mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-01-16 01:39:45 +00:00
added variable to track file status through the object calls, specifically vendor-table.json file
This commit is contained in:
parent
d7c540f09f
commit
233c0c48ea
@ -20,6 +20,9 @@ import java.security.cert.CertificateException;
|
|||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.LinkedHashMap;
|
import java.util.LinkedHashMap;
|
||||||
|
|
||||||
|
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NORMAL;
|
||||||
|
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class for handling different formats of TCG Event logs.
|
* Class for handling different formats of TCG Event logs.
|
||||||
*/
|
*/
|
||||||
@ -82,6 +85,9 @@ public final class TCGEventLog {
|
|||||||
* */
|
* */
|
||||||
@Getter
|
@Getter
|
||||||
private boolean bVendorTableFileInaccessbile = false;
|
private boolean bVendorTableFileInaccessbile = false;
|
||||||
|
/** Track status of vendor-table.json */
|
||||||
|
@Getter
|
||||||
|
private String bVendorTableFileStatus = FILE_NORMAL;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default blank object constructor.
|
* Default blank object constructor.
|
||||||
@ -155,6 +161,9 @@ public final class TCGEventLog {
|
|||||||
if(eventList.get(eventNumber-1).isBVendorTableFileInaccessbile()) {
|
if(eventList.get(eventNumber-1).isBVendorTableFileInaccessbile()) {
|
||||||
bVendorTableFileInaccessbile = true;
|
bVendorTableFileInaccessbile = true;
|
||||||
}
|
}
|
||||||
|
if(eventList.get(eventNumber-1).getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||||
|
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
calculatePcrValues();
|
calculatePcrValues();
|
||||||
}
|
}
|
||||||
|
@ -33,6 +33,9 @@ import java.security.NoSuchAlgorithmException;
|
|||||||
import java.security.cert.CertificateException;
|
import java.security.cert.CertificateException;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
|
|
||||||
|
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NORMAL;
|
||||||
|
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class to process a TCG_PCR_EVENT.
|
* Class to process a TCG_PCR_EVENT.
|
||||||
* TCG_PCR_EVENT is used when the Event log uses the SHA1 Format as described in the
|
* TCG_PCR_EVENT is used when the Event log uses the SHA1 Format as described in the
|
||||||
@ -122,6 +125,9 @@ public class TpmPcrEvent {
|
|||||||
* */
|
* */
|
||||||
@Getter
|
@Getter
|
||||||
private boolean bVendorTableFileInaccessbile = false;
|
private boolean bVendorTableFileInaccessbile = false;
|
||||||
|
/** Track status of vendor-table.json */
|
||||||
|
@Getter
|
||||||
|
private String bVendorTableFileStatus = FILE_NORMAL;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor.
|
* Constructor.
|
||||||
@ -517,6 +523,9 @@ public class TpmPcrEvent {
|
|||||||
if(efiVar.isBVendorTableFileInaccessbile()) {
|
if(efiVar.isBVendorTableFileInaccessbile()) {
|
||||||
bVendorTableFileInaccessbile = true;
|
bVendorTableFileInaccessbile = true;
|
||||||
}
|
}
|
||||||
|
if(efiVar.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||||
|
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case EvConstants.EV_EFI_VARIABLE_BOOT:
|
case EvConstants.EV_EFI_VARIABLE_BOOT:
|
||||||
UefiVariable efiVarBoot = new UefiVariable(content);
|
UefiVariable efiVarBoot = new UefiVariable(content);
|
||||||
@ -524,6 +533,9 @@ public class TpmPcrEvent {
|
|||||||
if(efiVarBoot.isBVendorTableFileInaccessbile()) {
|
if(efiVarBoot.isBVendorTableFileInaccessbile()) {
|
||||||
bVendorTableFileInaccessbile = true;
|
bVendorTableFileInaccessbile = true;
|
||||||
}
|
}
|
||||||
|
if(efiVarBoot.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||||
|
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case EvConstants.EV_EFI_BOOT_SERVICES_APPLICATION:
|
case EvConstants.EV_EFI_BOOT_SERVICES_APPLICATION:
|
||||||
EvEfiBootServicesApp bootServices = new EvEfiBootServicesApp(content);
|
EvEfiBootServicesApp bootServices = new EvEfiBootServicesApp(content);
|
||||||
@ -557,6 +569,9 @@ public class TpmPcrEvent {
|
|||||||
if(efiVarAuth.isBVendorTableFileInaccessbile()) {
|
if(efiVarAuth.isBVendorTableFileInaccessbile()) {
|
||||||
bVendorTableFileInaccessbile = true;
|
bVendorTableFileInaccessbile = true;
|
||||||
}
|
}
|
||||||
|
if(efiVarAuth.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||||
|
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB:
|
case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB:
|
||||||
description += "Event Content:\n" + new EvEfiSpdmFirmwareBlob(content).toString();
|
description += "Event Content:\n" + new EvEfiSpdmFirmwareBlob(content).toString();
|
||||||
|
@ -271,4 +271,19 @@ public final class UefiConstants {
|
|||||||
* standard UEFI partition table lengh.
|
* standard UEFI partition table lengh.
|
||||||
*/
|
*/
|
||||||
public static final int UEFI_PT_LENGTH = 72;
|
public static final int UEFI_PT_LENGTH = 72;
|
||||||
|
/**
|
||||||
|
* file status, where file was successfully found on local machine
|
||||||
|
*/
|
||||||
|
public static final String FILE_NORMAL = "fileNormal";
|
||||||
|
/**
|
||||||
|
* file status, where file is not accessible
|
||||||
|
*/
|
||||||
|
public static final String FILE_NOT_ACCESSIBLE = "fileNotAccessible";
|
||||||
|
/**
|
||||||
|
* file status, where file was not found on the local machine,
|
||||||
|
* and so file from the code was used.
|
||||||
|
* For instance, if vendor-table.json is not found in /etc/hirs/aca/default-properties/,
|
||||||
|
* it will be grabbed from code at HIRS_AttestationCA/src/main/resources/.
|
||||||
|
*/
|
||||||
|
public static final String FILE_FROM_CODE_USED = "fileFromCodeUsed";
|
||||||
}
|
}
|
||||||
|
@ -9,6 +9,9 @@ import java.security.NoSuchAlgorithmException;
|
|||||||
import java.security.cert.CertificateException;
|
import java.security.cert.CertificateException;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
|
||||||
|
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NORMAL;
|
||||||
|
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class for processing the contents of a Secure Boot DB or DBX contents.
|
* Class for processing the contents of a Secure Boot DB or DBX contents.
|
||||||
* used for EFIVariables associated with Secure Boot
|
* used for EFIVariables associated with Secure Boot
|
||||||
@ -74,6 +77,9 @@ public class UefiSignatureList {
|
|||||||
* */
|
* */
|
||||||
@Getter
|
@Getter
|
||||||
private boolean bVendorTableFileInaccessbile = false;
|
private boolean bVendorTableFileInaccessbile = false;
|
||||||
|
/** Track status of vendor-table.json */
|
||||||
|
@Getter
|
||||||
|
private String bVendorTableFileStatus = FILE_NORMAL;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* UefiSignatureList constructor.
|
* UefiSignatureList constructor.
|
||||||
@ -121,6 +127,7 @@ public class UefiSignatureList {
|
|||||||
signatureType = new UefiGuid(guid);
|
signatureType = new UefiGuid(guid);
|
||||||
if(signatureType.isVendorTableReferenceHandleEmpty()) {
|
if(signatureType.isVendorTableReferenceHandleEmpty()) {
|
||||||
bVendorTableFileInaccessbile = true;
|
bVendorTableFileInaccessbile = true;
|
||||||
|
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||||
}
|
}
|
||||||
|
|
||||||
// if signatureType is invalid, don't even process any of the data
|
// if signatureType is invalid, don't even process any of the data
|
||||||
|
@ -12,6 +12,9 @@ import java.security.cert.CertificateException;
|
|||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NORMAL;
|
||||||
|
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class to process a UEFI variable within a TPM Event.
|
* Class to process a UEFI variable within a TPM Event.
|
||||||
* typedef struct tdUEFI_VARIABLE_DATA{
|
* typedef struct tdUEFI_VARIABLE_DATA{
|
||||||
@ -68,6 +71,9 @@ public class UefiVariable {
|
|||||||
* */
|
* */
|
||||||
@Getter
|
@Getter
|
||||||
private boolean bVendorTableFileInaccessbile = false;
|
private boolean bVendorTableFileInaccessbile = false;
|
||||||
|
/** Track status of vendor-table.json */
|
||||||
|
@Getter
|
||||||
|
private String bVendorTableFileStatus = FILE_NORMAL;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* EFIVariable constructor.
|
* EFIVariable constructor.
|
||||||
@ -156,6 +162,9 @@ public class UefiVariable {
|
|||||||
if(list.isBVendorTableFileInaccessbile()) {
|
if(list.isBVendorTableFileInaccessbile()) {
|
||||||
bVendorTableFileInaccessbile = true;
|
bVendorTableFileInaccessbile = true;
|
||||||
}
|
}
|
||||||
|
if(list.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||||
|
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||||
|
}
|
||||||
if(!list.isSignatureTypeValid()) {
|
if(!list.isSignatureTypeValid()) {
|
||||||
invalidSignatureListEncountered = true;
|
invalidSignatureListEncountered = true;
|
||||||
invalidSignatureListStatus = list.toString();
|
invalidSignatureListStatus = list.toString();
|
||||||
|
@ -16,6 +16,8 @@ import hirs.utils.tpm.eventlog.TCGEventLog;
|
|||||||
import hirs.utils.tpm.eventlog.TpmPcrEvent;
|
import hirs.utils.tpm.eventlog.TpmPcrEvent;
|
||||||
import hirs.utils.HexUtils;
|
import hirs.utils.HexUtils;
|
||||||
|
|
||||||
|
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Command-line application for processing TCG Event Logs.
|
* Command-line application for processing TCG Event Logs.
|
||||||
* Input arg: path to *.tcglp file
|
* Input arg: path to *.tcglp file
|
||||||
@ -128,6 +130,9 @@ final class Main {
|
|||||||
+ evLog.getEventList().size() + " events:\n\n");
|
+ evLog.getEventList().size() + " events:\n\n");
|
||||||
}
|
}
|
||||||
if (evLog.isBVendorTableFileInaccessbile()) {
|
if (evLog.isBVendorTableFileInaccessbile()) {
|
||||||
|
writeOut("*** remove this.\n\n");
|
||||||
|
}
|
||||||
|
if (evLog.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||||
writeOut("*** WARNING: The file vendor-table.json file was not accessible so data " +
|
writeOut("*** WARNING: The file vendor-table.json file was not accessible so data " +
|
||||||
"in some Secure Boot PCR 7 events cannot be processed.\n\n");
|
"in some Secure Boot PCR 7 events cannot be processed.\n\n");
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user