Merge pull request #510 from nsacyber/gradle-package

Gradle 7 update to codebase-reset

HIRS_AttestationCAPortal/build.gradle

@@ -7,6 +7,11 @@ plugins {
     id 'io.spring.dependency-management' version '1.1.0'
 }
 
+// Get version from main project gradle
+def packVersion = properties.get("packageVersion");
+def jarVersion = properties.get("jarVersion");
+//println "packageVersion is ${projVersion}"
+
 java {
     toolchain {
         languageVersion = JavaLanguageVersion.of(17)
@@ -54,3 +59,115 @@ war {
     }
     archiveFileName = 'HIRS_AttestationCAPortal.war'
 }
+
+ospackage {
+    packageName = 'HIRS_AttestationCA'
+    os = LINUX
+    arch = NOARCH
+    version = "$packVersion"
+    release = '1'
+
+    user 'root'
+    fileMode = 0755
+
+    def tpath="/opt"
+
+    addParentDirs = true
+    createDirectoryEntry true 
+
+    preInstall "rm -rf /opt/hirs/default-properties"
+    preInstall "mkdir -p /opt/hirs/default-properties/"
+    preInstall "mkdir -p /tmp/hirs/default-properties/"
+
+    // Setup /etc/hirs
+    into ('/etc/hirs/aca/') {
+      from '../HIRS_AttestationCA/src/main/resources/defaults.properties'
+      rename {'aca.properties'}
+    }
+    into ('/etc/hirs/') {
+       from '../HIRS_Utils/src/main/resources/banner.properties'
+       from '../HIRS_Utils/src/main/resources/persistence.properties'
+       from '../HIRS_Utils/src/main/resources/logging.properties'
+    }
+    // Setup tomcat files
+    // Create and package HIRS_AttestationCA:war
+    into ("${tpath}/tomcat/webapps") {
+       from war.outputs.files
+       from '../HIRS_AttestationCA/build/libs/HIRS_AttestationCA.war'
+       user 'root'
+       fileMode = 0755
+    }
+    into ("${tpath}/tomcat/lib") {
+      from 'libs' 
+      from configurations.runtimeClasspath 
+    }
+    into ("/opt/hirs/scripts/aca/") {
+     from '../package/conf/tomcat.service'
+     from '../package/scripts/install_tomcat.sh'
+     from '../package/scripts/aca/certificate_generate.sh'
+    }
+    into ("/opt/hirs/scripts/common") {
+     from '../package/scripts/common/'
+    }
+    into ('/opt/hirs/extras/aca/') {
+      from '../package/extras/aca/'
+    }
+
+    // Copy json files to /tmp and move into /opt/hirs in postInstall section
+    // Allows HIRS tools to be installed using the same files
+    into ('/tmp/aca/default-properties/') {
+       from '../HIRS_AttestationCA/src/main/resources/vendor-table.json'
+       from '../HIRS_AttestationCA/src/main/resources/component-class.json'
+    }
+  // Post Install
+//   println "*** Checking MYSQL Configuration ...."
+//    println " Myql password is $System.env.HIRS_MYSQL_ROOT_PWD"
+//   println " Myql password is ${System.getenv('HIRS_MYSQL_ROOT_PWD')} "
+
+//   if ( "$System.env.HIRS_MYSQL_ROOT_PWD".compareTo("null") == 0 ) {
+//      println "Gradle: Mysql Root password not set"
+//   }
+//   else {
+//      println "Gradle: Mysql Root Password set to $System.env.HIRS_MYSQL_ROOT_PWD" 
+ //  }
+
+     postInstall file('../package/scripts/common/db_create.sh')
+//     if (System.getenv('HIRS_INSTALL_STATUS').compareTo('fail')==0 ) {
+//       throw new GradleException('MYSQL password error occurred') 
+//     }
+  //    postInstall 'sh /opt/hirs/scripts/common/db_create.sh'
+  //  postInstall file('../package/scripts/common/ssl_configure.sh')
+  //  postInstall 'mkdir -p /etc/hirs/aca/client_files'
+    postInstall 'mkdir -p /etc/hirs/aca/certificates'
+    postInstall 'cp /tmp/aca/default-properties/* /opt/hirs/default-properties/.'
+    postInstall 'rm -rf /tmp/aca/'
+ //  postInstall file('../package/scripts/install_tomcat.sh')
+ //   Old post install files, to be removed...
+ // Note /etc/hirs/aca/certificates files are created by  certificate_generate.sh
+ //      /etc/hirs/aca/client-files files are created by  certificate_generate.sh
+ //      /etc/hirs/certificates/ files are created by ssl_configure.sh
+ //      /etc/hirs/certificates/mysql/  files are created by ssl_configure.sh
+ //      /etc/hirs/certificates/private/  files are created by ssl_configure.sh
+ //   postInstall file('../package/scripts/common/firewall_configure_tomcat.sh')
+ //   postInstall file('../package/scripts/common/ssl_configure.sh')
+ //   postInstall file('../package/scripts/aca/certificate_generate.sh')
+ //   postInstall 'if [ selinuxenabled ]; then semodule -i /opt/hirs/extras/aca/tomcat-mysql-hirs.pp; fi'
+     
+    postInstall 'sh /opt/tomcat/bin/catalina.sh start'
+
+    // Post Uninstall
+    // Copy files to /tmp that package manager will be expecting them there
+    preUninstall 'mkdir -p /tmp/aca/default-properties/'
+    preUninstall 'cp -f /opt/hirs/default-properties/* /tmp/aca/default-properties/.'
+    preUninstall file('../package/scripts/common/db_drop.sh')
+
+    //buildRpm.dependsOn ':HIRS_AttestationCA:war'
+
+    buildRpm {
+        arch = X86_64
+    }
+
+    buildDeb {
+        arch = 'amd64'
+    }
+}

HIRS_Utils/build.gradle

@@ -1,6 +1,11 @@
 plugins {
     id 'java'
 }
+// Get version from main project gradle
+def packVersion = properties.get("packageVersion");
+def jarVersion = properties.get("jarVersion");
+//println "packageVersion is ${projVersion}"
+
 
 java {
     toolchain {
@@ -10,7 +15,6 @@ java {
 
 repositories {
     mavenCentral()
-
     flatDir { dirs "lib" }
 }
 
@@ -47,9 +51,20 @@ test {
     useJUnitPlatform()
 }
 
+jar {
+    duplicatesStrategy = DuplicatesStrategy.EXCLUDE
+    manifest {
+        attributes(
+                 'Class-Path': configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
+           )
+    }
+     //jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
+     archiveVersion = jarVersion
+}
+
 //task generateXjcLibrary(type:Exec) {
 //    workingDir 'config'
 //
 //    commandLine './genXjcLibrary.sh'
 //}
-//compileJava.dependsOn generateXjcLibrary
+//compileJava.dependsOn generateXjcLibrary

HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java

@@ -256,7 +256,9 @@ public final class TCGEventLog {
         }
         return pcrs;
     }
-
+    
+   
+    
     /**
      * Returns a list of event found in the Event Log.
      * @return an arraylist of event.

build.gradle

@@ -1,120 +1,38 @@
-//import java.util.concurrent.TimeUnit
-//
+import java.util.concurrent.TimeUnit
+import org.gradle.api.tasks.Copy
+
 plugins {
     // Apply the application plugin to add support for building a CLI application in Java.
     id 'application'
-//    id 'java'
-//    id 'war'
-//    id  "nebula.ospackage" version "9.1.1"
 }
 
-//subprojects {
-//
-//}
+// Global checkstyle file
+    ext.checkstyleConfigFile = new File(rootDir, "/config/checkstyle/sun_checks.xml")
+
+dependencies {
+    repositories {
+          // Use Maven Central for resolving dependencies.
+             mavenCentral()
+         }
+}
+
+def projectVersion = rootProject.file('VERSION').text.trim()
+
+def buildTime = { ->
+    Date latestdate = new Date();
+    def time = latestdate.getTime();
+    long seconds = TimeUnit.MILLISECONDS.toSeconds(time);
+    return seconds;
+}
+
+def gitHash = { ->
+    def gitProcess = 'git rev-parse --short HEAD'.execute();
+    gitProcess.waitFor();
+    def shortHash = gitProcess.text.trim();
+    def gitHash = shortHash.substring(0, shortHash.length() - 2);
+    return gitHash;
+}
+
+project.ext["jarVersion"] = "${projectVersion}.${buildTime}.${gitHash}"
+project.ext["packageVersion"] = "${projectVersion}.${buildTime}.${gitHash}.el8"
 
-//plugins {
-//    id 'application'
-//    id 'java'
-//    id 'war'
-//    id "nebula.ospackage" version "9.1.1"
-//    id 'org.springframework.boot' version '3.0.1'
-//    id 'io.spring.dependency-management' version '1.1.0'
-//}
-//
-//java {
-//    toolchain {
-//        languageVersion = JavaLanguageVersion.of(17)
-//    }
-//}
-//
-//configurations {
-//    compileOnly {
-//        extendsFrom annotationProcessor
-//    }
-//    jaxb
-//}
-//
-//repositories {
-//    flatDir { dirs "lib" }
-//    mavenCentral()
-//}
-//
-//dependencies {
-//    implementation project(':HIRS_Utils')
-//    implementation project(':HIRS_AttestationCA')
-//
-//    implementation 'org.springframework.boot:spring-boot-starter-web'
-//    implementation 'org.springframework.boot:spring-boot-starter-validation'
-//    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-//    implementation 'org.projectlombok:lombok:1.18.26'
-//    implementation 'org.bouncycastle:bcmail-jdk15on:1.70'
-//    implementation 'org.springframework.plugin:spring-plugin-core:3.0.0'
-//    implementation 'org.apache.httpcomponents:httpclient:4.5.7'
-//    implementation 'com.google.guava:guava:31.1-jre'
-//    implementation 'org.glassfish.web:jakarta.servlet.jsp.jstl:3.0.0'
-//    implementation 'com.github.marandus:pci-ids:0.3'
-//    implementation 'org.apache.httpcomponents.client5:httpclient5:5.2.1'
-//    implementation 'commons-codec:commons-codec:1.15'
-//    implementation 'org.apache.commons:commons-lang3:3.12.0'
-//    implementation 'org.apache.logging.log4j:log4j-core:2.19.0'
-//    implementation 'org.apache.logging.log4j:log4j-api:2.19.0'
-//    implementation 'com.eclipsesource.minimal-json:minimal-json:0.9.5'
-//    implementation 'com.fasterxml.jackson.core:jackson-core:2.14.2'
-//    implementation 'com.fasterxml.jackson.core:jackson-databind:2.14.2'
-//    implementation "org.glassfish.jaxb:jaxb-runtime:4.0.1"
-//    implementation 'jakarta.xml.bind:jakarta.xml.bind-api:4.0.0'
-////    implementation 'com.sun.xml.bind:jaxb-impl:4.0.2' //creates duplicate error
-//    compileOnly 'org.projectlombok:lombok:1.18.26'
-//    runtimeOnly 'org.mariadb.jdbc:mariadb-java-client'
-//    annotationProcessor 'org.projectlombok:lombok:1.18.26'
-//    providedRuntime 'org.springframework.boot:spring-boot-starter-tomcat'
-//
-//    testImplementation 'org.springframework.boot:spring-boot-starter-test'
-//}
-//
-//war {
-//    from(buildDir) {
-//        include 'VERSION'
-//        into 'WEB-INF/classes'
-//    }
-//    archiveFileName = 'HIRS_AttestationCAPortal.war'
-//}
-//
-//tasks.register("spring-boot-properties") {
-//    group = 'Introspection'
-//    description = 'Print properties from all BOMs'
-//    doLast {
-//        println dependencyManagement.importedProperties
-//    }
-//}
-//
-////task generateXjcLibrary(type:Exec) {
-////    workingDir 'config'
-////
-////    commandLine './genXjcLibrary.sh'
-////}
-////compileJava.dependsOn generateXjcLibrary
-//
-////ospackage {
-////    packageName = 'HIRS_AttestationCA'
-////    os = LINUX
-////    arch = NOARCH
-////    release = '1'
-////
-////    user 'root'
-////    fileMode = 0755
-////
-////    addParentDirs = true
-////    createDirectoryEntry true
-////
-////    into ("/opt/tomcat/webapps") {
-////        from war.outputs.files
-////        from '../HIRS_AttestationCAPortal/build/libs/HIRS_AttestationCAPortal.war'
-////        user 'root'
-////        fileMode = 0755
-////    }
-////
-////    buildRpm {
-////        arch = X86_64
-////    }
-////}

gradle.properties

@@ -2,3 +2,4 @@ excludeGroups=rhel-6,performance
 includeGroups=
 org.gradle.daemon=true
 org.gradle.jvmargs=-Xms256m -Xmx1024m
+org.gradle.caching=true

package/scripts/common/db_create.sh

@@ -1,4 +1,41 @@
 #!/bin/bash
+#
+###############################################################################
+# HIRS DB creation
+# Environment variables used:
+# a. HIRS_MYSQL_ROOT_PWD: Set this variable if mysql root password is already set
+# b. HIRS_DB_PWD: Set the pwd if default password to hirs_db user needs to be changed
+# HIRS_MYSQL_ROOT_NEW_PWD wil be ignored if HIRS_MYSQL_ROOT_EXSITING_PWD is set.
+################################################################################
+
+# Set Mysql HIRS DB  password
+if [ -z $HIRS_DB_PWD ]; then
+   HIRS_DB_PWD="hirs_db"
+fi
+# Save hirs_db mysql user password to the properties file
+echo "hibernate.connection.username="hirs_db"" > /etc/hirs/hibernate.properties
+echo "hibernate.connection.password=$HIRS_DB_PWD" >> /etc/hirs/hibernate.properties
+
+# Test the root password, error if the password doesnt work
+
+if [ -z ${HIRS_MYSQL_ROOT_PWD} ]; then
+    echo "HIRS_MYSQL_ROOT_PWD environment variable not set"
+    mysql -fu root  -e 'quit'  &> /dev/null;
+else
+   echo "Using $HIRS_MYSQL_ROOT_PWD as the mysql root password"
+   $(mysql -u root -p$HIRS_MYSQL_ROOT_PWD -e 'quit'  &> /dev/null);
+fi
+if [ $? -eq 0 ]; then
+ echo "root password verified" 
+else
+ echo "MYSQL root password was not the default, not supplied,  or was incorrect"
+ echo "      please set the HIRS_MYSQL_ROOT_PWD system variable and retry."
+ echo "      ********** ACA Mysql setup aborted ********" ;
+ exit 1;
+fi
+
+echo "HIRS_DB_PWD is $HIRS_DB_PWD"
+echo "HIRS_MYSQL_ROOT_PWD is $HIRS_MYSQL_ROOT_PWD"
 
 # Check if we're in a Docker container
 if [ -f /.dockerenv ]; then
@@ -7,35 +44,37 @@ else
     DOCKER_CONTAINER=false
 fi
 
-echo "Creating HIRS Database..."
-
-if [ $DOCKER_CONTAINER  = true ]; then
-    # If in Docker container, avoid services that invoke the D-Bus
-    if [[ $(pgrep -c -u mysql mysqld) -eq 0 ]]; then
-        /usr/libexec/mariadb-prepare-db-dir
-        nohup /usr/bin/mysqld_safe --basedir=/usr &>/dev/null &
-        MYSQLD_PID=$(pgrep -u mysql mysqld)
-        /usr/libexec/mariadb-wait-ready $MYSQLD_PID
-    fi
-else
-    SQL_SERVICE=`/opt/hirs/scripts/common/get_db_service.sh`
-    chkconfig $SQL_SERVICE on
-    service $SQL_SERVICE start
+# Check if mysql is already running, if not initialize
+if [[ $(pgrep -c -u mysql mysqld) -eq 0 ]]; then
+# Check if running in a container
+   if [ $DOCKER_CONTAINER  = true ]; then
+   # if in Docker container, avoid services that invoke the D-Bus
+       echo "ACA is running in a container..."
+       # Check if mariadb is setup
+       if [ ! -d "/var/lib/mysql/mysql/" ]; then
+           echo "Installing mariadb"
+           /usr/bin/mysql_install_db 
+           chown -R mysql:mysql /var/lib/mysql/  
+       fi
+       echo "Starting mysql...."
+       chown -R mysql:mysql /var/log/mariadb
+       /usr/bin/mysqld_safe &
+   else
+       SQL_SERVICE=`/opt/hirs/scripts/common/get_db_service.sh`
+       systemctl $SQL_SERVICE enable
+       systemctl $SQL_SERVICE start
+   fi
 fi
 
-if [[ -f /etc/redhat-release ]] ; then
-    CENTOS_VER=`/opt/hirs/scripts/common/get_centos_major_version.sh`
-elif [[ -f /etc/os-release ]] ; then
-    AMAZON_VER=`/opt/hirs/scripts/common/get_amazon_linux_major_version.sh`
-fi
-if [ $CENTOS_VER -eq "6" ] ; then
-    DB_CREATE_SCRIPT=/opt/hirs/scripts/common/db_create.sql.el6
-elif [ $CENTOS_VER -eq "7" ] || [ $AMAZON_VER -eq "2" ] ; then
-    DB_CREATE_SCRIPT=/opt/hirs/scripts/common/db_create.sql.el7
-else
-    echo "Unsupported Linux detected"
-    exit 1
-fi
+# Wait for mysql to start before continuing.
+echo "Checking mysqld status..."
+while ! mysqladmin ping -h "$localhost" --silent; do
+  sleep 1;
+done
+
+# Create the hirs_db database
+echo "Creating HIRS Database..." 
+mysql -u root --password=$HIRS_MYSQL_ROOT_PWD < /opt/hirs/scripts/common/db_create.sql
+mysql -u root --password=$HIRS_MYSQL_ROOT_PWD < /opt/hirs/scripts/common/secure_mysql.sql
+mysql -u root --password=$HIRS_MYSQL_ROOT_PWD -e "ALTER USER 'hirs_db'@'localhost' IDENTIFIED BY '"$HIRS_DB_PWD"'; FLUSH PRIVILEGES;";
 
-mysql -fu root < $DB_CREATE_SCRIPT
-mysql -fu root < /opt/hirs/scripts/common/secure_mysql.sql

package/scripts/common/db_create.sql

@@ -1,2 +1,2 @@
 CREATE DATABASE IF NOT EXISTS `hirs_db` CHARACTER SET = 'utf8mb4' COLLATE = 'utf8mb4_general_ci';
-GRANT ALL ON hirs_db.* TO "hirs_db"@"localhost" IDENTIFIED BY "hirs_db" REQUIRE SSL;
+GRANT ALL  ON hirs_db.* TO "hirs_db"@"localhost" IDENTIFIED BY "$HIRS_DB_PWD";

package/scripts/common/db_drop.sh

@@ -1,4 +1,11 @@
-#!/usr/bin/env bash
+#!/bin/bash
 
-# delete the database
-mysql -u root < /opt/hirs/scripts/common/db_drop.sql
+echo "dropping hirs database"
+
+if pgrep  mysqld >/dev/null 2>&1; then
+  if [ -z ${HIRS_MYSQL_ROOT_PWD} ]; then
+    mysql -u "root" < /opt/hirs/scripts/common/db_drop.sql
+  else
+    mysql -u "root" -p$HIRS_MYSQL_ROOT_PWD  < /opt/hirs/scripts/common/db_drop.sq1
+  fi
+fi

package/scripts/common/secure_mysql.sql

@@ -1,6 +1,5 @@
-UPDATE mysql.user SET Password=PASSWORD('root') WHERE User='root';
 DELETE FROM mysql.user WHERE User='';
 DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
 DROP DATABASE IF EXISTS test;
 DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
-FLUSH PRIVILEGES
+FLUSH PRIVILEGES

package/scripts/install_tomcat.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+tom_version="10.1.1"
+tom_maj=$(echo "$tom_version" | cut -d '.' -f 1)
+CATALINA_HOME=/opt/tomcat/
+CATALINA_BASE=/opt/tomcat/
+
+# Check if tomcat already installed 
+if [ -d "/opt/tomcat" ]; then
+   echo "tomcat already installed"
+else 
+   echo "installing $tom_version"
+   pushd /tmp
+   useradd -r -d /opt/tomcat/ -s /bin/false -c "Tomcat User" tomcat
+   dnf install wget -y
+   wget https://dlcdn.apache.org/tomcat/tomcat-$tom_maj/v$tom_version/bin/apache-tomcat-$tom_version.tar.gz
+   mkdir /opt/tomcat
+   tar -xzf apache-tomcat-$tom_version.tar.gz -C /opt/tomcat --strip-components=1
+   rm apache-tomcat-$tom_version.tar.gz
+   chown -R tomcat: /opt/tomcat
+   sudo sh -c 'chmod +x /opt/tomcat/bin/*.sh'
+   popd
+fi
+if [ -f /.dockerenv ]; then
+  echo "in a container..."
+  sh /opt/tomcat/bin/catalina.sh start
+else 
+  cp /opt/hirs/scripts/aca/tomcat.service   /etc/systemd/system/.
+  systemctl daemon-reload
+  systemctl start tomcat
+  systemctl enable tomcat
+fi
+if [ $(pgrep -c FirewallD) == "1" ]; then
+   firewall-cmd --add-port=8080/tcp --permanent
+   firewall-cmd --add-port=8443/tcp --permanent
+fi

settings.gradle

@@ -2,7 +2,9 @@ rootProject.name = 'HIRS'
 
 include 'HIRS_Utils',
         'HIRS_AttestationCA',
-        'HIRS_AttestationCAPortal'
+        'HIRS_AttestationCAPortal',
+        ':tools:tcg_eventlog_tool',
+        ':tools:tcg_rim_tool'
 
 dependencyResolutionManagement {
     versionCatalogs {
@@ -10,14 +12,18 @@ dependencyResolutionManagement {
             version('springboot', '3.0.1')
             version('jackson', '2.14.2')
             library('commons-codec', 'commons-codec:commons-codec:1.15')
+            library('commons_io',    'commons-io:commons-io:2.11.0')
             library('commons-lang3', 'org.apache.commons:commons-lang3:3.12.0')
             library('bouncycastle', 'org.bouncycastle:bcmail-jdk15on:1.70')
+            library('glassfish_json',   'org.glassfish:javax.json:1.1.4')
+            library('glassfish_jaxb_runtime',   'org.glassfish.jaxb:jaxb-runtime:2.3.1')
             library('gson', 'com.google.code.gson:gson:2.10.1')
             library('guava', 'com.google.guava:guava:31.1-jre')
             library('minimal-json', 'com.eclipsesource.minimal-json:minimal-json:0.9.5')
             library('jakarta-servlet', 'org.glassfish.web:jakarta.servlet.jsp.jstl:3.0.0')
             library('jakarta-api', 'jakarta.persistence:jakarta.persistence-api:3.1.0')
             library('jakarta-xml', 'jakarta.xml.bind:jakarta.xml.bind-api:4.0.0')
+            library('jcommander',    'com.beust:jcommander:1.82')
             library('hibernate-core', 'org.hibernate:hibernate-core:6.1.7.Final')
             library('jackson-core', 'com.fasterxml.jackson.core', 'jackson-core').versionRef('jackson')
             library('jackson-databind', 'com.fasterxml.jackson.core', 'jackson-databind').versionRef('jackson')
@@ -27,6 +33,7 @@ dependencyResolutionManagement {
 //            library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-web').version('springboot')
 //            library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-validation').version('springboot')
             library('lombok', 'org.projectlombok:lombok:1.18.26')
+            library('testng', 'org.testng:testng:7.4.0')
         }
     }
-}
+}

tools/tcg_eventlog_tool/build.gradle

@@ -1,122 +1,126 @@
-apply plugin: 'java'
-apply plugin: 'findbugs'
-apply plugin: 'checkstyle'
-apply plugin: 'nebula.ospackage'
+import java.util.concurrent.TimeUnit
+plugins {
+      id "java"
+//    id "findbugs"
+//    id "checkstyle"
+      id "nebula.ospackage" version "9.1.1"
+}
+// Get version from main project gradle
+def packVersion = properties.get("packageVersion");
+def jarVersion = properties.get("jarVersion");
+//println "packageVersion is ${projVersion}"
 
-version = '1.0'
+java {
+    toolchain {
+        languageVersion = JavaLanguageVersion.of(17)
+    }
+}
 
 repositories {
     mavenCentral()
+    flatDir { dirs "lib" }
 }
 
-dependencies {
-    compile project(':HIRS_Utils')
-    compile libs.jcommander
-    compile libs.commons_io
-    compileOnly libs.checkstyle
-    compileOnly libs.findbugs
-    testCompile libs.testng
+dependencies { 
+    implementation project(':HIRS_Utils')
+    implementation libs.jcommander
+    implementation libs.commons.io
+//    implementation libs.checkstyle
+//    implementation libs.findbugs
+//    testCompile libs.testng
 }
 
 ext.configDir = new File(projectDir, 'config')
-ext.checkstyleConfigDir = "$configDir/checkstyle"
-checkstyle {
-    toolVersion = '5.7'
-    configFile = checkstyleConfigFile
-    configProperties.put('basedir', checkstyleConfigDir)
-    ignoreFailures = false
-    showViolations = true
-}
+//ext.checkstyleConfigDir = "$configDir/checkstyle"
+//ext.findbugsConfigDir = "$configDir/findbugs"
 
-ext.findbugsConfigDir = "$configDir/findbugs"
+//checkstyle {
+//    toolVersion = '5.7'
+//    configFile = checkstyleConfigFile
+//    configProperties.put('basedir', checkstyleConfigDir)
+//    ignoreFailures = false
+//    showViolations = true
+//}
 
-findbugs {
-    toolVersion = '3.0.0'
-    ignoreFailures = false
-    effort = 'max'
-}
+//findbugs {
+//    toolVersion = '3.0.0'
+//    ignoreFailures = false
+//    effort = 'max'
+//}
 
 jar {
+    // Keep jar clean:
+    exclude 'META-INF/*.SF', 'META-INF/*.DSA', 'META-INF/*.RSA', 'META-INF/*.MF'
+    duplicatesStrategy = DuplicatesStrategy.EXCLUDE
     manifest {
-        attributes("Main-Class": "hirs.tcg_eventlog.Main",
-                "Class-Path": configurations.runtime.files.collect { "lib/$it.name" }.join(' ')
-        )
-    }
-    from(configurations.compile.collect { it.isDirectory() ? it : zipTree(it) }) {}
-    exclude 'META-INF/*.RSA', 'META-INF/*.SF', 'META-INF/*.DSA'
-}
-
-uploadArchives {
-    repositories {
-        flatDir {
-            dirs "${buildDir}"
-        }
-    }
-}
-
-buildscript {
-    repositories {
-        mavenCentral()
-    }
-    dependencies {
-        classpath 'com.netflix.nebula:gradle-ospackage-plugin:4.9.3'
-    }
+        attributes(
+                 "Main-Class": "hirs.tcg_eventlog.Main",
+                 'Class-Path':configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
+           )
+     }
+     //jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
+     archiveVersion = jarVersion
 }
 
 // Produce packages
 ospackage {
-    def gitCommitHash = 'git rev-parse --verify --short HEAD'.execute().text.trim()
-    packageName = 'tcg_eventlog_tool'
+    packageName = 'tcg-eventlog-tool'
     os = LINUX
-    arch = X86_64
-    version = '2.1.0'
-    release = gitCommitHash
+    arch = NOARCH
+    version = "$packVersion"
+    release = '1'
 
-    into '/opt/hirs/eventlog'
     user 'root'
     fileMode = 0755
 
-    from(jar.outputs.files) {
-        into 'lib'
+   into ('/opt/hirs/eventlog/lib') {
+       from jar.outputs.files
+       from configurations.runtimeClasspath
     }
-    from('lib') {
-        into 'lib'
-    }
-    from(configurations.runtime) {
-        into 'lib'
-    }
-    from('scripts') {
+    into ('/opt/hirs/eventlog/scripts') {
+      from ('scripts') {
         exclude {
-            FileTreeElement details ->
-                details.file.name.endsWith('.bat')
+            FileTreeElement details -> 
+               details.file.name.endsWith('.bat')
         }
-        into 'scripts'
+      }
     }
-    from('docs') {
-        exclude {
-            FileTreeElement details ->
-                details.file.name.endsWith('.odt')
+    into ('/opt/hirs/eventlog/docs') {
+        from ('docs') {
+           exclude {
+               FileTreeElement details ->
+                   details.file.name.endsWith('.odt')
+           }
         }
-        into 'docs'
+       from('./') {
+         include {
+             FileTreeElement details ->
+                 details.file.name.endsWith('.md')
+          }        
+       }
     }
-    from('./') {
-        include {
-            FileTreeElement details ->
-                details.file.name.endsWith('.md')
-        }
-        into './'
-        link("/usr/bin/elt", "/opt/hirs/eventlog/scripts/eventlog.sh", 0x755)
-    }
-
-    into('/tmp/') {
-        fileMode 0664
+    // Copy vendor-table into /tmp to avoid conflict with the ACA 
+    into('/tmp/elt/default-properties') {
         from ('../../HIRS_Utils/src/main/resources/vendor-table.json') {
-            addParentDirs true
-            createDirectoryEntry true
+         fileMode 0664
+         addParentDirs = true
         }
     }
 
-    postInstall file('scripts/vendor-table.sh')
+    // place elt link in system path to enable command line access
+    link("/usr/local/bin/elt", "/opt/hirs/eventlog/scripts/eventlog.sh", 0x755)
+
+    // PostInstall
+     //postInstall "cp ../../HIRS_Utils/build/libs/* /opt/hirs/eventlog/lib/."
+    // Copy files from /opt/elt/default-properties/ to avoid conflicts with the ACA
+     postInstall "cp /tmp/elt/default-properties/* /opt/hirs/default-properties/."
+     postInstall "rm -rf /tmp/elt"
+
+    // Uninstall
+    // copy files to where package manager exspects them and remove project files
+     preUninstall "mkdir -p /tmp/elt/default-properties"
+     preUninstall "cp /opt/hirs/default-properties/vendor-table.json /tmp/elt/default-properties/."
+     postUninstall "rm -rf /tmp/elt"
 
     buildRpm {
         arch = X86_64

tools/tcg_eventlog_tool/scripts/eventlog.sh

@@ -4,5 +4,5 @@
 scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")") 
 baseDir=${scriptDir%/*}
 libDir=$baseDir"/lib/"
-jar="tcg_eventlog_tool-1.0.jar";
+jar="tcg_eventlog_tool-*.jar";
 java -jar $libDir$jar "$@"

tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java

@@ -11,8 +11,8 @@ import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
-import hirs.tpm.eventlog.TCGEventLog;
-import hirs.tpm.eventlog.TpmPcrEvent;
+import hirs.utils.tpm.eventlog.TCGEventLog;
+import hirs.utils.tpm.eventlog.TpmPcrEvent;
 import hirs.utils.HexUtils;
 
 /**
@@ -115,7 +115,7 @@ final class Main {
             // General event log output
             if ((bEventFlag || bHexFlag) && !bPcrFlag) {
                 if (!bHexFlag) {
-                    if (evLog.isCryptoAgile()) {
+                    if (evLog.isBCryptoAgile()) {
                         writeOut("\nEvent Log follows the \"Crypto Agile\" format and has "
                                 + evLog.getEventList().size() + " events:\n\n");
                     } else {

tools/tcg_rim_tool/build.gradle

@@ -1,12 +1,35 @@
-apply plugin: 'java'
+plugins {
+       id "java"
+       id "nebula.ospackage" version "9.1.1"
+       id 'com.intershop.gradle.jaxb' version '5.1.0'
+}
+
+// Get version from main project gradle
+def packVersion = properties.get("packageVersion");
+def jarVersion = properties.get("jarVersion");
+//println "packageVersion is ${projVersion}"
+
+java {
+    toolchain {
+        languageVersion = JavaLanguageVersion.of(17)
+    }
+}
 
 repositories {
 	mavenCentral()
+	flatDir { dirs "lib" }
 }
 
 dependencies {
-	compile 'javax.json:javax.json-api:1.1.4', 'org.glassfish:javax.json:1.1.4', 'com.beust:jcommander:1.72', 'org.bouncycastle:bcmail-jdk15on:1.59'
-	testCompile 'org.testng:testng:6.8.8'
+	implementation libs.bouncycastle
+    implementation libs.glassfish.json
+    implementation libs.glassfish.jaxb.runtime
+    implementation libs.jcommander
+//    implementation libs.javax.json
+ //   implementation libs.javax.jaxb
+//    implementation libs.javax.annotation
+
+    testImplementation libs.testng
 }
 
 test {
@@ -14,19 +37,61 @@ test {
 }
 
 jar {
+    exclude 'META-INF/*.SF', 'META-INF/*.DSA', 'META-INF/*.RSA', 'META-INF/*.MF'
+    duplicatesStrategy = DuplicatesStrategy.EXCLUDE
 	manifest {
 		attributes("Main-Class": "hirs.swid.Main",
-			   "Class-Path": configurations.runtime.files.collect { "lib/$it.name" }.join(' ')
+			    'Class-Path':configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
 			  )
 	}
-	from(configurations.compile.collect { it.isDirectory() ? it : zipTree(it) }) {}
-	exclude 'META-INF/*.RSA', 'META-INF/*.SF', 'META-INF/*.DSA'
+     //jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
+     archiveVersion = jarVersion
 }
 
-uploadArchives {
-	repositories {
-		flatDir {
-			dirs "${buildDir}"
-		}
-	}
+ospackage {
+    packageName = 'tcg-rim-tool'
+    os = LINUX
+    arch = NOARCH
+    version = "$packVersion"
+    release = '1'
+
+    user 'root'
+    fileMode = 0755
+
+    into ('/opt/hirs/rimtool/lib') {
+        from jar.outputs.files
+        from configurations.runtimeClasspath
+        from 'libs'
+    }
+
+    into ('/opt/hirs/rimtool/scripts') {
+      from ('scripts') {
+        exclude {
+            FileTreeElement details ->
+                details.file.name.endsWith('.bat')
+        }
+      }
+    }
+    into ('/opt/hirs/rimtool/docs') {
+      from('./') {
+         include {
+             FileTreeElement details ->
+                 details.file.name.endsWith('.md')
+          }        
+       }
+       }
+    into ('/opt/hirs/rimtool/data') {
+      from('src/test/resources/') {
+       }
+     }
+     link("/usr/local/bin/rim", "/opt/hirs/rimtool/scripts/rimtool.sh", 0x755)
 }
+
+buildRpm {
+   arch = X86_64
+}
+
+buildDeb {
+    arch = 'amd64'
+}
+

tools/tcg_rim_tool/scripts/rimtool.sh

@@ -3,6 +3,6 @@
 # Calls the the_tcg_rim_tool and passes in parameters
 scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")")
 baseDir=${scriptDir%/*}
-jar="tcg_rim_tool-2.1.0.jar";
-java -jar $baseDir/$jar "$@"
-
+libDir=$baseDir"/lib/"
+jar="tcg_rim_tool-*.jar";
+java -jar $libDir$jar "$@"