Modify gateway class to insert a timestamp according to user selected format

2025-02-20 17:52:47 +00:00 · 2022-09-21 10:52:32 -04:00 · 2022-09-21 10:52:32 -04:00 · fcf59290fe
commit fcf59290fe
parent 464abbf156
2 changed files with 42 additions and 23 deletions
--- a/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagConstants.java
+++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagConstants.java
@ -71,6 +71,7 @@ public class SwidTagConstants {
    public static final String TPM_PCR_ASSERTION = "TPM_PCR_Assertion";
    public static final String SUPPORT_RIM_FORMAT_MISSING = "supportRIMFormat missing";
    public static final String SUPPORT_RIM_URI_GLOBAL = "supportRIMURIGlobal";
+    public static final String DATETIME = "dateTime";
    
    public static final String NIST_NS = "http://csrc.nist.gov/ns/swid/2015-extensions/1.0";
    public static final String TCG_NS =  "https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model";
@ -79,8 +80,8 @@ public class SwidTagConstants {
    
    public static final String N8060_PFX = "n8060";
    public static final String RIM_PFX = "rim";
-    public static final String RCF3161_PFX = "rcf3161";
-    public static final String RCF3339_PFX = "rcf3339";
+    public static final String RFC3161_PFX = "rcf3161";
+    public static final String RFC3339_PFX = "rcf3339";

    public static final QName _SHA256_HASH = new QName(
            "http://www.w3.org/2001/04/xmlenc#sha256", HASH, "SHA256");
@ -132,9 +133,6 @@ public class SwidTagConstants {
            NIST_NS, "envVarSuffix", N8060_PFX);
    public static final QName _N8060_PATHSEPARATOR = new QName(
            NIST_NS, "pathSeparator", N8060_PFX);
-/*
-    public static final QName = new QName();
-    public static final QName = new QName();
-*/
+
    public static final String CA_ISSUERS = "1.3.6.1.5.5.7.48.2";
 }
--- a/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
+++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
@ -552,22 +552,6 @@ public class SwidTagGateway {
                    null
            );

-            //Create TimeStamp element
-            Element timeStampElement = doc.createElement("TimeStamp");
-            /*
-            This line is for demonstration purposes only!
-            Must be replaced with a call to a trusted timestamp authority (TSA).
-             */
-            timeStampElement.setAttribute("dateTime", LocalDateTime.now().toString());
-
-            DOMStructure timestampObject = new DOMStructure(timeStampElement);
-            SignatureProperty signatureProperty = sigFactory.newSignatureProperty(
-                    Collections.singletonList(timestampObject), "RimSignature", "TST"
-            );
-            SignatureProperties signatureProperties = sigFactory.newSignatureProperties(
-                    Collections.singletonList(signatureProperty), null);
-            XMLObject xmlObject = sigFactory.newXMLObject(
-                    Collections.singletonList(signatureProperties), null,null,null);
            Reference timestampRef = sigFactory.newReference(
                    "#TST",
                    sigFactory.newDigestMethod(DigestMethod.SHA256, null)
@ -613,7 +597,7 @@ public class SwidTagGateway {
            XMLSignature signature = sigFactory.newXMLSignature(
                        signedInfo,
                        keyinfo,
-                        Collections.singletonList(xmlObject),
+                        Collections.singletonList(createXmlTimestamp(doc, sigFactory)),
                        "RimSignature",
                        null
            );
@ -638,4 +622,41 @@ public class SwidTagGateway {

        return doc;
    }
+
+    /**
+     * This method creates a timestamp element and populates it with data according to
+     * the RFC format set in timestampFormat.  The element is returned within an XMLObject.
+     * @param doc the Document representing the XML to be signed
+     * @param sigFactory the SignatureFactory object
+     * @return an XMLObject containing the timestamp element
+     */
+    private XMLObject createXmlTimestamp(Document doc, XMLSignatureFactory sigFactory) {
+        Element timeStampElement = doc.createElement("TimeStamp");
+        switch (timestampFormat) {
+            case "RFC3161":
+                timeStampElement.setAttributeNS("http://www.w3.org/2000/xmlns/",
+                        "xmlns:" + SwidTagConstants.RFC3161_PFX,
+                        SwidTagConstants.RFC3161_NS);
+                timeStampElement.setAttribute(SwidTagConstants.DATETIME,
+                        "Base64 blob here");
+                break;
+            case "RFC3339":
+                timeStampElement.setAttributeNS("http://www.w3.org/2000/xmlns/",
+                        "xmlns:" + SwidTagConstants.RFC3339_PFX,
+                        SwidTagConstants.RFC3339_NS);
+                timeStampElement.setAttribute(SwidTagConstants.DATETIME,
+                        LocalDateTime.now().toString());
+                break;
+        }
+        DOMStructure timestampObject = new DOMStructure(timeStampElement);
+        SignatureProperty signatureProperty = sigFactory.newSignatureProperty(
+                Collections.singletonList(timestampObject), "RimSignature", "TST"
+        );
+        SignatureProperties signatureProperties = sigFactory.newSignatureProperties(
+                Collections.singletonList(signatureProperty), null);
+        XMLObject xmlObject = sigFactory.newXMLObject(
+                Collections.singletonList(signatureProperties), null,null,null);
+
+        return xmlObject;
+    }
 }