mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-21 13:57:56 +00:00
Merge pull request #232 from nsacyber/issue-231
[#231] Last minute tcg_rim_tool CLI changes
This commit is contained in:
commit
8b36d2636b
Binary file not shown.
@ -21,15 +21,14 @@ public class Main {
|
||||
if (commander.isAttributesGiven()) {
|
||||
gateway.setAttributesFile(commander.getAttributesFile());
|
||||
}
|
||||
/* if (commander.isKeystoreGiven()) {
|
||||
if (commander.isKeystoreGiven()) {
|
||||
gateway.setKeystoreFile(commander.getKeystore());
|
||||
}
|
||||
if (commander.isShowCert()) {
|
||||
gateway.setShowCert(true);
|
||||
}
|
||||
|
||||
}
|
||||
*/
|
||||
if (commander.create()) {
|
||||
String keystore = commander.getKeystore();
|
||||
if (!keystore.isEmpty()) {
|
||||
//set keystore for gateway if given
|
||||
}
|
||||
// parsing the arguments detected a create parameter (-c)
|
||||
gateway.generateSwidTag(commander.getCreateOutFile());
|
||||
}
|
||||
|
@ -139,6 +139,13 @@ public class SwidTagGateway {
|
||||
private Marshaller marshaller;
|
||||
private Unmarshaller unmarshaller;
|
||||
private String attributesFile;
|
||||
/**
|
||||
* The keystoreFile is used in signXMLDocument() to pass in the keystore path.
|
||||
* The same method requires the keystore password and the alias of the private key,
|
||||
* which would need to be passed in if not using the default keystore.
|
||||
*/
|
||||
private String keystoreFile;
|
||||
private boolean showCert;
|
||||
|
||||
/**
|
||||
* Default constructor initializes jaxbcontext, marshaller, and unmarshaller
|
||||
@ -149,15 +156,37 @@ public class SwidTagGateway {
|
||||
marshaller = jaxbContext.createMarshaller();
|
||||
unmarshaller = jaxbContext.createUnmarshaller();
|
||||
attributesFile = SwidTagConstants.DEFAULT_ATTRIBUTES_FILE;
|
||||
keystoreFile = SwidTagConstants.DEFAULT_KEYSTORE_PATH;
|
||||
showCert = false;
|
||||
} catch (JAXBException e) {
|
||||
System.out.println("Error initializing jaxbcontext: " + e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Setter for String holding attributes file path
|
||||
* @param attributesFile
|
||||
*/
|
||||
public void setAttributesFile(String attributesFile) {
|
||||
this.attributesFile = attributesFile;
|
||||
}
|
||||
|
||||
/**
|
||||
* Setter for String holding keystore path
|
||||
* @param keystore
|
||||
*/
|
||||
public void setKeystoreFile(String keystoreFile) {
|
||||
this.keystoreFile = keystoreFile;
|
||||
}
|
||||
|
||||
/**
|
||||
* Setter for boolean to display certificate block in xml signature
|
||||
* @param showCert
|
||||
*/
|
||||
public void setShowCert(boolean showCert) {
|
||||
this.showCert = showCert;
|
||||
}
|
||||
|
||||
/**
|
||||
* default generator method that has no parameters
|
||||
*/
|
||||
@ -359,39 +388,6 @@ public class SwidTagGateway {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Given an input swidtag at [path] parse any PCRs in the payload into an InputStream object.
|
||||
* This method will be used in a following pull request.
|
||||
*
|
||||
* @param path
|
||||
* @return
|
||||
* @throws IOException
|
||||
*/
|
||||
public ByteArrayInputStream parsePayload(String path) throws IOException {
|
||||
JAXBElement jaxbe = unmarshallSwidTag(path);
|
||||
SoftwareIdentity softwareIdentity = (SoftwareIdentity) jaxbe.getValue();
|
||||
String pcrs = "";
|
||||
if (!softwareIdentity.getEntityOrEvidenceOrLink().isEmpty()) {
|
||||
List<Object> swidtag = softwareIdentity.getEntityOrEvidenceOrLink();
|
||||
for (Object obj : swidtag) {
|
||||
try {
|
||||
JAXBElement element = (JAXBElement) obj;
|
||||
String elementName = element.getName().getLocalPart();
|
||||
if (elementName.equals(SwidTagConstants.PAYLOAD)) {
|
||||
ResourceCollection rc = (ResourceCollection) element.getValue();
|
||||
if (!rc.getDirectoryOrFileOrProcess().isEmpty()) {
|
||||
pcrs = parsePCRs(rc.getDirectoryOrFileOrProcess());
|
||||
}
|
||||
}
|
||||
} catch (ClassCastException e) {
|
||||
System.out.println("Found a non-JAXBElement object!" + e.getMessage());
|
||||
throw new IOException("Found an invalid element in the swidtag file!");
|
||||
}
|
||||
}
|
||||
}
|
||||
return new ByteArrayInputStream(pcrs.getBytes(StandardCharsets.UTF_8));
|
||||
}
|
||||
|
||||
/**
|
||||
* This method creates SoftwareIdentity element based on the parameters read in from
|
||||
* a properties file.
|
||||
@ -628,14 +624,16 @@ public class SwidTagGateway {
|
||||
Collections.singletonList(reference)
|
||||
);
|
||||
KeyStore keystore = KeyStore.getInstance("JKS");
|
||||
keystore.load(new FileInputStream(SwidTagConstants.DEFAULT_KEYSTORE_PATH), SwidTagConstants.DEFAULT_KEYSTORE_PASSWORD.toCharArray());
|
||||
keystore.load(new FileInputStream(keystoreFile), SwidTagConstants.DEFAULT_KEYSTORE_PASSWORD.toCharArray());
|
||||
KeyStore.PrivateKeyEntry privateKey = (KeyStore.PrivateKeyEntry) keystore.getEntry(SwidTagConstants.DEFAULT_PRIVATE_KEY_ALIAS,
|
||||
new KeyStore.PasswordProtection(SwidTagConstants.DEFAULT_KEYSTORE_PASSWORD.toCharArray()));
|
||||
X509Certificate certificate = (X509Certificate) privateKey.getCertificate();
|
||||
KeyInfoFactory kiFactory = sigFactory.getKeyInfoFactory();
|
||||
ArrayList<Object> x509Content = new ArrayList<Object>();
|
||||
x509Content.add(certificate.getSubjectX500Principal().getName());
|
||||
if (showCert) {
|
||||
x509Content.add(certificate);
|
||||
}
|
||||
X509Data data = kiFactory.newX509Data(x509Content);
|
||||
KeyInfo keyinfo = kiFactory.newKeyInfo(Collections.singletonList(data));
|
||||
|
||||
@ -734,6 +732,39 @@ public class SwidTagGateway {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Given an input swidtag at [path] parse any PCRs in the payload into an InputStream object.
|
||||
* This method will be used in a following pull request.
|
||||
*
|
||||
* @param path
|
||||
* @return
|
||||
* @throws IOException
|
||||
*/
|
||||
public ByteArrayInputStream parsePayload(String path) throws IOException {
|
||||
JAXBElement jaxbe = unmarshallSwidTag(path);
|
||||
SoftwareIdentity softwareIdentity = (SoftwareIdentity) jaxbe.getValue();
|
||||
String pcrs = "";
|
||||
if (!softwareIdentity.getEntityOrEvidenceOrLink().isEmpty()) {
|
||||
List<Object> swidtag = softwareIdentity.getEntityOrEvidenceOrLink();
|
||||
for (Object obj : swidtag) {
|
||||
try {
|
||||
JAXBElement element = (JAXBElement) obj;
|
||||
String elementName = element.getName().getLocalPart();
|
||||
if (elementName.equals(SwidTagConstants.PAYLOAD)) {
|
||||
ResourceCollection rc = (ResourceCollection) element.getValue();
|
||||
if (!rc.getDirectoryOrFileOrProcess().isEmpty()) {
|
||||
pcrs = parsePCRs(rc.getDirectoryOrFileOrProcess());
|
||||
}
|
||||
}
|
||||
} catch (ClassCastException e) {
|
||||
System.out.println("Found a non-JAXBElement object!" + e.getMessage());
|
||||
throw new IOException("Found an invalid element in the swidtag file!");
|
||||
}
|
||||
}
|
||||
}
|
||||
return new ByteArrayInputStream(pcrs.getBytes(StandardCharsets.UTF_8));
|
||||
}
|
||||
|
||||
/**
|
||||
* This method traverses a hirs.swid.xjc.Directory recursively until it finds at
|
||||
* least one hirs.swid.xjc.File. This File is expected to have an attribute of the form
|
||||
@ -761,7 +792,7 @@ public class SwidTagGateway {
|
||||
if (pcrHash.isEmpty()) {
|
||||
pcrHash = "null";
|
||||
}
|
||||
sb.append(pcr.getName() + "," + pcrHash + newline);
|
||||
sb.append(pcr.getName() + "," + pcrHash);
|
||||
}
|
||||
}
|
||||
System.out.println(sb.toString());
|
||||
@ -769,8 +800,8 @@ public class SwidTagGateway {
|
||||
}
|
||||
|
||||
/**
|
||||
* This method unmarshalls the swidtag found at [path] and validates it according to the
|
||||
* schema.
|
||||
* This method unmarshalls the swidtag found at [path] into a JAXBElement object
|
||||
* and validates it according to the schema.
|
||||
*
|
||||
* @param path to the input swidtag
|
||||
* @return the SoftwareIdentity element at the root of the swidtag
|
||||
@ -779,14 +810,14 @@ public class SwidTagGateway {
|
||||
private JAXBElement unmarshallSwidTag(String path) throws IOException {
|
||||
File input = null;
|
||||
InputStream is = null;
|
||||
JAXBElement jaxbe = null;
|
||||
JAXBElement swidtag = null;
|
||||
try {
|
||||
input = new File(path);
|
||||
is = SwidTagGateway.class.getClassLoader().getResourceAsStream(SwidTagConstants.SCHEMA_URL);
|
||||
SchemaFactory schemaFactory = SchemaFactory.newInstance(SwidTagConstants.SCHEMA_LANGUAGE);
|
||||
Schema schema = schemaFactory.newSchema(new StreamSource(is));
|
||||
unmarshaller.setSchema(schema);
|
||||
jaxbe = (JAXBElement) unmarshaller.unmarshal(input);
|
||||
swidtag = (JAXBElement) unmarshaller.unmarshal(input);
|
||||
} catch (SAXException e) {
|
||||
System.out.println("Error setting schema for validation!");
|
||||
} catch (UnmarshalException e) {
|
||||
@ -803,8 +834,8 @@ public class SwidTagGateway {
|
||||
System.out.println("Error closing input stream");
|
||||
}
|
||||
}
|
||||
if (jaxbe != null) {
|
||||
return jaxbe;
|
||||
if (swidtag != null) {
|
||||
return swidtag;
|
||||
} else {
|
||||
throw new IOException("Invalid swidtag file!");
|
||||
}
|
||||
|
@ -19,9 +19,8 @@ public class Commander {
|
||||
private static final String HELP_STRING = "help";
|
||||
private static final String PARSE_STRING = "parse";
|
||||
private static final String ATTRIBUTES_STRING = "attributes";
|
||||
private static final String KEY_STRING = "key";
|
||||
private static final String PRIVATE_KEY_STRING = "privatekey";
|
||||
private static final String CERT_STRING = "cert";
|
||||
private static final String KEYSTORE_STRING = "keystore";
|
||||
private static final String SHOW_CERT_STRING = "show-cert";
|
||||
|
||||
private boolean hasArguments = false;
|
||||
private boolean validate = false;
|
||||
@ -29,6 +28,7 @@ public class Commander {
|
||||
private boolean parse = false;
|
||||
private boolean attributesGiven = false;
|
||||
private boolean keystoreGiven = false;
|
||||
private boolean showCert = false;
|
||||
|
||||
private String validateFile;
|
||||
private String createOutFile = "";
|
||||
@ -106,9 +106,8 @@ public class Commander {
|
||||
parse = true;
|
||||
parseFile = args[++i];
|
||||
break;
|
||||
case FULL_COMMAND_PREFIX + KEY_STRING:
|
||||
case COMMAND_PREFIX + "k":
|
||||
keystore = args[++i];
|
||||
case FULL_COMMAND_PREFIX + SHOW_CERT_STRING:
|
||||
showCert = true;
|
||||
break;
|
||||
case FULL_COMMAND_PREFIX + HELP_STRING:
|
||||
case COMMAND_PREFIX + "h":
|
||||
@ -223,6 +222,14 @@ public class Commander {
|
||||
return keystore;
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter for boolean to show certificate data or not
|
||||
* @return
|
||||
*/
|
||||
public boolean isShowCert() {
|
||||
return showCert;
|
||||
}
|
||||
|
||||
/**
|
||||
* Default no parameter help method.
|
||||
*/
|
||||
@ -250,10 +257,13 @@ public class Commander {
|
||||
+ " \t\t\t\tvalidates it against the schema at\n"
|
||||
+ " \t\t\t\thttp://standards.iso.org/iso/19770/-2/2015/schema.xsd\n\n");
|
||||
sb.append(" -p, --parse <file>\t\tParse the given swidtag's payload\n\n");
|
||||
/* sb.append(" -k, --key\t\t\tSpecify the credential and its location to use\n"
|
||||
+ " \t-privatekey <file>\tfor digital signatures\n"
|
||||
+ " \t-cert <file>\n\n");
|
||||
*/ sb.append(" -h, --help, <no args>\tPrints this command help information.\n");
|
||||
/*
|
||||
sb.append(" -k, --keystore <file>\tSpecify the keystore and its location to use\n"
|
||||
+ " \t\t\t\tfor digital signatures\n");
|
||||
*/
|
||||
sb.append(" --show-cert\t\t\tPrint the certificate in the signature block of\n"
|
||||
+ " \t\t\t\tthe base RIM\n\n");
|
||||
sb.append(" -h, --help, <no args>\tPrints this command help information.\n");
|
||||
sb.append(" \t\t\t\tListing no command arguments will also\n"
|
||||
+ " \t\t\t\tprint this help text.\n\n");
|
||||
sb.append("Example commands: \n"
|
||||
|
@ -15,9 +15,10 @@ import org.testng.annotations.Test;
|
||||
public class TestSwidTagGateway {
|
||||
private SwidTagGateway gateway;
|
||||
private String inputFile, outputFile, hashType;
|
||||
private final String DEFAULT_OUTPUT = "generated_swidTag.swidtag";
|
||||
private final String DEFAULT_WITH_CERT = "generated_with_cert.swidtag";
|
||||
private final String DEFAULT_NO_CERT = "generated_no_cert.swidtag";
|
||||
private InputStream expectedFile;
|
||||
private static final String TEST_CSV_INPUT = "testCsv.swidtag";
|
||||
private static final String TEST_BLANK_SWIDTAG = "generated_swidTag.swidtag";
|
||||
|
||||
@BeforeClass
|
||||
public void setUp() throws Exception {
|
||||
@ -33,43 +34,56 @@ public class TestSwidTagGateway {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Creating a base RIM with default attributes with an X509Certificate element.
|
||||
*/
|
||||
@Test
|
||||
public void testGenerateSwidTagStringStringString() {
|
||||
outputFile = "testGenerateSwidTagStringStringString.swidtag";
|
||||
gateway.generateSwidTag(inputFile, outputFile, hashType);
|
||||
expectedFile = (InputStream) TestSwidTagGateway.class.getClassLoader().getResourceAsStream(TEST_CSV_INPUT);
|
||||
Assert.assertTrue(compareFileBytesToExpectedFile(outputFile));
|
||||
public void testGenerateDefaultWithCert() {
|
||||
gateway.setShowCert(true);
|
||||
gateway.generateSwidTag();
|
||||
expectedFile = (InputStream) TestSwidTagGateway.class.getClassLoader().getResourceAsStream(DEFAULT_WITH_CERT);
|
||||
Assert.assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a base RIM with default attributes without an X509Certificate element.
|
||||
*/
|
||||
@Test
|
||||
public void testGenerateSwidTagFile() {
|
||||
outputFile = "testGenerateSwidTagFile.swidtag";
|
||||
gateway.generateSwidTag(new File(outputFile));
|
||||
expectedFile = (InputStream) TestSwidTagGateway.class.getClassLoader().getResourceAsStream(TEST_BLANK_SWIDTAG);
|
||||
Assert.assertTrue(compareFileBytesToExpectedFile(outputFile));
|
||||
public void testGenerateDefaultNoCert() {
|
||||
gateway.setShowCert(false);
|
||||
gateway.generateSwidTag();
|
||||
expectedFile = (InputStream) TestSwidTagGateway.class.getClassLoader().getResourceAsStream(DEFAULT_NO_CERT);
|
||||
Assert.assertTrue(compareFileBytesToExpectedFile(DEFAULT_OUTPUT));
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate a base RIM with default attributes with an X509Certificate element.
|
||||
*/
|
||||
@Test
|
||||
public void testValidateSwidTag() {
|
||||
try {
|
||||
Assert.assertTrue(gateway.validateSwidTag(TestSwidTagGateway.class.getClassLoader().getResource(TEST_BLANK_SWIDTAG).getPath()));
|
||||
Assert.assertTrue(gateway.validateSwidTag(TestSwidTagGateway.class.getClassLoader().getResource(DEFAULT_WITH_CERT).getPath()));
|
||||
} catch (IOException e) {
|
||||
Assert.fail("Invalid swidtag!");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify expected values of a File element in a Payload element.
|
||||
*/
|
||||
@Test
|
||||
public void testParsePayload() {
|
||||
InputStream is = null;
|
||||
outputFile = TestSwidTagGateway.class.getClassLoader().getResource(DEFAULT_WITH_CERT).getPath();
|
||||
try {
|
||||
is = gateway.parsePayload(outputFile);
|
||||
Scanner scanner = new Scanner(is, "UTF-8");
|
||||
String test = "PCR0,18382098108101841048";
|
||||
String test = "Example.com.iotBase.bin,688e293e3ccb522f6cf8a027c9ade7960f84bd0bf3a0b99812bc1fa498a2db8d";
|
||||
String temp = "";
|
||||
while (scanner.hasNext()) {
|
||||
temp = scanner.next();
|
||||
Assert.assertEquals(temp, test, "temp: " + temp + ", test: " + test);
|
||||
}
|
||||
Assert.assertEquals(test, temp);
|
||||
} catch (IOException e) {
|
||||
Assert.fail("Error parsing test file!");
|
||||
} finally {
|
||||
@ -83,6 +97,11 @@ public class TestSwidTagGateway {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This method compares two files by bytes to determine if they are the same or not.
|
||||
* @param file to be compared to the expected value.
|
||||
* @return true if they are equal, false if not.
|
||||
*/
|
||||
private boolean compareFileBytesToExpectedFile(String file) {
|
||||
FileInputStream testFile = null;
|
||||
try {
|
||||
|
@ -0,0 +1,34 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="TCG RIM example" patch="false" supplemental="false" tagId="hirs.swid.SwidTags.example" tagVersion="1" version="0.1" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<Entity name="HIRS" role="softwareCreator tagCreator"/>
|
||||
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
|
||||
<Meta xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" rim:bindingSpec="IOT RIM" rim:bindingSpecVersion="1.2" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:rimLinkHash="88f21d8e44d4271149297404df91caf207130bfa116582408abd04ede6db7f51"/>
|
||||
<Payload>
|
||||
<Directory name="iotBase">
|
||||
<File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" SHA256:hash="688e293e3ccb522f6cf8a027c9ade7960f84bd0bf3a0b99812bc1fa498a2db8d" name="Example.com.iotBase.bin" size="15400"/>
|
||||
</Directory>
|
||||
</Payload>
|
||||
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
||||
<SignedInfo>
|
||||
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
||||
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
|
||||
<Reference URI="">
|
||||
<Transforms>
|
||||
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
||||
</Transforms>
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>e3V54WPCVKryiRHONI37GttXgePQDEYz1GGPcpity5E=</DigestValue>
|
||||
</Reference>
|
||||
</SignedInfo>
|
||||
<SignatureValue>OMPKPXsLr0wbtQuUTlGAD9W0fkqmw8XJ3nQHc/LsRpzCZWdN/xtfxe3JleLbXcUt4PItqj1uB5Eg
|
||||
8iBWyBSy+WJYvsoROjLjZ1sUQ92jMdCO69uBjaIihn1HS2H/YnB4trjc92AUIdhoJZt9KF90IlJQ
|
||||
zu3HTmQfeRYs/c6Ck1k3bL1jnyWoNzhBqCuPYrZtPbv9opVP0YOxM5IjRkRgkZIDgYbh1k4WXw8O
|
||||
/iIMZuVJDfKQJSNCTAZsIbUatGDQc/nOihLHdI90wG8zu9amgrl1AEKzH8z864Fan5uuXolfAaak
|
||||
sLJl6RPCNcp+JNCXMMZiS8bmYPQnVJc1ze0I1A==</SignatureValue>
|
||||
<KeyInfo>
|
||||
<X509Data>
|
||||
<X509SubjectName>CN=example.RIM.signer,OU=PCClient,O=Example,ST=VA,C=US</X509SubjectName>
|
||||
</X509Data>
|
||||
</KeyInfo>
|
||||
</Signature>
|
||||
</SoftwareIdentity>
|
@ -1,12 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" patch="false" name="HIRS SWID Tag example" supplemental="false" tagId="hirs.swid.SwidTags.example" version="0.1">
|
||||
<Entity name="HIRS" regid="hirs.org" role="softwareCreator tagCreator"/>
|
||||
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
|
||||
<Meta xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" rim:componentManufacturerId="00213022" rim:platformManufacturerId="00201234" rim:bindingSpec="IOT RIM" rim:pcURILocal="/boot/tcg/manifest/swidtag" rim:componentManufacturer="BIOSVendorA" rim:rimLinkHash="88f21d8e44d4271149297404df91caf207130bfa116582408abd04ede6db7f51" rim:componentClass="Firmware" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:bindingSpecVersion="1.2"/>
|
||||
<Payload xmlns:n8060="http://csrc.nist.gov/ns/swid/2015-extensions/1.0" n8060:envVarPrefix="$" n8060:pathSeparator="/" n8060:envVarSuffix="">
|
||||
<Directory location="/boot/iot/" name="iotBase">
|
||||
<File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" size="15400" version="01.00" name="Example.com.iotBase.bin" SHA256:hash="688e293e3ccb522f6cf8a027c9ade7960f84bd0bf3a0b99812bc1fa498a2db8d"/>
|
||||
<File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" size="1024" version="01.00" name="iotExec.bin" SHA256:hash="7afb71275b8036a43d75f3bf1a4b84867de289b2edc6980890ec9748a112156e"/>
|
||||
</Directory>
|
||||
</Payload>
|
||||
</SoftwareIdentity>
|
@ -0,0 +1,50 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="TCG RIM example" patch="false" supplemental="false" tagId="hirs.swid.SwidTags.example" tagVersion="1" version="0.1" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<Entity name="HIRS" role="softwareCreator tagCreator"/>
|
||||
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
|
||||
<Meta xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" rim:bindingSpec="IOT RIM" rim:bindingSpecVersion="1.2" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:rimLinkHash="88f21d8e44d4271149297404df91caf207130bfa116582408abd04ede6db7f51"/>
|
||||
<Payload>
|
||||
<Directory name="iotBase">
|
||||
<File xmlns:SHA256="http://www.w3.org/2001/04/xmlenc#sha256" SHA256:hash="688e293e3ccb522f6cf8a027c9ade7960f84bd0bf3a0b99812bc1fa498a2db8d" name="Example.com.iotBase.bin" size="15400"/>
|
||||
</Directory>
|
||||
</Payload>
|
||||
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
||||
<SignedInfo>
|
||||
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
|
||||
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
|
||||
<Reference URI="">
|
||||
<Transforms>
|
||||
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
||||
</Transforms>
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>e3V54WPCVKryiRHONI37GttXgePQDEYz1GGPcpity5E=</DigestValue>
|
||||
</Reference>
|
||||
</SignedInfo>
|
||||
<SignatureValue>OMPKPXsLr0wbtQuUTlGAD9W0fkqmw8XJ3nQHc/LsRpzCZWdN/xtfxe3JleLbXcUt4PItqj1uB5Eg
|
||||
8iBWyBSy+WJYvsoROjLjZ1sUQ92jMdCO69uBjaIihn1HS2H/YnB4trjc92AUIdhoJZt9KF90IlJQ
|
||||
zu3HTmQfeRYs/c6Ck1k3bL1jnyWoNzhBqCuPYrZtPbv9opVP0YOxM5IjRkRgkZIDgYbh1k4WXw8O
|
||||
/iIMZuVJDfKQJSNCTAZsIbUatGDQc/nOihLHdI90wG8zu9amgrl1AEKzH8z864Fan5uuXolfAaak
|
||||
sLJl6RPCNcp+JNCXMMZiS8bmYPQnVJc1ze0I1A==</SignatureValue>
|
||||
<KeyInfo>
|
||||
<X509Data>
|
||||
<X509SubjectName>CN=example.RIM.signer,OU=PCClient,O=Example,ST=VA,C=US</X509SubjectName>
|
||||
<X509Certificate>MIIDYTCCAkmgAwIBAgIJAPB+r6VBhBn4MA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAlVTMQsw
|
||||
CQYDVQQIDAJWQTEQMA4GA1UECgwHRXhhbXBsZTERMA8GA1UECwwIUENDbGllbnQxEjAQBgNVBAMM
|
||||
CUV4YW1wbGVDQTAeFw0yMDAyMTAxODE1MzRaFw0yOTEyMTkxODE1MzRaMFwxCzAJBgNVBAYTAlVT
|
||||
MQswCQYDVQQIDAJWQTEQMA4GA1UECgwHRXhhbXBsZTERMA8GA1UECwwIUENDbGllbnQxGzAZBgNV
|
||||
BAMMEmV4YW1wbGUuUklNLnNpZ25lcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKd1
|
||||
lWGkSRuxAAY2wHag2GVxUk1dZx2PTpfQOflvLeccAVwa8mQhlsRERq+QK8ilj8Xfqs44/nBaccZD
|
||||
OjdfIxIUCMfwhGXjxCaqZbgTucNsExDnu4arTGraoAwzHg0cVLiKT/Cxj9NL4dcMgxRXsPdHfXb0
|
||||
923C7xYd2t2qfW05umgaj7qeQl6c68CFNsGX4JA8rWFQZvvGx5DGlK4KTcjPuQQINs5fxasNKqLY
|
||||
2hq+z82x/rqwr2hmyizD6FpFSyIABPEMPfB036GEhRwu1WEMkq8yIp2jgRUoFYke9pB3ph9pVow0
|
||||
Hh4mNFSKD4pP41VSKY1nus83mdkuukPy5o0CAwEAAaMvMC0wCQYDVR0TBAIwADALBgNVHQ8EBAMC
|
||||
BsAwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQELBQADggEBAGuJ+dasb3/Mb7TBJ1Oe
|
||||
al5ISq8d2LQD5ke5qnjgSQWKXfQ9fcUy3dWnt3Oked/i8B/Tyk3jCdTZJU3J3iRNgTqFfMLP8rU1
|
||||
w2tPYBjjuPKiiK4YRBHPxtFxPdOL1BPmL4ZzNs33Lv6H0m4aff9p6QpMclX5b/CRjl+80JWRLiLj
|
||||
U3B0CejZB9dJrPr9SBaC31cDoeTpja9Cl86ip7KkqrZZIYeMuNF6ucWyWtjrW2kr3UhmEy8x/6y4
|
||||
KigsK8sBwmNv4N2Pu3RppeIcpjYj5NVA1hwRA4eeMgJp2u+urm3l1oo1UNX1HsSSBHp1Owc9zZLm
|
||||
07Pl8T46kpIA4sroCAU=</X509Certificate>
|
||||
</X509Data>
|
||||
</KeyInfo>
|
||||
</Signature>
|
||||
</SoftwareIdentity>
|
@ -1,6 +1,6 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" patch="false" name="HIRS SWID Tag application" supplemental="false" tagId="hirs.swid.SwidTags" version="0.1">
|
||||
<Entity name="HIRS" regid="hirs.org" role="softwareCreator tagCreator"/>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" patch="false" supplemental="false" tagVersion="0" xml:lang="en">
|
||||
<Entity regid="invalid.unavailable" role=""/>
|
||||
<Payload>
|
||||
<File name="PCR0" ns2:SHA256="18382098108101841048"/>
|
||||
</Payload>
|
||||
|
Loading…
Reference in New Issue
Block a user