DumpChainValidityTool

DumpChainValidityTool validates the signing certificate-chains associated with a SIS file and displays a unified list of capabilities that are supported by the validated chains.

Syntax

dumpchainvaliditytool [OPTIONS] <ARGS>

The following table lists the options supported by DumpChainValidityTool.

Options Description Usage

-v

Displays version of the tool.

dumpchainvaliditytool [-v]

-h

Displays help message

dumpchainvaliditytool [-h]

-i

Displays Open SSL licence.

dumpchainvaliditytool [-i]

-l

Displays a unified list of capabilities supported by all the validated chains.

dumpchainvaliditytool [-l] Signed_SIS_Input DAT_Input Directory

Important: You must specify the input arguments in the same order as shown in the preceding command line.

The following table lists the arguments to be specified with DumpChainValidityTool.

Arguments Description

SIS_Input

Specifies the name of the signed SIS file.

DAT_Input

Specifies the location of the swicerstore.dat file on the ROM (For example, Z:\resource\swicertstore.dat). Optional, if Directory is specified.

Directory

Specifies the location of the writable swicertstore.dat file (For example, c:\resource\swicertstore\dat\ ). Optional, if Dat_Input is provided.

Examples

The following examples illustrates the usage of DumpChainValidityTool:

  • To extract and display the signing chain inforrmation associated with a SIS file:

    dumpchainvaliditytool simple.sis swicertstore.dat

    This command displays the signing chain information of a SIS file, at the command prompt as shown in the following sample output:

    
    Signing Chain :
    Issued By : Root5-RSA
    Issued To : Good-R5
    Valid From : 03/03/2004
    Valid To : 01/03/2014
    
    
    Issued By : Root5-RSA
    Issued To : Root5-RSA
    Valid From : 03/03/2004
    Valid To : 01/03/2014
    
    
    is validated by Root5-RSA
    
    
    Signing Chain :
    Issued By : Root5-RSA
    Issued To : Mid-R5
    Valid From : 03/03/2004
    Valid To : 01/03/2014
    
    
    Issued By : Root5-RSA
    Issued To : Root5-RSA
    Valid From : 03/03/2004
    Valid To : 01/03/2014
    
    
    is validated by Root5-RSA.
  • To extract and display a unified list of capabilities:

    dumpchainvaliditytool -l simple.sis swicertstore.dat

    This command displays a unified list of capabilities along with the signing chain information as shown in the following sample output:

    Signing Chain :
    Issued By : Root5-RSA
    Issued To : Good-R5
    Valid From : 03/03/2004
    Valid To : 01/03/2014
    
    
    Issued By : Root5-RSA
    Issued To : Root5-RSA
    Valid From : 03/03/2004
    Valid To : 01/03/2014
    
    
    is validated by Root5-RSA
    
    
    Signing Chain :
    Issued By : Root5-RSA
    Issued To : Mid-R5
    Valid From : 03/03/2004
    Valid To : 01/03/2014
    
    
    Issued By : Root5-RSA
    Issued To : Root5-RSA
    Valid From : 03/03/2004
    Valid To : 01/03/2014
    
    
    is validated by Root5-RSA.
    
    Unified Capabilities List :
    
    TCB
    WriteDeviceData
    DRM
    TrustedUI
    AllFiles