ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-30 09:49:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

WIP: register id attribute for SoftwareIdentity

Browse Source
This commit is contained in:
chubtub 2023-03-21 02:05:40 -04:00
parent 76d99fa765
commit edf9f6afa0
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
View File

@ -79,6 +79,7 @@ import java.util.Base64;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.UUID;
/** /**
@ -317,6 +318,7 @@ public class SwidTagGateway {
if (!tagId.isEmpty()) { if (!tagId.isEmpty()) {
swidTag.setTagId(tagId); swidTag.setTagId(tagId);
} }
swidTag.getOtherAttributes().put(new QName("id"), tagId);
swidTag.setTagVersion(new BigInteger( swidTag.setTagVersion(new BigInteger(
jsonObject.getString(SwidTagConstants.TAGVERSION, "0"))); jsonObject.getString(SwidTagConstants.TAGVERSION, "0")));
swidTag.setVersion(jsonObject.getString(SwidTagConstants.VERSION, "0.0")); swidTag.setVersion(jsonObject.getString(SwidTagConstants.VERSION, "0.0"));
@ -579,7 +581,7 @@ public class SwidTagGateway {
} }
//Parse SoftwareIdentity id //Parse SoftwareIdentity id
String tagId = ""; String softwareIdentityId = "";
Document swidTag = null; Document swidTag = null;
Element softwareIdentity = null; Element softwareIdentity = null;
try { try {
@ -588,8 +590,8 @@ public class SwidTagGateway {
swidTag = db.parse(new InputSource(new StringReader(xmlToSign))); swidTag = db.parse(new InputSource(new StringReader(xmlToSign)));
softwareIdentity = (Element) swidTag.getElementsByTagName( softwareIdentity = (Element) swidTag.getElementsByTagName(
SwidTagConstants.SOFTWARE_IDENTITY).item(0); SwidTagConstants.SOFTWARE_IDENTITY).item(0);
tagId = softwareIdentity.getAttributes() softwareIdentityId = softwareIdentity.getAttributes()
.getNamedItem(SwidTagConstants.TAGID).getNodeValue(); .getNamedItem("id").getNodeValue();
//How to sign without an Id attribute? //How to sign without an Id attribute?
} catch (ParserConfigurationException e) { } catch (ParserConfigurationException e) {
System.out.println("Error instantiating DocumentBuilder object: " + e.getMessage()); System.out.println("Error instantiating DocumentBuilder object: " + e.getMessage());
@ -599,14 +601,14 @@ public class SwidTagGateway {
} }
//Create signature with a reference to SoftwareIdentity id //Create signature with a reference to SoftwareIdentity id
System.out.println("Referencing SoftwareIdentity with tagID " + tagId); System.out.println("Referencing SoftwareIdentity with id " + softwareIdentityId);
Document detachedSignature = null; Document detachedSignature = null;
try { try {
XMLSignatureFactory sigFactory = XMLSignatureFactory.getInstance("DOM"); XMLSignatureFactory sigFactory = XMLSignatureFactory.getInstance("DOM");
//Use xpath to select SoftwareIdentity //Use xpath to select SoftwareIdentity
XPathFilterParameterSpec xPathParams = new XPathFilterParameterSpec("/SoftwareIdentity"); XPathFilterParameterSpec xPathParams = new XPathFilterParameterSpec("/SoftwareIdentity");
//ref must be distinguished from existing <Reference URI=""> //ref must be distinguished from existing <Reference URI="">
Reference ref = sigFactory.newReference("#" + tagId, Reference ref = sigFactory.newReference("#" + softwareIdentityId,
sigFactory.newDigestMethod(DigestMethod.SHA256, null), sigFactory.newDigestMethod(DigestMethod.SHA256, null),
Collections.singletonList(sigFactory.newTransform(Transform.XPATH, xPathParams)), Collections.singletonList(sigFactory.newTransform(Transform.XPATH, xPathParams)),
null, null); null, null);
@ -648,6 +650,7 @@ public class SwidTagGateway {
detachedSignature.appendChild(detachedSignature.createElement("root")); detachedSignature.appendChild(detachedSignature.createElement("root"));
DOMSignContext context = new DOMSignContext(privateKey, DOMSignContext context = new DOMSignContext(privateKey,
detachedSignature.getDocumentElement()); detachedSignature.getDocumentElement());
context.setIdAttributeNS(softwareIdentity, null, "id");
XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyinfo); XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyinfo);
signature.sign(context); signature.sign(context);
System.out.println("Detached signature: " + detachedSignature); System.out.println("Detached signature: " + detachedSignature);