ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-02-20 17:52:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

WIP: Add xpath filter to select SoftwareIdentity element

Browse Source
This commit is contained in:
chubtub 2022-12-15 12:52:19 -05:00
parent 2e4accde0b
commit 76d99fa765
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
View File

@ -44,6 +44,7 @@ import javax.xml.crypto.dsig.keyinfo.KeyName;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.crypto.dsig.spec.XPathFilterParameterSpec;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
@ -602,8 +603,13 @@ public class SwidTagGateway {
Document detachedSignature = null;
try {
XMLSignatureFactory sigFactory = XMLSignatureFactory.getInstance("DOM");
//Use xpath to select SoftwareIdentity
XPathFilterParameterSpec xPathParams = new XPathFilterParameterSpec("/SoftwareIdentity");
//ref must be distinguished from existing <Reference URI="">
Reference ref = sigFactory.newReference("#" + tagId,
sigFactory.newDigestMethod(DigestMethod.SHA256, null));
sigFactory.newDigestMethod(DigestMethod.SHA256, null),
Collections.singletonList(sigFactory.newTransform(Transform.XPATH, xPathParams)),
null, null);
SignedInfo signedInfo = sigFactory.newSignedInfo(
sigFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE,
(C14NMethodParameterSpec) null),