ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-02-20 09:46:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

issue_872: I believe I was able to lombok all the files that had the default setters and getters.
Some checks are pending
Dotnet Provisioner Unit Tests / Restore and Run Unit Tests (ubuntu-20.04) (push) Waiting to run
Details
Dotnet Provisioner Unit Tests / Restore and Run Unit Tests (windows-2022) (push) Waiting to run
Details
Dotnet Provisioner Unit Tests / Evaluate Tests (push) Blocked by required conditions
Details
HIRS Build and Unit Test / ACA_Provisioner_Unit_Tests (push) Waiting to run
Details
HIRS System Tests / DockerTests (push) Waiting to run
Details

Browse Source
This commit is contained in:
TheSilentCoder 2025-01-13 18:28:55 -05:00
parent 11691e5b29
commit 1bc9affcf1
18 changed files with 340 additions and 583 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
HIRS_AttestationCA/src/main/java/hirs/attestationca/persist/entity/userdefined/info/TPMInfo.java
View File

@ -49,6 +49,10 @@ public class TPMInfo implements Serializable {
@Column(nullable = true)
private short tpmVersionRevMinor;
/**
* identity certificate for the device.
*/
@Getter
@XmlElement
@XmlJavaTypeAdapter(X509CertificateAdapter.class)
@Lob
@ -178,15 +182,6 @@ public class TPMInfo implements Serializable {
identityCertificate = null;
}
/**
* Used to retrieve the identity certificate for the device.
*
* @return a byte array holding the certificate information
*/
public X509Certificate getIdentityCertificate() {
return identityCertificate;
}
private void setIdentityCertificate(
final X509Certificate identityCertificate) {
if (identityCertificate == null) {

45
HIRS_Structs/src/main/java/hirs/structs/elements/aca/IdentityRequestEnvelope.java
View File

@ -3,6 +3,7 @@ package hirs.structs.elements.aca;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
import java.util.Arrays;
@ -16,33 +17,42 @@ import java.util.Arrays;
"deviceInfoReportLength", "deviceInfoReport"})
public class IdentityRequestEnvelope implements Struct {
/**
* the length of the identity request blob.
*/
@Getter
@StructElementLength(fieldName = "request")
private int requestLength;
private byte[] request;
/**
* the length of the endorsementCredentialModulus blob.
*/
@Getter
@StructElementLength(fieldName = "endorsementCredentialModulus")
private int endorsementCredentialModulusLength;
private byte[] endorsementCredentialModulus;
/**
* the length of the endorsementCredential blob.
*/
@Getter
@StructElementLength(fieldName = "endorsementCredential")
private int endorsementCredentialLength;
private byte[] endorsementCredential;
/**
* the length of the device info report.
*/
@Getter
@StructElementLength(fieldName = "deviceInfoReport")
private int deviceInfoReportLength;
private byte[] deviceInfoReport;
/**
* @return the length of the identity request blob.
*/
public int getRequestLength() {
return requestLength;
}
/**
* @return the identity request.
*/
@ -50,13 +60,6 @@ public class IdentityRequestEnvelope implements Struct {
return Arrays.copyOf(request, request.length);
}
/**
* @return the length of the endorsementCredentialModulus blob
*/
public int getEndorsementCredentialModulusLength() {
return endorsementCredentialModulusLength;
}
/**
* @return the endorsementCredentialModulus blob.
*/
@ -64,13 +67,6 @@ public class IdentityRequestEnvelope implements Struct {
return Arrays.copyOf(endorsementCredentialModulus, endorsementCredentialModulus.length);
}
/**
* @return the length of the endorsementCredential blob
*/
public int getEndorsementCredentialLength() {
return endorsementCredentialLength;
}
/**
* @return the endorsementCredential
*/
@ -78,13 +74,6 @@ public class IdentityRequestEnvelope implements Struct {
return Arrays.copyOf(endorsementCredential, endorsementCredential.length);
}
/**
* @return the length of the device info report
*/
public int getDeviceInfoReportLength() {
return deviceInfoReportLength;
}
/**
* @return the device info report
*/

26
HIRS_Structs/src/main/java/hirs/structs/elements/aca/IdentityResponseEnvelope.java
View File

@ -3,6 +3,7 @@ package hirs.structs.elements.aca;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
import java.util.Arrays;
@ -13,11 +14,19 @@ import java.util.Arrays;
"symmetricAttestation"})
public class IdentityResponseEnvelope implements Struct {
/**
* the asymmetric contents block size
*/
@Getter
@StructElementLength(fieldName = "asymmetricContents")
private int asymmetricContentsSize;
private byte[] asymmetricContents;
/**
* the symmetric attestation.
*/
@Getter
private SymmetricAttestation symmetricAttestation;
/**
@ -29,21 +38,4 @@ public class IdentityResponseEnvelope implements Struct {
return Arrays.copyOf(asymmetricContents, asymmetricContents.length);
}
/**
* Gets the asymmetric contents block size.
*
* @return the asymmetric contents block size
*/
public int getAsymmetricContentsSize() {
return asymmetricContentsSize;
}
/**
* Gets the symmetric attestation.
*
* @return the symmetric attestation.
*/
public SymmetricAttestation getSymmetricAttestation() {
return symmetricAttestation;
}
}

27
HIRS_Structs/src/main/java/hirs/structs/elements/aca/SymmetricAttestation.java
View File

@ -4,6 +4,7 @@ import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import hirs.structs.elements.tpm.SymmetricKeyParams;
import lombok.Getter;
import java.util.Arrays;
@ -15,31 +16,21 @@ import java.util.Arrays;
@StructElements(elements = {"credentialSize", "algorithm", "credential"})
public class SymmetricAttestation implements Struct {
/**
* the size of the credential block.
*/
@Getter
@StructElementLength(fieldName = "credential")
private int credentialSize;
/**
* the algorithm and other meta data regarding the key.
*/
@Getter
private SymmetricKeyParams algorithm;
private byte[] credential;
/**
* Gets the credential block size.
*
* @return the size of the credential block
*/
public int getCredentialSize() {
return credentialSize;
}
/**
* Gets the key parameters for the credential.
*
* @return the algorithm and other meta data regarding the key
*/
public SymmetricKeyParams getAlgorithm() {
return algorithm;
}
/**
* Gets the credential block.
*

51
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/AsymmetricKeyParams.java
View File

@ -3,58 +3,41 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
/**
* As defined in TCPA 4.20, the key parameters data structure describes the parameters used to
* generate a key pair and to store the parts of a key.
*/
@Getter
@StructElements(elements = {"algorithmId", "encryptionScheme", "signatureScheme", "paramsSize",
"params"})
public class AsymmetricKeyParams implements Struct {
/**
* the key algorithm.
*/
private int algorithmId;
/**
* the encryption scheme that the key uses.
*/
private short encryptionScheme;
/**
* the signature scheme that the key uses to perform digital signatures.
*/
private short signatureScheme;
/**
* the size of the params field.
*/
@StructElementLength(fieldName = "params")
private int paramsSize;
/**
* parameter information dependant upon the key algorithm.
*/
private RsaSubParams params;
/**
* @return the key algorithm
*/
public int getAlgorithmId() {
return algorithmId;
}
/**
* @return the size of the params field
*/
public int getParamsSize() {
return paramsSize;
}
/**
* @return the encryption scheme that the key uses
*/
public short getEncryptionScheme() {
return encryptionScheme;
}
/**
* @return the signature scheme that the key uses to perform digital signatures
*/
public short getSignatureScheme() {
return signatureScheme;
}
/**
* @return parameter information dependant upon the key algorithm.
*/
public RsaSubParams getParams() {
return params;
}
}

30
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/AsymmetricPublicKey.java
View File

@ -2,12 +2,16 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElements;
import lombok.Getter;
import lombok.NoArgsConstructor;
/**
* As specified in TCPA Main Specification section 4.27.3. This structure contains the public
* portion of an asymmetric key pair. It contains all the information necessary for it's unambiguous
* usage.
*/
@Getter
@NoArgsConstructor
@StructElements(elements = {"asymmetricKeyParams", "storePubKey"})
public class AsymmetricPublicKey implements Struct {
@ -36,28 +40,14 @@ public class AsymmetricPublicKey implements Struct {
*/
public static final short DEFAULT_RSA_SIGNATURE_SCHEME = 0x1;
/**
* information regarding this key
*/
private AsymmetricKeyParams asymmetricKeyParams;
/**
* the public as described by the key parameters.
*/
private StorePubKey storePubKey;
/**
* Default constructor. This is required for the {@link
* hirs.structs.converters.StructConverter}.
*/
public AsymmetricPublicKey() {
}
/**
* @return information regarding this key
*/
public AsymmetricKeyParams getAsymmetricKeyParams() {
return asymmetricKeyParams;
}
/**
* @return the public as described by the key parameters.
*/
public StorePubKey getStorePubKey() {
return storePubKey;
}
}

78
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/IdentityProof.java
View File

@ -3,6 +3,7 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
import java.util.Arrays;
@ -16,23 +17,51 @@ import java.util.Arrays;
"endorsementCredential", "platformCredential", "conformanceCredential"})
public class IdentityProof implements Struct {
/**
* version of the TPM that created this data structure.
*/
@Getter
private Version version;
/**
* the size of the label area.
*/
@Getter
@StructElementLength(fieldName = "label")
private int labelSize;
/**
* the size of the identity binding area.
*/
@Getter
@StructElementLength(fieldName = "identityBinding")
private int identityBindingSize;
/**
* the size of the endorsement credential.
*/
@Getter
@StructElementLength(fieldName = "endorsementCredential")
private int endorsementSize;
/**
* the size of the endorsement credential.
*/
@Getter
@StructElementLength(fieldName = "platformCredential")
private int platformSize;
/**
* the size of the conformance credential.
*/
@Getter
@StructElementLength(fieldName = "conformanceCredential")
private int conformanceSize;
/**
* public key of the new identity.
*/
@Getter
private AsymmetricPublicKey identityKey;
private byte[] label;
@ -45,55 +74,6 @@ public class IdentityProof implements Struct {
private byte[] conformanceCredential;
/**
* @return version of the TPM that created this data structure
*/
public Version getVersion() {
return version;
}
/**
* @return the size of the label area
*/
public int getLabelSize() {
return labelSize;
}
/**
* @return the size of the identity binding area
*/
public int getIdentityBindingSize() {
return identityBindingSize;
}
/**
* @return the size of the endorsement credential
*/
public int getEndorsementSize() {
return endorsementSize;
}
/**
* @return the size of the endorsement credential
*/
public int getPlatformSize() {
return platformSize;
}
/**
* @return the size of the conformance credential
*/
public int getConformanceSize() {
return conformanceSize;
}
/**
* @return public key of the new identity
*/
public AsymmetricPublicKey getIdentityKey() {
return identityKey;
}
/**
* @return label of the identity
*/

58
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/IdentityRequest.java
View File

@ -3,6 +3,8 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
import lombok.Setter;
import java.util.Arrays;
@ -14,48 +16,40 @@ import java.util.Arrays;
"symmetricAlgorithm", "asymmetricBlob", "symmetricBlob"})
public class IdentityRequest implements Struct {
/**
* the size of the asymmetric encrypted area.
*/
@Getter
@StructElementLength(fieldName = "asymmetricBlob")
private int asymmetricBlobSize;
/**
* the size of the symmetric encrypted area.
*/
@Getter
@StructElementLength(fieldName = "symmetricBlob")
private int symmetricBlobSize;
/**
* the parameters for the asymmetric algorithm used to create the asymmetricBlob.
*/
@Getter
private AsymmetricKeyParams asymmetricAlgorithm;
/**
* the parameters for the symmetric algorithm used to create the asymmetricBlob.
*/
@Getter
private SymmetricKeyParams symmetricAlgorithm;
private byte[] asymmetricBlob;
/**
* the value of the encrypted symmetric blob.
*/
@Setter
private byte[] symmetricBlob;
/**
* @return the size of the asymmetric encrypted area
*/
public int getAsymmetricBlobSize() {
return asymmetricBlobSize;
}
/**
* @return the size of the symmetric encrypted area
*/
public int getSymmetricBlobSize() {
return symmetricBlobSize;
}
/**
* @return the parameters for the asymmetric algorithm used to create the asymmetricBlob
*/
public AsymmetricKeyParams getAsymmetricAlgorithm() {
return asymmetricAlgorithm;
}
/**
* @return the parameters for the symmetric algorithm used to create the asymmetricBlob
*/
public SymmetricKeyParams getSymmetricAlgorithm() {
return symmetricAlgorithm;
}
/**
* @return encrypted asymmetric area
*/
@ -70,12 +64,4 @@ public class IdentityRequest implements Struct {
return Arrays.copyOf(symmetricBlob, symmetricBlob.length);
}
/**
* Sets the value of the encrypted symmetric blob.
*
* @param symmetricBlob new value
*/
public void setSymmetricBlob(final byte[] symmetricBlob) {
this.symmetricBlob = symmetricBlob;
}
}

21
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/PublicKey.java
View File

@ -2,30 +2,25 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElements;
import lombok.Getter;
/**
* As specified in TCPA Main Specification section 4.27.3. This structure contains the public
* portion of an asymmetric key pair. It contains all the information necessary for it's unambiguous
* usage.
*/
@Getter
@StructElements(elements = {"asymmetricKeyParams", "storePubKey"})
public class PublicKey implements Struct {
/**
* information regarding this key
*/
private AsymmetricKeyParams asymmetricKeyParams;
/**
* the public as described by the key parameters.
*/
private StorePubKey storePubKey;
/**
* @return information regarding this key
*/
public AsymmetricKeyParams getAsymmetricKeyParams() {
return asymmetricKeyParams;
}
/**
* @return the public as described by the key parameters.
*/
public StorePubKey getStorePubKey() {
return storePubKey;
}
}

35
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/RsaSubParams.java
View File

@ -3,6 +3,7 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
import java.util.Arrays;
@ -13,30 +14,28 @@ import java.util.Arrays;
@StructElements(elements = {"keyLength", "totalPrimes", "exponentSize", "exponent"})
public class RsaSubParams implements Struct {
/**
* the length of the key.
*/
@Getter
private int keyLength;
/**
* the total number of prime numbers in the key. Typically this is associated with the
* block size.
*/
@Getter
private int totalPrimes;
/**
* the size of the exponent block.
*/
@Getter
@StructElementLength(fieldName = "exponent")
private int exponentSize;
private byte[] exponent;
/**
* @return the length of the key
*/
public int getKeyLength() {
return keyLength;
}
/**
* @return the total number of prime numbers in the key. Typically this is associated with the
* block size.
*/
public int getTotalPrimes() {
return totalPrimes;
}
/**
* @return the public exponent of the key
*/
@ -44,10 +43,4 @@ public class RsaSubParams implements Struct {
return Arrays.copyOf(exponent, exponent.length);
}
/**
* @return the size of the exponent block.
*/
public int getExponentSize() {
return exponentSize;
}
}

11
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/StorePubKey.java
View File

@ -3,6 +3,7 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
import java.util.Arrays;
@ -12,19 +13,13 @@ import java.util.Arrays;
*/
@StructElements(elements = {"keyLength", "key"})
public class StorePubKey implements Struct {
@Getter
@StructElementLength(fieldName = "key")
private int keyLength;
private byte[] key;
/**
* @return length of the key field
*/
public int getKeyLength() {
return keyLength;
}
/**
* @return contains the public key information which varies depending on the key algorithm. In
* example, if an RSA key, this field will represent the RSA public modulus.

34
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/SymmetricKey.java
View File

@ -3,6 +3,7 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
import java.util.Arrays;
@ -23,36 +24,27 @@ public class SymmetricKey implements Struct {
*/
public static final short SCHEME_CBC = 255;
/**
* of the symmetric key
*/
@Getter
private int algorithmId;
/**
* the encryption scheme of the symmetric key.
*/
@Getter
private short encryptionScheme;
/**
* the size the underlying symmetric key block.
*/
@Getter
@StructElementLength(fieldName = "key")
private short keySize;
private byte[] key;
/**
* @return of the symmetric key
*/
public int getAlgorithmId() {
return algorithmId;
}
/**
* @return the encryption scheme of the symmetric key
*/
public short getEncryptionScheme() {
return encryptionScheme;
}
/**
* @return the size the underlying symmetric key block.
*/
public short getKeySize() {
return keySize;
}
/**
* @return the underlying key block.
*/

51
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/SymmetricKeyParams.java
View File

@ -3,10 +3,12 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
/**
* Represents a symmetric key as specified in section 4.20 of the TCPA.
*/
@Getter
@StructElements(elements = {"algorithmId", "encryptionScheme", "signatureScheme", "paramsSize",
"params"})
public class SymmetricKeyParams implements Struct {
@ -21,49 +23,30 @@ public class SymmetricKeyParams implements Struct {
*/
public static final short SCHEME_CBC_PKCS5PADDING = 0x1;
/**
* the algorithm used.
*/
private int algorithmId;
/**
* the encryption scheme used.
*/
private short encryptionScheme;
/**
* the algorithm used.
*/
private short signatureScheme;
/**
* the size of the sub parameters block.
*/
@StructElementLength(fieldName = "params")
private int paramsSize;
/**
* the sub parameters block.
*/
private SymmetricSubParams params;
/**
* @return the algorithm used.
*/
public int getAlgorithmId() {
return algorithmId;
}
/**
* @return the encryption scheme used.
*/
public short getEncryptionScheme() {
return encryptionScheme;
}
/**
* @return the algorithm used.
*/
public short getSignatureScheme() {
return signatureScheme;
}
/**
* @return the size of the sub parameters block.
*/
public int getParamsSize() {
return paramsSize;
}
/**
* @return the sub parameters block.
*/
public SymmetricSubParams getParams() {
return params;
}
}

34
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/SymmetricSubParams.java
View File

@ -3,6 +3,7 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElementLength;
import hirs.structs.elements.StructElements;
import lombok.Getter;
import java.util.Arrays;
@ -13,36 +14,27 @@ import java.util.Arrays;
@StructElements(elements = {"keyLength", "blockSize", "ivSize", "iv"})
public class SymmetricSubParams implements Struct {
/**
* the key length.
*/
@Getter
private int keyLength;
/**
* the block size.
*/
@Getter
private int blockSize;
/**
* the IV size.
*/
@Getter
@StructElementLength(fieldName = "iv")
private int ivSize;
private byte[] iv;
/**
* @return the key length.
*/
public int getKeyLength() {
return keyLength;
}
/**
* @return the block size.
*/
public int getBlockSize() {
return blockSize;
}
/**
* @return the IV size.
*/
public int getIvSize() {
return ivSize;
}
/**
* @return the IV.
*/

41
HIRS_Structs/src/main/java/hirs/structs/elements/tpm/Version.java
View File

@ -2,47 +2,34 @@ package hirs.structs.elements.tpm;
import hirs.structs.elements.Struct;
import hirs.structs.elements.StructElements;
import lombok.Getter;
/**
* As specified in the TCPA Main Specification section 4.5. This structure represents the version of
* the TPM.
*/
@Getter
@StructElements(elements = {"major", "minor", "revisionMajor", "revisionMinor"})
public class Version implements Struct {
/**
* the major version indicator. For version 1 this MUST be 0x01.
*/
private byte major;
/**
* the minor version indicator. For version 1 this MUST be 0x01.
*/
private byte minor;
/**
* the value of the TCPA_PERSISTENT_DATA -> revMajor.
*/
private byte revisionMajor;
/**
* the value of the TCPA_PERSISTENT_DATA -> revMinor.
*/
private byte revisionMinor;
/**
* @return the major version indicator. For version 1 this MUST be 0x01
*/
public byte getMajor() {
return major;
}
/**
* @return the minor version indicator. For version 1 this MUST be 0x01
*/
public byte getMinor() {
return minor;
}
/**
* @return the value of the TCPA_PERSISTENT_DATA -> revMajor
*/
public byte getRevisionMajor() {
return revisionMajor;
}
/**
* @return the value of the TCPA_PERSISTENT_DATA -> revMinor
*/
public byte getRevisionMinor() {
return revisionMinor;
}
}

170
HIRS_Utils/src/main/java/hirs/utils/xjc/SoftwareIdentity.java
View File

@ -19,6 +19,8 @@ import jakarta.xml.bind.annotation.XmlSchemaType;
import jakarta.xml.bind.annotation.XmlType;
import jakarta.xml.bind.annotation.adapters.CollapsedStringAdapter;
import jakarta.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
import lombok.Getter;
import lombok.Setter;
import org.w3c.dom.Element;
import java.math.BigInteger;
@ -74,22 +76,70 @@ public class SoftwareIdentity
})
@XmlAnyElement(lax = true)
protected List<Object> entityOrEvidenceOrLink;
/**
* corpus property.
*/
@Setter
@XmlAttribute(name = "corpus")
protected Boolean corpus;
/**
* patch property.
*/
@Setter
@XmlAttribute(name = "patch")
protected Boolean patch;
/**
* media property.
*/
@Setter
@Getter
@XmlAttribute(name = "media")
protected String media;
/**
* name property.
*/
@Setter
@Getter
@XmlAttribute(name = "name", required = true)
protected String name;
/**
* supplemental property.
*/
@Setter
@XmlAttribute(name = "supplemental")
protected Boolean supplemental;
/**
* tagId property.
*/
@Setter
@Getter
@XmlAttribute(name = "tagId", required = true)
protected String tagId;
/**
* tagVersion property.
*/
@Setter
@XmlAttribute(name = "tagVersion")
protected BigInteger tagVersion;
/**
* version property.
*/
@Setter
@XmlAttribute(name = "version")
protected String version;
/**
* versionScheme property.
*/
@Setter
@XmlAttribute(name = "versionScheme")
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@XmlSchemaType(name = "NMTOKEN")
@ -142,16 +192,6 @@ public class SoftwareIdentity
}
}
/**
* Sets the value of the corpus property.
*
* @param value allowed object is
* {@link Boolean }
*/
public void setCorpus(Boolean value) {
this.corpus = value;
}
/**
* Gets the value of the patch property.
*
@ -166,56 +206,6 @@ public class SoftwareIdentity
}
}
/**
* Sets the value of the patch property.
*
* @param value allowed object is
* {@link Boolean }
*/
public void setPatch(Boolean value) {
this.patch = value;
}
/**
* Gets the value of the media property.
*
* @return possible object is
* {@link String }
*/
public String getMedia() {
return media;
}
/**
* Sets the value of the media property.
*
* @param value allowed object is
* {@link String }
*/
public void setMedia(String value) {
this.media = value;
}
/**
* Gets the value of the name property.
*
* @return possible object is
* {@link String }
*/
public String getName() {
return name;
}
/**
* Sets the value of the name property.
*
* @param value allowed object is
* {@link String }
*/
public void setName(String value) {
this.name = value;
}
/**
* Gets the value of the supplemental property.
*
@ -230,36 +220,6 @@ public class SoftwareIdentity
}
}
/**
* Sets the value of the supplemental property.
*
* @param value allowed object is
* {@link Boolean }
*/
public void setSupplemental(Boolean value) {
this.supplemental = value;
}
/**
* Gets the value of the tagId property.
*
* @return possible object is
* {@link String }
*/
public String getTagId() {
return tagId;
}
/**
* Sets the value of the tagId property.
*
* @param value allowed object is
* {@link String }
*/
public void setTagId(String value) {
this.tagId = value;
}
/**
* Gets the value of the tagVersion property.
*
@ -274,16 +234,6 @@ public class SoftwareIdentity
}
}
/**
* Sets the value of the tagVersion property.
*
* @param value allowed object is
* {@link BigInteger }
*/
public void setTagVersion(BigInteger value) {
this.tagVersion = value;
}
/**
* Gets the value of the version property.
*
@ -298,16 +248,6 @@ public class SoftwareIdentity
}
}
/**
* Sets the value of the version property.
*
* @param value allowed object is
* {@link String }
*/
public void setVersion(String value) {
this.version = value;
}
/**
* Gets the value of the versionScheme property.
*
@ -322,14 +262,4 @@ public class SoftwareIdentity
}
}
/**
* Sets the value of the versionScheme property.
*
* @param value allowed object is
* {@link String }
*/
public void setVersionScheme(String value) {
this.versionScheme = value;
}
}

68
tools/tcg_rim_tool/src/main/java/hirs/swid/CredentialParser.java
View File

@ -1,5 +1,7 @@
package hirs.swid;
import lombok.Getter;
import lombok.Setter;
import org.bouncycastle.asn1.x509.AccessDescription;
import org.bouncycastle.asn1.x509.AuthorityInformationAccess;
import org.bouncycastle.asn1.x509.Extension;
@ -12,8 +14,24 @@ import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.util.encoders.Base64;
import org.bouncycastle.util.encoders.DecoderException;
import java.io.*;
import java.security.*;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
@ -24,6 +42,7 @@ import java.util.List;
/**
* This class parses private key, public key, and certificate for use in their respective java.security objects.
*/
@Getter
public class CredentialParser {
private static final String X509 = "X.509";
private static final String JKS = "JKS";
@ -34,26 +53,14 @@ public class CredentialParser {
private static final String PKCS8_FOOTER = "-----END PRIVATE KEY-----";
private static final String CERTIFICATE_HEADER = "-----BEGIN CERTIFICATE-----";
private static final String CERTIFICATE_FOOTER = "-----END CERTIFICATE-----";
@Setter
private X509Certificate certificate;
private PrivateKey privateKey;
private PublicKey publicKey;
public X509Certificate getCertificate() {
return certificate;
}
public void setCertificate(X509Certificate certificate) {
this.certificate = certificate;
}
public PrivateKey getPrivateKey() {
return privateKey;
}
public PublicKey getPublicKey() {
return publicKey;
}
public void parseJKSCredentials(String jksKeystore) {
KeyStore.PrivateKeyEntry privateKeyEntry =
parseKeystorePrivateKey(jksKeystore,
@ -78,6 +85,7 @@ public class CredentialParser {
* This method extracts certificate bytes from a string. The bytes are assumed to be
* PEM format, and a header and footer are concatenated with the input string to
* facilitate proper parsing.
*
* @param pemString the input string
* @return an X509Certificate created from the string
* @throws CertificateException if instantiating the CertificateFactory errors
@ -86,10 +94,10 @@ public class CredentialParser {
try {
CertificateFactory factory = CertificateFactory.getInstance(X509);
InputStream inputStream = new ByteArrayInputStream((CERTIFICATE_HEADER
+ System.lineSeparator()
+ pemString
+ System.lineSeparator()
+ CERTIFICATE_FOOTER).getBytes());
+ System.lineSeparator()
+ pemString
+ System.lineSeparator()
+ CERTIFICATE_FOOTER).getBytes());
return (X509Certificate) factory.generateCertificate(inputStream);
} catch (CertificateException e) {
throw e;
@ -98,6 +106,7 @@ public class CredentialParser {
/**
* This method returns the X509Certificate object from a PEM certificate file.
*
* @param certificateFile
* @return
* @throws FileNotFoundException
@ -111,6 +120,7 @@ public class CredentialParser {
* This method returns the X509Certificate found in a PEM file.
* Unchecked typcase warnings are suppressed because the CertificateFactory
* implements X509Certificate objects explicitly.
*
* @param filename pem file
* @return a list containing all X509Certificates extracted
*/
@ -158,6 +168,7 @@ public class CredentialParser {
* Both PKCS1 and PKCS8 formats are handled.
* Algorithm argument is present to allow handling of multiple encryption algorithms,
* but for now it is always RSA.
*
* @param filename
* @return
*/
@ -218,6 +229,7 @@ public class CredentialParser {
/**
* This method reads a PKCS1 keypair from a PEM file.
*
* @param filename
* @return
*/
@ -232,12 +244,14 @@ public class CredentialParser {
/**
* This method returns the private key from a JKS keystore.
*
* @param keystoreFile
* @param alias
* @param password
* @return KeyStore.PrivateKeyEntry
*/
private KeyStore.PrivateKeyEntry parseKeystorePrivateKey(String keystoreFile, String alias, String password) {
private KeyStore.PrivateKeyEntry parseKeystorePrivateKey(String keystoreFile, String alias,
String password) {
KeyStore keystore = null;
KeyStore.PrivateKeyEntry privateKey = null;
try {
@ -247,7 +261,8 @@ public class CredentialParser {
new KeyStore.PasswordProtection(password.toCharArray()));
} catch (FileNotFoundException e) {
System.out.println("Cannot locate keystore " + keystoreFile);
} catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | IOException e) {
} catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException |
CertificateException | IOException e) {
e.printStackTrace();
}
@ -256,6 +271,7 @@ public class CredentialParser {
/**
* This method returns the authorityInfoAccess from an X509Certificate.
*
* @return
* @throws IOException
*/
@ -264,7 +280,7 @@ public class CredentialParser {
byte[] extension = certificate.getExtensionValue(Extension.authorityInfoAccess.getId());
if (extension != null && extension.length > 0) {
AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(
JcaX509ExtensionUtils.parseExtensionValue(extension));
JcaX509ExtensionUtils.parseExtensionValue(extension));
for (AccessDescription ad : aia.getAccessDescriptions()) {
if (ad.getAccessMethod().toString().equals(SwidTagConstants.CA_ISSUERS)) {
sb.append("CA issuers - ");
@ -279,6 +295,7 @@ public class CredentialParser {
/**
* This method returns the subjectKeyIdentifier from the local X509Certificate.
*
* @return the String representation of the subjectKeyIdentifier
* @throws IOException
*/
@ -293,6 +310,7 @@ public class CredentialParser {
/**
* This method returns the subjectKeyIdentifier from a given X509Certificate.
*
* @param certificate the cert to pull the subjectKeyIdentifier from
* @return the String representation of the subjectKeyIdentifier
* @throws IOException

130
tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
View File

@ -17,6 +17,7 @@ import jakarta.xml.bind.JAXBContext;
import jakarta.xml.bind.JAXBElement;
import jakarta.xml.bind.JAXBException;
import jakarta.xml.bind.Marshaller;
import lombok.Setter;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@ -84,17 +85,64 @@ public class SwidTagGateway {
private final ObjectFactory objectFactory = new ObjectFactory();
private Marshaller marshaller;
/**
* String holding attributes file path
*/
@Setter
private String attributesFile;
/**
* boolean governing signing credentials
*/
@Setter
private boolean defaultCredentials;
/**
* JKS keystore file
*/
@Setter
private String jksTruststoreFile;
/**
* private key file in PEM format
*/
@Setter
private String pemPrivateKeyFile;
/**
* certificate file in PEM format
*/
@Setter
private String pemCertificateFile;
/**
* embed certificate file in signature block
*/
@Setter
private boolean embeddedCert;
/**
* event log support RIM
*/
@Setter
private String rimEventLog;
/**
* timestamp format in XML signature
*/
@Setter
private String timestampFormat;
/**
* timestamp input - RFC3852 + file or RFC3339 + value
*/
@Setter
private String timestampArgument;
private String errorRequiredFields;
private DocumentBuilderFactory dbf;
private DocumentBuilder builder;
/**
@ -124,88 +172,6 @@ public class SwidTagGateway {
}
}
/**
* Setter for String holding attributes file path
*
* @param attributesFile
*/
public void setAttributesFile(final String attributesFile) {
this.attributesFile = attributesFile;
}
/**
* Setter for boolean governing signing credentials
*
* @param defaultCredentials
* @return
*/
public void setDefaultCredentials(final boolean defaultCredentials) {
this.defaultCredentials = defaultCredentials;
}
/**
* Setter for JKS keystore file
*
* @param jksTruststoreFile
*/
public void setJksTruststoreFile(final String jksTruststoreFile) {
this.jksTruststoreFile = jksTruststoreFile;
}
/**
* Setter for private key file in PEM format
*
* @param pemPrivateKeyFile
*/
public void setPemPrivateKeyFile(final String pemPrivateKeyFile) {
this.pemPrivateKeyFile = pemPrivateKeyFile;
}
/**
* Setter for certificate file in PEM format
*
* @param pemCertificateFile
*/
public void setPemCertificateFile(final String pemCertificateFile) {
this.pemCertificateFile = pemCertificateFile;
}
/**
* Setter to embed certificate file in signature block
*
* @param embeddedCert
*/
public void setEmbeddedCert(final boolean embeddedCert) {
this.embeddedCert = embeddedCert;
}
/**
* Setter for event log support RIM
*
* @param rimEventLog
*/
public void setRimEventLog(final String rimEventLog) {
this.rimEventLog = rimEventLog;
}
/**
* Setter for timestamp format in XML signature
*
* @param timestampFormat
*/
public void setTimestampFormat(String timestampFormat) {
this.timestampFormat = timestampFormat;
}
/**
* Setter for timestamp input - RFC3852 + file or RFC3339 + value
*
* @param timestampArgument
*/
public void setTimestampArgument(String timestampArgument) {
this.timestampArgument = timestampArgument;
}
/**
* This method generates a base RIM from the values in a JSON file.
*