Merge branch 'v3_issue_805' into v3_issue_810

.github/workflows/hirs_package_linux.yml

@@ -17,7 +17,7 @@ jobs:
     steps:
     - uses: actions/checkout@v4
     - name: Set up JDK 17
-      uses: actions/setup-java@v3
+      uses: actions/setup-java@v4
       with:
         java-version: '17'
         distribution: 'temurin'
@@ -26,44 +26,57 @@ jobs:
     - name: directory setup
       run: |
        mkdir -p artifacts/jars
+       mkdir -p artifacts/win
     - name: install dependencies
       run: |
         sudo apt-get update
         sudo apt-get install git curl nano cron mariadb-server
     - name: Setup Gradle
-      uses: gradle/gradle-build-action@v2
+      uses: gradle/actions/setup-gradle@v3
     - name: Execute Gradle build
       run: |
           ./gradlew build;
           ./gradlew bootWar;
           ./gradlew buildDeb;
           ./gradlew buildRpm;
+          ./gradlew buildZip
           cp HIRS_AttestationCAPortal/build/libs/*.jar artifacts/jars/. 
           cp HIRS_AttestationCA/build/libs/*.jar artifacts/jars/.
           cp HIRS_Utils/build/libs/*.jar artifacts/jars/.
           cp HIRS_Structs/build/libs/*.jar artifacts/jars/.
+          cp tools/tcg_rim_tool/build/distributions/*.zip artifacts/win
+          cp tools/tcg_eventlog_tool/build/distributions/*.zip artifacts/win
+          cp package/win/tcg-rim-tool/* artifacts/win
+
     - name: Archive RPM files
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         name: RPM_Files
         path: HIRS_AttestationCAPortal/build/distributions/*.rpm
         if-no-files-found: error
     - name: Archive DEB files
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         name: DEB_Files
         path: HIRS_AttestationCAPortal/build/distributions/*.deb
         if-no-files-found: error
     - name: War files
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         name: WAR_Files
         path: HIRS_AttestationCAPortal/build/libs/HIRS_AttestationCAPortal.war
         if-no-files-found: error
     - name: JAR_Files
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         name: JAR_Files
         path: artifacts/jars/
         if-no-files-found: error
-        
+    - name: ZIP_Files
+      uses: actions/upload-artifact@v4
+      with:
+        name: ZIP_Files
+        path: artifacts/win/
+        if-no-files-found: error
+
+        

package/win/tcg-rim-tool/README.md

@@ -0,0 +1,37 @@
+This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. 
+
+To get the tools running on windows follow the instructions below:   
+
+1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. 
+
+2- Open PowerShell as administrator and run > Set-ExecutionPolicy unrestricted
+To verify run > Get-ExecutionPolicy and it should be set to "unrestricted"
+
+3- Right click on create_hirs_desktop_shortcut.ps1 and run with PowerShell, a PowerShell terminal will pop-up, if prompted type "R" to run the script.
+
+4- HIRS_tools.ps1 should appear on your desktop, right click on it and run with PowerShell . if prompted type "R" to run the script.
+
+5- The HIRS terminal should popup.
+
+6- (optional) To remove the warning messages when running the rim tool and the event log tool:
+Open PowerShell as administrator, navigate to the working directory, and run the following:
+> Unblock-File -Path .\rim.ps1  
+> Unblock-File -Path .\eventLog.ps1
+
+To run the rim tool try the following commands
+
+> rim -c base -a .\tcg_rim_tool\Base_Rim_Config.json -l .\tcg_rim_tool\TpmLog.bin -k .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.key -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -o baseRim.swidtag
+
+> rim -v .\baseRim.swidtag -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -t .\tcg_rim_tool\PC_OEM1_Cert_Chain.pem -l .\tcg_rim_tool\TpmLog.bin
+
+
+
+To run the eventlog tool:
+
+elt -f  C:\Windows\Logs\MeasuredBoot\[.log file here] -e
+
+Eventlog files are found here windows:
+C:\Windows\Logs\MeasuredBoot
+
+Example Command would be: 
+> elt -f  C:\Windows\Logs\MeasuredBoot\000000001-000000001.log -e (file name needs to match on on your system)

package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1

@@ -0,0 +1,7 @@
+
+# Create a shortcut to start the RIM shell
+$WshShell = New-Object -comObject WScript.Shell
+$Shortcut = $WshShell.CreateShortcut("$Home\Desktop\HIRS_tools.lnk")
+$Shortcut.TargetPath = "$PWD\hirsshell.ps1"
+$Shortcut.WorkingDirectory =  "$PWD"
+$Shortcut.Save()

package/win/tcg-rim-tool/eventLog.ps1

@@ -0,0 +1,11 @@
+# Script to run the tcg_rim_tool in java
+
+$JavaParams = @{
+    FilePath =  'java'
+    ArgumentList = @(
+        '-jar "{0}"' -f "$PWD\tcg_eventlog_tool/tcg_eventlog_tool.jar"
+        "$args"
+    )
+}
+
+Start-Process @JavaParams  -NoNewWindow -Wait

package/win/tcg-rim-tool/hirsshell.ps1

@@ -0,0 +1,14 @@
+# Script to start a new shell with a rim alias 
+$StartInfo = new-object System.Diagnostics.ProcessStartInfo
+$StartInfo.FileName = "$pshome\powershell.exe"
+$StartInfo.Arguments = "-NoExit -Command 
+               `$Host.UI.RawUI.WindowTitle=`'TCG RIM TOOL`'; 
+               Set-Alias elt '$PWD\eventlog.ps1';
+	       Set-Alias rim '$PWD\rim.ps1';
+               echo 'The TCG RIM TOOL is intended for testing TCG Defined PC Client Reference Integrity Manifests (RIMs)';
+               echo 'for usage type: rim -h';
+	       echo 'for eventlog usage type: elt -h'
+               Set-Location -Path $PWD;
+               function prompt {'HIRS > '};" 
+[System.Diagnostics.Process]::Start($StartInfo)
+

package/win/tcg-rim-tool/rim.ps1

@@ -0,0 +1,11 @@
+# Script to run the tcg_rim_tool in java
+
+$JavaParams = @{
+    FilePath =  'java'
+    ArgumentList = @(
+        '-jar "{0}"' -f "$PWD\tcg_rim_tool/tcg_rim_tool.jar"
+        "$args"
+    )
+}
+
+Start-Process @JavaParams  -NoNewWindow -Wait

tools/tcg_eventlog_tool/build.gradle

@@ -123,4 +123,22 @@ ospackage {
     buildDeb {
         arch = X86_64
     }
+
 }
+
+
+task buildZip(type: Zip){
+    dependsOn jar
+    from(tasks.jar.archiveFile){
+        rename( filename ->
+            "${project.name}.jar")
+        into '/'
+    }
+
+    archiveBaseName.set(project.name)
+    destinationDirectory.set(file("$buildDir/distributions"))
+    archiveFileName.set("${project.name}.zip")
+}
+
+buildZip.dependsOn jar
+//build.dependsOn buildZip

tools/tcg_rim_tool/build.gradle

@@ -131,3 +131,38 @@ buildRpm {
 buildDeb {
     arch = 'amd64'
 }
+
+task buildZip(type: Zip){
+    dependsOn jar
+    dependsOn jar
+    from(tasks.jar.archiveFile){
+        rename( filename ->
+                "${project.name}.jar")
+        into '/'
+    }
+    from('./build/resources/test/rim_fields.json'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/configs/Base_Rim_Config.json'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/eventlogs/TpmLog.bin'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/keys/PC_OEM1_rim_signer_rsa_3k_sha384.key'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem'){
+        into '/'
+    }
+    from('../../.ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem'){
+        into '/'
+    }
+
+    archiveBaseName.set(project.name)
+    destinationDirectory.set(file("$buildDir/distributions"))
+    archiveFileName.set("${project.name}.zip")
+}
+
+buildZip.dependsOn jar
+//build.dependsOn buildZip