildZip(type: Zip){
task buildZip(type: Zip) {
dependsOn jar
dependsOn jar
from(tasks.jar.archiveFile){
rename( filename ->
from(tasks.jar.archiveFile) {
rename(filename ->
"${project.name}.jar")
into '/'
}
from('./build/resources/test/rim_fields.json'){
from('./build/resources/test/rim_fields.json') {
into '/'
}
from('../../.ci/tcg-rim-tool/configs/Base_Rim_Config.json'){
from('../../.ci/tcg-rim-tool/configs/Base_Rim_Config.json') {
into '/'
}
from('../../.ci/tcg-rim-tool/eventlogs/TpmLog.bin'){
from('../../.ci/tcg-rim-tool/eventlogs/TpmLog.bin') {
into '/'
}
from('../../.ci/tcg-rim-tool/keys/PC_OEM1_rim_signer_rsa_3k_sha384.key'){
from('../../.ci/tcg-rim-tool/keys/PC_OEM1_rim_signer_rsa_3k_sha384.key') {
into '/'
}
from('../../.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem'){
from('../../.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem') {
into '/'
}
from('../../.ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem'){
from('../../.ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem') {
into '/'
}

20
tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
View File

@ -9,6 +9,10 @@ import hirs.utils.xjc.ObjectFactory;
import hirs.utils.xjc.ResourceCollection;
import hirs.utils.xjc.SoftwareIdentity;
import hirs.utils.xjc.SoftwareMeta;
import jakarta.json.Json;
import jakarta.json.JsonException;
import jakarta.json.JsonObject;
import jakarta.json.JsonReader;
import jakarta.xml.bind.JAXBContext;
import jakarta.xml.bind.JAXBElement;
import jakarta.xml.bind.JAXBException;
@ -17,10 +21,6 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import javax.json.Json;
import javax.json.JsonException;
import javax.json.JsonObject;
import javax.json.JsonReader;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dom.DOMStructure;
@ -190,6 +190,7 @@ public class SwidTagGateway {
/**
* Setter for timestamp format in XML signature
*
* @param timestampFormat
*/
public void setTimestampFormat(String timestampFormat) {
@ -198,6 +199,7 @@ public class SwidTagGateway {
/**
* Setter for timestamp input - RFC3852 + file or RFC3339 + value
*
* @param timestampArgument
*/
public void setTimestampArgument(String timestampArgument) {
@ -269,7 +271,7 @@ public class SwidTagGateway {
writeSwidTagFile(signedSoftwareIdentity, filename);
} else {
System.out.println("The following fields cannot be empty or null: "
+ errorRequiredFields.substring(0, errorRequiredFields.length()-2));
+ errorRequiredFields.substring(0, errorRequiredFields.length() - 2));
System.exit(1);
}
} catch (JsonException e) {
@ -555,6 +557,7 @@ public class SwidTagGateway {
addNonNullAttribute(attributes, key, value);
}
}
/**
* This utility method checks if an attribute value is empty before adding it to the map.
*
@ -707,7 +710,8 @@ public class SwidTagGateway {
/**
* This method creates a timestamp element and populates it with data according to
* the RFC format set in timestampFormat. The element is returned within an XMLObject.
* @param doc the Document representing the XML to be signed
*
* @param doc the Document representing the XML to be signed
* @param sigFactory the SignatureFactory object
* @return an XMLObject containing the timestamp element
*/
@ -735,7 +739,7 @@ public class SwidTagGateway {
timeStampElement = doc.createElementNS(SwidTagConstants.RFC3339_NS,
SwidTagConstants.RFC3339_PFX + ":TimeStamp");
timeStampElement.setAttributeNS("http://www.w3.org/2000/xmlns/",
"xmlns:" + SwidTagConstants.RFC3339_PFX, SwidTagConstants.RFC3339_NS);
"xmlns:" + SwidTagConstants.RFC3339_PFX, SwidTagConstants.RFC3339_NS);
if (timestampArgument.isEmpty()) {
timeStampElement.setAttributeNS(SwidTagConstants.RFC3339_NS,
SwidTagConstants.RFC3339_PFX + ":" + SwidTagConstants.DATETIME,
@ -754,7 +758,7 @@ public class SwidTagGateway {
SignatureProperties signatureProperties = sigFactory.newSignatureProperties(
Collections.singletonList(signatureProperty), null);
XMLObject xmlObject = sigFactory.newXMLObject(
Collections.singletonList(signatureProperties), null,null,null);
Collections.singletonList(signatureProperties), null, null, null);
return xmlObject;
}

374
tools/tcg_rim_tool/src/test/java/hirs/swid/TestSwidTagGateway.java
View File

@ -1,208 +1,210 @@
package hirs.swid;
import hirs.utils.rim.ReferenceManifestValidator;
import org.junit.jupiter.api.Test;
import org.springframework.test.context.event.annotation.AfterTestClass;
import org.springframework.test.context.event.annotation.BeforeTestClass;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.AfterClass;
import org.testng.annotations.Test;
import static org.junit.jupiter.api.Assertions.assertTrue;
public class TestSwidTagGateway {
private SwidTagGateway gateway;
private ReferenceManifestValidator validator;
private final String DEFAULT_OUTPUT = "generated_swidTag.swidtag";
private final String BASE_USER_CERT = "generated_user_cert.swidtag";
private final String BASE_USER_CERT_EMBED = "generated_user_cert_embed.swidtag";
private final String BASE_DEFAULT_CERT = "generated_default_cert.swidtag";
private final String BASE_RFC3339_TIMESTAMP = "generated_timestamp_rfc3339.swidtag";
private final String BASE_RFC3852_TIMESTAMP = "generated_timestamp_rfc3852.swidtag";
private final String ATTRIBUTES_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("rim_fields.json").getPath();
private final String JKS_KEYSTORE_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("keystore.jks").getPath();
private final String SIGNING_CERT_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("RimSignCert.pem").getPath();
private final String PRIVATE_KEY_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("privateRimKey.pem").getPath();
private final String CA_CHAIN_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("RimCertChain.pem").getPath();
private final String SUPPORT_RIM_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("TpmLog.bin").getPath();
private final String RFC3852_COUNTERSIGNATURE_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("counterSignature.file").getPath();
private InputStream expectedFile;
private final String DEFAULT_OUTPUT = "generated_swidTag.swidtag";
private final String BASE_USER_CERT = "generated_user_cert.swidtag";
private final String BASE_USER_CERT_EMBED = "generated_user_cert_embed.swidtag";
private final String BASE_DEFAULT_CERT = "generated_default_cert.swidtag";
private final String BASE_RFC3339_TIMESTAMP = "generated_timestamp_rfc3339.swidtag";
private final String BASE_RFC3852_TIMESTAMP = "generated_timestamp_rfc3852.swidtag";
private final String ATTRIBUTES_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("rim_fields.json").getPath();
private final String JKS_KEYSTORE_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("keystore.jks").getPath();
private final String SIGNING_CERT_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("RimSignCert.pem").getPath();
private final String PRIVATE_KEY_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("privateRimKey.pem").getPath();
private final String CA_CHAIN_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("RimCertChain.pem").getPath();
private final String SUPPORT_RIM_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("TpmLog.bin").getPath();
private final String RFC3852_COUNTERSIGNATURE_FILE = TestSwidTagGateway.class.getClassLoader()
.getResource("counterSignature.file").getPath();
private SwidTagGateway gateway;
private ReferenceManifestValidator validator;
private InputStream expectedFile;
@BeforeClass
public void setUp() throws Exception {
gateway = new SwidTagGateway();
gateway.setRimEventLog(SUPPORT_RIM_FILE);
gateway.setAttributesFile(ATTRIBUTES_FILE);
validator = new ReferenceManifestValidator();
validator.setRimEventLog(SUPPORT_RIM_FILE);
validator.setTrustStoreFile(CA_CHAIN_FILE);
}
@BeforeTestClass
public void setUp() throws Exception {
gateway = new SwidTagGateway();
gateway.setRimEventLog(SUPPORT_RIM_FILE);
gateway.setAttributesFile(ATTRIBUTES_FILE);
validator = new ReferenceManifestValidator();
validator.setRimEventLog(SUPPORT_RIM_FILE);
validator.setTrustStoreFile(CA_CHAIN_FILE);
}
@AfterClass
public void tearDown() throws Exception {
if (expectedFile != null) {
expectedFile.close();
}
}
@AfterTestClass
public void tearDown() throws Exception {
if (expectedFile != null) {
expectedFile.close();
}
}
/**
* This test corresponds to the arguments:
* -c base -l TpmLog.bin -k privateRimKey.pem -p RimSignCert.pem
* where RimSignCert.pem has the AIA extension.
*/
@Test
public void testCreateBaseUserCertNotEmbedded() {
gateway.setDefaultCredentials(false);
gateway.setPemCertificateFile(SIGNING_CERT_FILE);
gateway.setPemPrivateKeyFile(PRIVATE_KEY_FILE);
gateway.setEmbeddedCert(false);
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_USER_CERT);
Assert.assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
Assert.assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test corresponds to the arguments:
* -c base -l TpmLog.bin -k privateRimKey.pem -p RimSignCert.pem
* where RimSignCert.pem has the AIA extension.
*/
@Test
public void testCreateBaseUserCertNotEmbedded() {
gateway.setDefaultCredentials(false);
gateway.setPemCertificateFile(SIGNING_CERT_FILE);
gateway.setPemPrivateKeyFile(PRIVATE_KEY_FILE);
gateway.setEmbeddedCert(false);
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_USER_CERT);
assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test creates the following base RIM:
* -c base -l TpmLog.bin -k privateRimKey.pem -p RimSignCert.pem -e
* And then validates it:
* -v [base RIM] -l TpmLog.bin -t RimCertChain.pem
*/
@Test
public void testCreateBaseUserCertEmbedded() {
gateway.setDefaultCredentials(false);
gateway.setPemCertificateFile(SIGNING_CERT_FILE);
gateway.setPemPrivateKeyFile(PRIVATE_KEY_FILE);
gateway.setEmbeddedCert(true);
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_USER_CERT_EMBED);
Assert.assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
Assert.assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test creates the following base RIM:
* -c base -l TpmLog.bin -k privateRimKey.pem -p RimSignCert.pem -e
* And then validates it:
* -v [base RIM] -l TpmLog.bin -t RimCertChain.pem
*/
@Test
public void testCreateBaseUserCertEmbedded() {
gateway.setDefaultCredentials(false);
gateway.setPemCertificateFile(SIGNING_CERT_FILE);
gateway.setPemPrivateKeyFile(PRIVATE_KEY_FILE);
gateway.setEmbeddedCert(true);
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_USER_CERT_EMBED);
assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test corresponds to the arguments:
* -c base -l TpmLog.bin -d
*/
@Test
public void testCreateBaseDefaultCert() {
gateway.setDefaultCredentials(true);
gateway.setJksTruststoreFile(JKS_KEYSTORE_FILE);
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_DEFAULT_CERT);
Assert.assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
Assert.assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test corresponds to the arguments:
* -c base -l TpmLog.bin -d
*/
@Test
public void testCreateBaseDefaultCert() {
gateway.setDefaultCredentials(true);
gateway.setJksTruststoreFile(JKS_KEYSTORE_FILE);
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_DEFAULT_CERT);
assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test corresponds to the arguments:
* -c base -l TpmLog.bin -d --timestamp rfc3339 2023-01-01T00:00:00Z
*/
@Test
public void testCreateTimestampRfc3339() {
gateway.setDefaultCredentials(true);
gateway.setJksTruststoreFile(JKS_KEYSTORE_FILE);
gateway.setTimestampFormat("RFC3339");
gateway.setTimestampArgument("2023-01-01T00:00:00Z");
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_RFC3339_TIMESTAMP);
Assert.assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
Assert.assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test corresponds to the arguments:
* -c base -l TpmLog.bin -d --timestamp rfc3339 2023-01-01T00:00:00Z
*/
@Test
public void testCreateTimestampRfc3339() {
gateway.setDefaultCredentials(true);
gateway.setJksTruststoreFile(JKS_KEYSTORE_FILE);
gateway.setTimestampFormat("RFC3339");
gateway.setTimestampArgument("2023-01-01T00:00:00Z");
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_RFC3339_TIMESTAMP);
assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test corresponds to the arguments:
* -c base -l TpmLog.bin -d --timestamp rfc3852 countersignature.file
*/
@Test
public void testCreateTimestampRfc3852() {
gateway.setDefaultCredentials(true);
gateway.setJksTruststoreFile(JKS_KEYSTORE_FILE);
gateway.setTimestampFormat("RFC3852");
gateway.setTimestampArgument(RFC3852_COUNTERSIGNATURE_FILE);
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_RFC3852_TIMESTAMP);
Assert.assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
Assert.assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test corresponds to the arguments:
* -c base -l TpmLog.bin -d --timestamp rfc3852 countersignature.file
*/
@Test
public void testCreateTimestampRfc3852() {
gateway.setDefaultCredentials(true);
gateway.setJksTruststoreFile(JKS_KEYSTORE_FILE);
gateway.setTimestampFormat("RFC3852");
gateway.setTimestampArgument(RFC3852_COUNTERSIGNATURE_FILE);
gateway.generateSwidTag(DEFAULT_OUTPUT);
expectedFile = TestSwidTagGateway.class.getClassLoader()
.getResourceAsStream(BASE_RFC3852_TIMESTAMP);
assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
validator.setRim(DEFAULT_OUTPUT);
assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This test corresponds to the arguments:
* -v <path>
*/
/**
* This test corresponds to the arguments:
* -v <path>
*/
public void testvalidateSwidtagFile() {
String filepath = TestSwidTagGateway.class.getClassLoader()
.getResource(BASE_USER_CERT).getPath();
System.out.println("Validating file at " + filepath);
validator.setRim(DEFAULT_OUTPUT);
Assert.assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
public void testvalidateSwidtagFile() {
String filepath = TestSwidTagGateway.class.getClassLoader()
.getResource(BASE_USER_CERT).getPath();
System.out.println("Validating file at " + filepath);
validator.setRim(DEFAULT_OUTPUT);
assertTrue(validator.validateRim(SIGNING_CERT_FILE));
}
/**
* This method compares two files by bytes to determine if they are the same or not.
* @param file to be compared to the expected value.
* @return true if they are equal, false if not.
*/
private boolean compareFileBytesToExpectedFile(String file) {
FileInputStream testFile = null;
try {
int data;
testFile = new FileInputStream(file);
while ((data = testFile.read()) != -1) {
int expected = expectedFile.read();
if (data != expected) {
System.out.println("Expected: " + expected);
System.out.println("Got: " + data);
return false;
}
}
} catch (FileNotFoundException e) {
e.printStackTrace();
return false;
} catch (IOException e) {
e.printStackTrace();
return false;
} catch (NullPointerException e) {
e.printStackTrace();
return false;
} finally {
if (testFile != null) {
try {
testFile.close();
} catch (IOException e) {
e.printStackTrace();
return false;
}
}
if (expectedFile != null) {
try {
expectedFile.close();
} catch (IOException e) {
e.printStackTrace();
return false;
}
}
}
return true;
}
/**
* This method compares two files by bytes to determine if they are the same or not.
*
* @param file to be compared to the expected value.
* @return true if they are equal, false if not.
*/
private boolean compareFileBytesToExpectedFile(String file) {
FileInputStream testFile = null;
try {
int data;
testFile = new FileInputStream(file);
while ((data = testFile.read()) != -1) {
int expected = expectedFile.read();
if (data != expected) {
System.out.println("Expected: " + expected);
System.out.println("Got: " + data);
return false;
}
}
} catch (FileNotFoundException e) {
e.printStackTrace();
return false;
} catch (IOException e) {
e.printStackTrace();
return false;
} catch (NullPointerException e) {
e.printStackTrace();
return false;
} finally {
if (testFile != null) {
try {
testFile.close();
} catch (IOException e) {
e.printStackTrace();
return false;
}
}
if (expectedFile != null) {
try {
expectedFile.close();
} catch (IOException e) {
e.printStackTrace();
return false;
}
}
}
return true;
}
}