From 59e2ac65e7f0f29baa60fab9954a7d896df7999e Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Mon, 15 Jul 2024 15:05:31 -0400 Subject: [PATCH 01/37] packaging rimtool for windows --- .github/workflows/hirs_package_linux.yml | 5 +++ .../create_hirstools_desktop_shortcut.ps1 | 7 ++++ package/win/tcg-rim-tool/eventLog.ps1 | 11 ++++++ package/win/tcg-rim-tool/hirsshell.ps1 | 15 ++++++++ package/win/tcg-rim-tool/rim.ps1 | 11 ++++++ tools/tcg_rim_tool/build.gradle | 34 +++++++++++++++++++ 6 files changed, 83 insertions(+) create mode 100644 package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 create mode 100644 package/win/tcg-rim-tool/eventLog.ps1 create mode 100644 package/win/tcg-rim-tool/hirsshell.ps1 create mode 100644 package/win/tcg-rim-tool/rim.ps1 diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 5406ad06..75b98970 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -66,4 +66,9 @@ jobs: name: JAR_Files path: artifacts/jars/ if-no-files-found: error + - name: ZIP_Files + uses: actions/upload-artifact@v3 + with: + path: tools/tcg_rim_tool/build/distributions/*.zip + \ No newline at end of file diff --git a/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 b/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 new file mode 100644 index 00000000..748b2126 --- /dev/null +++ b/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 @@ -0,0 +1,7 @@ + +# Create a shortcut to start the RIM shell +$WshShell = New-Object -comObject WScript.Shell +$Shortcut = $WshShell.CreateShortcut("$Home\Desktop\HIRS_tools.lnk") +$Shortcut.TargetPath = "$PWD\hirsshell.ps1" +$Shortcut.WorkingDirectory = "$PWD" +$Shortcut.Save() diff --git a/package/win/tcg-rim-tool/eventLog.ps1 b/package/win/tcg-rim-tool/eventLog.ps1 new file mode 100644 index 00000000..7307cd50 --- /dev/null +++ b/package/win/tcg-rim-tool/eventLog.ps1 @@ -0,0 +1,11 @@ +# Script to run the tcg_rim_tool in java + +$JavaParams = @{ + FilePath = 'java' + ArgumentList = @( + '-jar "{0}"' -f "$PWD\tcg_eventlog_tool-2.1.3.jar" + "$args" + ) +} + +Start-Process @JavaParams -NoNewWindow -Wait \ No newline at end of file diff --git a/package/win/tcg-rim-tool/hirsshell.ps1 b/package/win/tcg-rim-tool/hirsshell.ps1 new file mode 100644 index 00000000..ae85c109 --- /dev/null +++ b/package/win/tcg-rim-tool/hirsshell.ps1 @@ -0,0 +1,15 @@ +# Script to start a new shell with a rim alias +$StartInfo = new-object System.Diagnostics.ProcessStartInfo +$StartInfo.FileName = "$pshome\powershell.exe" +$StartInfo.Arguments = "-NoExit -Command + `$Host.UI.RawUI.WindowTitle=`'TCG RIM TOOL`'; + Set-Alias elt '$PWD\eventlog.ps1'; + Set-Alias rim '$PWD\rim.ps1'; + # function rim { java -jar 'tcg_rim_tool-2.1.0.jar' $args; }; + echo 'The TCG RIM TOOL is intended for testing TCG Defined PC Client Reference Integrity Manifests (RIMs)'; + echo 'for usage type: rim -h'; + echo 'for eventlog usage type: elt -h' + Set-Location -Path $PWD; + function prompt {'HIRS > '};" +[System.Diagnostics.Process]::Start($StartInfo) + diff --git a/package/win/tcg-rim-tool/rim.ps1 b/package/win/tcg-rim-tool/rim.ps1 new file mode 100644 index 00000000..75168c6a --- /dev/null +++ b/package/win/tcg-rim-tool/rim.ps1 @@ -0,0 +1,11 @@ +# Script to run the tcg_rim_tool in java + +$JavaParams = @{ + FilePath = 'java' + ArgumentList = @( + '-jar "{0}"' -f "$PWD\tcg_rim_tool-2.1.0.jar" + "$args" + ) +} + +Start-Process @JavaParams -NoNewWindow -Wait \ No newline at end of file diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle index fc39524c..6f507255 100644 --- a/tools/tcg_rim_tool/build.gradle +++ b/tools/tcg_rim_tool/build.gradle @@ -131,3 +131,37 @@ buildRpm { buildDeb { arch = 'amd64' } + +task buildZip(type: Zip){ + dependsOn jar + from(tasks.jar.archiveFile){ + into '/' + } + from('README.md') { + into '/' + } + from('./build/resources/test/rim_fields.json'){ + into '/' + } + from('../../package/win/tcg_rim_tool/rim.ps1'){ + into '/' + } + from('../../package/win/tcg_rim_tool/hirsshell.ps1'){ + into '/' + } + from('../../package/win/tcg_rim_tool/eventLog.ps1'){ + into '/' + } + from('../../package/win/tcg_rim_tool/create_hirstools_desktop_shortcut.ps1'){ + into '/' + } + +// arch = 'win' + // project_subproject-release version_data-git commit hash-arch.extension + archiveBaseName.set(project.name + '-' + jarVersion) + archiveExtension.set('zip') + destinationDirectory.set(file("$buildDir/distributions")) +} + +buildZip.dependsOn jar +//build.dependsOn buildZip \ No newline at end of file From 13177712abd41cf16320bd34e3f491eaa7bcfef1 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Mon, 15 Jul 2024 15:16:57 -0400 Subject: [PATCH 02/37] packaging rimtool for windows --- .github/workflows/hirs_package_linux.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 75b98970..cf00ae7f 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -38,10 +38,12 @@ jobs: ./gradlew bootWar; ./gradlew buildDeb; ./gradlew buildRpm; + ./gradlew buildZip cp HIRS_AttestationCAPortal/build/libs/*.jar artifacts/jars/. cp HIRS_AttestationCA/build/libs/*.jar artifacts/jars/. cp HIRS_Utils/build/libs/*.jar artifacts/jars/. cp HIRS_Structs/build/libs/*.jar artifacts/jars/. + cp tools/tcg_rim_tool/build/distributions/*.zip - name: Archive RPM files uses: actions/upload-artifact@v3 with: @@ -69,6 +71,8 @@ jobs: - name: ZIP_Files uses: actions/upload-artifact@v3 with: - path: tools/tcg_rim_tool/build/distributions/*.zip + name: ZIP_Files + path: artifacts/jars/ + if-no-files-found: error \ No newline at end of file From ae0529b93a74553f54c585d1864911a96ebdba22 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Mon, 15 Jul 2024 15:22:55 -0400 Subject: [PATCH 03/37] packaging rimtool for windows --- .github/workflows/hirs_package_linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index cf00ae7f..bcaa02c1 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -43,7 +43,7 @@ jobs: cp HIRS_AttestationCA/build/libs/*.jar artifacts/jars/. cp HIRS_Utils/build/libs/*.jar artifacts/jars/. cp HIRS_Structs/build/libs/*.jar artifacts/jars/. - cp tools/tcg_rim_tool/build/distributions/*.zip + cp tools/tcg_rim_tool/build/distributions/*.zip . - name: Archive RPM files uses: actions/upload-artifact@v3 with: From b2158352dcf1298f0f3543cd4e0eee27f87736eb Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Mon, 15 Jul 2024 15:36:45 -0400 Subject: [PATCH 04/37] packaging rimtool for windows --- .github/workflows/hirs_package_linux.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index bcaa02c1..6beb8534 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -43,7 +43,6 @@ jobs: cp HIRS_AttestationCA/build/libs/*.jar artifacts/jars/. cp HIRS_Utils/build/libs/*.jar artifacts/jars/. cp HIRS_Structs/build/libs/*.jar artifacts/jars/. - cp tools/tcg_rim_tool/build/distributions/*.zip . - name: Archive RPM files uses: actions/upload-artifact@v3 with: @@ -72,7 +71,7 @@ jobs: uses: actions/upload-artifact@v3 with: name: ZIP_Files - path: artifacts/jars/ + path: tools/tcg-rim-tool/build/distributions/*.zip if-no-files-found: error \ No newline at end of file From 0193612ca588151a711809098629dfa70539ee16 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Mon, 15 Jul 2024 15:44:29 -0400 Subject: [PATCH 05/37] packaging rimtool for windows --- .github/workflows/hirs_package_linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 6beb8534..7a1f5198 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -71,7 +71,7 @@ jobs: uses: actions/upload-artifact@v3 with: name: ZIP_Files - path: tools/tcg-rim-tool/build/distributions/*.zip + path: tools/tcg_rim_tool/build/distributions/*.zip if-no-files-found: error \ No newline at end of file From 5ee890e8e947aeca787ca542d612386656f52549 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Mon, 15 Jul 2024 16:03:00 -0400 Subject: [PATCH 06/37] packaging rimtool for windows --- .github/workflows/hirs_package_linux.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 7a1f5198..08cef43f 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -72,6 +72,7 @@ jobs: with: name: ZIP_Files path: tools/tcg_rim_tool/build/distributions/*.zip + package/win/tcg-rim-tool/ if-no-files-found: error \ No newline at end of file From 4cc207fc39ae9a930d8f14b329d3aaf382c1d669 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Mon, 15 Jul 2024 16:12:19 -0400 Subject: [PATCH 07/37] packaging rimtool for windows --- .github/workflows/hirs_package_linux.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 08cef43f..2a974914 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -71,8 +71,8 @@ jobs: uses: actions/upload-artifact@v3 with: name: ZIP_Files - path: tools/tcg_rim_tool/build/distributions/*.zip - package/win/tcg-rim-tool/ + path: package/win/tcg-rim-tool/ + if-no-files-found: error \ No newline at end of file From aa8b48f5f355889cb38da7952f78d01c8d743af1 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Mon, 15 Jul 2024 16:28:54 -0400 Subject: [PATCH 08/37] packaging rimtool for windows --- .github/workflows/hirs_package_linux.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 2a974914..373cd82a 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -71,8 +71,9 @@ jobs: uses: actions/upload-artifact@v3 with: name: ZIP_Files - path: package/win/tcg-rim-tool/ - + path: | + package/win/tcg-rim-tool/ + tools/tcg_rim_tool/build/distributions/*.zip if-no-files-found: error \ No newline at end of file From 91567712910b66aada607d934b2a53233f7f3df4 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Tue, 16 Jul 2024 08:41:44 -0400 Subject: [PATCH 09/37] working on windows packaging --- .github/workflows/hirs_package_linux.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 373cd82a..8bd370e3 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -26,6 +26,7 @@ jobs: - name: directory setup run: | mkdir -p artifacts/jars + mkdir -p artifact/win - name: install dependencies run: | sudo apt-get update @@ -43,6 +44,8 @@ jobs: cp HIRS_AttestationCA/build/libs/*.jar artifacts/jars/. cp HIRS_Utils/build/libs/*.jar artifacts/jars/. cp HIRS_Structs/build/libs/*.jar artifacts/jars/. + cp tools/tcg_rim_tool/build/distributions/*.zip artifacts/win + cp package/win/tcg-rim-tool artifacts/win - name: Archive RPM files uses: actions/upload-artifact@v3 with: @@ -71,9 +74,7 @@ jobs: uses: actions/upload-artifact@v3 with: name: ZIP_Files - path: | - package/win/tcg-rim-tool/ - tools/tcg_rim_tool/build/distributions/*.zip + path: artifacts/win/ if-no-files-found: error \ No newline at end of file From d0f33119d80fc5b48d6f338bceb507c2a9489121 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Tue, 16 Jul 2024 09:12:58 -0400 Subject: [PATCH 10/37] working on windows packaging --- .github/workflows/hirs_package_linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 8bd370e3..54ebf52c 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -45,7 +45,7 @@ jobs: cp HIRS_Utils/build/libs/*.jar artifacts/jars/. cp HIRS_Structs/build/libs/*.jar artifacts/jars/. cp tools/tcg_rim_tool/build/distributions/*.zip artifacts/win - cp package/win/tcg-rim-tool artifacts/win + cp package/win/tcg-rim-tool/*.ps1 artifacts/win - name: Archive RPM files uses: actions/upload-artifact@v3 with: From 298cd3286aed94a890d4cc224a5b030d8072bfd8 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Tue, 16 Jul 2024 09:21:20 -0400 Subject: [PATCH 11/37] working on windows packaging --- .github/workflows/hirs_package_linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 54ebf52c..016c1a82 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -26,7 +26,7 @@ jobs: - name: directory setup run: | mkdir -p artifacts/jars - mkdir -p artifact/win + mkdir -p artifacts/win - name: install dependencies run: | sudo apt-get update From a62b3bbb6fc1261150d7f7c9bf8735e96dea0cbd Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Tue, 16 Jul 2024 10:02:39 -0400 Subject: [PATCH 12/37] working on windows packaging --- tools/tcg_rim_tool/build.gradle | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle index 6f507255..6139a017 100644 --- a/tools/tcg_rim_tool/build.gradle +++ b/tools/tcg_rim_tool/build.gradle @@ -143,16 +143,16 @@ task buildZip(type: Zip){ from('./build/resources/test/rim_fields.json'){ into '/' } - from('../../package/win/tcg_rim_tool/rim.ps1'){ + from('../../package/win/tcg-rim-tool/rim.ps1'){ into '/' } - from('../../package/win/tcg_rim_tool/hirsshell.ps1'){ + from('../../package/win/tcg-rim-tool/hirsshell.ps1'){ into '/' } - from('../../package/win/tcg_rim_tool/eventLog.ps1'){ + from('../../package/win/tcg-rim-tool/eventLog.ps1'){ into '/' } - from('../../package/win/tcg_rim_tool/create_hirstools_desktop_shortcut.ps1'){ + from('../../package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1'){ into '/' } From 128e2f90ab321f806267a87740b4da45afc30ffe Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Tue, 16 Jul 2024 11:48:59 -0400 Subject: [PATCH 13/37] adjust paths --- .github/workflows/hirs_package_linux.yml | 10 +++++----- tools/tcg_eventlog_tool/build.gradle | 18 ++++++++++++++++++ tools/tcg_rim_tool/build.gradle | 20 ++------------------ 3 files changed, 25 insertions(+), 23 deletions(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 016c1a82..4125312d 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -47,31 +47,31 @@ jobs: cp tools/tcg_rim_tool/build/distributions/*.zip artifacts/win cp package/win/tcg-rim-tool/*.ps1 artifacts/win - name: Archive RPM files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: RPM_Files path: HIRS_AttestationCAPortal/build/distributions/*.rpm if-no-files-found: error - name: Archive DEB files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: DEB_Files path: HIRS_AttestationCAPortal/build/distributions/*.deb if-no-files-found: error - name: War files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: WAR_Files path: HIRS_AttestationCAPortal/build/libs/HIRS_AttestationCAPortal.war if-no-files-found: error - name: JAR_Files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: JAR_Files path: artifacts/jars/ if-no-files-found: error - name: ZIP_Files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ZIP_Files path: artifacts/win/ diff --git a/tools/tcg_eventlog_tool/build.gradle b/tools/tcg_eventlog_tool/build.gradle index 6775b515..8c19820a 100644 --- a/tools/tcg_eventlog_tool/build.gradle +++ b/tools/tcg_eventlog_tool/build.gradle @@ -123,4 +123,22 @@ ospackage { buildDeb { arch = X86_64 } + } + +// +//task buildZip(type: Zip){ +// dependsOn jar +// from(tasks.jar.archiveFile){ +// into '/' +// } +// +//// arch = 'win' +// // project_subproject-release version_data-git commit hash-arch.extension +// archiveBaseName.set(project.name + '-' + jarVersion) +// archiveExtension.set('zip') +// destinationDirectory.set(file("$buildDir/distributions")) +//} +// +//buildZip.dependsOn jar +////build.dependsOn buildZip \ No newline at end of file diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle index 6139a017..eeb324e4 100644 --- a/tools/tcg_rim_tool/build.gradle +++ b/tools/tcg_rim_tool/build.gradle @@ -137,28 +137,12 @@ task buildZip(type: Zip){ from(tasks.jar.archiveFile){ into '/' } - from('README.md') { - into '/' - } from('./build/resources/test/rim_fields.json'){ into '/' } - from('../../package/win/tcg-rim-tool/rim.ps1'){ - into '/' - } - from('../../package/win/tcg-rim-tool/hirsshell.ps1'){ - into '/' - } - from('../../package/win/tcg-rim-tool/eventLog.ps1'){ - into '/' - } - from('../../package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1'){ - into '/' - } -// arch = 'win' - // project_subproject-release version_data-git commit hash-arch.extension - archiveBaseName.set(project.name + '-' + jarVersion) + + archiveBaseName.set(project.name) archiveExtension.set('zip') destinationDirectory.set(file("$buildDir/distributions")) } From dfd0c858224b8570f1a2cc309909151a722ce06f Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Tue, 16 Jul 2024 15:57:33 -0400 Subject: [PATCH 14/37] added all rim files needed to gradle build --- .../certs/COMP_OEM1_Cert_Chain.pem | 120 ++++++++++++++++ .../COMP_OEM1_rim_signer_ecc_512_sha384.pem | 19 +++ .../COMP_OEM1_rim_signer_rsa_3k_sha384.pem | 30 ++++ .ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem | 120 ++++++++++++++++ .../certs/PC_OEM1_RSA_Cert_Chain.pem | 120 ++++++++++++++++ .../certs/PC_OEM1_ecc_Cert_Chain.pem | 76 ++++++++++ .../PC_OEM1_rim_signer_ecc_512_sha384.pem | 19 +++ .../PC_OEM1_rim_signer_rsa_3k_sha384.pem | 30 ++++ .ci/tcg-rim-tool/certs/PC_OEM2_Cert_Chain.pem | 120 ++++++++++++++++ .../PC_OEM2_rim_signer_rsa_3k_sha384.pem | 30 ++++ .ci/tcg-rim-tool/configs/Base_Rim_Config.json | 53 +++++++ .../configs/Component1_Rim_Config.json | 54 +++++++ .../configs/Patch_RIM_Config.json | 53 +++++++ .../configs/Primary_Rim_Config.json | 54 +++++++ .../configs/Supplemental_Rim_Config.json | 53 +++++++ .ci/tcg-rim-tool/eventlogs/TpmLog.bin | Bin 0 -> 7549 bytes .ci/tcg-rim-tool/eventlogs/TpmLog2.bin | Bin 0 -> 7549 bytes .../COMP_OEM1_rim_signer_rsa_3k_sha384.key | 40 ++++++ .../PC_OEM1_rim_signer_ecc_512_sha384.key | 10 ++ .../keys/PC_OEM1_rim_signer_rsa_3k_sha384.key | 40 ++++++ .../keys/PC_OEM2_rim_signer_rsa_3k_sha384.key | 40 ++++++ .../scripts/base_rim_nocert_very_fail.sh | 21 +++ .../bindingSpecprimary_rim_noconfig_fail.sh | 14 ++ .../scripts/composite_rim_create_pass.sh | 40 ++++++ .../scripts/patch_rim_create_pass.sh | 33 +++++ .../scripts/primary_rim_create_pass.sh | 37 +++++ .../scripts/primary_rim_embedd_pass.sh | 34 +++++ .../scripts/primary_rim_noeventlog_fail.sh | 14 ++ .../scripts/primary_rim_nokey_fail.sh | 14 ++ .ci/tcg-rim-tool/scripts/rim_functions.sh | 132 ++++++++++++++++++ .ci/tcg-rim-tool/scripts/run_all_tests.sh | 89 ++++++++++++ tools/tcg_rim_tool/build.gradle | 16 ++- 32 files changed, 1524 insertions(+), 1 deletion(-) create mode 100644 .ci/tcg-rim-tool/certs/COMP_OEM1_Cert_Chain.pem create mode 100644 .ci/tcg-rim-tool/certs/COMP_OEM1_rim_signer_ecc_512_sha384.pem create mode 100644 .ci/tcg-rim-tool/certs/COMP_OEM1_rim_signer_rsa_3k_sha384.pem create mode 100644 .ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem create mode 100644 .ci/tcg-rim-tool/certs/PC_OEM1_RSA_Cert_Chain.pem create mode 100644 .ci/tcg-rim-tool/certs/PC_OEM1_ecc_Cert_Chain.pem create mode 100644 .ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_ecc_512_sha384.pem create mode 100644 .ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem create mode 100644 .ci/tcg-rim-tool/certs/PC_OEM2_Cert_Chain.pem create mode 100644 .ci/tcg-rim-tool/certs/PC_OEM2_rim_signer_rsa_3k_sha384.pem create mode 100644 .ci/tcg-rim-tool/configs/Base_Rim_Config.json create mode 100644 .ci/tcg-rim-tool/configs/Component1_Rim_Config.json create mode 100644 .ci/tcg-rim-tool/configs/Patch_RIM_Config.json create mode 100644 .ci/tcg-rim-tool/configs/Primary_Rim_Config.json create mode 100644 .ci/tcg-rim-tool/configs/Supplemental_Rim_Config.json create mode 100644 .ci/tcg-rim-tool/eventlogs/TpmLog.bin create mode 100644 .ci/tcg-rim-tool/eventlogs/TpmLog2.bin create mode 100644 .ci/tcg-rim-tool/keys/COMP_OEM1_rim_signer_rsa_3k_sha384.key create mode 100644 .ci/tcg-rim-tool/keys/PC_OEM1_rim_signer_ecc_512_sha384.key create mode 100644 .ci/tcg-rim-tool/keys/PC_OEM1_rim_signer_rsa_3k_sha384.key create mode 100644 .ci/tcg-rim-tool/keys/PC_OEM2_rim_signer_rsa_3k_sha384.key create mode 100755 .ci/tcg-rim-tool/scripts/base_rim_nocert_very_fail.sh create mode 100755 .ci/tcg-rim-tool/scripts/bindingSpecprimary_rim_noconfig_fail.sh create mode 100755 .ci/tcg-rim-tool/scripts/composite_rim_create_pass.sh create mode 100755 .ci/tcg-rim-tool/scripts/patch_rim_create_pass.sh create mode 100755 .ci/tcg-rim-tool/scripts/primary_rim_create_pass.sh create mode 100755 .ci/tcg-rim-tool/scripts/primary_rim_embedd_pass.sh create mode 100755 .ci/tcg-rim-tool/scripts/primary_rim_noeventlog_fail.sh create mode 100755 .ci/tcg-rim-tool/scripts/primary_rim_nokey_fail.sh create mode 100755 .ci/tcg-rim-tool/scripts/rim_functions.sh create mode 100755 .ci/tcg-rim-tool/scripts/run_all_tests.sh diff --git a/.ci/tcg-rim-tool/certs/COMP_OEM1_Cert_Chain.pem b/.ci/tcg-rim-tool/certs/COMP_OEM1_Cert_Chain.pem new file mode 100644 index 00000000..d09fafad --- /dev/null +++ b/.ci/tcg-rim-tool/certs/COMP_OEM1_Cert_Chain.pem @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIFJzCCA4+gAwIBAgIBCTANBgkqhkiG9w0BAQwFADB5MQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjESMBAGA1UECgwJQ09NUF9P +RU0xMTUwMwYDVQQDDCxDT01QX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IGludGVy +bWVkaWF0ZSBjYTAeFw0yMzExMTUxMzUwMzlaFw0zMzExMTIxMzUwMzlaMG0xCzAJ +BgNVBAYTAlVTMQswCQYDVQQIDAJPUjESMBAGA1UEBwwJQmVhdmVydG9uMRIwEAYD +VQQKDAlDT01QX09FTTExKTAnBgNVBAMMIENPTVBfT0VNMSByc2EgM2sgc2hhMzg0 +IHRlc3QgY2ExMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA1f2wxVUD +W0XFvPLikJJkghIa7Ds7PciVcvZvXRxF41vSsN54p75W3098BL6Sd09g+4laT6xn +n7c0jKIAHB4saUgG6nikwmUKX/4q6aryelgb/GVOCjeqcEovA2veeFRWbErmRLlN +kgo5T51rK4pr9rsIbkXEKqrtLxiz3ixIVI//hi0VDRcwq8txJr+Y3dfGsR0Vp9Da +WAA0Vhr3qdNjsVERSCR2jhkNyE848alkZ8ed0HkdJFvK0m6tOXY2SCzFt+a7Madr +0YxeuaZkk4PpstDTYKXPRLHt8SwTn98L2A7Rtl9dRP3awbak0HZDuBXqeyuF7EhX +B9LiSQlyich+oo3fa8aVRY4ovfeu9JasN40udKReQs5hLWpQ3Th9PBmUSRWw9VXf +BgiVOrPKaOe80653rKQk1f8z0CBCzd90ddmjwvZWthneFXOVzMBm5JlkfMMeG5PH +9MPzqV6m7jaYTDt2L/WSioAZeKbMwUv4VqiUAWAPzayNYsWI5dNoiUttAgMBAAGj +gcUwgcIwHQYDVR0OBBYEFCcNoCay/FaEizq+qtv7VFFWM7nRMB8GA1UdIwQYMBaA +FC5bva5YsPVHD/BGReLWsl61O5A4MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ +BAQDAgGGMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAoYZaHR0cHM6Ly9leGFt +cGxlLmNvbS9jZXJ0czAoBgNVHR8EITAfMB2gG6AZhhdodHRwczovL2V4YW1wbGUu +Y29tL2NybDANBgkqhkiG9w0BAQwFAAOCAYEAhRrXbpRvhi0if6sk36zY0FBUSWoL +rez67kg78wjTYm9XvuBzU9wXsFeFMoQVLCAv8pu0eBjKmeyyR8PZU8GyDa3Nh++q +52tpOvHF7vH45KbSKGA3dswCVLihEmno97cTyL8UVYiu0WbXJMC4OsAyiyToRtxr +DHDhnNrgeOH2YghyjYU1qsWHAbgha2xnzwE5H25H/JXM3MiOe85Cr1of/6PA77FT +wwSffuUyodKwKFSCQZFkMLAlcLxMclfWp0Mol5Eh/+0oITCnhqermt9jelQAeP0L +s2J89fm1ouQQiHKgl7z3CEXhGGlfj0O4GcYsggHxLmA6Zid7VdRgwUXqHn/N2kjn +wwBSow9wd/wvgeBlCY4A4iin5PV7kk/F9t1Jz8Deqwh7+/hKSkkl72tYLjKIGJpP +H57eEdbPTD7ac+glRAmchJID6D1jhCT03ZsOHYQw0r1DQ1oOLNuUuyDyCx0zhUoi +4+w9LGTY0rmyXd8I5/6sosnqfP1SVUNeKwgR +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFJzCCA4+gAwIBAgIBCjANBgkqhkiG9w0BAQwFADB5MQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjESMBAGA1UECgwJQ09NUF9P +RU0xMTUwMwYDVQQDDCxDT01QX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IGludGVy +bWVkaWF0ZSBjYTAeFw0yMzExMTUxMzUwNDBaFw0zMzExMTIxMzUwNDBaMG0xCzAJ +BgNVBAYTAlVTMQswCQYDVQQIDAJPUjESMBAGA1UEBwwJQmVhdmVydG9uMRIwEAYD +VQQKDAlDT01QX09FTTExKTAnBgNVBAMMIENPTVBfT0VNMSByc2EgM2sgc2hhMzg0 +IHRlc3QgY2EyMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAsLUAOXy9 +uxCs0ObCMxXJzMUINnwzI/hobLwyWzswnDThMNG0DgdmB5rCXkXtnjPrKnxOhh5/ +fjt23aSbZfvuqw4VIzcSY4cLIgAsZ/u6b1NuAkwvXpSdsWM6OlckNWt1cVV2m8o4 +pjsSUgQY+ZuIuF/zgf9ZPKXyUlDuiXUdZIsLtEcmYT/plQhneG7wF8kRZvNjefnN +xFODY81APyLtflKfzuGJXrCSC+EAtb3My59p0OmiqAPDhciJZZzJxiONkBl/KQjY +vd327WzqTsBGUwC6/QnTWulF1LdxPjCQErQj6Z0WFdPKYn+73xrNlIwYtBlhr992 +e029NBjMug5Qm4ENLC6cdJGTFup6/i0nhy7i0oLf2vSrLgJtQvZLO1fV00PXFJgY +oc6mPj6MSrnW8csPOXHGk0ZFyTfoW51NRo/rZ5sv9Xd2DMplY73oJyd2BYdo2bkr +gfck1pxxjMMgFYbKQhrG8lRwx2W1jUmIPv0jUfSd7IAUm97+nX3DbTVBAgMBAAGj +gcUwgcIwHQYDVR0OBBYEFMOT53EcOQlM+qOHjEKXErJcrE0EMB8GA1UdIwQYMBaA +FC5bva5YsPVHD/BGReLWsl61O5A4MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ +BAQDAgGGMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAoYZaHR0cHM6Ly9leGFt +cGxlLmNvbS9jZXJ0czAoBgNVHR8EITAfMB2gG6AZhhdodHRwczovL2V4YW1wbGUu +Y29tL2NybDANBgkqhkiG9w0BAQwFAAOCAYEAaXWmo+JVrPOoMCmbwK/WvWo0uWWJ +2T/D2+hWNWGK9Ui+b+I21PdCTYx58LyHT+WyvSZ/ClgCrtTVhzPZ8DXztPeEeZCg +QpqiyHxuvHQpcJZvvMJAOWNOjBoq9aEBOaWCAFbLpth5eu1A3dbhQw+jaxjgokxX +iubiAOzh6Bgda3Rv83HE1EpDhOBIE3/PVO+SIVy+YuDHsKfvcMx0ZPBeZogFffIW +fHW+OMGlKY7LBtP70Hek/Y8+oOb20EF+FIQWBReznJCqrPtQLVSgj4m3++kU56Su +s6PrsXlnGAC8c5a32Jj2gny5nW/c0zHNv1V6L9BdFgiFuzRQ0aOoLQbjDvUdeCIh +ujYhTz0SzGIA11kymL9jYmyKEi7NENZLLCbD2XnO8aD5kN949CKuNJL9GORDo8Gs +WC532bXPPHTS5sWCKRenQx9H8zXVY8CJuw4nzM08vYsz7eV1JxcSqcu+QIdB1Hts +DeflJCytDa2tyIG5FXruPThTBn/TzOqk1bup +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFKzCCA5OgAwIBAgIBCDANBgkqhkiG9w0BAQwFADBxMQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjESMBAGA1UECgwJQ09NUF9P +RU0xMS0wKwYDVQQDDCRDT01QX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IHJvb3Qg +Y2EwHhcNMjMxMTE1MTM1MDM5WhcNMzMxMTEyMTM1MDM5WjB5MQswCQYDVQQGEwJV +UzELMAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjESMBAGA1UECgwJQ09N +UF9PRU0xMTUwMwYDVQQDDCxDT01QX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IGlu +dGVybWVkaWF0ZSBjYTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJqi +MMtn9UF+chltwkzctjp4FrH89+plBnvOsV8b1n0afjRp2KiqYOB/5HYBRbqE6F75 +ujA+qetWcilHMvjGoFu73j9p3LAAJN2PxevQjg5HJWXCw37SU/F433RnjfOTA05Z +CVGGjubitNB43Ch6ZabhCePMG/u8DBGzyF+RI4WwDqYZsUx+f+lSiPyxIjEqCioU +qeSw+K2+cc62TAvy3JP/0a2A83K1Qfo6nfrqF3emwGRQaCfiUEID/iGcm9OLWuNn +XvGd3HIW5DOMSN1qdu2DkOLMe8xQpgSNuvHzGAU5/LoIgH/b/yr/inARduM+xsD8 +Eq5lxk229XtJ6i9C3/hC6ibO4CSmXcRJ/6uUmMFLRn2y3jYx/S03ATivX7R+Q0Dp +t55lmafZMsYfTv5Iq9mnEZPVela/ELlwqAUgRz9bZj5lsA+olDN7MYR8fKiJVEQ1 +WhpX0+xfwo7eZAsLn/f7uDFhMRiIIsaQlqyWAUo7DSYojEAZWFud90jOipVrFQID +AQABo4HFMIHCMB0GA1UdDgQWBBQuW72uWLD1Rw/wRkXi1rJetTuQODAfBgNVHSME +GDAWgBS02Y2yOIo09My7V5csxa1WA2g3hjAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud +DwEB/wQEAwIBhjA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBzOi8v +ZXhhbXBsZS5jb20vY2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9leGFt +cGxlLmNvbS9jcmwwDQYJKoZIhvcNAQEMBQADggGBAGEyR05f2tY+Vdo8zDqLL441 +HveV5f8whiYHBYhovNq5W5HwEhL+RNkVPP8HpU0go4fXxkZjV9oXRm6VsXAtW8Xh +RTRISZUWirHa49oxcZYjqvKP8W9rDRC3tXbCrowCbahkyUcQu+wmWrB7h9Nh45cf +SPHA9UNwHi4erbyeIX+iwCoYr/nexKNh5iymkZUet6vkf8Pt5OwirRUZVghNzkaB +zkqQZIg+0PIKcQKmnx/7dN9Ao4MwYCVLdXvMKI4OB/w5vKBcWrmMxEuNIgSJR86P +xchBId2wbiR4EGJXt0LCyLcvtx6BxeUdaqa9Wi/5J5IaxQnysfZbCFQBOG1vjQY+ +jd+WeKLaWaubBbmGIj2Y8n9Uku3b1B18LNpijepyRISOyypM7bP+pdyJZqb6+E/q +Ml26oORCtjqoqRWMjSNmrXLqUuhfxUyhHCZDafeVVgroay0wNJfa2jACg4/VoagL +0DcFFYwWDrXljmN2Wem9vDa1Ax6q9pJlh3kQ/0ZQxw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFNjCCA56gAwIBAgIUdKjdmaud38M5wf3tadpKfc0xUSIwDQYJKoZIhvcNAQEL +BQAwcTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0 +b24xEjAQBgNVBAoMCUNPTVBfT0VNMTEtMCsGA1UEAwwkQ09NUF9PRU0xIHJzYSAz +ayBzaGEzODQgdGVzdCByb290IGNhMB4XDTIzMTExNTEzNTAzOFoXDTMzMTExMjEz +NTAzOFowcTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2 +ZXJ0b24xEjAQBgNVBAoMCUNPTVBfT0VNMTEtMCsGA1UEAwwkQ09NUF9PRU0xIHJz +YSAzayBzaGEzODQgdGVzdCByb290IGNhMIIBojANBgkqhkiG9w0BAQEFAAOCAY8A +MIIBigKCAYEAubfD6hstD6rR7ucY9t6AyTXMEcgIMVDG/swy7bkOAjE55aLdTOmv +BBOOVQM9RbM1RVpFLIVuuL98mMPGju1wF9THpQHnExa6lrxRuUWe//szzZSmEtX9 +X6pqHcdFcCiLJJNkqlE7wGMO/hdc7G1QOOsllqH3kB7/rx96EeA/aBPPWSE6B45J +k+0iEPEQqltEl/MnYr0IxRJ3Pj0Cag7b00pGflYysjQ+MJJcKtVAljY5ZYvSYcHv +zjv79rlsyb8FOeNVf5G7uFD3uVrO8wfTIgmNXhRoZyHPofYLhoQNHq4X7II0r5xY +sHNNT7atDCPSnWGG/DM7RiJx3Eo72atEyyPvcnPhFnmI7gsvhzTmXRQdt6PFhzSp +SkCUHnZyMsNTfZ6pENEXQixpYQ2Le60R0/gyEnd8pwTlUbIVjlmNwRnBVuJ5aRrz +Rr/P8IvaZnfhJ2D6CgyMu+pSuL5hReFjGOLYdeUFlLjNgDJ6NDx4t3ZrOcqmZfXl +yt0LNqQHYiJHAgMBAAGjgcUwgcIwHQYDVR0OBBYEFLTZjbI4ijT0zLtXlyzFrVYD +aDeGMB8GA1UdIwQYMBaAFLTZjbI4ijT0zLtXlyzFrVYDaDeGMA8GA1UdEwEB/wQF +MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcw +AoYZaHR0cHM6Ly9leGFtcGxlLmNvbS9jZXJ0czAoBgNVHR8EITAfMB2gG6AZhhdo +dHRwczovL2V4YW1wbGUuY29tL2NybDANBgkqhkiG9w0BAQsFAAOCAYEAddkaKGev +SF/pHWs6jeEPfhAYVurR7udXoKOFcpYxKjJbFKlOMAjyjElNAPJvr8YzGmZtjUts +BH0cFcFMlk0QN669EbQd8gS0wVW80Cn70MLHJw8eNXkmFIeBBdb4pbcY0OyZTQc3 +eJoOvHRRLRFX+a39ekrxfdNzIaphEQM6jY5lxBRRi9AEt08dQjKmIo5cfgTlFqTp +zAapmF54HK5DWY/VS3vYl4iPBZa/OPhZRGeIsfnn55PKsPu6/kPZOE60idoSTVAy +YSRi4zia8OrzBfeYuY7VV1yZ+8amWBr86FzvN0/lhFv98evRWa/TXWFqn3jmvde3 +X/sLlBPlp8+tjsOlBaKh5tSaVSrtu8VJKyugPqScBdGpzJPNDXvL7/8riHO5JNQs +Qv/TEB2iWV7YjfE5rVX4oVUWA9A2+OGNvraOcgCGqPpwpIvd2NNlbEDba00sbPxy +mSiqW2g9qhIaUCO2VtwcPOSGU41KYM+L2+HvdCPUacmpZyKrN//7ZYDd +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/certs/COMP_OEM1_rim_signer_ecc_512_sha384.pem b/.ci/tcg-rim-tool/certs/COMP_OEM1_rim_signer_ecc_512_sha384.pem new file mode 100644 index 00000000..6d04cc0f --- /dev/null +++ b/.ci/tcg-rim-tool/certs/COMP_OEM1_rim_signer_ecc_512_sha384.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDGzCCAn2gAwIBAgIBBTAKBggqhkjOPQQDAzBuMQswCQYDVQQGEwJVUzELMAkG +A1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjESMBAGA1UECgwJQ09NUF9PRU0x +MSowKAYDVQQDDCFDT01QX09FTTEgZWNjIDUxMiBzaGEzODQgdGVzdCBjYTIwHhcN +MjMxMTE1MTM1MDE0WhcNMzMxMTEyMTM1MDE0WjBxMQswCQYDVQQGEwJVUzELMAkG +A1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjESMBAGA1UECgwJQ09NUF9PRU0x +MS0wKwYDVQQDDCRDT01QX09FTTEgZWNjIDUxMiBzaGEzODQgdGVzdCBzaWduZXIw +gZswEAYHKoZIzj0CAQYFK4EEACMDgYYABAFifPNrrIEAGeQW8qsT5b83l5nQv9is +V0p8yFbI6t+QjOrNgEr84gLzHxxQ46V0xdbU4cDIdFThBBtS8POl2JFrmgEmtvla +Mbdz0lysCN2f1p25/gQvnfz6Osy0OVcG1EHNVb9cfvpF4ziv3LgWWBv5d8RccYET +ooHUIQ06Z1DTFslKYqOBxTCBwjAdBgNVHQ4EFgQUBY/cQD+V6CpSRunMvsITbFQl +J4owHwYDVR0jBBgwFoAU84u4W4tTUrALow01cbc6z8xup6QwDwYDVR0TAQH/BAUw +AwEB/zAOBgNVHQ8BAf8EBAMCAYYwNQYIKwYBBQUHAQEEKTAnMCUGCCsGAQUFBzAC +hhlodHRwczovL2V4YW1wbGUuY29tL2NlcnRzMCgGA1UdHwQhMB8wHaAboBmGF2h0 +dHBzOi8vZXhhbXBsZS5jb20vY3JsMAoGCCqGSM49BAMDA4GLADCBhwJCAMCwsiui +/dMNE+hGjiWaWAIfwq9pIg/WuSA21EUjEiAOZ7iE9YR8k1eD+UiIhmdDmLVqhmr9 +Y3UoskyExVvmlZaQAkFpkJzuzlqTov1eGxgjzTudyUEu8YT2Kv3t5ZjVIB1lL4VW +R1NjxDYO6Oa7zLdriCiEAb/lbTdjC697uUWub75syg== +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/certs/COMP_OEM1_rim_signer_rsa_3k_sha384.pem b/.ci/tcg-rim-tool/certs/COMP_OEM1_rim_signer_rsa_3k_sha384.pem new file mode 100644 index 00000000..1f4d7246 --- /dev/null +++ b/.ci/tcg-rim-tool/certs/COMP_OEM1_rim_signer_rsa_3k_sha384.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFHjCCA4agAwIBAgIBDDANBgkqhkiG9w0BAQwFADBtMQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjESMBAGA1UECgwJQ09NUF9P +RU0xMSkwJwYDVQQDDCBDT01QX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IGNhMjAe +Fw0yMzExMTUxMzUwNDFaFw0zMzExMTIxMzUwNDFaMHAxCzAJBgNVBAYTAlVTMQsw +CQYDVQQIDAJPUjESMBAGA1UEBwwJQmVhdmVydG9uMRIwEAYDVQQKDAlDT01QX09F +TTExLDAqBgNVBAMMI0NPTVBfT0VNMSByc2EgM2sgc2hhMzg0IHRlc3Qgc2lnbmVy +MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAom3pyOYtDsaqpw8xfqqo +Fr7Oy7ABs0zrUMyzKKvfrY/JDEUFwy/q1f3ai5Y/4YdznqRlL2i8EH0DXPqDqWOD +QbYPA4fhB+QPZr6sqbI4HJB58lP4tZ2hbJvD41BIFwkdnW0IgtwEAvleL7cXTN0h +9317o+tJZxeuMnRlamAcW39FSuaJhTbcOp0gYBzBMP8gWM6YdijuAl8E5W7JPT+M +r12AQM0fomCqr0VmwfqsEYC7U63gMW3aBtZh37jLdx+dzg+55wxdusLC2glPpeDU +fsrDWjrpbT1qjpHXpZNXyMoCdZHXOnzMWG4qEEIS84m9V5sqTZdIB9IaosTAs++q +qzBYliJG6T+0LVJyoP+YY1iShCARfFTnXIbIJQa29/ILajTJrXoMn83gPmMjxcPl +y9Fzj8SNssxRRLewj914PJUOV+Z7zZEK1zttG1JV4U2Ji7Yv/gx34c9qW28fyDT0 +HCTim/V2pnOc2B16JYKAjEpefusTNQ0bkd78evzc8NSVAgMBAAGjgcUwgcIwHQYD +VR0OBBYEFJLn5Axtdpa6PpHcOWcVk3Yc2iH9MB8GA1UdIwQYMBaAFMOT53EcOQlM ++qOHjEKXErJcrE0EMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMDUG +CCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAoYZaHR0cHM6Ly9leGFtcGxlLmNvbS9j +ZXJ0czAoBgNVHR8EITAfMB2gG6AZhhdodHRwczovL2V4YW1wbGUuY29tL2NybDAN +BgkqhkiG9w0BAQwFAAOCAYEAfBlHSKGxQv8325o7tqLnpb6q1X9+E0xNAxPnq76A +6GhwlU+3nyjONus6XRElmgeV2wMaEyZedrjM9CJBkccA2ntFTu+2IDWDsHEwTIYu +3rk0LNMq5OJE7KOdWa1Hirio1U2wSWrMCwgHdwe3OE/hSv64S3RxIqgONfmUplgJ +5InwEQaVmCtWvR7RrcGrOpj6QS1zvc60PEe47AdelkTgCZcAnXaDfxtb8cSGduTS +YBoV6xPYlTmJDuEyLmDM2i9S8S3N7zMbXOlmRbjM/pUsMkSIHSNTtvWNk9YMqVsz +KM8fsrmvaa2wt/m2+TS1ZJxWplvU659vkMaBNS6rsaG+w5LoU83A6dhaXgvujAuR +57L8GOMoUWYn5iZWq/X9yvfq0WR+M3DvEIuI/zrT+oCTkElKlqJ3OZogkqLpkMXG +aF6PCpKFbtcWiuVLpAbvCwSNVe+pH3wfNhcapGUJWcotmY2RUkItilQOHGFUZZ2q +V/wUfRtKSjBh2rOD8rmZAjEY +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem b/.ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem new file mode 100644 index 00000000..8face145 --- /dev/null +++ b/.ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIFHzCCA4egAwIBAgIBAjANBgkqhkiG9w0BAQwFADB1MQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MTEzMDEGA1UEAwwqUENfT0VNMSByc2EgM2sgc2hhMzg0IHRlc3QgaW50ZXJtZWRp +YXRlIGNhMB4XDTIzMTExNTEzNDg1N1oXDTMzMTExMjEzNDg1N1owaTELMAkGA1UE +BhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24xEDAOBgNVBAoM +B1BDX09FTTExJzAlBgNVBAMMHlBDX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IGNh +MTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAOA06twkJzLcX1e/37oJ +4wBJ8iMdbFMQU9mxdEB5v5P8cnxkord0zOguiXZSV0RkGQ1PMwSR8xoNrLAyDS+1 +z2wsjNoq7xIIfZJtq21gFWiQGsrD6RUmfl/Eqjn+nhv1QiSi8Qhq18PdRJT+yRgK +58v7XOORe86It1DI47IdcHIwafHkW1op81rR9PaBBOEnoZnNSI14gLTomWPu0HUg +Jo/lw7D2SNMOEtMLb/lEUtvs5PPh2mgbsu3HNxJDm+Wbcagy2UQ1idqMYdgGwFk0 +fQL6Lo6P+fZlN5nBRjpto6LTk7XVRnxVWtKhG5ricxKS4XodyHg/TXfGzRIo0QLi +uyMeFp+WSdArZv2Mfy4Do/fN1bMgmEIq8YJXlXiw72x+QWTttLtcBfMxO6Bbt+is +kBGhWSyVVYTngaCnYGjm6dtK7+AWkIBaY55lFQC7hz9uI0qKnqhe1nMd+NZ/bOHR +7lafvYhTsh807xwfBdKNA7Cbjec1ECJN3EZ0OWs5NfNa9wIDAQABo4HFMIHCMB0G +A1UdDgQWBBSf+/lwb7GDDjiDBC41Y3PJ9MzMfzAfBgNVHSMEGDAWgBTGyjXu0NE8 +nUNcbmVgsXw5a0L15zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA1 +BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBzOi8vZXhhbXBsZS5jb20v +Y2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9leGFtcGxlLmNvbS9jcmww +DQYJKoZIhvcNAQEMBQADggGBAMGl7ua7vlOgvj17RB/Oa78BeAQzabZ0MMHLo/fN +5aLqESUjdsgbARdGIJJJ2JnRR4hr9GKOcYiBKlEkHf2nt9aJB0w/K2eCBMkmarIv +xkCsq+SDogqE3j9Hrur54tsKRfPojFsvf01hPd4qahZD/0oXSoLjmqrMJuIdm9Lx +i32/1XVq1zfLX80PvkT0D1E4pJirQj9dE4KcB2n08Wt7WmNRpoEF8uz3Co53RSBI +/E9Fy5duJFejj4g96X8poLH5I1jVWZ9ywfCrAVEZGOvai0108ljn4uolmL1lp5ay +Sp02QjtlYK+S4wPRQ4bPhQ3RrkOqWPmI5MjLZgTpymllyIfX1RNTivAFWyG8Q4GX +YeageBlvaBWXPxVPLLyejMjlrviZ7U7HwlFHqLIyktL2a0UjTCyg6FA07SF/e1NW +hkcXsgIvtdtkOfhiSCVcO3YHLuNow3se+XjHYLQINtAgbBZQb13+vPQfnLlTVR4Y +vmiFgHxlJDp1u1uxryxgfiKH8A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFHzCCA4egAwIBAgIBAzANBgkqhkiG9w0BAQwFADB1MQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MTEzMDEGA1UEAwwqUENfT0VNMSByc2EgM2sgc2hhMzg0IHRlc3QgaW50ZXJtZWRp +YXRlIGNhMB4XDTIzMTExNTEzNDg1OFoXDTMzMTExMjEzNDg1OFowaTELMAkGA1UE +BhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24xEDAOBgNVBAoM +B1BDX09FTTExJzAlBgNVBAMMHlBDX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IGNh +MjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAOhc7bRGBtyKXywjlVFI +Mq8f9pDxdXkPnCtv9LbuSzBt2YN3vcTw3w4ZQeMZG7vY9ww10ZLsFJVR7sW7+i97 +E3qRmf4ToIWDaFNEWEyTeDAhC1h2/CY/vWyPDUARqMAiWzreUo6OCwROUJ1o/ltk +ma//mdNUlySoeLayavNAROwe0Zfdn0Sox1o3gX+0SLvgBGGlKQ0oHsEUQcIUlxNN +xdkMB01xZf1i7Kz9hM7Gr/+45m94OOc2kq/cJWNB0E+Q9EzujLQ0ljKtcvLyan0k +TVEU+hO6OIcK6/6I+yR3fWFUyU0bV6SuHfWSOqle+VNyDHLIE2KZLqZEhXFtksWY +ycA0NC50LMbhYPl/9CpHILKuGJC3HgGwN38wNA7lAfu8J8//27N2owPqgiXmbXar +Mho4L81sT980ZGd/R4LCG2oHDZQy0TyM8obZPgiOmzdWbBqcB/q0A9vVtBPh5WmY +oCuOXvavJr47NGkn0bgnhdx1RBOgIVT0+o437DoDuAMLUQIDAQABo4HFMIHCMB0G +A1UdDgQWBBTg8RXbnFWNbvjYViKuPBje0WxeLTAfBgNVHSMEGDAWgBTGyjXu0NE8 +nUNcbmVgsXw5a0L15zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA1 +BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBzOi8vZXhhbXBsZS5jb20v +Y2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9leGFtcGxlLmNvbS9jcmww +DQYJKoZIhvcNAQEMBQADggGBAB/NbNOnUI7Mc5si5lKJILG6TuB/jhkzS95Awlr1 +I7xDVy7u1HGnHUBe2Ge3aBFA3Lk6ebdq3vsc6ws8OowCXD9GC5S7kCVbdOQr1I7L +nI4jz4dypH4MjtggHqwwn2sm5bjufnD0sjtN53aiEFVUPZVPcqouvR3uT9VQe0/F +4MGBoozC3EKSRzyMHGCKO8tLGgJbVMjhAlg0EEdT14V6mQkHm35MzXNiuu8jsN72 ++Tct+AudnuhnZv8QEWg3R50aMI9j138MNLHMeqZa/P/OIGi8PzMOj7BzNqCEyC+n +rkFIgb/BLGrHatMHZtRKt7l74/eSeguRcAKR90ia98lODYyilXddD2xeJ4miI/2v +J7vnM5aYAA4NfB8ErLyyZAKMy9DTRYZs7jC+YdvduUe+H2kunu6DT1DJQ0dy3WYP +y0Vhz5zhoUjopnq1o7PsD1BfiazAzbefYhZqLWqchTlaFGLQ+szUnTJi4315qOjI +PIycYq5t6da9Jsgqhg657CqpjA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFIzCCA4ugAwIBAgIBATANBgkqhkiG9w0BAQwFADBtMQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MTErMCkGA1UEAwwiUENfT0VNMSByc2EgM2sgc2hhMzg0IHRlc3Qgcm9vdCBjYTAe +Fw0yMzExMTUxMzQ4NTdaFw0zMzExMTIxMzQ4NTdaMHUxCzAJBgNVBAYTAlVTMQsw +CQYDVQQIDAJPUjESMBAGA1UEBwwJQmVhdmVydG9uMRAwDgYDVQQKDAdQQ19PRU0x +MTMwMQYDVQQDDCpQQ19PRU0xIHJzYSAzayBzaGEzODQgdGVzdCBpbnRlcm1lZGlh +dGUgY2EwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDL+EKVnWxVy4l1 +lJmq+v7yd1EUOBb0+hDDIPgDiAg5f43J4xCApuz1qADQP+XIQXpuuXBuHsq+tILM +JrngSSvPtygaOgMJnehXSvZkugpf1qVJ4odQTDOUWe1/+CsINKFAnuS8xw4yUAIZ +My7f3H1gSf7wdyG8pVI1fQjrGpvFGpnapWRoVKvFWl1hbx15mkaCF1FfkjLyPQn8 +ogDoaduWZe9BC85hK5ysZYVPUG3LzwFW+XZT9CgtbJXVyc3OcLP7ooF8mb3Awbnj +O4EOiP6rI63iWfq1P54LtZMgSC3diIlpr2trX+CUFAvKs3nO9aovFctWEeAprtYx +cpbwglIPr6OojKQuJ4MIYvoTezrLdDt0MjkfLxe6z7E6WrSaowzJdZl5KYT9tVYh +KQKmag/QcJDlM7LQIpsEvpBYvGnBpLO6Wkd5nDJx5EcZ8q98EyEN0ZpI7JpOjDYa +GHAdiOFmFuTvWHEL5ewM30HILJ5OmpRR4/Kez8/WPMNuwCtCHL0CAwEAAaOBxTCB +wjAdBgNVHQ4EFgQUxso17tDRPJ1DXG5lYLF8OWtC9ecwHwYDVR0jBBgwFoAUZoqc +vUpJY07vvpq9ahpajENN8BkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AYYwNQYIKwYBBQUHAQEEKTAnMCUGCCsGAQUFBzAChhlodHRwczovL2V4YW1wbGUu +Y29tL2NlcnRzMCgGA1UdHwQhMB8wHaAboBmGF2h0dHBzOi8vZXhhbXBsZS5jb20v +Y3JsMA0GCSqGSIb3DQEBDAUAA4IBgQDJm/vRVEv1Bsb5IQYE3Jemv7cpjk86qxLC +7f+8d0KnLGpR4We8E0Dop6P2l5VdzWIUC7kWet9GJ6N1UYpnmYK8MALKmIe21Ygx +zqHUYO3N8rVphL68yE2R6JHV7oXLrUQm7ovsoHxZI3OMC79J2ukyVtfQ6odcPUCm +Ff2trLkgDTGl2orQXN6zq5Hgjx0htOoWy0jJH3bx4o1/LwHkhSsUS7b8WqdaEs8C +GLoz6lU69pceIcE70L3ICZjtfnvSVVVBdDjqyDPky/Zy5RoY/SKs1UiTdAtTpjDF ++VXsPIRd7Nhq3W8aBDm8W0YNALPixpLY7aALJpQMcfpwKocXYcdNtd4vJ9UkAdWN +DjI5S5jAZRv5Q8Gl8qV8ydUftK38wsnP9AEDPfQ2Ufv4sYk5krbz6Y5qtEND+RKf +g1pT7IHgdzlVYydVL4JB/sCcioUaM5ioKKRjDGEGFZDQDEY/7krPAUEg9K+IUHF+ +76R6P77JLblZs+fz29a8rpgrv8YHz8U= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFLjCCA5agAwIBAgIUdu9IA89yyCYfrt9rGCtnn2cjTqswDQYJKoZIhvcNAQEL +BQAwbTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0 +b24xEDAOBgNVBAoMB1BDX09FTTExKzApBgNVBAMMIlBDX09FTTEgcnNhIDNrIHNo +YTM4NCB0ZXN0IHJvb3QgY2EwHhcNMjMxMTE1MTM0ODU2WhcNMzMxMTEyMTM0ODU2 +WjBtMQswCQYDVQQGEwJVUzELMAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRv +bjEQMA4GA1UECgwHUENfT0VNMTErMCkGA1UEAwwiUENfT0VNMSByc2EgM2sgc2hh +Mzg0IHRlc3Qgcm9vdCBjYTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGB +AOzsgvi6sfMz6EK3X0ANTztC6NSu2oL23P6f3XU3R5NyE2gPNSvhqtWI1CaOW4fs +bNB3hn7ZI1FgkYhIvtot12VUGqdUWJKeKeot0h4wQ9NTENLP1RAceDSnAGEE0YQz +wbdXhUD2iyN0iWCrWIpCXWUu+t++wOf+2kIbHekv7PYI+Nl1SnU4+v5VTRi0ILQ7 +WjKoXNMSPFVtCuwd5Q+hz6l9ySGkyMivPZFAeFQ7tGyOBm+3LgvKIt73wyduXAGA +iajO1Mr4Je3bT5RD7+d0mSrtYpDHv+UYFfyszZgcUIakAoNad+mdCX2igwsBSviE +en+um9O95z5CdV+VhLkqniQhS3Uu9cdyq6CPX0cMvxYeNCgbgDy5JF6SSCZmx0A1 +zIjMWT3vB/2gTNuOKxMfmloemFQHcNdmLcQVGx1krcWvtPbNAurN89kN8pFO6dM7 +Gdtp/YSZzlo+1Lg/i1Dly73QH74TYW06+vHJIjZO4RA94ol9Mx+Nwx6/1idwmYqh +7QIDAQABo4HFMIHCMB0GA1UdDgQWBBRmipy9SkljTu++mr1qGlqMQ03wGTAfBgNV +HSMEGDAWgBRmipy9SkljTu++mr1qGlqMQ03wGTAPBgNVHRMBAf8EBTADAQH/MA4G +A1UdDwEB/wQEAwIBhjA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBz +Oi8vZXhhbXBsZS5jb20vY2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9l +eGFtcGxlLmNvbS9jcmwwDQYJKoZIhvcNAQELBQADggGBABYktvvP6dzQ4DeSWv0l +usjMenqWhDXmMoRCwa+RXASEBstZR0Ai2KnHWS0UNCMxcLaIJ0KfYVoxGbyTNirP +SvfBbdEAeVQspZUZ+tCJltQ1aCrIbity486AbCyqjfSwrsSUPJmflu5oo9lpkrqC +pIbP7Vm1WcYOa+KdcO8AvqChTLMlLURsBQx5Hya3KNDJqeM5g3t9LI6av4ZQk0Kg +NjlIfxbhmuTmClkVkY1Wks09vKOoGTsY02z1uy/GgDILWvnjyBQzrLcn0DNltV1Y +IzQxtO1of372B6axifLTBOd71WSTq2QDboe4FSopOYXlpOBjwIJjw9+7cmUf4fuK +CU7ve734+TBHUK4yNcH8ZfSACBXnZ2dPlQUXdTfm+4XvfPV21bvsz2VJ3InIfANp +UbeOiSJxY9uprDYG3hqO/yZnok66ioeom0N/4SJrm5a4uq+0PhQDY1e5Qbz0PD6m +VjdZfnoMFh185vEZPby1VpF9u5VE3vKVq9rRb0epwjx7Jg== +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/certs/PC_OEM1_RSA_Cert_Chain.pem b/.ci/tcg-rim-tool/certs/PC_OEM1_RSA_Cert_Chain.pem new file mode 100644 index 00000000..8face145 --- /dev/null +++ b/.ci/tcg-rim-tool/certs/PC_OEM1_RSA_Cert_Chain.pem @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIFHzCCA4egAwIBAgIBAjANBgkqhkiG9w0BAQwFADB1MQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MTEzMDEGA1UEAwwqUENfT0VNMSByc2EgM2sgc2hhMzg0IHRlc3QgaW50ZXJtZWRp +YXRlIGNhMB4XDTIzMTExNTEzNDg1N1oXDTMzMTExMjEzNDg1N1owaTELMAkGA1UE +BhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24xEDAOBgNVBAoM +B1BDX09FTTExJzAlBgNVBAMMHlBDX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IGNh +MTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAOA06twkJzLcX1e/37oJ +4wBJ8iMdbFMQU9mxdEB5v5P8cnxkord0zOguiXZSV0RkGQ1PMwSR8xoNrLAyDS+1 +z2wsjNoq7xIIfZJtq21gFWiQGsrD6RUmfl/Eqjn+nhv1QiSi8Qhq18PdRJT+yRgK +58v7XOORe86It1DI47IdcHIwafHkW1op81rR9PaBBOEnoZnNSI14gLTomWPu0HUg +Jo/lw7D2SNMOEtMLb/lEUtvs5PPh2mgbsu3HNxJDm+Wbcagy2UQ1idqMYdgGwFk0 +fQL6Lo6P+fZlN5nBRjpto6LTk7XVRnxVWtKhG5ricxKS4XodyHg/TXfGzRIo0QLi +uyMeFp+WSdArZv2Mfy4Do/fN1bMgmEIq8YJXlXiw72x+QWTttLtcBfMxO6Bbt+is +kBGhWSyVVYTngaCnYGjm6dtK7+AWkIBaY55lFQC7hz9uI0qKnqhe1nMd+NZ/bOHR +7lafvYhTsh807xwfBdKNA7Cbjec1ECJN3EZ0OWs5NfNa9wIDAQABo4HFMIHCMB0G +A1UdDgQWBBSf+/lwb7GDDjiDBC41Y3PJ9MzMfzAfBgNVHSMEGDAWgBTGyjXu0NE8 +nUNcbmVgsXw5a0L15zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA1 +BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBzOi8vZXhhbXBsZS5jb20v +Y2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9leGFtcGxlLmNvbS9jcmww +DQYJKoZIhvcNAQEMBQADggGBAMGl7ua7vlOgvj17RB/Oa78BeAQzabZ0MMHLo/fN +5aLqESUjdsgbARdGIJJJ2JnRR4hr9GKOcYiBKlEkHf2nt9aJB0w/K2eCBMkmarIv +xkCsq+SDogqE3j9Hrur54tsKRfPojFsvf01hPd4qahZD/0oXSoLjmqrMJuIdm9Lx +i32/1XVq1zfLX80PvkT0D1E4pJirQj9dE4KcB2n08Wt7WmNRpoEF8uz3Co53RSBI +/E9Fy5duJFejj4g96X8poLH5I1jVWZ9ywfCrAVEZGOvai0108ljn4uolmL1lp5ay +Sp02QjtlYK+S4wPRQ4bPhQ3RrkOqWPmI5MjLZgTpymllyIfX1RNTivAFWyG8Q4GX +YeageBlvaBWXPxVPLLyejMjlrviZ7U7HwlFHqLIyktL2a0UjTCyg6FA07SF/e1NW +hkcXsgIvtdtkOfhiSCVcO3YHLuNow3se+XjHYLQINtAgbBZQb13+vPQfnLlTVR4Y +vmiFgHxlJDp1u1uxryxgfiKH8A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFHzCCA4egAwIBAgIBAzANBgkqhkiG9w0BAQwFADB1MQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MTEzMDEGA1UEAwwqUENfT0VNMSByc2EgM2sgc2hhMzg0IHRlc3QgaW50ZXJtZWRp +YXRlIGNhMB4XDTIzMTExNTEzNDg1OFoXDTMzMTExMjEzNDg1OFowaTELMAkGA1UE +BhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24xEDAOBgNVBAoM +B1BDX09FTTExJzAlBgNVBAMMHlBDX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IGNh +MjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAOhc7bRGBtyKXywjlVFI +Mq8f9pDxdXkPnCtv9LbuSzBt2YN3vcTw3w4ZQeMZG7vY9ww10ZLsFJVR7sW7+i97 +E3qRmf4ToIWDaFNEWEyTeDAhC1h2/CY/vWyPDUARqMAiWzreUo6OCwROUJ1o/ltk +ma//mdNUlySoeLayavNAROwe0Zfdn0Sox1o3gX+0SLvgBGGlKQ0oHsEUQcIUlxNN +xdkMB01xZf1i7Kz9hM7Gr/+45m94OOc2kq/cJWNB0E+Q9EzujLQ0ljKtcvLyan0k +TVEU+hO6OIcK6/6I+yR3fWFUyU0bV6SuHfWSOqle+VNyDHLIE2KZLqZEhXFtksWY +ycA0NC50LMbhYPl/9CpHILKuGJC3HgGwN38wNA7lAfu8J8//27N2owPqgiXmbXar +Mho4L81sT980ZGd/R4LCG2oHDZQy0TyM8obZPgiOmzdWbBqcB/q0A9vVtBPh5WmY +oCuOXvavJr47NGkn0bgnhdx1RBOgIVT0+o437DoDuAMLUQIDAQABo4HFMIHCMB0G +A1UdDgQWBBTg8RXbnFWNbvjYViKuPBje0WxeLTAfBgNVHSMEGDAWgBTGyjXu0NE8 +nUNcbmVgsXw5a0L15zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA1 +BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBzOi8vZXhhbXBsZS5jb20v +Y2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9leGFtcGxlLmNvbS9jcmww +DQYJKoZIhvcNAQEMBQADggGBAB/NbNOnUI7Mc5si5lKJILG6TuB/jhkzS95Awlr1 +I7xDVy7u1HGnHUBe2Ge3aBFA3Lk6ebdq3vsc6ws8OowCXD9GC5S7kCVbdOQr1I7L +nI4jz4dypH4MjtggHqwwn2sm5bjufnD0sjtN53aiEFVUPZVPcqouvR3uT9VQe0/F +4MGBoozC3EKSRzyMHGCKO8tLGgJbVMjhAlg0EEdT14V6mQkHm35MzXNiuu8jsN72 ++Tct+AudnuhnZv8QEWg3R50aMI9j138MNLHMeqZa/P/OIGi8PzMOj7BzNqCEyC+n +rkFIgb/BLGrHatMHZtRKt7l74/eSeguRcAKR90ia98lODYyilXddD2xeJ4miI/2v +J7vnM5aYAA4NfB8ErLyyZAKMy9DTRYZs7jC+YdvduUe+H2kunu6DT1DJQ0dy3WYP +y0Vhz5zhoUjopnq1o7PsD1BfiazAzbefYhZqLWqchTlaFGLQ+szUnTJi4315qOjI +PIycYq5t6da9Jsgqhg657CqpjA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFIzCCA4ugAwIBAgIBATANBgkqhkiG9w0BAQwFADBtMQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MTErMCkGA1UEAwwiUENfT0VNMSByc2EgM2sgc2hhMzg0IHRlc3Qgcm9vdCBjYTAe +Fw0yMzExMTUxMzQ4NTdaFw0zMzExMTIxMzQ4NTdaMHUxCzAJBgNVBAYTAlVTMQsw +CQYDVQQIDAJPUjESMBAGA1UEBwwJQmVhdmVydG9uMRAwDgYDVQQKDAdQQ19PRU0x +MTMwMQYDVQQDDCpQQ19PRU0xIHJzYSAzayBzaGEzODQgdGVzdCBpbnRlcm1lZGlh +dGUgY2EwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDL+EKVnWxVy4l1 +lJmq+v7yd1EUOBb0+hDDIPgDiAg5f43J4xCApuz1qADQP+XIQXpuuXBuHsq+tILM +JrngSSvPtygaOgMJnehXSvZkugpf1qVJ4odQTDOUWe1/+CsINKFAnuS8xw4yUAIZ +My7f3H1gSf7wdyG8pVI1fQjrGpvFGpnapWRoVKvFWl1hbx15mkaCF1FfkjLyPQn8 +ogDoaduWZe9BC85hK5ysZYVPUG3LzwFW+XZT9CgtbJXVyc3OcLP7ooF8mb3Awbnj +O4EOiP6rI63iWfq1P54LtZMgSC3diIlpr2trX+CUFAvKs3nO9aovFctWEeAprtYx +cpbwglIPr6OojKQuJ4MIYvoTezrLdDt0MjkfLxe6z7E6WrSaowzJdZl5KYT9tVYh +KQKmag/QcJDlM7LQIpsEvpBYvGnBpLO6Wkd5nDJx5EcZ8q98EyEN0ZpI7JpOjDYa +GHAdiOFmFuTvWHEL5ewM30HILJ5OmpRR4/Kez8/WPMNuwCtCHL0CAwEAAaOBxTCB +wjAdBgNVHQ4EFgQUxso17tDRPJ1DXG5lYLF8OWtC9ecwHwYDVR0jBBgwFoAUZoqc +vUpJY07vvpq9ahpajENN8BkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AYYwNQYIKwYBBQUHAQEEKTAnMCUGCCsGAQUFBzAChhlodHRwczovL2V4YW1wbGUu +Y29tL2NlcnRzMCgGA1UdHwQhMB8wHaAboBmGF2h0dHBzOi8vZXhhbXBsZS5jb20v +Y3JsMA0GCSqGSIb3DQEBDAUAA4IBgQDJm/vRVEv1Bsb5IQYE3Jemv7cpjk86qxLC +7f+8d0KnLGpR4We8E0Dop6P2l5VdzWIUC7kWet9GJ6N1UYpnmYK8MALKmIe21Ygx +zqHUYO3N8rVphL68yE2R6JHV7oXLrUQm7ovsoHxZI3OMC79J2ukyVtfQ6odcPUCm +Ff2trLkgDTGl2orQXN6zq5Hgjx0htOoWy0jJH3bx4o1/LwHkhSsUS7b8WqdaEs8C +GLoz6lU69pceIcE70L3ICZjtfnvSVVVBdDjqyDPky/Zy5RoY/SKs1UiTdAtTpjDF ++VXsPIRd7Nhq3W8aBDm8W0YNALPixpLY7aALJpQMcfpwKocXYcdNtd4vJ9UkAdWN +DjI5S5jAZRv5Q8Gl8qV8ydUftK38wsnP9AEDPfQ2Ufv4sYk5krbz6Y5qtEND+RKf +g1pT7IHgdzlVYydVL4JB/sCcioUaM5ioKKRjDGEGFZDQDEY/7krPAUEg9K+IUHF+ +76R6P77JLblZs+fz29a8rpgrv8YHz8U= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFLjCCA5agAwIBAgIUdu9IA89yyCYfrt9rGCtnn2cjTqswDQYJKoZIhvcNAQEL +BQAwbTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0 +b24xEDAOBgNVBAoMB1BDX09FTTExKzApBgNVBAMMIlBDX09FTTEgcnNhIDNrIHNo +YTM4NCB0ZXN0IHJvb3QgY2EwHhcNMjMxMTE1MTM0ODU2WhcNMzMxMTEyMTM0ODU2 +WjBtMQswCQYDVQQGEwJVUzELMAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRv +bjEQMA4GA1UECgwHUENfT0VNMTErMCkGA1UEAwwiUENfT0VNMSByc2EgM2sgc2hh +Mzg0IHRlc3Qgcm9vdCBjYTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGB +AOzsgvi6sfMz6EK3X0ANTztC6NSu2oL23P6f3XU3R5NyE2gPNSvhqtWI1CaOW4fs +bNB3hn7ZI1FgkYhIvtot12VUGqdUWJKeKeot0h4wQ9NTENLP1RAceDSnAGEE0YQz +wbdXhUD2iyN0iWCrWIpCXWUu+t++wOf+2kIbHekv7PYI+Nl1SnU4+v5VTRi0ILQ7 +WjKoXNMSPFVtCuwd5Q+hz6l9ySGkyMivPZFAeFQ7tGyOBm+3LgvKIt73wyduXAGA +iajO1Mr4Je3bT5RD7+d0mSrtYpDHv+UYFfyszZgcUIakAoNad+mdCX2igwsBSviE +en+um9O95z5CdV+VhLkqniQhS3Uu9cdyq6CPX0cMvxYeNCgbgDy5JF6SSCZmx0A1 +zIjMWT3vB/2gTNuOKxMfmloemFQHcNdmLcQVGx1krcWvtPbNAurN89kN8pFO6dM7 +Gdtp/YSZzlo+1Lg/i1Dly73QH74TYW06+vHJIjZO4RA94ol9Mx+Nwx6/1idwmYqh +7QIDAQABo4HFMIHCMB0GA1UdDgQWBBRmipy9SkljTu++mr1qGlqMQ03wGTAfBgNV +HSMEGDAWgBRmipy9SkljTu++mr1qGlqMQ03wGTAPBgNVHRMBAf8EBTADAQH/MA4G +A1UdDwEB/wQEAwIBhjA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBz +Oi8vZXhhbXBsZS5jb20vY2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9l +eGFtcGxlLmNvbS9jcmwwDQYJKoZIhvcNAQELBQADggGBABYktvvP6dzQ4DeSWv0l +usjMenqWhDXmMoRCwa+RXASEBstZR0Ai2KnHWS0UNCMxcLaIJ0KfYVoxGbyTNirP +SvfBbdEAeVQspZUZ+tCJltQ1aCrIbity486AbCyqjfSwrsSUPJmflu5oo9lpkrqC +pIbP7Vm1WcYOa+KdcO8AvqChTLMlLURsBQx5Hya3KNDJqeM5g3t9LI6av4ZQk0Kg +NjlIfxbhmuTmClkVkY1Wks09vKOoGTsY02z1uy/GgDILWvnjyBQzrLcn0DNltV1Y +IzQxtO1of372B6axifLTBOd71WSTq2QDboe4FSopOYXlpOBjwIJjw9+7cmUf4fuK +CU7ve734+TBHUK4yNcH8ZfSACBXnZ2dPlQUXdTfm+4XvfPV21bvsz2VJ3InIfANp +UbeOiSJxY9uprDYG3hqO/yZnok66ioeom0N/4SJrm5a4uq+0PhQDY1e5Qbz0PD6m +VjdZfnoMFh185vEZPby1VpF9u5VE3vKVq9rRb0epwjx7Jg== +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/certs/PC_OEM1_ecc_Cert_Chain.pem b/.ci/tcg-rim-tool/certs/PC_OEM1_ecc_Cert_Chain.pem new file mode 100644 index 00000000..e5a94fce --- /dev/null +++ b/.ci/tcg-rim-tool/certs/PC_OEM1_ecc_Cert_Chain.pem @@ -0,0 +1,76 @@ +-----BEGIN CERTIFICATE----- +MIIDHTCCAn6gAwIBAgIBCTAKBggqhkjOPQQDAzB2MQswCQYDVQQGEwJVUzELMAkG +A1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VNMTE0 +MDIGA1UEAwwrUENfT0VNMSBlY2MgNTEyIHNoYTM4NCB0ZXN0IGludGVybWVkaWF0 +ZSBjYTAeFw0yMzExMTUxMzQ5NThaFw0zMzExMTIxMzQ5NThaMGoxCzAJBgNVBAYT +AlVTMQswCQYDVQQIDAJPUjESMBAGA1UEBwwJQmVhdmVydG9uMRAwDgYDVQQKDAdQ +Q19PRU0xMSgwJgYDVQQDDB9QQ19PRU0xIGVjYyA1MTIgc2hhMzg0IHRlc3QgY2Ex +MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBpqyjdoDTWEdMOa+9tkBrSGcByL8t +OsBPMOiMqt+tCfTwhaLJkZ1zD8n6A6pnrq2my69E2xkivGFeqQhrgWN21eEAxcO0 +8sk/FaB08uUsasQb7H+B1fJwXMvfLt6K2d8Hdu7cJpOQ9AGdRTD1Oua3pW143rYD +R8sspDx1xUlKaz9+UJCjgcUwgcIwHQYDVR0OBBYEFF3FyHPSOyjceEcLrgEDwKKR +fjoqMB8GA1UdIwQYMBaAFNgwn5C7ovR70h33S/6xOT6NH51jMA8GA1UdEwEB/wQF +MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcw +AoYZaHR0cHM6Ly9leGFtcGxlLmNvbS9jZXJ0czAoBgNVHR8EITAfMB2gG6AZhhdo +dHRwczovL2V4YW1wbGUuY29tL2NybDAKBggqhkjOPQQDAwOBjAAwgYgCQgGvXX6h +RuGbOTZT5iMPwthA6cy8SiTJgw7MJyfFhXq2tBMSropFTUqRxvgojwhNQqLj1U12 +QAxeE4c6u+H6u4X0ygJCALF4BBSfrUX4psVjzcMFkaEqTPK3g6Oc6p+vWG+xM1mf +M4z2bJ0/hOxuHw81a1DluEwdUNfVHiB2aIZimbIHn34Y +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDHDCCAn6gAwIBAgIBCjAKBggqhkjOPQQDAzB2MQswCQYDVQQGEwJVUzELMAkG +A1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VNMTE0 +MDIGA1UEAwwrUENfT0VNMSBlY2MgNTEyIHNoYTM4NCB0ZXN0IGludGVybWVkaWF0 +ZSBjYTAeFw0yMzExMTUxMzQ5NThaFw0zMzExMTIxMzQ5NThaMGoxCzAJBgNVBAYT +AlVTMQswCQYDVQQIDAJPUjESMBAGA1UEBwwJQmVhdmVydG9uMRAwDgYDVQQKDAdQ +Q19PRU0xMSgwJgYDVQQDDB9QQ19PRU0xIGVjYyA1MTIgc2hhMzg0IHRlc3QgY2Ey +MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAyIeRoLfD/8Bqsw3THkZQ1HqDx+qq +Ohz2o994NyB9nXXyLo7hhx17qNqIvHtSlhKsf2xAC4pujjpmtpcjqFgPG54B+sMu +YKC++CW48TYuB+892fsv+AoW1WQZavtBCorr/EhUIj6mxwGaF9aov9L0QTd8WIAe +JgLSyNPiEfOPCrgFLYmjgcUwgcIwHQYDVR0OBBYEFLy1H64thl5FMvR1HPolC3k1 +3dCnMB8GA1UdIwQYMBaAFNgwn5C7ovR70h33S/6xOT6NH51jMA8GA1UdEwEB/wQF +MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcw +AoYZaHR0cHM6Ly9leGFtcGxlLmNvbS9jZXJ0czAoBgNVHR8EITAfMB2gG6AZhhdo +dHRwczovL2V4YW1wbGUuY29tL2NybDAKBggqhkjOPQQDAwOBiwAwgYcCQgDjef0U +6B4E3xLxZcATLLBZaNbFWDPm0Z1nXpiqEBmJNEZkiaM11P30Fyh1TjrLQf+GYlqp +hLvx0roYnjE6yHbhOAJBAevscQd/Xv3ZkjLQtsJDztz7FFeNBI0WUbkylnA2PhJO +JaNVeKP7V+iq9cTnH6x00LD4c9MlHa/s0Y231tHCaGc= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDITCCAoKgAwIBAgIBCDAKBggqhkjOPQQDAzBuMQswCQYDVQQGEwJVUzELMAkG +A1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VNMTEs +MCoGA1UEAwwjUENfT0VNMSBlY2MgNTEyIHNoYTM4NCB0ZXN0IHJvb3QgY2EwHhcN +MjMxMTE1MTM0OTU4WhcNMzMxMTEyMTM0OTU4WjB2MQswCQYDVQQGEwJVUzELMAkG +A1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VNMTE0 +MDIGA1UEAwwrUENfT0VNMSBlY2MgNTEyIHNoYTM4NCB0ZXN0IGludGVybWVkaWF0 +ZSBjYTCBmzAQBgcqhkjOPQIBBgUrgQQAIwOBhgAEAbCX0usiXujf4RnKMRjeiuni +cEMw9VHV4GWbJGtFyeHlprMz5m3zrYX0vqvCbIbGnrLA9256/AVRjqk+8lwhJfoz +ABtMiZtTb1x9S1kfka94auQ8OFNaErDYV27uSqVd5+AG8zNe1m+YmPD6YDFALlkD +mrFktEajAQFJTXiy779/u1WRo4HFMIHCMB0GA1UdDgQWBBTYMJ+Qu6L0e9Id90v+ +sTk+jR+dYzAfBgNVHSMEGDAWgBQoNqEGmm5eLMut8uF3E3h+OrJJITAPBgNVHRMB +Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA1BggrBgEFBQcBAQQpMCcwJQYIKwYB +BQUHMAKGGWh0dHBzOi8vZXhhbXBsZS5jb20vY2VydHMwKAYDVR0fBCEwHzAdoBug +GYYXaHR0cHM6Ly9leGFtcGxlLmNvbS9jcmwwCgYIKoZIzj0EAwMDgYwAMIGIAkIB +beHnZncRP/L1QGws4Qgf0sgYtYPYTTiFymcHGG/oUgHj+Gp6NjsTWccE9zVp0XxB +ZoWkzrxOLylZtU4OoqzF1EYCQgG2hwLdwzqRaRvH13uFSkCb4K9zHWOMXv7bEC3U +Wkn4UOgVy4LuN8g0cFAZ52Q57CSQANRJWrGZnX4y/OquNg2oSg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDKzCCAo2gAwIBAgIUMCibyLmJ0z7WUXzUHucWoqtqxD0wCgYIKoZIzj0EAwIw +bjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24x +EDAOBgNVBAoMB1BDX09FTTExLDAqBgNVBAMMI1BDX09FTTEgZWNjIDUxMiBzaGEz +ODQgdGVzdCByb290IGNhMB4XDTIzMTExNTEzNDk1OFoXDTMzMTExMjEzNDk1OFow +bjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24x +EDAOBgNVBAoMB1BDX09FTTExLDAqBgNVBAMMI1BDX09FTTEgZWNjIDUxMiBzaGEz +ODQgdGVzdCByb290IGNhMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBsZrc8+8Y +6nFOJ8pVPltVR3uYL7OazfGHOHABLsicQjvdRF9uZVozFfQ5Fumahrt23bX3H7O+ +jTwP00UjpZkIgBMAi1aPpfDFxNY2aTDDV/XwecONAtrN5unn68eIWzRvV1DBEAF5 +yrORkpa42UKHt464SlHKUQOp5knawMMlduiVjCijgcUwgcIwHQYDVR0OBBYEFCg2 +oQaabl4sy63y4XcTeH46skkhMB8GA1UdIwQYMBaAFCg2oQaabl4sy63y4XcTeH46 +skkhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMDUGCCsGAQUFBwEB +BCkwJzAlBggrBgEFBQcwAoYZaHR0cHM6Ly9leGFtcGxlLmNvbS9jZXJ0czAoBgNV +HR8EITAfMB2gG6AZhhdodHRwczovL2V4YW1wbGUuY29tL2NybDAKBggqhkjOPQQD +AgOBiwAwgYcCQgF5vqNlCWbx+D3yX1+VMFwPf2FkzcyHZUR+Y2fIqGdur9jgxJqL +iaEEeWRP2H/QrbchCW76mXhbs9N4wjjv5IqKZAJBB9C6jwvVRiksawRQYakN/6wc +TlYuTvgJ417NpLrbbG2/0IFiDRcavADAUGR3LNwORLjPK5NnuketDu4m2Msnovk= +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_ecc_512_sha384.pem b/.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_ecc_512_sha384.pem new file mode 100644 index 00000000..cec8bcf8 --- /dev/null +++ b/.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_ecc_512_sha384.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDEzCCAnWgAwIBAgIBDDAKBggqhkjOPQQDAzBqMQswCQYDVQQGEwJVUzELMAkG +A1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VNMTEo +MCYGA1UEAwwfUENfT0VNMSBlY2MgNTEyIHNoYTM4NCB0ZXN0IGNhMjAeFw0yMzEx +MTUxMzQ5NThaFw0zMzExMTIxMzQ5NThaMG0xCzAJBgNVBAYTAlVTMQswCQYDVQQI +DAJPUjESMBAGA1UEBwwJQmVhdmVydG9uMRAwDgYDVQQKDAdQQ19PRU0xMSswKQYD +VQQDDCJQQ19PRU0xIGVjYyA1MTIgc2hhMzg0IHRlc3Qgc2lnbmVyMIGbMBAGByqG +SM49AgEGBSuBBAAjA4GGAAQAbs4DBnZ/myUu98Mx+RF7AYaeaexZV8QyHgeelA36 +gBvVbqMfnYdk1dsFTd+UHQFTiZ72kX8XBfFWfgeNbauzZgwA2chCojFQQEseW1be +MID6dJE3StZdm0gOnaY30BnM8MwJL8rLuNRAL+eKflPbVB2kltMrjcNBDw8ba/Lk +f++z9UqjgcUwgcIwHQYDVR0OBBYEFETnwNO85oN2AwJytUyrgl0SFW9rMB8GA1Ud +IwQYMBaAFLy1H64thl5FMvR1HPolC3k13dCnMA8GA1UdEwEB/wQFMAMBAf8wDgYD +VR0PAQH/BAQDAgGGMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAoYZaHR0cHM6 +Ly9leGFtcGxlLmNvbS9jZXJ0czAoBgNVHR8EITAfMB2gG6AZhhdodHRwczovL2V4 +YW1wbGUuY29tL2NybDAKBggqhkjOPQQDAwOBiwAwgYcCQgGLZqNkri027hPvjBby +2tM2HA3dTIhGdrcGsGJZxP8CpH47mpAV/j8vpL1zpz0TQALUlScJisVXuR6JX9Ko +cNBYDAJBZRibf1dxXhnw9bO23wH0OBjI3R2lnMqR9ac4qUNdfmnwI82MdLVTfjqt +/qHjtDigBe7s8B41Kd47GpN0TX3iLNk= +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem b/.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem new file mode 100644 index 00000000..cab34267 --- /dev/null +++ b/.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFFjCCA36gAwIBAgIBBTANBgkqhkiG9w0BAQwFADBpMQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MTEnMCUGA1UEAwweUENfT0VNMSByc2EgM2sgc2hhMzg0IHRlc3QgY2EyMB4XDTIz +MTExNTEzNDg1OFoXDTMzMTExMjEzNDg1OFowbDELMAkGA1UEBhMCVVMxCzAJBgNV +BAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24xEDAOBgNVBAoMB1BDX09FTTExKjAo +BgNVBAMMIVBDX09FTTEgcnNhIDNrIHNoYTM4NCB0ZXN0IHNpZ25lcjCCAaIwDQYJ +KoZIhvcNAQEBBQADggGPADCCAYoCggGBAMxAQFXRvU6j9OckLcQnHeFlHKoxstdN +72B5qhr/vvsQ1ZnP9cTTA6zNttCf+rpERtiQb1uIOhEhyEV0A45KYpPt7UrILsyT +drkaj5dq4oD8pq+STzvP2Z9mcZQJXQu4gbXdHpwgZ3XQmrvVI2J7T+RebIEm1KeF +wm3IvTsJLGMeaPD4GRhTYmyn4uS09jyK7iBxNagP+sF4uWfRVUgS6heLjJotqU0Y +yno94z3TKCnKSWIiBy7pSGYFjzT1MOCpCjiyvLCqN5YM7rEIMgkFpOB/1vG32wCW +n7VKiZCE5Ps/tNF5/pfx0uE0W5yrghsNAoD3RrrVZq+wUvlsAwW3IbIAfTWy+wiq +MqsnRhIHnmF+FQEDTGMXyph11mPxh7igLCJV+LzoToANCZemcTPERw3WVwpwR+wy ++ycH0A1W3bnajMiBJEBXVqE00qnEJMNNtouquNk6RIjG5Uc5Gq4SF0TH5XT7oy3h +LjU9REcPQpAeEoMR18gGbVkxEfuuN/x4awIDAQABo4HFMIHCMB0GA1UdDgQWBBRA +8pTgMXmPJ/m2+0iyGJhxyiLSwDAfBgNVHSMEGDAWgBTg8RXbnFWNbvjYViKuPBje +0WxeLTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA1BggrBgEFBQcB +AQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBzOi8vZXhhbXBsZS5jb20vY2VydHMwKAYD +VR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9leGFtcGxlLmNvbS9jcmwwDQYJKoZIhvcN +AQEMBQADggGBACE1o5atqoWP8h8ZAQTuMHAZreo4q9jpN9UNZ3ofHj6ouHDwhdcU +avz8inB+wbTDctCrZrhATq3qYBX89+AxZ7kK5lAcxeG8QYDToBTGfsaO9K7Uy94D +zAmUc6pVCc4TOU9+KZWNtP2W8jTySJPN6AWEEFMMyo5liZlswGFhLcxSu43B4SJZ +HuDOXP62OARaXrcdvgMdAuqRZURUS2kQb5Gh7LECnsAwpmfIqzLuXB2VQZFvDFna +JN7EjUjp+japCo4jaXAwns1S3qx1jZZmqzW7d0ZS8tu7/hcR8ZGNhGZ1DC0iNkHy ++/uKzcLK3dcU+dm8fHl84QBrU+5zuQvRU33tUX792HW/EVgl4Zm4R3zyiQw8zay6 +TEDdWE9/uWoZxcYTugQ3nBikEMqxldTWdpL5aSyn9Dv8btotgiekllw4knucS2sI +kgOeczYCLfYn9yaykCy4so2Zwb8/YSEvnpcbV99RbT/B0YyBR04I3FWlXzVd9wEO ++O8u6rNxap99cA== +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/certs/PC_OEM2_Cert_Chain.pem b/.ci/tcg-rim-tool/certs/PC_OEM2_Cert_Chain.pem new file mode 100644 index 00000000..68379c2b --- /dev/null +++ b/.ci/tcg-rim-tool/certs/PC_OEM2_Cert_Chain.pem @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIFHzCCA4egAwIBAgIBAjANBgkqhkiG9w0BAQwFADB1MQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MjEzMDEGA1UEAwwqUENfT0VNMiByc2EgM2sgc2hhMzg0IHRlc3QgaW50ZXJtZWRp +YXRlIGNhMB4XDTIzMTExNTEzNDkxMloXDTMzMTExMjEzNDkxMlowaTELMAkGA1UE +BhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24xEDAOBgNVBAoM +B1BDX09FTTIxJzAlBgNVBAMMHlBDX09FTTIgcnNhIDNrIHNoYTM4NCB0ZXN0IGNh +MTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALPcqlYoY669l3hekmoM +G8cOLLFCyFyJV2qoJquCVXwxRt122cUafRsUTWyWPqm208N8B8S2wo1wxRgFhrpn +DgFlrd6UXCgWZhlmrn3Uky1zaa4f/6l1XVUEQS6nkLuE1QAEZYdXWn1TWFDW8Te0 +omkIbQgFsgjxOB4fYrbzkS0TTrfmZJYMZnTOsDLqS2Eza7hSObkDYYu2Pgo6P/oK +HH8RkpKfTSvcrBvcFkjl78EQK5/49/1ixApvWlC3EYeJ7mPHUizDW7jnqttoW0CG +9O/VkfOEfsiCImln9x0oHDz8YTCJaSke8E228L2ZObJ/qjTgomO3bXdzaimSe88/ +mqIOmfOWiDGhlTOKfoLpWwtmypTfLB38uLFBZiXn/Qt/fNi56MKKIJJZnADM9+w/ +P35UsMn8rNHIV6w5Rc+ciMBiBdUal6G3QHqJWfoJWRlmTgIlRcaRb0dRKBSdYN9p +8pWoE/0k+hK5w4tQL6oXbMjHMV5AMxdIJQzFwMmUkM8IgQIDAQABo4HFMIHCMB0G +A1UdDgQWBBTjcyu/WpSh/Cxh3TV/3cRywHDq3zAfBgNVHSMEGDAWgBSpL4+pKGJ2 +nPVgg9I5rG3WU/cmxTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA1 +BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBzOi8vZXhhbXBsZS5jb20v +Y2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9leGFtcGxlLmNvbS9jcmww +DQYJKoZIhvcNAQEMBQADggGBAMba3sgRiygu1WymMQeKudJsWBd1DmbAGpzk4X+A +uFWp4JNPuzzqQ/bXVm/ioQladrluJJbGsKfKlP+wo84OiKAWIypmEgEi2d2jrTN7 +zrVz1zH7dl+TcGeaYBWjqklcFEvW1aPKRTDpeclPggtBUYLSf54zcHk0vGqM4XbS +bAn/JuWEeUJCkQIF5uu/twtw42LLzRhrq9TPsyo2GoAwmj/UgNwO1IMwYrPO8px3 +UYqYlcq7QwkTcBAHZv5k9uotzPXdohsq+PV/r49UbniQkPA8r8AKtI4IALE0lpBG +q0NH0+weUkJqP8RCIT18WXkH+EZMe8E37eCE7E9hUg2/+m9Gzs2+ao6CqKVXtM4d +ilqz1q9j4qybsxbV0XlaItFhskwlEsuwM0fUdxJG7BqBxFMVa/dlczYPlS4y1C08 +0LSszw226ULGR7lr2fXNCKYzCE7ehuPQxIh2PTy+Qu25Y7xnh7kEKKyO27vMEpmK +SBynaZl4++xCF1UIc7+GwtMW9g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFHzCCA4egAwIBAgIBAzANBgkqhkiG9w0BAQwFADB1MQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MjEzMDEGA1UEAwwqUENfT0VNMiByc2EgM2sgc2hhMzg0IHRlc3QgaW50ZXJtZWRp +YXRlIGNhMB4XDTIzMTExNTEzNDkxM1oXDTMzMTExMjEzNDkxM1owaTELMAkGA1UE +BhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24xEDAOBgNVBAoM +B1BDX09FTTIxJzAlBgNVBAMMHlBDX09FTTIgcnNhIDNrIHNoYTM4NCB0ZXN0IGNh +MjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMYpKUqmeTu01lfSFHDD +DVdo8CXW39WPkB4Vl18Kz/ApTyVoVs+Jk5d2iPEwWLMX/Agl1++BryVF5LIHQd6J +6e9zWrXytLmu4A5PHIvCeLA/9gz0wR1eoa9jrMVKS2o0gFHt+WJhCnj+2EtNBdff +PmpUUgfzabQsCO9FLO18xg68BJp7Tmacgq1wwqyVEpySzEVPqKzWomssq3YLC79a +vAgK0uAd+7EkfR9Q6C8ePuY5AZswyFw3PAOcFrs+VClkDFPrcbmT2pwKYFX/OPFR +kBODUsR2ZV1AvWdEUicSgqovmuB2X6+SYsVHKxaNm1N35pcLx7zzzKDVoyRyBb7i +S/e/tYot+M5vpGnXS4tOXcGU/ewVLA/WBh09Ugw9Stovi9wYqu93QReZIA4MSfia +aIJ0BHIWKxj8ALyoBgLEZg2UdPhZOzlB5HC7PJkTXgwjj+RzJmsK7S6WMXgHiWTn +LLRGRzv/J0qFTpNaJKEMHjFiWvJHgHvE3Q8BMmIS+Bs8+QIDAQABo4HFMIHCMB0G +A1UdDgQWBBSDqjJfSBaaTlurWODEHFYTYW2Z1jAfBgNVHSMEGDAWgBSpL4+pKGJ2 +nPVgg9I5rG3WU/cmxTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA1 +BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBzOi8vZXhhbXBsZS5jb20v +Y2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9leGFtcGxlLmNvbS9jcmww +DQYJKoZIhvcNAQEMBQADggGBAHdmJ2NcacEt/rQ/o0jC6+YG4mGxTG4qzcPHXA+S +j9SkScVl03YmzU+7exSpr39paiZvt15sAVsY4TduSb2rOaPkgC11W/fiYxGxHmgr +VWEVsloJtotuVyiCBLZXmwkVjlYDx0R7kCY3Pht5XgBwOwDnJ6vx2ZrO4l8pnTgQ +zoFYAqG+cFTdxHb5AnPHef7dLk2XGoPFscPO004kBNrY7JyRpNffvfxGq6k/7zPw +OWh3vJ9UoSpQR/5fjjKGJu2J85loB+QDBWgi7yIW8HfU2wodlbNMPp9VJmkSHEtE +9R4XrI6ifkMGMVy9AKyXIciGv7VGfT52RmELxNUBoU1waVXlhRodOqhVRxepMXBF +eYZYKb2a/Iu75Mz27pUHE1Q0tgndbtMCRMyKj8PSHBhg6ieFsxJrUZHUsp6U2r9q +HlXBEZX2PN8Kn7OAqF4Gstdn8MJRqBkltm8UyaPYvpCHgg/nqTxZlAX/xqJqg7yS +oEqoaVG/kHF5oEfRwI7SePYoGA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFIzCCA4ugAwIBAgIBATANBgkqhkiG9w0BAQwFADBtMQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MjErMCkGA1UEAwwiUENfT0VNMiByc2EgM2sgc2hhMzg0IHRlc3Qgcm9vdCBjYTAe +Fw0yMzExMTUxMzQ5MTJaFw0zMzExMTIxMzQ5MTJaMHUxCzAJBgNVBAYTAlVTMQsw +CQYDVQQIDAJPUjESMBAGA1UEBwwJQmVhdmVydG9uMRAwDgYDVQQKDAdQQ19PRU0y +MTMwMQYDVQQDDCpQQ19PRU0yIHJzYSAzayBzaGEzODQgdGVzdCBpbnRlcm1lZGlh +dGUgY2EwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQD67DcjXjYXBXXr +995US9X6fL1PhZ+u2Y4H+oBEhVPvg8fyUzi84qdXJGUGHkq8wDiHJ263v6XnBqxv +FwHNJ72mUxucD8l4Db6p4PlQzEz3Im5jjFZnNAVV99LsMhwGxiq13RH+hSM5xwId +B40V83LmD+nfTc6C0uiXBsoAjdIQrR3S24SG5RN9m7o1GmP6cuaUc7pEnjEV6HZc +dvH5tQu3DhwoWwGGHh4FqxcW2KiAjpT5IcpfewMQFl++6sJ3wavxWOTJfrUh9vQ/ +mEe6i0AHHgJoFJmEPKH+sOlpY3MPVmgqvEkR/x7Ay28lsYiE0ocplD/h3r7kXrIS +g5Z1KmdvDMV4g+KSv36bqQ51ZF9gAkVDBEwgXPWCTIjf0AsoUj/GLlzLju4La9fN +6Ag8tmb58LnhXVT8ugDNP3szHZz9rQTF1CdyOj3h2kmK45Dfw7eFT4Jn6alPnuNH +nly+I8lZTA3FpkWw24eoyOs23JDHsJ0FbSkIrN2lMW5GtVo3lIMCAwEAAaOBxTCB +wjAdBgNVHQ4EFgQUqS+PqShidpz1YIPSOaxt1lP3JsUwHwYDVR0jBBgwFoAUKBrv +ypNiRpjz1Pfo07eow8yE7EAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AYYwNQYIKwYBBQUHAQEEKTAnMCUGCCsGAQUFBzAChhlodHRwczovL2V4YW1wbGUu +Y29tL2NlcnRzMCgGA1UdHwQhMB8wHaAboBmGF2h0dHBzOi8vZXhhbXBsZS5jb20v +Y3JsMA0GCSqGSIb3DQEBDAUAA4IBgQCNYpGzRp2YOmOpELIHNdqP36tqgnZgCCYq +CGPceEcLmZqNyHEeURb1XZC1Xf4bG2DCuGnf6aqKJepY1uNBORWg6Zebn/z2YiBm ++rWdj3zZZLrikUqTa22d9emCpEDxRXolWX3AX/1E6OoGePbsMdQUGLxNrmnJJ730 +6HZdLBhw+dkyHGCxWrZUIM+ma5xdlCGl0/tlyWUwwEprfvYFAd8u+YEGA4uqGVB0 +bcIqqb3x/S0vmhaj5nDyjnv3EhSqJLv/TS4mQ3OJMMnkZPuc46MPlnYh4iahU3Is +iX/8GPfcw5b84bG3b9FHFHptPxHozLEP4JDEdFNpNhBAzXlgBFcmhxsybGnQqYk9 +RSvwp4QbaPb46O9mRbTWTYSa8WFIMMU0ZTe2pXToj6Bc3b35HwOCgd726ay5SyAP +AKTiRKUOH/zTvJyoGPfk8Q89baQb4/0q6LQrgCsyriJIeR25ffDXYSVYvDikb8yL +pWGjyWe0czJkmcg0/knszGYCp091lMg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFLjCCA5agAwIBAgIUHjSXMt9hZ3WFZkP4m6h8HLculDkwDQYJKoZIhvcNAQEL +BQAwbTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0 +b24xEDAOBgNVBAoMB1BDX09FTTIxKzApBgNVBAMMIlBDX09FTTIgcnNhIDNrIHNo +YTM4NCB0ZXN0IHJvb3QgY2EwHhcNMjMxMTE1MTM0OTEyWhcNMzMxMTEyMTM0OTEy +WjBtMQswCQYDVQQGEwJVUzELMAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRv +bjEQMA4GA1UECgwHUENfT0VNMjErMCkGA1UEAwwiUENfT0VNMiByc2EgM2sgc2hh +Mzg0IHRlc3Qgcm9vdCBjYTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGB +AKTDn5itAysPqY3PANfeYzj5IX5SRhgqzFmMkCsjbNeIsfUbPhdIk/wri9bn9LD/ +5L+R1iJf4018KE7duVUYK5yw7KVuuy+QpkwCDVHnXfLlmNethVh4JE63SRcqScDE +DTHfAnC/QIxCTUUJX4UJaEn9FT4suCQV8biuFCy1nAjBhb2NLrkXdBD4sOzCkehz +39k8yQ+eMNKlty8upSMDGlbDie2mItkJYL8PEbKPOJgNxaur17C87YuJ03EjMS+3 +NmmMsldj2uftraivIufL4BdDrIZJjes1AKGiO2x/9QdLr0y5nJBgyNXIfTrVLcj1 +P8nwnjF3+pPGTwRX7KyhTuy946RLGw/f4zDxAeDmYzyBsdZbPpU2Rx9gUseqqNra +5PRsnodO4oh6nrVjpmfPbLjrUomo6rsBSMO73QUEzxGaCxIu966OhI8I9HXIcqHj +h+fC//z9uCD+3tmUU2Uq7hF3iK1isK7SYBoz1T6p2Xxx9AaVFEP1LPqYVNGLazZR +YwIDAQABo4HFMIHCMB0GA1UdDgQWBBQoGu/Kk2JGmPPU9+jTt6jDzITsQDAfBgNV +HSMEGDAWgBQoGu/Kk2JGmPPU9+jTt6jDzITsQDAPBgNVHRMBAf8EBTADAQH/MA4G +A1UdDwEB/wQEAwIBhjA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBz +Oi8vZXhhbXBsZS5jb20vY2VydHMwKAYDVR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9l +eGFtcGxlLmNvbS9jcmwwDQYJKoZIhvcNAQELBQADggGBAC4/SZu50SVNEhqKqSkM +Cr+Idpsd9yON5rYwR5nKf4XqroeXRq9BRtlVgYjDU6r5dla+orVABOtyD9MtcEi5 +V1++LbnOgLeCuQ/F0Gof8t+WJqI1syf8cfOsZPlTlc6DhZ0be7McdQwWenOel5HC +oYE8pk5j0Vq/UdZqlzuIUdcpnOiN3ZwA91nR78Q2cHzJePixWh7+aJ/4KPpvejiU +vnELIzYpZygEwVvDkqHunTB7YjWdACY5GCJN9qQMOntYWosFXLGlkFUJ5KW8BpIY +e36ygPe9ujXaY++DtC7auPEUiSaW/Wy1XsEkGF6TF3hEKj7Am74KcaWqeco4pH7y +/nKnY8XIjuLK31i7WR9EX2fAtz2mxOExANZcXyn/LtLD0VhWWMMvuzzudmv27yMQ +1ZF7opqFdCnN8/5X7V6i8gC9g2Us0+R3SQ9HhXRMo3yhM0xw0Q1Yk2Xp+v4pGptJ +3LULIOyo+T7OztjebzQQrlxGNIjUni4m6/CD39pNp+CX4Q== +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/certs/PC_OEM2_rim_signer_rsa_3k_sha384.pem b/.ci/tcg-rim-tool/certs/PC_OEM2_rim_signer_rsa_3k_sha384.pem new file mode 100644 index 00000000..6f785759 --- /dev/null +++ b/.ci/tcg-rim-tool/certs/PC_OEM2_rim_signer_rsa_3k_sha384.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFFjCCA36gAwIBAgIBBTANBgkqhkiG9w0BAQwFADBpMQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCT1IxEjAQBgNVBAcMCUJlYXZlcnRvbjEQMA4GA1UECgwHUENfT0VN +MjEnMCUGA1UEAwweUENfT0VNMiByc2EgM2sgc2hhMzg0IHRlc3QgY2EyMB4XDTIz +MTExNTEzNDkxNFoXDTMzMTExMjEzNDkxNFowbDELMAkGA1UEBhMCVVMxCzAJBgNV +BAgMAk9SMRIwEAYDVQQHDAlCZWF2ZXJ0b24xEDAOBgNVBAoMB1BDX09FTTIxKjAo +BgNVBAMMIVBDX09FTTIgcnNhIDNrIHNoYTM4NCB0ZXN0IHNpZ25lcjCCAaIwDQYJ +KoZIhvcNAQEBBQADggGPADCCAYoCggGBANSmP8wkFWhfY2f4q+T0WR+15gfV5Xz1 +PYczfW/OrXFhC/QUFQds/MQaV/nJdSG5ZGnHAL8N8rKkD8zfIpVDHpSCcve69fBy +Ki/OznZ2aVfYQnz/D4evWZx2D+5v4sj6rphiKKIsdNTslx/wRFhGrdJD1PwzDf5W +zGDNm2FSylSOC9icMsHyiRtMb+hVVGixccqjXH7fbReI8iN86Kk3XWBEY52CEVzO +d1E4aBibCqUNT3Vti+K1dD1bpi8c0rFrC72oD6cArLTdyiCW8Een9iJ4RWSt0/ml +jZfdNveffTcqqZv2FJZUd8lMX8a4ypkBq89wYPWvX9g/vT6dDy6CfCH3f36EQZKy +6IuPIt2EEWp7Woq9KVEGqE5HogNsf5bF6vLIvEzcb6UN7UxXAKYG778sv7TDbITS +ZidD9acmvSy9sB4c47JSYb/amUtekvN714DVIfCxdwo4am2Z1SJOJlDnravD2B4J +/rrFQMlo6MTqyQ/AnMjwjyET90w9ukcoLQIDAQABo4HFMIHCMB0GA1UdDgQWBBQB +MbBr7WQ1cxlPuB6SipjrTQ1mojAfBgNVHSMEGDAWgBSDqjJfSBaaTlurWODEHFYT +YW2Z1jAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA1BggrBgEFBQcB +AQQpMCcwJQYIKwYBBQUHMAKGGWh0dHBzOi8vZXhhbXBsZS5jb20vY2VydHMwKAYD +VR0fBCEwHzAdoBugGYYXaHR0cHM6Ly9leGFtcGxlLmNvbS9jcmwwDQYJKoZIhvcN +AQEMBQADggGBAIrFzr5JGs5s3E7SZ0qauH1d9QwuNU9PQxALc93xOy3HeJxNgyIE +u6LNV28RDrd6AH7MSH8aPWVHBqJtnWdNhs4B4snrnINPrYHk4L5H9rWqLc7ON6AU +5VQ+Y/evHs/wCP2v87wIyeLC6cInSXxnSna++D8FOcL1UEXoRyjhaM37NJDRlJ0d +RpRyVRzE/atqe6kdrzCfWC4MUKsdMR0zEOmQKzIvQpUnXwITYp3ZvgM0I/PaxG09 +Kokn5iVlEFUIUcmUsnvjCnRQYj8U/m1mNSZYXzpGwxjSH/EYqAQTWFB9tP0S05WA +kwho8BkF3QEe0Vm/Bx8/XCyx5/Rlymyf/ob6Cxk8yOOSG7hDvpOwCDCXg+egLuFM +uZPfzHrMCP7TOStnONsgRmkglQblCQkLT2Q8yQmG3FYZDMUIFKzYR7vhJ4qydSNJ +bYWYI7cgXZOTeurxDcCb5C5fF5QGF0grnjFEJt4WScAKO7JSkZXLGdlDtqDxyiWf +EOcwMEB04igXOA== +-----END CERTIFICATE----- diff --git a/.ci/tcg-rim-tool/configs/Base_Rim_Config.json b/.ci/tcg-rim-tool/configs/Base_Rim_Config.json new file mode 100644 index 00000000..3e45fdcd --- /dev/null +++ b/.ci/tcg-rim-tool/configs/Base_Rim_Config.json @@ -0,0 +1,53 @@ +{ + "SoftwareIdentity": { + "name": "Example.com BIOS", + "version": "01", + "tagId": "94f6b457-9ac9-4d35-9b3f-78804173b65as", + "tagVersion": "0", + "patch": false, + "supplemental": false + }, + "Entity": { + "name": "Example Inc", + "regid": "http://Example.com", + "role": "softwareCreator,tagCreator" + }, + "Link": { + "href": "https://Example.com/support/ProductA/firmware/installfiles", + "rel": "installationmedia" + }, + "Meta": { + "colloquialVersion": "Firmware_2019", + "edition": "12", + "product": "ProductA", + "revision": "r2", + "payloadType": "direct", + "platformManufacturerStr": "Example.com", + "platformManufacturerId": "00201234", + "platformModel": "ProductA", + "platformVersion": "01", + "firmwareManufacturerStr": "BIOSVendorA", + "firmwareManufacturerId": "00213022", + "firmwareModel": "A0", + "firmwareVersion": "12", + "bindingSpec": "PC Client RIM", + "bindingSpecVersion": "1.2", + "pcURIlocal": "/boot/tcg/manifest/switag/", + "pcURIGlobal": "https://Example.com/support/ProductA/" + }, + "Payload": { + "supportRIMURIGlobal": "https://Example.com/support/ProductA/firmware/rims/", + "supportRIMFormat":"TCG_EventLog_Assertion", + "Directory": { + "name": "rim", + "root": "/boot/tcg/manifest/rim/", + "File": { + "version":"01", + "name": "Example.com.BIOS.01.rimel", + "size": "7549", + "hash": "4479ca722623f8c47b703996ced3cbd981b06b1ae8a897db70137e0b7c546848" + } + } + } +} + diff --git a/.ci/tcg-rim-tool/configs/Component1_Rim_Config.json b/.ci/tcg-rim-tool/configs/Component1_Rim_Config.json new file mode 100644 index 00000000..085f2b6f --- /dev/null +++ b/.ci/tcg-rim-tool/configs/Component1_Rim_Config.json @@ -0,0 +1,54 @@ +{ + "SoftwareIdentity": { + "name": "Example.com BIOS", + "version": "01", + "tagId": "94f6b457-9ac9-4d35-9b3f-78804173b65as", + "tagVersion": "0", + "patch": false, + "supplemental": false + }, + "Entity": { + "name": "Example Inc", + "regid": "http://Example.com", + "role": "softwareCreator,tagCreator" + }, + "Link": { + "href": "https://Example.com/support/ProductA/firmware/installfiles", + "rel": "installationmedia" + }, + "Meta": { + "colloquialVersion": "Firmware_2019", + "edition": "12", + "product": "ProductA", + "revision": "r2", + "PayloadType": "direct", + "platformManufacturerStr": "Example.com", + "platformManufacturerId": "00201234", + "platformModel": "ProductA", + "platformVersion": "01", + "firmwareManufacturerStr": "BIOSVendorA", + "firmwareManufacturerId": "00213022", + "firmwareModel": "A0", + "firmwareVersion": "12", + "bindingSpec": "PC Client RIM", + "bindingSpecVersion": "1.2", + "pcURIlocal": "/boot/tcg/manifest/switag/", + "pcURIGlobal": "https://Example.com/support/ProductA/" + }, + "Payload": { + "supportRIMURIGlobal": "https://Example.com/support/ProductA/firmware/rims/", + "supportRIMFormat":"TCG_EventLog_Assertion", + "supportRimType": "BaseRim", + "Directory": { + "name": "rim", + "root": "/boot/tcg/manifest/rim/", + "File": { + "version":"01", + "name": "Example.com.BIOS.01.rimel", + "size": "7549", + "hash": "4479ca722623f8c47b703996ced3cbd981b06b1ae8a897db70137e0b7c546848" + } + } + } +} + diff --git a/.ci/tcg-rim-tool/configs/Patch_RIM_Config.json b/.ci/tcg-rim-tool/configs/Patch_RIM_Config.json new file mode 100644 index 00000000..d5916dae --- /dev/null +++ b/.ci/tcg-rim-tool/configs/Patch_RIM_Config.json @@ -0,0 +1,53 @@ +{ + "SoftwareIdentity": { + "name": "Example.com BIOS", + "version": "01", + "tagId": "94f6b457-9ac9-4d35-9b3f-78804173b65as", + "tagVersion": "0", + "patch": true, + "supplemental": false + }, + "Entity": { + "name": "Example Inc", + "regid": "http://Example.com", + "role": "softwareCreator,tagCreator" + }, + "Link": { + "href": "c30e60f5261620320a176a5f265e231409447cf25c685111cb39648d027420c5", + "rel": "requires" + }, + "Meta": { + "colloquialVersion": "Firmware_2019", + "edition": "12", + "product": "ProductA", + "revision": "r2", + "PayloadType": "direct", + "platformManufacturerStr": "Example.com", + "platformManufacturerId": "00201234", + "platformModel": "ProductA", + "platformVersion": "01", + "firmwareManufacturerStr": "BIOSVendorA", + "firmwareManufacturerId": "00213022", + "firmwareModel": "A0", + "firmwareVersion": "12", + "bindingSpec": "PC Client RIM", + "bindingSpecVersion": "1.2", + "pcURIlocal": "/boot/tcg/manifest/switag/", + "pcURIGlobal": "https://Example.com/support/ProductA/" + }, + "Payload": { + "supportRIMURIGlobal": "https://Example.com/support/ProductA/firmware/rims/", + "supportRIMFormat":"TCG_EventLog_Assertion", + "Directory": { + "name": "rim", + "root": "/boot/tcg/manifest/rim/", + "File": { + "version":"01", + "name": "Example.com.BIOS.01.rimel", + "size": "7549", + "hash": "4479ca722623f8c47b703996ced3cbd981b06b1ae8a897db70137e0b7c546848" + } + } + } +} + diff --git a/.ci/tcg-rim-tool/configs/Primary_Rim_Config.json b/.ci/tcg-rim-tool/configs/Primary_Rim_Config.json new file mode 100644 index 00000000..085f2b6f --- /dev/null +++ b/.ci/tcg-rim-tool/configs/Primary_Rim_Config.json @@ -0,0 +1,54 @@ +{ + "SoftwareIdentity": { + "name": "Example.com BIOS", + "version": "01", + "tagId": "94f6b457-9ac9-4d35-9b3f-78804173b65as", + "tagVersion": "0", + "patch": false, + "supplemental": false + }, + "Entity": { + "name": "Example Inc", + "regid": "http://Example.com", + "role": "softwareCreator,tagCreator" + }, + "Link": { + "href": "https://Example.com/support/ProductA/firmware/installfiles", + "rel": "installationmedia" + }, + "Meta": { + "colloquialVersion": "Firmware_2019", + "edition": "12", + "product": "ProductA", + "revision": "r2", + "PayloadType": "direct", + "platformManufacturerStr": "Example.com", + "platformManufacturerId": "00201234", + "platformModel": "ProductA", + "platformVersion": "01", + "firmwareManufacturerStr": "BIOSVendorA", + "firmwareManufacturerId": "00213022", + "firmwareModel": "A0", + "firmwareVersion": "12", + "bindingSpec": "PC Client RIM", + "bindingSpecVersion": "1.2", + "pcURIlocal": "/boot/tcg/manifest/switag/", + "pcURIGlobal": "https://Example.com/support/ProductA/" + }, + "Payload": { + "supportRIMURIGlobal": "https://Example.com/support/ProductA/firmware/rims/", + "supportRIMFormat":"TCG_EventLog_Assertion", + "supportRimType": "BaseRim", + "Directory": { + "name": "rim", + "root": "/boot/tcg/manifest/rim/", + "File": { + "version":"01", + "name": "Example.com.BIOS.01.rimel", + "size": "7549", + "hash": "4479ca722623f8c47b703996ced3cbd981b06b1ae8a897db70137e0b7c546848" + } + } + } +} + diff --git a/.ci/tcg-rim-tool/configs/Supplemental_Rim_Config.json b/.ci/tcg-rim-tool/configs/Supplemental_Rim_Config.json new file mode 100644 index 00000000..1762b829 --- /dev/null +++ b/.ci/tcg-rim-tool/configs/Supplemental_Rim_Config.json @@ -0,0 +1,53 @@ +{ + "SoftwareIdentity": { + "name": "Example.com BIOS", + "version": "01", + "tagId": "94f6b457-9ac9-4d35-9b3f-78804173b65as", + "tagVersion": "0", + "patch": false, + "supplemental": true + }, + "Entity": { + "name": "Example Inc", + "regid": "http://Example.com", + "role": "softwareCreator,tagCreator" + }, + "Link": { + "href": "c30e60f5261620320a176a5f265e231409447cf25c685111cb39648d027420c5", + "rel": "requires" + }, + "Meta": { + "colloquialVersion": "Firmware_2019", + "edition": "12", + "product": "ProductA", + "revision": "r2", + "PayloadType": "direct", + "platformManufacturerStr": "Example.com", + "platformManufacturerId": "00201234", + "platformModel": "ProductA", + "platformVersion": "01", + "firmwareManufacturerStr": "BIOSVendorA", + "firmwareManufacturerId": "00213022", + "firmwareModel": "A0", + "firmwareVersion": "12", + "bindingSpec": "PC Client RIM", + "bindingSpecVersion": "1.2", + "pcURIlocal": "/boot/tcg/manifest/switag/", + "pcURIGlobal": "https://Example.com/support/ProductA/" + }, + "Payload": { + "supportRIMURIGlobal": "https://Example.com/support/ProductA/firmware/rims/", + "supportRIMFormat":"TCG_EventLog_Assertion", + "Directory": { + "name": "rim", + "root": "/boot/tcg/manifest/rim/", + "File": { + "version":"01", + "name": "Example.com.BIOS.01.rimel", + "size": "7549", + "hash": "4479ca722623f8c47b703996ced3cbd981b06b1ae8a897db70137e0b7c546848" + } + } + } +} + diff --git a/.ci/tcg-rim-tool/eventlogs/TpmLog.bin b/.ci/tcg-rim-tool/eventlogs/TpmLog.bin new file mode 100644 index 0000000000000000000000000000000000000000..0b8f1f398d51035bc91afbe8400d4888a28d5669 GIT binary patch literal 7549 zcmds53p`a>+h2!6H)=?dq+LukI^;4cmCNBAxieB{D&BHAZX@U9mIif5nUNZairneu zQp}Wyq6@02K{H)mgj^eyq^o4S&)WN_P+#Ny=J)&heQW>rUhAyAp6CC6*7K~jo_!EP zNEGf5m08fag3om(Oj!gwfa~q2u0;(KK_WD0O+Wlph?h|Ve9UlZ!23O^DykICyO6^xhF!iW#)@Hjb%6?P>>0o5n5keZ!_oTo4uA#OWU*I))Mz&c4)|qjT%7^|5Zq<|bFwt~%T4 zG-1d1*mE~erw5%;uoStY4Wk_!TX$aFdqXNq5;YwVogXzGqeH<2a9M%4$Qk(~AE*rx z4=z81hQc%)DI9-liEdW9rTrx@mwT^M`bB+HqOw=ty zu}$$W2wOVf`9#FbideWY@vhyjWhL{UH0<8;tojkH*Sr_A9juwjPK7CK(#1b5-$)?; zFYkD+(8v#b*)2Z3si(Q*UgDBo3m7d&{P8VRsOh8_uHF`gutgsugBZ<^3e+23vx~=F zB^a`Hr|IG{NWSIXl%$k!i?BX<{?@V=OScZt(NOf?4}R6*Cw1j|L2g%Z3%7J#T&QHi z&Oe)r^#^}j(EBg{{h7+zrtPGsM%5AjeMiN5+_%)y4h(vV*+`Janh!?bEa z$%-KlwX9AQ|J&nG>Vqj1`c2aI^#z0TM;ZMo+dCINOPiba$|^2cV6vX~fH-np9g zOZg&=-tChLo}gO+v|qDpcy`A7J7TYUSY0=GMxv{?QRs4`LywU~_8Y|W*u~oucQ$&B zWsgMHX19xA>kmv>v zN%YIa;0E*eW}a7=w#rP>!6c#~cj6g^D3y`u>_rlsG9|g}R9T~0;d>JJ3hVo2nFb{@ zuQzV;t#_FGltizl(22co!<}q=%JzWV*3ei_Ys++?EVhfUPRyI@d3Gea zVaNQ1Uu1`q2JR-H}ecZe`4CWTSj41 zvrNzTN-{>Ge}64VJap2G!2J)}oITkkwLUY|@{1AQ*u2ez{`wJJ==ToN_IC%%-}8HM zpIU*EPLajo`*oqa!y*ME(WC8Z3%}{>7HD=>8M&-#Xy+jpYq>4u8cDyfXKHpHkS1+! z`kjOEnx2ks#r;dOHBk?>NSz8R%;8N-;9zt-d$8XLcUt>}^N4ocRFpnzIq#aPO*He7 zXN`9XePWKV$fn(MOc5+d2Po*KTVR+~#OZJnZ zZ;yN1sV(~wbz3!9e7o2#T%w@)gr?WJO`wJV2ImY-g=B}0PNEbOR6H+pIufNw&$f<|ewMJK(7{(k zgibd`_HYIpBU7j?0l^upo*gfrA>Lxq<{jc-A?lRxE4I z3XWNWDT_$U>G4gq>F-(4mpR8XfaxdGyzW)X~WY6E>*CVixz>+s$h*X zTpG}FMOrY<37%iWma&lq_+$lKEVzw;u_1U& z6WFRFCOiq~TLtf!z+3|?*M|N@aD5{jqlK1(9s=-0XcDNJDN5#fG@3XPlMEYnE+At zHt)!SXRb;bBe^m(OD;E+nlNeQ-OE(RuVgqaQC!s5^}KSouKsZ~xu*L(F9ij*8B`a9xa+_@3t54R9lO3tbV?H}Ww3h!_k%3Yh}uJGP^Fo$^XhCKqu1P@v` zUL2wA2&=>go&lsClt-4sswQA1sKc5tf=iv;C-6!)h8{z>7DKHA>qG-?JPNP;k!u9W zh>D5Bp8TQpfp-S@9um-?o`7`Sd``Zy`oll&whF^yUH_El#XglbTbp?*$D1pXR%xA? z2cwJ}y}UfU-3Yd^DZ%9Py*!*9{XBTygsTs417XPH`4QH9+yO($eTUNgcfSPiXv}GJ zQo;;=lu~%#A3YY97`+t!N*TSB_;TJ#|f*P3YYu zsl{et|b%^Fd9qX!kW_G6T6>b7O&P;Tt&3RBIM?b`!RdqBGmYV6P#8gs=>aT zV|lf{??m~%b+NDYemmH~YU?;@I9X?ME4TwkhYiyfHcc9wlL)15)F2avL8KF`p6OWg zZ2W+-TlkyTanVX?vz|qs!Tqt5rvI=Fdlnag@UA{5W;*!AmsuR!P$O<&ndVt~leYO* zPDI2tL!~;lReUI4zFsh+68{f_%fJ!pq!(ff3}K!5k~=g3CnmM}2-x==VFmg@KfdwW z{8X9et8#wks~b{h%u(tUy(>$HXApxK#z3X?`>F&~MnM3F&E!77MH|q6gD=~1rNw?i zp=D@DuWGl*l;ZTnZg~YlplgWGLs>|axQSe`wrfLT>ciH z^wjDHZADtFh%)zr({ti06)e7#kT(CptT5a#L(VnB1YM?Z2lQVJA@EPl|8W1uw5~3h z^mCkPzR9jfq7qv!AOi|_K%a`W(fj|%_&4y68vmOe=0_nA%l6chb?Fj+K>(Xt&#;FG zSH;7?yp;1P`!`PYn|wdJTiJbMGAHCPGfR4fbbZ9B*I&Emfe+*aKarXI;t<(Ek9>g} z(ZXNz##hT8$R=`I6GBE!Wm1&Tw#Q?-Q_Z-`p$_r5PlqRxw_i{8mX# zB`rj`gDaOZjUlvfG?@iPe|I+VS>4W}ZPv%U^smcLlA;HT-WWHA#n10wZ!D35w#+-c z07lz#{rr8r@##dKMxQ#Oh64PPhaV2Le|8HV>WW`~lsR@IAyJ!_cq`y6qo>KCcb9Th zJiX{IkvM0c%jbhgSL6kft`O{=D4cw%`jjg^lqd~FzwPAberwLf^arPs0(iDD`YIW2 ziM7$z{eN+S%K7E1UPJ+qTvHDD$!uUU1e{FKaL@2iA52nknB&>g7mA%P?IK&Do94&} zyU2=0qtoZW(P9T5LT>Pxz=G6u18m|Juywl)`~3R<#9nb5D}L%s-sV=`e9oK0C%gVi z3=3>8^byR|zn}4A$*dl7?hUB9FZ=A~o^7~7?BLy8fu6g1Gpnt=qBXLEkgwH9rt^5V zQZb&7NcQSN_NMRq8+`_m6WgPgoSD6f%iQWvwf>I^uZpsXU2j&ZBuS@FPw^f2DS(Rm zY%1{QS^bl^mm>T03`hPRRT0n=C%J$l2ZT*k3zvZo;8X+x=BqN+RFoiyf*k Z3Uxc}%4JljeszIlpGQT``p+h2!6H)=?dq+LukI^;4cmCNBAxieB{D&BHAZX@U9mIif5nUNZairneu zQp}Wyq6@02K{H)mgj^eyq^o4S&)WN_P+#Ny=J)&heQW>rUhAyAp6CC6*7K~jo_!EP zNEGf5m08fag3om(Oj!gwfa~q2u0;(KK_WD0O+Wlph?h|Ve9UlZ!23O^DykICyO6^xhF!iW#)@Hjb%6?P>>0o5n5keZ!_oTo4uA#OWU*I))Mz&c4)|qjT%7^|5Zq<|bFwt~%T4 zG-1d1*mE~erw5%;uoStY4Wk_!TX$aFdqXNq5;YwVogXzGqeH<2a9M%4$Qk(~AE*rx z4=z81hQc%)DI9-liEdW9rTrx@mwT^M`bB+HqOw=ty zu}$$W2wOVf`9#FbideWY@vhyjWhL{UH0<8;tojkH*Sr_A9juwjPK7CK(#1b5-$)?; zFYkD+(8v#b*)2Z3si(Q*UgDBo3m7d&{P8VRsOh8_uHF`gutgsugBZ<^3e+23vx~=F zB^a`Hr|IG{NWSIXl%$k!i?BX<{?@V=OScZt(NOf?4}R6*Cw1j|L2g%Z3%7J#T&QHi z&Oe)r^#^}j(EBg{{h7+zrtPGsM%5AjeMiN5+_%)y4h(vV*+`Janh!?bEa z$%-KlwX9AQ|J&nG>Vqj1`c2aI^#z0TM;ZMo+dCINOPiba$|^2cV6vX~fH-np9g zOZg&=-tChLo}gO+v|qDpcy`A7J7TYUSY0=GMxv{?QRs4`LywU~_8Y|W*u~oucQ$&B zWsgMHX19xA>kmv>v zN%YIa;0E*eW}a7=w#rP>!6c#~cj6g^D3y`u>_rlsG9|g}R9T~0;d>JJ3hVo2nFb{@ zuQzV;t#_FGltizl(22co!<}q=%JzWV*3ei_Ys++?EVhfUPRyI@d3Gea zVaNQ1Uu1`q2JR-H}ecZe`4CWTSj41 zvrNzTN-{>Ge}64VJap2G!2J)}oITkkwLUY|@{1AQ*u2ez{`wJJ==ToN_IC%%-}8HM zpIU*EPLajo`*oqa!y*ME(WC8Z3%}{>7HD=>8M&-#Xy+jpYq>4u8cDyfXKHpHkS1+! z`kjOEnx2ks#r;dOHBk?>NSz8R%;8N-;9zt-d$8XLcUt>}^N4ocRFpnzIq#aPO*He7 zXN`9XePWKV$fn(MOc5+d2Po*KTVR+~#OZJnZ zZ;yN1sV(~wbz3!9e7o2#T%w@)gr?WJO`wJV2ImY-g=B}0PNEbOR6H+pIufNw&$f<|ewMJK(7{(k zgibd`_HYIpBU7j?0l^upo*gfrA>Lxq<{jc-A?lRxE4I z3XWNWDT_$U>G4gq>F-(4mpR8XfaxdGyzW)X~WY6E>*CVixz>+s$h*X zTpG}FMOrY<37%iWma&lq_+$lKEVzw;u_1U& z6WFRFCOiq~TLtf!z+3|?*M|N@aD5{jqlK1(9s=-0XcDNJDN5#fG@3XPlMEYnE+At zHt)!SXRb;bBe^m(OD;E+nlNeQ-OE(RuVgqaQC!s5^}KSouKsZ~xu*L(F9ij*8B`a9xa+_@3t54R9lO3tbV?H}Ww3h!_k%3Yh}uJGP^Fo$^XhCKqu1P@v` zUL2wA2&=>go&lsClt-4sswQA1sKc5tf=iv;C-6!)h8{z>7DKHA>qG-?JPNP;k!u9W zh>D5Bp8TQpfp-S@9um-?o`7`Sd``Zy`oll&whF^yUH_El#XglbTbp?*$D1pXR%xA? z2cwJ}y}UfU-3Yd^DZ%9Py*!*9{XBTygsTs417XPH`4QH9+yO($eTUNgcfSPiXv}GJ zQo;;=lu~%#A3YY97`+t!N*TSB_;TJ#|f*P3YYu zsl{et|b%^Fd9qX!kW_G6T6>b7O&P;Tt&3RBIM?b`!RdqBGmYV6P#8gs=>aT zV|lf{??m~%b+NDYemmH~YU?;@I9X?ME4TwkhYiyfHcc9wlL)15)F2avL8KF`p6OWg zZ2W+-TlkyTanVX?vz|qs!Tqt5rvI=Fdlnag@UA{5W;*!AmsuR!P$O<&ndVt~leYO* zPDI2tL!~;lReUI4zFsh+68{f_%fJ!pq!(ff3}K!5k~=g3CnmM}2-x==VFmg@KfdwW z{8X9et8#wks~b{h%u(tUy(>$HXApxK#z3X?`>F&~MnM3F&E!77MH|q6gD=~1rNw?i zp=D@DuWGl*l;ZTnZg~YlplgWGLs>|axQSe`wrfLT>ciH z^wjDHZADtFh%)zr({ti06)e7#kT(CptT5a#L(VnB1YM?Z2lQVJA@EPl|8W1uw5~3h z^mCkPzR9jfq7qv!AOi|_K%a`W(fj|%_&4y68vmOe=0_nA%l6chb?Fj+K>(Xt&#;FG zSH;7?yp;1P`!`PYn|wdJTiJbMGAHCPGfR4fbbZ9B*I&Emfe+*aKarXI;t<(Ek9>g} z(ZXNz##hT8$R=`I6GBE!Wm1&Tw#Q?-Q_Z-`p$_r5PlqRxw_i{8mX# zB`rj`gDaOZjUlvfG?@iPe|I+VS>4W}ZPv%U^smcLlA;HT-WWHA#n10wZ!D35w#+-c z07lz#{rr8r@##dKMxQ#Oh64PPhaV2Le|8HV>WW`~lsR@IAyJ!_cq`y6qo>KCcb9Th zJiX{IkvM0c%jbhgSL6kft`O{=D4cw%`jjg^lqd~FzwPAberwLf^arPs0(iDD`YIW2 ziM7$z{eN+S%K7E1UPJ+qTvHDD$!uUU1e{FKaL@2iA52nknB&>g7mA%P?IK&Do94&} zyU2=0qtoZW(P9T5LT>Pxz=G6u18m|Juywl)`~3R<#9nb5D}L%s-sV=`e9oK0C%gVi z3=3>8^byR|zn}4A$*dl7?hUB9FZ=A~o^7~7?BLy8fu6g1Gpnt=qBXLEkgwH9rt^5V zQZb&7NcQSN_NMRq8+`_m6WgPgoSD6f%iQWvwf>I^uZpsXU2j&ZBuS@FPw^f2DS(Rm zY%1{QS^bl^mm>T03`hPRRT0n=C%J$l2ZT*k3zvZo;8X+x=BqN+RFoiyf*k Z3Uxc}%4JljeszIlpGQT``p /dev/null + +. ./rim_functions.sh +#clearing and creating a new tmp folder +rm -rf tmp +mkdir -p tmp +#rim create +rim -c base -a ../configs/Base_Rim_Config.json -l ../eventlogs/TpmLog.bin -k ../keys/PC_OEM1_rim_signer_rsa_3k_sha384.key -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -o tmp/noCert.swidtag +rim_create_status $? + +# rim verify without cert chain +rim -v tmp/noCert.swidtag -l ../eventlogs/TpmLog.bin -t ../certs/PC_OEM1_Cert_Chain.pem +rim_verify_fail_test $? + +#Return to where ever you came from +popd > /dev/null \ No newline at end of file diff --git a/.ci/tcg-rim-tool/scripts/bindingSpecprimary_rim_noconfig_fail.sh b/.ci/tcg-rim-tool/scripts/bindingSpecprimary_rim_noconfig_fail.sh new file mode 100755 index 00000000..e869c724 --- /dev/null +++ b/.ci/tcg-rim-tool/scripts/bindingSpecprimary_rim_noconfig_fail.sh @@ -0,0 +1,14 @@ +#!/bin/bash +#test rim create with no config file. +# Capture location of this script to allow from invocation from any location +scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")") +# go to the script directory so everything runs smoothly ... +pushd $scriptDir > /dev/null + +. ./rim_functions.sh +#rim create +rim -c base -l ../eventlog/TpmLog.bin -k ../keys/PC_OEM1_rim_signer_rsa_3k_sha384.key -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -o noConfig.swidtag +rim_create_fail_test $? + +#Return to where ever you came from +popd > /dev/null \ No newline at end of file diff --git a/.ci/tcg-rim-tool/scripts/composite_rim_create_pass.sh b/.ci/tcg-rim-tool/scripts/composite_rim_create_pass.sh new file mode 100755 index 00000000..a73af52b --- /dev/null +++ b/.ci/tcg-rim-tool/scripts/composite_rim_create_pass.sh @@ -0,0 +1,40 @@ +#!/bin/bash +# Composite rim create pass test +# Capture location of this script to allow from invocation from any location +scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")") +# go to the script directory so everything runs smoothly ... +pushd $scriptDir > /dev/null + +. ./rim_functions.sh +#clearing and creating a new tmp folder +rm -rf tmp +mkdir -p tmp + +failCount=0 +# primary rim create +rim -c base -a ../configs/Primary_Rim_Config.json -l ../eventlogs/TpmLog.bin -k ../keys/PC_OEM1_rim_signer_rsa_3k_sha384.key -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -o tmp/primaryRimFile.swidtag +rim_create_status $? + +# verify primary rim +rim -v tmp/primaryRimFile.swidtag -l ../eventlogs/TpmLog.bin -t ../certs/PC_OEM1_Cert_Chain.pem -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem +rim_verify_status $? + +# comp rim create +rim -c base -a ../configs/Component1_Rim_Config.json -l ../eventlogs/TpmLog2.bin -k ../keys/COMP_OEM1_rim_signer_rsa_3k_sha384.key -p ../certs/COMP_OEM1_rim_signer_rsa_3k_sha384.pem -o tmp/compRimFile.swidtag +rim_create_status $? + +# verify comp rim +rim -v tmp/compRimFile.swidtag -l ../eventlogs/TpmLog2.bin -t ../certs/COMP_OEM1_Cert_Chain.pem -p ../certs/COMP_OEM1_rim_signer_rsa_3k_sha384.pem +rim_verify_status $? + +#Return to where ever you came from +popd > /dev/null + +if [ $failCount -eq 0 ]; then + echo "Expected Result (PASS) Result: PASS, primaryRimFile.swidtag has a new base rim file signed by PC_OEM1_rim_signer_rsa_3k_sha384.key" + echo "Expected Result (PASS) Result: PASS, compRimFile.swidtag has a new base rim file signed by COMP_OEM1_rim_signer_rsa_3k_sha384.key" +else + echo "Expected Result (PASS) Result: FAILED, exit status $failCount" +fi +exit $failCount + diff --git a/.ci/tcg-rim-tool/scripts/patch_rim_create_pass.sh b/.ci/tcg-rim-tool/scripts/patch_rim_create_pass.sh new file mode 100755 index 00000000..355d3e87 --- /dev/null +++ b/.ci/tcg-rim-tool/scripts/patch_rim_create_pass.sh @@ -0,0 +1,33 @@ +#!/bin/bash +#Creates and Verifies a Patch RIM. Needs to refer to the Primary RIM created in previous test. +# Capture location of this script to allow from invocation from any location +scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")") +# go to the script directory so everything runs smoothly ... +pushd $scriptDir > /dev/null + +. ./rim_functions.sh +#clearing and creating a new tmp folder +rm -rf tmp +mkdir -p tmp +#declares failCount as number of failure tests that are not working as they should +#Exit 1: Rim Create failure +#Exit 2: Rim verify failure +failCount=0 +# rim create +rim -c base -a ../configs/Patch_RIM_Config.json -l ../eventlogs/TpmLog2.bin -k ../keys/PC_OEM1_rim_signer_rsa_3k_sha384.key -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -o tmp/patchRimFile.swidtag +rim_create_status $? + +# RIM verify +rim -v tmp/patchRimFile.swidtag -t ../certs/PC_OEM1_Cert_Chain.pem -l ../eventlogs/TpmLog2.bin -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem +rim_verify_status $? + +#Return to where ever you came from +popd > /dev/null + +#Exit status with message +if [ $failCount -eq 0 ]; then + echo "Expected Result (PASS) Result: PASS, patchRimFile.swidtag has a new base rim file signed by PC_OEM1_rim_signer_rsa_3k_sha384.key" +else + echo "Expected Result (PASS) Result: FAILED, exit status $failCount" +fi +exit $failCount \ No newline at end of file diff --git a/.ci/tcg-rim-tool/scripts/primary_rim_create_pass.sh b/.ci/tcg-rim-tool/scripts/primary_rim_create_pass.sh new file mode 100755 index 00000000..8a939e05 --- /dev/null +++ b/.ci/tcg-rim-tool/scripts/primary_rim_create_pass.sh @@ -0,0 +1,37 @@ +#!/bin/bash +#This test creates and verifies a single Primary RIM +# Capture location of this script to allow from invocation from any location +scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")") +# go to the script directory so everything runs smoothly ... +pushd $scriptDir > /dev/null + +. ./rim_functions.sh +#clearing and creating a new tmp folder +rm -rf tmp +mkdir -p tmp + +#declares failCount as number of failure tests that are not working as they should +#Exit 1: Rim Create failure +#Exit 2: Rim verify failure +failCount=0 +# creating a base rim and checking exit status +rim -c base -a ../configs/Base_Rim_Config.json -l ../eventlogs/TpmLog.bin -k ../keys/PC_OEM1_rim_signer_rsa_3k_sha384.key -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -o tmp/baseRimFile.swidtag +rim_create_status $? + +# RIM verify and checking exit status +rim -v tmp/baseRimFile.swidtag -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -t ../certs/PC_OEM1_Cert_Chain.pem -l ../eventlogs/TpmLog.bin +rim_verify_status $? + +#Return to where ever you came from +popd > /dev/null + +#script exit status +if [ $failCount -eq 0 ]; then + echo "Expected Result (PASS) Result: PASS, baseRimFile.swidtag has a new base rim file signed by PC_OEM1_rim_signer_rsa_3k_sha384.key" +else + echo "Expected Result (PASS) Result: FAILED, exit status $failCount" +fi +exit $failCount + + + diff --git a/.ci/tcg-rim-tool/scripts/primary_rim_embedd_pass.sh b/.ci/tcg-rim-tool/scripts/primary_rim_embedd_pass.sh new file mode 100755 index 00000000..d7658103 --- /dev/null +++ b/.ci/tcg-rim-tool/scripts/primary_rim_embedd_pass.sh @@ -0,0 +1,34 @@ +#!/bin/bash +#Test the option to embed a certificate into the swidtag +# Capture location of this script to allow from invocation from any location +scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")") +# go to the script directory so everything runs smoothly ... +pushd $scriptDir > /dev/null + +. ./rim_functions.sh +#clearing and creating a new tmp folder +rm -rf tmp +mkdir -p tmp + +#declares failCount as number of failure tests that are not working as they should +#Exit 1: Rim Create failure +#Exit 2: Rim verify failure +failCount=0 +#rim create, -e flag fails? Bouncy Castle error... +rim -c base -a ../configs/Base_Rim_Config.json -l ../eventlogs/TpmLog.bin -k ../keys/PC_OEM1_rim_signer_rsa_3k_sha384.key -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -e -o tmp/primary_embedd.swidtag +rim_create_status $? + +#rim verify. +rim -v tmp/primary_embedd.swidtag -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -l ../eventlogs/TpmLog.bin -t ../certs/PC_OEM1_RSA_Cert_Chain.pem +rim_verify_status $? + +#Return to where ever you came from +popd > /dev/null + +#Exit status with message +if [ $failCount -eq 0 ]; then + echo "Expected Result (PASS) Result: PASS, patchRimFile.swidtag has a new base rim file signed by PC_OEM1_rim_signer_rsa_3k_sha384.key" +else + echo "Expected Result (PASS) Result: FAILED, exit status $failCount" +fi +exit $failCount \ No newline at end of file diff --git a/.ci/tcg-rim-tool/scripts/primary_rim_noeventlog_fail.sh b/.ci/tcg-rim-tool/scripts/primary_rim_noeventlog_fail.sh new file mode 100755 index 00000000..2487d766 --- /dev/null +++ b/.ci/tcg-rim-tool/scripts/primary_rim_noeventlog_fail.sh @@ -0,0 +1,14 @@ +#!/bin/bash +#Test for a missing event log +# Capture location of this script to allow from invocation from any location +scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")") +# go to the script directory so everything runs smoothly ... +pushd $scriptDir > /dev/null + +. ./rim_functions.sh +#rim create +rim -c base -a ../configs/Base_Rim_Config.json -k ../keys/PC_OEM1_rim_signer_rsa_3k_sha384.key -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -o noEventlog.swidtag +rim_create_fail_test $? + +#Return to where ever you came from +popd > /dev/null \ No newline at end of file diff --git a/.ci/tcg-rim-tool/scripts/primary_rim_nokey_fail.sh b/.ci/tcg-rim-tool/scripts/primary_rim_nokey_fail.sh new file mode 100755 index 00000000..ace180e9 --- /dev/null +++ b/.ci/tcg-rim-tool/scripts/primary_rim_nokey_fail.sh @@ -0,0 +1,14 @@ +#!/bin/bash +#Tests for a missing key +# Capture location of this script to allow from invocation from any location +scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")") +# go to the script directory so everything runs smoothly ... +pushd $scriptDir > /dev/null + +. ./rim_functions.sh +#rim create +rim -c base -a ../configs/Base_Rim_Config.json -l ../eventlogs/TpmLog.bin -p ../certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem -o baseRimFile.swidtag +rim_create_fail_test $? + +#Return to where ever you came from +popd > /dev/null \ No newline at end of file diff --git a/.ci/tcg-rim-tool/scripts/rim_functions.sh b/.ci/tcg-rim-tool/scripts/rim_functions.sh new file mode 100755 index 00000000..55947556 --- /dev/null +++ b/.ci/tcg-rim-tool/scripts/rim_functions.sh @@ -0,0 +1,132 @@ +#!/bin/bash +#Rim system test support functions. +#exit status functions for rim create and rim verify. +rim_create_status(){ + if [ $1 -eq 0 ]; then + echo "********" + echo "RIM create passed, attempting to verify the signature on base rim file..." + echo "********" + else + echo "********" + echo "FAILED: rim creation failed" + echo "********" + ((failCount++)) + fi +} + +rim_verify_status(){ + if [ $1 -eq 0 ]; then + echo "********" + echo "RIM Verify passed!" + #echo "********" + else + echo "********" + echo "FAILED: rim verify failed" + #echo "********" + ((failCount++)) + fi +} + +rim_create_fail_test(){ + if [ $1 -ne 0 ]; then + echo "********" + echo "PASSED: RIM create FAILED as expected." + #echo "********" + exit 0 + else + echo "********" + echo "FAILED: RIM create PASSED expected FAIL." + #echo "********" + exit 1 + fi +} + +rim_verify_fail_test(){ + if [ $1 -ne 0 ]; then + echo "********" + echo "PASSED: RIM verify FAILED as expected." + #echo "********" + exit 0 + else + echo "********" + echo "FAILED: RIM verify PASSED expected FAIL." + #echo "********" + exit 1 + fi +} + +check_req_attributes() { + local element="$1" + shift + local attributes=("$@") + for attribute in "${attributes[@]}"; do + ((num_tests++)) + if grep -q "$element.*$attribute=" "$BASE_RIM"; then + echo "The $element element HAS the REQUIRED '$attribute' attribute." + ((num_tests_pass++)) + else + echo -e "\033[31mError: The $element element is MISSING the REQUIRED '$attribute' attribute.\033[0m" + exitStatus=1 + fi + done +} + +check_opt_attributes() { + local element="$1" + shift + local attributes=("$@") + for attribute in "${attributes[@]}"; do + if grep -q "$element.*$attribute=" "$BASE_RIM"; then + echo "The $element element HAS the OPTIONAL '$attribute' attribute." + else + echo -e "\033[33mThe $element element is MISSING the OPTIONAL '$attribute' attribute.\033[0m" + fi + done +} + +check_element() { + local element="$1" + ((num_tests++)) + if grep -q "$1" "$BASE_RIM"; then + echo "************" + echo "$element element exists checking for REQUIRED attributes... " + ((num_tests_pass++)) + else + echo -e "\033[31mERROR: $element element is missing\033[0m" + exitStatus=1 + fi +} + +# checks parent tag for REQUIRED elements/attributes found in child tags. +check_tag_req(){ + local element="$1" + local tag_block="$2" + shift 2 + local attributes=("$@") + + for attribute in "${attributes[@]}"; do + ((num_tests++)) + if echo "$tag_block" | grep -q "$attribute"; then + echo "The $element element HAS the REQUIRED '$attribute' attribute." + ((num_tests_pass++)) + else + echo -e "\033[31mError: The $element element is MISSING the REQUIRED '$attribute' attribute.\033[0m" + exitStatus=1 + fi + done +} +# checks parent tag for OPTIONAL elements/attributes found in child tags. +check_tag_opt(){ + local element="$1" + local tag_block="$2" + shift 2 + local attributes=("$@") + + for attribute in "${attributes[@]}"; do + if echo "$tag_block" | grep -q "$attribute"; then + echo "The $element element HAS the REQUIRED '$attribute' attribute." + else + echo -e "\033[33mThe $element element is MISSING the OPTIONAL '$attribute' attribute.\033[0m" + fi + done +} \ No newline at end of file diff --git a/.ci/tcg-rim-tool/scripts/run_all_tests.sh b/.ci/tcg-rim-tool/scripts/run_all_tests.sh new file mode 100755 index 00000000..a953b60d --- /dev/null +++ b/.ci/tcg-rim-tool/scripts/run_all_tests.sh @@ -0,0 +1,89 @@ +#!/bin/bash +# This script will run all the tests in rim/scrips directory. it will ignore specified files. +# counters that will provide information about the script status. +testsFailed=0 +testsPassed=0 +testsRan=0 +# Capture location of this script to allow from invocation from any location +scriptDir=$(dirname -- "$(readlink -f -- "${BASH_SOURCE[0]}")") +# go to the script directory so everything runs smoothly ... +pushd $scriptDir > /dev/null + + +# adding the verbose option. +while [[ $# -gt 0 ]]; do + case $1 in + '-v'|'--verbose') + ARG_VERBOSE=YES + echo "verbose parameters" + shift # past argument + ;; + '-*'|'--*') + echo "Unknown option $1" + exit 1 + ;; + *) + echo "Unknown argument $1" + exit 1 + shift # past argument + ;; + esac +done + +#List of files in the scripts directory to ignore. +exclude=("run_all_tests.sh" "rim_functions.sh") + +#loop through the test/rim/scripts directory +for script in *.sh; do + #ignoring specified (non test) files. + if [[ ! "${exclude[*]}" =~ $script ]]; then + ((testsRan++)) + echo "" + echo "----------------" + echo "RUNNING $script" + + if [ -n "$ARG_VERBOSE" ]; then + ./"$script" + else + ./"$script" >/dev/null + fi + + #checking the exit stats of the script (test). + if [ $? -eq 0 ];then + if [ -z "$ARG_VERBOSE" ]; then + echo "PASSED $script" + fi + echo "----------------" + ((testsPassed++)) + else + if [ -z "$ARG_VERBOSE" ]; then + echo -e "\033[31mFAILED $script\033[0m" + fi + echo "----------------" + ((testsFailed++)) + fi + else + echo "" + echo "----------------" + echo "skipping $script" + echo "----------------" + fi + +done + +#return to whatever directory you started at +popd > /dev/null + +#test results +echo "" +echo "**** Test Results *****" +echo "Number of tests ran = $testsRan" +echo "Number of tests passed = $testsPassed" +echo "Number of tests failed = $testsFailed" + +#tests status +if [ "$testsFailed" -eq 0 ]; then + exit 0 +else + exit 1 +fi \ No newline at end of file diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle index eeb324e4..5dff4dba 100644 --- a/tools/tcg_rim_tool/build.gradle +++ b/tools/tcg_rim_tool/build.gradle @@ -140,7 +140,21 @@ task buildZip(type: Zip){ from('./build/resources/test/rim_fields.json'){ into '/' } - + from('../../.ci/tcg-rim-tool/configs/Base_Rim_Config.json'){ + into '/' + } + from('../../.ci/tcg-rim-tool/eventlogs/TpmLog.bin'){ + into '/' + } + from('../../.ci/tcg-rim-tool/keys/PC_OEM1_rim_signer_rsa_3k_sha384.key'){ + into '/' + } + from('../../.ci/tcg-rim-tool/certs/PC_OEM1_rim_signer_rsa_3k_sha384.pem'){ + into '/' + } + from('../../.ci/tcg-rim-tool/certs/PC_OEM1_Cert_Chain.pem'){ + into '/' + } archiveBaseName.set(project.name) archiveExtension.set('zip') From c8ca3ad820f9b6d0185e4ba079ee1c8f473600b0 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 17 Jul 2024 11:00:50 -0400 Subject: [PATCH 15/37] adding eventlog Jar to the package --- .github/workflows/hirs_package_linux.yml | 2 ++ tools/tcg_eventlog_tool/build.gradle | 31 ++++++++++++------------ 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 4125312d..fbf15e86 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -45,7 +45,9 @@ jobs: cp HIRS_Utils/build/libs/*.jar artifacts/jars/. cp HIRS_Structs/build/libs/*.jar artifacts/jars/. cp tools/tcg_rim_tool/build/distributions/*.zip artifacts/win + cp tools/tcg_eventlog_tool/build/distributions/*.zip artifacts/win cp package/win/tcg-rim-tool/*.ps1 artifacts/win + - name: Archive RPM files uses: actions/upload-artifact@v4 with: diff --git a/tools/tcg_eventlog_tool/build.gradle b/tools/tcg_eventlog_tool/build.gradle index 8c19820a..1d6186bb 100644 --- a/tools/tcg_eventlog_tool/build.gradle +++ b/tools/tcg_eventlog_tool/build.gradle @@ -126,19 +126,18 @@ ospackage { } -// -//task buildZip(type: Zip){ -// dependsOn jar -// from(tasks.jar.archiveFile){ -// into '/' -// } -// -//// arch = 'win' -// // project_subproject-release version_data-git commit hash-arch.extension -// archiveBaseName.set(project.name + '-' + jarVersion) -// archiveExtension.set('zip') -// destinationDirectory.set(file("$buildDir/distributions")) -//} -// -//buildZip.dependsOn jar -////build.dependsOn buildZip \ No newline at end of file + +task buildZip(type: Zip){ + dependsOn jar + from(tasks.jar.archiveFile){ + into '/' + } + + + archiveBaseName.set(project.name) + archiveExtension.set('zip') + destinationDirectory.set(file("$buildDir/distributions")) +} + +buildZip.dependsOn jar +//build.dependsOn buildZip \ No newline at end of file From f712f2597f30934e97bb4b3a7b6af7141932802a Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 17 Jul 2024 14:27:26 -0400 Subject: [PATCH 16/37] fixed jar file name inside zip --- package/win/tcg-rim-tool/eventLog.ps1 | 2 +- package/win/tcg-rim-tool/hirsshell.ps1 | 3 +-- package/win/tcg-rim-tool/rim.ps1 | 2 +- tools/tcg_eventlog_tool/build.gradle | 5 +++-- tools/tcg_rim_tool/build.gradle | 5 ++++- 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/package/win/tcg-rim-tool/eventLog.ps1 b/package/win/tcg-rim-tool/eventLog.ps1 index 7307cd50..552289c7 100644 --- a/package/win/tcg-rim-tool/eventLog.ps1 +++ b/package/win/tcg-rim-tool/eventLog.ps1 @@ -3,7 +3,7 @@ $JavaParams = @{ FilePath = 'java' ArgumentList = @( - '-jar "{0}"' -f "$PWD\tcg_eventlog_tool-2.1.3.jar" + '-jar "{0}"' -f "$PWD\tcg_eventlog_tool/tcg_eventlog_tool.jar" "$args" ) } diff --git a/package/win/tcg-rim-tool/hirsshell.ps1 b/package/win/tcg-rim-tool/hirsshell.ps1 index ae85c109..6b475e17 100644 --- a/package/win/tcg-rim-tool/hirsshell.ps1 +++ b/package/win/tcg-rim-tool/hirsshell.ps1 @@ -4,8 +4,7 @@ $StartInfo.FileName = "$pshome\powershell.exe" $StartInfo.Arguments = "-NoExit -Command `$Host.UI.RawUI.WindowTitle=`'TCG RIM TOOL`'; Set-Alias elt '$PWD\eventlog.ps1'; - Set-Alias rim '$PWD\rim.ps1'; - # function rim { java -jar 'tcg_rim_tool-2.1.0.jar' $args; }; + Set-Alias rim '$PWD\rim.ps1'; echo 'The TCG RIM TOOL is intended for testing TCG Defined PC Client Reference Integrity Manifests (RIMs)'; echo 'for usage type: rim -h'; echo 'for eventlog usage type: elt -h' diff --git a/package/win/tcg-rim-tool/rim.ps1 b/package/win/tcg-rim-tool/rim.ps1 index 75168c6a..986e2917 100644 --- a/package/win/tcg-rim-tool/rim.ps1 +++ b/package/win/tcg-rim-tool/rim.ps1 @@ -3,7 +3,7 @@ $JavaParams = @{ FilePath = 'java' ArgumentList = @( - '-jar "{0}"' -f "$PWD\tcg_rim_tool-2.1.0.jar" + '-jar "{0}"' -f "$PWD\tcg_rim_tool/tcg_rim_tool.jar" "$args" ) } diff --git a/tools/tcg_eventlog_tool/build.gradle b/tools/tcg_eventlog_tool/build.gradle index 1d6186bb..4de963e4 100644 --- a/tools/tcg_eventlog_tool/build.gradle +++ b/tools/tcg_eventlog_tool/build.gradle @@ -130,13 +130,14 @@ ospackage { task buildZip(type: Zip){ dependsOn jar from(tasks.jar.archiveFile){ + rename( filename -> + "${project.name}.jar") into '/' } - archiveBaseName.set(project.name) - archiveExtension.set('zip') destinationDirectory.set(file("$buildDir/distributions")) + archiveFileName.set("${project.name}.zip") } buildZip.dependsOn jar diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle index 5dff4dba..92921f72 100644 --- a/tools/tcg_rim_tool/build.gradle +++ b/tools/tcg_rim_tool/build.gradle @@ -133,8 +133,11 @@ buildDeb { } task buildZip(type: Zip){ + dependsOn jar dependsOn jar from(tasks.jar.archiveFile){ + rename( filename -> + "${project.name}.jar") into '/' } from('./build/resources/test/rim_fields.json'){ @@ -157,8 +160,8 @@ task buildZip(type: Zip){ } archiveBaseName.set(project.name) - archiveExtension.set('zip') destinationDirectory.set(file("$buildDir/distributions")) + archiveFileName.set("${project.name}.zip") } buildZip.dependsOn jar From 06a46b1e0a7e1f02d631b6c60231fe22cb0d2809 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 17 Jul 2024 14:53:47 -0400 Subject: [PATCH 17/37] upgraded actions to latest versions --- .github/workflows/hirs_package_linux.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index fbf15e86..fc8190ab 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' @@ -32,7 +32,7 @@ jobs: sudo apt-get update sudo apt-get install git curl nano cron mariadb-server - name: Setup Gradle - uses: gradle/gradle-build-action@v2 + uses: gradle/actions/setup-gradle@v3 - name: Execute Gradle build run: | ./gradlew build; From 061d865dec802119dcc805b8a280bd202ce2116c Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Tue, 23 Jul 2024 16:17:32 -0400 Subject: [PATCH 18/37] Added a README to tcg rim tool win package --- package/win/tcg-rim-tool/README.md | 38 ++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 package/win/tcg-rim-tool/README.md diff --git a/package/win/tcg-rim-tool/README.md b/package/win/tcg-rim-tool/README.md new file mode 100644 index 00000000..01a827f5 --- /dev/null +++ b/package/win/tcg-rim-tool/README.md @@ -0,0 +1,38 @@ +This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. + +To get the tools working on windows follow the instructions below: + + +1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. + +2- Open PowerShell as administrator and run > Set-ExecutionPolicy unrestricted +To verify run > Get-ExecutionPolicy and it should be set to "unrestricted" + +3- Right click on create_hirs_desktop_shortcut.ps1 and run with PowerShell, a PowerShell terminal will pop-up, if prompted type "R" to run the script. + +4- HIRS_tools.ps1 should appear on your desktop, right click on it and run with PowerShell . if prompted type "R" to run the script. + +5- The HIRS terminal should popup. + +6- To remove the warning messages when running the rim tool and the event log tool: +Open PowerShell as administrator, navigate to the working directory, and run the following: +> Unblock-File -Path .\rim.ps1 +> Unblock-File -Path .\eventLog.ps1 + +To run the rim tool try the following commands + +> rim -c base -a .\tcg_rim_tool\Base_Rim_Config.json -l .\tcg_rim_tool\TpmLog.bin -k .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.key -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -o baseRim.swidtag + +> rim -v .\baseRim.swidtag -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -t .\tcg_rim_tool\PC_OEM1_Cert_Chain.pem -l .\tcg_rim_tool\TpmLog.bin + + + +To run the eventlog tool: + +elt -f C:\Windows\Logs\MeasuredBoot\[.log file here] -e + +Eventlog files are found here windows: +C:\Windows\Logs\MeasuredBoot + +Example Command would be: +> elt -f C:\Windows\Logs\MeasuredBoot\000000001-000000001.log -e (file name needs to match on on your system) \ No newline at end of file From 0737cbce20ed4ebaf84a8ab6e8f800c2cb3db4fd Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 24 Jul 2024 08:40:41 -0400 Subject: [PATCH 19/37] Added a README to tcg rim tool win package --- .github/workflows/hirs_package_linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index fc8190ab..5818e337 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -46,7 +46,7 @@ jobs: cp HIRS_Structs/build/libs/*.jar artifacts/jars/. cp tools/tcg_rim_tool/build/distributions/*.zip artifacts/win cp tools/tcg_eventlog_tool/build/distributions/*.zip artifacts/win - cp package/win/tcg-rim-tool/*.ps1 artifacts/win + cp package/win/tcg-rim-tool/* artifacts/win - name: Archive RPM files uses: actions/upload-artifact@v4 From 6492ca831187fa03053e093e3e01b1bacb5c5be8 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 24 Jul 2024 09:31:03 -0400 Subject: [PATCH 20/37] Update README.md --- package/win/tcg-rim-tool/README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/package/win/tcg-rim-tool/README.md b/package/win/tcg-rim-tool/README.md index 01a827f5..e7766200 100644 --- a/package/win/tcg-rim-tool/README.md +++ b/package/win/tcg-rim-tool/README.md @@ -1,11 +1,11 @@ -This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. +This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. -To get the tools working on windows follow the instructions below: +To get the tools working on windows follow the instructions below: -1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. +1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. \ -2- Open PowerShell as administrator and run > Set-ExecutionPolicy unrestricted +2- Open PowerShell as administrator and run > Set-ExecutionPolicy unrestricted
To verify run > Get-ExecutionPolicy and it should be set to "unrestricted" 3- Right click on create_hirs_desktop_shortcut.ps1 and run with PowerShell, a PowerShell terminal will pop-up, if prompted type "R" to run the script. @@ -35,4 +35,4 @@ Eventlog files are found here windows: C:\Windows\Logs\MeasuredBoot Example Command would be: -> elt -f C:\Windows\Logs\MeasuredBoot\000000001-000000001.log -e (file name needs to match on on your system) \ No newline at end of file +> elt -f C:\Windows\Logs\MeasuredBoot\000000001-000000001.log -e (file name needs to match on on your system) From 8d69f427fcf0d089decf35aa11c6a9a1fa344e6c Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 24 Jul 2024 13:47:52 -0400 Subject: [PATCH 21/37] Update README.md --- package/win/tcg-rim-tool/README.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/package/win/tcg-rim-tool/README.md b/package/win/tcg-rim-tool/README.md index e7766200..26716d8d 100644 --- a/package/win/tcg-rim-tool/README.md +++ b/package/win/tcg-rim-tool/README.md @@ -1,11 +1,10 @@ -This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. +This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. To get the tools working on windows follow the instructions below: +1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. -1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. \ - -2- Open PowerShell as administrator and run > Set-ExecutionPolicy unrestricted
+2- Open PowerShell as administrator and run > Set-ExecutionPolicy unrestricted To verify run > Get-ExecutionPolicy and it should be set to "unrestricted" 3- Right click on create_hirs_desktop_shortcut.ps1 and run with PowerShell, a PowerShell terminal will pop-up, if prompted type "R" to run the script. From 350ce1aebd8c2c782c629c3698a52a65884ca409 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 24 Jul 2024 14:19:02 -0400 Subject: [PATCH 22/37] Create readme.txt --- package/win/tcg-rim-tool/readme.txt | 38 +++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 package/win/tcg-rim-tool/readme.txt diff --git a/package/win/tcg-rim-tool/readme.txt b/package/win/tcg-rim-tool/readme.txt new file mode 100644 index 00000000..f4783942 --- /dev/null +++ b/package/win/tcg-rim-tool/readme.txt @@ -0,0 +1,38 @@ +This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. + +To get the tools working on windows follow the instructions below: + + +1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. + +2- Open PowerShell as administrator and run > Set-ExecutionPolicy unrestricted +To verify run > Get-ExecutionPolicy and it should be set to "unrestricted" + +3- Right click on create_hirs_desktop_shortcut.ps1 and run with PowerShell, a PowerShell terminal will pop-up, if prompted type "R" to run the script. + +4- HIRS_tools.ps1 should appear on your desktop, right click on it and run with PowerShell . if prompted type "R" to run the script. + +5- The HIRS terminal should popup. + +6- To remove the warning messages when running the rim tool and the event log tool: +Open PowerShell as administrator, navigate to the working directory, and run the following: +> Unblock-File -Path .\rim.ps1 +> Unblock-File -Path .\eventLog.ps1 + +To run the rim tool try the following commands + +> rim -c base -a .\tcg_rim_tool\Base_Rim_Config.json -l .\tcg_rim_tool\TpmLog.bin -k .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.key -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -o baseRim.swidtag + +> rim -v .\baseRim.swidtag -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -t .\tcg_rim_tool\PC_OEM1_Cert_Chain.pem -l .\tcg_rim_tool\TpmLog.bin + + + +To run the eventlog tool: + +elt -f C:\Windows\Logs\MeasuredBoot\[.log file here] -e + +Eventlog files are found here windows: +C:\Windows\Logs\MeasuredBoot + +Example Command would be: +> elt -f C:\Windows\Logs\MeasuredBoot\000000001-000000001.log -e (file name needs to match on on your system) From 3dcccfa67031ed18cd5f15f4e9010d5db78a98ed Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 24 Jul 2024 15:52:26 -0400 Subject: [PATCH 23/37] Update hirs_package_linux.yml --- .github/workflows/hirs_package_linux.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 5818e337..d11b1ea0 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Set up JDK 17 - uses: actions/setup-java@v4 + uses: actions/setup-java@v3 with: java-version: '17' distribution: 'temurin' @@ -32,7 +32,7 @@ jobs: sudo apt-get update sudo apt-get install git curl nano cron mariadb-server - name: Setup Gradle - uses: gradle/actions/setup-gradle@v3 + uses: gradle/gradle-build-actions@v2 - name: Execute Gradle build run: | ./gradlew build; @@ -55,28 +55,28 @@ jobs: path: HIRS_AttestationCAPortal/build/distributions/*.rpm if-no-files-found: error - name: Archive DEB files - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v3 with: name: DEB_Files path: HIRS_AttestationCAPortal/build/distributions/*.deb if-no-files-found: error - name: War files - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v3 with: name: WAR_Files path: HIRS_AttestationCAPortal/build/libs/HIRS_AttestationCAPortal.war if-no-files-found: error - name: JAR_Files - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v3 with: name: JAR_Files path: artifacts/jars/ if-no-files-found: error - name: ZIP_Files - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v3 with: name: ZIP_Files path: artifacts/win/ if-no-files-found: error - \ No newline at end of file + From dfd84b4c906d02ab6407e35f74f6843d53094dbd Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Thu, 25 Jul 2024 11:55:50 -0400 Subject: [PATCH 24/37] Update hirs_package_linux.yml --- .github/workflows/hirs_package_linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index d11b1ea0..c3346b11 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -32,7 +32,7 @@ jobs: sudo apt-get update sudo apt-get install git curl nano cron mariadb-server - name: Setup Gradle - uses: gradle/gradle-build-actions@v2 + uses: gradle/gradle-build-action@v2 - name: Execute Gradle build run: | ./gradlew build; From 1ed65ca9b4987bbf5452c39bc4039d8fd11cbbaa Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Thu, 25 Jul 2024 12:05:37 -0400 Subject: [PATCH 25/37] Removed extra files --- package/win/tcg-rim-tool/readme.txt | 38 ----------------------------- 1 file changed, 38 deletions(-) delete mode 100644 package/win/tcg-rim-tool/readme.txt diff --git a/package/win/tcg-rim-tool/readme.txt b/package/win/tcg-rim-tool/readme.txt deleted file mode 100644 index f4783942..00000000 --- a/package/win/tcg-rim-tool/readme.txt +++ /dev/null @@ -1,38 +0,0 @@ -This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. - -To get the tools working on windows follow the instructions below: - - -1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. - -2- Open PowerShell as administrator and run > Set-ExecutionPolicy unrestricted -To verify run > Get-ExecutionPolicy and it should be set to "unrestricted" - -3- Right click on create_hirs_desktop_shortcut.ps1 and run with PowerShell, a PowerShell terminal will pop-up, if prompted type "R" to run the script. - -4- HIRS_tools.ps1 should appear on your desktop, right click on it and run with PowerShell . if prompted type "R" to run the script. - -5- The HIRS terminal should popup. - -6- To remove the warning messages when running the rim tool and the event log tool: -Open PowerShell as administrator, navigate to the working directory, and run the following: -> Unblock-File -Path .\rim.ps1 -> Unblock-File -Path .\eventLog.ps1 - -To run the rim tool try the following commands - -> rim -c base -a .\tcg_rim_tool\Base_Rim_Config.json -l .\tcg_rim_tool\TpmLog.bin -k .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.key -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -o baseRim.swidtag - -> rim -v .\baseRim.swidtag -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -t .\tcg_rim_tool\PC_OEM1_Cert_Chain.pem -l .\tcg_rim_tool\TpmLog.bin - - - -To run the eventlog tool: - -elt -f C:\Windows\Logs\MeasuredBoot\[.log file here] -e - -Eventlog files are found here windows: -C:\Windows\Logs\MeasuredBoot - -Example Command would be: -> elt -f C:\Windows\Logs\MeasuredBoot\000000001-000000001.log -e (file name needs to match on on your system) From c3459b166b6e13e80efed35759ed52fe6d28a21c Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Thu, 25 Jul 2024 12:38:38 -0400 Subject: [PATCH 26/37] Resolved warnings --- .github/workflows/hirs_package_linux.yml | 12 ++++++------ package/win/tcg-rim-tool/README.md | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index c3346b11..8604fc66 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' @@ -32,7 +32,7 @@ jobs: sudo apt-get update sudo apt-get install git curl nano cron mariadb-server - name: Setup Gradle - uses: gradle/gradle-build-action@v2 + uses: gradle/actions/setup-gradle@v3 - name: Execute Gradle build run: | ./gradlew build; @@ -55,25 +55,25 @@ jobs: path: HIRS_AttestationCAPortal/build/distributions/*.rpm if-no-files-found: error - name: Archive DEB files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: DEB_Files path: HIRS_AttestationCAPortal/build/distributions/*.deb if-no-files-found: error - name: War files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: WAR_Files path: HIRS_AttestationCAPortal/build/libs/HIRS_AttestationCAPortal.war if-no-files-found: error - name: JAR_Files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: JAR_Files path: artifacts/jars/ if-no-files-found: error - name: ZIP_Files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ZIP_Files path: artifacts/win/ diff --git a/package/win/tcg-rim-tool/README.md b/package/win/tcg-rim-tool/README.md index 26716d8d..ec41c535 100644 --- a/package/win/tcg-rim-tool/README.md +++ b/package/win/tcg-rim-tool/README.md @@ -1,6 +1,6 @@ This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. -To get the tools working on windows follow the instructions below: +To get the tools running on windows follow the instructions below: 1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. @@ -13,7 +13,7 @@ To verify run > Get-ExecutionPolicy and it should be set to "unrestricted" 5- The HIRS terminal should popup. -6- To remove the warning messages when running the rim tool and the event log tool: +6- (optional) To remove the warning messages when running the rim tool and the event log tool: Open PowerShell as administrator, navigate to the working directory, and run the following: > Unblock-File -Path .\rim.ps1 > Unblock-File -Path .\eventLog.ps1 From 7753d919d00b44d367bb6b56828d0f1078c2c2a6 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Thu, 25 Jul 2024 13:05:27 -0400 Subject: [PATCH 27/37] minor changes --- .github/workflows/hirs_package_linux.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 8604fc66..46ff50a1 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -47,7 +47,6 @@ jobs: cp tools/tcg_rim_tool/build/distributions/*.zip artifacts/win cp tools/tcg_eventlog_tool/build/distributions/*.zip artifacts/win cp package/win/tcg-rim-tool/* artifacts/win - - name: Archive RPM files uses: actions/upload-artifact@v4 with: From 75b02a18e30fccda128d6ed529102d540f9a0f82 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Tue, 30 Jul 2024 17:11:52 -0400 Subject: [PATCH 28/37] added a batch file to run the scripts --- package/win/tcg-rim-tool/README.md | 16 +--------------- package/win/tcg-rim-tool/hirsshell.ps1 | 9 ++++++++- package/win/tcg-rim-tool/runTools.bat | 2 ++ 3 files changed, 11 insertions(+), 16 deletions(-) create mode 100644 package/win/tcg-rim-tool/runTools.bat diff --git a/package/win/tcg-rim-tool/README.md b/package/win/tcg-rim-tool/README.md index ec41c535..696d6704 100644 --- a/package/win/tcg-rim-tool/README.md +++ b/package/win/tcg-rim-tool/README.md @@ -2,21 +2,7 @@ This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml t To get the tools running on windows follow the instructions below: -1- Unzip the main folder ("ZIP_Files"), followed by unzipping both the tcg_eventlog_tool.zip and tcg_rim_tool.zip in the working directory. - -2- Open PowerShell as administrator and run > Set-ExecutionPolicy unrestricted -To verify run > Get-ExecutionPolicy and it should be set to "unrestricted" - -3- Right click on create_hirs_desktop_shortcut.ps1 and run with PowerShell, a PowerShell terminal will pop-up, if prompted type "R" to run the script. - -4- HIRS_tools.ps1 should appear on your desktop, right click on it and run with PowerShell . if prompted type "R" to run the script. - -5- The HIRS terminal should popup. - -6- (optional) To remove the warning messages when running the rim tool and the event log tool: -Open PowerShell as administrator, navigate to the working directory, and run the following: -> Unblock-File -Path .\rim.ps1 -> Unblock-File -Path .\eventLog.ps1 +1- Double click runTools.bat, a HIRS terminal should open. To run the rim tool try the following commands diff --git a/package/win/tcg-rim-tool/hirsshell.ps1 b/package/win/tcg-rim-tool/hirsshell.ps1 index 6b475e17..b87b45d7 100644 --- a/package/win/tcg-rim-tool/hirsshell.ps1 +++ b/package/win/tcg-rim-tool/hirsshell.ps1 @@ -1,4 +1,11 @@ -# Script to start a new shell with a rim alias +# Unzip tools in the working directory +if (Test-Path ".\tcg_rim_tool") { + Write-Output "tcg_rim_tool already unzipped" +} else { + Expand-Archive -Path .\tcg_rim_tool.zip -DestinationPath .\tcg_rim_tool + Expand-Archive -Path .\tcg_eventlog_tool.zip -DestinationPath .\tcg_eventlog_tool +} +# Script to start a new shell with a rim alias $StartInfo = new-object System.Diagnostics.ProcessStartInfo $StartInfo.FileName = "$pshome\powershell.exe" $StartInfo.Arguments = "-NoExit -Command diff --git a/package/win/tcg-rim-tool/runTools.bat b/package/win/tcg-rim-tool/runTools.bat new file mode 100644 index 00000000..5d283bca --- /dev/null +++ b/package/win/tcg-rim-tool/runTools.bat @@ -0,0 +1,2 @@ +@echo off +powershell -NoProfile -ExecutionPolicy Bypass -File "~dp0hirsshell.ps1" \ No newline at end of file From 0fc1b3893c70a9c83bc5c85b442324f56784156e Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 31 Jul 2024 10:35:50 -0400 Subject: [PATCH 29/37] fixed typo in runTools, removed extra file --- .../win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 | 7 ------- package/win/tcg-rim-tool/runTools.bat | 3 ++- 2 files changed, 2 insertions(+), 8 deletions(-) delete mode 100644 package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 diff --git a/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 b/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 deleted file mode 100644 index 748b2126..00000000 --- a/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 +++ /dev/null @@ -1,7 +0,0 @@ - -# Create a shortcut to start the RIM shell -$WshShell = New-Object -comObject WScript.Shell -$Shortcut = $WshShell.CreateShortcut("$Home\Desktop\HIRS_tools.lnk") -$Shortcut.TargetPath = "$PWD\hirsshell.ps1" -$Shortcut.WorkingDirectory = "$PWD" -$Shortcut.Save() diff --git a/package/win/tcg-rim-tool/runTools.bat b/package/win/tcg-rim-tool/runTools.bat index 5d283bca..55f9212a 100644 --- a/package/win/tcg-rim-tool/runTools.bat +++ b/package/win/tcg-rim-tool/runTools.bat @@ -1,2 +1,3 @@ @echo off -powershell -NoProfile -ExecutionPolicy Bypass -File "~dp0hirsshell.ps1" \ No newline at end of file +powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0hirsshell.ps1" +pause \ No newline at end of file From fb17c132bbfaf31927aef2980a0b74dd78c662dc Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 31 Jul 2024 14:34:25 -0400 Subject: [PATCH 30/37] updates to README.md --- package/win/tcg-rim-tool/README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/package/win/tcg-rim-tool/README.md b/package/win/tcg-rim-tool/README.md index 696d6704..349e21e4 100644 --- a/package/win/tcg-rim-tool/README.md +++ b/package/win/tcg-rim-tool/README.md @@ -1,8 +1,10 @@ This README is part of the ZIP_Files.zip generated from hirs_package_linux.yml the goal of this zip is to have the TCG RIM tool, and the TCG Eventlog tool available on windows. -To get the tools running on windows follow the instructions below: +To get the tools running on windows follow the instructions below: -1- Double click runTools.bat, a HIRS terminal should open. +1- Unzip "ZIP_Files" + +2- Double click runTools.bat, a HIRS terminal should open. To run the rim tool try the following commands From e8f69ba3af68a652d8295081224bba0d7649df18 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 31 Jul 2024 16:46:11 -0400 Subject: [PATCH 31/37] adding a hirstools folder to the ZIP_Files artifact --- .github/workflows/hirs_package_linux.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/hirs_package_linux.yml b/.github/workflows/hirs_package_linux.yml index 46ff50a1..b8f04b06 100644 --- a/.github/workflows/hirs_package_linux.yml +++ b/.github/workflows/hirs_package_linux.yml @@ -27,6 +27,7 @@ jobs: run: | mkdir -p artifacts/jars mkdir -p artifacts/win + mkdir -p artifacts/win/hirstools - name: install dependencies run: | sudo apt-get update @@ -46,7 +47,7 @@ jobs: cp HIRS_Structs/build/libs/*.jar artifacts/jars/. cp tools/tcg_rim_tool/build/distributions/*.zip artifacts/win cp tools/tcg_eventlog_tool/build/distributions/*.zip artifacts/win - cp package/win/tcg-rim-tool/* artifacts/win + cp package/win/tcg-rim-tool/* artifacts/win/hirstools - name: Archive RPM files uses: actions/upload-artifact@v4 with: From bf81c45c4c86c6309017daba87f29105e680e448 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Wed, 31 Jul 2024 17:21:42 -0400 Subject: [PATCH 32/37] Added a desktop shortcut and updated paths --- package/win/tcg-rim-tool/InstallTools.bat | 2 ++ package/win/tcg-rim-tool/README.md | 6 ++++-- .../tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 | 9 +++++++++ package/win/tcg-rim-tool/hirsshell.ps1 | 7 ------- package/win/tcg-rim-tool/runTools.bat | 3 +-- 5 files changed, 16 insertions(+), 11 deletions(-) create mode 100644 package/win/tcg-rim-tool/InstallTools.bat create mode 100644 package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 diff --git a/package/win/tcg-rim-tool/InstallTools.bat b/package/win/tcg-rim-tool/InstallTools.bat new file mode 100644 index 00000000..01800288 --- /dev/null +++ b/package/win/tcg-rim-tool/InstallTools.bat @@ -0,0 +1,2 @@ +@echo off +powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0\create_hirstools_desktop_shortcut.ps1" diff --git a/package/win/tcg-rim-tool/README.md b/package/win/tcg-rim-tool/README.md index 349e21e4..97047fcb 100644 --- a/package/win/tcg-rim-tool/README.md +++ b/package/win/tcg-rim-tool/README.md @@ -4,9 +4,11 @@ To get the tools running on windows follow the instructions below: 1- Unzip "ZIP_Files" -2- Double click runTools.bat, a HIRS terminal should open. +2- Run the install file under ```hirstools\IntsallTools.bat``` a HIRS_tools shortcut should appear on your desktop -To run the rim tool try the following commands +3- Double click HIRS_tools.lnk shortcut and HIRS terminal should open. + +To run the rim tool try the following commands: > rim -c base -a .\tcg_rim_tool\Base_Rim_Config.json -l .\tcg_rim_tool\TpmLog.bin -k .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.key -p .\tcg_rim_tool\PC_OEM1_rim_signer_rsa_3k_sha384.pem -o baseRim.swidtag diff --git a/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 b/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 new file mode 100644 index 00000000..e0275fd1 --- /dev/null +++ b/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 @@ -0,0 +1,9 @@ +# Unzip tools in the working directory +Expand-Archive -Path ..\tcg_rim_tool.zip -DestinationPath .\tcg_rim_tool +Expand-Archive -Path ..\tcg_eventlog_tool.zip -DestinationPath .\tcg_eventlog_tool +# Create a shortcut to start the RIM shell +$WshShell = New-Object -comObject WScript.Shell +$Shortcut = $WshShell.CreateShortcut("$Home\Desktop\HIRS_tools.lnk") +$Shortcut.TargetPath = "$PWD\RunTools.bat" +$Shortcut.WorkingDirectory = "$PWD" +$Shortcut.Save() diff --git a/package/win/tcg-rim-tool/hirsshell.ps1 b/package/win/tcg-rim-tool/hirsshell.ps1 index b87b45d7..3df0d501 100644 --- a/package/win/tcg-rim-tool/hirsshell.ps1 +++ b/package/win/tcg-rim-tool/hirsshell.ps1 @@ -1,10 +1,3 @@ -# Unzip tools in the working directory -if (Test-Path ".\tcg_rim_tool") { - Write-Output "tcg_rim_tool already unzipped" -} else { - Expand-Archive -Path .\tcg_rim_tool.zip -DestinationPath .\tcg_rim_tool - Expand-Archive -Path .\tcg_eventlog_tool.zip -DestinationPath .\tcg_eventlog_tool -} # Script to start a new shell with a rim alias $StartInfo = new-object System.Diagnostics.ProcessStartInfo $StartInfo.FileName = "$pshome\powershell.exe" diff --git a/package/win/tcg-rim-tool/runTools.bat b/package/win/tcg-rim-tool/runTools.bat index 55f9212a..bd574cef 100644 --- a/package/win/tcg-rim-tool/runTools.bat +++ b/package/win/tcg-rim-tool/runTools.bat @@ -1,3 +1,2 @@ @echo off -powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0hirsshell.ps1" -pause \ No newline at end of file +powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0\hirsshell.ps1" From 0c165641c019ab9fd68e629a11d5efd1ece72d56 Mon Sep 17 00:00:00 2001 From: SuperPotato27 Date: Thu, 1 Aug 2024 15:46:39 -0400 Subject: [PATCH 33/37] updates to readme and win package structure --- package/win/tcg-rim-tool/InstallTools.bat | 2 -- package/win/tcg-rim-tool/README.md | 6 ++++-- .../win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 | 4 +++- package/win/tcg-rim-tool/runTools.bat | 2 -- 4 files changed, 7 insertions(+), 7 deletions(-) delete mode 100644 package/win/tcg-rim-tool/InstallTools.bat delete mode 100644 package/win/tcg-rim-tool/runTools.bat diff --git a/package/win/tcg-rim-tool/InstallTools.bat b/package/win/tcg-rim-tool/InstallTools.bat deleted file mode 100644 index 01800288..00000000 --- a/package/win/tcg-rim-tool/InstallTools.bat +++ /dev/null @@ -1,2 +0,0 @@ -@echo off -powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0\create_hirstools_desktop_shortcut.ps1" diff --git a/package/win/tcg-rim-tool/README.md b/package/win/tcg-rim-tool/README.md index 97047fcb..e77b9858 100644 --- a/package/win/tcg-rim-tool/README.md +++ b/package/win/tcg-rim-tool/README.md @@ -4,9 +4,11 @@ To get the tools running on windows follow the instructions below: 1- Unzip "ZIP_Files" -2- Run the install file under ```hirstools\IntsallTools.bat``` a HIRS_tools shortcut should appear on your desktop +2- open powershell as administrator and navigate to the hirstools folder. -3- Double click HIRS_tools.lnk shortcut and HIRS terminal should open. +3- run the following command: ```powershell -ExecutionPolicy Bypass -File '.\create_hirstools_desktop_shortcut.ps1'``` + +4- double-click the HIRS_tools shortcut on your desktop. To run the rim tool try the following commands: diff --git a/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 b/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 index e0275fd1..17332995 100644 --- a/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 +++ b/package/win/tcg-rim-tool/create_hirstools_desktop_shortcut.ps1 @@ -4,6 +4,8 @@ Expand-Archive -Path ..\tcg_eventlog_tool.zip -DestinationPath .\tcg_eventlog_to # Create a shortcut to start the RIM shell $WshShell = New-Object -comObject WScript.Shell $Shortcut = $WshShell.CreateShortcut("$Home\Desktop\HIRS_tools.lnk") -$Shortcut.TargetPath = "$PWD\RunTools.bat" +$Shortcut.TargetPath = "powershell.exe" +$ScriptPath = "$PWD\hirsshell.ps1" +$Shortcut.Arguments = "-ExecutionPolicy Bypass -File `"$ScriptPath`"" $Shortcut.WorkingDirectory = "$PWD" $Shortcut.Save() diff --git a/package/win/tcg-rim-tool/runTools.bat b/package/win/tcg-rim-tool/runTools.bat deleted file mode 100644 index bd574cef..00000000 --- a/package/win/tcg-rim-tool/runTools.bat +++ /dev/null @@ -1,2 +0,0 @@ -@echo off -powershell -NoProfile -ExecutionPolicy Bypass -File "%~dp0\hirsshell.ps1" From f2575de977b63ce9a45068eb016e1dc06b48802e Mon Sep 17 00:00:00 2001 From: 5B96790E3664F40075A67E6ADF737EDB15B4408DBC91A81228B31537B0CE3E26 <33426478+iadgovuser29@users.noreply.github.com> Date: Wed, 11 Sep 2024 14:19:16 -0400 Subject: [PATCH 34/37] Provisioner will use .NET 8 (#838) * Updated .NET projects files to .NET 8 --- HIRS_Provisioner.NET/hirs/HIRS_Provisioner.NET.csproj | 6 +++--- HIRS_Provisioner.NET/hirsTest/hirsTest.csproj | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/HIRS_Provisioner.NET/hirs/HIRS_Provisioner.NET.csproj b/HIRS_Provisioner.NET/hirs/HIRS_Provisioner.NET.csproj index e55f98c8..6e5f5e9d 100644 --- a/HIRS_Provisioner.NET/hirs/HIRS_Provisioner.NET.csproj +++ b/HIRS_Provisioner.NET/hirs/HIRS_Provisioner.NET.csproj @@ -2,13 +2,13 @@ Exe - net6.0 + net8.0 linux-x64;win-x64 hirs.Program true enable enable - 3.0.0 + 3.0.1 @@ -35,7 +35,7 @@ - + all runtime; build; native; contentfiles; analyzers; buildtransitive diff --git a/HIRS_Provisioner.NET/hirsTest/hirsTest.csproj b/HIRS_Provisioner.NET/hirsTest/hirsTest.csproj index 120dfd60..bd12569c 100644 --- a/HIRS_Provisioner.NET/hirsTest/hirsTest.csproj +++ b/HIRS_Provisioner.NET/hirsTest/hirsTest.csproj @@ -1,7 +1,7 @@  - net6.0 + net8.0 false enable enable From 6e9e68c1e786702a2c95ef12394a2b13eb40290b Mon Sep 17 00:00:00 2001 From: 5B96790E3664F40075A67E6ADF737EDB15B4408DBC91A81228B31537B0CE3E26 <33426478+iadgovuser29@users.noreply.github.com> Date: Wed, 18 Sep 2024 13:16:38 -0400 Subject: [PATCH 35/37] dotnet_provisioner_unit_tests workflow will use newer actions (#840) * Update dotnet_provisioner_unit_tests to use upload-artifactv4 and checkoutv4 --- .github/workflows/dotnet_provisioner_unit_tests.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dotnet_provisioner_unit_tests.yml b/.github/workflows/dotnet_provisioner_unit_tests.yml index 0149f7a3..436bca1e 100644 --- a/.github/workflows/dotnet_provisioner_unit_tests.yml +++ b/.github/workflows/dotnet_provisioner_unit_tests.yml @@ -21,7 +21,7 @@ jobs: git config --global core.eol lf - name: Checkout repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: submodules: recursive @@ -82,14 +82,14 @@ jobs: more $logName - name: Upload Logs Ubuntu - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 if: contains(matrix.os, 'ubuntu') && always() with: name: "${{matrix.os}}-unit-tests-${{steps.ubuntu_result.outputs.result}}.log" path: HIRS_Provisioner.NET/*.log - name: Upload Logs Windows - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 if: contains(matrix.os, 'windows') && always() with: name: "${{matrix.os}}-unit-tests-${{steps.window_result.outputs.result}}.log" From a123acc743eea0e4f96e5014a535111cc8801f25 Mon Sep 17 00:00:00 2001 From: chubtub <43381989+chubtub@users.noreply.github.com> Date: Wed, 21 Aug 2024 11:58:39 -0400 Subject: [PATCH 36/37] Do not unarchive existing RIM bundle during provision, search for unarchived bundle with later creation date. Delete RIM files with /delete endpoint, do not archive. Revert changes to ReferenceManifestPageController. Revert changes to FirmwareScvValidator class --- .../provision/IdentityClaimProcessor.java | 40 +++++++++++++------ 1 file changed, 27 insertions(+), 13 deletions(-) diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java index 8d887c38..6761bf79 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java @@ -1,5 +1,6 @@ package hirs.attestationca.persist.provision; +import com.fasterxml.jackson.databind.ser.Serializers; import com.google.protobuf.ByteString; import hirs.attestationca.configuration.provisionerTpm2.ProvisionerTpm2; import hirs.attestationca.persist.entity.manager.CertificateRepository; @@ -375,11 +376,20 @@ public class IdentityClaimProcessor extends AbstractProcessor { support.getHexDecHash().length() - NUM_OF_VARIABLES))); support.setDeviceName(dv.getNw().getHostname()); this.referenceManifestRepository.save(support); - } else { - log.info("Client provided Support RIM already loaded in database."); + } else if (support.isArchived()) { + List rims = referenceManifestRepository.findByArchiveFlag(false); + for (ReferenceManifest rim : rims) { + if (rim.isSupport() && + rim.getTagId().equals(support.getTagId()) && + rim.getCreateTime().after(support.getCreateTime())) { + support.setDeviceName(null); + support = (SupportReferenceManifest) rim; + support.setDeviceName(dv.getNw().getHostname()); + } + } if (support.isArchived()) { - support.restore(); - support.resetCreateTime(); + throw new Exception("Unable to locate an unarchived support RIM."); + } else { this.referenceManifestRepository.save(support); } } @@ -408,21 +418,25 @@ public class IdentityClaimProcessor extends AbstractProcessor { swidFile.toByteArray()); dbBaseRim.setDeviceName(dv.getNw().getHostname()); this.referenceManifestRepository.save(dbBaseRim); - } else { - log.info("Client provided Base RIM already loaded in database."); - /** - * Leaving this as is for now, however can there be a condition - * in which the provisioner sends swidtags without support rims? - */ + } else if (dbBaseRim.isArchived()) { + List rims = referenceManifestRepository.findByArchiveFlag(false); + for (ReferenceManifest rim : rims) { + if (rim.isBase() && rim.getTagId().equals(dbBaseRim.getTagId()) && + rim.getCreateTime().after(dbBaseRim.getCreateTime())) { + dbBaseRim.setDeviceName(null); + dbBaseRim = (BaseReferenceManifest) rim; + dbBaseRim.setDeviceName(dv.getNw().getHostname()); + } + } if (dbBaseRim.isArchived()) { - dbBaseRim.restore(); - dbBaseRim.resetCreateTime(); - this.referenceManifestRepository.save(dbBaseRim); + throw new Exception("Unable to locate an unarchived base RIM."); } } tagId = dbBaseRim.getTagId(); } catch (UnmarshalException e) { log.error(e); + } catch (Exception ex) { + log.error(String.format("Failed to load base rim: %s", ex.getMessage())); } } } else { From c37dd127d35b83e941a38cf658e5d0f5cacf0063 Mon Sep 17 00:00:00 2001 From: chubtub <43381989+chubtub@users.noreply.github.com> Date: Thu, 12 Sep 2024 13:04:00 -0400 Subject: [PATCH 37/37] Detect replacement RIM bundle and process accordingly during FW provisioning Handle replacement base and support RIMs in their respective logic blocks --- .../provision/IdentityClaimProcessor.java | 156 ++++++++++++------ .../ReferenceManifestPageController.java | 4 +- 2 files changed, 104 insertions(+), 56 deletions(-) diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java index 6761bf79..2b95045a 100644 --- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java +++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/provision/IdentityClaimProcessor.java @@ -62,6 +62,8 @@ import java.util.HashMap; import java.util.LinkedList; import java.util.List; import java.util.Map; +import java.util.Optional; +import java.util.UUID; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -347,14 +349,79 @@ public class IdentityClaimProcessor extends AbstractProcessor { dv.getHw().getManufacturer(), dv.getHw().getProductName()); BaseReferenceManifest dbBaseRim = null; - SupportReferenceManifest support; + SupportReferenceManifest support = null; EventLogMeasurements measurements; + boolean isReplacement = false; + String replacementRimId = ""; String tagId = ""; String fileName = ""; Pattern pattern = Pattern.compile("([^\\s]+(\\.(?i)(rimpcr|rimel|bin|log))$)"); Matcher matcher; MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); + if (dv.getSwidfileCount() > 0) { + for (ByteString swidFile : dv.getSwidfileList()) { + try { + dbBaseRim = (BaseReferenceManifest) referenceManifestRepository + .findByBase64Hash(Base64.getEncoder() + .encodeToString(messageDigest + .digest(swidFile.toByteArray()))); + if (dbBaseRim == null) { + /* + Either the swidFile does not have a corresponding base RIM in the backend + or it was deleted. Check if there is a replacement by comparing tagId against + all other base RIMs, and then set the corresponding support rim's deviceName. + */ + dbBaseRim = new BaseReferenceManifest( + String.format("%s.swidtag", + defaultClientName), + swidFile.toByteArray()); + List baseRims = referenceManifestRepository.findAllBaseRims(); + for (BaseReferenceManifest bRim : baseRims) { + if (bRim.getTagId().equals(dbBaseRim.getTagId())) { + dbBaseRim = bRim; + replacementRimId = dbBaseRim.getAssociatedRim().toString(); + isReplacement = true; + break; + } + } + dbBaseRim.setDeviceName(dv.getNw().getHostname()); + this.referenceManifestRepository.save(dbBaseRim); + } else if (dbBaseRim.isArchived()) { + /* + This block accounts for RIMs that may have been soft-deleted (archived) + in an older version of the ACA. + */ + List rims = referenceManifestRepository.findByArchiveFlag(false); + for (ReferenceManifest rim : rims) { + if (rim.isBase() && rim.getTagId().equals(dbBaseRim.getTagId()) && + rim.getCreateTime().after(dbBaseRim.getCreateTime())) { + dbBaseRim.setDeviceName(null); + dbBaseRim = (BaseReferenceManifest) rim; + dbBaseRim.setDeviceName(dv.getNw().getHostname()); + } + } + if (dbBaseRim.isArchived()) { + throw new Exception("Unable to locate an unarchived base RIM."); + } else { + this.referenceManifestRepository.save(dbBaseRim); + } + } else { + dbBaseRim.setDeviceName(dv.getNw().getHostname()); + this.referenceManifestRepository.save(dbBaseRim); + } + tagId = dbBaseRim.getTagId(); + } catch (UnmarshalException e) { + log.error(e); + } catch (Exception ex) { + log.error(String.format("Failed to load base rim: %s", ex.getMessage())); + } + } + } else { + log.warn(String.format("%s did not send swid tag file...", + dv.getNw().getHostname())); + } + if (dv.getLogfileCount() > 0) { for (ByteString logFile : dv.getLogfileList()) { try { @@ -362,21 +429,41 @@ public class IdentityClaimProcessor extends AbstractProcessor { Hex.encodeHexString(messageDigest.digest(logFile.toByteArray())), ReferenceManifest.SUPPORT_RIM); if (support == null) { - support = new SupportReferenceManifest( - String.format("%s.rimel", - defaultClientName), - logFile.toByteArray()); - // this is a validity check - new TCGEventLog(support.getRimBytes()); - // no issues, continue - support.setPlatformManufacturer(dv.getHw().getManufacturer()); - support.setPlatformModel(dv.getHw().getProductName()); - support.setFileName(String.format("%s_[%s].rimel", defaultClientName, - support.getHexDecHash().substring( - support.getHexDecHash().length() - NUM_OF_VARIABLES))); + /* + Either the logFile does not have a corresponding support RIM in the backend + or it was deleted. The support RIM for a replacement base RIM is handled + in the previous loop block. + */ + if (isReplacement) { + Optional replacementRim = + referenceManifestRepository.findById(UUID.fromString(replacementRimId)); + if (replacementRim.isPresent()) { + support = (SupportReferenceManifest) replacementRim.get(); + support.setDeviceName(dv.getNw().getHostname()); + } else { + throw new Exception("Unable to locate support RIM " + replacementRimId); + } + } else { + support = new SupportReferenceManifest( + String.format("%s.rimel", + defaultClientName), + logFile.toByteArray()); + // this is a validity check + new TCGEventLog(support.getRimBytes()); + // no issues, continue + support.setPlatformManufacturer(dv.getHw().getManufacturer()); + support.setPlatformModel(dv.getHw().getProductName()); + support.setFileName(String.format("%s_[%s].rimel", defaultClientName, + support.getHexDecHash().substring( + support.getHexDecHash().length() - NUM_OF_VARIABLES))); + } support.setDeviceName(dv.getNw().getHostname()); this.referenceManifestRepository.save(support); } else if (support.isArchived()) { + /* + This block accounts for RIMs that may have been soft-deleted (archived) + in an older version of the ACA. + */ List rims = referenceManifestRepository.findByArchiveFlag(false); for (ReferenceManifest rim : rims) { if (rim.isSupport() && @@ -392,6 +479,9 @@ public class IdentityClaimProcessor extends AbstractProcessor { } else { this.referenceManifestRepository.save(support); } + } else { + support.setDeviceName(dv.getNw().getHostname()); + this.referenceManifestRepository.save(support); } } catch (IOException ioEx) { log.error(ioEx); @@ -404,46 +494,6 @@ public class IdentityClaimProcessor extends AbstractProcessor { dv.getNw().getHostname())); } - if (dv.getSwidfileCount() > 0) { - for (ByteString swidFile : dv.getSwidfileList()) { - try { - dbBaseRim = (BaseReferenceManifest) referenceManifestRepository - .findByBase64Hash(Base64.getEncoder() - .encodeToString(messageDigest - .digest(swidFile.toByteArray()))); - if (dbBaseRim == null) { - dbBaseRim = new BaseReferenceManifest( - String.format("%s.swidtag", - defaultClientName), - swidFile.toByteArray()); - dbBaseRim.setDeviceName(dv.getNw().getHostname()); - this.referenceManifestRepository.save(dbBaseRim); - } else if (dbBaseRim.isArchived()) { - List rims = referenceManifestRepository.findByArchiveFlag(false); - for (ReferenceManifest rim : rims) { - if (rim.isBase() && rim.getTagId().equals(dbBaseRim.getTagId()) && - rim.getCreateTime().after(dbBaseRim.getCreateTime())) { - dbBaseRim.setDeviceName(null); - dbBaseRim = (BaseReferenceManifest) rim; - dbBaseRim.setDeviceName(dv.getNw().getHostname()); - } - } - if (dbBaseRim.isArchived()) { - throw new Exception("Unable to locate an unarchived base RIM."); - } - } - tagId = dbBaseRim.getTagId(); - } catch (UnmarshalException e) { - log.error(e); - } catch (Exception ex) { - log.error(String.format("Failed to load base rim: %s", ex.getMessage())); - } - } - } else { - log.warn(String.format("%s did not send swid tag file...", - dv.getNw().getHostname())); - } - //update Support RIMs and Base RIMs. for (ByteString swidFile : dv.getSwidfileList()) { dbBaseRim = (BaseReferenceManifest) referenceManifestRepository diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java index f05e2b27..9722ab2d 100644 --- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java +++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ReferenceManifestPageController.java @@ -239,9 +239,7 @@ public class ReferenceManifestPageController extends PageController