diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureData.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureData.java index 0a2fa74b..cb4b5723 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureData.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureData.java @@ -10,7 +10,7 @@ import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; /** - * Class for processing the contents of a Secure Boot DB or DBX contents. + * Class for processing the contents of a Secure Boot PK, KEK, DB or DBX contents. * used for EFIVariables associated with Secure Boot * as defined by Section 32.4.1 Signature Database from the UEFI 2.8 specification *

@@ -52,10 +52,14 @@ public class UefiSignatureData { */ @Getter private boolean valid = false; +// /** +// * UEFI Certificate SHA1 hash. +// */ +// private byte[] binaryHash = new byte[UefiConstants.SIZE_40]; /** - * UEFI Certificate SHA1 hash. + * UEFI Certificate SHA256 hash. */ - private byte[] binaryHash = new byte[UefiConstants.SIZE_40]; + private byte[] binaryHash = new byte[UefiConstants.SIZE_32]; /** * UEFI Signature data status. */ diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureList.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureList.java index 75bf70c9..4927b4a5 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureList.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureList.java @@ -214,18 +214,19 @@ public class UefiSignatureList { StringBuilder sigInfo = new StringBuilder(); if (!signatureTypeValid) { - sigInfo.append(" *** Unknown UEFI Signature Type encountered: " + signatureType.toString() + "\n"); + sigInfo.append(" *** Unknown UEFI Signature Type encountered:\n" + + " " + signatureType.toString() + "\n"); } else { - sigInfo.append(" UEFI Signature List Type = " + signatureType.toString() + "\n"); - sigInfo.append(" Number if items (certs, hashes, etc) = " + numberOfCerts + "\n"); + sigInfo.append(" UEFI Signature List Type = " + signatureType.toString() + "\n"); + sigInfo.append(" Number of items (certs, hashes, etc) = " + numberOfCerts + "\n"); for (int i = 0; i < sigList.size(); i++) { UefiSignatureData certData = sigList.get(i); sigInfo.append(certData.toString()); } if (!dataValid) { - sigInfo.append(" *** Invalid UEFI Signature data encountered: " + dataStatus + "\n"); + sigInfo.append(" *** Invalid UEFI Signature data encountered: " + dataStatus + "\n"); } } return sigInfo.toString(); diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java index d042875f..3760930f 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java @@ -163,8 +163,8 @@ public class UefiVariable { */ public String toString() { StringBuilder efiVariable = new StringBuilder(); - efiVariable.append("UEFI Variable Name:" + efiVarName + "\n"); - efiVariable.append("UEFI Variable GUID = " + uefiVarGuid.toString() + "\n"); + efiVariable.append("UEFI Variable Name: " + efiVarName + "\n"); + efiVariable.append("UEFI Variable GUID: " + uefiVarGuid.toString() + "\n"); if (efiVarName != "") { efiVariable.append("UEFI Variable Contents => " + "\n"); } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiX509Cert.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiX509Cert.java index f8b3b13e..ad42ae0f 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiX509Cert.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiX509Cert.java @@ -80,14 +80,14 @@ public class UefiX509Cert { public String toString() { X509Certificate x509Cert = (X509Certificate) cert; String certData = ""; - certData += " Certificate Serial Number = " + certData += " Certificate Serial Number = " + x509Cert.getSerialNumber().toString(UefiConstants.SIZE_16) + "\n"; - certData += " Subject DN = " + x509Cert.getSubjectX500Principal().getName() + "\n"; - certData += " Issuer DN = " + x509Cert.getIssuerX500Principal().getName() + "\n"; - certData += " Not Before Date = " + x509Cert.getNotBefore() + "\n"; - certData += " Not After Date = " + x509Cert.getNotAfter() + "\n"; - certData += " Signature Algorithm = " + x509Cert.getSigAlgName() + "\n"; - certData += " SHA1 Fingerprint = " + getSHA1FingerPrint() + "\n"; + certData += " Subject DN = " + x509Cert.getSubjectX500Principal().getName() + "\n"; + certData += " Issuer DN = " + x509Cert.getIssuerX500Principal().getName() + "\n"; + certData += " Not Before Date = " + x509Cert.getNotBefore() + "\n"; + certData += " Not After Date = " + x509Cert.getNotAfter() + "\n"; + certData += " Signature Algorithm = " + x509Cert.getSigAlgName() + "\n"; + certData += " SHA1 Fingerprint = " + getSHA1FingerPrint() + "\n"; return certData; } }