The swidGenerator Tool¶
- Table of contents
- The swidGenerator Tool
swidGenerator is an open source Python-based tool written by the HSR students Danilo Bargen, Christian Fässler and Jonas Furrer which is able to generate the new ISO/IEC 19770-2:2014 Software Identification (SWID) tag format for all installed software packages managed by the Linux dpkg and rpm package managers.
Installation¶
Download¶
Download the latest swidGenerator tarball from https://github.com/strongswan/swidGenerator/archive/master.zip and unpack the archive with the command
unzip swidGenerator-master.zip
Required Packages under Debian, Ubuntu, Fedora or RedHat Enterprise Linux¶
Make sure that the python and python-setuptools are present on your system. Otherwise install them with
sudo apt-get install python python-setuptools
Installation¶
Change into the unpacked archive and execute the command
sudo python setup.py install
and the swid_generator executable program usually installed in /usr/local/bin becomes available.
Usage¶
Generate Software IDs¶
The command
swid_generator software-id
creates a list of Unique Software Identifications of the form
regid.2004-03.org.strongswan_debian_7.4-x86_64-acpi-support-base-0.140-5 regid.2004-03.org.strongswan_debian_7.4-x86_64-acpid-1:2.0.16-1+deb7u1 regid.2004-03.org.strongswan_debian_7.4-x86_64-adduser-3.113+nmu3 regid.2004-03.org.strongswan_debian_7.4-x86_64-apache2-2.2.22-13+deb7u1 ... regid.2004-03.org.strongswan_debian_7.4-x86_64-xz-utils-5.1.1alpha+20120614-2 regid.2004-03.org.strongswan_debian_7.4-x86_64-zlib1g-1:1.2.7.dfsg-13 regid.2004-03.org.strongswan_debian_7.4-x86_64-zlib1g-dev-1:1.2.7.dfsg-13
By default the regid.2004-03.org.strongswan regid is used as the tagcreator.
With the --regid <tagcreator> option an arbitrary regid can be configured
swid_generator software-id --regid regid.1999-03.org.debian
which generates the list
regid.1999-03.org.debian_debian_7.4-x86_64-acpi-support-base-0.140-5 regid.1999-03.org.debian_debian_7.4-x86_64-acpid-1:2.0.16-1+deb7u1 ... regid.1999-03.org.debian_debian_7.4-x86_64-zlib1g-1:1.2.7.dfsg-13 regid.1999-03.org.debian_debian_7.4-x86_64-zlib1g-dev-1:1.2.7.dfsg-13
The --doc-separator <separator string> option allows to define a single character or a character string separating the individual Software IDs.
- swid_generator software-id --doc-separator '@'
regid.2004-03.org.strongswan_debian_7.4-x86_64-acpi-support-base-0.140-5@regid.2004-03.org.strongswan_debian_7.4-x86_64-acpid-1:2.0.16-1+deb7u1@...
- swid_generator software-id --doc-separator '::'
regid.2004-03.org.strongswan_debian_7.4-x86_64-acpi-support-base-0.140-5::regid.2004-03.org.strongswan_debian_7.4-x86_64-acpid-1:2.0.16-1+deb7u1::...
- swid_generator software-id --doc-separator $'\n' (which is the default)
regid.2004-03.org.strongswan_debian_7.4-x86_64-acpi-support-base-0.140-5 regid.2004-03.org.strongswan_debian_7.4-x86_64-acpid-1:2.0.16-1+deb7u1 ...
Generate SWID Tags¶
The simple command
swid_generator swid
generates SWID tags for all installed packages
<?xml version='1.0' encoding='UTF-8'?><SoftwareIdentity name="account-plugin-aim" uniqueId="Ubuntu_13.10-x86_64-account-plugin-aim-3.8.4-1ubuntu2" version="3.8.4-1ubuntu2" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"><Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator" /></SoftwareIdentity> <?xml version='1.0' encoding='UTF-8'?><SoftwareIdentity name="account-plugin-facebook" uniqueId="Ubuntu_13.10-x86_64-account-plugin-facebook-0.11+13.10.20130802-0ubuntu1" version="0.11+13.10.20130802-0ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"><Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator" /></SoftwareIdentity> ... <?xml version='1.0' encoding='UTF-8'?><SoftwareIdentity name="zlib1g" uniqueId="Ubuntu_13.10-x86_64-zlib1g-1:1.2.8.dfsg-1ubuntu1" version="1:1.2.8.dfsg-1ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"><Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator" /></SoftwareIdentity> <?xml version='1.0' encoding='UTF-8'?><SoftwareIdentity name="zlib1g-dev" uniqueId="Ubuntu_13.10-x86_64-zlib1g-dev-1:1.2.8.dfsg-1ubuntu1" version="1:1.2.8.dfsg-1ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"><Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator" /></SoftwareIdentity>
With the following --doc-separator option
swid_generator swid --doc-separator $'\n\n'
an extra empty line separating the tags is inserted
<?xml version='1.0' encoding='UTF-8'?><SoftwareIdentity name="account-plugin-aim" uniqueId="Ubuntu_13.10-x86_64-account-plugin-aim-3.8.4-1ubuntu2" version="3.8.4-1ubuntu2" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"><Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator" /></SoftwareIdentity> <?xml version='1.0' encoding='UTF-8'?><SoftwareIdentity name="account-plugin-facebook" uniqueId="Ubuntu_13.10-x86_64-account-plugin-facebook-0.11+13.10.20130802-0ubuntu1" version="0.11+13.10.20130802-0ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"><Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator" /></SoftwareIdentity> ... <?xml version='1.0' encoding='UTF-8'?><SoftwareIdentity name="zlib1g" uniqueId="Ubuntu_13.10-x86_64-zlib1g-1:1.2.8.dfsg-1ubuntu1" version="1:1.2.8.dfsg-1ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"><Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator" /></SoftwareIdentity> <?xml version='1.0' encoding='UTF-8'?><SoftwareIdentity name="zlib1g-dev" uniqueId="Ubuntu_13.10-x86_64-zlib1g-dev-1:1.2.8.dfsg-1ubuntu1" version="1:1.2.8.dfsg-1ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"><Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator" /></SoftwareIdentity>
Manual inspection of the SWID tags is facilitated by applying the pretty print option
swid_generator swid --pretty
which generates
<?xml version="1.0" encoding="UTF-8"?> <SoftwareIdentity name="account-plugin-aim" uniqueId="Ubuntu_13.10-x86_64-account-plugin-aim-3.8.4-1ubuntu2" version="3.8.4-1ubuntu2" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"> <Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator"/> </SoftwareIdentity> <?xml version="1.0" encoding="UTF-8"?> <SoftwareIdentity name="account-plugin-facebook" uniqueId="Ubuntu_13.10-x86_64-account-plugin-facebook-0.11+13.10.20130802-0ubuntu1" version="0.11+13.10.20130802-0ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"> <Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator"/> </SoftwareIdentity> ... <?xml version="1.0" encoding="UTF-8"?> <SoftwareIdentity name="zlib1g" uniqueId="Ubuntu_13.10-x86_64-zlib1g-1:1.2.8.dfsg-1ubuntu1" version="1:1.2.8.dfsg-1ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"> <Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator"/> </SoftwareIdentity> <?xml version="1.0" encoding="UTF-8"?> <SoftwareIdentity name="zlib1g-dev" uniqueId="Ubuntu_13.10-x86_64-zlib1g-dev-1:1.2.8.dfsg-1ubuntu1" version="1:1.2.8.dfsg-1ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"> <Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator"/> </SoftwareIdentity>
For the last example the output of the dpkg package manager on an Ubuntu 13.10 platform was used.
The --entity-name and --regid options
swid_generator swid --pretty --entity-name "Canonical" --regid regid.2004-05.com.ubuntu
can be used to modify the contents of the tagcreator entity:
<?xml version="1.0" encoding="UTF-8"?> <SoftwareIdentity name="account-plugin-aim" uniqueId="Ubuntu_13.10-x86_64-account-plugin-aim-3.8.4-1ubuntu2" version="3.8.4-1ubuntu2" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"> <Entity name="Canonical" regid="regid.2004-05.com.ubuntu" role="tagcreator"/> </SoftwareIdentity> ... <?xml version="1.0" encoding="UTF-8"?> <SoftwareIdentity name="zlib1g-dev" uniqueId="Ubuntu_13.10-x86_64-zlib1g-dev-1:1.2.8.dfsg-1ubuntu1" version="1:1.2.8.dfsg-1ubuntu1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"> <Entity name="Canonical" regid="regid.2004-05.com.ubuntu" role="tagcreator"/> </SoftwareIdentity>
Targeted Requests¶
With the --match <unique software id> option
swid_generator swid --pretty --match regid.2004-03.org.strongswan_Ubuntu_13.10-x86_64-firefox-28.0+build2-0ubuntu0.13.10.1
the SWID tag for a given Software ID can be retrieved:
<?xml version="1.0" encoding="UTF-8"?> <SoftwareIdentity name="firefox" uniqueId="Ubuntu_13.10-x86_64-firefox-28.0+build2-0ubuntu0.13.10.1" version="28.0+build2-0ubuntu0.13.10.1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd"> <Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator"/> </SoftwareIdentity>
The --full option generates the full information about a software package
swid_generator swid --pretty --full --match regid.2004-03.org.strongswan_Ubuntu_13.10-x86_64-firefox-28.0+build2-0ubuntu0.13.10.1
which currently consists of a list of all files installed by the package
<?xml version="1.0" encoding="UTF-8"?>
<SoftwareIdentity name="firefox" uniqueId="Ubuntu_13.10-x86_64-firefox-28.0+build2-0ubuntu0.13.10.1" version="28.0+build2-0ubuntu0.13.10.1" versionScheme="alphanumeric" xmlns="http://standards.iso.org/iso/19770/-2/2014/schema.xsd">
<Entity name="strongSwan" regid="regid.2004-03.org.strongswan" role="tagcreator"/>
<Payload>
<File location="/etc/apparmor.d" name="usr.bin.firefox"/>
<File location="/etc/apport/native-origins.d" name="firefox"/>
<File location="/etc/apport/blacklist.d" name="firefox"/>
<File location="/etc/firefox" name="syspref.js"/>
<File location="/usr/share/apport/package-hooks" name="source_firefox.py"/>
<File location="/usr/share/man/man1" name="firefox.1.gz"/>
<File location="/usr/share/doc/firefox" name="MPL.gz"/>
<File location="/usr/share/doc/firefox" name="README.Debian"/>
<File location="/usr/share/doc/firefox" name="copyright"/>
<File location="/usr/share/doc/firefox" name="changelog.Debian.gz"/>
<File location="/usr/share/applications" name="firefox.desktop"/>
<File location="/usr/share/lintian/overrides" name="firefox"/>
<File location="/usr/lib/firefox-addons/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}" name="install.rdf"/>
<File location="/usr/lib/firefox-addons/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}" name="icon.png"/>
<File location="/usr/lib/firefox" name="crashreporter"/>
<File location="/usr/lib/firefox/browser" name="blocklist.xml"/>
<File location="/usr/lib/firefox/browser" name="chrome.manifest"/>
<File location="/usr/lib/firefox/browser/defaults/preferences" name="vendor-firefox.js"/>
<File location="/usr/lib/firefox/browser" name="omni.ja"/>
<File location="/usr/lib/firefox/browser/chrome/icons/default" name="default32.png"/>
<File location="/usr/lib/firefox/browser/chrome/icons/default" name="default48.png"/>
<File location="/usr/lib/firefox/browser/chrome/icons/default" name="default16.png"/>
<File location="/usr/lib/firefox/browser/components" name="libbrowsercomps.so"/>
<File location="/usr/lib/firefox/browser/components" name="components.manifest"/>
<File location="/usr/lib/firefox/browser/icons" name="mozicon128.png"/>
<File location="/usr/lib/firefox" name="crashreporter.ini"/>
<File location="/usr/lib/firefox" name="libplds4.so"/>
<File location="/usr/lib/firefox" name="libfreebl3.chk"/>
<File location="/usr/lib/firefox" name="libsoftokn3.chk"/>
<File location="/usr/lib/firefox" name="firefox.sh"/>
<File location="/usr/lib/firefox" name="application.ini"/>
<File location="/usr/lib/firefox" name="libnssdbm3.so"/>
<File location="/usr/lib/firefox/webapprt/defaults/preferences" name="vendor-webapprt.js"/>
<File location="/usr/lib/firefox/webapprt" name="webapprt.ini"/>
<File location="/usr/lib/firefox/webapprt" name="omni.ja"/>
<File location="/usr/lib/firefox" name="libplc4.so"/>
<File location="/usr/lib/firefox" name="chrome.manifest"/>
<File location="/usr/lib/firefox" name="libfreebl3.so"/>
<File location="/usr/lib/firefox" name="webapprt-stub"/>
<File location="/usr/lib/firefox/defaults/pref" name="vendor-gre.js"/>
<File location="/usr/lib/firefox/defaults/pref" name="channel-prefs.js"/>
<File location="/usr/lib/firefox" name="libmozalloc.so"/>
<File location="/usr/lib/firefox" name="libnss3.so"/>
<File location="/usr/lib/firefox" name="dependentlibs.list"/>
<File location="/usr/lib/firefox/distribution" name="distribution.ini"/>
<File location="/usr/lib/firefox/distribution/searchplugins/locale/en-US" name="eBay.xml"/>
<File location="/usr/lib/firefox/distribution/searchplugins/locale/en-US" name="duckduckgo.xml"/>
<File location="/usr/lib/firefox/distribution/searchplugins/locale/en-US" name="bing.xml"/>
<File location="/usr/lib/firefox/distribution/searchplugins/locale/en-US" name="yahoo.xml"/>
<File location="/usr/lib/firefox/distribution/searchplugins/locale/en-US" name="twitter.xml"/>
<File location="/usr/lib/firefox/distribution/searchplugins/locale/en-US" name="google.xml"/>
<File location="/usr/lib/firefox/distribution/searchplugins/locale/en-US" name="amazondotcom.xml"/>
<File location="/usr/lib/firefox/distribution/searchplugins/locale/en-US" name="wikipedia.xml"/>
<File location="/usr/lib/firefox" name="libnssdbm3.chk"/>
<File location="/usr/lib/firefox" name="libnssckbi.so"/>
<File location="/usr/lib/firefox" name="libsoftokn3.so"/>
<File location="/usr/lib/firefox" name="platform.ini"/>
<File location="/usr/lib/firefox" name="libnssutil3.so"/>
<File location="/usr/lib/firefox" name="omni.ja"/>
<File location="/usr/lib/firefox" name="libxul.so"/>
<File location="/usr/lib/firefox" name="plugin-container"/>
<File location="/usr/lib/firefox" name="libssl3.so"/>
<File location="/usr/lib/firefox" name="Throbber-small.gif"/>
<File location="/usr/lib/firefox" name="libnspr4.so"/>
<File location="/usr/lib/firefox" name="libmozsqlite3.so"/>
<File location="/usr/lib/firefox" name="firefox"/>
<File location="/usr/lib/firefox" name="libsmime3.so"/>
<File location="/usr/lib/firefox/components" name="components.manifest"/>
<File location="/usr/lib/firefox/components" name="libmozgnome.so"/>
<File location="/usr/lib/firefox/components" name="libdbusservice.so"/>
<File location="/usr/share/pixmaps" name="firefox.png"/>
<File location="/usr/lib/firefox/browser/defaults/preferences" name="syspref.js"/>
<File location="/usr/bin" name="firefox"/>
</Payload>
</SoftwareIdentity>