Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/main' into v3_issue_612-integrat…
Browse files Browse the repository at this point in the history 
…iontest
  • Loading branch information
@iadgovuser58
iadgovuser58 committed Oct 19, 2023
2 parents 5a42ec3 + 45d5507 commit e2507d5
Show file tree
Hide file tree
Showing 58 changed files with 2,311 additions and 2,299 deletions.
19 changes: 19 additions & 0 deletions .ci/docker/Dockerfile.ubuntu22ci
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
FROM ubuntu:22.04

RUN apt-get update -y && apt-get upgrade -y && apt-get clean -y

# Install packages for building HIRS ACA
RUN apt-get -y install openjdk-17-jdk mariadb-server
RUN apt-get -y install git curl nano cron

# Ports needed for system-level tests
EXPOSE 8080
EXPOSE 8443

# Checkout HIRS main branch and run gradlew to install gradlew dependencies, then delete HIRS
# Use '--depth=1' so as to not download the history of all commits
RUN git clone -b main --depth=1 https://github.com/nsacyber/HIRS.git /hirsTemp
WORKDIR "/hirsTemp"
RUN /bin/bash -c './gradlew clean build'
WORKDIR "/"
RUN rm -rf /hirsTemp
69 changes: 69 additions & 0 deletions .github/workflows/hirs_package_linux.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
name: HIRS build and packages for Linux
on:
push:
branches:
- '*v3*'
- 'main'
workflow_dispatch:

jobs:
# run the package script for HIRS ACA, Provisioners, tcg_rim_tool, and tcg_eventlog_tool
Package_linux:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write

steps:
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
settings-path: ${{ github.workspace }} # location for the settings.xml file
- name: directory setup
run: |
mkdir -p artifacts/jars
- name: install dependencies
run: |
sudo apt-get update
sudo apt-get install git curl nano cron mariadb-server
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
- name: Execute Gradle build
run: |
./gradlew build;
./gradlew bootWar;
./gradlew buildDeb;
./gradlew buildRpm;
cp HIRS_AttestationCAPortal/build/libs/*.jar artifacts/jars/.
cp HIRS_AttestationCA/build/libs/*.jar artifacts/jars/.
cp HIRS_Utils/build/libs/*.jar artifacts/jars/.
cp HIRS_Structs/build/libs/*.jar artifacts/jars/.
- name: Archive RPM files
uses: actions/upload-artifact@v3
with:
name: RPM_Files
path: HIRS_AttestationCAPortal/build/distributions/*.rpm
if-no-files-found: error
- name: Archive DEB files
uses: actions/upload-artifact@v3
with:
name: DEB_Files
path: HIRS_AttestationCAPortal/build/distributions/*.deb
if-no-files-found: error
- name: War files
uses: actions/upload-artifact@v3
with:
name: WAR_Files
path: HIRS_AttestationCAPortal/build/libs/HIRS_AttestationCAPortal.war
if-no-files-found: error
- name: JAR_Files
uses: actions/upload-artifact@v3
with:
name: JAR_Files
path: artifacts/jars/
if-no-files-found: error

Empty file removed 10
View file
Empty file.
1 change: 1 addition & 0 deletions HIRS_AttestationCA/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ dependencies {
implementation libs.jakarta.api
implementation libs.jakarta.xml
implementation libs.hibernate.core
implementation libs.pci
implementation libs.guava
implementation libs.jackson.core
implementation libs.jackson.databind
Expand Down
20 changes: 6 additions & 14 deletions ...testationCA/src/main/java/hirs/attestationca/persist/AttestationCertificateAuthority.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,8 @@
import hirs.attestationca.persist.entity.manager.ReferenceDigestValueRepository;
import hirs.attestationca.persist.entity.manager.ReferenceManifestRepository;
import hirs.attestationca.persist.entity.manager.TPM2ProvisionerStateRepository;
import hirs.attestationca.persist.provision.CertificateRequestHandler;
import hirs.attestationca.persist.provision.IdentityClaimHandler;
import hirs.attestationca.persist.provision.IdentityRequestHandler;
import hirs.attestationca.persist.provision.CertificateRequestProcessor;
import hirs.attestationca.persist.provision.IdentityClaimProcessor;
import hirs.attestationca.persist.service.SupplyChainValidationService;
import hirs.structs.converters.StructConverter;
import lombok.extern.log4j.Log4j2;
Expand Down Expand Up @@ -62,9 +61,8 @@ public abstract class AttestationCertificateAuthority {
private final PolicyRepository policyRepository;
private final TPM2ProvisionerStateRepository tpm2ProvisionerStateRepository;

private CertificateRequestHandler certificateRequestHandler;
private IdentityClaimHandler identityClaimHandler;
private IdentityRequestHandler identityRequestHandler;
private CertificateRequestProcessor certificateRequestHandler;
private IdentityClaimProcessor identityClaimHandler;

/**
* Constructor.
Expand Down Expand Up @@ -109,19 +107,13 @@ public AttestationCertificateAuthority(
this.policyRepository = policyRepository;
this.tpm2ProvisionerStateRepository = tpm2ProvisionerStateRepository;

this.certificateRequestHandler = new CertificateRequestHandler(supplyChainValidationService,
this.certificateRequestHandler = new CertificateRequestProcessor(supplyChainValidationService,
certificateRepository, deviceRepository,
privateKey, acaCertificate, validDays, tpm2ProvisionerStateRepository);
this.identityClaimHandler = new IdentityClaimHandler(supplyChainValidationService,
this.identityClaimHandler = new IdentityClaimProcessor(supplyChainValidationService,
certificateRepository, referenceManifestRepository,
referenceDigestValueRepository,
deviceRepository, tpm2ProvisionerStateRepository, policyRepository);
this.identityRequestHandler = new IdentityRequestHandler(structConverter, certificateRepository,
deviceRepository, supplyChainValidationService, privateKey, validDays, acaCertificate);
}

byte[] processIdentityRequest(final byte[] identityRequest) {
return this.identityRequestHandler.processIdentityRequest(identityRequest);
}

byte[] processIdentityClaimTpm2(final byte[] identityClaim) {
Expand Down
223 changes: 0 additions & 223 deletions HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/PCRQuoteValidator.java
View file

This file was deleted.

22 changes: 0 additions & 22 deletions ...onCA/src/main/java/hirs/attestationca/persist/RestfulAttestationCertificateAuthority.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,28 +71,6 @@ public RestfulAttestationCertificateAuthority(
referenceDigestValueRepository, policyRepository, tpm2ProvisionerStateRepository);
}

/**
* Processes a given IdentityRequestEnvelope and
* generates a IdentityResponseEnvelope. In most cases,
* a client will generate the request using the TPM "Collate Identity" process.
*
* Wrap the {@link AttestationCertificateAuthority#processIdentityRequest(byte[])}
* with a Spring {@link org.springframework.web.bind.annotation.RequestMapping}. Effectively, this method then will allow spring to
* serialize and deserialize the request and responses on method invocation and
* return, respectively.
*
* @param identityRequest generated during the collate identity process with a Tpm
* @return response for the request
*/
@Override
@ResponseBody
@RequestMapping(value = "/identity-request/process",
method = RequestMethod.POST,
consumes = MediaType.APPLICATION_OCTET_STREAM_VALUE)
public byte[] processIdentityRequest(@RequestBody final byte[] identityRequest) {
return super.processIdentityRequest(identityRequest);
}

/**
* Listener for identity requests from TPM 2.0 provisioning.
*
Expand Down
Loading

0 comments on commit e2507d5

Please sign in to comment.