Added support for RFC2315

This commit is contained in:
chubtub 2023-05-22 12:35:34 -04:00
parent c1dcd5cd23
commit ef44c8d970
4 changed files with 32 additions and 12 deletions

View File

@ -76,11 +76,13 @@ public class SwidTagConstants {
public static final String TCG_NS = "https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model";
public static final String RFC3852_NS = "https://www.ietf.org/rfc/rfc3852.txt";
public static final String RFC3339_NS = "https://www.ietf.org/rfc/rfc3339.txt";
public static final String RFC2315_NS = "https://www.ietf.org/rfc/rfc2315.txt";
public static final String N8060_PFX = "n8060";
public static final String RIM_PFX = "rim";
public static final String RFC3852_PFX = "rcf3852";
public static final String RFC3339_PFX = "rcf3339";
public static final String RFC2315_PFX = "rcf2315";
public static final QName _SHA256_HASH = new QName(
"http://www.w3.org/2001/04/xmlenc#sha256", HASH, "SHA256");

View File

@ -194,7 +194,7 @@ public class SwidTagGateway {
}
/**
* Setter for timestamp input - RFC3852 + file or RFC3339 + value
* Setter for timestamp input - RFC3852|RFC2315 + file or RFC3339 + value
*
* @param timestampArgument
*/
@ -786,6 +786,20 @@ public class SwidTagGateway {
private XMLObject createXmlTimestamp(Document doc, XMLSignatureFactory sigFactory) {
Element timeStampElement = doc.createElement("TimeStamp");
switch (timestampFormat.toUpperCase()) {
case "RFC2315":
try {
byte[] counterSignature = Base64.getEncoder().encode(
Files.readAllBytes(Paths.get(timestampArgument)));
timeStampElement.setAttributeNS("http://www.w3.org/2000/xmlns/",
"xmlns:" + SwidTagConstants.RFC2315_PFX,
SwidTagConstants.RFC2315_NS);
timeStampElement.setAttribute(SwidTagConstants.DATETIME,
new String(counterSignature));
} catch (IOException e) {
e.printStackTrace();
System.exit(1);
}
break;
case "RFC3852":
try {
byte[] counterSignature = Base64.getEncoder().encode(

View File

@ -54,7 +54,7 @@ public class Commander {
private String rimEventLog = "";
@Parameter(names = {"--timestamp"}, order = 11, variableArity = true,
description = "Add a timestamp to the signature. " +
"Currently only RFC3339 and RFC3852 are supported:\n" +
"Currently RFC3339, RFC3852, and RFC2315 (PKCS7) formats are supported:\n" +
"\tRFC3339 [yyyy-MM-ddThh:mm:ssZ]\n\tRFC3852 <counterSignature.bin>")
private List<String> timestampArguments = new ArrayList<String>(2);

View File

@ -14,7 +14,7 @@ public class TimestampArgumentValidator {
/**
* This class handles validation of the --timestamp commandline parameter.
* Currently only RFC3339 and RFC3852 formats are supported.
* Currently RFC3339, RFC3852, and RFC2315 (PKCS7) formats are supported.
*
* @param args list of arguments from command line
*/
@ -29,15 +29,17 @@ public class TimestampArgumentValidator {
*/
public boolean isValid() {
if (isExactlyOneFormat(args)) {
if (args.get(0).equalsIgnoreCase("RFC3852")) {
if (args.get(0).equalsIgnoreCase("RFC3852") ||
args.get(0).equalsIgnoreCase("RFC2315")) {
if (args.size() > 1) {
if (isRfc3852FileValid(args.get(1))) {
if (isCountersignatureFileValid(args.get(1))) {
return true;
} else {
return false;
}
} else if (args.size() == 1) {
System.out.println("Countersignature file is required for RFC3852 timestamps");
System.out.println("Countersignature file is required for " +
"RFC3852 and RFC2315 (PKCS7) timestamps");
return false;
}
} else if (args.get(0).equalsIgnoreCase("RFC3339")) {
@ -59,25 +61,26 @@ public class TimestampArgumentValidator {
}
/**
* This method ensures that exactly one of RFC3339 and RFC3852 are specified.
* This method ensures that exactly one format is specified.
*
* @param args list of command line arguments
* @return true if exactly one format is specified, false otherwise
*/
private boolean isExactlyOneFormat(List<String> args) {
Pattern pattern = Pattern.compile("(R|r)(F|f)(C|c)(3339|3852)");
Pattern pattern = Pattern.compile("(R|r)(F|f)(C|c)(3339|3852|2315)");
String format = args.get(0);
Matcher formatMatcher = pattern.matcher(format);
if (!formatMatcher.matches()) {
System.out.println("Invalid timestamp format specified, expected RFC3339 or RFC3852.");
System.out.println("Invalid timestamp format specified. " +
"Please choose from RFC3339, RFC3852, or RFC2315.");
return false;
}
if (args.size() == 2) {
String argument = args.get(1);
Matcher argumentMatcher = pattern.matcher(argument);
if (argumentMatcher.matches()) {
System.out.println("Exactly one timestamp format must be specified.");
System.out.println("Only one timestamp format may be specified at a time.");
return false;
}
}
@ -108,7 +111,7 @@ public class TimestampArgumentValidator {
* @param file the counter signature
* @return true if file exists and is valid, false otherwise
*/
private boolean isRfc3852FileValid(String file) {
private boolean isCountersignatureFileValid(String file) {
if (file != null && !file.isEmpty()) {
try {
Files.readAllBytes(Paths.get(file));
@ -117,7 +120,8 @@ public class TimestampArgumentValidator {
return false;
}
} else {
System.out.println("RFC3852 requires a filename input of the countersignature file.");
System.out.println("RFC3852 and RFC2315 (PKCS7) formats require " +
"a filename input of the countersignature file.");
return false;
}
return true;