From 70e2870373783fea78dde6dcbbc9ab27d87266f9 Mon Sep 17 00:00:00 2001 From: iadgovuser58 <124906646+iadgovuser58@users.noreply.github.com> Date: Fri, 28 Jun 2024 15:02:35 -0400 Subject: [PATCH] spdm processing --- .../hirs/utils/tpm/eventlog/TpmPcrEvent.java | 4 +- .../eventlog/events/DeviceSecurityEvent.java | 46 +++++++++---------- .../events/DeviceSecurityEventData.java | 17 +++++-- .../events/DeviceSecurityEventData2.java | 31 +++++++------ .../DeviceSecurityEventDataDeviceContext.java | 19 ++++---- .../events/DeviceSecurityEventDataHeader.java | 7 +-- .../DeviceSecurityEventDataHeader2.java | 14 +++--- ...ventDataSubHeaderSpdmMeasurementBlock.java | 30 +++++++----- .../events/DeviceSecurityEventHeader.java | 24 ++++------ .../utils/tpm/eventlog/uefi/UefiVariable.java | 1 + 10 files changed, 100 insertions(+), 93 deletions(-) diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java index f1be1b57..bd0b1f68 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java @@ -562,7 +562,9 @@ public class TpmPcrEvent { case EvConstants.EV_EFI_HCRTM_EVENT: break; case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB: - description += "Event Content:\n" + new EvEfiSpdmDeviceSecurityEvent(content).toString(); + EvEfiSpdmDeviceSecurityEvent tempp = new EvEfiSpdmDeviceSecurityEvent(content); + description += "Event Content:\n" + tempp.toString(); +// description += "Event Content:\n" + new EvEfiSpdmDeviceSecurityEvent(content).toString(); break; case EvConstants.EV_EFI_SPDM_FIRMWARE_CONFIG: description += "Event Content:\n" + new EvEfiSpdmDeviceSecurityEvent(content).toString(); diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java index fe8d9ec1..18894e88 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java @@ -1,6 +1,11 @@ package hirs.utils.tpm.eventlog.events; import lombok.Getter; +import lombok.Setter; + +import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventHeader.DEVICE_TYPE_NONE; +import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventHeader.DEVICE_TYPE_PCI; +import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventHeader.DEVICE_TYPE_USB; /** @@ -56,6 +61,13 @@ public abstract class DeviceSecurityEvent { @Getter private DeviceSecurityEventDataDeviceContext dsedDevContext = null; + /** + * Device type. + */ + @Getter + @Setter + private int deviceType = -1; + /** * Human readable description of the data within the * DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT. DEVICE can be either PCI or USB. @@ -74,37 +86,25 @@ public abstract class DeviceSecurityEvent { /** * Parse the Device Context structure, can be PCI or USB based on device type field. * - * @param dSEDbytes byte array holding the DeviceSecurityEventData. - * @param startByte starting byte of the device structure (depends on length of header). - * @param deviceType device type either PCI or USB. + * @param dsedDeviceContextBytes byte array holding the DeviceSecurityEventData. * */ - public void parseDeviceContext(final byte[] dSEDbytes, int startByte, int deviceType) { + public void instantiateDeviceContext(final byte[] dsedDeviceContextBytes) { - int deviceContextLength = dSEDbytes.length - startByte; - - // get the device context bytes - byte[] deviceContextBytes = new byte[deviceContextLength]; - System.arraycopy(dSEDbytes, startByte, deviceContextBytes, 0, - deviceContextLength); - - if (deviceType == 0) { + if (deviceType == DEVICE_TYPE_NONE) { deviceContextInfo = "\n No Device Context (indicated by device type value of 0"; } - else if (deviceType == 1) { -// DeviceSecurityEventDataPciContext dSEDpciContext -// = new DeviceSecurityEventDataPciContext(deviceContextBytes); -// deviceContextInfo = dSEDpciContext.toString(); + else if (deviceType == DEVICE_TYPE_PCI) { dsedDevContext - = new DeviceSecurityEventDataPciContext(deviceContextBytes); + = new DeviceSecurityEventDataPciContext(dsedDeviceContextBytes); deviceContextInfo = dsedDevContext.toString(); } - //else if (deviceType == 2) { - //DeviceSecurityEventDataUsbContext dSEDusbContext - // = new DeviceSecurityEventDataUsbContext(deviceContextBytes); - //deviceContextInfo = dSEDusbContext.toString(); - //deviceContextInfo = "Device type is USB - to be implemented in future"; - //} + else if (deviceType == DEVICE_TYPE_USB) { + // dsedDevContext + // = new DeviceSecurityEventDataUsbContext(dsedDeviceContextBytes); + // deviceContextInfo = dsedDevContext.toString(); + deviceContextInfo = " Device Type: USB - To be implemented"; + } else { deviceContextInfo = " Unknown device type; cannot process device context"; } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java index 1043f74d..91a4a2ec 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java @@ -3,7 +3,6 @@ package hirs.utils.tpm.eventlog.events; import lombok.Getter; import java.io.IOException; -import java.io.UnsupportedEncodingException; /** * Class to process DEVICE_SECURITY_EVENT_DATA. @@ -26,11 +25,19 @@ public class DeviceSecurityEventData extends DeviceSecurityEvent { /** * DeviceSecurityEventData Constructor. * - * @param dSEDbytes byte array holding the DeviceSecurityEventData. + * @param dsedBytes byte array holding the DeviceSecurityEventData. */ - public DeviceSecurityEventData(final byte[] dSEDbytes) throws IOException { - dsedHeader = new DeviceSecurityEventDataHeader(dSEDbytes); - parseDeviceContext(dSEDbytes, dsedHeader.getDSEDheaderByteSize(), dsedHeader.getDeviceType()); + public DeviceSecurityEventData(final byte[] dsedBytes) throws IOException { + dsedHeader = new DeviceSecurityEventDataHeader(dsedBytes); + setDeviceType(dsedHeader.getDeviceType()); + int dsedHeaderLength = dsedHeader.getDsedHeaderLength(); + + int dsedDevContextLength = dsedBytes.length - dsedHeaderLength; + byte[] dsedDevContextBytes = new byte[dsedDevContextLength]; + System.arraycopy(dsedBytes, dsedHeaderLength, dsedDevContextBytes, 0, + dsedDevContextLength); + + instantiateDeviceContext(dsedDevContextBytes); } /** diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java index 81ae1ccf..c470a5fb 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java @@ -1,15 +1,12 @@ package hirs.utils.tpm.eventlog.events; -import hirs.utils.HexUtils; import lombok.Getter; import java.io.IOException; -import java.io.UnsupportedEncodingException; import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_CERT_CHAIN; import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_MEAS_BLOCK; -// TODO Placeholder class to be implemented upon getting test pattern /** * Class to process DEVICE_SECURITY_EVENT_DATA2. * Parses event data per PFP v1.06 Rev52 Table 26. @@ -47,34 +44,40 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent { /** * DeviceSecurityEventData2 Constructor. * - * @param dSEDbytes byte array holding the DeviceSecurityEventData2. + * @param dsedBytes byte array holding the DeviceSecurityEventData2. */ - public DeviceSecurityEventData2(final byte[] dSEDbytes) throws IOException { + public DeviceSecurityEventData2(final byte[] dsedBytes) throws IOException { - dsedHeader2 = new DeviceSecurityEventDataHeader2(dSEDbytes); - int dSEDheaderByteSize = dsedHeader2.getDSEDheaderByteSize(); + dsedHeader2 = new DeviceSecurityEventDataHeader2(dsedBytes); + setDeviceType(dsedHeader2.getDeviceType()); + int dsedHeaderLength = dsedHeader2.getDsedHeaderLength(); int subHeaderType = dsedHeader2.getSubHeaderType(); int subHeaderLength = dsedHeader2.getSubHeaderLength(); subHeaderInfo = "\nSub header type: " + subHeaderType; - byte[] dSEDsubHeaderBytes = new byte[subHeaderLength]; - System.arraycopy(dSEDbytes, dSEDheaderByteSize, dSEDsubHeaderBytes, 0, subHeaderLength); + byte[] dsedSubHeaderBytes = new byte[subHeaderLength]; + System.arraycopy(dsedBytes, dsedHeaderLength, dsedSubHeaderBytes, 0, subHeaderLength); if (subHeaderType == SUBHEADERTYPE_MEAS_BLOCK) { - dsedSubHeader = new DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(dSEDsubHeaderBytes); + dsedSubHeader = new DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(dsedSubHeaderBytes); subHeaderInfo += dsedSubHeader.toString(); } else if (subHeaderType == SUBHEADERTYPE_CERT_CHAIN) { - // TBD: // dsedSubHeader = new DeviceSecurityEventDataSubHeaderCertChain(); + subHeaderInfo += " Cert chain to be implemented "; } else { - subHeaderInfo += "Subheader type unknown"; + subHeaderInfo += "Sub header type unknown"; } - // get subheader - parseDeviceContext(dSEDbytes, dsedHeader2.getDSEDheaderByteSize(), dsedHeader2.getDeviceType()); + int dsedDevContextStartByte = dsedHeaderLength + subHeaderLength; + int dsedDevContextLength = dsedBytes.length - dsedDevContextStartByte; + byte[] dsedDevContextBytes = new byte[dsedDevContextLength]; + System.arraycopy(dsedBytes, dsedDevContextStartByte, dsedDevContextBytes, 0, + dsedDevContextLength); + + instantiateDeviceContext(dsedDevContextBytes); } /** diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java index a9863eb7..0404884e 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java @@ -31,17 +31,17 @@ public abstract class DeviceSecurityEventDataDeviceContext { /** * DeviceSecurityEventDataDeviceContext Constructor. * - * @param dSEDdeviceContextBytes byte array holding the DeviceSecurityEventData. + * @param dsedDeviceContextBytes byte array holding the DeviceSecurityEventData. */ - public DeviceSecurityEventDataDeviceContext(final byte[] dSEDdeviceContextBytes) { + public DeviceSecurityEventDataDeviceContext(final byte[] dsedDeviceContextBytes) { - byte[] pciVersionBytes = new byte[2]; - System.arraycopy(dSEDdeviceContextBytes, 0, pciVersionBytes, 0, 2); - version = HexUtils.leReverseInt(pciVersionBytes); + byte[] versionBytes = new byte[2]; + System.arraycopy(dsedDeviceContextBytes, 0, versionBytes, 0, 2); + version = HexUtils.leReverseInt(versionBytes); - byte[] pciLengthBytes = new byte[2]; - System.arraycopy(dSEDdeviceContextBytes, 2, pciLengthBytes, 0, 2); - length = HexUtils.leReverseInt(pciLengthBytes); + byte[] lengthBytes = new byte[2]; + System.arraycopy(dsedDeviceContextBytes, 2, lengthBytes, 0, 2); + length = HexUtils.leReverseInt(lengthBytes); } /** @@ -52,8 +52,7 @@ public abstract class DeviceSecurityEventDataDeviceContext { public String toString() { String dSEDdeviceContextCommonInfo = ""; - dSEDdeviceContextCommonInfo += "\n DeviceSecurityEventData Device Info:"; - dSEDdeviceContextCommonInfo += "\n Device Structure Version = " + version; + dSEDdeviceContextCommonInfo += "\n DeviceSecurityEventData Device Context:"; return dSEDdeviceContextCommonInfo; } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java index bca6cd33..0fe0226e 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java @@ -8,7 +8,6 @@ import lombok.Getter; import java.io.ByteArrayInputStream; import java.io.IOException; -import java.io.UnsupportedEncodingException; /** * Class to process the DEVICE_SECURITY_EVENT_DATA_HEADER. @@ -76,13 +75,11 @@ public class DeviceSecurityEventDataHeader extends DeviceSecurityEventHeader { int sizeOfSpdmMeas = HexUtils.leReverseInt(sizeOfSpdmMeasBlockBytes); int sizeOfSpdmMeasBlock = sizeOfSpdmMeas + 4; // header is 4 bytes - // extract the bytes from the SPDM Measurement Block + // extract the bytes that comprise the SPDM Measurement Block byte[] spdmMeasBlockBytes = new byte[sizeOfSpdmMeasBlock]; System.arraycopy(dsedBytes, 28, spdmMeasBlockBytes, 0, sizeOfSpdmMeasBlock); -// spdmMeasurementBlock = new SpdmMeasurementBlock(spdmMeasBlockBytes); - ByteArrayInputStream spdmMeasurementBlockData = new ByteArrayInputStream(spdmMeasBlockBytes); spdmMeasurementBlock = new SpdmMeasurementBlock(spdmMeasurementBlockData); @@ -92,7 +89,7 @@ public class DeviceSecurityEventDataHeader extends DeviceSecurityEventHeader { } /** - * Returns a human readable description of the data within this structure. + * Returns a human-readable description of the data within this structure. * * @return a description of this structure. */ diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java index 5ebef017..f113c855 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java @@ -1,9 +1,6 @@ package hirs.utils.tpm.eventlog.events; import hirs.utils.HexUtils; -import hirs.utils.tpm.eventlog.spdm.SpdmHa; -import hirs.utils.tpm.eventlog.spdm.SpdmMeasurementBlock; -import hirs.utils.tpm.eventlog.uefi.UefiConstants; import lombok.Getter; import java.io.UnsupportedEncodingException; @@ -112,23 +109,24 @@ public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader { extractDeviceType(dsedBytes, 24); byte[] subHeaderTypeBytes = new byte[4]; - System.arraycopy(dsedBytes, 44, subHeaderTypeBytes, 0, 4); + System.arraycopy(dsedBytes, 28, subHeaderTypeBytes, 0, 4); subHeaderType = HexUtils.leReverseInt(subHeaderTypeBytes); byte[] subHeaderLengthBytes = new byte[4]; - System.arraycopy(dsedBytes, 48, subHeaderLengthBytes, 0, 4); + System.arraycopy(dsedBytes, 32, subHeaderLengthBytes, 0, 4); subHeaderLength = HexUtils.leReverseInt(subHeaderLengthBytes); byte[] subHeaderUidBytes = new byte[8]; - System.arraycopy(dsedBytes, 52, subHeaderUidBytes, 0, 8); + System.arraycopy(dsedBytes, 36, subHeaderUidBytes, 0, 8); + subHeaderUidBytes = HexUtils.leReverseByte(subHeaderUidBytes); subHeaderUid = HexUtils.byteArrayToHexString(subHeaderUidBytes); - int devPathLenStartByte = 60; + int devPathLenStartByte = 44; extractDevicePathAndFinalSize(dsedBytes, devPathLenStartByte); } /** - * Returns a human readable description of the data within this structure. + * Returns a human-readable description of the data within this structure. * * @return a description of this structure. */ diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java index 5a3196ec..e1e0d242 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java @@ -1,14 +1,13 @@ package hirs.utils.tpm.eventlog.events; import hirs.utils.HexUtils; +import hirs.utils.tpm.eventlog.spdm.SpdmHa; import hirs.utils.tpm.eventlog.spdm.SpdmMeasurementBlock; -import hirs.utils.tpm.eventlog.uefi.UefiConstants; import hirs.utils.tpm.eventlog.uefi.UefiSignatureList; import lombok.Getter; import java.io.ByteArrayInputStream; import java.io.IOException; -import java.io.UnsupportedEncodingException; import java.util.ArrayList; import java.util.List; @@ -47,10 +46,6 @@ public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends Device * List of SPDM Measurement Blocks. */ private List spdmMeasurementBlockList; -// /** -// * SPDM Measurement Block. -// */ -// private SpdmMeasurementBlock spdmMeasurementBlock = null; /** * DeviceSecurityEventDataHeader Constructor. @@ -59,8 +54,6 @@ public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends Device */ public DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(final byte[] dsedSubHBytes) throws IOException { -// super(); - spdmMeasurementBlockList = new ArrayList<>(); byte[] spdmVersionBytes = new byte[2]; @@ -77,7 +70,10 @@ public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends Device System.arraycopy(dsedSubHBytes, 4, spdmMeasurementHashAlgoBytes, 0, 4); spdmMeasurementHashAlgo = HexUtils.leReverseInt(spdmMeasurementHashAlgoBytes); + // get the size of the SPDM Measurement Block List int spdmMeasurementBlockListSize = dsedSubHBytes.length - 8; + + // extract the bytes that comprise the SPDM Measurement Block List byte[] spdmMeasurementBlockListBytes = new byte[spdmMeasurementBlockListSize]; System.arraycopy(dsedSubHBytes, 8, spdmMeasurementBlockListBytes, 0, spdmMeasurementBlockListSize); @@ -85,22 +81,32 @@ public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends Device ByteArrayInputStream spdmMeasurementBlockListData = new ByteArrayInputStream(spdmMeasurementBlockListBytes); while (spdmMeasurementBlockListData.available() > 0) { - SpdmMeasurementBlock spdmMeasurementBlock; spdmMeasurementBlock = new SpdmMeasurementBlock(spdmMeasurementBlockListData); - spdmMeasurementBlockList.add(spdmMeasurementBlock); } } /** - * Returns a human readable description of the data within this structure. + * Returns a human-readable description of the data within this structure. * * @return a description of this structure. */ public String toString() { String dsedSubHeaderInfo = ""; -// dsedSubHeaderInfo += dsedHeader2.toString(); + dsedSubHeaderInfo += "\n SPDM Version: " + spdmVersion; + String spdmHashAlgoStr = SpdmHa.tcgAlgIdToString(spdmMeasurementHashAlgo); + dsedSubHeaderInfo += "\n SPDM Hash Algorithm = " + spdmHashAlgoStr; + + // SPDM Measurement Block List output + dsedSubHeaderInfo += "\n Number of SPDM Measurement Blocks = " + spdmMeasurementBlockList.size(); + int spdmMeasBlockCnt = 1; + for (SpdmMeasurementBlock spdmMeasBlock : spdmMeasurementBlockList) { + dsedSubHeaderInfo += "\n SPDM Measurement Block # " + spdmMeasBlockCnt++ + " of " + + spdmMeasurementBlockList.size(); + dsedSubHeaderInfo += spdmMeasBlock.toString(); + } + return dsedSubHeaderInfo; } } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java index 5fb7b7f7..b9bcebb6 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java @@ -4,7 +4,6 @@ import hirs.utils.HexUtils; import hirs.utils.tpm.eventlog.uefi.UefiConstants; import hirs.utils.tpm.eventlog.uefi.UefiDevicePath; import lombok.Getter; -import lombok.Setter; import java.io.UnsupportedEncodingException; import java.nio.charset.StandardCharsets; @@ -57,7 +56,7 @@ public abstract class DeviceSecurityEventHeader { * Contains the size (in bytes) of the header. */ @Getter - private Integer dSEDheaderByteSize = 0; + private Integer dsedHeaderLength = 0; /** * Signature (text) data. @@ -120,8 +119,8 @@ public abstract class DeviceSecurityEventHeader { byte[] signatureBytes = new byte[UefiConstants.SIZE_16]; System.arraycopy(dSEDbytes, 0, signatureBytes, 0, UefiConstants.SIZE_16); - signature = new String(signatureBytes, StandardCharsets.UTF_8) - .substring(0, UefiConstants.SIZE_15); + signature = new String(signatureBytes, StandardCharsets.UTF_8); + signature = signature.replaceAll("[^\\P{C}\t\r\n]", ""); // remove null characters byte[] versionBytes = new byte[UefiConstants.SIZE_2]; System.arraycopy(dSEDbytes, UefiConstants.OFFSET_16, versionBytes, 0, @@ -172,7 +171,7 @@ public abstract class DeviceSecurityEventHeader { } // header total size - dSEDheaderByteSize = startByte + devicePathLength; + dsedHeaderLength = startByte + devicePathLength; } /** @@ -183,25 +182,20 @@ public abstract class DeviceSecurityEventHeader { * @return name of the device type */ public String deviceTypeToString(final int deviceTypeInt) { - String deviceTypeStr; switch (deviceTypeInt) { case DEVICE_TYPE_NONE: - deviceTypeStr = "No device type"; - break; + return "No device type"; case DEVICE_TYPE_PCI: - deviceTypeStr = "PCI"; - break; + return "PCI"; case DEVICE_TYPE_USB: - deviceTypeStr = "USB"; - break; + return "USB"; default: - deviceTypeStr = "Unknown or invalid Device Type"; + return "Unknown or invalid Device Type"; } - return deviceTypeStr; } /** - * Returns a human readable description of the data common to header structures. + * Returns a human-readable description of the data common to header structures. * * @return a description of this structure. */ diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java index a4195499..1a5e7175 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java @@ -216,6 +216,7 @@ public class UefiVariable { case "KEK": case "db": case "dbx": + break; case "devdb": // SPDM_DEVICE_POLICY and SPDM_DEVICE_AUTHORITY // (update when test patterns exist) efiVariable.append(" EV_EFI_SPDM_DEVICE_POLICY and EV_EFI_SPDM_DEVICE_AUTHORITY: " +