Merge pull request #269 from nsacyber/issue-268

[#268] Tcg_rim_tool symlink

.gitignore

@@ -55,6 +55,7 @@ SPECS/
 RPM/
 SRPM/
 PLUGIN_SOURCE/
+*.tar.gz
 
 # C++ Files #
 *.o
@@ -131,3 +132,6 @@ HIRS_AttestationCA/src/main/java/hirs/attestationca/configuration/provisionerTpm
 # these files are copied over by ProvisionerTPM2 CMake build
 HIRS_ProvisionerTPM2/config/logging.properties
 HIRS_ProvisionerTPM2/scripts/tpm_aca_provision
+
+# tcg_rim_tool files
+tools/tcg_rim_tool/generated_swidTag.swidtag

tools/tcg_rim_tool/package.sh

@@ -6,8 +6,8 @@ pushd $SCRIPT_DIR
 
 name="tcg_rim_tool"
 
-tar -cf $name.tar build.gradle gradle* src/ docs/ rim_fields.json keystore.jks
-gzip $name.tar
+tar -cf $name.tar build.gradle gradle* src/ docs/ rim_fields.json keystore.jks scripts/
+gzip -f $name.tar
 if [ -d rpmbuild ]; then
 	rm -rf rpmbuild
 fi

tools/tcg_rim_tool/scripts/rimtool.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# Calls the the_tcg_rim_tool and passes in parameters
+scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")")
+baseDir=${scriptDir%/*}
+jar="tcg_rim_tool-1.0.jar";
+java -jar $baseDir/$jar "$@"
+

tools/tcg_rim_tool/src/main/java/hirs/swid/utils/HashSwid.java

@@ -49,7 +49,7 @@ public class HashSwid {
     }
 
     /**
-     * This method creates the hash based on the provided algorithm and salt
+     * This method creates the hash based on the provided algorithm
      * only accessible through helper methods.
      *
      * This method assumes an input file that is small enough to read in its
@@ -57,7 +57,6 @@ public class HashSwid {
      * getHashValue() below.
      * 
      * @param filepath file contents to hash
-     * @param salt random value to make the hash stronger
      * @param sha the algorithm to use for the hash
      * @return 
      */

tools/tcg_rim_tool/src/test/java/hirs/swid/TestSwidTagGateway.java

@@ -39,7 +39,7 @@ public class TestSwidTagGateway {
 
 	/**
 	 * This test corresponds to the arguments:
-	 * -c base -k privateRimKey.pem -p RimSignCert.pem
+	 * -c base -l TpmLog.bin -k privateRimKey.pem -p RimSignCert.pem
 	 */
 	@Test
 	public void testCreateBaseWithCert() throws URISyntaxException {
@@ -53,8 +53,7 @@ public class TestSwidTagGateway {
 
 	/**
 	 * This test corresponds to the arguments:
-	 * -c base
-	 * -c base -a <path>
+	 * -c base -l TpmLog.bin
 	 */
 	@Test
 	public void testCreateBaseWithoutCert() {
@@ -66,7 +65,7 @@ public class TestSwidTagGateway {
 
 	/**
 	 * This test corresponds to the arguments:
-	 * -v <path> -p RimSignCert.pem
+	 * -v <path>
 	 */
 	@Test
 	public void testValidateSwidTag() {

tools/tcg_rim_tool/src/test/resources/generated_no_cert.swidtag

@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
 <SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="TCG RIM example" patch="false" supplemental="false" tagId="hirs.swid.SwidTags.example" tagVersion="1" version="0.1" versionScheme="multipartnumeric" xml:lang="en">
-  <Entity name="HIRS" role="softwareCreator tagCreator"/>
+  <Entity name="HIRS" regid="www.example.com" role="softwareCreator tagCreator"/>
   <Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
   <Meta xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" rim:bindingSpec="IOT RIM" rim:bindingSpecVersion="1.2" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:rimLinkHash="88f21d8e44d4271149297404df91caf207130bfa116582408abd04ede6db7f51"/>
   <Payload>
     <Directory name="iotBase">
-      <File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" SHA256:hash="8c6eb10211067d48734c393de37b52303658492457e6222e23dafa6b52486022" name="TpmLog.bin" size="7549"/>
+      <File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" SHA256:hash="4479ca722623f8c47b703996ced3cbd981b06b1ae8a897db70137e0b7c546848" name="TpmLog.bin" size="7549"/>
     </Directory>
   </Payload>
   <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -17,14 +17,14 @@
           <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
         </Transforms>
         <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
-        <DigestValue>h/jXVVy84NklF+ym8qeNfDEohLKKNLhr35iZ6vage7M=</DigestValue>
+        <DigestValue>jpPZu16C8KjtwY2JpJuyR3SBc2XclVEaVsv/DgyZKTM=</DigestValue>
       </Reference>
     </SignedInfo>
-    <SignatureValue>huu759PPTMaugu+6/c3JAv/Cb6eCiRxK5i5Mx2IpptDDjbDh9P1931KPEivmG8eZHgbGRFDgUviB
-qHcvd4A8KpIdx1GfebPBGBVqnAHvIgAQp1ZOMFIjtYsJTFKrwG12Yc7uA8qdGLCXZ8OlEvim3P/9
-VECXziVXAaEdC4IlaAt86XfbK+z5r2hFKSErYJZws45x1oZcBVXo9wZd7x0EyU0rMTGQbV5QbDsP
-LOuWmG2t9jlR7Yu7gxJbhFrPJdI/Q6+JsmsnqKB47dVtXCp84lrlZg48S/nZ0OC62EmEHvzilx4C
-y2fM/M0LbkZc5Ms8HD92YBsNF3UL3bHxnJT+YQ==</SignatureValue>
+    <SignatureValue>pWPozFWH2oytfgZse1Ai769c/cBFS/vapKj27asI8XDLdK8FkNs2K/+OTf4lScBiPLTCvWPIihoe
+hielmV8dWZqvR2z09pr+yCF7q/E8sCGhQXSsVlNZjElMXk2Qz2c6C9XtRk4UNmSfTSYsKEm2AST4
+oh6da+x1CeSHipALfuZZrXwa2AMtc9yTNfqaQFBxRqEDeTypLwNQqdr9va2T8C9ZNnEzooTf5FWw
+OUqc+Ewk5V9ZyOJ/0UdUxs40mGPpsIG90ikx59eu1A4qP4BzjHR3vrNbYDA4hBeIpDHC4vzwJrR4
+xqXw1SLqAm8ngL9Haj2Ww+y0PEZfo++JlOMZuQ==</SignatureValue>
     <KeyInfo>
       <KeyName>2fdeb8e7d030a2209daa01861a964fedecf2bcc1</KeyName>
       <KeyValue>

tools/tcg_rim_tool/src/test/resources/generated_with_cert.swidtag

@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
 <SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="TCG RIM example" patch="false" supplemental="false" tagId="hirs.swid.SwidTags.example" tagVersion="1" version="0.1" versionScheme="multipartnumeric" xml:lang="en">
-  <Entity name="HIRS" role="softwareCreator tagCreator"/>
+  <Entity name="HIRS" regid="www.example.com" role="softwareCreator tagCreator"/>
   <Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
   <Meta xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" rim:bindingSpec="IOT RIM" rim:bindingSpecVersion="1.2" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:rimLinkHash="88f21d8e44d4271149297404df91caf207130bfa116582408abd04ede6db7f51"/>
   <Payload>
     <Directory name="iotBase">
-      <File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" SHA256:hash="8c6eb10211067d48734c393de37b52303658492457e6222e23dafa6b52486022" name="TpmLog.bin" size="7549"/>
+      <File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" SHA256:hash="4479ca722623f8c47b703996ced3cbd981b06b1ae8a897db70137e0b7c546848" name="TpmLog.bin" size="7549"/>
     </Directory>
   </Payload>
   <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -17,14 +17,14 @@
           <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
         </Transforms>
         <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
-        <DigestValue>h/jXVVy84NklF+ym8qeNfDEohLKKNLhr35iZ6vage7M=</DigestValue>
+        <DigestValue>jpPZu16C8KjtwY2JpJuyR3SBc2XclVEaVsv/DgyZKTM=</DigestValue>
       </Reference>
     </SignedInfo>
-    <SignatureValue>huu759PPTMaugu+6/c3JAv/Cb6eCiRxK5i5Mx2IpptDDjbDh9P1931KPEivmG8eZHgbGRFDgUviB
-qHcvd4A8KpIdx1GfebPBGBVqnAHvIgAQp1ZOMFIjtYsJTFKrwG12Yc7uA8qdGLCXZ8OlEvim3P/9
-VECXziVXAaEdC4IlaAt86XfbK+z5r2hFKSErYJZws45x1oZcBVXo9wZd7x0EyU0rMTGQbV5QbDsP
-LOuWmG2t9jlR7Yu7gxJbhFrPJdI/Q6+JsmsnqKB47dVtXCp84lrlZg48S/nZ0OC62EmEHvzilx4C
-y2fM/M0LbkZc5Ms8HD92YBsNF3UL3bHxnJT+YQ==</SignatureValue>
+    <SignatureValue>pWPozFWH2oytfgZse1Ai769c/cBFS/vapKj27asI8XDLdK8FkNs2K/+OTf4lScBiPLTCvWPIihoe
+hielmV8dWZqvR2z09pr+yCF7q/E8sCGhQXSsVlNZjElMXk2Qz2c6C9XtRk4UNmSfTSYsKEm2AST4
+oh6da+x1CeSHipALfuZZrXwa2AMtc9yTNfqaQFBxRqEDeTypLwNQqdr9va2T8C9ZNnEzooTf5FWw
+OUqc+Ewk5V9ZyOJ/0UdUxs40mGPpsIG90ikx59eu1A4qP4BzjHR3vrNbYDA4hBeIpDHC4vzwJrR4
+xqXw1SLqAm8ngL9Haj2Ww+y0PEZfo++JlOMZuQ==</SignatureValue>
     <KeyInfo>
       <X509Data>
         <X509SubjectName>CN=example.RIM.signer,OU=PCClient,O=Example,ST=VA,C=US</X509SubjectName>

tools/tcg_rim_tool/tcg_rim_tool.spec

@@ -10,8 +10,7 @@ Source0:     	%{name}.tar.gz
 BuildRequires:  java-headless >= 1:1.8.0
 
 %description
-This tool will generate a root RIM file for PC clients in accordance with the schema located at http://standards.iso.org/iso/19770/-2/2015/schema.xsd.  The generated RIM can either be empty if no arguments are given, or contain a payload if an input file is provided.  The tool can also verify a given RIMfile against the schema. Use -h or --help to see a list of commands and uses.
-
+This tool will generate a base RIM file for PC clients in accordance with the schema located at http://standards.iso.org/iso/19770/-2/2015/schema.xsd.  The generated RIM can either be empty if no arguments are given, or contain a payload if an input file is provided.  The tool can also verify a given RIMfile against the schema. Use -h or --help to see a list of commands and uses.
 
 %prep
 %setup -q -c -n %{name}
@@ -23,15 +22,21 @@ rm -f /opt/hirs/rimtool/%{name}*.jar
 ./gradlew build
 
 %install
-mkdir -p %{buildroot}/opt/hirs/rimtool/
+mkdir -p %{buildroot}/opt/hirs/rimtool/ %{buildroot}/usr/local/bin
 cp build/libs/%{name}-%{version}.jar %{buildroot}/opt/hirs/rimtool/
 cp ./rim_fields.json %{buildroot}/opt/hirs/rimtool/
 cp ./keystore.jks %{buildroot}/opt/hirs/rimtool/
+cp -r ./scripts/ %{buildroot}/opt/hirs/rimtool/
+ln -sf /opt/hirs/rimtool/scripts/rimtool.sh %{buildroot}/usr/local/bin/rim
 
 %files
 /opt/hirs/rimtool/%{name}-%{version}.jar
 /opt/hirs/rimtool/rim_fields.json
 /opt/hirs/rimtool/keystore.jks
+/opt/hirs/rimtool/scripts
+/usr/local/bin/rim
+
+%attr(755, root, root) /opt/hirs/rimtool/scripts/rimtool.sh
 
 %changelog
 * Mon Jun 15 2020 chubtub