diff --git a/.gitignore b/.gitignore index 13970e1..27c4384 100644 --- a/.gitignore +++ b/.gitignore @@ -3,7 +3,6 @@ src/generated .classpath .project .settings/ -settings.gradle .gradle/2.1/taskArtifacts src/main/resources/namespace-prefix.xjb src/main/resource/schemas diff --git a/.java-version b/.java-version new file mode 100644 index 0000000..ad72959 --- /dev/null +++ b/.java-version @@ -0,0 +1 @@ +oracle64-1.8.0.20 diff --git a/.travis.yml b/.travis.yml index 709b707..f887409 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,3 +8,6 @@ before_install: env: GRADLE_OPTS=-Dorg.gradle.daemon=true env: CI_OPTS=--stacktrace + +install: /bin/true +script: "./gradlew -x signArchives" diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..1838bd2 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,78 @@ +############################################################ +# A Dockerfile used to create a java-stix build container +# based on Ubunu. +# +# Copyright (c) 2015, The MITRE Corporation. All rights reserved. +# See LICENSE for complete terms. +# +# @author nemonik (Michael Joseph Walsh ) +# +# WHAT TO DO: +# +# If you have Docker installed, from the root of the project run +# the following to create a container image for this Dockerfile via: +# +# docker build -t java_stix_img . +# +# Then create a container using the image you just created via: +# +# docker run -t -i java_stix_img_v1_1_1_1 /bin/bash +# +# To retreive the jar archives from the running docker container use following +# from the command-line of your docker host, not the container: +# +# docker cp :/java-stix/build/libs/stix-1.1.1.1-SNAPSHOT-javadoc.jar . +# docker cp :/java-stix/build/libs/stix-1.1.1.1-SNAPSHOT-sources.jar . +# docker cp :/java-stix/build/libs/stix-1.1.1.1-SNAPSHOT.jar . +# +# If the containder ID is not obvious, but you can also retrieve it via: +# +# docker ps +# +# An example of retrieving the snapshot jar would be the following: +# +# ➜ /tmp docker cp 83ad9afb6096:/java-stix/build/libs/stix-1.1.1.1-SNAPSHOT.jar . +# +# +############################################################ + +# Set base image +FROM ubuntu:15.04 + +# File Maintainer +MAINTAINER Michael Joseph Walsh + +# Update the sources list +RUN apt-get -y update + +# Install cmd-line dev toolchain +RUN apt-get install -y tar git curl nano wget dialog net-tools build-essential software-properties-common + +# To install the default OpenJDK environment +RUN add-apt-repository -y ppa:openjdk-r/ppa +RUN apt-get -y update +RUN apt-get -y install openjdk-8-jdk + +# To install the OpenJDK 7, comment out the above and uncomment the following. +#RUN apt-get install -y openjdk-7-jdk + +# Optionally to install the Oracle JDK, comment out the above, uncomment the +# the next 3 lines, and then uncommment the preferred JDK version. +#RUN apt-get -y install python-software-properties +#RUN add-apt-repository -y ppa:webupd8team/java +#RUN apt-get -y update + +#RUN apt-get install oracle-java7-installer +#RUN apt-get install oracle-java8-installer + +# Clone java-stix repo at the current branch into the container +COPY . java-stix + +# Open the java-stix project +WORKDIR java-stix + +# Build unsigned jar archives in debug to /java-stix/build/libs +RUN ./gradlew -x signArchives -d + +# Clean up APT when done. +RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* diff --git a/README.MD b/README.MD index b01b0d9..c164356 100644 --- a/README.MD +++ b/README.MD @@ -22,15 +22,39 @@ replacement for the [python-stix][python stix] API. Releases of java-stix will comply with the Semantic Versioning specification at [http://semver.org/][semver]. Java-stix is currently under active development; see TODO.txt for a tentative roadmap. Releases will be announced on the [STIX -discussion list][list]. +discussion list][list]. A java-stix for a particular schema release will match the +STIX schema version in Semantic Versioning form. Follow up patches of java-stix +for a particular schema release will increment a 4th digit. For example, the first +patch release for java-stix `v1.1.1` would be `v1.1.1.1`. Patches will be worked +in a branch prior to being tagged and released. + +## Releases + +Releases are distributed via the Maven Central Repository. + +### Apache Maven: + + + org.mitre + stix + 1.1.1.1 + + +### Gradle: + + compile 'org.mitre:stix:1.1.1.1' + +### Apache Ivy: + + ## Snapshots Snapshots are being pushed to -https://oss.sonatype.org/content/repositories/snapshots/org/mitre/stix/ +[https://oss.sonatype.org/content/repositories/snapshots/org/mitre/stix/](https://oss.sonatype.org/content/repositories/snapshots/org/mitre/stix/) -So, users can simply retrieve java-stix directly via the Central Repository. +Users using Apache Maven for example can simply retrieve java-stix directly via the Central Repository: @@ -45,14 +69,16 @@ So, users can simply retrieve java-stix directly via the Central Repository. org.mitre stix - 1.1.1-SNAPSHOT + 1.1.1.1-SNAPSHOT -At a later date, release artifacts will appear in the Maven Central Repository. +[Release](#releases) artifacts appear in the Maven Central Repository. # Building +java-stix builds under Java7, and Java8. + ## Clone the repository Clone the java-stix project via: @@ -75,12 +101,12 @@ including OS X thereby removing the need to have Gradle installed. For a UNIX platform, you can run Gradle from the project root via: - ./gradlew + ./gradlew -x signArchives This documentation centers on UNIX-centric Gradle command-line execution for brevity, but if you are on Windows you can run Gradle via: - .\gradlew.bat + .\gradlew.bat -x signArchives Executing the `tasks` Gradle task will inform you of all the tasks runnable @@ -126,6 +152,7 @@ commands on the command line: git submodule update --force cd src/main/resources/schemas/v1.1.1 git checkout tags/v1.1.1 + Your not done. You'll also need to retrieve the CybOX schemas. @@ -133,8 +160,10 @@ Your not done. You'll also need to retrieve the CybOX schemas. While in the project: + cd src/main/resources/schemas/v1.1.1 git submodule init git submodule update --force + cd cybox git checkout 3442ebe50385d3bd0b3305952b90d296e0a1242c When Gradle build script first runs it will also patch the CybOX schemas so @@ -153,31 +182,30 @@ It is really unnecessary to build by hand, if your intention is to use the java-stix in your project as [snapshot](#importing_into_eclipse) exist in the Maven Central Snapshot repository, and soon releases will exist too. -First change directories into the project and enter on the command-line: - - ./gradlew +If you have not set up the signing properties you can instruct Gradle to skip +signing jars by doing the following: -as `build` is the default Gradle task. + ./gradlew -x signArchives After the Gradle wrapper shell script has downloaded and cached the Gradle binary distribution, a successful build will look like something like this on UNIX: - ➜ java_stix git:(master) ./gradlew + ➜ java_stix git:(master) ✗ ./gradlew -x signArchives :buildSrc:compileJava UP-TO-DATE - :buildSrc:compileGroovy + :buildSrc:compileGroovy UP-TO-DATE :buildSrc:processResources UP-TO-DATE - :buildSrc:classes - :buildSrc:jar - :buildSrc:assemble + :buildSrc:classes UP-TO-DATE + :buildSrc:jar UP-TO-DATE + :buildSrc:assemble UP-TO-DATE :buildSrc:compileTestJava UP-TO-DATE :buildSrc:compileTestGroovy UP-TO-DATE :buildSrc:processTestResources UP-TO-DATE :buildSrc:testClasses UP-TO-DATE :buildSrc:test UP-TO-DATE :buildSrc:check UP-TO-DATE - :buildSrc:build - :clean UP-TO-DATE + :buildSrc:build UP-TO-DATE + :clean :retrieveSchemas Schemas are present. Retrieval is not needed. /Users/walsh/Development/workspace/java_stix/src/main/resources/schemas/v1.1.1/cybox/objects/Archive_File_Object.xsd already patched. @@ -195,14 +223,13 @@ on UNIX: :classes :jar :javadoc - /Users/walsh/Development/workspace/java_stix/src/main/java/org/mitre/stix/DocumentUtilities.java:81: warning - @return tag has no arguments. /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:277: warning - Tag @link: reference not found: byte[] - /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:299: warning - Tag @link: reference not found: byte[] + /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:287: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:361: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:331: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:351: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:277: warning - Tag @link: reference not found: byte[] - /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:299: warning - Tag @link: reference not found: byte[] + /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:287: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:331: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:351: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:361: warning - Tag @link: reference not found: byte[] @@ -211,11 +238,11 @@ on UNIX: /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/X509Data.java:132: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/X509Data.java:132: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:277: warning - Tag @link: reference not found: byte[] - /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:299: warning - Tag @link: reference not found: byte[] + /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:287: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:361: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:331: warning - Tag @link: reference not found: byte[] /Users/walsh/Development/workspace/java_stix/src/generated/java/org/w3/_2000/_09/xmldsig/ObjectFactory.java:351: warning - Tag @link: reference not found: byte[] - 20 warnings + 19 warnings :javadocJar :sourcesJar :assemble @@ -229,16 +256,16 @@ on UNIX: BUILD SUCCESSFUL - Total time: 2 mins 58.614 secs + Total time: 3 mins 7.702 secs Ignore the javadoc tag warnings they have no impact on the build. Also, ignore the warning about unchecked or unsafe operations as they are an artifact of XJC being used to autogenerate the document object model. -If you want more detail about the build you can pass `--stacktrace --debug` on -the command line like so: +If you want more detail consider passing `-d`/`--debug` or `-i`/`--info` along with +`--stacktrace` on the command line like so: - ./gradlew --stacktrace --debug + ./gradlew -x signArchives --stacktrace --debug for a more detailed build. I set an environment `CI_OPTS` variable with this value for CircleCi builds to be bettered informed as to why the buiid is @@ -262,16 +289,31 @@ path. To execute the tests: - ./gradlew test + /gradlew -x signArchives test Consider using `-d`/`--debug` or `-i`/`--info` for more details during test execution like so: - ./gradlew test -i + ./gradlew -x signArchives -i The `test` task will generated a report that can be found at `build/reports/tests/index.html`. +### Examples + +Examples exist in src/main/java/org/mitre/stix/examples + + src/main/java/org/mitre/stix/examples/ + ├── CIQIdentity.java + ├── CreationToolMetadata.java + ├── IndicatorHash.java + ├── XML2Object.java + └── XMLParser.java + +To execute CIQIdentity on the command-line via Gradle, do the following: + + ./gradlew -PmainClass=org.mitre.stix.examples.CIQIdentity -x signArchives execute + ## Addendum The author sees this section out of scope, but added it in hopes it will help @@ -284,11 +326,11 @@ this platform. You will need additional dependencies normally found in UNIX, such as, GNU patch. GNU Patch can be installed via either cygwin, Chocolatey, or directly. Then you'll need to work out permission elevation issues so Gradle can execute the command-line GNU patch command through Gradle's Ant -integration. +integration. Alternatively, see the section on [building using the Dockerfile](#building_via_docker). To build on Windows use the gradlew batch script like so: - $ .\gradlew.bat + $ .\gradlew.bat -x signArchives If the build goes well you will find the jars: @@ -299,6 +341,36 @@ If the build goes well you will find the jars: where `${version}` is replaced with the `version` number in the Gradle build script. +### Building via the Dockerfile + +If you have Docker installed, from the root of the project run +the following to create a container image for this Dockerfile via: + + docker build -t java_stix_img_v1_2_0_1 . + +Then create a container using the image you just created via: + + docker run -t -i java_stix_img_v1_2_0_1 /bin/bash + +To retreive the jar archives from the running docker container use following +from the command-line of your docker host, not the container: + + docker cp :/java-stix/build/libs/stix-1.2.0.1-SNAPSHOT-javadoc.jar . + docker cp :/java-stix/build/libs/stix-1.2.0.1-SNAPSHOT-sources.jar . + docker cp :/java-stix/build/libs/stix-1.2.0.1-SNAPSHOT.jar . + +If the containder ID is not obvious, but you can also retrieve it via: + + docker ps + +An example of retrieving the snapshot jar would be the following: + + docker cp 83ad9afb6096:/java-stix/build/libs/stix-1.2.0.1-SNAPSHOT.jar . + +By default the Docker container will build using OpenJdk 7. You can modify +the Dockerfile to other JVM's noted in the file. Please, note Gradle targets +Java 1.7 compatibility regardless. + ### Importing the project into Eclipse As Eclipse's various Gradle plugins have varying degrees of usefulness, I @@ -312,7 +384,7 @@ After running the Gradle build script, if you are using the Eclipse IDE you may want to run the following from the command-line to set up the Ecipse environment: - ./gradlew build cleanEclipse eclipse + ./gradlew build cleanEclipse eclipse -x signArchives It entirely depends on how smart yoour Eclipse Gradle plugin is and how you imported the project. The above command will change your prject to essentially diff --git a/build.gradle b/build.gradle index 7fb0e90..6bd1c20 100644 --- a/build.gradle +++ b/build.gradle @@ -8,13 +8,43 @@ * * Run * - * gradle + * ./gradlew -x signArchives * * from the commnand-line and the build task will execute by default. * * The Jar will be built to * * build/libs/stix-${version}.jar + * + * + * Publishing archives: + * + * signingKeyId, signingPassword, secretKeyFile, ossrhUsername, and ossrhPassword properties + * should be defined outside of the repository either on the command-line via + * + * ./gradlew -PsigningKeyId=value -PsigningPassword=value -PsecretKeyFile=value -PossrhUsername=value -PossrhPassword=value + * + * or via ~/.gradle/gradle.properties as + * + * signingKeyId=value + * signingPassword=value + * secretKeyFile=value + * ossrhUsername=value + * ossrhPassword=value + * + * Check settings via: + * + * To publish a snapshot execute the "uploadArchives" task like so: + * + * ./gradlew uploadArchives + * + * Otherwise you can publish a release to staging by executing the "uploadArchives" task + * with "release" property like so: + * + * ./gradlew uploadArchives -Prelease + * + * ./gradle checkProperties + * */ import org.gradle.plugins.signing.Sign @@ -35,13 +65,7 @@ apply plugin: "signing" defaultTasks "build" -version = "1.1.1" -group = "org.mitre" -archivesBaseName = "stix" - -project.ext.set("schemaVersion", version) - -if (project.hasProperty("snapshot")) { +if (!has("release")) { version = "${version}-SNAPSHOT" } @@ -68,12 +92,22 @@ task cleanSchema(type: CleanSchemaTask) { } task calcChecksum(type: CalcChecksumTask) { + schemaVersion = project.schemaVersion } -compileJava.dependsOn createPackageInfo +if (!has("skipPackageInfo")) { + compileJava.dependsOn createPackageInfo +} task wrapper(type: Wrapper) { - gradleVersion = '2.3' + gradleVersion = '2.4' + def jvmOpts='-Xmx1024m -Xms256m' + inputs.property("jvmOpts", jvmOpts) + doLast { + def optsEnvVar = "DEFAULT_JVM_OPTS" + scriptFile.write scriptFile.text.replace("$optsEnvVar=\"\"", "$optsEnvVar=\"$jvmOpts\"") + batchScript.write batchScript.text.replace("set $optsEnvVar=", "set $optsEnvVar=$jvmOpts") + } } task javadocJar(type: Jar) { @@ -89,6 +123,114 @@ task sourcesJar(type: Jar, dependsOn: javadoc) { from sourceSets.main.allSource } +task checkProperties() { + doFirst { + println "${project.hasProperty("signingKeyId") ? 'signingKeyId = ' + signingKeyId : 'No value has been specified for property \'signingKeyId\'.'}" + println "${project.hasProperty("signingPassword") ? 'signingPassword = ' + signingPassword : 'No value has been specified for property \'signingKeyId\'.'}" + println "${project.hasProperty("secretKeyFile") ? 'secretKeyFile = ' + secretKeyFile : 'No value has been specified for property \'secretKeyFile\'.'}" + println "${project.hasProperty("ossrhUsername") ? 'ossrhUsername = ' + ossrhUsername : 'No value has been specified for property \'ossrhUsername\'.'}" + println "${project.hasProperty("ossrhPassword") ?'ossrhPassword = ' + ossrhPassword : 'No value has been specified for property \'ossrhPassword\'.'}" + } +} + +task execute(type:JavaExec) { + main = project.mainClass + classpath = sourceSets.main.runtimeClasspath +} + +task gatherDependencies(type: Copy) { + into "${buildDir}/dependencies" + from configurations.runtime +} + +uploadArchives{ + configuration = configurations.archives + repositories { + mavenDeployer { + beforeDeployment { MavenDeployment deployment -> + if (!project.hasProperty("ossrhUsername")) { + throw new GradleException("No value has been specified for property 'ossrhUsername'.") + } + + if (!project.hasProperty("ossrhPassword")) { + throw new GradleException("No value has been specified for property 'ossrhPassword'.") + } + + signing.signPom(deployment) + } + + repository(url: "https://oss.sonatype.org/service/local/staging/deploy/maven2/") { + authentication(userName: project.hasProperty("ossrhUsername") ? ossrhUsername : "", password: project.hasProperty("ossrhPassword") ? ossrhPassword: "") + } + + snapshotRepository(url: "https://oss.sonatype.org/content/repositories/snapshots/") { + authentication(userName: project.hasProperty("ossrhUsername") ? ossrhUsername : "", password: project.hasProperty("ossrhPassword") ? ossrhPassword: "") + } + + pom.project { + name "${project.name}" + packaging 'jar' + version "${project.version}" + // optionally artifactId can be defined here + description "The Java bindings for STIX v." + version + url "https://github.com/STIXProject/java-stix" + + scm { + connection "https://github.com/STIXProject/java-stix.git" + developerConnection "https://github.com/STIXProject/java-stix.git" + url "https://github.com/STIXProject/java-stix" + } + + licenses { + license { + name "The BSD 3-Clause License" + url "https://raw.githubusercontent.com/STIXProject/java-stix/master/LICENSE" + } + } + + developers { + developer { + id 'nemonik' + name 'Michael Joseph Walsh' + email 'java-stix-pom[ASCII character number 64]nemonik.com' + } + } + } + } + } +} + +gradle.taskGraph.whenReady { taskGraph -> + if (taskGraph.allTasks.any { it instanceof Sign}) { + allprojects { + ext."signing.keyId" = project.hasProperty("signingKeyId") ? signingKeyId : "" + ext."signing.password" = project.hasProperty("signingPassword") ? signingPassword: "" + ext."signing.secretKeyRingFile" = project.hasProperty("secretKeyFile") ? secretKeyFile: "" + } + } + + if (taskGraph.hasTask(tasks.uploadArchives)) { + if (has("release")) { + if (!project.hasProperty("signingKeyId")) { + throw new GradleException("No value has been specified for property 'signingKeyId'.") + } + + if (!project.hasProperty("signingPassword")) { + throw new GradleException("No value has been specified for property 'signingPassword'.") + } + + if (!project.hasProperty("secretKeyFile")) { + throw new GradleException("No value has been specified for property 'secretKeyFile'.") + } + } + } +} + +signing { + required {has("release") && gradle.taskGraph.hasTask(tasks.uploadArchives) } + sign configurations.archives +} + clean { delete("src/generated/java") delete("src/main/resources/namespace-prefix.xjb") @@ -99,7 +241,9 @@ sourceSets { java { srcDirs("src/main/java", "src/generated/java") } resources { srcDir("src/main/resources") - exclude "*.xjb" // not needed in the jar + exclude "*.xjb" + exclude "**/v1.2-rc1" + exclude "**/v1.2.0" } } } @@ -141,82 +285,6 @@ jar { from 'LICENSE' } -gradle.taskGraph.whenReady { taskGraph -> - if (taskGraph.allTasks.any { it instanceof Upload }) { - allprojects { - // signingKeyId, signingPassword, secretKeyFile, ossrhUsername, ossrhPassword - // should be define out of the repository either on the command-line via - // - // gradle -DsigningKeyId=value -DsigningPassword=value -DsecretKeyFile=value -DossrhUsername=value -DossrhPassword=value - // - // or via ~/.gradle/gradle.properties as - // - // systemProp.signingKeyId=value - // systemProp.signingPassword=value - // systemProp.secretKeyFile=value - // systemProp.ossrhUsername=value - // systemProp.ossrhPassword=value - - ext."signing.keyId" = System.properties["signingKeyId"] - ext."signing.password" = System.properties["signingPassword"] - ext."signing.secretKeyRingFile" = System.properties["secretKeyFile"] - - ext."ossrhUsername" = System.properties["ossrhUsername"] - ext."ossrhPassword" = System.properties["ossrhPassword"] - - signing { - sign configurations.archives - } - - uploadArchives { - repositories { - mavenDeployer { - beforeDeployment { MavenDeployment deployment -> signing.signPom(deployment) } - - repository(url: "https://oss.sonatype.org/service/local/staging/deploy/maven2/") { - authentication(userName: ossrhUsername, password: ossrhPassword) - } - - snapshotRepository(url: "https://oss.sonatype.org/content/repositories/snapshots/") { - authentication(userName: ossrhUsername, password: ossrhPassword) - } - - pom.project { - name 'stix' - packaging 'jar' - version "${project.version}" - // optionally artifactId can be defined here - description "The JAXB Bindings for STIX v." + version - url "https://github.com/nemonik/java_stix" - - scm { - connection "https://github.com/nemonik/java_stix.git" - developerConnection "https://github.com/nemonik/java_stix.git" - url "https://github.com/nemonik/java_stix" - } - - licenses { - license { - name "The BSD 3-Clause License" - url "https://raw.githubusercontent.com/nemonik/java_stix/master/LICENSE" - } - } - - developers { - developer { - id 'nemonik' - name 'Michael Joseph Walsh' - email 'java-stix-pom[ASCII character number 64]nemonik.com' - } - } - } - } - } - } - } - } -} - javadoc { include "**/org/mitre/stix/**/*" include "**/com/mandiant/**/*" @@ -251,7 +319,14 @@ if (JavaVersion.current().isJava8Compatible()) { } artifacts { - archives javadocJar, sourcesJar + archives jar + archives sourcesJar + archives javadocJar +} + +tasks.withType(JavaCompile) { + sourceCompatibility = "1.7" + targetCompatibility = "1.7" } buildscript { @@ -264,7 +339,6 @@ buildscript { } dependencies { - // Needed for GeneratedSourceTransformationTask classpath name: "org.eclipse.core.runtime_3.10.0.v20140318-2214" classpath name: "org.eclipse.osgi_3.10.0.v20140606-1445" diff --git a/buildSrc/src/main/groovy/org/mitre/stix/CalcChecksumTask.groovy b/buildSrc/src/main/groovy/org/mitre/stix/CalcChecksumTask.groovy index 98aec3c..60ca51d 100644 --- a/buildSrc/src/main/groovy/org/mitre/stix/CalcChecksumTask.groovy +++ b/buildSrc/src/main/groovy/org/mitre/stix/CalcChecksumTask.groovy @@ -5,12 +5,14 @@ package org.mitre.stix import org.gradle.api.DefaultTask +import org.gradle.api.tasks.Input import org.gradle.api.tasks.TaskAction import java.io.FileInputStream import java.security.MessageDigest public class Checksum { + def calc(File file) { def messageDigest = MessageDigest.getInstance("SHA1") @@ -36,9 +38,11 @@ public class Checksum { } class CalcChecksumTask extends DefaultTask { - + + @Input String schemaVersion + CalcChecksumTask() { - description = "Calculates checksum for a file. For example: gradle -Pfilepath=src/main/resources/schemas/v1.1.1/cybox/objects/Archive_File_Object.xsd calcChecksum" + description = "Calculates checksum for a file. For example: gradle -Pfilepath=src/main/resources/schemas/v${schemaVersion}/cybox/objects/Archive_File_Object.xsd calcChecksum" } @TaskAction diff --git a/circle.yml b/circle.yml index 9169a61..be88d48 100644 --- a/circle.yml +++ b/circle.yml @@ -4,3 +4,7 @@ machine: environment: GRADLE_OPTS: -Dorg.gradle.daemon=true CI_OPTS: --stacktrace --debug + +test: + override: + - ./gradlew -x signArchives diff --git a/gradle.properties b/gradle.properties new file mode 100644 index 0000000..5261bfb --- /dev/null +++ b/gradle.properties @@ -0,0 +1,5 @@ +version = 1.1.1.1 +schemaVersion = 1.1.1 +group = org.mitre +name = stix +mainClass = org.mitre.stix.STIXSchema \ No newline at end of file diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar index 085a1cd..b5166da 100644 Binary files a/gradle/wrapper/gradle-wrapper.jar and b/gradle/wrapper/gradle-wrapper.jar differ diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 0fcaf33..f01ac3f 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ -#Mon Apr 27 15:56:20 EDT 2015 +#Mon Jun 22 14:50:21 EDT 2015 distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-2.3-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-2.4-bin.zip diff --git a/gradlew b/gradlew index 745c3a5..8c1075e 100755 --- a/gradlew +++ b/gradlew @@ -7,7 +7,7 @@ ############################################################################## # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -DEFAULT_JVM_OPTS="-Dorg.gradle.daemon=true -Xmx1024m -Xms256m -XX:+CMSClassUnloadingEnabled -XX:+HeapDumpOnOutOfMemoryError" +DEFAULT_JVM_OPTS="-Xmx1024m -Xms256m" APP_NAME="Gradle" APP_BASE_NAME=`basename "$0"` @@ -161,4 +161,4 @@ function splitJvmOpts() { eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME" -exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain $CI_OPTS "$@" +exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@" diff --git a/gradlew.bat b/gradlew.bat index f4679dd..c750a85 100644 --- a/gradlew.bat +++ b/gradlew.bat @@ -9,7 +9,7 @@ if "%OS%"=="Windows_NT" setlocal @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -set DEFAULT_JVM_OPTS="-Dorg.gradle.daemon=true -Xmx1024m -Xms256m -XX:+CMSClassUnloadingEnabled -XX:+HeapDumpOnOutOfMemoryError" +set DEFAULT_JVM_OPTS=-Xmx1024m -Xms256m set DIRNAME=%~dp0 if "%DIRNAME%" == "" set DIRNAME=. @@ -72,7 +72,7 @@ set CMD_LINE_ARGS=%$ set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar @rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CI_OPTS% %CMD_LINE_ARGS% +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% :end @rem End local scope for the variables with windows NT shell diff --git a/retrieve_schemas.bat b/retrieve_schemas.bat index 08f6a75..43e2b8a 100644 --- a/retrieve_schemas.bat +++ b/retrieve_schemas.bat @@ -7,4 +7,5 @@ git checkout tags/v1.1.1 echo Retrieving CybOX schemas... git submodule init git submodule update --force +cd cybox git checkout 3442ebe50385d3bd0b3305952b90d296e0a1242c \ No newline at end of file diff --git a/retrieve_schemas.sh b/retrieve_schemas.sh index 4b1d0c7..4b72c33 100755 --- a/retrieve_schemas.sh +++ b/retrieve_schemas.sh @@ -9,5 +9,6 @@ git checkout tags/v1.1.1 echo " Retrieving CybOX schemas..." git submodule init git submodule update --force +cd cybox git checkout 3442ebe50385d3bd0b3305952b90d296e0a1242c diff --git a/settings.gradle b/settings.gradle new file mode 100644 index 0000000..24c2c63 --- /dev/null +++ b/settings.gradle @@ -0,0 +1 @@ +rootProject.name = name \ No newline at end of file diff --git a/src/main/java/org/mitre/stix/DocumentUtilities.java b/src/main/java/org/mitre/stix/DocumentUtilities.java index 9481be9..2393dc7 100644 --- a/src/main/java/org/mitre/stix/DocumentUtilities.java +++ b/src/main/java/org/mitre/stix/DocumentUtilities.java @@ -76,7 +76,7 @@ public static Document toDocument(JAXBElement jaxbElement) { * JAXB representation of an XML Element * @param prettyPrint * True for pretty print, otherwise false - * @return + * @return The Document representation */ public static Document toDocument(JAXBElement jaxbElement, boolean prettyPrint) { diff --git a/src/main/java/org/mitre/stix/STIXSchema.java b/src/main/java/org/mitre/stix/STIXSchema.java index c7db78a..3cb1253 100644 --- a/src/main/java/org/mitre/stix/STIXSchema.java +++ b/src/main/java/org/mitre/stix/STIXSchema.java @@ -10,16 +10,13 @@ import java.net.URL; import java.nio.charset.StandardCharsets; import java.util.HashMap; -import java.util.HashSet; import java.util.Map; -import java.util.Set; import java.util.logging.Logger; -import javax.xml.bind.annotation.XmlType; - import javax.xml.XMLConstants; import javax.xml.bind.annotation.XmlRootElement; import javax.xml.bind.annotation.XmlSchema; +import javax.xml.bind.annotation.XmlType; import javax.xml.namespace.QName; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; @@ -43,7 +40,7 @@ import org.w3c.dom.Element; import org.w3c.dom.NamedNodeMap; import org.w3c.dom.Node; -import org.w3c.dom.NodeList; +import org.xml.sax.ErrorHandler; import org.xml.sax.SAXException; /** @@ -91,12 +88,13 @@ private STIXSchema() { this.version = ((Version) this.getClass().getPackage() .getAnnotation(Version.class)).schema(); - ResourcePatternResolver patternResolver = new PathMatchingResourcePatternResolver(); + ResourcePatternResolver patternResolver = new PathMatchingResourcePatternResolver( + this.getClass().getClassLoader()); Resource[] schemaResources; try { schemaResources = patternResolver - .getResources("classpath*:schemas/v" + version + .getResources("classpath:schemas/v" + version + "/**/*.xsd"); prefixSchemaBindings = new HashMap(); @@ -170,6 +168,16 @@ private STIXSchema() { } } + /** + * Override the default ValidationErrorHandler with one of your own. + * + * @param customErrorHandler + * The Handler to use instead. + */ + public void setValidationErrorHandler(ErrorHandler customErrorHandler) { + validator.setErrorHandler(customErrorHandler); + } + /** * Returns the schema version * @@ -247,6 +255,7 @@ public boolean validate(String xmlText) { } catch (IOException e) { throw new RuntimeException(e); } catch (SAXException e) { + System.out.println("---------\n" + e + "--------\n"); return false; } @@ -272,7 +281,9 @@ public static void main(String[] args) throws ParserConfigurationException, System.out .println(schema .validate(new URL( - "https://raw.githubusercontent.com/STIXProject/schemas/master/samples/STIX_Domain_Watchlist.xml"))); + "https://raw.githubusercontent.com/STIXProject/python-stix/v1.1.1.5/examples/sample.xml"))); + + System.out.println(schema.getVersion()); } /** @@ -300,11 +311,9 @@ public static String getNamespaceURI(Object obj) { */ public static String getName(Object obj) { try { - return obj.getClass().getAnnotation( - XmlRootElement.class).name(); + return obj.getClass().getAnnotation(XmlRootElement.class).name(); } catch (NullPointerException e) { - return obj.getClass().getAnnotation( - XmlType.class).name(); + return obj.getClass().getAnnotation(XmlType.class).name(); } } diff --git a/src/main/java/org/mitre/stix/examples/CIQIdentity.java b/src/main/java/org/mitre/stix/examples/CIQIdentity.java index 0633206..579d531 100644 --- a/src/main/java/org/mitre/stix/examples/CIQIdentity.java +++ b/src/main/java/org/mitre/stix/examples/CIQIdentity.java @@ -118,9 +118,8 @@ public static void main(String[] args) { InformationSourceType producer = new InformationSourceType() .withDescription( - new StructuredTextType( - "An indicator containing a File observable with an associated hash", - null)) + new StructuredTextType() + .withValue("An indicator containing a File observable with an associated hash")) .withTime( new TimeType() .withProducedTime(new DateTimeWithPrecisionType( @@ -155,10 +154,9 @@ public static void main(String[] args) { .withTimestamp(now) .withTitle("File Hash Example") .withDescription( - new StructuredTextType( - "An indicator containing a File observable with an associated hash", - null)).withProducer(producer) - .withObservable(observable); + new StructuredTextType() + .withValue("An indicator containing a File observable with an associated hash")) + .withProducer(producer).withObservable(observable); IndicatorsType indicators = new IndicatorsType( new ArrayList() { @@ -187,8 +185,8 @@ public static void main(String[] args) { System.out.println(StringUtils.repeat("-", 120)); - System.out.println(STIXPackage.fromXMLString(stixPackage - .toXMLString()).toXMLString(true)); + System.out.println(STIXPackage.fromXMLString( + stixPackage.toXMLString()).toXMLString(true)); } catch (DatatypeConfigurationException e) { throw new RuntimeException(e); diff --git a/src/main/java/org/mitre/stix/examples/CreationToolMetadata.java b/src/main/java/org/mitre/stix/examples/CreationToolMetadata.java index ac1a9fa..1f37ddb 100644 --- a/src/main/java/org/mitre/stix/examples/CreationToolMetadata.java +++ b/src/main/java/org/mitre/stix/examples/CreationToolMetadata.java @@ -46,7 +46,7 @@ public static void main(String[] args) { new GregorianCalendar(TimeZone.getTimeZone("UTC"))); STIXHeaderType header = new STIXHeaderType() - .withDescription(new StructuredTextType("Example", null)) + .withDescription(new StructuredTextType().withValue("Example")) .withInformationSource( new InformationSourceType().withTools(new ToolsInformationType() .withTools(new ToolInformationType() diff --git a/src/main/java/org/mitre/stix/examples/sample.xml b/src/main/java/org/mitre/stix/examples/sample.xml deleted file mode 100755 index 0e6f46a..0000000 --- a/src/main/java/org/mitre/stix/examples/sample.xml +++ /dev/null @@ -1,49 +0,0 @@ - - - - Example watchlist that contains IP information. - Indicators - Watchlist - - - - IP Watchlist - Sample IP Address Indicator for this watchlist. This contains one indicator with a set of three IP addresses in the watchlist. - - - - 10.0.0.0##comma##10.0.0.1##comma##10.0.0.2 - - - - - - - diff --git a/src/test/groovy/org/mitre/stix/sitx_1/STIXPackageSpec.groovy b/src/test/groovy/org/mitre/stix/sitx_1/STIXPackageSpec.groovy index 2c698d3..6f9d3bc 100644 --- a/src/test/groovy/org/mitre/stix/sitx_1/STIXPackageSpec.groovy +++ b/src/test/groovy/org/mitre/stix/sitx_1/STIXPackageSpec.groovy @@ -53,7 +53,7 @@ import spock.lang.* class STIXPackageSpec extends spock.lang.Specification{ - def "A STIXPpackage when created creates the expected XML String"() { + def "A STIXPackage when created creates the expected XML String"() { setup: XMLUnit.setIgnoreWhitespace(true) XMLUnit.setIgnoreAttributeOrder(true) @@ -188,9 +188,8 @@ class STIXPackageSpec extends spock.lang.Specification{ def producer = new InformationSourceType() .withDescription( - new StructuredTextType( - "An indicator containing a File observable with an associated hash", - null)) + new StructuredTextType().withValue( + "An indicator containing a File observable with an associated hash")) .withTime( new TimeType() .withProducedTime(new DateTimeWithPrecisionType( @@ -225,9 +224,9 @@ class STIXPackageSpec extends spock.lang.Specification{ .withTimestamp(epoch) .withTitle("File Hash Example") .withDescription( - new StructuredTextType( - "An indicator containing a File observable with an associated hash", - null)).withProducer(producer) + new StructuredTextType().withValue( + "An indicator containing a File observable with an associated hash")) + .withProducer(producer) .withObservable(observable) def indicators = new IndicatorsType(