ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-03-04 21:35:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

SPDM processing

Browse Source
This commit is contained in:
iadgovuser58 2024-04-10 11:46:37 -04:00 committed by chubtub
parent eea1b746c8
commit 2ee21afb3b
5 changed files with 167 additions and 165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java
View File

@ -3,6 +3,7 @@ package hirs.utils.tpm.eventlog.events;
import hirs.utils.HexUtils; import hirs.utils.HexUtils;
import hirs.utils.tpm.eventlog.TcgTpmtHa; import hirs.utils.tpm.eventlog.TcgTpmtHa;
import hirs.utils.tpm.eventlog.uefi.UefiConstants; import hirs.utils.tpm.eventlog.uefi.UefiConstants;
import jakarta.persistence.criteria.CriteriaBuilder;
import lombok.Getter; import lombok.Getter;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
@ -11,25 +12,33 @@ import java.util.List;
/** /**
* Class to process the DEVICE_SECURITY_EVENT_DATA event per PFP. * Class to process the DEVICE_SECURITY_EVENT_DATA or ..DATA2 event per PFP.
* DEVICE_SECURITY_EVENT_DATA has 2 structures: * The event data comes in 2 forms:
* 1) DEVICE_SECURITY_EVENT_DATA_HEADER * 1) DEVICE_SECURITY_EVENT_DATA or
* 2) DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT * 2) DEVICE_SECURITY_EVENT_DATA2
* DEVICE_SECURITY_EVENT_DATA_HEADER
* The first 16 bytes of the event data header MUST be a String based identifier (Signature), * The first 16 bytes of the event data header MUST be a String based identifier (Signature),
* NUL-terminated. The only currently defined Signature is "SPDM Device Sec" which implies * NUL-terminated, per PFP. The only currently defined Signature is "SPDM Device Sec", which
* the event data is a DEVICE_SECURITY_EVENT_DATA. DEVICE_SECURITY_EVENT_DATA_HEADER contains * implies the data is a DEVICE_SECURITY_EVENT_DATA or ..DATA2. The Version field indicates
* the measurement(s) and hash algorithm (SpdmHashAlg) identifier returned by the SPDM * whether it is ..DATA or ..DATA2.
* "GET_MEASUREMENTS" function. *
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT * DEVICE SECURITY EVENT structures defined by PFP v1.06 Rev 52:
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT is a common SPDM structure which includes the
* identification of the device, device vendor, subsystem, etc.
* <p> * <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA { * typedef struct tdDEVICE_SECURITY_EVENT_DATA {
* DEVICE_SECURITY_EVENT_DATA_HEADER EventDataHeader; * DEVICE_SECURITY_EVENT_DATA_HEADER EventDataHeader;
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext; * DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* } DEVICE_SECURITY_EVENT_DATA; * } DEVICE_SECURITY_EVENT_DATA;
* <p> * <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA2 {
* DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
* DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* } DEVICE_SECURITY_EVENT_DATA;
* <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT {
* DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT PciContext;
* DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT UsbContext;
* } DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT;
* <p>
* Notes: Parses event data for an DEVICE_SECURITY_EVENT_DATA per PFP v1.06 Rev52 Table 20. * Notes: Parses event data for an DEVICE_SECURITY_EVENT_DATA per PFP v1.06 Rev52 Table 20.
* 1. Has an EventType of EV_EFI_SPDM_FIRMWARE_BLOB (0x800000E1) * 1. Has an EventType of EV_EFI_SPDM_FIRMWARE_BLOB (0x800000E1)
* 2. Digest of 48 bytes * 2. Digest of 48 bytes
@ -37,104 +46,79 @@ import java.util.List;
* 4. First 16 bytes of the structure header is an ASCII "SPDM Device Sec" * 4. First 16 bytes of the structure header is an ASCII "SPDM Device Sec"
*/ */
public class DeviceSecurityEventData { public class DeviceSecurityEventData {
// /**
// * Minor Version.
// */
// @Getter
// private String versionMinor = "";
// /**
// * Major Version.
// */
// @Getter
// private String versionMajor = "";
// /**
// * Specification errata version.
// */
// @Getter
// private String errata = "";
/** /**
* Signature (text) data. * Signature (text) data.
*/ */
@Getter @Getter
private String signature = ""; private String signature = "";
/** /**
* Platform class. * Version determines data structure used (..DATA or ..DATA2).
*/
// @Getter
// private String version = "";
// /**
// * Contains the human-readable info inside the Device Security Event.
// */
@Getter
private String dSEDinfo = "";
/**
* DeviceSecurityEventDataHeader Object.
*/ */
@Getter @Getter
private String version = ""; private DeviceSecurityEventDataHeader dSEDheader = null;
// /** /**
// * Algorithm count. * DeviceSecurityEventDataSubHeader Object.
// */ */
// @Getter @Getter
// private int numberOfAlg = 0; private DeviceSecurityEventDataHeader dSEDsubHeader = null;
// /** /**
// * True if event log uses Crypto Agile format. * DeviceSecurityEventDataDeviceContext Object.
// */ */
// @Getter @Getter
// private boolean cryptoAgile = false; private DeviceSecurityEventDataDeviceContext dSEDdeviceContext = null;
// /**
// * Algorithm list.
// */
// private List<String> algList;
/** /**
* DeviceSecurityEventData Constructor. * DeviceSecurityEventData Constructor.
* *
* @param deviceSecurityEventDataBytes byte array holding the spec ID Event. * @param dSEDbytes byte array holding the DeviceSecurityEventData.
*/ */
public DeviceSecurityEventData(final byte[] deviceSecurityEventDataBytes) { public DeviceSecurityEventData(final byte[] dSEDbytes) {
// algList = new ArrayList<>();
byte[] signatureBytes = new byte[UefiConstants.SIZE_16]; byte[] signatureBytes = new byte[UefiConstants.SIZE_16];
System.arraycopy(deviceSecurityEventDataBytes, 0, signatureBytes, 0, UefiConstants.SIZE_16); System.arraycopy(dSEDbytes, 0, signatureBytes, 0, UefiConstants.SIZE_16);
//signature = HexUtils.byteArrayToHexString(signatureBytes); //signature = HexUtils.byteArrayToHexString(signatureBytes);
signature = new String(signatureBytes, StandardCharsets.UTF_8) signature = new String(signatureBytes, StandardCharsets.UTF_8)
.substring(0, UefiConstants.SIZE_15); .substring(0, UefiConstants.SIZE_15);
byte[] versionBytes = new byte[UefiConstants.SIZE_4]; byte[] versionBytes = new byte[UefiConstants.SIZE_4];
System.arraycopy(deviceSecurityEventDataBytes, UefiConstants.OFFSET_16, versionBytes, 0, System.arraycopy(dSEDbytes, UefiConstants.OFFSET_16, versionBytes, 0,
UefiConstants.SIZE_4); UefiConstants.SIZE_4);
version = HexUtils.byteArrayToHexString(versionBytes); String version = HexUtils.byteArrayToHexString(versionBytes);
// If version is 0x01, the event is a DEVICE_SECURITY_EVENT_DATA
// If version is 0x02, the event is a DEVICE_SECURITY_EVENT_DATA2
int byteOffset = 0;
dSEDheader = new DeviceSecurityEventDataHeader(dSEDbytes);
byteOffset = dSEDheader.getDSEDheaderByteSize();
if (version == "2") {
// dSEDsubHeader = new DeviceSecurityEventDataSubHeader(dSEDbytes,byteOffset);
// byteOffset = dSEDheader.getDSEDsubHeaderByteSize();
}
dSEDdeviceContext = new DeviceSecurityEventDataDeviceContext(dSEDbytes, byteOffset);
if (version == "1") { if (version == "1") {
dSEDinfo =+
dSEDataHeader.getDSEDheaderInfo();
dSEDinfo =+
dSEDdeviceContext.getdSEDdeviceContextInfo();
} else if (version == "2") { } else if (version == "2") {
dSEDinfo =+
dSEDheader.getDSEDheaderInfo();
dSEDinfo =+
dSEDsubHeader.getDSEDsubHeaderInfo();
dSEDinfo =+
dSEDdeviceContext.getDSEDdeviceContextInfo();
} }
// byte[] platformClassBytes = new byte[UefiConstants.SIZE_4];
// System.arraycopy(efiSpecId, UefiConstants.OFFSET_16, platformClassBytes, 0,
// UefiConstants.SIZE_4);
// platformClass = HexUtils.byteArrayToHexString(platformClassBytes);
//
// byte[] specVersionMinorBytes = new byte[1];
// System.arraycopy(efiSpecId, UefiConstants.OFFSET_20, specVersionMinorBytes, 0, 1);
// versionMinor = HexUtils.byteArrayToHexString(specVersionMinorBytes);
//
// byte[] specVersionMajorBytes = new byte[1];
// System.arraycopy(efiSpecId, UefiConstants.OFFSET_21, specVersionMajorBytes, 0, 1);
// versionMajor = HexUtils.byteArrayToHexString(specVersionMajorBytes);
//
// byte[] specErrataBytes = new byte[1];
// System.arraycopy(efiSpecId, UefiConstants.OFFSET_22, specErrataBytes, 0, 1);
// errata = HexUtils.byteArrayToHexString(specErrataBytes);
//
// byte[] numberOfAlgBytes = new byte[UefiConstants.SIZE_4];
// System.arraycopy(efiSpecId, UefiConstants.OFFSET_24, numberOfAlgBytes, 0,
// UefiConstants.SIZE_4);
// numberOfAlg = HexUtils.leReverseInt(numberOfAlgBytes);
//
// byte[] algorithmIDBytes = new byte[UefiConstants.SIZE_2];
// int algLocation = UefiConstants.SIZE_28;
// for (int i = 0; i < numberOfAlg; i++) {
// System.arraycopy(efiSpecId, algLocation + UefiConstants.OFFSET_4 * i, algorithmIDBytes,
// 0, UefiConstants.SIZE_2);
// String alg = TcgTpmtHa.tcgAlgIdToString(HexUtils.leReverseInt(algorithmIDBytes));
// algList.add(alg);
// }
// if ((algList.size() == 1) && (algList.get(0).compareTo("SHA1") == 0)) {
// cryptoAgile = false;
// } else {
// cryptoAgile = true;
// }
} }
} }

40
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java
View File

@ -1,5 +1,11 @@
package hirs.utils.tpm.eventlog.events; package hirs.utils.tpm.eventlog.events;
import hirs.utils.HexUtils;
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
import lombok.Getter;
import java.nio.charset.StandardCharsets;
/** /**
* Class to process the DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT event per PFP. * Class to process the DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT event per PFP.
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT is a common SPDM structure which includes the * DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT is a common SPDM structure which includes the
@ -13,5 +19,39 @@ package hirs.utils.tpm.eventlog.events;
* <p> * <p>
*/ */
public class DeviceSecurityEventDataDeviceContext { public class DeviceSecurityEventDataDeviceContext {
/**
* Contains the human-readable info inside the Device Security Event Data Device Context structure.
*/
@Getter
private String dSEDdeviceContextInfo = "";
/**
* PCI Version.
*/
@Getter
private String pciVersion = "";
/**
* PCI Length.
*/
@Getter
private String pciLength = "";
public DeviceSecurityEventDataDeviceContext(final byte[] dSEDbytes, int byteStartOffset) {
int byteOffset = byteStartOffset;
byte[] pciVersionBytes = new byte[UefiConstants.SIZE_16];
System.arraycopy(dSEDbytes, byteOffset, pciVersionBytes, 0, UefiConstants.SIZE_16);
pciVersion = new String(pciVersionBytes, StandardCharsets.UTF_8)
.substring(0, UefiConstants.SIZE_15);
byteOffset += UefiConstants.SIZE_16;
byte[] pciLengthBytes = new byte[UefiConstants.SIZE_4];
System.arraycopy(dSEDbytes, byteOffset, pciLengthBytes, 0,
UefiConstants.SIZE_16);
pciLength = HexUtils.byteArrayToHexString(pciLengthBytes);
}
} }

95
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java
View File

@ -10,14 +10,15 @@ import java.util.ArrayList;
import java.util.List; import java.util.List;
/** /**
* Class to process the DEVICE_SECURITY_EVENT_DATA_HEADER per PFP. * Class to process the DEVICE_SECURITY_EVENT_DATA_HEADER or ..HEADER2 per PFP.
* The first 16 bytes of the event data header MUST be a String based identifier (Signature), * The first 16 bytes of the event data header MUST be a String based identifier (Signature),
* NUL-terminated. The only currently defined Signature is "SPDM Device Sec" which implies * NUL-terminated, per PFP. The only currently defined Signature is "SPDM Device Sec",
* the event data is a DEVICE_SECURITY_EVENT_DATA. DEVICE_SECURITY_EVENT_DATA_HEADER contains * which implies the data is a DEVICE_SECURITY_EVENT_DATA or ..DATA2.
* the measurement(s) and hash algorithm (SpdmHashAlg) identifier returned by the SPDM * DEVICE_SECURITY_EVENT_DATA_HEADER contains the measurement(s) and hash algorithm identifier
* "GET_MEASUREMENTS" function. * returned by the SPDM "GET_MEASUREMENTS" function.
*
* HEADERS defined by PFP v1.06 Rev 52:
* <p> * <p>
* PFP v1.06 Rev 52:
* typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER { * typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER {
* UINT8 Signature[16]; * UINT8 Signature[16];
* UINT16 Version; * UINT16 Version;
@ -29,8 +30,22 @@ import java.util.List;
* UNIT8 DevicePath[DevicePathLength] * UNIT8 DevicePath[DevicePathLength]
* } DEVICE_SECURITY_EVENT_DATA_HEADER; * } DEVICE_SECURITY_EVENT_DATA_HEADER;
* <p> * <p>
* SPDM_MEASUREMENT_BLOCK: * typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER2 {
* SPDM v1.03, Sect 10.11.1, Table 53: * UINT8 Signature[16];
* UINT16 Version;
* UINT8 AuthState;
* UINT8 Reserved;
* UINT32 Length;
* UINT32 DeviceType;
* UINT32 SubHeaderType;
* UINT32 SubHeaderLength;
* UINT32 SubHeaderUID;
* UINT64 DevicePathLength;
* UNIT8 DevicePath[DevicePathLength]
* } DEVICE_SECURITY_EVENT_DATA_HEADER2;
*
* SPDM_MEASUREMENT_BLOCK and contents defined by SPDM v1.03, Sect 10.11.1, Table 53 and 54:
* <p>
* Measurement block format { * Measurement block format {
* Index 1 byte; * Index 1 byte;
* MeasurementSpec 1 byte; * MeasurementSpec 1 byte;
@ -38,7 +53,6 @@ import java.util.List;
* Measurement <MeasurementSize> bytes; * Measurement <MeasurementSize> bytes;
* } * }
* <p> * <p>
* SPDM v1.03, SPDM 10.11.1, Table 54:
* DMTF measurement spec format { * DMTF measurement spec format {
* DMTFSpecMeasurementValueType 1 byte; * DMTFSpecMeasurementValueType 1 byte;
* DMTFSpecMeasurementValueSize 2 bytes; * DMTFSpecMeasurementValueSize 2 bytes;
@ -58,45 +72,28 @@ import java.util.List;
* <p> * <p>
*/ */
public class DeviceSecurityEventDataHeader { public class DeviceSecurityEventDataHeader {
// /**
// * Minor Version. /**
// */ * Signature (text) data.
// @Getter */
// private String versionMinor = ""; @Getter
// /** private String signature = "";
// * Major Version. /**
// */ * Version determines data structure used (..DATA or ..DATA2),
// @Getter * which determines whether ..HEADER or ..HEADER2 is used
// private String versionMajor = ""; */
// /** @Getter
// * Specification errata version. private String version = "";
// */ /**
// @Getter * Contains the human-readable info inside the Device Security Event.
// private String errata = ""; */
// /** @Getter
// * Signature (text) data. private String dSEDheaderInfo = "";
// */ /**
// @Getter * Contains the size (in bytes) of the Header.
// private String signature = ""; */
// /** @Getter
// * Platform class. private Integer dSEDheaderByteSize = 0;
// */
// @Getter
// private String platformClass = "";
// /**
// * Algorithm count.
// */
// @Getter
// private int numberOfAlg = 0;
// /**
// * True if event log uses Crypto Agile format.
// */
// @Getter
// private boolean cryptoAgile = false;
// /**
// * Algorithm list.
// */
// private List<String> algList;
// //
// /** // /**
// * EvEfiSpecIdEvent Constructor. // * EvEfiSpecIdEvent Constructor.
@ -164,4 +161,6 @@ public class DeviceSecurityEventDataHeader {
// } // }
// return specInfo; // return specInfo;
// } // }
} }

22
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataPciContext.java
View File

@ -1,22 +0,0 @@
package hirs.utils.tpm.eventlog.events;
/**
* Class to process the DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT event per PFP.
* DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT is an SPDM structure which includes the
* identification of the device, device vendor, subsystem, etc. for a PCI device.
* <p>
* typedef struct DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT {
* UINT16 Version;
* UINT16 Length;
* UINT16 VendorId;
* UINT16 DeviceId;
* UINT8 RevisionID;
* UINT8 ClassCode[3];
* UINT16 SubsystemVendorID;
* UINT16 SubsystemID;
* } DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT;
* <p>
*/
public class DeviceSecurityEventDataPciContext {
}

13
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java
View File

@ -13,7 +13,7 @@ import java.util.List;
/** /**
* Class to process the EV_EFI_SPDM_FIRMWARE_BLOB event. The event field MUST be a * Class to process the EV_EFI_SPDM_FIRMWARE_BLOB event. The event field MUST be a
* 1) DEVICE_SECURITY_EVENT_DATA or * 1) DEVICE_SECURITY_EVENT_DATA or
* 1) DEVICE_SECURITY_EVENT_DATA2 * 2) DEVICE_SECURITY_EVENT_DATA2
* DEVICE_SECURITY_EVENT_DATA has 2 structures: * DEVICE_SECURITY_EVENT_DATA has 2 structures:
* 1) DEVICE_SECURITY_EVENT_DATA_HEADER * 1) DEVICE_SECURITY_EVENT_DATA_HEADER
* 2) DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT, which has 2 structures * 2) DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT, which has 2 structures
@ -25,11 +25,12 @@ import java.util.List;
* 3) DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT, which has 2 structures (see above) * 3) DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT, which has 2 structures (see above)
* The first 16 bytes of the event data header MUST be a String based identifier (Signature), * The first 16 bytes of the event data header MUST be a String based identifier (Signature),
* NUL-terminated, per PFP. The only currently defined Signature is "SPDM Device Sec", * NUL-terminated, per PFP. The only currently defined Signature is "SPDM Device Sec",
* which implies the data is a DEVICE_SECURITY_EVENT_DATA. * which implies the data is a DEVICE_SECURITY_EVENT_DATA or ..DATA2.
* This event is used to record an extended digest for the firmware of an embedded component * The EV_EFI_SPDM_FIRMWARE_BLOB event is used to record an extended digest for the firmware of
* or an add-in device that supports SPDM GET_MEASUREMENTS functionality. This event records * an embedded component or an add-in device that supports SPDM GET_MEASUREMENTS functionality.
* extended digests of SPDM GET_MEASUREMENT responses that correspond to firmware, such as * This event records extended digests of SPDM GET_MEASUREMENT responses that correspond to
* immutable ROM, mutable firmware, firmware version, firmware secure version number, etc. * firmware, such as immutable ROM, mutable firmware, firmware version, firmware secure version
* number, etc.
*/ */
public class EvEfiSpdmFirmwareBlob { public class EvEfiSpdmFirmwareBlob {