From d862e9570870e6a7fbea04d1e6bd255e934142a1 Mon Sep 17 00:00:00 2001
From: iadgovuser26 <iadgovuser26@empire.eclipse.ncsc.mil>
Date: Tue, 14 Mar 2023 16:45:33 -0400
Subject: [PATCH 1/5] Added build and package creation for tcg_eventlog_tool
[no ci]
---
.../hirs/utils/tpm/eventlog/TCGEventLog.java | 11 +-
build.gradle | 34 +++-
settings.gradle | 9 +-
tools/tcg_eventlog_tool/build.gradle | 163 +++++++++---------
.../src/main/java/hirs/tcg_eventlog/Main.java | 4 +-
5 files changed, 130 insertions(+), 91 deletions(-)
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java
index ff5bdd2f..409b1182 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java
@@ -256,7 +256,16 @@ public final class TCGEventLog {
}
return pcrs;
}
-
+
+ /**
+ * Returns a flag which is set if the event log follows the "Crypto Agile" Format Type.
+ * A false implies the type is SHA1 format.
+ * @return true if log follows the Crypto Agile format.
+ */
+ public boolean isCryptoAgile() {
+ return bCryptoAgile;
+ }
+
/**
* Returns a list of event found in the Event Log.
* @return an arraylist of event.
diff --git a/build.gradle b/build.gradle
index 763fbd69..f3ed7e76 100644
--- a/build.gradle
+++ b/build.gradle
@@ -1,5 +1,6 @@
-//import java.util.concurrent.TimeUnit
-//
+import java.util.concurrent.TimeUnit
+import org.gradle.api.tasks.Copy
+
plugins {
// Apply the application plugin to add support for building a CLI application in Java.
id 'application'
@@ -8,6 +9,35 @@ plugins {
// id "nebula.ospackage" version "9.1.1"
}
+// Global checkstyle file
+ ext.checkstyleConfigFile = new File(rootDir, "/config/checkstyle/sun_checks.xml")
+
+dependencies {
+ repositories {
+ // Use Maven Central for resolving dependencies.
+ mavenCentral()
+ }
+}
+
+def projectVersion = rootProject.file('VERSION').text.trim()
+
+def buildTime = { ->
+ Date latestdate = new Date();
+ def time = latestdate.getTime();
+ long seconds = TimeUnit.MILLISECONDS.toSeconds(time);
+ return seconds;
+}
+
+def gitHash = { ->
+ def gitProcess = 'git rev-parse --short HEAD'.execute();
+ gitProcess.waitFor();
+ def shortHash = gitProcess.text.trim();
+ def gitHash = shortHash.substring(0, shortHash.length() - 2);
+ return gitHash;
+}
+
+project.ext["packageVersion"] = "${projectVersion}.${buildTime}.${gitHash}.el8"
+
//subprojects {
//
//}
diff --git a/settings.gradle b/settings.gradle
index dcd004a9..4fee8f57 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -2,8 +2,9 @@ rootProject.name = 'HIRS'
include 'HIRS_Utils',
'HIRS_AttestationCA',
- 'HIRS_AttestationCAPortal'
-
+ 'HIRS_AttestationCAPortal',
+ ':tools:tcg_eventlog_tool'
+
dependencyResolutionManagement {
versionCatalogs {
libs {
@@ -11,6 +12,7 @@ dependencyResolutionManagement {
version('jackson', '2.14.2')
library('commons-codec', 'commons-codec:commons-codec:1.15')
library('commons-lang3', 'org.apache.commons:commons-lang3:3.12.0')
+ library('commons_io', 'commons-io:commons-io:2.11.0')
library('bouncycastle', 'org.bouncycastle:bcmail-jdk15on:1.70')
library('guava', 'com.google.guava:guava:31.1-jre')
library('minimal-json', 'com.eclipsesource.minimal-json:minimal-json:0.9.5')
@@ -19,6 +21,7 @@ dependencyResolutionManagement {
library('jakarta-xml', 'jakarta.xml.bind:jakarta.xml.bind-api:4.0.0')
library('jackson-core', 'com.fasterxml.jackson.core', 'jackson-core').versionRef('jackson')
library('jackson-databind', 'com.fasterxml.jackson.core', 'jackson-databind').versionRef('jackson')
+ library('jcommander', 'com.beust:jcommander:1.82')
library('pci', 'com.github.marandus:pci-ids:0.3')
// library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-data-jpa').version('springboot')
// library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-web').version('springboot')
@@ -26,4 +29,4 @@ dependencyResolutionManagement {
library('lombok', 'org.projectlombok:lombok:1.18.26')
}
}
-}
\ No newline at end of file
+}
diff --git a/tools/tcg_eventlog_tool/build.gradle b/tools/tcg_eventlog_tool/build.gradle
index ddfbc110..24661ca0 100644
--- a/tools/tcg_eventlog_tool/build.gradle
+++ b/tools/tcg_eventlog_tool/build.gradle
@@ -1,122 +1,119 @@
-apply plugin: 'java'
-apply plugin: 'findbugs'
-apply plugin: 'checkstyle'
-apply plugin: 'nebula.ospackage'
+import java.util.concurrent.TimeUnit
+plugins {
+ id "java"
+// id "findbugs"
+// id "checkstyle"
+ id "nebula.ospackage" version "9.1.1"
+}
version = '1.0'
+java {
+ toolchain {
+ languageVersion = JavaLanguageVersion.of(17)
+ }
+}
+
repositories {
mavenCentral()
}
dependencies {
- compile project(':HIRS_Utils')
- compile libs.jcommander
- compile libs.commons_io
- compileOnly libs.checkstyle
- compileOnly libs.findbugs
- testCompile libs.testng
+ implementation project(':HIRS_Utils')
+ implementation libs.jcommander
+ implementation libs.commons.io
+// implementation libs.checkstyle
+// implementation libs.findbugs
+// testCompile libs.testng
}
ext.configDir = new File(projectDir, 'config')
-ext.checkstyleConfigDir = "$configDir/checkstyle"
-checkstyle {
- toolVersion = '5.7'
- configFile = checkstyleConfigFile
- configProperties.put('basedir', checkstyleConfigDir)
- ignoreFailures = false
- showViolations = true
-}
+//ext.checkstyleConfigDir = "$configDir/checkstyle"
+//ext.findbugsConfigDir = "$configDir/findbugs"
-ext.findbugsConfigDir = "$configDir/findbugs"
+//checkstyle {
+// toolVersion = '5.7'
+// configFile = checkstyleConfigFile
+// configProperties.put('basedir', checkstyleConfigDir)
+// ignoreFailures = false
+// showViolations = true
+//}
-findbugs {
- toolVersion = '3.0.0'
- ignoreFailures = false
- effort = 'max'
-}
+
+//findbugs {
+// toolVersion = '3.0.0'
+// ignoreFailures = false
+// effort = 'max'
+//}
jar {
+ exclude 'META-INF/*.SF', 'META-INF/*.DSA', 'META-INF/*.RSA', 'META-INF/*.MF'
manifest {
- attributes("Main-Class": "hirs.tcg_eventlog.Main",
- "Class-Path": configurations.runtime.files.collect { "lib/$it.name" }.join(' ')
- )
- }
- from(configurations.compile.collect { it.isDirectory() ? it : zipTree(it) }) {}
- exclude 'META-INF/*.RSA', 'META-INF/*.SF', 'META-INF/*.DSA'
-}
-
-uploadArchives {
- repositories {
- flatDir {
- dirs "${buildDir}"
- }
- }
-}
-
-buildscript {
- repositories {
- mavenCentral()
- }
- dependencies {
- classpath 'com.netflix.nebula:gradle-ospackage-plugin:4.9.3'
+ attributes(
+ "Main-Class": "hirs.tcg_eventlog.Main",
+ 'Class-Path': configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
+ )
}
+ // from(configurations.compile.collect { it.isDirectory() ? it : zipTree(it) }) {}
+ // exclude 'META-INF/*.RSA', 'META-INF/*.SF', 'META-INF/*.DSA'
}
+// Get version from main project gradle
+def packVersion = properties.get("packageVersion");
+//println "packageVersion is ${projVersion}"
// Produce packages
ospackage {
- def gitCommitHash = 'git rev-parse --verify --short HEAD'.execute().text.trim()
- packageName = 'tcg_eventlog_tool'
+ packageName = 'tcg-eventlog-tool'
os = LINUX
- arch = X86_64
- version = '2.1.0'
- release = gitCommitHash
+ arch = NOARCH
+ version = "$packVersion"
+ release = '1'
- into '/opt/hirs/eventlog'
user 'root'
fileMode = 0755
- from(jar.outputs.files) {
- into 'lib'
+ into ('/opt/hirs/eventlog/lib') {
+ from jar.outputs.files
+ from 'lib'
+ from 'configurations.runtimeClasspath'
}
- from('lib') {
- into 'lib'
- }
- from(configurations.runtime) {
- into 'lib'
- }
- from('scripts') {
+ into ('/opt/hirs/eventlog/scripts') {
+ from ('scripts') {
exclude {
- FileTreeElement details ->
- details.file.name.endsWith('.bat')
+ FileTreeElement details ->
+ details.file.name.endsWith('.bat')
}
- into 'scripts'
+ }
}
- from('docs') {
- exclude {
- FileTreeElement details ->
- details.file.name.endsWith('.odt')
+ into ('/opt/hirs/eventlog/docs') {
+ from ('docs') {
+ exclude {
+ FileTreeElement details ->
+ details.file.name.endsWith('.odt')
+ }
}
- into 'docs'
}
- from('./') {
- include {
- FileTreeElement details ->
- details.file.name.endsWith('.md')
- }
- into './'
- link("/usr/bin/elt", "/opt/hirs/eventlog/scripts/eventlog.sh", 0x755)
- }
-
- into('/tmp/') {
- fileMode 0664
+ // Copy vendor-table into /tmp to avoid conflict with the ACA
+ into('/tmp/elt/default-properties') {
from ('../../HIRS_Utils/src/main/resources/vendor-table.json') {
- addParentDirs true
- createDirectoryEntry true
+ fileMode 0664
+ addParentDirs = true
}
}
- postInstall file('scripts/vendor-table.sh')
+ // place elt link in system path to enable command line access
+ link("/usr/local/bin/elt", "/opt/hirs/eventlog/scripts/eventlog.sh", 0x755)
+
+ // PostInstall
+ // Copy files from /opt/elt/default-properties/ to avoid conflicts with the ACA
+ postInstall "cp /tmp/elt/default-properties/vendor-table.json /opt/hirs/default-properties/."
+ postInstall "rm -rf /tmp/elt"
+
+ // Uninstall
+ // copy files to where package manager exspects them and remove project files
+ preUninstall "mkdir -p /tmp/elt/default-properties"
+ preUninstall "cp /opt/hirs/default-properties/vendor-table.json /tmp/elt/default-properties/."
+ postUninstall "rm -rf /tmp/elt"
buildRpm {
arch = X86_64
diff --git a/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java b/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java
index 10fa4a0a..e5864bd3 100644
--- a/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java
+++ b/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java
@@ -11,8 +11,8 @@ import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
-import hirs.tpm.eventlog.TCGEventLog;
-import hirs.tpm.eventlog.TpmPcrEvent;
+import hirs.utils.tpm.eventlog.TCGEventLog;
+import hirs.utils.tpm.eventlog.TpmPcrEvent;
import hirs.utils.HexUtils;
/**
From ef65c6ad8ba442be9d96173c49c266c9a76fe60f Mon Sep 17 00:00:00 2001
From: "iadgovuser26 iadgovuser26@empire.eclipse.ncsc.mil"
<lareine@evoforge.org>
Date: Fri, 17 Mar 2023 14:47:10 -0400
Subject: [PATCH 2/5] updated with package for tcg_rim_tool [no ci]
---
HIRS_AttestationCAPortal/build.gradle | 7 ++
HIRS_Utils/build.gradle | 22 +++--
.../hirs/utils/tpm/eventlog/TCGEventLog.java | 9 +-
build.gradle | 1 +
gradle.properties | 1 +
settings.gradle | 16 ++--
tools/tcg_eventlog_tool/build.gradle | 43 +++++----
tools/tcg_eventlog_tool/scripts/eventlog.sh | 2 +-
.../src/main/java/hirs/tcg_eventlog/Main.java | 2 +-
tools/tcg_rim_tool/build.gradle | 89 ++++++++++++++++---
tools/tcg_rim_tool/scripts/rimtool.sh | 6 +-
11 files changed, 143 insertions(+), 55 deletions(-)
diff --git a/HIRS_AttestationCAPortal/build.gradle b/HIRS_AttestationCAPortal/build.gradle
index 01ec1516..d10f3763 100644
--- a/HIRS_AttestationCAPortal/build.gradle
+++ b/HIRS_AttestationCAPortal/build.gradle
@@ -7,6 +7,11 @@ plugins {
id 'io.spring.dependency-management' version '1.1.0'
}
+// Get version from main project gradle
+def packVersion = properties.get("packageVersion");
+def jarVersion = properties.get("jarVersion");
+//println "packageVersion is ${projVersion}"
+
java {
toolchain {
languageVersion = JavaLanguageVersion.of(17)
@@ -53,3 +58,5 @@ war {
}
archiveFileName = 'HIRS_AttestationCAPortal.war'
}
+
+
diff --git a/HIRS_Utils/build.gradle b/HIRS_Utils/build.gradle
index 6d8ff8f3..ec707fe4 100644
--- a/HIRS_Utils/build.gradle
+++ b/HIRS_Utils/build.gradle
@@ -1,6 +1,11 @@
plugins {
id 'java'
}
+// Get version from main project gradle
+def packVersion = properties.get("packageVersion");
+def jarVersion = properties.get("jarVersion");
+//println "packageVersion is ${projVersion}"
+
java {
toolchain {
@@ -10,7 +15,6 @@ java {
repositories {
mavenCentral()
-
flatDir { dirs "lib" }
}
@@ -47,9 +51,13 @@ test {
useJUnitPlatform()
}
-//task generateXjcLibrary(type:Exec) {
-// workingDir 'config'
-//
-// commandLine './genXjcLibrary.sh'
-//}
-//compileJava.dependsOn generateXjcLibrary
\ No newline at end of file
+jar {
+ duplicatesStrategy = DuplicatesStrategy.EXCLUDE
+ manifest {
+ attributes(
+ 'Class-Path': configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
+ )
+ }
+ //jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
+ archiveVersion = jarVersion
+}
\ No newline at end of file
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java
index 409b1182..a59cac5f 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java
@@ -257,14 +257,7 @@ public final class TCGEventLog {
return pcrs;
}
- /**
- * Returns a flag which is set if the event log follows the "Crypto Agile" Format Type.
- * A false implies the type is SHA1 format.
- * @return true if log follows the Crypto Agile format.
- */
- public boolean isCryptoAgile() {
- return bCryptoAgile;
- }
+
/**
* Returns a list of event found in the Event Log.
diff --git a/build.gradle b/build.gradle
index f3ed7e76..00db93d6 100644
--- a/build.gradle
+++ b/build.gradle
@@ -36,6 +36,7 @@ def gitHash = { ->
return gitHash;
}
+project.ext["jarVersion"] = "${projectVersion}.${buildTime}.${gitHash}"
project.ext["packageVersion"] = "${projectVersion}.${buildTime}.${gitHash}.el8"
//subprojects {
diff --git a/gradle.properties b/gradle.properties
index 2b43aeea..be12868c 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -2,3 +2,4 @@ excludeGroups=rhel-6,performance
includeGroups=
org.gradle.daemon=true
org.gradle.jvmargs=-Xms256m -Xmx1024m
+org.gradle.caching=true
diff --git a/settings.gradle b/settings.gradle
index 4fee8f57..e989f1b6 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -3,17 +3,20 @@ rootProject.name = 'HIRS'
include 'HIRS_Utils',
'HIRS_AttestationCA',
'HIRS_AttestationCAPortal',
- ':tools:tcg_eventlog_tool'
+ ':tools:tcg_eventlog_tool',
+ ':tools:tcg_rim_tool'
dependencyResolutionManagement {
versionCatalogs {
libs {
version('springboot', '3.0.1')
version('jackson', '2.14.2')
+ library('bouncycastle', 'org.bouncycastle:bcmail-jdk15on:1.70')
library('commons-codec', 'commons-codec:commons-codec:1.15')
library('commons-lang3', 'org.apache.commons:commons-lang3:3.12.0')
- library('commons_io', 'commons-io:commons-io:2.11.0')
- library('bouncycastle', 'org.bouncycastle:bcmail-jdk15on:1.70')
+ library('commons_io', 'commons-io:commons-io:2.11.0')
+ library('glassfish_json', 'org.glassfish:javax.json:1.1.4')
+ library('glassfish_jaxb_runtime', 'org.glassfish.jaxb:jaxb-runtime:2.3.1')
library('guava', 'com.google.guava:guava:31.1-jre')
library('minimal-json', 'com.eclipsesource.minimal-json:minimal-json:0.9.5')
library('jakarta-servlet', 'org.glassfish.web:jakarta.servlet.jsp.jstl:3.0.0')
@@ -21,12 +24,15 @@ dependencyResolutionManagement {
library('jakarta-xml', 'jakarta.xml.bind:jakarta.xml.bind-api:4.0.0')
library('jackson-core', 'com.fasterxml.jackson.core', 'jackson-core').versionRef('jackson')
library('jackson-databind', 'com.fasterxml.jackson.core', 'jackson-databind').versionRef('jackson')
- library('jcommander', 'com.beust:jcommander:1.82')
+ library('jcommander', 'com.beust:jcommander:1.82')
+ // library('log4j2', 'org.apache.logging.log4j:log4j-api:2.17.1')
+ // library('log4j2-core', 'org.apache.logging.log4j:log4j-core:2.17.1')
+ library('lombok', 'org.projectlombok:lombok:1.18.26')
library('pci', 'com.github.marandus:pci-ids:0.3')
+ library('testng', 'org.testng:testng:7.4.0')
// library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-data-jpa').version('springboot')
// library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-web').version('springboot')
// library('spring-datajpa', 'org.springframework.boot', 'spring-boot-starter-validation').version('springboot')
- library('lombok', 'org.projectlombok:lombok:1.18.26')
}
}
}
diff --git a/tools/tcg_eventlog_tool/build.gradle b/tools/tcg_eventlog_tool/build.gradle
index 24661ca0..31ac32b2 100644
--- a/tools/tcg_eventlog_tool/build.gradle
+++ b/tools/tcg_eventlog_tool/build.gradle
@@ -1,12 +1,14 @@
import java.util.concurrent.TimeUnit
-
plugins {
id "java"
// id "findbugs"
// id "checkstyle"
id "nebula.ospackage" version "9.1.1"
}
-version = '1.0'
+// Get version from main project gradle
+def packVersion = properties.get("packageVersion");
+def jarVersion = properties.get("jarVersion");
+//println "packageVersion is ${projVersion}"
java {
toolchain {
@@ -16,9 +18,10 @@ java {
repositories {
mavenCentral()
+ flatDir { dirs "lib" }
}
-dependencies {
+dependencies {
implementation project(':HIRS_Utils')
implementation libs.jcommander
implementation libs.commons.io
@@ -39,7 +42,6 @@ ext.configDir = new File(projectDir, 'config')
// showViolations = true
//}
-
//findbugs {
// toolVersion = '3.0.0'
// ignoreFailures = false
@@ -47,19 +49,18 @@ ext.configDir = new File(projectDir, 'config')
//}
jar {
- exclude 'META-INF/*.SF', 'META-INF/*.DSA', 'META-INF/*.RSA', 'META-INF/*.MF'
+ // Keep jar clean:
+ exclude 'META-INF/*.SF', 'META-INF/*.DSA', 'META-INF/*.RSA', 'META-INF/*.MF'
+ duplicatesStrategy = DuplicatesStrategy.EXCLUDE
manifest {
attributes(
"Main-Class": "hirs.tcg_eventlog.Main",
- 'Class-Path': configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
+ 'Class-Path':configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
)
- }
- // from(configurations.compile.collect { it.isDirectory() ? it : zipTree(it) }) {}
- // exclude 'META-INF/*.RSA', 'META-INF/*.SF', 'META-INF/*.DSA'
+ }
+ //jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
+ archiveVersion = jarVersion
}
-// Get version from main project gradle
-def packVersion = properties.get("packageVersion");
-//println "packageVersion is ${projVersion}"
// Produce packages
ospackage {
@@ -74,8 +75,7 @@ ospackage {
into ('/opt/hirs/eventlog/lib') {
from jar.outputs.files
- from 'lib'
- from 'configurations.runtimeClasspath'
+ from configurations.runtimeClasspath
}
into ('/opt/hirs/eventlog/scripts') {
from ('scripts') {
@@ -92,6 +92,12 @@ ospackage {
details.file.name.endsWith('.odt')
}
}
+ from('./') {
+ include {
+ FileTreeElement details ->
+ details.file.name.endsWith('.md')
+ }
+ }
}
// Copy vendor-table into /tmp to avoid conflict with the ACA
into('/tmp/elt/default-properties') {
@@ -105,10 +111,11 @@ ospackage {
link("/usr/local/bin/elt", "/opt/hirs/eventlog/scripts/eventlog.sh", 0x755)
// PostInstall
+ //postInstall "cp ../../HIRS_Utils/build/libs/* /opt/hirs/eventlog/lib/."
// Copy files from /opt/elt/default-properties/ to avoid conflicts with the ACA
- postInstall "cp /tmp/elt/default-properties/vendor-table.json /opt/hirs/default-properties/."
- postInstall "rm -rf /tmp/elt"
-
+ postInstall "cp /tmp/elt/default-properties/* /opt/hirs/default-properties/."
+ postInstall "rm -rf /tmp/elt"
+
// Uninstall
// copy files to where package manager exspects them and remove project files
preUninstall "mkdir -p /tmp/elt/default-properties"
@@ -121,4 +128,4 @@ ospackage {
buildDeb {
arch = X86_64
}
-}
+}
\ No newline at end of file
diff --git a/tools/tcg_eventlog_tool/scripts/eventlog.sh b/tools/tcg_eventlog_tool/scripts/eventlog.sh
index 8bd9aff4..2c5e31b8 100755
--- a/tools/tcg_eventlog_tool/scripts/eventlog.sh
+++ b/tools/tcg_eventlog_tool/scripts/eventlog.sh
@@ -4,5 +4,5 @@
scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")")
baseDir=${scriptDir%/*}
libDir=$baseDir"/lib/"
-jar="tcg_eventlog_tool-1.0.jar";
+jar="tcg_eventlog_tool-*.jar";
java -jar $libDir$jar "$@"
\ No newline at end of file
diff --git a/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java b/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java
index e5864bd3..3ca1c85c 100644
--- a/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java
+++ b/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java
@@ -115,7 +115,7 @@ final class Main {
// General event log output
if ((bEventFlag || bHexFlag) && !bPcrFlag) {
if (!bHexFlag) {
- if (evLog.isCryptoAgile()) {
+ if (evLog.isBCryptoAgile()) {
writeOut("\nEvent Log follows the \"Crypto Agile\" format and has "
+ evLog.getEventList().size() + " events:\n\n");
} else {
diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle
index df01bebe..cd7aefbe 100644
--- a/tools/tcg_rim_tool/build.gradle
+++ b/tools/tcg_rim_tool/build.gradle
@@ -1,12 +1,35 @@
-apply plugin: 'java'
+plugins {
+ id "java"
+ id "nebula.ospackage" version "9.1.1"
+ id 'com.intershop.gradle.jaxb' version '5.1.0'
+}
+
+// Get version from main project gradle
+def packVersion = properties.get("packageVersion");
+def jarVersion = properties.get("jarVersion");
+//println "packageVersion is ${projVersion}"
+
+java {
+ toolchain {
+ languageVersion = JavaLanguageVersion.of(17)
+ }
+}
repositories {
mavenCentral()
+ flatDir { dirs "lib" }
}
dependencies {
- compile 'javax.json:javax.json-api:1.1.4', 'org.glassfish:javax.json:1.1.4', 'com.beust:jcommander:1.72', 'org.bouncycastle:bcmail-jdk15on:1.59'
- testCompile 'org.testng:testng:6.8.8'
+ implementation libs.bouncycastle
+ implementation libs.glassfish.json
+ implementation libs.glassfish.jaxb.runtime
+ implementation libs.jcommander
+// implementation libs.javax.json
+ // implementation libs.javax.jaxb
+// implementation libs.javax.annotation
+
+ testImplementation libs.testng
}
test {
@@ -14,19 +37,61 @@ test {
}
jar {
+ exclude 'META-INF/*.SF', 'META-INF/*.DSA', 'META-INF/*.RSA', 'META-INF/*.MF'
+ duplicatesStrategy = DuplicatesStrategy.EXCLUDE
manifest {
attributes("Main-Class": "hirs.swid.Main",
- "Class-Path": configurations.runtime.files.collect { "lib/$it.name" }.join(' ')
+ 'Class-Path':configurations.runtimeClasspath.files.collect { it.getName() }.join(' ')
)
}
- from(configurations.compile.collect { it.isDirectory() ? it : zipTree(it) }) {}
- exclude 'META-INF/*.RSA', 'META-INF/*.SF', 'META-INF/*.DSA'
+ //jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
+ archiveVersion = jarVersion
}
-uploadArchives {
- repositories {
- flatDir {
- dirs "${buildDir}"
- }
- }
+ospackage {
+ packageName = 'tcg-rim-tool'
+ os = LINUX
+ arch = NOARCH
+ version = "$packVersion"
+ release = '1'
+
+ user 'root'
+ fileMode = 0755
+
+ into ('/opt/hirs/rimtool/lib') {
+ from jar.outputs.files
+ from configurations.runtimeClasspath
+ from 'libs'
+ }
+
+ into ('/opt/hirs/rimtool/scripts') {
+ from ('scripts') {
+ exclude {
+ FileTreeElement details ->
+ details.file.name.endsWith('.bat')
+ }
+ }
+ }
+ into ('/opt/hirs/rimtool/docs') {
+ from('./') {
+ include {
+ FileTreeElement details ->
+ details.file.name.endsWith('.md')
+ }
+ }
+ }
+ into ('/opt/hirs/rimtool/data') {
+ from('src/test/resources/') {
+ }
+ }
+ link("/usr/local/bin/rim", "/opt/hirs/rimtool/scripts/rimtool.sh", 0x755)
}
+
+buildRpm {
+ arch = X86_64
+}
+
+buildDeb {
+ arch = 'amd64'
+}
+
diff --git a/tools/tcg_rim_tool/scripts/rimtool.sh b/tools/tcg_rim_tool/scripts/rimtool.sh
index fedae5db..c0caa1d8 100644
--- a/tools/tcg_rim_tool/scripts/rimtool.sh
+++ b/tools/tcg_rim_tool/scripts/rimtool.sh
@@ -3,6 +3,6 @@
# Calls the the_tcg_rim_tool and passes in parameters
scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")")
baseDir=${scriptDir%/*}
-jar="tcg_rim_tool-2.1.0.jar";
-java -jar $baseDir/$jar "$@"
-
+libDir=$baseDir"/lib/"
+jar="tcg_rim_tool-*.jar";
+java -jar $libDir$jar "$@"
\ No newline at end of file
From 533031843916d73ab4787e80314345b984b28584 Mon Sep 17 00:00:00 2001
From: iadgovuser26 <iadgovuser26@empire.eclipse.ncsc.mil>
Date: Thu, 27 Apr 2023 21:07:41 +0000
Subject: [PATCH 3/5] adjusted to mysql password settings [no ci]
---
package/scripts/common/db_create.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/package/scripts/common/db_create.sh b/package/scripts/common/db_create.sh
index b705d329..b7da1b40 100644
--- a/package/scripts/common/db_create.sh
+++ b/package/scripts/common/db_create.sh
@@ -23,6 +23,7 @@ if [ -z $HIRS_DB_PWD ]; then
fi
# Set root password if not set
+
if mysql -u root -e 'quit' &> /dev/null; then
echo "Setting root password"
mysqladmin -u root --silent password $HIRS_MYSQL_ROOT_PWD || true > /dev/null 2>&1
From b5c4d86430fe6e23e040a6bc0313a0f102ff8231 Mon Sep 17 00:00:00 2001
From: iadgovuser26 <iadgovuser26@empire.eclipse.ncsc.mil>
Date: Wed, 3 May 2023 16:54:35 +0000
Subject: [PATCH 4/5] cleaned up dnf install and dnf remove
---
HIRS_AttestationCAPortal/build.gradle | 19 ++++++++++--
package/scripts/common/db_create.sh | 41 +++++++++++++------------
package/scripts/common/db_create.sql | 2 +-
package/scripts/common/db_drop.sh | 23 +++++---------
package/scripts/common/secure_mysql.sql | 3 +-
5 files changed, 48 insertions(+), 40 deletions(-)
diff --git a/HIRS_AttestationCAPortal/build.gradle b/HIRS_AttestationCAPortal/build.gradle
index 6187e4d8..7b62bc4a 100644
--- a/HIRS_AttestationCAPortal/build.gradle
+++ b/HIRS_AttestationCAPortal/build.gradle
@@ -75,7 +75,7 @@ ospackage {
addParentDirs = true
createDirectoryEntry true
- preInstall "rm -rf /opt/hirs/default-properties"
+ preInstall "rm -rf /opt/hirs/default-properties"
preInstall "mkdir -p /opt/hirs/default-properties/"
preInstall "mkdir -p /tmp/hirs/default-properties/"
@@ -120,7 +120,22 @@ ospackage {
from '../HIRS_AttestationCA/src/main/resources/component-class.json'
}
// Post Install
- postInstall file('../package/scripts/common/db_create.sh')
+// println "*** Checking MYSQL Configuration ...."
+// println " Myql password is $System.env.HIRS_MYSQL_ROOT_PWD"
+// println " Myql password is ${System.getenv('HIRS_MYSQL_ROOT_PWD')} "
+
+// if ( "$System.env.HIRS_MYSQL_ROOT_PWD".compareTo("null") == 0 ) {
+// println "Gradle: Mysql Root password not set"
+// }
+// else {
+// println "Gradle: Mysql Root Password set to $System.env.HIRS_MYSQL_ROOT_PWD"
+ // }
+
+ postInstall file('../package/scripts/common/db_create.sh')
+// if (System.getenv('HIRS_INSTALL_STATUS').compareTo('fail')==0 ) {
+// throw new GradleException('MYSQL password error occurred')
+// }
+ // postInstall 'sh /opt/hirs/scripts/common/db_create.sh'
// postInstall file('../package/scripts/common/ssl_configure.sh')
// postInstall 'mkdir -p /etc/hirs/aca/client_files'
postInstall 'mkdir -p /etc/hirs/aca/certificates'
diff --git a/package/scripts/common/db_create.sh b/package/scripts/common/db_create.sh
index b7da1b40..82d9440c 100644
--- a/package/scripts/common/db_create.sh
+++ b/package/scripts/common/db_create.sh
@@ -3,35 +3,38 @@
###############################################################################
# HIRS DB creation
# Environment variables used:
-# a. HIRS_MYSQL_ROOT_EXSITING_PWD: set this variable if mysql root password is already set
-# b. HIRS_MYSQL_ROOT_PWD: set this variable if mysql root password is already set
-# c. HIRS_DB_PWD: Set the pwd if default password to hirs_db user needs to be changed
+# a. HIRS_MYSQL_ROOT_PWD: Set this variable if mysql root password is already set
+# b. HIRS_DB_PWD: Set the pwd if default password to hirs_db user needs to be changed
# HIRS_MYSQL_ROOT_NEW_PWD wil be ignored if HIRS_MYSQL_ROOT_EXSITING_PWD is set.
################################################################################
-# Set Mysql root password
-if [ ! -z $HIRS_MYSQL_ROOT_EXSITING_PWD ]; then
- HIRS_MYSQL_ROOT_PWD=$HIRS_MYSQL_ROOT_EXSITING_PWD
-elif [ ! -z $HIRS_MYSQL_ROOT_NEW_PWD ]; then
- HIRS_MYSQL_ROOT_PWD=$HIRS_MYSQL_ROOT_NEW_PWD
-else #assume root pasword needs to be set
- HIRS_MYSQL_ROOT_PWD="root"
-fi
-
+# Set Mysql HIRS DB password
if [ -z $HIRS_DB_PWD ]; then
HIRS_DB_PWD="hirs_db"
fi
+# Save hirs_db mysql user password to the properties file
+echo "hibernate.connection.username="hirs_db"" > /etc/hirs/hibernate.properties
+echo "hibernate.connection.password=$HIRS_DB_PWD" >> /etc/hirs/hibernate.properties
-# Set root password if not set
+# Test the root password, error if the password doesnt work
-if mysql -u root -e 'quit' &> /dev/null; then
- echo "Setting root password"
- mysqladmin -u root --silent password $HIRS_MYSQL_ROOT_PWD || true > /dev/null 2>&1
+if [ -z ${HIRS_MYSQL_ROOT_PWD} ]; then
+ echo "HIRS_MYSQL_ROOT_PWD environment variable not set"
+ mysql -fu root -e 'quit' &> /dev/null;
+else
+ echo "Using $HIRS_MYSQL_ROOT_PWD as the mysql root password"
+ $(mysql -u root -p$HIRS_MYSQL_ROOT_PWD -e 'quit' &> /dev/null);
+fi
+if [ $? -eq 0 ]; then
+ echo "root password verified"
+else
+ echo "MYSQL root password was not the default, not supplied, or was incorrect"
+ echo " please set the HIRS_MYSQL_ROOT_PWD system variable and retry."
+ echo " ********** ACA Mysql setup aborted ********" ;
+ exit 1;
fi
echo "HIRS_DB_PWD is $HIRS_DB_PWD"
-echo "HIRS_MYSQL_ROOT_EXSITING_PWD is $HIRS_MYSQL_ROOT_EXSITING_PWD"
-echo "HIRS_MYSQL_ROOT_NEW_PWD is $HIRS_MYSQL_ROOT_NEW_PWD"
echo "HIRS_MYSQL_ROOT_PWD is $HIRS_MYSQL_ROOT_PWD"
# Check if we're in a Docker container
@@ -54,7 +57,6 @@ if [[ $(pgrep -c -u mysql mysqld) -eq 0 ]]; then
chown -R mysql:mysql /var/lib/mysql/
fi
echo "Starting mysql...."
- #nohup /usr/bin/mysqld_safe > /dev/null 2>&1 &
chown -R mysql:mysql /var/log/mariadb
/usr/bin/mysqld_safe &
else
@@ -75,3 +77,4 @@ echo "Creating HIRS Database..."
mysql -u root --password=$HIRS_MYSQL_ROOT_PWD < /opt/hirs/scripts/common/db_create.sql
mysql -u root --password=$HIRS_MYSQL_ROOT_PWD < /opt/hirs/scripts/common/secure_mysql.sql
mysql -u root --password=$HIRS_MYSQL_ROOT_PWD -e "ALTER USER 'hirs_db'@'localhost' IDENTIFIED BY '"$HIRS_DB_PWD"'; FLUSH PRIVILEGES;";
+
diff --git a/package/scripts/common/db_create.sql b/package/scripts/common/db_create.sql
index 8d4ee212..63ee7a95 100644
--- a/package/scripts/common/db_create.sql
+++ b/package/scripts/common/db_create.sql
@@ -1,2 +1,2 @@
CREATE DATABASE IF NOT EXISTS `hirs_db` CHARACTER SET = 'utf8mb4' COLLATE = 'utf8mb4_general_ci';
-GRANT ALL ON hirs_db.* TO "hirs_db"@"localhost" IDENTIFIED BY "$HIRS_DB_PWD";
+GRANT ALL ON hirs_db.* TO "hirs_db"@"localhost" IDENTIFIED BY "$HIRS_DB_PWD";
diff --git a/package/scripts/common/db_drop.sh b/package/scripts/common/db_drop.sh
index 21514124..52229cbd 100644
--- a/package/scripts/common/db_drop.sh
+++ b/package/scripts/common/db_drop.sh
@@ -1,20 +1,11 @@
#!/bin/bash
-# Get the current password from the perstence.properties file
-#file="/etc/hirs/persistence.properties"
-# Change java key/value pairs into valid bash key/value pairs
-#function prop {
-# grep "${1}" ${file} | cut -d'=' -f2 | xargs
-#}
+echo "dropping hirs database"
-#user="root"
-# user=$(prop 'persistence.db.user')
-#pwd=$(prop 'persistence.db.password')
-pwd="root"
-
-# Need to update when password get written to the persitence fil
-# delete the database
-
-if pgrep mysqld >/dev/null 2>&1; then
- mysql -u "$user" --password="$pwd" < /opt/hirs/scripts/common/db_drop.sql
+if pgrep mysqld >/dev/null 2>&1; then
+ if [ -z ${HIRS_MYSQL_ROOT_PWD} ]; then
+ mysql -u "root" < /opt/hirs/scripts/common/db_drop.sql
+ else
+ mysql -u "root" -p$HIRS_MYSQL_ROOT_PWD < /opt/hirs/scripts/common/db_drop.sq1
+ fi
fi
diff --git a/package/scripts/common/secure_mysql.sql b/package/scripts/common/secure_mysql.sql
index 3221740c..8589affe 100644
--- a/package/scripts/common/secure_mysql.sql
+++ b/package/scripts/common/secure_mysql.sql
@@ -1,6 +1,5 @@
-UPDATE mysql.user SET Password=PASSWORD('root') WHERE User='root';
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
-FLUSH PRIVILEGES
\ No newline at end of file
+FLUSH PRIVILEGES
From 59a2b7ea4fec4f6054ff1228b86be190f80dd8d7 Mon Sep 17 00:00:00 2001
From: iadgovuser26 <iadgovuser26@empire.eclipse.ncsc.mil>
Date: Wed, 3 May 2023 18:44:14 +0000
Subject: [PATCH 5/5] Updated HIRS_Utils.gradle [no ci]
---
HIRS_Utils/build.gradle | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/HIRS_Utils/build.gradle b/HIRS_Utils/build.gradle
index ec707fe4..ea0abd57 100644
--- a/HIRS_Utils/build.gradle
+++ b/HIRS_Utils/build.gradle
@@ -60,4 +60,11 @@ jar {
}
//jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension]
archiveVersion = jarVersion
-}
\ No newline at end of file
+}
+
+//task generateXjcLibrary(type:Exec) {
+// workingDir 'config'
+//
+// commandLine './genXjcLibrary.sh'
+//}
+//compileJava.dependsOn generateXjcLibrary