diff --git a/0_temp/binary_bios_measurements_addEvt11asSPDMFirmwareBlob b/0_temp/binary_bios_measurements_addEvt11asSPDMFirmwareBlob_origVersion0 similarity index 100% rename from 0_temp/binary_bios_measurements_addEvt11asSPDMFirmwareBlob rename to 0_temp/binary_bios_measurements_addEvt11asSPDMFirmwareBlob_origVersion0 diff --git a/0_temp/binary_bios_measurements_addEvt11asSPDMFirmwareBlob_version1 b/0_temp/binary_bios_measurements_addEvt11asSPDMFirmwareBlob_version1 new file mode 100644 index 00000000..3d1b3dbd Binary files /dev/null and b/0_temp/binary_bios_measurements_addEvt11asSPDMFirmwareBlob_version1 differ diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java index 560965ee..710598a4 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java @@ -63,26 +63,26 @@ public class DeviceSecurityEventData { */ @Getter private String version = ""; - /** - * Contains the human-readable info inside the Device Security Event. - */ - @Getter - private String dSEDinfo = ""; +// /** +// * Contains the human-readable info inside the Device Security Event. +// */ +// @Getter +// private String dsedInfo = ""; /** * DeviceSecurityEventDataHeader Object. */ @Getter - private DeviceSecurityEventDataHeader dSEDheader = null; + private DeviceSecurityEventDataHeader dsedHeader = null; /** * DeviceSecurityEventDataSubHeader Object. */ - @Getter - private DeviceSecurityEventDataHeader dSEDsubHeader = null; +// @Getter +// private DeviceSecurityEventDataSubHeader dsedSubHeader = null; /** * DeviceSecurityEventDataDeviceContext Object. */ @Getter - private DeviceSecurityEventDataDeviceContext dSEDdeviceContext = null; + private DeviceSecurityEventDataDeviceContext dsedDeviceContext = null; /** * DeviceSecurityEventData Constructor. @@ -95,56 +95,65 @@ public class DeviceSecurityEventData { System.arraycopy(dSEDbytes, 0, signatureBytes, 0, UefiConstants.SIZE_16); //signature = HexUtils.byteArrayToHexString(signatureBytes); signature = new String(signatureBytes, StandardCharsets.UTF_8) - .substring(0, UefiConstants.SIZE_15); + .substring(0, UefiConstants.SIZE_15); // size 15 bc last letter is a 00 (null) - byte[] versionBytes = new byte[UefiConstants.SIZE_4]; + byte[] versionBytes = new byte[UefiConstants.SIZE_2]; System.arraycopy(dSEDbytes, UefiConstants.OFFSET_16, versionBytes, 0, - UefiConstants.SIZE_4); + UefiConstants.SIZE_2); version = HexUtils.byteArrayToHexString(versionBytes); +// int byteOffset = 0; +// byteOffset = dsedHeader.getDsedHeaderByteSize(); + // If version is 0x01, the event is a DEVICE_SECURITY_EVENT_DATA // If version is 0x02, the event is a DEVICE_SECURITY_EVENT_DATA2 - int byteOffset = 0; - dSEDheader = new DeviceSecurityEventDataHeader(dSEDbytes); - byteOffset = dSEDheader.getDSEDheaderByteSize(); - if (version == "2") { -// dSEDsubHeader = new DeviceSecurityEventDataSubHeader(dSEDbytes,byteOffset); -// byteOffset = dSEDheader.getDSEDsubHeaderByteSize(); - } - dSEDdeviceContext = new DeviceSecurityEventDataDeviceContext(dSEDbytes, byteOffset); + switch (version) { + case "0100": + dsedHeader = new DeviceSecurityEventDataHeader(dSEDbytes); +// dsedDeviceContext = new DeviceSecurityEventDataDeviceContext(dSEDbytes, +// dsedHeader.getDSEDheaderByteSize()); + break; + case "0200": + dsedHeader = new DeviceSecurityEventDataHeader(dSEDbytes); +// dsedSubHeader = new DeviceSecurityEventDataSubHeader(dSEDbytes,byteOffset); +// byteOffset = dsedHeader.getDSEDsubHeaderByteSize(); +// dsedDeviceContext = new DeviceSecurityEventDataDeviceContext(dSEDbytes, byteOffset); + break; + default: + break; + // if (version == "1") { // dSEDinfo =+ // dSEDataHeader.getDSEDheaderInfo(); // dSEDinfo =+ -// dSEDdeviceContext.getdSEDdeviceContextInfo(); +// dsedDeviceContext.getdSEDdeviceContextInfo(); // } else if (version == "2") { // dSEDinfo =+ // dSEDheader.getDSEDheaderInfo(); // dSEDinfo =+ -// dSEDsubHeader.getDSEDsubHeaderInfo(); +// dsedSubHeader.getDSEDsubHeaderInfo(); // dSEDinfo =+ -// dSEDdeviceContext.getDSEDdeviceContextInfo(); +// dsedDeviceContext.getDSEDdeviceContextInfo(); // } + } } public String toString() { - String specInfo = ""; - - specInfo += " Signature = SPDM Device Sec : "; -// if (specIDEvent.isCryptoAgile()) { -// specInfo += "Log format is Crypto Agile\n"; -// } else { -// specInfo += "Log format is SHA 1 (NOT Crypto Agile)\n"; -// } -// specInfo += " Platform Profile Specification version = " -// + specIDEvent.getVersionMajor() + "." + specIDEvent.getVersionMinor() -// + " using errata version " + specIDEvent.getErrata(); -// specInfo += DeviceSecurityEventData.toString(); -// } else { -// specInfo = "EV_EFI_SPDM_FIRMWARE_BLOB event named " + signature -// + " encountered but support for processing it has not been added to this application.\n"; -// } - return specInfo; + String dsedInfo = ""; + switch (version) { + case "0100": + dsedInfo += dsedHeader.toString(); +// dsedInfo += dsedDeviceContext.toString(); + break; + case "0200": +// dsedInfo += dsedHeader.toString(); +// dsedInfo += dsedSubHeader.toString(); +// dsedInfo += dsedDeviceContext.toString(); + break; + default: + dsedInfo += " Unknown SPDM Device Security Event Data version " + version + " found" + "\n"; + } + return dsedInfo; } } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java index 772b766e..4c3c81f0 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java @@ -30,7 +30,7 @@ import java.util.List; * UNIT8 DevicePath[DevicePathLength] * } DEVICE_SECURITY_EVENT_DATA_HEADER; *

- * typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER2 { + * typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER2 { - NOT IMPLEMENTED YET * UINT8 Signature[16]; * UINT16 Version; * UINT8 AuthState; @@ -73,11 +73,14 @@ import java.util.List; */ public class DeviceSecurityEventDataHeader { - /** - * Contains the human-readable info inside the Device Security Event. +// /** +// * Contains the human-readable info inside the Device Security Event. +// */ +// @Getter +// private String dSEDheaderInfo = ""; + + /** ----------- Variables common to all Header Types ----------- */ - @Getter - private String dSEDheaderInfo = ""; /** * Contains the size (in bytes) of the Header. */ @@ -94,21 +97,42 @@ public class DeviceSecurityEventDataHeader { */ @Getter private String version = ""; - /** - * Event data length. - */ - @Getter - private String length = ""; - /** - * SPDM hash algorithm. - */ - @Getter - private String spdmHashAlgo = ""; /** * Device type. */ @Getter private String deviceType = ""; + /** + * Device path length. + */ + @Getter + private String devicePathLength = ""; + /** + * Device path. + */ + @Getter + private String devicePath = ""; + + /** ----------- Variables specific to Header Type 1 ----------- + /** + * Type Header 1 event data length. + */ + @Getter + private String h1Length = ""; + /** + * Type Header 1 SPDM hash algorithm. + */ + @Getter + private String h1SpdmHashAlgo = ""; + /** + * Type Header 1 SPDM measurement block. + */ + @Getter + private String h1SpdmMeasurementBlock = ""; + + /** ----------- Variables specific to Header Type 2 ----------- + */ + // TBD /** * DeviceSecurityEventDataHeader Constructor. @@ -123,33 +147,26 @@ public class DeviceSecurityEventDataHeader { signature = new String(signatureBytes, StandardCharsets.UTF_8) .substring(0, UefiConstants.SIZE_15); - byte[] versionBytes = new byte[UefiConstants.SIZE_4]; + byte[] versionBytes = new byte[UefiConstants.SIZE_2]; System.arraycopy(dSEDbytes, UefiConstants.OFFSET_16, versionBytes, 0, - UefiConstants.SIZE_4); + UefiConstants.SIZE_2); version = HexUtils.byteArrayToHexString(versionBytes); - byte[] lengthBytes = new byte[UefiConstants.SIZE_4]; - System.arraycopy(dSEDbytes, UefiConstants.OFFSET_20, lengthBytes, 0, - UefiConstants.SIZE_4); - length = HexUtils.byteArrayToHexString(lengthBytes); + byte[] lengthBytes = new byte[UefiConstants.SIZE_2]; + System.arraycopy(dSEDbytes, 18, lengthBytes, 0, + UefiConstants.SIZE_2); + h1Length = HexUtils.byteArrayToHexString(lengthBytes); - byte[] spdmHashAlgoBytes = new byte[UefiConstants.SIZE_8]; - System.arraycopy(dSEDbytes, UefiConstants.OFFSET_24, spdmHashAlgoBytes, 0, + byte[] spdmHashAlgoBytes = new byte[UefiConstants.SIZE_4]; + System.arraycopy(dSEDbytes, UefiConstants.OFFSET_20, spdmHashAlgoBytes, 0, UefiConstants.SIZE_4); - spdmHashAlgo = HexUtils.byteArrayToHexString(spdmHashAlgoBytes); + h1SpdmHashAlgo = HexUtils.byteArrayToHexString(spdmHashAlgoBytes); - byte[] deviceTypeBytes = new byte[UefiConstants.SIZE_8]; + byte[] deviceTypeBytes = new byte[UefiConstants.SIZE_4]; System.arraycopy(dSEDbytes, UefiConstants.OFFSET_24, deviceTypeBytes, 0, UefiConstants.SIZE_4); deviceType = HexUtils.byteArrayToHexString(deviceTypeBytes); -// byte[] specVersionMajorBytes = new byte[1]; -// System.arraycopy(efiSpecId, UefiConstants.OFFSET_21, specVersionMajorBytes, 0, 1); -// versionMajor = HexUtils.byteArrayToHexString(specVersionMajorBytes); -// -// byte[] specErrataBytes = new byte[1]; -// System.arraycopy(efiSpecId, UefiConstants.OFFSET_22, specErrataBytes, 0, 1); -// errata = HexUtils.byteArrayToHexString(specErrataBytes); // // byte[] numberOfAlgBytes = new byte[UefiConstants.SIZE_4]; // System.arraycopy(efiSpecId, UefiConstants.OFFSET_24, numberOfAlgBytes, 0, @@ -170,23 +187,24 @@ public class DeviceSecurityEventDataHeader { // cryptoAgile = true; // } } -// -// /** -// * Returns a human readable description of the data within this event. -// * -// * @return a description of this event.. -// */ -// public String toString() { -// String specInfo = ""; -// if (signature.equals("Spec ID Event#")) { -// specInfo += "Platform Profile Specification version = " + versionMajor + "." + versionMinor -// + " using errata version" + errata; -// } else { -// specInfo = "EV_NO_ACTION event named " + signature -// + " encountered but support for processing it has not been added to this application"; -// } -// return specInfo; -// } + /** + * Returns a human readable description of the data within this event. + * + * @return a description of this event.. + */ + public String toString() { + String dsedHeaderInfo = ""; + if (version.equals("0100")) { + dsedHeaderInfo += "\n SPDM hash algorithm = " + h1SpdmHashAlgo; + dsedHeaderInfo += "\n SPDM Device"; + dsedHeaderInfo += "\n Device Type: " + deviceType; + dsedHeaderInfo += "\n Device Path: " + devicePath; + dsedHeaderInfo += "\n SPDM Measurement Block " + h1SpdmMeasurementBlock; + } else if(version.equals("0200")) { + dsedHeaderInfo = "tbd"; + } + return dsedHeaderInfo; + } } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java index 89863723..c0a7d6c5 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java @@ -80,22 +80,14 @@ public class EvEfiSpdmFirmwareBlob { * @return Human readable description of this event. */ public String toString() { - String specInfo = ""; + String spdmInfo = ""; if (bDeviceSecurityEventData) { - specInfo += " Signature = SPDM Device Sec : "; -// if (specIDEvent.isCryptoAgile()) { -// specInfo += "Log format is Crypto Agile\n"; -// } else { -// specInfo += "Log format is SHA 1 (NOT Crypto Agile)\n"; -// } -// specInfo += " Platform Profile Specification version = " -// + specIDEvent.getVersionMajor() + "." + specIDEvent.getVersionMinor() -// + " using errata version " + specIDEvent.getErrata(); -// specInfo += DeviceSecurityEventData.toString(); + spdmInfo += " Signature = SPDM Device Sec"; + spdmInfo += deviceSecurityEventData.toString(); } else { - specInfo = "EV_EFI_SPDM_FIRMWARE_BLOB event named " + signature + spdmInfo = "EV_EFI_SPDM_FIRMWARE_BLOB event named " + signature + " encountered but support for processing it has not been added to this application.\n"; } - return specInfo; + return spdmInfo; } } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java new file mode 100644 index 00000000..4dd82a4e --- /dev/null +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java @@ -0,0 +1,13 @@ +package hirs.utils.tpm.eventlog.spdm; + +public class SpdmMeasurement { + + public SpdmMeasurement(final byte[] spdmMeasBytes) { + + } + + + public String toString() { + return "TEMP TEST SpdmMeasurement"; + } +} diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java new file mode 100644 index 00000000..00cd926d --- /dev/null +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java @@ -0,0 +1,13 @@ +package hirs.utils.tpm.eventlog.spdm; + +public class SpdmMeasurementBlock { + + public SpdmMeasurementBlock(final byte[] spdmMeasBlockBytes) { + + } + + public String toString() { + return "TEMP TEST spdmMeasBlockBytes"; + } + +}