diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/Main.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/Main.java
index 4fccb799..c90b6b92 100644
--- a/tools/tcg_rim_tool/src/main/java/hirs/swid/Main.java
+++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/Main.java
@@ -83,7 +83,7 @@ public class Main {
}
if (commander.isRfc3161()) {
gateway.setTimestampFormat("RFC3161");
- } else {
+ } else if (commander.isRfc3339()) {
gateway.setTimestampFormat("RFC3339");
}
gateway.generateSwidTag(commander.getOutFile());
diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
index 83b7c756..481a61c6 100644
--- a/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
+++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
@@ -542,6 +542,8 @@ public class SwidTagGateway {
doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
marshaller.marshal(swidTag, doc);
XMLSignatureFactory sigFactory = XMLSignatureFactory.getInstance("DOM");
+ List xmlObjectList = null;
+ String signatureId = null;
Reference documentRef = sigFactory.newReference(
"",
@@ -552,13 +554,18 @@ public class SwidTagGateway {
null
);
- Reference timestampRef = sigFactory.newReference(
- "#TST",
- sigFactory.newDigestMethod(DigestMethod.SHA256, null)
- );
List refList = new ArrayList();
refList.add(documentRef);
- refList.add(timestampRef);
+
+ if (!timestampFormat.isEmpty()) {
+ Reference timestampRef = sigFactory.newReference(
+ "#TST",
+ sigFactory.newDigestMethod(DigestMethod.SHA256, null)
+ );
+ refList.add(timestampRef);
+ xmlObjectList = Collections.singletonList(createXmlTimestamp(doc, sigFactory));
+ signatureId = "RimSignature";
+ }
SignedInfo signedInfo = sigFactory.newSignedInfo(
sigFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null),
@@ -593,11 +600,11 @@ public class SwidTagGateway {
DOMSignContext context = new DOMSignContext(privateKey, doc.getDocumentElement());
XMLSignature signature = sigFactory.newXMLSignature(
- signedInfo,
- keyinfo,
- Collections.singletonList(createXmlTimestamp(doc, sigFactory)),
- "RimSignature",
- null
+ signedInfo,
+ keyinfo,
+ xmlObjectList,
+ signatureId,
+ null
);
signature.sign(context);
} catch (FileNotFoundException e) {
diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/utils/Commander.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/utils/Commander.java
index 9cf3d2d0..0dec9a9f 100644
--- a/tools/tcg_rim_tool/src/main/java/hirs/swid/utils/Commander.java
+++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/utils/Commander.java
@@ -138,7 +138,7 @@ public class Commander {
} else if (isRfc3339()) {
sb.append("Timestamp format: RFC3339");
} else {
- sb.append("Timestamp format: defaulting to RFC3339");
+ sb.append("No timestamp included");
}
return sb.toString();
}
diff --git a/tools/tcg_rim_tool/src/test/resources/generated_default_cert.swidtag b/tools/tcg_rim_tool/src/test/resources/generated_default_cert.swidtag
index 29193469..855718c1 100644
--- a/tools/tcg_rim_tool/src/test/resources/generated_default_cert.swidtag
+++ b/tools/tcg_rim_tool/src/test/resources/generated_default_cert.swidtag
@@ -2,7 +2,7 @@
-
+
@@ -17,14 +17,14 @@
- K3XoBeYvgJBAKl8z273sL7z38qLLVBKLfUPt/gPUzBI=
+ DJMc0n3VHHwU+F3HNpiY/l3EMcjRZAQOYlrjhD5v9qE=
- cIl1gPsUyEj2gDv3HTWNFDVxtcBjz4Revxxf2LJejtOXQW8mGepZH8CnvgO7zCAbZYlYUZXjYZ9M
-jONVv8dcsAjVHRnP6YHywFfmSm8LUCwxsfuZQqn5jClqzu5VaqLzBhuJYvCpiEdIDJwDINQuORUB
-nzul1CWc3Sm1Ms2wjlIq5ctWWJcddhdyIOjl8/oD4EC5E2rOSfNcRMZxldXtie9iinFGVbr0YNE+
-+lQ7hAU+SyV8RMx9tGnnsO8otwV4ddF+OfemcbzWGYBenLs3A8ZqWZyTvWphCgGqDUbOLssYciCC
-mnYm5QOeh4QcE9H2kqTgZvcyCgPL/hDC7xhyjQ==
+ ojJ6v8ToxLWWekCKmBoZ+Yg2V4MYMPbKB9FjDs/QG/AMP+LKjnb55Z7FSLhC8+CvvShKPAoS9mv1
+QepwI17NEqbfnC1U4WH0u578A3J6wiHMXIDnIQqKAAXb8v2c/wjMDArzFl8CXmDA7HUDIt+3C4VC
+tA598YY7o0Hf6hK5qO8oWGQxXUKfpUwvtGLxHpbDWYFuVSPa+uk6OTzutt/QyzTERzxyO9Le1i6K
+nrpzh4lgHn6EfGs6HR1ffdHQ069q0bE61zDx0VC18nK9DmszW6p6FlMzApiTVW/4PiVt+dSFeVGR
+9///OdtxcoBCeofDDFPRyO+s+kY1pXd92Q3nfg==
2fdeb8e7d030a2209daa01861a964fedecf2bcc1
diff --git a/tools/tcg_rim_tool/src/test/resources/generated_user_cert.swidtag b/tools/tcg_rim_tool/src/test/resources/generated_user_cert.swidtag
index 212a307f..eaf50f57 100644
--- a/tools/tcg_rim_tool/src/test/resources/generated_user_cert.swidtag
+++ b/tools/tcg_rim_tool/src/test/resources/generated_user_cert.swidtag
@@ -2,7 +2,7 @@
-
+
@@ -17,14 +17,14 @@
- K3XoBeYvgJBAKl8z273sL7z38qLLVBKLfUPt/gPUzBI=
+ DJMc0n3VHHwU+F3HNpiY/l3EMcjRZAQOYlrjhD5v9qE=
- cIl1gPsUyEj2gDv3HTWNFDVxtcBjz4Revxxf2LJejtOXQW8mGepZH8CnvgO7zCAbZYlYUZXjYZ9M
-jONVv8dcsAjVHRnP6YHywFfmSm8LUCwxsfuZQqn5jClqzu5VaqLzBhuJYvCpiEdIDJwDINQuORUB
-nzul1CWc3Sm1Ms2wjlIq5ctWWJcddhdyIOjl8/oD4EC5E2rOSfNcRMZxldXtie9iinFGVbr0YNE+
-+lQ7hAU+SyV8RMx9tGnnsO8otwV4ddF+OfemcbzWGYBenLs3A8ZqWZyTvWphCgGqDUbOLssYciCC
-mnYm5QOeh4QcE9H2kqTgZvcyCgPL/hDC7xhyjQ==
+ ojJ6v8ToxLWWekCKmBoZ+Yg2V4MYMPbKB9FjDs/QG/AMP+LKjnb55Z7FSLhC8+CvvShKPAoS9mv1
+QepwI17NEqbfnC1U4WH0u578A3J6wiHMXIDnIQqKAAXb8v2c/wjMDArzFl8CXmDA7HUDIt+3C4VC
+tA598YY7o0Hf6hK5qO8oWGQxXUKfpUwvtGLxHpbDWYFuVSPa+uk6OTzutt/QyzTERzxyO9Le1i6K
+nrpzh4lgHn6EfGs6HR1ffdHQ069q0bE61zDx0VC18nK9DmszW6p6FlMzApiTVW/4PiVt+dSFeVGR
+9///OdtxcoBCeofDDFPRyO+s+kY1pXd92Q3nfg==
diff --git a/tools/tcg_rim_tool/src/test/resources/generated_user_cert_embed.swidtag b/tools/tcg_rim_tool/src/test/resources/generated_user_cert_embed.swidtag
index f47230cf..5f0d13e5 100644
--- a/tools/tcg_rim_tool/src/test/resources/generated_user_cert_embed.swidtag
+++ b/tools/tcg_rim_tool/src/test/resources/generated_user_cert_embed.swidtag
@@ -2,7 +2,7 @@
-
+
@@ -17,14 +17,14 @@
- K3XoBeYvgJBAKl8z273sL7z38qLLVBKLfUPt/gPUzBI=
+ DJMc0n3VHHwU+F3HNpiY/l3EMcjRZAQOYlrjhD5v9qE=
- cIl1gPsUyEj2gDv3HTWNFDVxtcBjz4Revxxf2LJejtOXQW8mGepZH8CnvgO7zCAbZYlYUZXjYZ9M
-jONVv8dcsAjVHRnP6YHywFfmSm8LUCwxsfuZQqn5jClqzu5VaqLzBhuJYvCpiEdIDJwDINQuORUB
-nzul1CWc3Sm1Ms2wjlIq5ctWWJcddhdyIOjl8/oD4EC5E2rOSfNcRMZxldXtie9iinFGVbr0YNE+
-+lQ7hAU+SyV8RMx9tGnnsO8otwV4ddF+OfemcbzWGYBenLs3A8ZqWZyTvWphCgGqDUbOLssYciCC
-mnYm5QOeh4QcE9H2kqTgZvcyCgPL/hDC7xhyjQ==
+ ojJ6v8ToxLWWekCKmBoZ+Yg2V4MYMPbKB9FjDs/QG/AMP+LKjnb55Z7FSLhC8+CvvShKPAoS9mv1
+QepwI17NEqbfnC1U4WH0u578A3J6wiHMXIDnIQqKAAXb8v2c/wjMDArzFl8CXmDA7HUDIt+3C4VC
+tA598YY7o0Hf6hK5qO8oWGQxXUKfpUwvtGLxHpbDWYFuVSPa+uk6OTzutt/QyzTERzxyO9Le1i6K
+nrpzh4lgHn6EfGs6HR1ffdHQ069q0bE61zDx0VC18nK9DmszW6p6FlMzApiTVW/4PiVt+dSFeVGR
+9///OdtxcoBCeofDDFPRyO+s+kY1pXd92Q3nfg==
CN=example.RIM.signer,OU=PCClient,O=Example,ST=VA,C=US