mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-28 08:48:59 +00:00
added variable to track file status through the object calls, specifically vendor-table.json file
This commit is contained in:
parent
d7c540f09f
commit
233c0c48ea
@ -20,6 +20,9 @@ import java.security.cert.CertificateException;
|
||||
import java.util.Collection;
|
||||
import java.util.LinkedHashMap;
|
||||
|
||||
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NORMAL;
|
||||
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||
|
||||
/**
|
||||
* Class for handling different formats of TCG Event logs.
|
||||
*/
|
||||
@ -82,6 +85,9 @@ public final class TCGEventLog {
|
||||
* */
|
||||
@Getter
|
||||
private boolean bVendorTableFileInaccessbile = false;
|
||||
/** Track status of vendor-table.json */
|
||||
@Getter
|
||||
private String bVendorTableFileStatus = FILE_NORMAL;
|
||||
|
||||
/**
|
||||
* Default blank object constructor.
|
||||
@ -155,6 +161,9 @@ public final class TCGEventLog {
|
||||
if(eventList.get(eventNumber-1).isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
if(eventList.get(eventNumber-1).getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||
}
|
||||
}
|
||||
calculatePcrValues();
|
||||
}
|
||||
|
@ -33,6 +33,9 @@ import java.security.NoSuchAlgorithmException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.util.Arrays;
|
||||
|
||||
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NORMAL;
|
||||
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||
|
||||
/**
|
||||
* Class to process a TCG_PCR_EVENT.
|
||||
* TCG_PCR_EVENT is used when the Event log uses the SHA1 Format as described in the
|
||||
@ -122,6 +125,9 @@ public class TpmPcrEvent {
|
||||
* */
|
||||
@Getter
|
||||
private boolean bVendorTableFileInaccessbile = false;
|
||||
/** Track status of vendor-table.json */
|
||||
@Getter
|
||||
private String bVendorTableFileStatus = FILE_NORMAL;
|
||||
|
||||
/**
|
||||
* Constructor.
|
||||
@ -517,6 +523,9 @@ public class TpmPcrEvent {
|
||||
if(efiVar.isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
if(efiVar.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||
}
|
||||
break;
|
||||
case EvConstants.EV_EFI_VARIABLE_BOOT:
|
||||
UefiVariable efiVarBoot = new UefiVariable(content);
|
||||
@ -524,6 +533,9 @@ public class TpmPcrEvent {
|
||||
if(efiVarBoot.isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
if(efiVarBoot.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||
}
|
||||
break;
|
||||
case EvConstants.EV_EFI_BOOT_SERVICES_APPLICATION:
|
||||
EvEfiBootServicesApp bootServices = new EvEfiBootServicesApp(content);
|
||||
@ -557,6 +569,9 @@ public class TpmPcrEvent {
|
||||
if(efiVarAuth.isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
if(efiVarAuth.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||
}
|
||||
break;
|
||||
case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB:
|
||||
description += "Event Content:\n" + new EvEfiSpdmFirmwareBlob(content).toString();
|
||||
|
@ -271,4 +271,19 @@ public final class UefiConstants {
|
||||
* standard UEFI partition table lengh.
|
||||
*/
|
||||
public static final int UEFI_PT_LENGTH = 72;
|
||||
/**
|
||||
* file status, where file was successfully found on local machine
|
||||
*/
|
||||
public static final String FILE_NORMAL = "fileNormal";
|
||||
/**
|
||||
* file status, where file is not accessible
|
||||
*/
|
||||
public static final String FILE_NOT_ACCESSIBLE = "fileNotAccessible";
|
||||
/**
|
||||
* file status, where file was not found on the local machine,
|
||||
* and so file from the code was used.
|
||||
* For instance, if vendor-table.json is not found in /etc/hirs/aca/default-properties/,
|
||||
* it will be grabbed from code at HIRS_AttestationCA/src/main/resources/.
|
||||
*/
|
||||
public static final String FILE_FROM_CODE_USED = "fileFromCodeUsed";
|
||||
}
|
||||
|
@ -9,6 +9,9 @@ import java.security.NoSuchAlgorithmException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.util.ArrayList;
|
||||
|
||||
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NORMAL;
|
||||
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||
|
||||
/**
|
||||
* Class for processing the contents of a Secure Boot DB or DBX contents.
|
||||
* used for EFIVariables associated with Secure Boot
|
||||
@ -74,6 +77,9 @@ public class UefiSignatureList {
|
||||
* */
|
||||
@Getter
|
||||
private boolean bVendorTableFileInaccessbile = false;
|
||||
/** Track status of vendor-table.json */
|
||||
@Getter
|
||||
private String bVendorTableFileStatus = FILE_NORMAL;
|
||||
|
||||
/**
|
||||
* UefiSignatureList constructor.
|
||||
@ -121,6 +127,7 @@ public class UefiSignatureList {
|
||||
signatureType = new UefiGuid(guid);
|
||||
if(signatureType.isVendorTableReferenceHandleEmpty()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||
}
|
||||
|
||||
// if signatureType is invalid, don't even process any of the data
|
||||
|
@ -12,6 +12,9 @@ import java.security.cert.CertificateException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NORMAL;
|
||||
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||
|
||||
/**
|
||||
* Class to process a UEFI variable within a TPM Event.
|
||||
* typedef struct tdUEFI_VARIABLE_DATA{
|
||||
@ -68,6 +71,9 @@ public class UefiVariable {
|
||||
* */
|
||||
@Getter
|
||||
private boolean bVendorTableFileInaccessbile = false;
|
||||
/** Track status of vendor-table.json */
|
||||
@Getter
|
||||
private String bVendorTableFileStatus = FILE_NORMAL;
|
||||
|
||||
/**
|
||||
* EFIVariable constructor.
|
||||
@ -156,6 +162,9 @@ public class UefiVariable {
|
||||
if(list.isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
if(list.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||
bVendorTableFileStatus = FILE_NOT_ACCESSIBLE;
|
||||
}
|
||||
if(!list.isSignatureTypeValid()) {
|
||||
invalidSignatureListEncountered = true;
|
||||
invalidSignatureListStatus = list.toString();
|
||||
|
@ -16,6 +16,8 @@ import hirs.utils.tpm.eventlog.TCGEventLog;
|
||||
import hirs.utils.tpm.eventlog.TpmPcrEvent;
|
||||
import hirs.utils.HexUtils;
|
||||
|
||||
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILE_NOT_ACCESSIBLE;
|
||||
|
||||
/**
|
||||
* Command-line application for processing TCG Event Logs.
|
||||
* Input arg: path to *.tcglp file
|
||||
@ -128,6 +130,9 @@ final class Main {
|
||||
+ evLog.getEventList().size() + " events:\n\n");
|
||||
}
|
||||
if (evLog.isBVendorTableFileInaccessbile()) {
|
||||
writeOut("*** remove this.\n\n");
|
||||
}
|
||||
if (evLog.getBVendorTableFileStatus() == FILE_NOT_ACCESSIBLE) {
|
||||
writeOut("*** WARNING: The file vendor-table.json file was not accessible so data " +
|
||||
"in some Secure Boot PCR 7 events cannot be processed.\n\n");
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user