ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-29 15:44:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Revert changes to HashSwid class

Browse Source
This commit is contained in:
chubtub 2020-06-17 08:51:13 -04:00
parent a4e3fb38de
commit 3babe6cc2f
2 changed files with 46 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java
View File

@ -428,7 +428,11 @@ public class SwidTagGateway {
File rimEventLogFile = new File(rimEventLog);
file.setSize(new BigInteger(Long.toString(rimEventLogFile.length())));
Map<QName, String> attributes = file.getOtherAttributes();
addNonNullAttribute(attributes, _SHA256_HASH, HashSwid.get256Hash(rimEventLog));
try {
addNonNullAttribute(attributes, _SHA256_HASH, HashSwid.getHashValue(Files.readAllBytes(Paths.get(rimEventLog))));
} catch (IOException e) {
System.out.println("Error hashing support RIM: " + e.getMessage());
}
return file;
}
@ -439,13 +443,19 @@ public class SwidTagGateway {
private boolean validateFile(Element file) {
String filepath = file.getAttribute(SwidTagConstants.NAME);
System.out.println("Support rim found at " + filepath);
if (HashSwid.get256Hash(filepath).equals(file.getAttribute(_SHA256_HASH.getPrefix() + ":" + _SHA256_HASH.getLocalPart()))) {
System.out.println("Support RIM hash verified!");
return true;
} else {
System.out.println("Support RIM hash does not match Base RIM!");
return false;
byte[] bytes = new byte[]{};
try {
bytes = Files.readAllBytes(Paths.get(filepath));
} catch (IOException e) {
System.out.println("Error while hashing support RIM to verify: " + e.getMessage());
}
if (HashSwid.getHashValue(bytes).equals(file.getAttribute(_SHA256_HASH.getPrefix() + ":" + _SHA256_HASH.getLocalPart()))) {
System.out.println("Support RIM hash verified!");
return true;
} else {
System.out.println("Support RIM hash does not match Base RIM!");
return false;
}
}
/**

36
tools/tcg_rim_tool/src/main/java/hirs/swid/utils/HashSwid.java
View File

@ -52,10 +52,6 @@ public class HashSwid {
* This method creates the hash based on the provided algorithm and salt
* only accessible through helper methods.
*
* This method assumes an input file that is small enough to read in its
* entirety. Large files should be handled similarly to the public static
* getHashValue() below.
*
* @param filepath file contents to hash
* @param salt random value to make the hash stronger
* @param sha the algorithm to use for the hash
@ -65,7 +61,7 @@ public class HashSwid {
String resultString = null;
try {
MessageDigest md = MessageDigest.getInstance(sha);
byte[] bytes = md.digest(Files.readAllBytes(Paths.get(filepath)));
byte[] bytes = md.digest(filepath.getBytes(ENCODING));
StringBuilder sb = new StringBuilder();
for (int i = 0; i < bytes.length; i++) {
@ -74,8 +70,34 @@ public class HashSwid {
resultString = sb.toString();
} catch (UnsupportedEncodingException | NoSuchAlgorithmException grex) {
System.out.println(grex.getMessage());
} catch (IOException e) {
System.out.println("Error reading in file to hash: " + e.getMessage());
}
return resultString;
}
/**
* This method creates a hash based on the provided algorithm and salt
* only accessible through helper methods.
*
* This method assumes an input file that is small enough to read in its
* entirety. Large files should be handled similarly to the public static
* getHashValue() below.
*
* This method is also largely redundant and should be refactored after 2.0.
*/
public static String getHashValue(byte[] content) {
String resultString = null;
try {
MessageDigest md = MessageDigest.getInstance(SHA256);
byte[] bytes = md.digest(content);
StringBuilder sb = new StringBuilder();
for (int i = 0; i < bytes.length; i++) {
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
}
resultString = sb.toString();
} catch (NoSuchAlgorithmException grex) {
System.out.println(grex.getMessage());
}
return resultString;