Skip to content

Releases: nsacyber/HIRS

v3.0.0

23 Aug 15:49
@iadgovuser26 iadgovuser26
v3.0.0
f4b5503
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.0.0 Latest
Latest

Changes on this release

  • Rocky Linux versions 8 and 9 are supported
  • Red Hat Enterprise Linux versions 8 and 9 are supported
  • Ubuntu Linux versions 22 and 24 are supported
  • Windows 11 (provisioner) is supported
  • Support for TPM v1.2 is dropped
  • Support for CentOS 6 and CentOS 7 is dropped.
  • tcg_rim_tool supports the PC Client RIM version 1.1
  • tcg_eventlog_tool supports changes to the TPM Event Log specified in version 1.06 of the TCG PC Client Specific Platform Firmware Profile Specification
File SHA-256 Hash
HIRS_AttestationCA-3.0.0.1724434033.f4b55032.el8-2.x86_64.rpm ce65a1c0b46f65f4da7ac6992fbca10c21480e7c1bda08a448591b9b94c286c7
hirs-attestationca_3.0.0.1724435123.f4b55032.el8-2_amd64.deb fd1e2e551b3550d0e2d3e28e40496654098150ff0fa7450c023e7c6af45d2c9e
tcg-rim-tool-3.0.0.1724434033.f4b55032.el8-1.x86_64.rpm a6039dbe858b8c936b84f744365daf8c36e779300a9e441e25c68228d887f1d5
tcg-rim-tool_3.0.0.1724435123.f4b55032.el8-1_amd64.deb 541f48e2cdecee90d6dd36d2701ccb1cd5778c990c8dc9afcc9d857f301e3590
tcg-eventlog-tool-3.0.0.1724434033.f4b55032.el8-1.x86_64.rpm fdecd5e9bbc2b833bbacc0ad4284be1449e22a63eae966327f753e463dfce7ec
tcg-eventlog-tool_3.0.0.1724446443.de49bdc2.el8-1_amd64.deb 8100439cb98d26edd1c88414cd492bd8cfcdb1c3532959093704cc386bec4abd
HIRS_Provisioner.NET.3.0.1.linux-x64.rpm cf6b833eb2405846e04779841e4dce534cee54da64acb89fd9f35dc4c91881e0
HIRS_Provisioner.NET.3.0.1.linux-x64.deb bc6e843a483f65e4ac88554d31f25efd97983e76c7d848d6bbbea3197b7d40f0
HIRS_Provisioner.NET.3.0.0.msi 7d187d9584318807ee2ef5d030bd3dd71dd939555f53c053b4cb1297974876dd
Assets 12
Loading
0 Join discussion

v2.2.0

19 Oct 17:32
@iadgovuser26 iadgovuser26
v2.2.0
2240ad4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.2.0 Pre-release
Pre-release

Version 2.2.0 introduces the HIRS_Provisioner.NET. The HIRS_Provisioner.NET is a C# implementation of the HIRS Provisioner designed to be a replacement for the HIRS_ProvisionerTPM2. The HIRS_Provisioner.NET can be packaged for Windows as well as most Linux distributions. This portability will support a wider set of scenarios and products. See the HIRS_Provisioner.NET README.md for details.

An ACA Docker image is now automatically created for each release. See the packages page

HIRS ACA Updates:

  • RIM Database page was added to search and view all RIM supplied Events into the ACAs database.
  • Added an ACA policy option to ignore OS events if on FW Validation is required.
  • FIM Assertions were enabled on the Platform Certificate details page
  • RIM uploads modified to use platformManufacturerStr and platformModel from the Base RIM (swidtag to match the against provisioning request

TCG RIM TOOL Updates:

  • Support for PEM formatted Keys and Certificates added
  • Added capability to add timestamps
  • Use of the default keystore must be implicitly stated
  • Added a xml_dsig_tool to provide an alternate means to validate the signature on the tcg_rim_tool
  • Fixed install issue when installed on same device as the ACA
  • Support added for nested RIMS
  • Support added for multiple signatures
  • Meta attributes colloquialVersion, edition, product, and revision are now optional
File Sha256 Hash
HIRS_AttestationCA-2.2.0-1697728139.242610.el7.noarch.rpm 368979f085d27a6202021fff678cf4c05488f03ec15c40e3cff590055a329715
tcg_rim_tool-2.2.0-1697728139.242610.x86_64.rpm bd45ac05f931cf1734422e04c226702788b41ee2027f7bb535080ba6b2e53e4c
tcg_eventlog_tool-2.2.0-2426109.x86_64.rpm d7f0cc8860915dc84e5eab41d2c2a35b2f93f4f57de753613f5c7f10cce4bd7
HIRS_Provisioner.NET.2.2.0.linux-x64.deb 2072efaaf36614e3ccafa6e23e5419807497c0a0e00c2c27e423cc3484d1ac4b
HIRS_Provisioner.NET.2.2.0.linux-x64.rpm 26a07f471490c7028ceb29d975023f7a54b7007f734abe0831df37ea3b661c15
HIRS_Provisioner.NET.2.2.0.msi fb034db57806f3c8e7a60d2294e8d20b395c4ffb0ca16bfe94b64163f988f4a3
Assets 8
Loading

v.2.1.3.Beta

06 Sep 21:51
@iadgovuser26 iadgovuser26
v2.1.3.Beta
aca7bbc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v.2.1.3.Beta Pre-release
Pre-release

This is a test release, intended to test a Github action to produce an ACA docker image. If successful an ACA test image will be posted to the package link on the right hand side of the main HIRS Github page.

There are no RPMs for this release.

Assets 2
Loading

v2.1.2

15 Feb 20:47
@iadgovuser26 iadgovuser26
v2.1.2
4e7f451
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.1.2

Several small fixes:

  • Updates database parameters for larger data sizes when using reference manifests from different operating systems.
  • Fixes an issue with yum/rpm update removing the tcg_boot.properties file.
Centos 7
HIRS_AttestationCA-2.1.2-1644956897.4e7f45.el7.noarch.rpm            a913d42f8004433b235c6e078eec9fb35bd8240aa662e4f071807d74523feab1
HIRS_Provisioner_TPM_1_2-2.1.2-1644956897.4e7f45.el7.noarch.rpm      99ff9695334304490928a393e437d1554c221b6cbbb14aa061ca8ebd1a4414c5
HIRS_Provisioner_TPM_2_0-2.1.2-1644956897.4e7f45.el7.x86_64.rpm      32f6bb60fcc0a893db715664b6484e7c94a100c2349a1c60e70189ad28418868
     
Centos 6
HIRS_Provisioner_TPM_1_2-2.1.2-1644956897.4e7f45.el6.noarch.rpm      ce72ef510f5d93e9af4c47ef1563da3f99398b895b450409d270aa9740387689
HIRS_AttestationCA-2.1.2-1644956897.4e7f45.el6.noarch.rpm            87651367f835b286e7afca40929ba9267f07813b6626f3a4ef80a0f22edeb44e
tpm_module-2.1.2-1644956897.4e7f45.x86_64.rpm                        5c20aefd09ffdd8fa87fd9970d8e491410ee711f724d2ef514668303348cb311
Assets 8
Loading

v2.1.1

13 Jan 16:00
@iadgovuser26 iadgovuser26
v2.1.1
119f77a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.1.1

This release includes gradle's recommended updates to log4j to address CVE-2021-44228.

Centos 7
HIRS_AttestationCA-2.1.1-1642089524.119f77.el7.noarch.rpm             5c4a2374ceaef04cb91334016402d91101ddb6014dee735ed63f74ddd76578a5    
HIRS_Provisioner_TPM_1_2-2.1.1-1642089524.119f77.el7.noarch.rpm       048eab7b2f29f74a9962bd494116c9836666e70d94baba2a69b61ab64219a012
HIRS_Provisioner_TPM_2_0-2.1.1-1642089524.119f77.el7.x86_64.rpm       d57e60a7af8b12224764a7a27614a440fa862dd6bb69faa3b1a7e3a82ff9266f
tcg_rim_tool-2.1.0-1.el7.x86_64.rpm                                   eec6d9336830e5efb4d52f2cf4771284d21048e293e4c714befc7009faf418ea
tcg_eventlog_tool-2.1.1-1.i386.rpm                                    429c886e4034584a804e22efcf22e6593953835eff8ea42a98647b395db9ccf6        

Centos 6
HIRS_AttestationCA-2.1.1-1642089524.119f77.el6.noarch.rpm             9748f8940cca465802e625bd6f32ccf050b6410422bc66228ffafeb5c3e3e606         
HIRS_Provisioner_TPM_1_2-2.1.1-1642089524.119f77.el6.noarch.rpm       b9cfa8d42a0c2c095fc894cca2175a1f1fdce622b445b1b86b07a736f745d2aa 
tpm_module-2.1.1-1642089524.119f77.x86_64.rpm                         e001669736336db38d9f45dee223629af836aa4fe2baba8dc4433216f00065a2
Assets 10
Loading

v2.1.0

30 Aug 19:00
@iadgovuser26 iadgovuser26
v2.1.0
744aeab
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.1.0

Release 2.1.0 adds support for supplemental PC Client Reference Integrity Manifests (RIMs) to support System Integrator and Value Added Reseller scenarios for the firmware validation capability of the HIRS ACA.

Other updates:

  • Certificate Validation has been updated to validate the entire certificate path of the issuer.
  • RIM upload validates RIM signatures and support RIM hashes, parse support RIM files (event logs), and adds individual events to a RIM Database.
  • Downloadable Validation Report added to the Validation report page. Supports CSV and Json formats.
  • Updated TCG Event Log data in Support RIM display
  • Firmware link on Validation Report page now links to event log sent by the provisioner.
  • Ignore GPT PCRs Entry policy added to Policy page to account for GPT events that may contain unique partition table guids in a Support RIM.
  • The tcg_rim_tool has added Certificate Issuer checking to its validation capability.
SHA256 checksums:

Centos 7
HIRS_AttestationCA-2.1.0-1630344582.744aea.el7.noarch.rpm         8499a81e27a6c86bab031ba7dad1e0f1586de1a6b4fc2c5493380c446e16ef8b 
HIRS_Provisioner_TPM_1_2-2.1.0-1630344582.744aea.el7.noarch.rpm   db0ae2ed0fdb06dd5574c2ae4deffa9da77cebcacae05f1cf2866f68091127ae
HIRS_Provisioner_TPM_2_0-2.1.0-1630344582.744aea.el7.x86_64.rpm   e03aea3c44996c17b41e96239b48e7e17e22db8dbadd273eb01bdce87931fac8
tcg_rim_tool-2.1.0-1.el7.x86_64.rpm                               2344bee24bfb64951664a573b273f8afde6434d11d9e5e368f0315a34e2aafdb
tcg_eventlog_tool-2.1.0-1.i386.rpm                                83ee1e7a73daaaa2b9fcb1e0994ec04fdd1715e66d6e0b14d4e6938f3620a7f9

Centos 6
HIRS_AttestationCA-2.1.0-1630344582.744aea.el6.noarch.rpm         e804f37e385b17a8526cc5cf149d0ee847eec4606505ae2037dacd9f830300b5
HIRS_Provisioner_TPM_1_2-2.1.0-1630344582.744aea.el6.noarch.rpm   a1d3423aee1f5f6dcaf86cf5ef872eee3c340e6d6e4ba0c9a511caa9ce48225f
tpm_module-2.1.0-1630344582.744aea.x86_64.rpm                     07c904b8385eb6fce3c97ea9f094b75caa9f902e2e24dfa119fbecc89c326bee
Assets 10
Loading

v2.0.5.Beta

24 May 19:21
@iadgovuser26 iadgovuser26
v2.0.5.Beta
03c4f1b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.0.5.Beta Pre-release
Pre-release

Added ability to to download json version of a Validation Report.

Assets 2
Loading

v2.0.4.Beta

13 May 21:36
@iadgovuser26 iadgovuser26
v2.0.4.Beta
88d2de5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.0.4.Beta Pre-release
Pre-release

Added new options for csv report download.
download_validation_reports.sh how has a -h option.

Assets 3
Loading

V2.0.3 Beta

21 Apr 17:23
@iadgovuser26 iadgovuser26
v2.0.3.Beta
af9f7da
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.0.3 Beta Pre-release
Pre-release

Adds support for processing additional certificate algorithms.

Package                                                            SHA256SUM
HIRS_AttestationCA-2.0.3-1619025636.af9f7d.el7.noarch.rpm          8d92cf9527b9e97197ba46b38130e841cf49b978119f2e46120aa23932ac3b5e
HIRS_Provisioner_TPM_2_0-2.0.3-1619025636.af9f7d.el7.x86_64.rpm    d7542a7d596ad318113816c1a959cdf9aa212b639b8f91ab2ebcd624faf476d1
Assets 4
Loading

V2.0.1 Beta

10 Feb 15:59
@iadgovuser26 iadgovuser26
V2.0.1-Beta
2b5c4ae
Compare
Choose a tag to compare
V2.0.1 Beta Pre-release
Pre-release

Beta Capability for this release:

  • Reference Integrity Manifest updates
    • Updated TCG Event Log data in Support RIM display
    • Event Summary for Support RIM files
    • Added signature verification indication for Base RIM and the support RIM File Hash
  • Platform Certificates
    • Added component failure highlighting to Platform Cert page after component verification failure.
    • Added extra validation checks to delta Platoform Certificates
  • Added a Validation Report download with CSV formatting for spreadsheet import.
Assets 8
Loading