mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-18 20:47:58 +00:00
fixing checkstyle warnings
This commit is contained in:
iadgovuser58
parent
30a049a613
commit
583869f408
@ -179,9 +179,9 @@ public final class PciIds {
|
||||
|
||||
String classCode = refClassCode;
|
||||
if (classCode != null && classCode.trim().matches("^[0-9A-Fa-f]{6}$")) {
|
||||
String deviceClass = classCode.substring(0,2).toLowerCase();
|
||||
String deviceSubclass = classCode.substring(2,4).toLowerCase();
|
||||
String programInterface = classCode.substring(4,6).toLowerCase();
|
||||
String deviceClass = classCode.substring(0, 2).toLowerCase();
|
||||
String deviceSubclass = classCode.substring(2, 4).toLowerCase();
|
||||
String programInterface = classCode.substring(4, 6).toLowerCase();
|
||||
translatedClassCode.add(deviceClass);
|
||||
translatedClassCode.add(deviceSubclass);
|
||||
translatedClassCode.add(programInterface);
|
||||
|
||||
@ -169,9 +169,9 @@ public final class TCGEventLog {
|
||||
// the if statement is executed
|
||||
// [new event file status = eventList.get(eventNumber-1).getVendorTableFileStatus()]
|
||||
// (ie. if the new file status is not-accessible or from-code, then want to update)
|
||||
if((vendorTableFileStatus != FILESTATUS_NOT_ACCESSIBLE) &&
|
||||
(eventList.get(eventNumber-1).getVendorTableFileStatus() != FILESTATUS_FROM_FILESYSTEM)) {
|
||||
vendorTableFileStatus = eventList.get(eventNumber-1).getVendorTableFileStatus();
|
||||
if ((vendorTableFileStatus != FILESTATUS_NOT_ACCESSIBLE)
|
||||
&& (eventList.get(eventNumber - 1).getVendorTableFileStatus() != FILESTATUS_FROM_FILESYSTEM)) {
|
||||
vendorTableFileStatus = eventList.get(eventNumber - 1).getVendorTableFileStatus();
|
||||
}
|
||||
}
|
||||
calculatePcrValues();
|
||||
|
||||
@ -58,7 +58,7 @@ public abstract class DeviceSecurityEvent {
|
||||
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT. DEVICE can be either PCI or USB.
|
||||
*/
|
||||
@Getter
|
||||
String deviceContextInfo = "";
|
||||
private String deviceContextInfo = "";
|
||||
|
||||
/**
|
||||
* DeviceSecurityEventData Default Constructor.
|
||||
@ -76,21 +76,17 @@ public abstract class DeviceSecurityEvent {
|
||||
*/
|
||||
public void instantiateDeviceContext(final byte[] dsedDeviceContextBytes) {
|
||||
|
||||
if(dsedDeviceContextBytes.length == 0) {
|
||||
if (dsedDeviceContextBytes.length == 0) {
|
||||
deviceContextInfo = "\n DeviceSecurityEventDataDeviceContext object is empty";
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
if (deviceType == DeviceSecurityEventDataDeviceContext.DEVICE_TYPE_NONE) {
|
||||
deviceContextInfo = "\n No Device Context (indicated by device type value of 0)";
|
||||
}
|
||||
else if (deviceType == DeviceSecurityEventDataDeviceContext.DEVICE_TYPE_PCI) {
|
||||
} else if (deviceType == DeviceSecurityEventDataDeviceContext.DEVICE_TYPE_PCI) {
|
||||
dsedDevContext = new DeviceSecurityEventDataPciContext(dsedDeviceContextBytes);
|
||||
deviceContextInfo = dsedDevContext.toString();
|
||||
}
|
||||
else if (deviceType == DeviceSecurityEventDataDeviceContext.DEVICE_TYPE_USB) {
|
||||
} else if (deviceType == DeviceSecurityEventDataDeviceContext.DEVICE_TYPE_USB) {
|
||||
deviceContextInfo = " Device Type: USB - To be implemented";
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
deviceContextInfo = " Unknown device type; cannot process device context";
|
||||
}
|
||||
}
|
||||
|
||||
@ -25,7 +25,7 @@ public class DeviceSecurityEventData extends DeviceSecurityEvent {
|
||||
* DEVICE_SECURITY_EVENT_DATA_HEADER.
|
||||
*/
|
||||
@Getter
|
||||
String headerInfo = "";
|
||||
private String headerInfo = "";
|
||||
|
||||
/**
|
||||
* DeviceSecurityEventData Constructor.
|
||||
@ -34,10 +34,9 @@ public class DeviceSecurityEventData extends DeviceSecurityEvent {
|
||||
*/
|
||||
public DeviceSecurityEventData(final byte[] dsedBytes) {
|
||||
|
||||
if(dsedBytes.length == 0) {
|
||||
if (dsedBytes.length == 0) {
|
||||
headerInfo = " DeviceSecurityEventData object is empty";
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
dsedHeader = new DeviceSecurityEventDataHeader(dsedBytes);
|
||||
headerInfo = dsedHeader.toString();
|
||||
|
||||
|
||||
@ -32,7 +32,7 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent {
|
||||
* DEVICE_SECURITY_EVENT_DATA_HEADER2.
|
||||
*/
|
||||
@Getter
|
||||
String headerInfo = "";
|
||||
private String headerInfo = "";
|
||||
|
||||
/**
|
||||
* Human-readable description of the data within the
|
||||
@ -41,7 +41,7 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent {
|
||||
* DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN
|
||||
*/
|
||||
@Getter
|
||||
String subHeaderInfo = "";
|
||||
private String subHeaderInfo = "";
|
||||
|
||||
/**
|
||||
* DeviceSecurityEventData2 Constructor.
|
||||
@ -50,10 +50,9 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent {
|
||||
*/
|
||||
public DeviceSecurityEventData2(final byte[] dsedBytes) {
|
||||
|
||||
if(dsedBytes.length == 0) {
|
||||
if (dsedBytes.length == 0) {
|
||||
headerInfo = " DeviceSecurityEventData2 object is empty";
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
dsedHeader2 = new DeviceSecurityEventDataHeader2(dsedBytes);
|
||||
headerInfo = dsedHeader2.toString();
|
||||
|
||||
@ -71,12 +70,10 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent {
|
||||
if (subHeaderType == DeviceSecurityEventDataSubHeader.SUBHEADERTYPE_MEAS_BLOCK) {
|
||||
dsedSubHeader = new DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(dsedSubHeaderBytes);
|
||||
subHeaderInfo += dsedSubHeader.toString();
|
||||
}
|
||||
else if (subHeaderType == DeviceSecurityEventDataSubHeader.SUBHEADERTYPE_CERT_CHAIN) {
|
||||
} else if (subHeaderType == DeviceSecurityEventDataSubHeader.SUBHEADERTYPE_CERT_CHAIN) {
|
||||
dsedSubHeader = new DeviceSecurityEventDataSubHeaderCertChain(dsedSubHeaderBytes);
|
||||
subHeaderInfo += dsedSubHeader.toString();
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
subHeaderInfo += " Sub header type unknown\n";
|
||||
}
|
||||
|
||||
|
||||
@ -28,7 +28,7 @@ import lombok.Getter;
|
||||
public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader {
|
||||
|
||||
/**
|
||||
* Event auth state
|
||||
* Event auth state.
|
||||
*/
|
||||
@Getter
|
||||
private int authState = 0;
|
||||
@ -38,7 +38,7 @@ public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader {
|
||||
@Getter
|
||||
private int length = 0;
|
||||
/**
|
||||
* Event sub headerType
|
||||
* Event sub headerType.
|
||||
* SUBHEADERTYPE_MEAS_BLOCK = 0
|
||||
* SUBHEADERTYPE_CERT_CHAIN = 1
|
||||
*/
|
||||
@ -56,12 +56,12 @@ public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader {
|
||||
private String subHeaderUid = "";
|
||||
|
||||
/**
|
||||
* Auth state - success
|
||||
* Auth state - success.
|
||||
*/
|
||||
public static final int AUTH_SUCCESS = 0;
|
||||
/**
|
||||
* Auth state - digital signature of the data is valid, but the public key certificate chain is not
|
||||
* validated with the entry in in the UEFI device signature variable
|
||||
* validated with the entry in the UEFI device signature variable.
|
||||
*/
|
||||
public static final int AUTH_NO_AUTHORITY = 1;
|
||||
/**
|
||||
@ -70,15 +70,15 @@ public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader {
|
||||
*/
|
||||
public static final int AUTH_NO_BINDING = 2;
|
||||
/**
|
||||
* Auth state - data has no digital signature
|
||||
* Auth state - data has no digital signature.
|
||||
*/
|
||||
public static final int AUTH_FAIL_NO_SIG = 3;
|
||||
/**
|
||||
* Auth state - data is invalid
|
||||
* Auth state - data is invalid.
|
||||
*/
|
||||
public static final int AUTH_FAIL_INVALID = 4;
|
||||
/**
|
||||
* Auth state - device is not an SPDM-capable device
|
||||
* Auth state - device is not an SPDM-capable device.
|
||||
*/
|
||||
public static final int AUTH_NO_SPDM = 0xFF;
|
||||
|
||||
|
||||
@ -119,7 +119,7 @@ public class DeviceSecurityEventDataPciContext extends DeviceSecurityEventDataDe
|
||||
|
||||
List<String> classCodeList = translateDeviceClass(classCode);
|
||||
dSEDpciContextInfo += " Device Class: \n";
|
||||
if(classCodeList.size() == 3) {
|
||||
if (classCodeList.size() == 3) {
|
||||
dSEDpciContextInfo += " Class = " + classCodeList.get(0) + "\n";
|
||||
dSEDpciContextInfo += " Subclass = " + classCodeList.get(1) + "\n";
|
||||
dSEDpciContextInfo += " Programming Interface = " + classCodeList.get(2) + "\n";
|
||||
|
||||
@ -14,11 +14,11 @@ package hirs.utils.tpm.eventlog.events;
|
||||
public abstract class DeviceSecurityEventDataSubHeader {
|
||||
|
||||
/**
|
||||
* Sub header type - SPDM measurement block
|
||||
* Sub header type - SPDM measurement block.
|
||||
*/
|
||||
public static final int SUBHEADERTYPE_MEAS_BLOCK = 0;
|
||||
/**
|
||||
* Sub header type - SPDM cert chain
|
||||
* Sub header type - SPDM cert chain.
|
||||
*/
|
||||
public static final int SUBHEADERTYPE_CERT_CHAIN = 1;
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ import hirs.utils.tpm.eventlog.spdm.SpdmHa;
|
||||
* SpdmBaseHashAlgo: SPDM Base Hash Algorithm for the root certificate in the SPDM Certificate chain
|
||||
* SpdmCertChain: SPDM Certificate Chain
|
||||
*/
|
||||
public class DeviceSecurityEventDataSubHeaderCertChain extends DeviceSecurityEventDataSubHeader{
|
||||
public class DeviceSecurityEventDataSubHeaderCertChain extends DeviceSecurityEventDataSubHeader {
|
||||
|
||||
/**
|
||||
* SPDM version.
|
||||
@ -42,7 +42,7 @@ public class DeviceSecurityEventDataSubHeaderCertChain extends DeviceSecurityEve
|
||||
/**
|
||||
* Human-readable description of any error associated with SPDM base hash alg.
|
||||
*/
|
||||
String spdmCertChainError = "";
|
||||
private String spdmCertChainError = "";
|
||||
|
||||
/**
|
||||
* DeviceSecurityEventDataSubHeaderCertChain Constructor.
|
||||
@ -75,15 +75,14 @@ public class DeviceSecurityEventDataSubHeaderCertChain extends DeviceSecurityEve
|
||||
|
||||
int spdmBaseHashAlgoSize = SpdmHa.tcgAlgIdToByteSize(spdmBaseHashAlgo);
|
||||
|
||||
if(spdmCertChainSize <= 0) {
|
||||
spdmCertChainError += "SPDM cert chain length is not >0, " +
|
||||
"stopping cert chain processing";
|
||||
if (spdmCertChainSize <= 0) {
|
||||
spdmCertChainError += "SPDM cert chain length is not >0, "
|
||||
+ "stopping cert chain processing";
|
||||
} else if (spdmBaseHashAlgoSize <= 0) {
|
||||
spdmCertChainError += "SPDM base hash algorithm size is not >0 "
|
||||
+ "stopping cert chain processing";
|
||||
}
|
||||
else if(spdmBaseHashAlgoSize <= 0) {
|
||||
spdmCertChainError += "SPDM base hash algorithm size is not >0 " +
|
||||
"stopping cert chain processing";
|
||||
}
|
||||
if(spdmCertChainError.isEmpty()) {
|
||||
if (spdmCertChainError.isEmpty()) {
|
||||
spdmCertChain = new SpdmCertificateChain(spdmCertChainBytes, spdmBaseHashAlgoSize);
|
||||
}
|
||||
}
|
||||
@ -101,13 +100,11 @@ public class DeviceSecurityEventDataSubHeaderCertChain extends DeviceSecurityEve
|
||||
dsedSubHeaderInfo += " SPDM Base Hash Algorithm = " + spdmBaseHashAlgoStr + "\n";
|
||||
|
||||
// SPDM Certificate Chain output
|
||||
if(!spdmCertChainError.isEmpty()) {
|
||||
if (!spdmCertChainError.isEmpty()) {
|
||||
dsedSubHeaderInfo += " SPDM cert chain error: " + spdmCertChainError + "\n";
|
||||
}
|
||||
else if(spdmCertChain == null) {
|
||||
} else if (spdmCertChain == null) {
|
||||
dsedSubHeaderInfo += " SPDM cert chain error: Could not parse cert chain\n";
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
dsedSubHeaderInfo += spdmCertChain.toString();
|
||||
}
|
||||
|
||||
|
||||
@ -115,17 +115,17 @@ public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends Device
|
||||
dsedSubHeaderInfo += " SPDM Hash Algorithm = " + spdmHashAlgoStr + "\n";
|
||||
|
||||
// SPDM Measurement Block List output
|
||||
dsedSubHeaderInfo += " Number of SPDM Measurement Blocks = " +
|
||||
spdmMeasurementBlockList.size() + "\n";
|
||||
dsedSubHeaderInfo += " Number of SPDM Measurement Blocks = "
|
||||
+ spdmMeasurementBlockList.size() + "\n";
|
||||
int spdmMeasBlockCnt = 1;
|
||||
for (SpdmMeasurementBlock spdmMeasBlock : spdmMeasurementBlockList) {
|
||||
dsedSubHeaderInfo += " SPDM Measurement Block # " + spdmMeasBlockCnt++ + " of " +
|
||||
spdmMeasurementBlockList.size() + "\n";
|
||||
dsedSubHeaderInfo += " SPDM Measurement Block # " + spdmMeasBlockCnt++ + " of "
|
||||
+ spdmMeasurementBlockList.size() + "\n";
|
||||
dsedSubHeaderInfo += spdmMeasBlock.toString();
|
||||
}
|
||||
if(spdmMeasurementBlockReadError) {
|
||||
dsedSubHeaderInfo += " Error reading SPDM Measurement Block #" +
|
||||
spdmMeasBlockCnt + ", halting processing\n";
|
||||
if (spdmMeasurementBlockReadError) {
|
||||
dsedSubHeaderInfo += " Error reading SPDM Measurement Block #"
|
||||
+ spdmMeasBlockCnt + ", halting processing\n";
|
||||
}
|
||||
|
||||
return dsedSubHeaderInfo;
|
||||
|
||||
@ -63,8 +63,8 @@ public abstract class DeviceSecurityEventHeader {
|
||||
@Getter
|
||||
private String signature = "";
|
||||
/**
|
||||
* Version determines data structure used (..DATA or ..DATA2),
|
||||
* which determines whether ..HEADER or ..HEADER2 is used
|
||||
* Version determines data structure used (..DATA or ..DATA2).
|
||||
* This determines whether ..HEADER or ..HEADER2 is used.
|
||||
*/
|
||||
@Getter
|
||||
private String version = "";
|
||||
@ -108,7 +108,7 @@ public abstract class DeviceSecurityEventHeader {
|
||||
* @param dsedBytes byte array holding the DeviceSecurityEventData/Data2.
|
||||
* @param startByte starting byte of device type (depends on header fields before it).
|
||||
*/
|
||||
public void extractDeviceType(final byte[] dsedBytes, int startByte) {
|
||||
public void extractDeviceType(final byte[] dsedBytes, final int startByte) {
|
||||
|
||||
// get the device type ID
|
||||
byte[] deviceTypeBytes = new byte[UefiConstants.SIZE_4];
|
||||
@ -124,24 +124,26 @@ public abstract class DeviceSecurityEventHeader {
|
||||
* @param dsedBytes byte array holding the DeviceSecurityEventData/Data2.
|
||||
* @param startByte starting byte of device path (depends on header fields before it).
|
||||
*/
|
||||
public void extractDevicePathAndFinalSize(final byte[] dsedBytes, int startByte) {
|
||||
public void extractDevicePathAndFinalSize(final byte[] dsedBytes, final int startByte) {
|
||||
|
||||
int startByteUpdated = startByte;
|
||||
|
||||
// get the device path length
|
||||
byte[] devicePathLengthBytes = new byte[8];
|
||||
System.arraycopy(dsedBytes, startByte, devicePathLengthBytes, 0, 8);
|
||||
System.arraycopy(dsedBytes, startByteUpdated, devicePathLengthBytes, 0, 8);
|
||||
int devicePathLength = HexUtils.leReverseInt(devicePathLengthBytes);
|
||||
|
||||
// get the device path
|
||||
if (devicePathLength > 0) {
|
||||
startByte = startByte + 8;
|
||||
startByteUpdated = startByteUpdated + 8;
|
||||
byte[] devPathBytes = new byte[devicePathLength];
|
||||
System.arraycopy(dsedBytes, startByte, devPathBytes,
|
||||
System.arraycopy(dsedBytes, startByteUpdated, devPathBytes,
|
||||
0, devicePathLength);
|
||||
devicePath = new UefiDevicePath(devPathBytes);
|
||||
}
|
||||
|
||||
// header total size
|
||||
dsedHeaderLength = startByte + devicePathLength;
|
||||
dsedHeaderLength = startByteUpdated + devicePathLength;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -176,8 +178,7 @@ public abstract class DeviceSecurityEventHeader {
|
||||
if (devicePath != null) {
|
||||
dsedHeaderCommonInfo += " SPDM Device Path:\n";
|
||||
dsedHeaderCommonInfo += devicePath;
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
dsedHeaderCommonInfo += " SPDM Device Path = Unknown or invalid\n";
|
||||
}
|
||||
|
||||
|
||||
@ -43,7 +43,7 @@ public class EvEfiSpdmDeviceSecurityEvent {
|
||||
/**
|
||||
* Human-readable description of the data within this DEVICE_SECURITY_EVENT_DATA/..DATA2 event.
|
||||
*/
|
||||
String spdmInfo = "";
|
||||
private String spdmInfo = "";
|
||||
|
||||
/**
|
||||
* EvEfiSpdmFirmwareBlob constructor.
|
||||
@ -72,24 +72,20 @@ public class EvEfiSpdmDeviceSecurityEvent {
|
||||
if (dsedVersion.equals("0200")) {
|
||||
dsed = new DeviceSecurityEventData2(eventData);
|
||||
spdmInfo += dsed.toString();
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
spdmInfo += " Incompatible version for DeviceSecurityEventData2: " + dsedVersion + "\n";
|
||||
}
|
||||
}
|
||||
else if (dsedSignature.contains("SPDM Device Sec")) { // implies Device Security event
|
||||
} else if (dsedSignature.contains("SPDM Device Sec")) { // implies Device Security event
|
||||
|
||||
spdmInfo = " Signature = SPDM Device Sec\n";
|
||||
|
||||
if (dsedVersion.equals("0100")) {
|
||||
dsed = new DeviceSecurityEventData(eventData);
|
||||
spdmInfo += dsed.toString();
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
spdmInfo += " Incompatible version for DeviceSecurityEventData: " + dsedVersion + "\n";
|
||||
}
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
spdmInfo = " Signature = Undetermined value: " + dsedSignature + "\n";
|
||||
}
|
||||
}
|
||||
|
||||
@ -47,7 +47,7 @@ public class EvNoAction {
|
||||
* Human-readable description of the data within this DEVICE_SECURITY_EVENT_DATA/..DATA2 event.
|
||||
*/
|
||||
@Getter
|
||||
String noActionInfo = "";
|
||||
private String noActionInfo = "";
|
||||
|
||||
/**
|
||||
* EvNoAction constructor.
|
||||
@ -90,7 +90,13 @@ public class EvNoAction {
|
||||
return bSpecIDEvent;
|
||||
}
|
||||
|
||||
public String specIDEventToString(EvEfiSpecIdEvent specIDEvent) {
|
||||
/**
|
||||
* Returns a human-readable description of a SpecId event.
|
||||
*
|
||||
* @param specIDEvent byte array holding the event.
|
||||
* @return a description of the event.
|
||||
*/
|
||||
public String specIDEventToString(final EvEfiSpecIdEvent specIDEvent) {
|
||||
|
||||
String specIdInfo = "";
|
||||
specIdInfo += " Signature = Spec ID Event03 : ";
|
||||
@ -109,6 +115,7 @@ public class EvNoAction {
|
||||
/**
|
||||
* Returns a human-readable description of locality based on numeric representation lookup.
|
||||
*
|
||||
* @param eventData byte array holding the event from which to grab locality
|
||||
* @return a description of the locality.
|
||||
*/
|
||||
private String getLocality(final byte[] eventData) {
|
||||
|
||||
@ -36,7 +36,7 @@ public class NvIndexInstanceEventLogData {
|
||||
/**
|
||||
* Human-readable description of the data within this DEVICE_SECURITY_EVENT_DATA/..DATA2 event.
|
||||
*/
|
||||
String nvIndexInstanceInfo = "";
|
||||
private String nvIndexInstanceInfo = "";
|
||||
|
||||
/**
|
||||
* NvIndexInstanceEventLogData constructor.
|
||||
@ -84,13 +84,11 @@ public class NvIndexInstanceEventLogData {
|
||||
if (dsedVersion.equals("0200")) {
|
||||
dsed = new DeviceSecurityEventData2(dsedEventData);
|
||||
nvIndexInstanceInfo += dsed.toString();
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
nvIndexInstanceInfo += " Incompatible version for DeviceSecurityEventData2: "
|
||||
+ dsedVersion + "\n";
|
||||
}
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
nvIndexInstanceInfo = " Signature error: should be \'SPDM Device Sec2\' but is "
|
||||
+ signature + "\n";
|
||||
}
|
||||
|
||||
@ -34,9 +34,9 @@ import java.util.ArrayList;
|
||||
*/
|
||||
public class SpdmCertificateChain {
|
||||
|
||||
/**
|
||||
* Length of the certificate chain to include all fields in this structure.
|
||||
*/
|
||||
///**
|
||||
// * Length of the certificate chain to include all fields in this structure.
|
||||
// */
|
||||
//private int length = 0;
|
||||
/**
|
||||
* Root hash.
|
||||
@ -53,11 +53,11 @@ public class SpdmCertificateChain {
|
||||
/**
|
||||
* Human-readable description of any error associated with SPDM base hash alg.
|
||||
*/
|
||||
String spdmBaseHashAlgoError = "";
|
||||
private String spdmBaseHashAlgoError = "";
|
||||
/**
|
||||
* Human-readable description of any error associated with parsing the X509 certs.
|
||||
*/
|
||||
String certProcessingError = "";
|
||||
private String certProcessingError = "";
|
||||
|
||||
/**
|
||||
* SpdmCertificateChain Constructor.
|
||||
@ -67,10 +67,9 @@ public class SpdmCertificateChain {
|
||||
*/
|
||||
public SpdmCertificateChain(final byte[] spdmCertChainBytes, final int rootHashLength) {
|
||||
|
||||
if(rootHashLength <= 0) {
|
||||
if (rootHashLength <= 0) {
|
||||
spdmBaseHashAlgoError = "SPDM base hash algorithm size is not >0";
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
byte[] lengthBytes = new byte[2];
|
||||
System.arraycopy(spdmCertChainBytes, 0, lengthBytes, 0, 2);
|
||||
//length = HexUtils.leReverseInt(lengthBytes);
|
||||
@ -123,15 +122,15 @@ public class SpdmCertificateChain {
|
||||
certList.add(cert);
|
||||
numberOfCerts++;
|
||||
} catch (IOException e) {
|
||||
certProcessingError += "Error with Cert # " + (numberOfCerts+1)
|
||||
certProcessingError += "Error with Cert # " + (numberOfCerts + 1)
|
||||
+ ": IOException (error reading cert data)";
|
||||
break;
|
||||
} catch (CertificateException e) {
|
||||
certProcessingError += "Error with Cert # " + (numberOfCerts+1)
|
||||
certProcessingError += "Error with Cert # " + (numberOfCerts + 1)
|
||||
+ ": CertificateException";
|
||||
break;
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
certProcessingError += "Error with Cert # " + numberOfCerts+1
|
||||
certProcessingError += "Error with Cert # " + (numberOfCerts + 1)
|
||||
+ ": CNoSuchAlgorithmException";
|
||||
break;
|
||||
}
|
||||
@ -147,19 +146,18 @@ public class SpdmCertificateChain {
|
||||
|
||||
String spdmCertChainInfo = "";
|
||||
|
||||
if(!spdmBaseHashAlgoError.isEmpty()) {
|
||||
if (!spdmBaseHashAlgoError.isEmpty()) {
|
||||
spdmCertChainInfo += " *** ERROR with SPDM base hash algorithm size ***\n";
|
||||
spdmCertChainInfo += " " + spdmBaseHashAlgoError + "\n";
|
||||
spdmCertChainInfo += " Stopping processing of this cert chain\n";
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
spdmCertChainInfo += " Root hash = " + HexUtils.byteArrayToHexString(rootHash) + "\n";
|
||||
spdmCertChainInfo += " Number of certs in chain = " + numberOfCerts + "\n";
|
||||
|
||||
int certCnt = 1;
|
||||
for (UefiX509Cert cert : certList) {
|
||||
spdmCertChainInfo += " Cert # " + certCnt++ + " of " +
|
||||
numberOfCerts + ": ------------------\n";
|
||||
spdmCertChainInfo += " Cert # " + certCnt++ + " of "
|
||||
+ numberOfCerts + ": ------------------\n";
|
||||
spdmCertChainInfo += cert.toString();
|
||||
}
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ import lombok.NoArgsConstructor;
|
||||
public class SpdmHa {
|
||||
|
||||
/**
|
||||
* Spdm Hash Alg = Raw bit stream
|
||||
* Spdm Hash Alg = Raw bit stream.
|
||||
*/
|
||||
public static final int TPM_ALG_RAW = 1;
|
||||
/**
|
||||
|
||||
@ -61,7 +61,7 @@ public class SpdmMeasurement {
|
||||
}
|
||||
|
||||
/**
|
||||
* Lookup for SPDM measurement value type
|
||||
* Lookup for SPDM measurement value type.
|
||||
*
|
||||
* @param measValType the numerical representation of the measurement value type.
|
||||
*
|
||||
@ -118,10 +118,10 @@ public class SpdmMeasurement {
|
||||
public String toString() {
|
||||
String spdmMeasInfo = "";
|
||||
|
||||
spdmMeasInfo += " SPDM Measurement Value Type = " +
|
||||
dmtfSpecMeasurementValueTypeToString(dmtfSpecMeasurementValueType);
|
||||
spdmMeasInfo += "\n SPDM Measurement Value = " +
|
||||
HexUtils.byteArrayToHexString(dmtfSpecMeasurementValue);
|
||||
spdmMeasInfo += " SPDM Measurement Value Type = "
|
||||
+ dmtfSpecMeasurementValueTypeToString(dmtfSpecMeasurementValueType);
|
||||
spdmMeasInfo += "\n SPDM Measurement Value = "
|
||||
+ HexUtils.byteArrayToHexString(dmtfSpecMeasurementValue);
|
||||
spdmMeasInfo += "\n";
|
||||
|
||||
return spdmMeasInfo;
|
||||
|
||||
@ -93,7 +93,9 @@ public class UefiDevicePath {
|
||||
*/
|
||||
private String processDevPath(final byte[] path) {
|
||||
StringBuilder pInfo = new StringBuilder();
|
||||
int devLength = 0, pathOffset = 0, devCount = 0;
|
||||
int devLength = 0;
|
||||
int pathOffset = 0;
|
||||
int devCount = 0;
|
||||
while (true) {
|
||||
Byte devPath = Byte.valueOf(path[pathOffset]);
|
||||
if ((devPath.intValue() == UefiConstants.TERMINATOR)
|
||||
@ -214,7 +216,7 @@ public class UefiDevicePath {
|
||||
subType += " _HID = " + HexUtils.byteArrayToHexString(hid) + "\n";
|
||||
System.arraycopy(path, 2 * UefiConstants.SIZE_4 + offset, hid, 0, UefiConstants.SIZE_4);
|
||||
String uid = HexUtils.byteArrayToHexString(hid);
|
||||
if(uid.contains("00000000")) {
|
||||
if (uid.contains("00000000")) {
|
||||
uid = "No _UID exists for this device";
|
||||
}
|
||||
subType += " _UID = " + uid + "\n";
|
||||
|
||||
@ -28,20 +28,20 @@ public class UefiGuid {
|
||||
*/
|
||||
private static final int UUID_EPOCH_DIVISOR = 10000;
|
||||
/**
|
||||
* Filesystem path of vendor-table.json
|
||||
* Filesystem path of vendor-table.json.
|
||||
*/
|
||||
private static final Path JSON_PATH = FileSystems.getDefault().getPath("/etc",
|
||||
"hirs", "aca", "default-properties", "vendor-table.json");
|
||||
/**
|
||||
* Name of vendor-table file in code
|
||||
* Name of vendor-table file in code.
|
||||
*/
|
||||
private static final String JSON_FILENAME = "vendor-table.json";
|
||||
/**
|
||||
* Reference to the vendor-table json object
|
||||
* Reference to the vendor-table json object.
|
||||
*/
|
||||
private JsonObject uefiVendorRef;
|
||||
/**
|
||||
* Track status of vendor-table.json
|
||||
* Track status of vendor-table.json.
|
||||
*/
|
||||
@Getter
|
||||
private String vendorTableFileStatus = FILESTATUS_NOT_ACCESSIBLE;
|
||||
@ -77,13 +77,12 @@ public class UefiGuid {
|
||||
uefiVendorRef = JsonUtils.getSpecificJsonObject(vendorPathString,
|
||||
"VendorTable");
|
||||
|
||||
if(!isVendorTableReferenceHandleEmpty()) {
|
||||
if (!isVendorTableReferenceHandleEmpty()) {
|
||||
vendorTableFileStatus = FILESTATUS_FROM_FILESYSTEM;
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
// could not access vendor-table.json from filesystem, so attempt to access from code
|
||||
uefiVendorRef = JsonUtils.getSpecificJsonObject(JSON_FILENAME, "VendorTable");
|
||||
if(!isVendorTableReferenceHandleEmpty()) {
|
||||
if (!isVendorTableReferenceHandleEmpty()) {
|
||||
vendorTableFileStatus = FILESTATUS_FROM_CODE;
|
||||
}
|
||||
}
|
||||
|
||||
@ -107,7 +107,7 @@ public class UefiSignatureList {
|
||||
*/
|
||||
private UefiGuid signatureType = null;
|
||||
/**
|
||||
* Track status of vendor-table.json
|
||||
* Track status of vendor-table.json.
|
||||
*/
|
||||
@Getter
|
||||
private String vendorTableFileStatus = FILESTATUS_NOT_ACCESSIBLE;
|
||||
@ -235,17 +235,16 @@ public class UefiSignatureList {
|
||||
StringBuilder sigInfo = new StringBuilder();
|
||||
|
||||
if (!signatureTypeValid) {
|
||||
sigInfo.append(" *** Unknown UEFI Signature Type encountered:\n" +
|
||||
" " + signatureType.toString() + "\n");
|
||||
}
|
||||
else {
|
||||
sigInfo.append(" *** Unknown UEFI Signature Type encountered:\n"
|
||||
+ " " + signatureType.toString() + "\n");
|
||||
} else {
|
||||
sigInfo.append(" UEFI Signature List Type = " + signatureType.toString() + "\n");
|
||||
sigInfo.append(" Number of Certs or Hashes in UEFI Signature List = " + numberOfCerts + "\n");
|
||||
|
||||
int certOrHashCnt = 1;
|
||||
for (int i = 0; i < sigList.size(); i++) {
|
||||
sigInfo.append(" Cert or Hash # " + certOrHashCnt++ + " of " +
|
||||
numberOfCerts + ": ------------------\n");
|
||||
sigInfo.append(" Cert or Hash # " + certOrHashCnt++ + " of "
|
||||
+ numberOfCerts + ": ------------------\n");
|
||||
UefiSignatureData certData = sigList.get(i);
|
||||
sigInfo.append(certData.toString());
|
||||
}
|
||||
|
||||
@ -42,11 +42,11 @@ public class UefiVariable {
|
||||
@Getter
|
||||
private String efiVarName = "";
|
||||
/**
|
||||
* Encountered invalid UEFI Signature List
|
||||
* Encountered invalid UEFI Signature List.
|
||||
*/
|
||||
private boolean invalidSignatureListEncountered = false;
|
||||
/**
|
||||
* Invalid UEFI Signature List
|
||||
* Invalid UEFI Signature List.
|
||||
*/
|
||||
private String invalidSignatureListStatus = "";
|
||||
/**
|
||||
@ -78,7 +78,7 @@ public class UefiVariable {
|
||||
/**
|
||||
* Human-readable description of the data within the SPDM devdc (to be updated with more test data).
|
||||
*/
|
||||
String spdmDevdcInfo = "";
|
||||
private String spdmDevdcInfo = "";
|
||||
|
||||
/**
|
||||
* EFIVariable constructor.
|
||||
@ -184,13 +184,13 @@ public class UefiVariable {
|
||||
// the if statement is executed
|
||||
// [new event file status = list.getVendorTableFileStatus()]
|
||||
// (ie. if the new file status is not-accessible or from-code, then want to update)
|
||||
if((vendorTableFileStatus != FILESTATUS_NOT_ACCESSIBLE) &&
|
||||
(list.getVendorTableFileStatus() != FILESTATUS_FROM_FILESYSTEM)) {
|
||||
if ((vendorTableFileStatus != FILESTATUS_NOT_ACCESSIBLE)
|
||||
&& (list.getVendorTableFileStatus() != FILESTATUS_FROM_FILESYSTEM)) {
|
||||
vendorTableFileStatus = list.getVendorTableFileStatus();
|
||||
}
|
||||
|
||||
// efiVariableSigListContents += list.toString();
|
||||
if(!list.isSignatureTypeValid()) {
|
||||
if (!list.isSignatureTypeValid()) {
|
||||
invalidSignatureListEncountered = true;
|
||||
invalidSignatureListStatus = list.toString();
|
||||
break;
|
||||
@ -200,7 +200,7 @@ public class UefiVariable {
|
||||
}
|
||||
|
||||
/**
|
||||
* Method for processing the data in an EFI Signature Data, where the data is known to be an X509 cert
|
||||
* Method for processing the data in an EFI Signature Data, where the data is known to be an X509 cert.
|
||||
*
|
||||
* @param efiSigData Byte array holding the SignatureData data
|
||||
* @throws java.security.cert.CertificateException If there's a problem parsing the X509 certificate.
|
||||
@ -296,23 +296,23 @@ public class UefiVariable {
|
||||
}
|
||||
|
||||
// Signature List output (if there are any Signature Lists)
|
||||
if (certSuperList.size() > 0){
|
||||
if (certSuperList.size() > 0) {
|
||||
efiVariable.append("Number of UEFI Signature Lists = " + certSuperList.size() + "\n");
|
||||
int certSuperListCnt = 1;
|
||||
for (UefiSignatureList uefiSigList : certSuperList) {
|
||||
efiVariable.append("UEFI Signature List # " + certSuperListCnt++ + " of " +
|
||||
certSuperList.size() + ": ------------------\n");
|
||||
efiVariable.append("UEFI Signature List # " + certSuperListCnt++ + " of "
|
||||
+ certSuperList.size() + ": ------------------\n");
|
||||
efiVariable.append(uefiSigList.toString());
|
||||
}
|
||||
}
|
||||
if(invalidSignatureListEncountered) {
|
||||
if (invalidSignatureListEncountered) {
|
||||
efiVariable.append(invalidSignatureListStatus);
|
||||
efiVariable.append("*** Encountered invalid Signature Type - " +
|
||||
"Stopped processing of this event data\n");
|
||||
efiVariable.append("*** Encountered invalid Signature Type - "
|
||||
+ "Stopped processing of this event data\n");
|
||||
}
|
||||
|
||||
// Signature Data output (if there is a Signature Data)
|
||||
if(!spdmDevdcInfo.isEmpty()) {
|
||||
if (!spdmDevdcInfo.isEmpty()) {
|
||||
efiVariable.append(spdmDevdcInfo);
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user