Merge pull request #557 from nsacyber/v3_issue_546-unittest

[#546] Add TCGEventLogTest for main
2025-04-08 03:44:31 +00:00 · 2023-07-21 14:00:02 -04:00 · 2023-07-21 14:00:02 -04:00 · 1dd3a2fea9
commit 1dd3a2fea9
parent 9f9ca12429 30c9ddbf7c
3 changed files with 148 additions and 14 deletions
--- a/HIRS_Utils/build.gradle
+++ b/HIRS_Utils/build.gradle
@ -42,17 +42,13 @@ dependencies {
    implementation 'org.apache.logging.log4j:log4j-api:2.19.0'
    implementation 'org.glassfish.jaxb:jaxb-runtime:4.0.1'

-    implementation 'org.junit.jupiter:junit-jupiter-api:5.9.3'
-    implementation 'org.junit.jupiter:junit-jupiter-engine:5.9.3'
-    testImplementation 'junit:junit:4.13.1'
+    testImplementation 'org.junit.jupiter:junit-jupiter:5.9.3'
+    testImplementation 'org.junit.platform:junit-platform-launcher:1.9.3'
+    testImplementation 'org.hamcrest:hamcrest:2.2'

    compileOnly libs.lombok
    annotationProcessor libs.lombok

-    //testImplementation 'org.junit.jupiter:junit-jupiter-api:5.6.0'
-    //testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine'
-    testImplementation 'org.junit.platform:junit-platform-launcher:1.9.3'
-    testImplementation 'org.hamcrest:hamcrest:2.2'
 }

 test {
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java
@ -29,7 +29,7 @@ public final class TCGEventLog {
    private static final Logger LOGGER = LogManager.getLogger(TCGEventLog.class);
    /** Name of the hash algorithm used to process the Event Log, default is SHA256.  */
    @Getter
-    private String algorithm = "TPM_ALG_SHA256";
+    private String eventLogHashAlgorithm = "TPM_ALG_SHA256";
    /** Parsed event log array. */
    private static final int SIG_OFFSET = 32;
    /**  TEV_NO_ACTION signature size. */
@ -87,7 +87,7 @@ public final class TCGEventLog {
        initLocalityFourValue = LOCALITY4_SHA1_LIST;
        pcrLength = EvConstants.SHA1_LENGTH;
        hashType = HASH_STRING;
-        algorithm = "TPM_ALG_SHA1";
+        eventLogHashAlgorithm = "TPM_ALG_SHA1";
        initPcrList();
    }

@ -121,14 +121,14 @@ public final class TCGEventLog {
        if (bCryptoAgile) {
            initValue = INIT_SHA256_LIST;
            initLocalityFourValue = LOCALITY4_SHA256_LIST;
-            algorithm = "TPM_ALG_SHA256";
+            eventLogHashAlgorithm = "TPM_ALG_SHA256";
            hashType = HASH256_STRING;
            pcrLength = EvConstants.SHA256_LENGTH;
        } else {
            initValue = INIT_SHA1_LIST;
            initLocalityFourValue = LOCALITY4_SHA1_LIST;
            hashType = HASH_STRING;
-            algorithm = "TPM_ALG_SHA1";
+            eventLogHashAlgorithm = "TPM_ALG_SHA1";
            pcrLength = EvConstants.SHA1_LENGTH;
        }
        this.pcrList = new byte[PCR_COUNT][pcrLength];
@ -181,7 +181,7 @@ public final class TCGEventLog {
 //        TPMMeasurementRecord record;
 //        String pcrValue;
 //        for (int i = 0; i < PCR_COUNT; i++) {
-//            if (algorithm.compareToIgnoreCase("TPM_ALG_SHA1") == 0) { // Log Was SHA1 Format
+//            if (eventLogHashAlgorithm.compareToIgnoreCase("TPM_ALG_SHA1") == 0) { // Log Was SHA1 Format
 //                pcrValue = getExpectedPCRValue(i);
 //                byte[] hexValue = HexUtils.hexStringToByteArray(pcrValue);
 //                final Digest hash = new Digest(DigestAlgorithm.SHA1, hexValue);
@ -314,14 +314,14 @@ public final class TCGEventLog {

        return this.toString();
    }
-
+    
    /**
     * Returns the TCG Algorithm Registry defined ID for the Digest Algorithm
     * used in the event log.
     * @return TCG Defined Algorithm name
     */
    public int getEventLogHashAlgorithmID() {
-       return TcgTpmtHa.tcgAlgStringToId(algorithm);
+       return TcgTpmtHa.tcgAlgStringToId(eventLogHashAlgorithm);
    }

    /**
--- a/HIRS_Utils/src/test/java/hirs/utils/tpm/eventlog/TCGEventLogTest.java
+++ b/HIRS_Utils/src/test/java/hirs/utils/tpm/eventlog/TCGEventLogTest.java
@ -0,0 +1,138 @@
+package hirs.utils.tpm.eventlog;
+
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.util.Arrays;
+
+import org.apache.commons.io.IOUtils;
+
+import org.apache.logging.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+
+public class TCGEventLogTest {
+
+    private static final String DEFAULT_EVENT_LOG = "/tcgeventlog/TpmLog.bin";
+    private static final String DEFAULT_EXPECTED_PCRS = "/tcgeventlog/TpmLogExpectedPcrs.txt";
+    private static final String SHA1_EVENT_LOG = "/tcgeventlog/TpmLogSHA1.bin";
+    private static final String SHA1_EXPECTED_PCRS = "/tcgeventlog/TpmLogSHA1ExpectedPcrs.txt";
+    private static final Logger LOGGER
+            = LogManager.getLogger(TCGEventLogTest.class);
+
+    /**
+     * Initializes a <code>SessionFactory</code>. The factory is used for an in-memory database that
+     * is used for testing.
+     */
+    @BeforeAll
+    public static final void setup() {
+        LOGGER.debug("retrieving session factory");
+
+    }
+
+    /**
+     * Closes the <code>SessionFactory</code> from setup.
+     */
+    @AfterAll
+	public static final void tearDown() {
+	    LOGGER.debug("closing session factory");
+	}
+
+  /**
+    * Tests the processing of a crypto agile event log.
+    * @throws IOException when processing the test fails
+    * @throws NoSuchAlgorithmException if an unknown algorithm is encountered.
+    * @throws CertificateException if a certificate fails to parse.
+    */
+    @Test
+    public final void testCryptoAgileTCGEventLog() throws IOException, CertificateException,
+                                                                 NoSuchAlgorithmException {
+      LOGGER.debug("Testing the parsing of a Crypto Agile formatted TCG Event Log");
+      InputStream log, pcrs;
+      boolean testPass = true;
+      log = this.getClass().getResourceAsStream(DEFAULT_EVENT_LOG);
+      byte[] rawLogBytes = IOUtils.toByteArray(log);
+      TCGEventLog evlog = new TCGEventLog(rawLogBytes, false, false, false);
+      String[] pcrFromLog = evlog.getExpectedPCRValues();
+      pcrs = this.getClass().getResourceAsStream(DEFAULT_EXPECTED_PCRS);
+      Object[] pcrObj = IOUtils.readLines(pcrs, "UTF-8").toArray();
+      String[] pcrTxt = Arrays.copyOf(pcrObj, pcrObj.length, String[].class);
+      
+      // Test 1 get all PCRs
+      for (int i = 0; i < 24; i++) {
+          if (pcrFromLog[i].compareToIgnoreCase(pcrTxt[i]) != 0) {
+              testPass = false;
+              LOGGER.error("\ntestTCGEventLogProcessorParser error with PCR " + i);
+          }
+      }
+      assertTrue(testPass);
+      
+      // Test 2 get an individual PCR
+      String pcr3 = evlog.getExpectedPCRValue(3);
+      assertThat(pcrFromLog[3], equalTo(pcr3));
+
+      // Test 3 check the Algorithm String Identifier used in the log
+      String algStr = evlog.getEventLogHashAlgorithm();
+      assertThat("TPM_ALG_SHA256", equalTo(algStr));
+
+      // Test 4 check the Algorithm # Identifier used in the log
+      int id = evlog.getEventLogHashAlgorithmID();
+      assertThat(TcgTpmtHa.TPM_ALG_SHA256, equalTo(id));
+      
+      LOGGER.debug("OK. Parsing of a Crypto Agile Format Success");
+    }
+
+    /**
+     * Tests the processing of a SHA1 formatted Event log.
+     * @throws IOException when processing the test fails
+     * @throws NoSuchAlgorithmException if an unknown algorithm is encountered.
+     * @throws CertificateException if a certificate fails to parse.
+     */
+    @Test
+    public final void testSHA1TCGEventLog() throws IOException, CertificateException,
+                                                            NoSuchAlgorithmException {
+      LOGGER.debug("Testing the parsing of a SHA1 formated TCG Event Log");
+      InputStream log, pcrs;
+      boolean testPass = true;
+      log = this.getClass().getResourceAsStream(SHA1_EVENT_LOG);
+      byte[] rawLogBytes = IOUtils.toByteArray(log);
+      TCGEventLog evlog =  new TCGEventLog(rawLogBytes, false, false, false);
+      String[] pcrFromLog = evlog.getExpectedPCRValues();
+      pcrs = this.getClass().getResourceAsStream(SHA1_EXPECTED_PCRS);
+      Object[] pcrObj = IOUtils.readLines(pcrs, "UTF-8").toArray();
+      String[] pcrTxt = Arrays.copyOf(pcrObj, pcrObj.length, String[].class);
+      
+      // Test 1 get all PCRs
+       for (int i = 0; i < 24; i++) {
+          if (pcrFromLog[i].compareToIgnoreCase(pcrTxt[i]) != 0) {
+             testPass = false;
+             LOGGER.error("\ntestTCGEventLogProcessorParser error with PCR " + i);
+           }
+       }
+       assertTrue(testPass);
+       
+       // Test 2 get an individual PCR
+       String pcr0 = evlog.getExpectedPCRValue(0);
+       assertThat(pcrFromLog[0], equalTo(pcr0));
+       
+       // Test 3 check the Algorithm String Identifier used in the log
+       String algStr = evlog.getEventLogHashAlgorithm();
+       assertThat("TPM_ALG_SHA1", equalTo(algStr));
+
+       // Test 4 check the Algorithm # Identifier used in the log
+       int id = evlog.getEventLogHashAlgorithmID();
+       assertThat(TcgTpmtHa.TPM_ALG_SHA1, equalTo(id));
+       
+       LOGGER.debug("OK. Parsing of a SHA1 formatted TCG Event Log Success");
+     }
+  
+}