Merge pull request #486 from nsacyber/eventLog_spdm_prep

[#485] Event log spdm prep
2025-01-18 02:39:56 +00:00 · 2022-08-11 10:45:21 -04:00 · 2022-08-11 10:45:21 -04:00 · 4499e19104
commit 4499e19104
parent cdeea09171 dad4a2e02c
5 changed files with 29 additions and 15 deletions
--- a/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent.java
+++ b/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent.java
@ -121,10 +121,11 @@ public class TpmPcrEvent {
     * This can be SHA1 for older event structures or any algorithm for newer structure.
     *
     * @param digestData cryptographic hash
+     * @param digestLength length of the cryptographic hash
     */
-    protected void setEventDigest(final byte[] digestData) {
+    protected void setEventDigest(final byte[] digestData, final int digestLength) {
        digest = new byte[digestLength];
-        System.arraycopy(digestData, 0, digest, 0, this.digestLength);
+        System.arraycopy(digestData, 0, digest, 0, digestLength);
    }

    /**
@ -469,23 +470,31 @@ public class TpmPcrEvent {
     * @param event        the byte array holding the event data.
     * @param eventContent the byte array holding the event content.
     * @param eventNumber  event position within the event log.
+     * @param hashName     name of the hash algorithm used by the event log
     * @return String description of the event.
     * @throws CertificateException     if the event contains an event that cannot be processed.
     * @throws NoSuchAlgorithmException if an event contains an unsupported algorithm.
     * @throws IOException              if the event cannot be parsed.
     */
-    public String processEvent(final byte[] event, final byte[] eventContent, final int eventNumber)
-            throws CertificateException, NoSuchAlgorithmException, IOException {
+    public String processEvent(final byte[] event, final byte[] eventContent, final int eventNumber,
+                                    final String hashName)
+           throws CertificateException, NoSuchAlgorithmException, IOException {
        int eventID = (int) eventType;
        this.eventNumber = eventNumber;
        description += "Event# " + eventNumber + ": ";
        description += "Index PCR[" + getPcrIndex() + "]\n";
        description += "Event Type: 0x" + Long.toHexString(eventType) + " " + eventString(eventID);
        description += "\n";
-        if (logFormat == 1) {   // Digest
+        if (hashName.compareToIgnoreCase("TPM_ALG_SHA1") == 0) {   // Digest
            description += "digest (SHA-1): " + Hex.encodeHexString(this.digest);
-        } else {
+        } else if (hashName.compareToIgnoreCase("TPM_ALG_SHA256") == 0) {   // Digest
            description += "digest (SHA256): " + Hex.encodeHexString(this.digest);
+        } else if (hashName.compareToIgnoreCase("TPM_ALG_SHA384") == 0) {   // Digest
+            description += "digest (SHA384): " + Hex.encodeHexString(this.digest);
+        } else if (hashName.compareToIgnoreCase("TPM_ALG_SHA512") == 0) {   // Digest
+            description += "digest (SHA512): " + Hex.encodeHexString(this.digest);
+        } else {
+            description += "Unsupported Hash Algorithm encoutered";
        }
        if (eventID != UefiConstants.SIZE_4) {
            description += "\n";
--- a/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent1.java
+++ b/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent1.java
@ -49,15 +49,16 @@ public class TpmPcrEvent1 extends TpmPcrEvent {
        byte[] rawEventSize = new byte[UefiConstants.SIZE_4];
        byte[] eventDigest = new byte[EvConstants.SHA1_LENGTH];
        byte[] eventContent = null;
+        int digestSize = EvConstants.SHA1_LENGTH;
        int eventSize = 0;
-
+        String hashName = "TPM_ALG_SHA1";
        if (is.available() > UefiConstants.SIZE_32) {
            is.read(rawIndex);
            setPcrIndex(rawIndex);
            is.read(rawType);
            setEventType(rawType);
            is.read(eventDigest);
-            setEventDigest(eventDigest);
+            setEventDigest(eventDigest, digestSize);
            is.read(rawEventSize);
            eventSize = HexUtils.leReverseInt(rawEventSize);
            eventContent = new byte[eventSize];
@ -78,7 +79,7 @@ public class TpmPcrEvent1 extends TpmPcrEvent {
            offset += rawEventSize.length;
            setEventData(event);
            //System.arraycopy(eventContent, 0, event, offset, eventContent.length);
-            this.processEvent(event, eventContent, eventNumber);
+            this.processEvent(event, eventContent, eventNumber, hashName);
        }
    }
 }
--- a/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent2.java
+++ b/HIRS_Utils/src/main/java/hirs/tpm/eventlog/TpmPcrEvent2.java
@ -78,12 +78,14 @@ public class TpmPcrEvent2 extends TpmPcrEvent {
        setDigestLength(EvConstants.SHA256_LENGTH);
        setLogFormat(2);
        /**  Event data. */
+        int eventDigestLength = 0;
+        String hashName = "";
        byte[] event;
        byte[] rawIndex = new byte[UefiConstants.SIZE_4];
        byte[] algCountBytes = new byte[UefiConstants.SIZE_4];
        byte[] rawType = new byte[UefiConstants.SIZE_4];
        byte[] rawEventSize = new byte[UefiConstants.SIZE_4];
-        byte[] eventDigest = new byte[EvConstants.SHA256_LENGTH];
+        byte[] eventDigest = null;
        byte[] eventContent = null;
        TcgTpmtHa hashAlg = null;
        int eventSize = 0;
@ -99,10 +101,10 @@ public class TpmPcrEvent2 extends TpmPcrEvent {
            // Process TPMT_HA,
            for (int i = 0; i < algCount; i++) {
                hashAlg = new TcgTpmtHa(is);
+                hashName = hashAlg.getHashName();
                hashlist.add(hashAlg);
-                if (hashAlg.getHashName().compareToIgnoreCase("TPM_ALG_SHA256") == 0) {
-                    setEventDigest(hashAlg.getDigest());
-                }
+                eventDigest = new byte[hashAlg.getHashLength()];
+                setEventDigest(hashAlg.getDigest(), hashAlg.getHashLength());
            }
            is.read(rawEventSize);
            eventSize = HexUtils.leReverseInt(rawEventSize);
@ -126,7 +128,8 @@ public class TpmPcrEvent2 extends TpmPcrEvent {
            offset += rawEventSize.length;
            //System.arraycopy(eventContent, 0, event, offset, eventContent.length);
            setEventData(event);
-            this.processEvent(event, eventContent, eventNumber);
+            //setDigestLength(eventDigestLength);
+            this.processEvent(event, eventContent, eventNumber, hashName);
        }
    }
 }
--- a/HIRS_Utils/src/main/java/hirs/tpm/eventlog/events/EvConstants.java
+++ b/HIRS_Utils/src/main/java/hirs/tpm/eventlog/events/EvConstants.java
@ -21,6 +21,8 @@ public final class EvConstants {
    public static final int SHA1_LENGTH = 20;
    /**  Event Type (byte array). */
    public static final int SHA256_LENGTH = 32;
+    /**  Event Type (byte array). */
+    public static final int SHA384_LENGTH = 48;
    /** Each PCR bank holds 24 registers.  */
    public static final int PCR_COUNT = 24;
    // Event IDs
--- a/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Commander.java
+++ b/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Commander.java
@ -74,7 +74,6 @@ public class Commander {
     */
    public final void parseArguments(final String[] args) {
        String tempValue;
-
        for (int i = 0; i < args.length; i++) {
            tempValue = args[i];