fixed hash size for EFI_CERT_SHA256_GUID, other minor changes

This commit is contained in:
iadgovuser58 2024-05-09 15:38:10 -04:00 committed by chubtub
parent cbafa97d5d
commit 8d93e9eacb
4 changed files with 21 additions and 16 deletions

View File

@ -10,7 +10,7 @@ import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
/**
* Class for processing the contents of a Secure Boot DB or DBX contents.
* Class for processing the contents of a Secure Boot PK, KEK, DB or DBX contents.
* used for EFIVariables associated with Secure Boot
* as defined by Section 32.4.1 Signature Database from the UEFI 2.8 specification
* <p>
@ -52,10 +52,14 @@ public class UefiSignatureData {
*/
@Getter
private boolean valid = false;
// /**
// * UEFI Certificate SHA1 hash.
// */
// private byte[] binaryHash = new byte[UefiConstants.SIZE_40];
/**
* UEFI Certificate SHA1 hash.
* UEFI Certificate SHA256 hash.
*/
private byte[] binaryHash = new byte[UefiConstants.SIZE_40];
private byte[] binaryHash = new byte[UefiConstants.SIZE_32];
/**
* UEFI Signature data status.
*/

View File

@ -214,18 +214,19 @@ public class UefiSignatureList {
StringBuilder sigInfo = new StringBuilder();
if (!signatureTypeValid) {
sigInfo.append(" *** Unknown UEFI Signature Type encountered: " + signatureType.toString() + "\n");
sigInfo.append(" *** Unknown UEFI Signature Type encountered:\n" +
" " + signatureType.toString() + "\n");
}
else {
sigInfo.append(" UEFI Signature List Type = " + signatureType.toString() + "\n");
sigInfo.append(" Number if items (certs, hashes, etc) = " + numberOfCerts + "\n");
sigInfo.append(" UEFI Signature List Type = " + signatureType.toString() + "\n");
sigInfo.append(" Number of items (certs, hashes, etc) = " + numberOfCerts + "\n");
for (int i = 0; i < sigList.size(); i++) {
UefiSignatureData certData = sigList.get(i);
sigInfo.append(certData.toString());
}
if (!dataValid) {
sigInfo.append(" *** Invalid UEFI Signature data encountered: " + dataStatus + "\n");
sigInfo.append(" *** Invalid UEFI Signature data encountered: " + dataStatus + "\n");
}
}
return sigInfo.toString();

View File

@ -163,8 +163,8 @@ public class UefiVariable {
*/
public String toString() {
StringBuilder efiVariable = new StringBuilder();
efiVariable.append("UEFI Variable Name:" + efiVarName + "\n");
efiVariable.append("UEFI Variable GUID = " + uefiVarGuid.toString() + "\n");
efiVariable.append("UEFI Variable Name: " + efiVarName + "\n");
efiVariable.append("UEFI Variable GUID: " + uefiVarGuid.toString() + "\n");
if (efiVarName != "") {
efiVariable.append("UEFI Variable Contents => " + "\n");
}

View File

@ -80,14 +80,14 @@ public class UefiX509Cert {
public String toString() {
X509Certificate x509Cert = (X509Certificate) cert;
String certData = "";
certData += " Certificate Serial Number = "
certData += " Certificate Serial Number = "
+ x509Cert.getSerialNumber().toString(UefiConstants.SIZE_16) + "\n";
certData += " Subject DN = " + x509Cert.getSubjectX500Principal().getName() + "\n";
certData += " Issuer DN = " + x509Cert.getIssuerX500Principal().getName() + "\n";
certData += " Not Before Date = " + x509Cert.getNotBefore() + "\n";
certData += " Not After Date = " + x509Cert.getNotAfter() + "\n";
certData += " Signature Algorithm = " + x509Cert.getSigAlgName() + "\n";
certData += " SHA1 Fingerprint = " + getSHA1FingerPrint() + "\n";
certData += " Subject DN = " + x509Cert.getSubjectX500Principal().getName() + "\n";
certData += " Issuer DN = " + x509Cert.getIssuerX500Principal().getName() + "\n";
certData += " Not Before Date = " + x509Cert.getNotBefore() + "\n";
certData += " Not After Date = " + x509Cert.getNotAfter() + "\n";
certData += " Signature Algorithm = " + x509Cert.getSigAlgName() + "\n";
certData += " SHA1 Fingerprint = " + getSHA1FingerPrint() + "\n";
return certData;
}
}