ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-29 15:44:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Passing -l <filepath> to -v will verify the payload hash with <filepath> instead of the <File name=filepath>

Browse Source
This commit is contained in:
chubtub 2020-06-25 07:58:37 -04:00
parent 62edecd929
commit 7045fc9978
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tools/tcg_rim_tool/src/main/java/hirs/swid/Main.java
View File

@ -21,8 +21,12 @@ public class Main {
if (!commander.getVerifyFile().isEmpty()) {
System.out.println(commander.toString());
String verifyFile = commander.getVerifyFile();
String rimel = commander.getRimEventLog();
//String publicCertificate = commander.getPublicCertificate();
if (!verifyFile.isEmpty()) {
if (!rimel.isEmpty()) {
gateway.setRimEventLog(rimel);
}
try {
gateway.validateSwidTag(verifyFile);
} catch (IOException e) {

7
tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
View File

@ -437,7 +437,12 @@ public class SwidTagGateway {
* This method validates a hirs.swid.xjc.File from an indirect payload
*/
private boolean validateFile(Element file) {
String filepath = file.getAttribute(SwidTagConstants.NAME);
String filepath;
if (rimEventLog.isEmpty()) {
filepath = file.getAttribute(SwidTagConstants.NAME);
} else {
filepath = rimEventLog;
}
System.out.println("Support rim found at " + filepath);
if (HashSwid.get256Hash(filepath).equals(file.getAttribute(_SHA256_HASH.getPrefix() + ":" + _SHA256_HASH.getLocalPart()))) {
System.out.println("Support RIM hash verified!");