mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-19 04:58:00 +00:00
Merge pull request #512 from nsacyber/issue-501
[#501] Support for detached signatures
This commit is contained in:
chubtub
GitHub
commit
c1dcd5cd23
@ -4,6 +4,7 @@ import com.beust.jcommander.JCommander;
|
||||
import hirs.swid.utils.Commander;
|
||||
import hirs.swid.utils.CredentialArgumentValidator;
|
||||
import hirs.swid.utils.TimestampArgumentValidator;
|
||||
import org.w3c.dom.Document;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -16,6 +17,7 @@ public class Main {
|
||||
SwidTagGateway gateway;
|
||||
SwidTagValidator validator;
|
||||
CredentialArgumentValidator caValidator;
|
||||
String rimEventLogFile, trustStoreFile, certificateFile, privateKeyFile;
|
||||
|
||||
if (commander.isHelp()) {
|
||||
jc.usage();
|
||||
@ -25,18 +27,17 @@ public class Main {
|
||||
validator = new SwidTagValidator();
|
||||
System.out.println(commander.toString());
|
||||
String verifyFile = commander.getVerifyFile();
|
||||
String rimel = commander.getRimEventLog();
|
||||
String certificateFile = commander.getPublicCertificate();
|
||||
String trustStore = commander.getTruststoreFile();
|
||||
certificateFile = commander.getPublicCertificate();
|
||||
rimEventLogFile = commander.getRimEventLog();
|
||||
trustStoreFile = commander.getTruststoreFile();
|
||||
boolean defaultKey = commander.isDefaultKey();
|
||||
validator.setRimEventLog(rimel);
|
||||
if (defaultKey) {
|
||||
validator.validateSwidTag(verifyFile, "DEFAULT");
|
||||
} else {
|
||||
caValidator = new CredentialArgumentValidator(trustStore,
|
||||
caValidator = new CredentialArgumentValidator(trustStoreFile,
|
||||
certificateFile, "", "", "", true);
|
||||
if (caValidator.isValid()) {
|
||||
validator.setTrustStoreFile(trustStore);
|
||||
validator.setTrustStoreFile(trustStoreFile);
|
||||
validator.validateSwidTag(verifyFile, caValidator.getFormat());
|
||||
} else {
|
||||
System.out.println("Invalid combination of credentials given: "
|
||||
@ -47,16 +48,20 @@ public class Main {
|
||||
} else {
|
||||
gateway = new SwidTagGateway();
|
||||
System.out.println(commander.toString());
|
||||
String createType = commander.getCreateType().toUpperCase();
|
||||
String attributesFile = commander.getAttributesFile();
|
||||
String truststoreFile = commander.getTruststoreFile();
|
||||
String certificateFile = commander.getPublicCertificate();
|
||||
String privateKeyFile = commander.getPrivateKeyFile();
|
||||
rimEventLogFile = commander.getRimEventLog();
|
||||
trustStoreFile = commander.getTruststoreFile();
|
||||
certificateFile = commander.getPublicCertificate();
|
||||
privateKeyFile = commander.getPrivateKeyFile();
|
||||
boolean embeddedCert = commander.isEmbedded();
|
||||
boolean defaultKey = commander.isDefaultKey();
|
||||
String rimEventLog = commander.getRimEventLog();
|
||||
switch (createType) {
|
||||
case "BASE":
|
||||
String outputFile = commander.getOutFile();
|
||||
if (!commander.getSignFile().isEmpty()) {
|
||||
Document doc = gateway.signXMLDocument(commander.getSignFile());
|
||||
gateway.writeSwidTagFile(doc, outputFile);
|
||||
} else {
|
||||
String createType = commander.getCreateType().toUpperCase();
|
||||
String attributesFile = commander.getAttributesFile();
|
||||
if (createType.equals("BASE")) {
|
||||
if (!attributesFile.isEmpty()) {
|
||||
gateway.setAttributesFile(attributesFile);
|
||||
}
|
||||
@ -65,10 +70,10 @@ public class Main {
|
||||
gateway.setTruststoreFile(SwidTagConstants.DEFAULT_KEYSTORE_FILE);
|
||||
} else {
|
||||
gateway.setDefaultCredentials(false);
|
||||
caValidator = new CredentialArgumentValidator(truststoreFile,
|
||||
caValidator = new CredentialArgumentValidator(trustStoreFile,
|
||||
certificateFile, privateKeyFile, "", "", false);
|
||||
if (caValidator.isValid()) {
|
||||
gateway.setTruststoreFile(truststoreFile);
|
||||
gateway.setTruststoreFile(trustStoreFile);
|
||||
gateway.setPemCertificateFile(certificateFile);
|
||||
gateway.setPemPrivateKeyFile(privateKeyFile);
|
||||
} else {
|
||||
@ -80,7 +85,7 @@ public class Main {
|
||||
gateway.setEmbeddedCert(true);
|
||||
}
|
||||
}
|
||||
gateway.setRimEventLog(rimEventLog);
|
||||
gateway.setRimEventLog(rimEventLogFile);
|
||||
List<String> timestampArguments = commander.getTimestampArguments();
|
||||
if (timestampArguments.size() > 0) {
|
||||
if (new TimestampArgumentValidator(timestampArguments).isValid()) {
|
||||
@ -92,10 +97,11 @@ public class Main {
|
||||
System.exit(1);
|
||||
}
|
||||
}
|
||||
gateway.generateSwidTag(commander.getOutFile());
|
||||
break;
|
||||
default:
|
||||
} else {
|
||||
System.out.println("No create type given, nothing to do");
|
||||
System.exit(1);
|
||||
}
|
||||
gateway.generateSwidTag(outputFile);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,6 +10,9 @@ import hirs.swid.xjc.SoftwareIdentity;
|
||||
import hirs.swid.xjc.SoftwareMeta;
|
||||
import org.w3c.dom.Document;
|
||||
import org.w3c.dom.Element;
|
||||
import org.w3c.dom.Node;
|
||||
import org.xml.sax.InputSource;
|
||||
import org.xml.sax.SAXException;
|
||||
|
||||
import javax.json.Json;
|
||||
import javax.json.JsonException;
|
||||
@ -41,6 +44,7 @@ import javax.xml.crypto.dsig.keyinfo.X509Data;
|
||||
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
|
||||
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
|
||||
import javax.xml.namespace.QName;
|
||||
import javax.xml.parsers.DocumentBuilder;
|
||||
import javax.xml.parsers.DocumentBuilderFactory;
|
||||
import javax.xml.parsers.ParserConfigurationException;
|
||||
import javax.xml.transform.OutputKeys;
|
||||
@ -57,7 +61,9 @@ import java.io.FileNotFoundException;
|
||||
import java.io.FileOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.StringReader;
|
||||
import java.math.BigInteger;
|
||||
import java.net.URI;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Paths;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
@ -310,6 +316,7 @@ public class SwidTagGateway {
|
||||
if (!tagId.isEmpty()) {
|
||||
swidTag.setTagId(tagId);
|
||||
}
|
||||
swidTag.getOtherAttributes().put(new QName("id"), tagId);
|
||||
swidTag.setTagVersion(new BigInteger(
|
||||
jsonObject.getString(SwidTagConstants.TAGVERSION, "0")));
|
||||
swidTag.setVersion(jsonObject.getString(SwidTagConstants.VERSION, "0.0"));
|
||||
@ -549,6 +556,120 @@ public class SwidTagGateway {
|
||||
}
|
||||
}
|
||||
|
||||
private void printXmlAttributes(Node node) {
|
||||
org.w3c.dom.NamedNodeMap attributes = node.getAttributes();
|
||||
if (attributes.getLength() <= 0) {
|
||||
System.out.println("No attributes in this node");
|
||||
} else {
|
||||
for (int i = 0; i < attributes.getLength(); i++) {
|
||||
System.out.println("SoftwareIdentity attribute: " + attributes.item(i).getNodeName());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public Document signXMLDocument(String signFile) {
|
||||
//Read signFile contents
|
||||
String xmlToSign = "";
|
||||
URI fileUri = new File(signFile).toURI();
|
||||
try {
|
||||
byte[] fileContents = Files.readAllBytes(Paths.get(signFile));
|
||||
xmlToSign = new String(fileContents); //safe to assume default charset??
|
||||
} catch (IOException e) {
|
||||
System.out.println("Error reading contents of " + signFile);
|
||||
System.exit(1);
|
||||
}
|
||||
|
||||
//Parse SoftwareIdentity id
|
||||
Document swidTag = null;
|
||||
DocumentBuilder db = null;
|
||||
try {
|
||||
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
|
||||
dbf.setNamespaceAware(false);
|
||||
db = dbf.newDocumentBuilder();
|
||||
} catch (ParserConfigurationException e) {
|
||||
System.out.println("Error instantiating DocumentBuilder object: " + e.getMessage());
|
||||
System.exit(1);
|
||||
}
|
||||
try {
|
||||
swidTag = db.parse(new InputSource(new StringReader(xmlToSign)));
|
||||
} catch (IOException | SAXException e) {
|
||||
System.out.println("Error parsing XML from " + signFile);
|
||||
System.exit(1);
|
||||
}
|
||||
Element softwareIdentity = (Element) swidTag.getElementsByTagName(
|
||||
SwidTagConstants.SOFTWARE_IDENTITY).item(0);
|
||||
String softwareIdentityId = softwareIdentity.getAttributes()
|
||||
.getNamedItem("id").getNodeValue();
|
||||
|
||||
//Create signature with a reference to SoftwareIdentity id
|
||||
XMLSignatureFactory sigFactory = null;
|
||||
SignedInfo signedInfo = null;
|
||||
try {
|
||||
sigFactory = XMLSignatureFactory.getInstance("DOM");
|
||||
//ref must be distinguished from existing <Reference URI="">
|
||||
Reference ref = sigFactory.newReference(fileUri.toString(),
|
||||
sigFactory.newDigestMethod(DigestMethod.SHA256, null));
|
||||
signedInfo = sigFactory.newSignedInfo(
|
||||
sigFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE,
|
||||
(C14NMethodParameterSpec) null),
|
||||
sigFactory.newSignatureMethod(SwidTagConstants.SIGNATURE_ALGORITHM_RSA_SHA256,
|
||||
null),
|
||||
Collections.singletonList(ref)
|
||||
);
|
||||
} catch (InvalidAlgorithmParameterException e) {
|
||||
System.out.println("Digest method parameters are invalid: " + e.getMessage());
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
System.out.println("The digest algorithm could not be found: " + e.getMessage());
|
||||
}
|
||||
List<XMLStructure> keyInfoElements = new ArrayList<XMLStructure>();
|
||||
|
||||
KeyInfoFactory kiFactory = sigFactory.getKeyInfoFactory();
|
||||
PrivateKey privateKey = null;
|
||||
CredentialParser cp = new CredentialParser();
|
||||
try {
|
||||
if (defaultCredentials) {
|
||||
cp.parseDefaultCredentials();
|
||||
privateKey = cp.getPrivateKey();
|
||||
KeyName keyName = kiFactory.newKeyName(cp.getCertificateSubjectKeyIdentifier());
|
||||
keyInfoElements.add(keyName);
|
||||
} else {
|
||||
cp.parsePEMCredentials(pemCertificateFile, pemPrivateKeyFile);
|
||||
X509Certificate certificate = cp.getCertificate();
|
||||
privateKey = cp.getPrivateKey();
|
||||
if (embeddedCert) {
|
||||
ArrayList<Object> x509Content = new ArrayList<Object>();
|
||||
x509Content.add(certificate.getSubjectX500Principal().getName());
|
||||
x509Content.add(certificate);
|
||||
X509Data data = kiFactory.newX509Data(x509Content);
|
||||
keyInfoElements.add(data);
|
||||
} else {
|
||||
keyInfoElements.add(kiFactory.newKeyValue(certificate.getPublicKey()));
|
||||
}
|
||||
}
|
||||
} catch (IOException e) {
|
||||
System.out.println("Error getting SKID from signing credentials: " + e.getMessage());
|
||||
} catch (KeyException e) {
|
||||
System.out.println("Public key algorithm not recognized or supported: "
|
||||
+ e.getMessage());
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
KeyInfo keyinfo = kiFactory.newKeyInfo(keyInfoElements);
|
||||
|
||||
Document detachedSignature = db.newDocument();
|
||||
DOMSignContext context = new DOMSignContext(privateKey, detachedSignature);
|
||||
context.setIdAttributeNS(softwareIdentity, null, "id");
|
||||
XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyinfo);
|
||||
try {
|
||||
signature.sign(context);
|
||||
} catch (MarshalException | XMLSignatureException e) {
|
||||
System.out.println("Error while signing SoftwareIdentity");
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
return detachedSignature;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method signs a SoftwareIdentity with an xmldsig in compatibility mode.
|
||||
* Current assumptions: digest method SHA256, signature method SHA256, enveloped signature
|
||||
@ -617,6 +738,8 @@ public class SwidTagGateway {
|
||||
X509Data data = kiFactory.newX509Data(x509Content);
|
||||
keyInfoElements.add(data);
|
||||
} else {
|
||||
KeyName keyName = kiFactory.newKeyName(cp.getCertificateSubjectKeyIdentifier());
|
||||
keyInfoElements.add(keyName);
|
||||
keyInfoElements.add(kiFactory.newKeyValue(certificate.getPublicKey()));
|
||||
}
|
||||
}
|
||||
|
||||
@ -5,6 +5,7 @@ import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.w3c.dom.Document;
|
||||
import org.w3c.dom.Element;
|
||||
import org.w3c.dom.NodeList;
|
||||
import org.xml.sax.InputSource;
|
||||
import org.xml.sax.SAXException;
|
||||
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
@ -26,6 +27,9 @@ import javax.xml.crypto.dsig.dom.DOMValidateContext;
|
||||
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
|
||||
import javax.xml.crypto.dsig.keyinfo.KeyValue;
|
||||
import javax.xml.crypto.dsig.keyinfo.X509Data;
|
||||
import javax.xml.parsers.DocumentBuilder;
|
||||
import javax.xml.parsers.DocumentBuilderFactory;
|
||||
import javax.xml.parsers.ParserConfigurationException;
|
||||
import javax.xml.transform.Source;
|
||||
import javax.xml.transform.Transformer;
|
||||
import javax.xml.transform.TransformerConfigurationException;
|
||||
@ -38,6 +42,9 @@ import javax.xml.validation.SchemaFactory;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.StringReader;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Paths;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.Key;
|
||||
import java.security.KeyException;
|
||||
@ -112,18 +119,31 @@ public class SwidTagValidator {
|
||||
Document document = unmarshallSwidTag(path);
|
||||
Element softwareIdentity =
|
||||
(Element) document.getElementsByTagName("SoftwareIdentity").item(0);
|
||||
StringBuilder si = new StringBuilder("Base RIM detected:\n");
|
||||
si.append("SoftwareIdentity name: " + softwareIdentity.getAttribute("name") + "\n");
|
||||
si.append("SoftwareIdentity tagId: " + softwareIdentity.getAttribute("tagId") + "\n");
|
||||
System.out.println(si.toString());
|
||||
Element file = (Element) document.getElementsByTagName("File").item(0);
|
||||
Element signature = (Element) document.getElementsByTagName("Signature").item(0);
|
||||
if (signature != null && softwareIdentity == null) {
|
||||
return validateDetachedSignature(document, format);
|
||||
} else if (signature != null && softwareIdentity != null) {
|
||||
StringBuilder si = new StringBuilder("Base RIM detected:\n");
|
||||
si.append("SoftwareIdentity name: " + softwareIdentity.getAttribute("name") + "\n");
|
||||
si.append("SoftwareIdentity tagId: " + softwareIdentity.getAttribute("tagId") + "\n");
|
||||
System.out.println(si.toString());
|
||||
return validateEnvelopedSignature(document, format);
|
||||
} else {
|
||||
System.out.println("Invalid xml for validation, please verify " + path);
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
private boolean validateEnvelopedSignature(Document doc, String format) {
|
||||
Element file = (Element) doc.getElementsByTagName("File").item(0);
|
||||
try {
|
||||
validateFile(file);
|
||||
} catch (Exception e) {
|
||||
System.out.println(e.getMessage());
|
||||
return false;
|
||||
}
|
||||
boolean swidtagValidity = validateSignedXMLDocument(document, format);
|
||||
boolean swidtagValidity = validateSignedXMLDocument(doc, format);
|
||||
if (swidtagValidity) {
|
||||
System.out.println("Signature core validity: true");
|
||||
return true;
|
||||
@ -133,6 +153,34 @@ public class SwidTagValidator {
|
||||
}
|
||||
}
|
||||
|
||||
private boolean validateDetachedSignature(Document doc, String format) {
|
||||
/* DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
|
||||
DocumentBuilder db = null;
|
||||
Document doc = null;
|
||||
|
||||
byte[] fileContents = new byte[0];
|
||||
try {
|
||||
fileContents = Files.readAllBytes(Paths.get(path));
|
||||
} catch (IOException e) {
|
||||
System.out.println("Error reading " + path + " for validation");
|
||||
}
|
||||
String xmlString = new String(fileContents);
|
||||
try {
|
||||
db = dbf.newDocumentBuilder();
|
||||
doc = db.parse(path);
|
||||
} catch (ParserConfigurationException e) {
|
||||
System.out.println("Error instantiating DocumentBuilder object: " + e.getMessage());
|
||||
} catch (SAXException e) {
|
||||
e.printStackTrace();
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
} catch (IllegalArgumentException e) {
|
||||
System.out.println("Tried to parse a null file at " + path);
|
||||
}
|
||||
*/
|
||||
return validateSignedXMLDocument(doc, format);
|
||||
}
|
||||
|
||||
/**
|
||||
* This method validates a hirs.swid.xjc.File from an indirect payload
|
||||
*/
|
||||
|
||||
@ -25,30 +25,34 @@ public class Commander {
|
||||
description = "The file to write the RIM out to. "
|
||||
+ "The RIM will be written to stdout by default.")
|
||||
private String outFile = "";
|
||||
@Parameter(names = {"-v", "--verify <path>"}, order = 3,
|
||||
@Parameter(names = {"-s", "--sign <path>"}, order = 3,
|
||||
validateWith = FileArgumentValidator.class,
|
||||
description = "Generate a detached signature for the file at <path>")
|
||||
private String signFile = "";
|
||||
@Parameter(names = {"-v", "--verify <path>"}, order = 4,
|
||||
description = "Specify a RIM file to verify.")
|
||||
private String verifyFile = "";
|
||||
@Parameter(names = {"-t", "--truststore <path>"}, order = 4,
|
||||
@Parameter(names = {"-t", "--truststore <path>"}, order = 5,
|
||||
description = "The truststore to sign the base RIM created "
|
||||
+ "or to validate the signed base RIM.")
|
||||
private String truststoreFile = "";
|
||||
@Parameter(names = {"-k", "--privateKeyFile <path>"}, order = 5,
|
||||
@Parameter(names = {"-k", "--privateKeyFile <path>"}, order = 6,
|
||||
description = "The private key used to sign the base RIM created by this tool.")
|
||||
private String privateKeyFile = "";
|
||||
@Parameter(names = {"-p", "--publicCertificate <path>"}, order = 6,
|
||||
@Parameter(names = {"-p", "--publicCertificate <path>"}, order = 7,
|
||||
description = "The public key certificate to embed in the base RIM created by "
|
||||
+ "this tool.")
|
||||
private String publicCertificate = "";
|
||||
@Parameter(names = {"-e", "--embed-cert"}, order = 7,
|
||||
@Parameter(names = {"-e", "--embed-cert"}, order = 8,
|
||||
description = "Embed the provided certificate in the signed swidtag.")
|
||||
private boolean embedded = false;
|
||||
@Parameter(names = {"-d", "--default-key"}, order = 8,
|
||||
description = "Use default signing credentials.")
|
||||
@Parameter(names = {"-d", "--default-key"}, order = 9,
|
||||
description = "Use keystore.jks from the rimtool installation to sign.")
|
||||
private boolean defaultKey = false;
|
||||
@Parameter(names = {"-l", "--rimel <path>"}, order = 9, required = true,
|
||||
@Parameter(names = {"-l", "--rimel <path>"}, order = 10, required = true,
|
||||
description = "The TCG eventlog file to use as a support RIM.")
|
||||
private String rimEventLog = "";
|
||||
@Parameter(names = {"--timestamp"}, order = 10, variableArity = true,
|
||||
@Parameter(names = {"--timestamp"}, order = 11, variableArity = true,
|
||||
description = "Add a timestamp to the signature. " +
|
||||
"Currently only RFC3339 and RFC3852 are supported:\n" +
|
||||
"\tRFC3339 [yyyy-MM-ddThh:mm:ssZ]\n\tRFC3852 <counterSignature.bin>")
|
||||
@ -70,6 +74,10 @@ public class Commander {
|
||||
return outFile;
|
||||
}
|
||||
|
||||
public String getSignFile() {
|
||||
return signFile;
|
||||
}
|
||||
|
||||
public String getVerifyFile() {
|
||||
return verifyFile;
|
||||
}
|
||||
@ -111,13 +119,17 @@ public class Commander {
|
||||
"\n\n\n");
|
||||
sb.append("Create a base RIM using the default attribute values; ");
|
||||
sb.append("sign it using privateKey.pem; embed cert.pem in the signature block; ");
|
||||
sb.append("and write the data to console output:\n\n");
|
||||
sb.append("and write the data to console stdout:\n\n");
|
||||
sb.append("\t\t-c base -l support_rim.bin -k privateKey.pem -p cert.pem -e\n\n\n");
|
||||
sb.append("Create a base RIM using the values in attributes.json; " +
|
||||
"sign it with the default keystore; add a RFC3852 timestamp; ");
|
||||
sb.append("and write the data to base_rim.swidtag:\n\n");
|
||||
sb.append("\t\t-c base -a attributes.json -d -l support_rim.bin " +
|
||||
"--timestamp RFC3852 counterSignature.bin -o base_rim.swidtag\n\n\n");
|
||||
sb.append("Add another signature to a signed base RIM using privateKey.pem; ");
|
||||
sb.append("embed cert.pem in the signature block; ");
|
||||
sb.append("and write the output to console stdout:\n\n");
|
||||
sb.append("\t\t-s signed_base_rim.swidtag -k privateKey.pem -p cert.pem -e\n\n\n");
|
||||
sb.append("Validate a base RIM using an external support RIM to override the ");
|
||||
sb.append("payload file:\n\n");
|
||||
sb.append("\t\t-v base_rim.swidtag -l support_rim.bin\n\n\n");
|
||||
@ -133,6 +145,7 @@ public class Commander {
|
||||
sb.append("Creating: " + this.getCreateType() + System.lineSeparator());
|
||||
sb.append("Using attributes file: " + this.getAttributesFile() + System.lineSeparator());
|
||||
sb.append("Write to: " + this.getOutFile() + System.lineSeparator());
|
||||
sb.append("Signing file: " + this.getSignFile() + System.lineSeparator());
|
||||
sb.append("Verify file: " + this.getVerifyFile() + System.lineSeparator());
|
||||
if (this.isDefaultKey()) {
|
||||
sb.append("Truststore file: default (" + SwidTagConstants.DEFAULT_KEYSTORE_FILE + ")"
|
||||
|
||||
@ -0,0 +1,24 @@
|
||||
package hirs.swid.utils;
|
||||
|
||||
import com.beust.jcommander.IParameterValidator;
|
||||
import com.beust.jcommander.ParameterException;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
|
||||
public class FileArgumentValidator implements IParameterValidator {
|
||||
public void validate(String name, String value) throws ParameterException {
|
||||
try {
|
||||
File file = new File(value);
|
||||
if (!file.isFile()) {
|
||||
throw new ParameterException("Invalid file path: " + value +
|
||||
". Please verify file path.");
|
||||
}
|
||||
} catch (NullPointerException e) {
|
||||
throw new ParameterException("File path cannot be null: " + e.getMessage());
|
||||
} catch (SecurityException e) {
|
||||
throw new ParameterException("Read access denied for " + value +
|
||||
", please verify permissions.");
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -9,6 +9,7 @@ import java.io.FileInputStream;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import org.w3c.dom.Document;
|
||||
|
||||
public class TestSwidTagGateway {
|
||||
private SwidTagGateway gateway;
|
||||
@ -162,6 +163,24 @@ public class TestSwidTagGateway {
|
||||
Assert.assertTrue(validator.validateSwidTag(DEFAULT_OUTPUT, "DEFAULT"));
|
||||
}
|
||||
|
||||
/**
|
||||
* This test corresponds to the arguments:
|
||||
* -s <signed swidtag> -d
|
||||
*/
|
||||
@Test
|
||||
public void testCreateDetachedSignature() {
|
||||
try {
|
||||
String signFilePath = TestSwidTagGateway.class.getClassLoader()
|
||||
.getResource(BASE_RFC3852_TIMESTAMP).getPath();
|
||||
gateway.setDefaultCredentials(true);
|
||||
Document doc = gateway.signXMLDocument(signFilePath);
|
||||
gateway.writeSwidTagFile(doc, DEFAULT_OUTPUT);
|
||||
validator.validateSwidTag(DEFAULT_OUTPUT, "DEFAULT");
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This method compares two files by bytes to determine if they are the same or not.
|
||||
*
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" id="94f6b457-9ac9-4d35-9b3f-78804173b65as" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<Entity name="Example Inc" regid="http://Example.com" role="softwareCreator tagCreator"/>
|
||||
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
|
||||
<Meta xmlns:n8060="http://csrc.nist.gov/ns/swid/2015-extensions/1.0" xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" n8060:colloquialVersion="Firmware_2019" n8060:edition="12" n8060:product="ProductA" n8060:revision="r2" rim:PayloadType="direct" rim:bindingSpec="PC Client RIM" rim:bindingSpecVersion="1.2" rim:firmwareManufacturerId="00213022" rim:firmwareManufacturerStr="BIOSVendorA" rim:firmwareModel="A0" rim:firmwareVersion="12" rim:pcURIGlobal="https://Example.com/support/ProductA/" rim:pcURIlocal="/boot/tcg/manifest/switag/" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:platformVersion="01"/>
|
||||
@ -17,14 +17,14 @@
|
||||
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
||||
</Transforms>
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>DJMc0n3VHHwU+F3HNpiY/l3EMcjRZAQOYlrjhD5v9qE=</DigestValue>
|
||||
<DigestValue>f3ulvid12X4b4EqgAQrriXwqvqlNd1GXoSf/wI+zf2A=</DigestValue>
|
||||
</Reference>
|
||||
</SignedInfo>
|
||||
<SignatureValue>ojJ6v8ToxLWWekCKmBoZ+Yg2V4MYMPbKB9FjDs/QG/AMP+LKjnb55Z7FSLhC8+CvvShKPAoS9mv1
|
||||
QepwI17NEqbfnC1U4WH0u578A3J6wiHMXIDnIQqKAAXb8v2c/wjMDArzFl8CXmDA7HUDIt+3C4VC
|
||||
tA598YY7o0Hf6hK5qO8oWGQxXUKfpUwvtGLxHpbDWYFuVSPa+uk6OTzutt/QyzTERzxyO9Le1i6K
|
||||
nrpzh4lgHn6EfGs6HR1ffdHQ069q0bE61zDx0VC18nK9DmszW6p6FlMzApiTVW/4PiVt+dSFeVGR
|
||||
9///OdtxcoBCeofDDFPRyO+s+kY1pXd92Q3nfg==</SignatureValue>
|
||||
<SignatureValue>GbvVCBhCDBa1Oz0HereVan1VzqFnkhQbG/QvYAtaPwWCpqtVqSTla0dvEW8LFKJtoLpE8ZQopshx
|
||||
se53rd9Z4aR2ok7VKfhtFV6LCNseyvmzWypqzCvLaG0net7EpMCixj8i0A5e4zaAEgt5Jqg1Acew
|
||||
hAY8XSnz9/e0EuzC3s9QlWSZHBtSvqlWUhsSVThf9KyHE3F/bwUGmEg6QdtREAr3c2jNK+LEN5MF
|
||||
hx64fG/WLRaAkw0lEWnBbjCdiB1ao+1G/c9yzxUQ82EriJdRBYjuRVmMlIOFRtYqe7oc5148pAAY
|
||||
qhol4MYlrmdjg9aW+2nv4KHHSDIhVgAAwRNJoQ==</SignatureValue>
|
||||
<KeyInfo>
|
||||
<KeyName>2fdeb8e7d030a2209daa01861a964fedecf2bcc1</KeyName>
|
||||
</KeyInfo>
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" id="94f6b457-9ac9-4d35-9b3f-78804173b65as" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<Entity name="Example Inc" regid="http://Example.com" role="softwareCreator tagCreator"/>
|
||||
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
|
||||
<Meta xmlns:n8060="http://csrc.nist.gov/ns/swid/2015-extensions/1.0" xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" n8060:colloquialVersion="Firmware_2019" n8060:edition="12" n8060:product="ProductA" n8060:revision="r2" rim:PayloadType="direct" rim:bindingSpec="PC Client RIM" rim:bindingSpecVersion="1.2" rim:firmwareManufacturerId="00213022" rim:firmwareManufacturerStr="BIOSVendorA" rim:firmwareModel="A0" rim:firmwareVersion="12" rim:pcURIGlobal="https://Example.com/support/ProductA/" rim:pcURIlocal="/boot/tcg/manifest/switag/" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:platformVersion="01"/>
|
||||
@ -17,18 +17,18 @@
|
||||
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
||||
</Transforms>
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>DJMc0n3VHHwU+F3HNpiY/l3EMcjRZAQOYlrjhD5v9qE=</DigestValue>
|
||||
<DigestValue>f3ulvid12X4b4EqgAQrriXwqvqlNd1GXoSf/wI+zf2A=</DigestValue>
|
||||
</Reference>
|
||||
<Reference URI="#TST">
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>j8sqX9NGt8DAPOvbhXKAT648BGdPnQnblai1PYDUryE=</DigestValue>
|
||||
</Reference>
|
||||
</SignedInfo>
|
||||
<SignatureValue>N8QB5dMLnSLaDuCO8Ds/9nPlJGzsF1HJCthEXDXPrMTpfWBwmsVTqtNwoGzHIXlx8HDdDcfTLa3j
|
||||
3rfFmDZNMqv6+6jjjJZerpN6XyWHGaVjVuPiNGmafE5SajTg53+6KlWXTGs3kcbbV5cTtjASz/A0
|
||||
cz9gBYTwYXmWA3+V0USLA0MNYzPkKp83eDnizbrkGx824NU9qG1DetVFfZqotWoTGJ1Wz4J8D1yR
|
||||
wUILS0DbtZalCNVv3kw9raIRKQ/CjlDztfP1SgiNuXu6IaVZKoVG9HGp3s8pQvFPHr0HD2sNrAkx
|
||||
twKcg3XIzGrTc22Y2TYw9Dk3NxumQSp4kve6ow==</SignatureValue>
|
||||
<SignatureValue>RvpLLE0rAaZrj54xy3Ki1GJ3csJI5lzshcpQQz7M5dn56Wo1ShfQR7OqGN1ZMULAtYsR0vtt9UFk
|
||||
3JuB1/tsA1KuT5sNTR6ZbOCaMGfV448ufbY48Vbk8Bs+2N0mZuuD3IUwARlbjXxZwb/k1GnkGVKS
|
||||
jneEK2dJ6Ktk8+XOLhoFd1JZqpz9Qv7s53GMtQc/QC18vrmUZDW5HABMCtZRpylGjBsP/Mabakb4
|
||||
Nr4veMqhEMGVm2UpYY3171nTCjerxrf0jXsLZoTbJdJtyjo9ihCbjzYUOG361liQ3k63jVfPQbDl
|
||||
460jU4v+45L/sWNRUi29VBtgia7xAkQ3IdmSPA==</SignatureValue>
|
||||
<KeyInfo>
|
||||
<KeyName>2fdeb8e7d030a2209daa01861a964fedecf2bcc1</KeyName>
|
||||
</KeyInfo>
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" id="94f6b457-9ac9-4d35-9b3f-78804173b65as" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<Entity name="Example Inc" regid="http://Example.com" role="softwareCreator tagCreator"/>
|
||||
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
|
||||
<Meta xmlns:n8060="http://csrc.nist.gov/ns/swid/2015-extensions/1.0" xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" n8060:colloquialVersion="Firmware_2019" n8060:edition="12" n8060:product="ProductA" n8060:revision="r2" rim:PayloadType="direct" rim:bindingSpec="PC Client RIM" rim:bindingSpecVersion="1.2" rim:firmwareManufacturerId="00213022" rim:firmwareManufacturerStr="BIOSVendorA" rim:firmwareModel="A0" rim:firmwareVersion="12" rim:pcURIGlobal="https://Example.com/support/ProductA/" rim:pcURIlocal="/boot/tcg/manifest/switag/" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:platformVersion="01"/>
|
||||
@ -17,18 +17,18 @@
|
||||
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
||||
</Transforms>
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>DJMc0n3VHHwU+F3HNpiY/l3EMcjRZAQOYlrjhD5v9qE=</DigestValue>
|
||||
<DigestValue>f3ulvid12X4b4EqgAQrriXwqvqlNd1GXoSf/wI+zf2A=</DigestValue>
|
||||
</Reference>
|
||||
<Reference URI="#TST">
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>KC51x7iXfEjDYEieFP1lktWNGP6eCWpXe5/sr3V8PlU=</DigestValue>
|
||||
</Reference>
|
||||
</SignedInfo>
|
||||
<SignatureValue>M6a+lIU7vIQmO0By/WCtocI4qzk4R4oXtduEpeyOfIH/xOTKkDI7E17v6dywLd7psZSKMPw8lRqp
|
||||
AZCBvsU6zDXzLsAakO2ydmH2i5POWNArUq+GRw9KDnNPZWanmRSqjpV2mEjfx84IF2MaqXDPng1q
|
||||
JrzKN8f00uHM+eOmXktyiBhJR9gT+htceMzAEzk8qeWCg6o6wFMx0JR1lUbGOXe070DtZCR7I0iQ
|
||||
0iZfnNzMzuRf2GHw6aKnSyGwdr1pUeoxEVGR5jkY8a7mT/0mt+8kVq4FL1gikrSOzvotoZ+dGb0Q
|
||||
JjzA2IgK+ti/Tc/FpLYKefXQwcVSUY+CD/HCvA==</SignatureValue>
|
||||
<SignatureValue>kXHqmvPCDdlUrgxKVKNXy9xmYmrMiIunv/Rc4gaho2Cm6G46BYBcjfBFkKtvvKxt+iRwk2d0JxLA
|
||||
+4oACcnUqrvfsP8WLUttrZmWvVWFcZ0WjVaqp06NVLK4for/XpJ0SQQQdO+PmEEgLzyZtydYl8n0
|
||||
tdFe9jAmIQD+DZmuHPE/abHvzCmCHgbfogHpkcoeDzT0FQu7Tvxyvae92F3jr2E/Tnt2pF9plxa0
|
||||
WZ+5WDmQ4gI+8DXETGxBhSMaR3GOvN+eFOyOUq/OzLs+T7UaOHLtmZHWKYWdBQa3j49VUREGu601
|
||||
qOAHjj9sJYSVuyrzDka6brY756ib6e7f1xwphw==</SignatureValue>
|
||||
<KeyInfo>
|
||||
<KeyName>2fdeb8e7d030a2209daa01861a964fedecf2bcc1</KeyName>
|
||||
</KeyInfo>
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" id="94f6b457-9ac9-4d35-9b3f-78804173b65as" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<Entity name="Example Inc" regid="http://Example.com" role="softwareCreator tagCreator"/>
|
||||
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
|
||||
<Meta xmlns:n8060="http://csrc.nist.gov/ns/swid/2015-extensions/1.0" xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" n8060:colloquialVersion="Firmware_2019" n8060:edition="12" n8060:product="ProductA" n8060:revision="r2" rim:PayloadType="direct" rim:bindingSpec="PC Client RIM" rim:bindingSpecVersion="1.2" rim:firmwareManufacturerId="00213022" rim:firmwareManufacturerStr="BIOSVendorA" rim:firmwareModel="A0" rim:firmwareVersion="12" rim:pcURIGlobal="https://Example.com/support/ProductA/" rim:pcURIlocal="/boot/tcg/manifest/switag/" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:platformVersion="01"/>
|
||||
@ -17,14 +17,14 @@
|
||||
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
||||
</Transforms>
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>DJMc0n3VHHwU+F3HNpiY/l3EMcjRZAQOYlrjhD5v9qE=</DigestValue>
|
||||
<DigestValue>f3ulvid12X4b4EqgAQrriXwqvqlNd1GXoSf/wI+zf2A=</DigestValue>
|
||||
</Reference>
|
||||
</SignedInfo>
|
||||
<SignatureValue>ojJ6v8ToxLWWekCKmBoZ+Yg2V4MYMPbKB9FjDs/QG/AMP+LKjnb55Z7FSLhC8+CvvShKPAoS9mv1
|
||||
QepwI17NEqbfnC1U4WH0u578A3J6wiHMXIDnIQqKAAXb8v2c/wjMDArzFl8CXmDA7HUDIt+3C4VC
|
||||
tA598YY7o0Hf6hK5qO8oWGQxXUKfpUwvtGLxHpbDWYFuVSPa+uk6OTzutt/QyzTERzxyO9Le1i6K
|
||||
nrpzh4lgHn6EfGs6HR1ffdHQ069q0bE61zDx0VC18nK9DmszW6p6FlMzApiTVW/4PiVt+dSFeVGR
|
||||
9///OdtxcoBCeofDDFPRyO+s+kY1pXd92Q3nfg==</SignatureValue>
|
||||
<SignatureValue>GbvVCBhCDBa1Oz0HereVan1VzqFnkhQbG/QvYAtaPwWCpqtVqSTla0dvEW8LFKJtoLpE8ZQopshx
|
||||
se53rd9Z4aR2ok7VKfhtFV6LCNseyvmzWypqzCvLaG0net7EpMCixj8i0A5e4zaAEgt5Jqg1Acew
|
||||
hAY8XSnz9/e0EuzC3s9QlWSZHBtSvqlWUhsSVThf9KyHE3F/bwUGmEg6QdtREAr3c2jNK+LEN5MF
|
||||
hx64fG/WLRaAkw0lEWnBbjCdiB1ao+1G/c9yzxUQ82EriJdRBYjuRVmMlIOFRtYqe7oc5148pAAY
|
||||
qhol4MYlrmdjg9aW+2nv4KHHSDIhVgAAwRNJoQ==</SignatureValue>
|
||||
<KeyInfo>
|
||||
<X509Data>
|
||||
<X509SubjectName>CN=example.RIM.signer,OU=PCClient,O=Example,ST=VA,C=US</X509SubjectName>
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" id="94f6b457-9ac9-4d35-9b3f-78804173b65as" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<Entity name="Example Inc" regid="http://Example.com" role="softwareCreator tagCreator"/>
|
||||
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
|
||||
<Meta xmlns:n8060="http://csrc.nist.gov/ns/swid/2015-extensions/1.0" xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" n8060:colloquialVersion="Firmware_2019" n8060:edition="12" n8060:product="ProductA" n8060:revision="r2" rim:PayloadType="direct" rim:bindingSpec="PC Client RIM" rim:bindingSpecVersion="1.2" rim:firmwareManufacturerId="00213022" rim:firmwareManufacturerStr="BIOSVendorA" rim:firmwareModel="A0" rim:firmwareVersion="12" rim:pcURIGlobal="https://Example.com/support/ProductA/" rim:pcURIlocal="/boot/tcg/manifest/switag/" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:platformVersion="01"/>
|
||||
@ -17,15 +17,16 @@
|
||||
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
||||
</Transforms>
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>DJMc0n3VHHwU+F3HNpiY/l3EMcjRZAQOYlrjhD5v9qE=</DigestValue>
|
||||
<DigestValue>f3ulvid12X4b4EqgAQrriXwqvqlNd1GXoSf/wI+zf2A=</DigestValue>
|
||||
</Reference>
|
||||
</SignedInfo>
|
||||
<SignatureValue>ojJ6v8ToxLWWekCKmBoZ+Yg2V4MYMPbKB9FjDs/QG/AMP+LKjnb55Z7FSLhC8+CvvShKPAoS9mv1
|
||||
QepwI17NEqbfnC1U4WH0u578A3J6wiHMXIDnIQqKAAXb8v2c/wjMDArzFl8CXmDA7HUDIt+3C4VC
|
||||
tA598YY7o0Hf6hK5qO8oWGQxXUKfpUwvtGLxHpbDWYFuVSPa+uk6OTzutt/QyzTERzxyO9Le1i6K
|
||||
nrpzh4lgHn6EfGs6HR1ffdHQ069q0bE61zDx0VC18nK9DmszW6p6FlMzApiTVW/4PiVt+dSFeVGR
|
||||
9///OdtxcoBCeofDDFPRyO+s+kY1pXd92Q3nfg==</SignatureValue>
|
||||
<SignatureValue>GbvVCBhCDBa1Oz0HereVan1VzqFnkhQbG/QvYAtaPwWCpqtVqSTla0dvEW8LFKJtoLpE8ZQopshx
|
||||
se53rd9Z4aR2ok7VKfhtFV6LCNseyvmzWypqzCvLaG0net7EpMCixj8i0A5e4zaAEgt5Jqg1Acew
|
||||
hAY8XSnz9/e0EuzC3s9QlWSZHBtSvqlWUhsSVThf9KyHE3F/bwUGmEg6QdtREAr3c2jNK+LEN5MF
|
||||
hx64fG/WLRaAkw0lEWnBbjCdiB1ao+1G/c9yzxUQ82EriJdRBYjuRVmMlIOFRtYqe7oc5148pAAY
|
||||
qhol4MYlrmdjg9aW+2nv4KHHSDIhVgAAwRNJoQ==</SignatureValue>
|
||||
<KeyInfo>
|
||||
<KeyName>2fdeb8e7d030a2209daa01861a964fedecf2bcc1</KeyName>
|
||||
<KeyValue>
|
||||
<RSAKeyValue>
|
||||
<Modulus>p3WVYaRJG7EABjbAdqDYZXFSTV1nHY9Ol9A5+W8t5xwBXBryZCGWxERGr5AryKWPxd+qzjj+cFpx
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" corpus="false" id="94f6b457-9ac9-4d35-9b3f-78804173b65as" name="Example.com BIOS" patch="false" supplemental="false" tagId="94f6b457-9ac9-4d35-9b3f-78804173b65as" tagVersion="0" version="01" versionScheme="multipartnumeric" xml:lang="en">
|
||||
<Entity name="Example Inc" regid="http://Example.com" role="softwareCreator tagCreator"/>
|
||||
<Link href="https://Example.com/support/ProductA/firmware/installfiles" rel="installationmedia"/>
|
||||
<Meta xmlns:n8060="http://csrc.nist.gov/ns/swid/2015-extensions/1.0" xmlns:rim="https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model" n8060:colloquialVersion="Firmware_2019" n8060:edition="12" n8060:product="ProductA" n8060:revision="r2" rim:PayloadType="direct" rim:bindingSpec="PC Client RIM" rim:bindingSpecVersion="1.2" rim:firmwareManufacturerId="00213022" rim:firmwareManufacturerStr="BIOSVendorA" rim:firmwareModel="A0" rim:firmwareVersion="12" rim:pcURIGlobal="https://Example.com/support/ProductA/" rim:pcURIlocal="/boot/tcg/manifest/switag/" rim:platformManufacturerId="00201234" rim:platformManufacturerStr="Example.com" rim:platformModel="ProductA" rim:platformVersion="01"/>
|
||||
@ -17,14 +17,14 @@
|
||||
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
||||
</Transforms>
|
||||
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<DigestValue>DJMc0n3VHHwU+F3HNpiY/l3EMcjRZAQOYlrjhD5v9qE=</DigestValue>
|
||||
<DigestValue>f3ulvid12X4b4EqgAQrriXwqvqlNd1GXoSf/wI+zf2A=</DigestValue>
|
||||
</Reference>
|
||||
</SignedInfo>
|
||||
<SignatureValue>ojJ6v8ToxLWWekCKmBoZ+Yg2V4MYMPbKB9FjDs/QG/AMP+LKjnb55Z7FSLhC8+CvvShKPAoS9mv1
|
||||
QepwI17NEqbfnC1U4WH0u578A3J6wiHMXIDnIQqKAAXb8v2c/wjMDArzFl8CXmDA7HUDIt+3C4VC
|
||||
tA598YY7o0Hf6hK5qO8oWGQxXUKfpUwvtGLxHpbDWYFuVSPa+uk6OTzutt/QyzTERzxyO9Le1i6K
|
||||
nrpzh4lgHn6EfGs6HR1ffdHQ069q0bE61zDx0VC18nK9DmszW6p6FlMzApiTVW/4PiVt+dSFeVGR
|
||||
9///OdtxcoBCeofDDFPRyO+s+kY1pXd92Q3nfg==</SignatureValue>
|
||||
<SignatureValue>GbvVCBhCDBa1Oz0HereVan1VzqFnkhQbG/QvYAtaPwWCpqtVqSTla0dvEW8LFKJtoLpE8ZQopshx
|
||||
se53rd9Z4aR2ok7VKfhtFV6LCNseyvmzWypqzCvLaG0net7EpMCixj8i0A5e4zaAEgt5Jqg1Acew
|
||||
hAY8XSnz9/e0EuzC3s9QlWSZHBtSvqlWUhsSVThf9KyHE3F/bwUGmEg6QdtREAr3c2jNK+LEN5MF
|
||||
hx64fG/WLRaAkw0lEWnBbjCdiB1ao+1G/c9yzxUQ82EriJdRBYjuRVmMlIOFRtYqe7oc5148pAAY
|
||||
qhol4MYlrmdjg9aW+2nv4KHHSDIhVgAAwRNJoQ==</SignatureValue>
|
||||
<KeyInfo>
|
||||
<X509Data>
|
||||
<X509SubjectName>CN=example.RIM.signer,OU=PCClient,O=Example,ST=VA,C=US</X509SubjectName>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user