Replace tpsclient with pki tps-client

.github/workflows/tps-basic-test.yml

@@ -33,20 +33,18 @@ jobs:
           tests/bin/ds-create.sh \
               --image=${{ env.DS_IMAGE }} \
               --hostname=ds.example.com \
+              --network=example \
+              --network-alias=ds.example.com \
               --password=Secret.123 \
               ds
 
-      - name: Connect DS container to network
-        run: docker network connect example ds --alias ds.example.com
-
       - name: Set up PKI container
         run: |
-          tests/bin/runner-init.sh pki
-        env:
-          HOSTNAME: pki.example.com
-
-      - name: Connect PKI container to network
-        run: docker network connect example pki --alias pki.example.com
+          tests/bin/runner-init.sh \
+              --hostname=pki.example.com \
+              --network=example \
+              --network-alias=pki.example.com \
+              pki
 
       - name: Install CA
         run: |
@@ -304,7 +302,7 @@ jobs:
           # restart TPS subsystem
           docker exec pki pki-server tps-redeploy --wait
 
-      - name: Add token
+      - name: Add token for testuser1
         run: |
           hexdump -v -n "10" -e '1/1 "%02x"' /dev/urandom > cuid
           CUID=$(cat cuid)
@@ -316,11 +314,11 @@ jobs:
 
           docker exec pki pki -n caadmin tps-cert-find --token $CUID
 
-      - name: Format token
+      - name: Format testuser1 token using pki tps-client
         run: |
           CUID=$(cat cuid)
           docker exec pki /usr/share/pki/tps/bin/pki-tps-format \
-              --user=testuser \
+              --user=testuser1 \
               --password=Secret.123 \
               $CUID
 
@@ -331,11 +329,11 @@ jobs:
 
           docker exec pki pki -n caadmin tps-cert-find --token $CUID
 
-      - name: Enroll token
+      - name: Enroll testuser1 token using pki tps-client
         run: |
           CUID=$(cat cuid)
           docker exec pki /usr/share/pki/tps/bin/pki-tps-enroll \
-              --user=testuser \
+              --user=testuser1 \
               --password=Secret.123 \
               $CUID
 
@@ -346,21 +344,67 @@ jobs:
 
           docker exec pki pki -n caadmin tps-cert-find --token $CUID
 
-      - name: KRA key find
+      - name: Find testuser1 key in KRA
         run: |          
           CUID=$(cat cuid | tr [:lower:] [:upper:])
-          USER="testuser"
+          USER="testuser1"
           echo $CUID:$USER > expected
           docker exec pki pki -n caadmin kra-key-find --owner $CUID:$USER | tee output
           sed -n 's/\s*Owner:\s\+\(\S\+\)\s*/\1/p' output > actual
           diff expected actual
 
-      - name: Gather artifacts
-        if: always()
+      - name: Add token for testuser2
+        run: |
+          hexdump -v -n "10" -e '1/1 "%02x"' /dev/urandom > cuid
+          CUID=$(cat cuid)
+          docker exec pki pki -n caadmin tps-token-add $CUID | tee output
+
+          echo "UNFORMATTED" > expected
+          sed -n 's/\s*Status:\s\+\(\S\+\)\s*/\1/p' output > actual
+          diff expected actual
+
+          docker exec pki pki -n caadmin tps-cert-find --token $CUID
+
+      - name: Format testuser2 token using tpsclient
+        run: |
+          CUID=$(cat cuid)
+          docker exec pki /usr/share/pki/tps/bin/pki-tps-format \
+              --client=tpsclient \
+              --user=testuser2 \
+              --password=Secret.123 \
+              $CUID
+
+          echo "FORMATTED" > expected
+          docker exec pki pki -n caadmin tps-token-show $CUID | tee output
+          sed -n 's/\s*Status:\s\+\(\S\+\)\s*/\1/p' output > actual
+          diff expected actual
+
+          docker exec pki pki -n caadmin tps-cert-find --token $CUID
+
+      - name: Enroll testuser2 token using tpsclient
+        run: |
+          CUID=$(cat cuid)
+          docker exec pki /usr/share/pki/tps/bin/pki-tps-enroll \
+              --client=tpsclient \
+              --user=testuser2 \
+              --password=Secret.123 \
+              $CUID
+
+          echo "ACTIVE" > expected
+          docker exec pki pki -n caadmin tps-token-show $CUID | tee output
+          sed -n 's/\s*Status:\s\+\(\S\+\)\s*/\1/p' output > actual
+          diff expected actual
+
+          docker exec pki pki -n caadmin tps-cert-find --token $CUID
+
+      - name: Find testuser2 key in KRA
         run: |
-          tests/bin/ds-artifacts-save.sh ds
-          tests/bin/pki-artifacts-save.sh pki
-        continue-on-error: true
+          CUID=$(cat cuid | tr [:lower:] [:upper:])
+          USER="testuser2"
+          echo $CUID:$USER > expected
+          docker exec pki pki -n caadmin kra-key-find --owner $CUID:$USER | tee output
+          sed -n 's/\s*Owner:\s\+\(\S\+\)\s*/\1/p' output > actual
+          diff expected actual
 
       - name: Remove TPS
         run: docker exec pki pkidestroy -s TPS -v
@@ -484,10 +528,3 @@ jobs:
         if: always()
         run: |
           docker exec pki find /var/lib/pki/pki-tomcat/logs/tps -name "debug.*" -exec cat {} \;
-
-      - name: Upload artifacts
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: tps-basic
-          path: /tmp/artifacts

base/tools/src/main/java/com/netscape/cmstools/tps/TPSCLI.java

@@ -58,6 +58,7 @@ public TPSCLI(MainCLI mainCLI) {
         addModule(new SelfTestCLI(this));
         addModule(new TokenCLI(this));
         addModule(new UserCLI(this));
+        addModule(new TPSClientCLI(this));
     }
 
     @Override

base/tools/src/main/java/com/netscape/cmstools/tps/TPSClientCLI.java

@@ -0,0 +1,46 @@
+//
+// Copyright Red Hat, Inc.
+//
+// SPDX-License-Identifier: GPL-2.0-or-later
+//
+package com.netscape.cmstools.tps;
+
+import org.apache.commons.cli.CommandLine;
+import org.dogtagpki.cli.CommandCLI;
+
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class TPSClientCLI extends CommandCLI {
+
+    public static org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(TPSClientCLI.class);
+
+    static {
+        System.loadLibrary("pki-tps");
+    }
+
+    public TPSCLI tpsCLI;
+
+    public TPSClientCLI(TPSCLI tpsCLI) {
+        super("client", "TPS client", tpsCLI);
+        this.tpsCLI = tpsCLI;
+    }
+
+    @Override
+    public void printHelp() {
+        formatter.printHelp(getFullName() + " [OPTIONS...]", options);
+    }
+
+    public native void execute() throws Exception;
+
+    @Override
+    public void execute(CommandLine cmd) throws Exception {
+
+        MainCLI mainCLI = (MainCLI) getRoot();
+        mainCLI.init();
+
+        execute();
+    }
+}

base/tools/src/main/native/tpsclient/CMakeLists.txt

@@ -36,99 +36,8 @@ SET(CMAKE_INSTALL_RPATH "${LIB_INSTALL_DIR}/tps")
 # which point to directories outside the build tree to the install RPATH
 SET(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE)
 
-set(TPS_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/src/include)
-
-set(TPS_PUBLIC_INCLUDE_DIRS
-    ${CMAKE_CURRENT_BINARY_DIR}
-    ${CMAKE_CURRENT_SOURCE_DIR}
-    ${TPS_INCLUDE_DIR}
-    CACHE INTERNAL "TPS public include directories"
-)
-
-set(TPS_PRIVATE_INCLUDE_DIRS
-    ${TPS_PUBLIC_INCLUDE_DIRS}
-    ${CMAKE_BINARY_DIR}
-    ${NSPR_INCLUDE_DIRS}
-    ${NSS_INCLUDE_DIRS}
-    ${APR_INCLUDE_DIRS}
-    ${LDAP_INCLUDE_DIRS}
-)
-
-set(tpsclient_SRCS
-    src/main/Buffer.cpp
-    src/main/NameValueSet.cpp
-    src/main/Util.cpp
-    src/main/RA_Msg.cpp
-    src/main/Memory.cpp
-    src/main/AuthParams.cpp
-    src/apdu/APDU.cpp
-    src/apdu/Unblock_Pin_APDU.cpp
-    src/apdu/Create_Object_APDU.cpp
-    src/apdu/Set_Pin_APDU.cpp
-    src/apdu/Set_IssuerInfo_APDU.cpp
-    src/apdu/Get_IssuerInfo_APDU.cpp
-    src/apdu/Create_Pin_APDU.cpp
-    src/apdu/List_Pins_APDU.cpp
-    src/apdu/Initialize_Update_APDU.cpp
-    src/apdu/Get_Version_APDU.cpp
-    src/apdu/Get_Status_APDU.cpp
-    src/apdu/Get_Data_APDU.cpp
-    src/apdu/External_Authenticate_APDU.cpp
-    src/apdu/Generate_Key_APDU.cpp
-    src/apdu/Generate_Key_ECC_APDU.cpp
-    src/apdu/Read_Buffer_APDU.cpp
-    src/apdu/Read_Object_APDU.cpp
-    src/apdu/Write_Object_APDU.cpp
-    src/apdu/Put_Key_APDU.cpp
-    src/apdu/Select_APDU.cpp
-    src/apdu/Delete_File_APDU.cpp
-    src/apdu/Install_Applet_APDU.cpp
-    src/apdu/Format_Muscle_Applet_APDU.cpp
-    src/apdu/Load_File_APDU.cpp
-    src/apdu/Install_Load_APDU.cpp
-    src/apdu/Lifecycle_APDU.cpp
-    src/apdu/List_Objects_APDU.cpp
-    src/apdu/Import_Key_APDU.cpp
-    src/apdu/Import_Key_Enc_APDU.cpp
-    src/apdu/APDU_Response.cpp
-    src/apdu/Get_Lifecycle_APDU.cpp
-    src/msg/RA_Begin_Op_Msg.cpp
-    src/msg/RA_End_Op_Msg.cpp
-    src/msg/RA_Login_Request_Msg.cpp
-    src/msg/RA_Login_Response_Msg.cpp
-    src/msg/RA_SecureId_Request_Msg.cpp
-    src/msg/RA_SecureId_Response_Msg.cpp
-    src/msg/RA_ASQ_Request_Msg.cpp
-    src/msg/RA_ASQ_Response_Msg.cpp
-    src/msg/RA_New_Pin_Request_Msg.cpp
-    src/msg/RA_New_Pin_Response_Msg.cpp
-    src/msg/RA_Token_PDU_Request_Msg.cpp
-    src/msg/RA_Token_PDU_Response_Msg.cpp
-    src/msg/RA_Status_Update_Request_Msg.cpp
-    src/msg/RA_Status_Update_Response_Msg.cpp
-    src/msg/RA_Extended_Login_Request_Msg.cpp
-    src/msg/RA_Extended_Login_Response_Msg.cpp
-    tools/raclient/RA_Client.cpp
-    tools/raclient/RA_Conn.cpp
-    tools/raclient/RA_Token.cpp
-)
-
-set(TPS_EXECUTABLE
-    tpsclient
-    CACHE INTERNAL "tpsclient executable"
-)
-
-set(TPS_LINK_LIBRARIES
-    ${NSPR_LIBRARIES}
-    ${NSS_LIBRARIES}
-    ${APR_LIBRARIES}
-    ${LDAP_LIBRARIES}
-)
-
-include_directories(${TPS_PRIVATE_INCLUDE_DIRS})
-
-add_executable(${TPS_EXECUTABLE} ${tpsclient_SRCS})
-target_link_libraries(${TPS_EXECUTABLE} ${TPS_LINK_LIBRARIES})
+add_subdirectory(src)
+add_subdirectory(tools)
 
 add_custom_target(tpsclient-man ALL
     COMMENT "Creating PKI server manuals")
@@ -139,14 +48,6 @@ add_custom_command(
     COMMAND go-md2man -in ${CMAKE_SOURCE_DIR}/docs/manuals/man1/tpsclient.1.md -out man/man1/tpsclient.1
 )
 
-install(
-    TARGETS
-        ${TPS_EXECUTABLE}
-    RUNTIME DESTINATION ${BIN_INSTALL_DIR}
-    LIBRARY DESTINATION ${LIB_INSTALL_DIR}/tps
-    ARCHIVE DESTINATION ${LIB_INSTALL_DIR}/tps
-)
-
 install(
     DIRECTORY
         ${CMAKE_CURRENT_BINARY_DIR}/man/