Merge pull request #450 from nsacyber/issue-436-without-fwtesting

[#436] Add Payload attribute supportRIMFormat and default value
This commit is contained in:
iadgovuser26 2022-03-16 12:33:32 -04:00 committed by GitHub
commit 46f4f3a466
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 98 additions and 43 deletions

View File

@ -30,6 +30,7 @@
},
"Payload": {
"Directory": {
"supportRIMFormat": "TCG_EventLog_Assertion",
"name": "iotBase",
"File": {
"name": "TpmLog.bin"

View File

@ -67,6 +67,9 @@ public class SwidTagConstants {
public static final String HASH = "hash";
public static final String SUPPORT_RIM_TYPE = "supportRIMType";
public static final String SUPPORT_RIM_FORMAT = "supportRIMFormat";
public static final String TCG_EVENTLOG_ASSERTION = "TCG_EventLog_Assertion";
public static final String TPM_PCR_ASSERTION = "TPM_PCR_Assertion";
public static final String SUPPORT_RIM_FORMAT_MISSING = "supportRIMFormat missing";
public static final String SUPPORT_RIM_URI_GLOBAL = "supportRIMURIGlobal";
public static final QName _SHA256_HASH = new QName(

View File

@ -162,7 +162,8 @@ public class SwidTagGateway {
JsonObject configProperties = reader.readObject();
reader.close();
//SoftwareIdentity
swidTag = createSwidTag(configProperties.getJsonObject(SwidTagConstants.SOFTWARE_IDENTITY));
swidTag = createSwidTag(
configProperties.getJsonObject(SwidTagConstants.SOFTWARE_IDENTITY));
//Entity
JAXBElement<Entity> entity = objectFactory.createSoftwareIdentityEntity(
createEntity(configProperties.getJsonObject(SwidTagConstants.ENTITY)));
@ -199,7 +200,8 @@ public class SwidTagGateway {
System.out.println(e.getMessage());
}
Document signedSoftwareIdentity = signXMLDocument(objectFactory.createSoftwareIdentity(swidTag));
Document signedSoftwareIdentity = signXMLDocument(
objectFactory.createSoftwareIdentity(swidTag));
writeSwidTagFile(signedSoftwareIdentity, filename);
}
@ -247,14 +249,16 @@ public class SwidTagGateway {
if (!tagId.isEmpty()) {
swidTag.setTagId(tagId);
}
swidTag.setTagVersion(new BigInteger(jsonObject.getString(SwidTagConstants.TAGVERSION, "0")));
swidTag.setTagVersion(new BigInteger(
jsonObject.getString(SwidTagConstants.TAGVERSION, "0")));
swidTag.setVersion(jsonObject.getString(SwidTagConstants.VERSION, "0.0"));
swidTag.setCorpus(jsonObject.getBoolean(SwidTagConstants.CORPUS, false));
swidTag.setPatch(jsonObject.getBoolean(SwidTagConstants.PATCH, false));
swidTag.setSupplemental(jsonObject.getBoolean(SwidTagConstants.SUPPLEMENTAL, false));
if (!swidTag.isCorpus() && !swidTag.isPatch()
&& !swidTag.isSupplemental() && swidTag.getVersion() != "0.0") {
swidTag.setVersionScheme(jsonObject.getString(SwidTagConstants.VERSION_SCHEME, "multipartnumeric"));
swidTag.setVersionScheme(
jsonObject.getString(SwidTagConstants.VERSION_SCHEME, "multipartnumeric"));
}
return swidTag;
@ -329,24 +333,42 @@ public class SwidTagGateway {
private SoftwareMeta createSoftwareMeta(JsonObject jsonObject) {
SoftwareMeta softwareMeta = objectFactory.createSoftwareMeta();
Map<QName, String> attributes = softwareMeta.getOtherAttributes();
addNonNullAttribute(attributes, SwidTagConstants._COLLOQUIAL_VERSION, jsonObject.getString(SwidTagConstants.COLLOQUIAL_VERSION, ""));
addNonNullAttribute(attributes, SwidTagConstants._EDITION, jsonObject.getString(SwidTagConstants.EDITION, ""));
addNonNullAttribute(attributes, SwidTagConstants._PRODUCT, jsonObject.getString(SwidTagConstants.PRODUCT, ""));
addNonNullAttribute(attributes, SwidTagConstants._REVISION, jsonObject.getString(SwidTagConstants.REVISION, ""));
addNonNullAttribute(attributes, SwidTagConstants._PAYLOAD_TYPE, jsonObject.getString(SwidTagConstants.PAYLOAD_TYPE, ""));
addNonNullAttribute(attributes, SwidTagConstants._PLATFORM_MANUFACTURER_STR, jsonObject.getString(SwidTagConstants.PLATFORM_MANUFACTURER_STR, ""));
addNonNullAttribute(attributes, SwidTagConstants._PLATFORM_MANUFACTURER_ID, jsonObject.getString(SwidTagConstants.PLATFORM_MANUFACTURER_ID, ""));
addNonNullAttribute(attributes, SwidTagConstants._PLATFORM_MODEL, jsonObject.getString(SwidTagConstants.PLATFORM_MODEL, ""));
addNonNullAttribute(attributes, SwidTagConstants._PLATFORM_VERSION, jsonObject.getString(SwidTagConstants.PLATFORM_VERSION, ""));
addNonNullAttribute(attributes, SwidTagConstants._FIRMWARE_MANUFACTURER_STR, jsonObject.getString(SwidTagConstants.FIRMWARE_MANUFACTURER_STR, ""));
addNonNullAttribute(attributes, SwidTagConstants._FIRMWARE_MANUFACTURER_ID, jsonObject.getString(SwidTagConstants.FIRMWARE_MANUFACTURER_ID, ""));
addNonNullAttribute(attributes, SwidTagConstants._FIRMWARE_MODEL, jsonObject.getString(SwidTagConstants.FIRMWARE_MODEL, ""));
addNonNullAttribute(attributes, SwidTagConstants._FIRMWARE_VERSION, jsonObject.getString(SwidTagConstants.FIRMWARE_VERSION, ""));
addNonNullAttribute(attributes, SwidTagConstants._BINDING_SPEC, jsonObject.getString(SwidTagConstants.BINDING_SPEC, ""));
addNonNullAttribute(attributes, SwidTagConstants._BINDING_SPEC_VERSION, jsonObject.getString(SwidTagConstants.BINDING_SPEC_VERSION, ""));
addNonNullAttribute(attributes, SwidTagConstants._PC_URI_LOCAL, jsonObject.getString(SwidTagConstants.PC_URI_LOCAL, ""));
addNonNullAttribute(attributes, SwidTagConstants._PC_URI_GLOBAL, jsonObject.getString(SwidTagConstants.PC_URI_GLOBAL, ""));
addNonNullAttribute(attributes, SwidTagConstants._RIM_LINK_HASH, jsonObject.getString(SwidTagConstants.RIM_LINK_HASH, ""));
addNonNullAttribute(attributes, SwidTagConstants._COLLOQUIAL_VERSION,
jsonObject.getString(SwidTagConstants.COLLOQUIAL_VERSION, ""));
addNonNullAttribute(attributes, SwidTagConstants._EDITION,
jsonObject.getString(SwidTagConstants.EDITION, ""));
addNonNullAttribute(attributes, SwidTagConstants._PRODUCT,
jsonObject.getString(SwidTagConstants.PRODUCT, ""));
addNonNullAttribute(attributes, SwidTagConstants._REVISION,
jsonObject.getString(SwidTagConstants.REVISION, ""));
addNonNullAttribute(attributes, SwidTagConstants._PAYLOAD_TYPE,
jsonObject.getString(SwidTagConstants.PAYLOAD_TYPE, ""));
addNonNullAttribute(attributes, SwidTagConstants._PLATFORM_MANUFACTURER_STR,
jsonObject.getString(SwidTagConstants.PLATFORM_MANUFACTURER_STR, ""));
addNonNullAttribute(attributes, SwidTagConstants._PLATFORM_MANUFACTURER_ID,
jsonObject.getString(SwidTagConstants.PLATFORM_MANUFACTURER_ID, ""));
addNonNullAttribute(attributes, SwidTagConstants._PLATFORM_MODEL,
jsonObject.getString(SwidTagConstants.PLATFORM_MODEL, ""));
addNonNullAttribute(attributes, SwidTagConstants._PLATFORM_VERSION,
jsonObject.getString(SwidTagConstants.PLATFORM_VERSION, ""));
addNonNullAttribute(attributes, SwidTagConstants._FIRMWARE_MANUFACTURER_STR,
jsonObject.getString(SwidTagConstants.FIRMWARE_MANUFACTURER_STR, ""));
addNonNullAttribute(attributes, SwidTagConstants._FIRMWARE_MANUFACTURER_ID,
jsonObject.getString(SwidTagConstants.FIRMWARE_MANUFACTURER_ID, ""));
addNonNullAttribute(attributes, SwidTagConstants._FIRMWARE_MODEL,
jsonObject.getString(SwidTagConstants.FIRMWARE_MODEL, ""));
addNonNullAttribute(attributes, SwidTagConstants._FIRMWARE_VERSION,
jsonObject.getString(SwidTagConstants.FIRMWARE_VERSION, ""));
addNonNullAttribute(attributes, SwidTagConstants._BINDING_SPEC,
jsonObject.getString(SwidTagConstants.BINDING_SPEC, ""));
addNonNullAttribute(attributes, SwidTagConstants._BINDING_SPEC_VERSION,
jsonObject.getString(SwidTagConstants.BINDING_SPEC_VERSION, ""));
addNonNullAttribute(attributes, SwidTagConstants._PC_URI_LOCAL,
jsonObject.getString(SwidTagConstants.PC_URI_LOCAL, ""));
addNonNullAttribute(attributes, SwidTagConstants._PC_URI_GLOBAL,
jsonObject.getString(SwidTagConstants.PC_URI_GLOBAL, ""));
addNonNullAttribute(attributes, SwidTagConstants._RIM_LINK_HASH,
jsonObject.getString(SwidTagConstants.RIM_LINK_HASH, ""));
return softwareMeta;
}
@ -360,12 +382,12 @@ public class SwidTagGateway {
private ResourceCollection createPayload(JsonObject jsonObject) {
ResourceCollection payload = objectFactory.createResourceCollection();
Map<QName, String> attributes = payload.getOtherAttributes();
addNonNullAttribute(attributes, SwidTagConstants._N8060_ENVVARPREFIX, jsonObject.getString(SwidTagConstants._N8060_ENVVARPREFIX.getLocalPart(), ""));
addNonNullAttribute(attributes, SwidTagConstants._N8060_ENVVARSUFFIX, jsonObject.getString(SwidTagConstants._N8060_ENVVARSUFFIX.getLocalPart(), ""));
addNonNullAttribute(attributes, SwidTagConstants._N8060_PATHSEPARATOR, jsonObject.getString(SwidTagConstants._N8060_PATHSEPARATOR.getLocalPart(), ""));
addNonNullAttribute(attributes, SwidTagConstants._SUPPORT_RIM_FORMAT, jsonObject.getString(SwidTagConstants.SUPPORT_RIM_FORMAT, ""));
addNonNullAttribute(attributes, SwidTagConstants._SUPPORT_RIM_TYPE, jsonObject.getString(SwidTagConstants.SUPPORT_RIM_TYPE, ""));
addNonNullAttribute(attributes, SwidTagConstants._SUPPORT_RIM_URI_GLOBAL, jsonObject.getString(SwidTagConstants.SUPPORT_RIM_URI_GLOBAL, ""));
addNonNullAttribute(attributes, SwidTagConstants._N8060_ENVVARPREFIX,
jsonObject.getString(SwidTagConstants._N8060_ENVVARPREFIX.getLocalPart(), ""));
addNonNullAttribute(attributes, SwidTagConstants._N8060_ENVVARSUFFIX,
jsonObject.getString(SwidTagConstants._N8060_ENVVARSUFFIX.getLocalPart(), ""));
addNonNullAttribute(attributes, SwidTagConstants._N8060_PATHSEPARATOR,
jsonObject.getString(SwidTagConstants._N8060_PATHSEPARATOR.getLocalPart(), ""));
return payload;
}
@ -379,6 +401,21 @@ public class SwidTagGateway {
private Directory createDirectory(JsonObject jsonObject) {
Directory directory = objectFactory.createDirectory();
directory.setName(jsonObject.getString(SwidTagConstants.NAME, ""));
Map<QName, String> attributes = directory.getOtherAttributes();
String supportRimFormat = jsonObject.getString(SwidTagConstants.SUPPORT_RIM_FORMAT,
SwidTagConstants.SUPPORT_RIM_FORMAT_MISSING);
if (!supportRimFormat.equals(SwidTagConstants.SUPPORT_RIM_FORMAT_MISSING)) {
if (supportRimFormat.isEmpty()) {
attributes.put(SwidTagConstants._SUPPORT_RIM_FORMAT,
SwidTagConstants.TCG_EVENTLOG_ASSERTION);
} else {
attributes.put(SwidTagConstants._SUPPORT_RIM_FORMAT, supportRimFormat);
}
}
addNonNullAttribute(attributes, SwidTagConstants._SUPPORT_RIM_TYPE,
jsonObject.getString(SwidTagConstants.SUPPORT_RIM_TYPE, ""));
addNonNullAttribute(attributes, SwidTagConstants._SUPPORT_RIM_URI_GLOBAL,
jsonObject.getString(SwidTagConstants.SUPPORT_RIM_URI_GLOBAL, ""));
return directory;
}
@ -394,9 +431,23 @@ public class SwidTagGateway {
private hirs.swid.xjc.File createFile(JsonObject jsonObject) {
hirs.swid.xjc.File file = objectFactory.createFile();
file.setName(jsonObject.getString(SwidTagConstants.NAME, ""));
Map<QName, String> attributes = file.getOtherAttributes();
String supportRimFormat = jsonObject.getString(SwidTagConstants.SUPPORT_RIM_FORMAT,
SwidTagConstants.SUPPORT_RIM_FORMAT_MISSING);
if (!supportRimFormat.equals(SwidTagConstants.SUPPORT_RIM_FORMAT_MISSING)) {
if (supportRimFormat.isEmpty()) {
attributes.put(SwidTagConstants._SUPPORT_RIM_FORMAT,
SwidTagConstants.TCG_EVENTLOG_ASSERTION);
} else {
attributes.put(SwidTagConstants._SUPPORT_RIM_FORMAT, supportRimFormat);
}
}
addNonNullAttribute(attributes, SwidTagConstants._SUPPORT_RIM_TYPE,
jsonObject.getString(SwidTagConstants.SUPPORT_RIM_TYPE, ""));
addNonNullAttribute(attributes, SwidTagConstants._SUPPORT_RIM_URI_GLOBAL,
jsonObject.getString(SwidTagConstants.SUPPORT_RIM_URI_GLOBAL, ""));
File rimEventLogFile = new File(rimEventLog);
file.setSize(new BigInteger(Long.toString(rimEventLogFile.length())));
Map<QName, String> attributes = file.getOtherAttributes();
addNonNullAttribute(attributes, SwidTagConstants._SHA256_HASH, HashSwid.get256Hash(rimEventLog));
return file;

View File

@ -3,7 +3,7 @@
<Entity name="Example Inc" regid="http://Example.com" role="softwareCreator tagCreator"/>
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
<Meta xmlns:n8060="http://csrc.nist.gov/ns/swid/2015-extensions/1.0" xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" n8060:colloquialVersion="Firmware_2019" n8060:edition="12" n8060:product="ProductA" n8060:revision="r2" rim:BindingSpec="PC Client RIM" rim:BindingSpecVersion="1.2" rim:PayloadType="direct" rim:firmwareManufacturerId="00213022" rim:firmwareManufacturerStr="BIOSVendorA" rim:firmwareModel="A0" rim:firmwareVersion="12" rim:pcURIGlobal="https://Example.com/support/ProductA/" rim:pcURILocal="/boot/tcg/manifest/switag/" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:platformVersion="01"/>
<Payload xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" rim:supportRIMFormat="TCG_EventLog_Assertion" rim:supportRIMURIGlobal="https://Example.com/support/ProductA/firmware/rims/">
<Payload>
<Directory name="rim">
<File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" SHA256:hash="4479ca722623f8c47b703996ced3cbd981b06b1ae8a897db70137e0b7c546848" name="Example.com.BIOS.01.rimel" size="7549"/>
</Directory>
@ -17,14 +17,14 @@
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>97uWB7zSsO5WaGbrcQrlKd1Bju0aDTjK1/ktUYBje8A=</DigestValue>
<DigestValue>K3XoBeYvgJBAKl8z273sL7z38qLLVBKLfUPt/gPUzBI=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>N1YtTeo2Ryuj+CtlXIpICEay+ni7vt8+4J7tAsYpa3efnLwtea69PIqEylPWm9LdA8Eo8XDdpgxV&#13;
7h3hi2LTOU+Wxq3bLiLamo99T1EtIwl+ZPcOv8bsfEkmShHdMC0dlfcj6r7x4tc0XkNAhhJgfRNz&#13;
FsmPWKJb6FYcsHFbHO/Uw1hSokbAGcWWTshEOqvKHMa8UVkrFMUPnrnMtdyJqZlhDBrZHNi4rWth&#13;
8TjlUnQVSCF9s9I04FxJ1cUAdeVMHtXKM8Pvjv68PaJMJK73dW5Yd3SbcgoKLesf/HPWeeZL0rr4&#13;
TNjlqJ/wq61Ons45MFG9bIscVbnd+XxFHx8Skw==</SignatureValue>
<SignatureValue>cIl1gPsUyEj2gDv3HTWNFDVxtcBjz4Revxxf2LJejtOXQW8mGepZH8CnvgO7zCAbZYlYUZXjYZ9M&#13;
jONVv8dcsAjVHRnP6YHywFfmSm8LUCwxsfuZQqn5jClqzu5VaqLzBhuJYvCpiEdIDJwDINQuORUB&#13;
nzul1CWc3Sm1Ms2wjlIq5ctWWJcddhdyIOjl8/oD4EC5E2rOSfNcRMZxldXtie9iinFGVbr0YNE+&#13;
+lQ7hAU+SyV8RMx9tGnnsO8otwV4ddF+OfemcbzWGYBenLs3A8ZqWZyTvWphCgGqDUbOLssYciCC&#13;
mnYm5QOeh4QcE9H2kqTgZvcyCgPL/hDC7xhyjQ==</SignatureValue>
<KeyInfo>
<KeyName>2fdeb8e7d030a2209daa01861a964fedecf2bcc1</KeyName>
</KeyInfo>

View File

@ -3,7 +3,7 @@
<Entity name="Example Inc" regid="http://Example.com" role="softwareCreator tagCreator"/>
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
<Meta xmlns:n8060="http://csrc.nist.gov/ns/swid/2015-extensions/1.0" xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" n8060:colloquialVersion="Firmware_2019" n8060:edition="12" n8060:product="ProductA" n8060:revision="r2" rim:BindingSpec="PC Client RIM" rim:BindingSpecVersion="1.2" rim:PayloadType="direct" rim:firmwareManufacturerId="00213022" rim:firmwareManufacturerStr="BIOSVendorA" rim:firmwareModel="A0" rim:firmwareVersion="12" rim:pcURIGlobal="https://Example.com/support/ProductA/" rim:pcURILocal="/boot/tcg/manifest/switag/" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:platformVersion="01"/>
<Payload xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" rim:supportRIMFormat="TCG_EventLog_Assertion" rim:supportRIMURIGlobal="https://Example.com/support/ProductA/firmware/rims/">
<Payload>
<Directory name="rim">
<File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" SHA256:hash="4479ca722623f8c47b703996ced3cbd981b06b1ae8a897db70137e0b7c546848" name="Example.com.BIOS.01.rimel" size="7549"/>
</Directory>
@ -17,14 +17,14 @@
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>97uWB7zSsO5WaGbrcQrlKd1Bju0aDTjK1/ktUYBje8A=</DigestValue>
<DigestValue>K3XoBeYvgJBAKl8z273sL7z38qLLVBKLfUPt/gPUzBI=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>N1YtTeo2Ryuj+CtlXIpICEay+ni7vt8+4J7tAsYpa3efnLwtea69PIqEylPWm9LdA8Eo8XDdpgxV&#13;
7h3hi2LTOU+Wxq3bLiLamo99T1EtIwl+ZPcOv8bsfEkmShHdMC0dlfcj6r7x4tc0XkNAhhJgfRNz&#13;
FsmPWKJb6FYcsHFbHO/Uw1hSokbAGcWWTshEOqvKHMa8UVkrFMUPnrnMtdyJqZlhDBrZHNi4rWth&#13;
8TjlUnQVSCF9s9I04FxJ1cUAdeVMHtXKM8Pvjv68PaJMJK73dW5Yd3SbcgoKLesf/HPWeeZL0rr4&#13;
TNjlqJ/wq61Ons45MFG9bIscVbnd+XxFHx8Skw==</SignatureValue>
<SignatureValue>cIl1gPsUyEj2gDv3HTWNFDVxtcBjz4Revxxf2LJejtOXQW8mGepZH8CnvgO7zCAbZYlYUZXjYZ9M&#13;
jONVv8dcsAjVHRnP6YHywFfmSm8LUCwxsfuZQqn5jClqzu5VaqLzBhuJYvCpiEdIDJwDINQuORUB&#13;
nzul1CWc3Sm1Ms2wjlIq5ctWWJcddhdyIOjl8/oD4EC5E2rOSfNcRMZxldXtie9iinFGVbr0YNE+&#13;
+lQ7hAU+SyV8RMx9tGnnsO8otwV4ddF+OfemcbzWGYBenLs3A8ZqWZyTvWphCgGqDUbOLssYciCC&#13;
mnYm5QOeh4QcE9H2kqTgZvcyCgPL/hDC7xhyjQ==</SignatureValue>
<KeyInfo>
<X509Data>
<X509SubjectName>CN=example.RIM.signer,OU=PCClient,O=Example,ST=VA,C=US</X509SubjectName>