From 07c7b52a640293bd0551c1d2501bfd3879817f44 Mon Sep 17 00:00:00 2001
From: iadgovuser58 <124906646+iadgovuser58@users.noreply.github.com>
Date: Fri, 5 Apr 2024 10:45:21 -0400
Subject: [PATCH] added files for EvEfiSpdmFirmwareBlob
---
.../hirs/utils/tpm/eventlog/TpmPcrEvent.java | 4 +
.../tpm/eventlog/events/EvConstants.java | 4 +
.../events/EvEfiSpdmFirmwareBlob.java | 92 +++++++++++++++++++
.../evDeviceSecurityEventDataHeader.java | 4 +
.../evDeviceSecurityEventDataPciContext.java | 4 +
5 files changed, 108 insertions(+)
create mode 100644 HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java
create mode 100644 HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/evDeviceSecurityEventDataHeader.java
create mode 100644 HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/evDeviceSecurityEventDataPciContext.java
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java
index 0f2c9cc5..d2f685ba 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java
@@ -374,6 +374,7 @@ public class TpmPcrEvent {
break;
case EvConstants.EV_EFI_HCRTM_EVENT:
break;
+ case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB:
default:
sb.append("Unknown Event found\n");
}
@@ -532,6 +533,7 @@ public class TpmPcrEvent {
case EvConstants.EV_EFI_VARIABLE_AUTHORITY:
description += "Event Content:\n" + new UefiVariable(content).toString();
break;
+ case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB:
default:
description += " Unknown Event found" + "\n";
}
@@ -609,6 +611,8 @@ public class TpmPcrEvent {
return "EV_EFI_HCRTM_EVENT";
} else if (event == EvConstants.EV_EFI_VARIABLE_AUTHORITY) {
return "EV_EFI_VARIABLE_AUTHORITY";
+ } else if (event == EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB) {
+ return "EV_EFI_SPDM_FIRMWARE_BLOB";
} else {
return "Unknown Event ID " + event + " encountered";
}
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvConstants.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvConstants.java
index 07d01ea2..aaf69776 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvConstants.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvConstants.java
@@ -163,4 +163,8 @@ public final class EvConstants {
* EFI Variable Authority Event ID.
*/
public static final int EV_EFI_VARIABLE_AUTHORITY = 0x800000E0;
+ /**
+ * EFI SPDM Firmware Blob Event ID.
+ */
+ public static final int EV_EFI_SPDM_FIRMWARE_BLOB = 0x800000E1;
}
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java
new file mode 100644
index 00000000..e9755ad1
--- /dev/null
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java
@@ -0,0 +1,92 @@
+package hirs.utils.tpm.eventlog.events;
+
+import hirs.utils.HexUtils;
+import hirs.utils.tpm.eventlog.TcgTpmtHa;
+import hirs.utils.tpm.eventlog.uefi.UefiConstants;
+import lombok.Getter;
+
+import java.io.UnsupportedEncodingException;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Class to process the EV_EFI_SPDM_FIRMWARE_BLOB event using structures:
+ * 1) DEVICE_SECURITY_EVENT_DATA_HEADER [ delete: TCG_EfiSpecIDEvent]
+ * 2) DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT
+ * DEVICE_SECURITY_EVENT_DATA_HEADER
+ * The first 16 bytes of the event data MUST be a String based identifier (Signature), NUL-terminated.
+ * The only currently defined Signature is "SPDM Device Sec"
+ * which implies the data is a DEVICE_SECURITY_EVENT_DATA_HEADER.
+ * DEVICE_SECURITY_EVENT_DATA_HEADER contains the measurement(s) and hash algorithm
+ * (SpdmHashAlg) identifier returned by the SPDM "GET_MEASUREMENTS" function
+ * DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT
+ * DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT is a common SPDM structure which includes the
+ * identification of the device, device vendor, subsystem, etc for PCI connection devices
+ */
+public class EvEfiSpdmFirmwareBlob {
+
+ /**
+ * Signature (text) data.
+ */
+ private String signature = "";
+ /**
+ * True if the event is a DEVICE_SECURITY_EVENT_DATA_HEADER.
+ */
+ private boolean bDeviceSecurityEventDataHeader = false;
+ /**
+ * evDeviceSecurityEventDataHeader Object.
+ */
+ @Getter
+ private evDeviceSecurityEventDataHeader deviceSecurityEventDataHeader = null;
+
+ /**
+ * EvEfiSpdmFirmwareBlob constructor.
+ *
+ * @param eventData byte array holding the event to process.
+ * @throws java.io.UnsupportedEncodingException if input fails to parse.
+ */
+ public EvEfiSpdmFirmwareBlob(final byte[] eventData) throws UnsupportedEncodingException {
+ byte[] signatureBytes = new byte[UefiConstants.SIZE_15];
+// System.arraycopy(eventData, 0, signatureBytes, 0, UefiConstants.SIZE_15);
+// signature = new String(signatureBytes, StandardCharsets.UTF_8);
+// signature = signature.replaceAll("[^\\P{C}\t\r\n]", ""); // remove null characters
+// if (signature.contains("Spec ID Event03")) { // implies CryptAgileFormat
+// specIDEvent = new EvEfiSpecIdEvent(eventData);
+// bSpecIDEvent = true;
+// }
+ }
+
+ /**
+ * Determines if this event is a SpecIDEvent.
+ *
+ * @return true of the event is a SpecIDEvent.
+ */
+ public boolean isDeviceSecurityEventDataHeader() {
+ return bDeviceSecurityEventDataHeader;
+ }
+
+ /**
+ * Returns a description of this event.
+ *
+ * @return Human readable description of this event.
+ */
+// public String toString() {
+// String specInfo = "";
+// if (bSpecIDEvent) {
+// specInfo += " Signature = Spec ID Event03 : ";
+// if (specIDEvent.isCryptoAgile()) {
+// specInfo += "Log format is Crypto Agile\n";
+// } else {
+// specInfo += "Log format is SHA 1 (NOT Crypto Agile)\n";
+// }
+// specInfo += " Platform Profile Specification version = "
+// + specIDEvent.getVersionMajor() + "." + specIDEvent.getVersionMinor()
+// + " using errata version " + specIDEvent.getErrata();
+// } else {
+// specInfo = "EV_NO_ACTION event named " + signature
+// + " encountered but support for processing it has not been added to this application.\n";
+// }
+// return specInfo;
+// }
+}
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/evDeviceSecurityEventDataHeader.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/evDeviceSecurityEventDataHeader.java
new file mode 100644
index 00000000..a0c319fa
--- /dev/null
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/evDeviceSecurityEventDataHeader.java
@@ -0,0 +1,4 @@
+package hirs.utils.tpm.eventlog.events;
+
+public class evDeviceSecurityEventDataHeader {
+}
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/evDeviceSecurityEventDataPciContext.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/evDeviceSecurityEventDataPciContext.java
new file mode 100644
index 00000000..77a1368f
--- /dev/null
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/evDeviceSecurityEventDataPciContext.java
@@ -0,0 +1,4 @@
+package hirs.utils.tpm.eventlog.events;
+
+public class evDeviceSecurityEventDataPciContext {
+}