Merge pull request #815 from SuperPotato27/v3_issue_810

(WIP) Added action to package the RIM tool and the EventLog tool for windows.
2024-12-18 20:47:58 +00:00 · 2024-09-04 10:30:21 -04:00 · 2024-09-04 10:30:21 -04:00 · 72b37cec61
commit 72b37cec61
parent 3f466aa119 0c165641c0
8 changed files with 149 additions and 7 deletions
--- a/.github/workflows/hirs_package_linux.yml
+++ b/.github/workflows/hirs_package_linux.yml
@ -17,7 +17,7 @@ jobs:
    steps:
    - uses: actions/checkout@v4
    - name: Set up JDK 17
-      uses: actions/setup-java@v3
+      uses: actions/setup-java@v4
      with:
        java-version: '17'
        distribution: 'temurin'
@ -26,44 +26,57 @@ jobs:
    - name: directory setup
      run: |
       mkdir -p artifacts/jars
+       mkdir -p artifacts/win
+       mkdir -p artifacts/win/hirstools
    - name: install dependencies
      run: |
        sudo apt-get update
        sudo apt-get install git curl nano cron mariadb-server
    - name: Setup Gradle
-      uses: gradle/gradle-build-action@v2
+      uses: gradle/actions/setup-gradle@v3
    - name: Execute Gradle build
      run: |
          ./gradlew build;
          ./gradlew bootWar;
          ./gradlew buildDeb;
          ./gradlew buildRpm;
+          ./gradlew buildZip
          cp HIRS_AttestationCAPortal/build/libs/*.jar artifacts/jars/. 
          cp HIRS_AttestationCA/build/libs/*.jar artifacts/jars/.
          cp HIRS_Utils/build/libs/*.jar artifacts/jars/.
          cp HIRS_Structs/build/libs/*.jar artifacts/jars/.
+          cp tools/tcg_rim_tool/build/distributions/*.zip artifacts/win
+          cp tools/tcg_eventlog_tool/build/distributions/*.zip artifacts/win
+          cp package/win/tcg-rim-tool/* artifacts/win/hirstools
    - name: Archive RPM files
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
      with:
        name: RPM_Files
        path: HIRS_AttestationCAPortal/build/distributions/*.rpm
        if-no-files-found: error
    - name: Archive DEB files
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
      with:
        name: DEB_Files
        path: HIRS_AttestationCAPortal/build/distributions/*.deb
        if-no-files-found: error
    - name: War files
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
      with:
        name: WAR_Files
        path: HIRS_AttestationCAPortal/build/libs/HIRS_AttestationCAPortal.war
        if-no-files-found: error
    - name: JAR_Files
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
      with:
        name: JAR_Files
        path: artifacts/jars/
        if-no-files-found: error
-        
+    - name: ZIP_Files
+      uses: actions/upload-artifact@v4
+      with:
+        name: ZIP_Files
+        path: artifacts/win/
+        if-no-files-found: error
+
+        
--- a/package/win/tcg-rim-tool/README.md
+++ b/package/win/tcg-rim-tool/README.md
@ -0,0 +1,29 @@
+This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. 
+
+To get the tools running on windows follow the instructions below:  
+
+1- Unzip "ZIP_Files" 
+
+2- open powershell as administrator and navigate to the hirstools folder. 
+
+3- run the following command: ```powershell -ExecutionPolicy Bypass -File '.\create_hirstools_desktop_shortcut.ps1'```
+
+4- double-click the HIRS_tools shortcut on your desktop. 
+
+To run the rim tool try the following commands:
+
+> rim -c base -a .\tcg_rim_tool\Base_Rim_Config.json -l .\tcg_rim_tool\TpmLog.bin -k .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.key -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -o baseRim.swidtag
+
+> rim -v .\baseRim.swidtag -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -t .\tcg_rim_tool\PC_OEM1_Cert_Chain.pem -l .\tcg_rim_tool\TpmLog.bin
+
+
+
+To run the eventlog tool:
+
+elt -f  C:\Windows\Logs\MeasuredBoot\[.log file here] -e
+
+Eventlog files are found here windows:
+C:\Windows\Logs\MeasuredBoot
+
+Example Command would be: 
+> elt -f  C:\Windows\Logs\MeasuredBoot\000000001-000000001.log -e (file name needs to match on on your system)
--- a/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1
+++ b/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1
@ -0,0 +1,11 @@
+# Unzip tools in the working directory
+Expand-Archive -Path ..\tcg_rim_tool.zip -DestinationPath .\tcg_rim_tool
+Expand-Archive -Path ..\tcg_eventlog_tool.zip -DestinationPath .\tcg_eventlog_tool
+# Create a shortcut to start the RIM shell
+$WshShell = New-Object -comObject WScript.Shell
+$Shortcut = $WshShell.CreateShortcut("$Home\Desktop\HIRS_tools.lnk")
+$Shortcut.TargetPath = "powershell.exe"
+$ScriptPath = "$PWD\hirsshell.ps1"
+$Shortcut.Arguments = "-ExecutionPolicy Bypass -File `"$ScriptPath`""
+$Shortcut.WorkingDirectory =  "$PWD"
+$Shortcut.Save()
--- a/package/win/tcg-rim-tool/eventLog.ps1
+++ b/package/win/tcg-rim-tool/eventLog.ps1
@ -0,0 +1,11 @@
+# Script to run the tcg_rim_tool in java
+
+$JavaParams = @{
+    FilePath =  'java'
+    ArgumentList = @(
+        '-jar "{0}"' -f "$PWD\tcg_eventlog_tool/tcg_eventlog_tool.jar"
+        "$args"
+    )
+}
+
+Start-Process @JavaParams  -NoNewWindow -Wait
--- a/package/win/tcg-rim-tool/hirsshell.ps1
+++ b/package/win/tcg-rim-tool/hirsshell.ps1
@ -0,0 +1,14 @@
+# Script to start a new shell with a rim alias
+$StartInfo = new-object System.Diagnostics.ProcessStartInfo
+$StartInfo.FileName = "$pshome\powershell.exe"
+$StartInfo.Arguments = "-NoExit -Command 
+               `$Host.UI.RawUI.WindowTitle=`'TCG RIM TOOL`'; 
+               Set-Alias elt '$PWD\eventlog.ps1';
+	       Set-Alias rim '$PWD\rim.ps1';
+               echo 'The TCG RIM TOOL is intended for testing TCG Defined PC Client Reference Integrity Manifests (RIMs)';
+               echo 'for usage type: rim -h';
+	       echo 'for eventlog usage type: elt -h'
+               Set-Location -Path $PWD;
+               function prompt {'HIRS > '};" 
+[System.Diagnostics.Process]::Start($StartInfo)
+
--- a/package/win/tcg-rim-tool/rim.ps1
+++ b/package/win/tcg-rim-tool/rim.ps1
@ -0,0 +1,11 @@
+# Script to run the tcg_rim_tool in java
+
+$JavaParams = @{
+    FilePath =  'java'
+    ArgumentList = @(
+        '-jar "{0}"' -f "$PWD\tcg_rim_tool/tcg_rim_tool.jar"
+        "$args"
+    )
+}
+
+Start-Process @JavaParams  -NoNewWindow -Wait
--- a/tools/tcg_eventlog_tool/build.gradle
+++ b/tools/tcg_eventlog_tool/build.gradle
@ -123,4 +123,22 @@ ospackage {
    buildDeb {
        arch = 'amd64'
    }
+
 }
+
+
+task buildZip(type: Zip){
+    dependsOn jar
+    from(tasks.jar.archiveFile){
+        rename( filename ->
+            "${project.name}.jar")
+        into '/'
+    }
+
+    archiveBaseName.set(project.name)
+    destinationDirectory.set(file("$buildDir/distributions"))
+    archiveFileName.set("${project.name}.zip")
+}
+
+buildZip.dependsOn jar
+//build.dependsOn buildZip
--- a/tools/tcg_rim_tool/build.gradle
+++ b/tools/tcg_rim_tool/build.gradle
@ -131,3 +131,38 @@ buildRpm {
 buildDeb {
    arch = 'amd64'
 }
+
+task buildZip(type: Zip){
+    dependsOn jar
+    dependsOn jar
+    from(tasks.jar.archiveFile){
+        rename( filename ->
+                "${project.name}.jar")
+        into '/'
+    }
+    from('./build/resources/test/rim_fields.json'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/configs/Base_Rim_Config.json'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/eventlogs/TpmLog.bin'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/keys/PC_OEM1_rim_signer_rsa_3k_sha384.key'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem'){
+        into '/'
+    }
+
+    archiveBaseName.set(project.name)
+    destinationDirectory.set(file("$buildDir/distributions"))
+    archiveFileName.set("${project.name}.zip")
+}
+
+buildZip.dependsOn jar
+//build.dependsOn buildZip