diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle index 89e43dfa..4acdd4a1 100644 --- a/tools/tcg_rim_tool/build.gradle +++ b/tools/tcg_rim_tool/build.gradle @@ -25,21 +25,10 @@ dependencies { implementation libs.glassfish.json implementation libs.glassfish.jaxb.runtime implementation libs.jcommander - implementation libs.jakarta.api - implementation libs.jakarta.xml - implementation libs.commons.codec - implementation libs.hibernate.core - implementation libs.jackson.databind - implementation 'org.apache.logging.log4j:log4j-core:2.19.0' - implementation libs.guava // implementation libs.javax.json // implementation libs.javax.jaxb // implementation libs.javax.annotation - compileOnly libs.lombok - implementation libs.lombok - annotationProcessor libs.lombok - testImplementation libs.testng } diff --git a/tools/tcg_rim_tool/gradle/wrapper/gradle-wrapper.properties b/tools/tcg_rim_tool/gradle/wrapper/gradle-wrapper.properties index 7dee5e87..52843533 100644 --- a/tools/tcg_rim_tool/gradle/wrapper/gradle-wrapper.properties +++ b/tools/tcg_rim_tool/gradle/wrapper/gradle-wrapper.properties @@ -3,4 +3,4 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-7.6-bin.zip +distributionUrl=gradle-4.5.1-all.zip diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/BaseReferenceManifest.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/BaseReferenceManifest.java deleted file mode 100644 index d9781c5e..00000000 --- a/tools/tcg_rim_tool/src/main/java/hirs/swid/BaseReferenceManifest.java +++ /dev/null @@ -1,360 +0,0 @@ -package hirs.swid; - -import com.fasterxml.jackson.annotation.JsonIgnore; -import hirs.swid.ReferenceManifest; -import hirs.swid.SwidResource; -import hirs.swid.SwidTagConstants; -import jakarta.persistence.Column; -import jakarta.persistence.Entity; -import jakarta.xml.bind.JAXBContext; -import jakarta.xml.bind.JAXBException; -import jakarta.xml.bind.UnmarshalException; -import jakarta.xml.bind.Unmarshaller; -import lombok.AccessLevel; -import lombok.Getter; -import lombok.NoArgsConstructor; -import lombok.Setter; -import lombok.extern.log4j.Log4j2; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.NodeList; -import org.xml.sax.SAXException; - -import javax.xml.transform.Source; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMResult; -import javax.xml.transform.stream.StreamSource; -import javax.xml.validation.Schema; -import javax.xml.validation.SchemaFactory; -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.ArrayList; -import java.util.Base64; -import java.util.List; - -/** - * - */ -@Log4j2 -@Getter -@Setter -@NoArgsConstructor(access = AccessLevel.PROTECTED) -@Entity -public class BaseReferenceManifest extends ReferenceManifest { - /** - * Holds the name of the 'base64Hash' field. - */ - public static final String BASE_64_HASH_FIELD = "base64Hash"; - - private static JAXBContext jaxbContext; - - @Column - @JsonIgnore - private String base64Hash = ""; - @Column - private String swidName = null; - @Column - private int swidCorpus = 0; - @Column - private String colloquialVersion = null; - @Column - private String product = null; - @Column - private String revision = null; - @Column - private String edition = null; - @Column - private String rimLinkHash = null; - @Column - private String bindingSpec = null; - @Column - private String bindingSpecVersion = null; - @Column - private String platformVersion = null; - @Column - private String payloadType = null; - @Column - private String pcURIGlobal = null; - @Column - private String pcURILocal = null; - - private String entityName = null; - private String entityRegId = null; - private String entityRole = null; - private String entityThumbprint = null; - private String linkHref = null; - private String linkRel = null; - - /** - * Support constructor for the RIM object. - * - * @param rimBytes - the file content of the uploaded file. - * @throws IOException - thrown if the file is invalid. - */ - public BaseReferenceManifest(final byte[] rimBytes) throws IOException { - this("", rimBytes); - } - - /** - * Main constructor for the RIM object. This takes in a byte array of a - * valid swidtag file and parses the information. - * - * @param fileName - string representation of the uploaded file. - * @param rimBytes byte array representation of the RIM - * @throws IOException if unable to unmarshal the string - */ - @SuppressWarnings("checkstyle:AvoidInlineConditionals") - public BaseReferenceManifest(final String fileName, final byte[] rimBytes) throws IOException { - super(rimBytes); - this.setRimType(BASE_RIM); - this.setFileName(fileName); - Document document = unmarshallSwidTag(new ByteArrayInputStream(rimBytes)); - Element softwareIdentity; - Element meta; - Element entity; - Element link; - - MessageDigest digest = null; - this.base64Hash = ""; - try { - digest = MessageDigest.getInstance("SHA-256"); - this.base64Hash = Base64.getEncoder().encodeToString( - digest.digest(rimBytes)); - } catch (NoSuchAlgorithmException noSaEx) { - log.error(noSaEx); - } - - // begin parsing valid swid tag - if (document != null) { - softwareIdentity = (Element) document.getElementsByTagName(SwidTagConstants.SOFTWARE_IDENTITY).item(0); - entity = (Element) document.getElementsByTagName(SwidTagConstants.ENTITY).item(0); - link = (Element) document.getElementsByTagName(SwidTagConstants.LINK).item(0); - meta = (Element) document.getElementsByTagName(SwidTagConstants.META).item(0); - setTagId(softwareIdentity.getAttribute(SwidTagConstants.TAGID)); - this.swidName = softwareIdentity.getAttribute(SwidTagConstants.NAME); - this.swidCorpus = Boolean.parseBoolean(softwareIdentity.getAttribute(SwidTagConstants.CORPUS)) ? 1 : 0; - this.setSwidPatch(Boolean.parseBoolean(softwareIdentity.getAttribute(SwidTagConstants.PATCH))); - this.setSwidSupplemental(Boolean.parseBoolean(softwareIdentity.getAttribute(SwidTagConstants.SUPPLEMENTAL))); - this.setSwidVersion(softwareIdentity.getAttribute(SwidTagConstants.VERSION)); - this.setSwidTagVersion(softwareIdentity.getAttribute(SwidTagConstants.TAGVERSION)); - - parseSoftwareMeta(meta); - parseEntity(entity); - parseLink(link); - } - } - - /** - * This is a helper method that parses the SoftwareMeta tag and stores the - * information in the class fields. - * - * @param softwareMeta The object to parse. - */ - private void parseSoftwareMeta(final Element softwareMeta) { - if (softwareMeta != null) { - this.colloquialVersion = softwareMeta.getAttribute(SwidTagConstants.COLLOQUIAL_VERSION); - this.product = softwareMeta.getAttribute(SwidTagConstants.PRODUCT); - this.revision = softwareMeta.getAttribute(SwidTagConstants.REVISION); - this.edition = softwareMeta.getAttribute(SwidTagConstants.EDITION); - this.rimLinkHash = softwareMeta.getAttribute(SwidTagConstants.RIM_LINK_HASH); - this.bindingSpec = softwareMeta.getAttribute(SwidTagConstants.BINDING_SPEC); - this.bindingSpecVersion = softwareMeta.getAttribute(SwidTagConstants.BINDING_SPEC_VERSION); - this.setPlatformManufacturerId(softwareMeta.getAttribute(SwidTagConstants.PLATFORM_MANUFACTURER_ID)); - this.setPlatformManufacturer(softwareMeta.getAttribute(SwidTagConstants.PLATFORM_MANUFACTURER_STR)); - this.setPlatformModel(softwareMeta.getAttribute(SwidTagConstants.PLATFORM_MODEL)); - this.platformVersion = softwareMeta.getAttribute(SwidTagConstants.PLATFORM_VERSION); - this.payloadType = softwareMeta.getAttribute(SwidTagConstants.PAYLOAD_TYPE); - this.pcURIGlobal = softwareMeta.getAttribute(SwidTagConstants.PC_URI_GLOBAL); - this.pcURILocal = softwareMeta.getAttribute(SwidTagConstants.PC_URI_LOCAL); - } else { - log.warn("SoftwareMeta Tag not found."); - } - } - - /** - * This is a helper method that parses the Entity tag and stores the - * information in the class fields. - * - * @param entity The object to parse. - */ - private void parseEntity(final Element entity) { - if (entity != null) { - this.entityName = entity.getAttribute(SwidTagConstants.NAME); - this.entityRegId = entity.getAttribute(SwidTagConstants.REGID); - this.entityRole = entity.getAttribute(SwidTagConstants.ROLE); - this.entityThumbprint = entity.getAttribute(SwidTagConstants.THUMBPRINT); - } else { - log.warn("Entity Tag not found."); - } - } - - /** - * This is a helper method that parses the Link tag and stores the - * information in the class fields. - * - * @param link The object to parse. - */ - private void parseLink(final Element link) { - if (link != null) { - this.linkHref = link.getAttribute(SwidTagConstants.HREF); - this.linkRel = link.getAttribute(SwidTagConstants.REL); - } else { - log.warn("Link Tag not found."); - } - } - - /** - * This method validates the .swidtag file at the given filepath against the - * schema. A successful validation results in the output of the tag's name - * and tagId attributes, otherwise a generic error message is printed. - * - */ - private Element getDirectoryTag() { - return getDirectoryTag(new ByteArrayInputStream(getRimBytes())); - } - - /** - * This method validates the .swidtag file at the given filepath against the - * schema. A successful validation results in the output of the tag's name - * and tagId attributes, otherwise a generic error message is printed. - * - * @param byteArrayInputStream the location of the file to be validated - */ - private Element getDirectoryTag(final ByteArrayInputStream byteArrayInputStream) { - Document document = unmarshallSwidTag(byteArrayInputStream); - Element softwareIdentity = - (Element) document.getElementsByTagName("SoftwareIdentity").item(0); - if (softwareIdentity != null) { - Element directory = (Element) document.getElementsByTagName("Directory").item(0); - - return directory; - } else { - log.error("Invalid xml for validation, please verify "); - } - - return null; - } - - /** - * This method iterates over the list of File elements under the directory. * - */ - public List getFileResources() { - return getFileResources(getRimBytes()); - } - - /** - * This method iterates over the list of File elements under the directory. - * - * @param rimBytes the bytes to find the files - * - */ - public List getFileResources(final byte[] rimBytes) { - Element directoryTag = getDirectoryTag(new ByteArrayInputStream(rimBytes)); - List validHashes = new ArrayList<>(); - NodeList fileNodeList = directoryTag.getChildNodes(); - Element file = null; - SwidResource swidResource = null; - for (int i = 0; i < fileNodeList.getLength(); i++) { - file = (Element) fileNodeList.item(i); - swidResource = new SwidResource(); - swidResource.setName(file.getAttribute(SwidTagConstants.NAME)); - swidResource.setSize(file.getAttribute(SwidTagConstants.SIZE)); - swidResource.setHashValue(file.getAttribute(SwidTagConstants._SHA256_HASH.getPrefix() + ":" - + SwidTagConstants._SHA256_HASH.getLocalPart())); - validHashes.add(swidResource); - } - - return validHashes; - } - - /** - * This method unmarshalls the swidtag found at [path] into a Document object - * and validates it according to the schema. - * - * @param byteArrayInputStream to the input swidtag - * @return the Document element at the root of the swidtag - */ - private Document unmarshallSwidTag(final ByteArrayInputStream byteArrayInputStream) { - InputStream is = null; - Document document = null; - Unmarshaller unmarshaller = null; - try { - document = removeXMLWhitespace(byteArrayInputStream); - SchemaFactory schemaFactory = SchemaFactory.newInstance(SCHEMA_LANGUAGE); - is = getClass().getClassLoader().getResourceAsStream(SwidTagConstants.SCHEMA_URL); - Schema schema = schemaFactory.newSchema(new StreamSource(is)); - if (jaxbContext == null) { - jaxbContext = JAXBContext.newInstance(SCHEMA_PACKAGE); - } - unmarshaller = jaxbContext.createUnmarshaller(); - unmarshaller.setSchema(schema); - unmarshaller.unmarshal(document); - } catch (IOException e) { - log.error(e.getMessage()); - } catch (SAXException e) { - log.error("Error setting schema for validation!"); - } catch (UnmarshalException e) { - log.error("Error validating swidtag file!"); - } catch (IllegalArgumentException e) { - log.error("Input file empty."); - } catch (JAXBException e) { - e.printStackTrace(); - } finally { - if (is != null) { - try { - is.close(); - } catch (IOException e) { - System.out.println("Error closing input stream"); - } - } - } - - return document; - } - - /** - * This method strips all whitespace from an xml file, including indents and spaces - * added for human-readability. - * - * @param byteArrayInputStream to the xml file - * @return Document object without whitespace - */ - private Document removeXMLWhitespace(final ByteArrayInputStream byteArrayInputStream) throws IOException { - TransformerFactory tf = TransformerFactory.newInstance(); - Source source = new StreamSource( - getClass().getClassLoader().getResourceAsStream("identity_transform.xslt")); - Document document = null; - if (byteArrayInputStream.available() > 0) { - try { - Transformer transformer = tf.newTransformer(source); - DOMResult result = new DOMResult(); - transformer.transform(new StreamSource(byteArrayInputStream), result); - document = (Document) result.getNode(); - } catch (TransformerConfigurationException tcEx) { - log.error("Error configuring transformer!"); - } catch (TransformerException tEx) { - log.error("Error transforming input!"); - } - } else { - throw new IOException("Input file is empty!"); - } - - return document; - } - - @Override - public String toString() { - return String.format("ReferenceManifest{swidName=%s," - + "platformManufacturer=%s," - + " platformModel=%s," - + "tagId=%s, base64Hash=%s}", - swidName, this.getPlatformManufacturer(), - this.getPlatformModel(), getTagId(), this.getBase64Hash()); - } -} diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/DigestAlgorithm.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/DigestAlgorithm.java deleted file mode 100644 index 35111dc3..00000000 --- a/tools/tcg_rim_tool/src/main/java/hirs/swid/DigestAlgorithm.java +++ /dev/null @@ -1,66 +0,0 @@ -package hirs.swid; - - -import lombok.AllArgsConstructor; -import lombok.Getter; - -/** - * Enum of digest algorithms. The enum values also provide a standardized - * algorithm name. The standardized algorithm name is a String of the algorithm - * name as defined by Java. - */ -@Getter -@AllArgsConstructor -public enum DigestAlgorithm { - /** - * MD2 digest algorithm. - */ - MD2("MD2", 16), - /** - * MD5 digest algorithm. - */ - MD5("MD5", 16), - /** - * SHA-1 digest algorithm. - */ - SHA1("SHA-1", 20), - /** - * SHA-256 digest algorithm. - */ - SHA256("SHA-256", 32), - /** - * SHA-384 digest algorithm. - */ - SHA384("SHA-384", 48), - /** - * SHA-512 digest algorithm. - */ - SHA512("SHA-512", 64), - /** - * Condition used when an algorithm is not specified and - * the size doesn't match known digests. - */ - UNSPECIFIED("NOT SPECIFIED", Integer.BYTES); - - private final String standardAlgorithmName; - private final int lengthInBytes; - - /** - * Returns a DigestAlgorithm object given a String. The String is expected to be one of the - * options for standardAlgorithmName. Throws an IllegalArgumentException if no Enum exists with - * that value. - * - * @param standardAlgorithmName - * String value of the Enum - * @return DigestAlgorithm object - */ - public static DigestAlgorithm findByString(final String standardAlgorithmName) { - for (DigestAlgorithm algorithm: DigestAlgorithm.values()) { - if (algorithm.getStandardAlgorithmName().equals(standardAlgorithmName)) { - return algorithm; - } - } - throw new IllegalArgumentException(String.format("No constant with text \"%s\" found", - standardAlgorithmName)); - } -} \ No newline at end of file diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/ReferenceManifest.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/ReferenceManifest.java deleted file mode 100644 index 325597f3..00000000 --- a/tools/tcg_rim_tool/src/main/java/hirs/swid/ReferenceManifest.java +++ /dev/null @@ -1,165 +0,0 @@ -package hirs.swid; - -import com.fasterxml.jackson.annotation.JsonIgnore; -import com.google.common.base.Preconditions; -import jakarta.persistence.Access; -import jakarta.persistence.AccessType; -import jakarta.persistence.Column; -import jakarta.persistence.Entity; -import jakarta.persistence.Inheritance; -import jakarta.persistence.InheritanceType; -import jakarta.persistence.Table; -import lombok.EqualsAndHashCode; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; -import lombok.extern.log4j.Log4j2; -import org.apache.commons.codec.binary.Hex; -import org.hibernate.annotations.JdbcTypeCode; - -import javax.xml.XMLConstants; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.UUID; - -/** - * This class represents the Reference Integrity Manifest object that will be - * loaded into the DB and displayed in the ACA. - */ -@Getter @Setter @ToString -@EqualsAndHashCode(onlyExplicitlyIncluded = true, callSuper = false) -@Log4j2 -@Entity -@Inheritance(strategy = InheritanceType.SINGLE_TABLE) -@Table(name = "ReferenceManifest") -@Access(AccessType.FIELD) -public class ReferenceManifest { - - /** - * Holds the name of the 'hexDecHash' field. - */ - public static final String HEX_DEC_HASH_FIELD = "hexDecHash"; - /** - * String for display of a Base RIM. - */ - public static final String BASE_RIM = "Base"; - /** - * String for display of a Support RIM. - */ - public static final String SUPPORT_RIM = "Support"; - /** - * String for display of a Support RIM. - */ - public static final String MEASUREMENT_RIM = "Measurement"; - - /** - * String for the xml schema ios standard. - */ - public static final String SCHEMA_STATEMENT = "ISO/IEC 19770-2:2015 Schema (XSD 1.0) " - + "- September 2015, see http://standards.iso.org/iso/19770/-2/2015/schema.xsd"; - /** - * String for the xml schema URL file name. - */ - public static final String SCHEMA_URL = "swid_schema.xsd"; - /** - * String for the language type for the xml schema. - */ - public static final String SCHEMA_LANGUAGE = XMLConstants.W3C_XML_SCHEMA_NS_URI; - /** - * String for the package location of the xml generated java files. - */ - public static final String SCHEMA_PACKAGE = "hirs.utils.xjc"; - - @EqualsAndHashCode.Include - @Column(columnDefinition = "mediumblob", nullable = false) - private byte[] rimBytes; - @EqualsAndHashCode.Include - @Column(nullable = false) - private String rimType = "Base"; - @Column - private String tagId = null; - @Column - private boolean swidPatch = false; - @Column - private boolean swidSupplemental = false; - @Column - private String platformManufacturer = null; - @Column - private String platformManufacturerId = null; - @Column - private String swidTagVersion = null; - @Column - private String swidVersion = null; - @Column - private String platformModel = null; - @Column(nullable = false) - private String fileName = null; - @JdbcTypeCode(java.sql.Types.VARCHAR) - @Column - private UUID associatedRim; - @Column - private String deviceName; - @Column - private String hexDecHash = ""; - @Column - private String eventLogHash = ""; - - /** - * Default constructor necessary for Hibernate. - */ - protected ReferenceManifest() { - super(); - this.rimBytes = null; - this.rimType = null; - this.platformManufacturer = null; - this.platformManufacturerId = null; - this.platformModel = null; - this.fileName = BASE_RIM; - this.tagId = null; - this.associatedRim = null; - } - - /** - * Default constructor for ingesting the bytes of the file content. - * @param rimBytes - file contents. - */ - public ReferenceManifest(final byte[] rimBytes) { - Preconditions.checkArgument(rimBytes != null, - "Cannot construct a RIM from a null byte array"); - - Preconditions.checkArgument(rimBytes.length > 0, - "Cannot construct a RIM from an empty byte array"); - - this.rimBytes = rimBytes.clone(); - MessageDigest digest = null; - this.hexDecHash = ""; - try { - digest = MessageDigest.getInstance("SHA-256"); - this.hexDecHash = Hex.encodeHexString( - digest.digest(rimBytes)); - } catch (NoSuchAlgorithmException noSaEx) { - log.error(noSaEx); - } - } - - /** - * Getter for the Reference Integrity Manifest as a byte array. - * - * @return array of bytes - */ - @JsonIgnore - public byte[] getRimBytes() { - if (this.rimBytes != null) { - return this.rimBytes.clone(); - } - return null; - } - - public boolean isBase() { - return rimType.equals(BASE_RIM); - } - - public boolean isSupport() { - return rimType.equals(SUPPORT_RIM); - } -} diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidResource.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidResource.java deleted file mode 100644 index b79f090d..00000000 --- a/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidResource.java +++ /dev/null @@ -1,83 +0,0 @@ -package hirs.swid; - -import com.google.common.base.Preconditions; -import hirs.swid.DigestAlgorithm; -import hirs.swid.xjc.File; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -import javax.xml.namespace.QName; -import java.math.BigInteger; -import java.util.Map; - -/** - * This object is used to represent the content of a Swid Tags Directory - * section. - */ -@ToString -public class SwidResource { - - @Getter - @Setter - private String name, size, hashValue; - @Getter - private String rimFormat, rimType, rimUriGlobal; - private DigestAlgorithm digest = DigestAlgorithm.SHA1; - @Getter - private boolean validFileSize = false; - - /** - * Default constructor. - */ - public SwidResource() { - name = null; - size = null; - rimFormat = null; - rimType = null; - rimUriGlobal = null; - hashValue = null; - } - - /** - * The main constructor that processes a {@code hirs.utils.xjc.File}. - * - * @param file {@link File} - * @param digest algorithm associated with pcr values - */ - public SwidResource(final File file, final DigestAlgorithm digest) { - Preconditions.checkArgument(file != null, - "Cannot construct a RIM Resource from a null File object"); - - this.name = file.getName(); - // at this time, there is a possibility to get an object with - // no size even though it is required. - if (file.getSize() != null) { - this.size = file.getSize().toString(); - } else { - this.size = BigInteger.ZERO.toString(); - } - - for (Map.Entry entry - : file.getOtherAttributes().entrySet()) { - switch (entry.getKey().getLocalPart()) { - case "supportRIMFormat": - this.rimFormat = entry.getValue(); - break; - case "supportRIMType": - this.rimType = entry.getValue(); - break; - case "supportRIMURIGlobal": - this.rimUriGlobal = entry.getValue(); - break; - case "hash": - this.hashValue = entry.getValue(); - break; - default: - } - } - - this.digest = digest; -// tpmWhiteList = new TpmWhiteListBaseline(this.name); - } -} \ No newline at end of file