mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-01-01 10:46:47 +00:00
spdm processing
This commit is contained in:
parent
c903400bac
commit
851753b5d4
@ -3,6 +3,7 @@ package hirs.utils.tpm.eventlog.events;
|
|||||||
import hirs.utils.HexUtils;
|
import hirs.utils.HexUtils;
|
||||||
import hirs.utils.tpm.eventlog.TcgTpmtHa;
|
import hirs.utils.tpm.eventlog.TcgTpmtHa;
|
||||||
import hirs.utils.tpm.eventlog.spdm.SpdmHa;
|
import hirs.utils.tpm.eventlog.spdm.SpdmHa;
|
||||||
|
import hirs.utils.tpm.eventlog.spdm.SpdmMeasurementBlock;
|
||||||
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
|
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
|
||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
|
|
||||||
@ -138,11 +139,14 @@ public class DeviceSecurityEventDataHeader {
|
|||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private String h1SpdmHashAlgo = "";
|
private String h1SpdmHashAlgo = "";
|
||||||
|
// /**
|
||||||
|
// * Type Header 1 SPDM Measurement Block list.
|
||||||
|
// */
|
||||||
|
// private List<SpdmMeasurementBlock> h1SpdmMeasurementBlockList;
|
||||||
/**
|
/**
|
||||||
* Type Header 1 SPDM measurement block.
|
* Type Header 1 SPDM Measurement Block.
|
||||||
*/
|
*/
|
||||||
@Getter
|
private SpdmMeasurementBlock h1SpdmMeasurementBlock;
|
||||||
private String h1SpdmMeasurementBlock = "";
|
|
||||||
|
|
||||||
/** ----------- Variables specific to Header Type 2 -----------
|
/** ----------- Variables specific to Header Type 2 -----------
|
||||||
*/
|
*/
|
||||||
@ -155,6 +159,8 @@ public class DeviceSecurityEventDataHeader {
|
|||||||
*/
|
*/
|
||||||
public DeviceSecurityEventDataHeader(final byte[] dSEDbytes) {
|
public DeviceSecurityEventDataHeader(final byte[] dSEDbytes) {
|
||||||
|
|
||||||
|
// spdmMeasurementBlockList = new ArrayList<>();
|
||||||
|
|
||||||
byte[] signatureBytes = new byte[UefiConstants.SIZE_16];
|
byte[] signatureBytes = new byte[UefiConstants.SIZE_16];
|
||||||
System.arraycopy(dSEDbytes, 0, signatureBytes, 0, UefiConstants.SIZE_16);
|
System.arraycopy(dSEDbytes, 0, signatureBytes, 0, UefiConstants.SIZE_16);
|
||||||
signature = new String(signatureBytes, StandardCharsets.UTF_8)
|
signature = new String(signatureBytes, StandardCharsets.UTF_8)
|
||||||
@ -165,29 +171,41 @@ public class DeviceSecurityEventDataHeader {
|
|||||||
UefiConstants.SIZE_2);
|
UefiConstants.SIZE_2);
|
||||||
version = HexUtils.byteArrayToHexString(versionBytes);
|
version = HexUtils.byteArrayToHexString(versionBytes);
|
||||||
|
|
||||||
byte[] lengthBytes = new byte[UefiConstants.SIZE_2];
|
// if(version == "0100") {
|
||||||
System.arraycopy(dSEDbytes, 18, lengthBytes, 0,
|
if (version.equals("0100")) {
|
||||||
UefiConstants.SIZE_2);
|
|
||||||
int h1Length = HexUtils.leReverseInt(lengthBytes);
|
|
||||||
|
|
||||||
byte[] spdmHashAlgoBytes = new byte[UefiConstants.SIZE_4];
|
byte[] lengthBytes = new byte[UefiConstants.SIZE_2];
|
||||||
System.arraycopy(dSEDbytes, UefiConstants.OFFSET_20, spdmHashAlgoBytes, 0,
|
System.arraycopy(dSEDbytes, 18, lengthBytes, 0,
|
||||||
UefiConstants.SIZE_4);
|
UefiConstants.SIZE_2);
|
||||||
int h1SpdmHashAlgoInt = HexUtils.leReverseInt(spdmHashAlgoBytes);
|
int h1Length = HexUtils.leReverseInt(lengthBytes);
|
||||||
h1SpdmHashAlgo = SpdmHa.tcgAlgIdToString(h1SpdmHashAlgoInt);
|
|
||||||
|
|
||||||
byte[] deviceTypeBytes = new byte[UefiConstants.SIZE_4];
|
byte[] spdmHashAlgoBytes = new byte[UefiConstants.SIZE_4];
|
||||||
System.arraycopy(dSEDbytes, UefiConstants.OFFSET_24, deviceTypeBytes, 0,
|
System.arraycopy(dSEDbytes, UefiConstants.OFFSET_20, spdmHashAlgoBytes, 0,
|
||||||
UefiConstants.SIZE_4);
|
UefiConstants.SIZE_4);
|
||||||
int deviceTypeInt = HexUtils.leReverseInt(deviceTypeBytes);
|
int h1SpdmHashAlgoInt = HexUtils.leReverseInt(spdmHashAlgoBytes);
|
||||||
deviceType = deviceTypeToString(deviceTypeInt);
|
h1SpdmHashAlgo = SpdmHa.tcgAlgIdToString(h1SpdmHashAlgoInt);
|
||||||
|
|
||||||
|
byte[] deviceTypeBytes = new byte[UefiConstants.SIZE_4];
|
||||||
|
System.arraycopy(dSEDbytes, UefiConstants.OFFSET_24, deviceTypeBytes, 0,
|
||||||
|
UefiConstants.SIZE_4);
|
||||||
|
int deviceTypeInt = HexUtils.leReverseInt(deviceTypeBytes);
|
||||||
|
deviceType = deviceTypeToString(deviceTypeInt);
|
||||||
|
|
||||||
|
// For each measurement block, create a SpdmMeasurementBlock object (can there be many blocks ?)
|
||||||
|
|
||||||
|
// get the size of the SPDM Measurement Block
|
||||||
|
byte[] sizeOfSpdmMeasBlockBytes = new byte[UefiConstants.SIZE_2];
|
||||||
|
System.arraycopy(dSEDbytes, 30, sizeOfSpdmMeasBlockBytes, 0,
|
||||||
|
UefiConstants.SIZE_2);
|
||||||
|
int sizeOfSpdmMeas = HexUtils.leReverseInt(sizeOfSpdmMeasBlockBytes);
|
||||||
|
int sizeOfSpdmMeasBlock = sizeOfSpdmMeas + 4;
|
||||||
|
|
||||||
|
// extract the bytes from the SPDM Measurement Block
|
||||||
|
byte[] spdmMeasBlockBytes = new byte[sizeOfSpdmMeasBlock];
|
||||||
|
System.arraycopy(dSEDbytes, 28, spdmMeasBlockBytes, 0,
|
||||||
|
sizeOfSpdmMeasBlock);
|
||||||
|
h1SpdmMeasurementBlock = new SpdmMeasurementBlock(spdmMeasBlockBytes);
|
||||||
|
|
||||||
//
|
|
||||||
// byte[] numberOfAlgBytes = new byte[UefiConstants.SIZE_4];
|
|
||||||
// System.arraycopy(efiSpecId, UefiConstants.OFFSET_24, numberOfAlgBytes, 0,
|
|
||||||
// UefiConstants.SIZE_4);
|
|
||||||
// numberOfAlg = HexUtils.leReverseInt(numberOfAlgBytes);
|
|
||||||
//
|
|
||||||
// byte[] algorithmIDBytes = new byte[UefiConstants.SIZE_2];
|
// byte[] algorithmIDBytes = new byte[UefiConstants.SIZE_2];
|
||||||
// int algLocation = UefiConstants.SIZE_28;
|
// int algLocation = UefiConstants.SIZE_28;
|
||||||
// for (int i = 0; i < numberOfAlg; i++) {
|
// for (int i = 0; i < numberOfAlg; i++) {
|
||||||
@ -201,6 +219,8 @@ public class DeviceSecurityEventDataHeader {
|
|||||||
// } else {
|
// } else {
|
||||||
// cryptoAgile = true;
|
// cryptoAgile = true;
|
||||||
// }
|
// }
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -240,7 +260,7 @@ public class DeviceSecurityEventDataHeader {
|
|||||||
dsedHeaderInfo += "\n SPDM Device";
|
dsedHeaderInfo += "\n SPDM Device";
|
||||||
dsedHeaderInfo += "\n Device Type: " + deviceType;
|
dsedHeaderInfo += "\n Device Type: " + deviceType;
|
||||||
dsedHeaderInfo += "\n Device Path: " + devicePath;
|
dsedHeaderInfo += "\n Device Path: " + devicePath;
|
||||||
dsedHeaderInfo += "\n SPDM Measurement Block " + h1SpdmMeasurementBlock;
|
dsedHeaderInfo += "\n SPDM Measurement Block " + h1SpdmMeasurementBlock.toString();
|
||||||
} else if(version.equals("0200")) {
|
} else if(version.equals("0200")) {
|
||||||
dsedHeaderInfo = "tbd";
|
dsedHeaderInfo = "tbd";
|
||||||
}
|
}
|
||||||
|
@ -1,9 +1,28 @@
|
|||||||
package hirs.utils.tpm.eventlog.spdm;
|
package hirs.utils.tpm.eventlog.spdm;
|
||||||
|
|
||||||
|
import lombok.Getter;
|
||||||
|
|
||||||
public class SpdmMeasurementBlock {
|
public class SpdmMeasurementBlock {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Measurement Spec.
|
||||||
|
*/
|
||||||
|
@Getter
|
||||||
|
private String measurementSpec = "";
|
||||||
|
/**
|
||||||
|
* Measurement value type (such as mutable firmware, etc).
|
||||||
|
*/
|
||||||
|
@Getter
|
||||||
|
private String dmtfSpecMeasurementValueType = "";
|
||||||
|
/**
|
||||||
|
* Measurement value (digest).
|
||||||
|
*/
|
||||||
|
@Getter
|
||||||
|
private String dmtfSpecMeasurementValue = "";
|
||||||
|
|
||||||
public SpdmMeasurementBlock(final byte[] spdmMeasBlockBytes) {
|
public SpdmMeasurementBlock(final byte[] spdmMeasBlockBytes) {
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public String toString() {
|
public String toString() {
|
||||||
|
Loading…
Reference in New Issue
Block a user