From 9996fef67b251a5013eb35cb7f1bb8a585f2db35 Mon Sep 17 00:00:00 2001 From: iadgovuser58 <124906646+iadgovuser58@users.noreply.github.com> Date: Fri, 28 Jun 2024 17:42:38 -0400 Subject: [PATCH] catching exceptions --- .../hirs/utils/tpm/eventlog/TpmPcrEvent.java | 9 +- .../eventlog/events/DeviceSecurityEvent.java | 2 +- .../events/DeviceSecurityEventData.java | 5 +- .../events/DeviceSecurityEventData2.java | 5 +- .../events/DeviceSecurityEventDataHeader.java | 3 +- .../DeviceSecurityEventDataHeader2.java | 2 +- ...ventDataSubHeaderSpdmMeasurementBlock.java | 2 +- .../events/DeviceSecurityEventHeader.java | 12 ++- .../events/EvEfiSpdmDeviceSecurityEvent.java | 14 +-- .../tpm/eventlog/spdm/SpdmMeasurement.java | 13 ++- .../eventlog/spdm/SpdmMeasurementBlock.java | 86 ++++++++----------- .../utils/tpm/eventlog/uefi/UefiVariable.java | 2 +- 12 files changed, 75 insertions(+), 80 deletions(-) diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java index bd0b1f68..5a5758e9 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java @@ -391,14 +391,7 @@ public class TpmPcrEvent { break; case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB: case EvConstants.EV_EFI_SPDM_FIRMWARE_CONFIG: - try { - sb.append(new EvEfiSpdmDeviceSecurityEvent(eventContent).toString()); - } catch (UnsupportedEncodingException ueEx) { - log.error(ueEx); - sb.append(ueEx.toString()); - } catch (IOException e) { - throw new RuntimeException(e); - } + sb.append(new EvEfiSpdmDeviceSecurityEvent(eventContent).toString()); break; default: sb.append("Unknown Event found\n"); diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java index 18894e88..49cf9555 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java @@ -69,7 +69,7 @@ public abstract class DeviceSecurityEvent { private int deviceType = -1; /** - * Human readable description of the data within the + * Human-readable description of the data within the * DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT. DEVICE can be either PCI or USB. */ @Getter diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java index 91a4a2ec..9a852704 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java @@ -3,6 +3,7 @@ package hirs.utils.tpm.eventlog.events; import lombok.Getter; import java.io.IOException; +import java.io.UnsupportedEncodingException; /** * Class to process DEVICE_SECURITY_EVENT_DATA. @@ -27,7 +28,7 @@ public class DeviceSecurityEventData extends DeviceSecurityEvent { * * @param dsedBytes byte array holding the DeviceSecurityEventData. */ - public DeviceSecurityEventData(final byte[] dsedBytes) throws IOException { + public DeviceSecurityEventData(final byte[] dsedBytes) { dsedHeader = new DeviceSecurityEventDataHeader(dsedBytes); setDeviceType(dsedHeader.getDeviceType()); int dsedHeaderLength = dsedHeader.getDsedHeaderLength(); @@ -41,7 +42,7 @@ public class DeviceSecurityEventData extends DeviceSecurityEvent { } /** - * Returns a human readable description of the data within this structure. + * Returns a human-readable description of the data within this structure. * * @return a description of this structure. */ diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java index c470a5fb..68327e30 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java @@ -3,6 +3,7 @@ package hirs.utils.tpm.eventlog.events; import lombok.Getter; import java.io.IOException; +import java.io.UnsupportedEncodingException; import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_CERT_CHAIN; import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_MEAS_BLOCK; @@ -46,7 +47,7 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent { * * @param dsedBytes byte array holding the DeviceSecurityEventData2. */ - public DeviceSecurityEventData2(final byte[] dsedBytes) throws IOException { + public DeviceSecurityEventData2(final byte[] dsedBytes) { dsedHeader2 = new DeviceSecurityEventDataHeader2(dsedBytes); setDeviceType(dsedHeader2.getDeviceType()); @@ -81,7 +82,7 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent { } /** - * Returns a human readable description of the data within this structure. + * Returns a human-readable description of the data within this structure. * * @return a description of this structure. */ diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java index 0fe0226e..bc4218e9 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java @@ -8,6 +8,7 @@ import lombok.Getter; import java.io.ByteArrayInputStream; import java.io.IOException; +import java.io.UnsupportedEncodingException; /** * Class to process the DEVICE_SECURITY_EVENT_DATA_HEADER. @@ -52,7 +53,7 @@ public class DeviceSecurityEventDataHeader extends DeviceSecurityEventHeader { * * @param dsedBytes byte array holding the DeviceSecurityEventData. */ - public DeviceSecurityEventDataHeader(final byte[] dsedBytes) throws IOException { + public DeviceSecurityEventDataHeader(final byte[] dsedBytes) { super(dsedBytes); diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java index f113c855..6a825412 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java @@ -92,7 +92,7 @@ public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader { public static final int SUBHEADERTYPE_CERT_CHAIN = 1; - public DeviceSecurityEventDataHeader2(final byte[] dsedBytes) throws UnsupportedEncodingException { + public DeviceSecurityEventDataHeader2(final byte[] dsedBytes) { super(dsedBytes); diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java index ef592483..21559967 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.java @@ -51,7 +51,7 @@ public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends Device * * @param dsedSubHBytes byte array holding the DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock. */ - public DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(final byte[] dsedSubHBytes) throws IOException { + public DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(final byte[] dsedSubHBytes) { spdmMeasurementBlockList = new ArrayList<>(); diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java index b9bcebb6..210f4f86 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventHeader.java @@ -151,8 +151,7 @@ public abstract class DeviceSecurityEventHeader { * @param dsedBytes byte array holding the DeviceSecurityEventData/Data2. * @param startByte starting byte of device path (depends on header fields before it). */ - public void extractDevicePathAndFinalSize(final byte[] dsedBytes, int startByte) - throws UnsupportedEncodingException { + public void extractDevicePathAndFinalSize(final byte[] dsedBytes, int startByte) { // get the device path length byte[] devicePathLengthBytes = new byte[UefiConstants.SIZE_8]; @@ -166,8 +165,13 @@ public abstract class DeviceSecurityEventHeader { byte[] devPathBytes = new byte[devicePathLength]; System.arraycopy(dsedBytes, startByte, devPathBytes, 0, devicePathLength); - devicePath = new UefiDevicePath(devPathBytes); - devicePathValid = true; + try { + devicePath = new UefiDevicePath(devPathBytes); + devicePathValid = true; + } + catch (UnsupportedEncodingException e) { + devicePathValid = false; + } } // header total size diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmDeviceSecurityEvent.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmDeviceSecurityEvent.java index a90e55f2..8da93b23 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmDeviceSecurityEvent.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmDeviceSecurityEvent.java @@ -36,7 +36,7 @@ public class EvEfiSpdmDeviceSecurityEvent { /** * DeviceSecurityEvent Object. */ - private DeviceSecurityEvent dSED = null; + private DeviceSecurityEvent dsed = null; /** * Signature (text) data. @@ -54,7 +54,7 @@ public class EvEfiSpdmDeviceSecurityEvent { * @param eventData byte array holding the event to process. * @throws java.io.UnsupportedEncodingException if input fails to parse. */ - public EvEfiSpdmDeviceSecurityEvent(final byte[] eventData) throws IOException { + public EvEfiSpdmDeviceSecurityEvent(final byte[] eventData) { byte[] signatureBytes = new byte[UefiConstants.SIZE_16]; System.arraycopy(eventData, 0, signatureBytes, 0, UefiConstants.SIZE_16); @@ -74,8 +74,8 @@ public class EvEfiSpdmDeviceSecurityEvent { spdmInfo = " Signature = SPDM Device Sec2"; if (version.equals("0200")) { - dSED = new DeviceSecurityEventData2(eventData); - spdmInfo += dSED.toString(); + dsed = new DeviceSecurityEventData2(eventData); + spdmInfo += dsed.toString(); } else { spdmInfo += " Incompatible version for DeviceSecurityEventData2: " + version; @@ -86,8 +86,8 @@ public class EvEfiSpdmDeviceSecurityEvent { spdmInfo = " Signature = SPDM Device Sec"; if (version.equals("0100")) { - dSED = new DeviceSecurityEventData(eventData); - spdmInfo += dSED.toString(); + dsed = new DeviceSecurityEventData(eventData); + spdmInfo += dsed.toString(); } else { spdmInfo += " Incompatible version for DeviceSecurityEventData: " + version; @@ -101,7 +101,7 @@ public class EvEfiSpdmDeviceSecurityEvent { /** * Returns a description of this event. * - * @return Human readable description of this event. + * @return Human-readable description of this event. */ public String toString() { return spdmInfo; diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java index 0773be82..504983cd 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurement.java @@ -62,9 +62,11 @@ public class SpdmMeasurement { } /** - * Returns a human readable description of the data within this structure. + * Lookup for SPDM measurement value type * - * @return a description of this structure.. + * @param measValType the numerical representation of the measurement value type. + * + * @return a description of the measurement value type. */ public String dmtfSpecMeasurementValueTypeToString(final int measValType) { @@ -92,7 +94,7 @@ public class SpdmMeasurement { measValTypeStr = "Mutable firmware's version number"; break; case 7: - measValTypeStr = "Mutable firmware's security verison number"; + measValTypeStr = "Mutable firmware's security version number"; break; case 8: measValTypeStr = "Hash-extended measurement"; @@ -109,6 +111,11 @@ public class SpdmMeasurement { return measValTypeStr; } + /** + * Returns a human-readable description of the data within this structure. + * + * @return a description of this structure. + */ public String toString() { String spdmMeasInfo = ""; diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java index a193dcf3..a9159bd5 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/spdm/SpdmMeasurementBlock.java @@ -4,8 +4,13 @@ import hirs.utils.HexUtils; import hirs.utils.tpm.eventlog.uefi.UefiConstants; import lombok.Getter; +import java.io.BufferedInputStream; import java.io.ByteArrayInputStream; +import java.io.FileInputStream; import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; /** * Class to process the SpdmMeasurementBlock. @@ -41,75 +46,58 @@ public class SpdmMeasurementBlock { * SPDM Measurement. */ private SpdmMeasurement spdmMeasurement; + /** + * Error reading SPDM Measurement Block. + */ + private boolean spdmMeasurementBlockReadError = false; /** * SpdmMeasurementBlock Constructor. * * @param spdmMeasBlocks byte array holding the SPDM Measurement Block bytes. */ -// public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) { - public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) throws IOException { + public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) { - byte[] indexBytes = new byte[1]; - spdmMeasBlocks.read(indexBytes); - index = HexUtils.leReverseInt(indexBytes); + try { + byte[] indexBytes = new byte[1]; + spdmMeasBlocks.read(indexBytes); + index = HexUtils.leReverseInt(indexBytes); - byte[] measurementSpecBytes = new byte[1]; - spdmMeasBlocks.read(measurementSpecBytes); - measurementSpec = HexUtils.leReverseInt(measurementSpecBytes); + byte[] measurementSpecBytes = new byte[1]; + spdmMeasBlocks.read(measurementSpecBytes); + measurementSpec = HexUtils.leReverseInt(measurementSpecBytes); - // in future, can crosscheck this measurement size with the MeasurementSpec hash alg size - byte[] measurementSizeBytes = new byte[2]; - spdmMeasBlocks.read(measurementSizeBytes); - int measurementSize = HexUtils.leReverseInt(measurementSizeBytes); + // in future, can crosscheck this measurement size with the MeasurementSpec hash alg size + byte[] measurementSizeBytes = new byte[2]; + spdmMeasBlocks.read(measurementSizeBytes); + int measurementSize = HexUtils.leReverseInt(measurementSizeBytes); - byte[] measurementBytes = new byte[measurementSize]; - spdmMeasBlocks.read(measurementBytes); - spdmMeasurement = new SpdmMeasurement(measurementBytes); + byte[] measurementBytes = new byte[measurementSize]; + spdmMeasBlocks.read(measurementBytes); + spdmMeasurement = new SpdmMeasurement(measurementBytes); + } catch (IOException ioEx) { + spdmMeasurementBlockReadError = true; + } } -// /** -// * SpdmMeasurementBlock Constructor. -// * -// * @param spdmMeasBlockBytes byte array holding the SPDM Measurement Block bytes. -// */ -// public SpdmMeasurementBlock(final byte[] spdmMeasBlockBytes) { -// -// byte[] indexBytes = new byte[1]; -// System.arraycopy(spdmMeasBlockBytes, 0, indexBytes, 0, -// 1); -// index = HexUtils.leReverseInt(indexBytes); -// -// byte[] measurementSpecBytes = new byte[1]; -// System.arraycopy(spdmMeasBlockBytes, 1, measurementSpecBytes, 0, -// 1); -// measurementSpec = HexUtils.leReverseInt(measurementSpecBytes); -// -// // in future, can crosscheck this measurement size with the MeasurementSpec hash alg size -// byte[] measurementSizeBytes = new byte[2]; -// System.arraycopy(spdmMeasBlockBytes, 2, measurementSizeBytes, 0, -// 2); -// int measurementSize = HexUtils.leReverseInt(measurementSizeBytes); -// -// byte[] measurementBytes = new byte[measurementSize]; -// System.arraycopy(spdmMeasBlockBytes, 4, measurementBytes, 0, -// measurementSize); -// spdmMeasurement = new SpdmMeasurement(measurementBytes); -// } - /** - * Returns a human readable description of the data within this structure. + * Returns a human-readable description of the data within this structure. * * @return a description of this structure.. */ public String toString() { + String spdmMeasBlockInfo = ""; - spdmMeasBlockInfo += "\n Index = " + index; - spdmMeasBlockInfo += "\n MeasurementSpec = " + measurementSpec; - spdmMeasBlockInfo += spdmMeasurement.toString(); + if(spdmMeasurementBlockReadError) { + spdmMeasBlockInfo += "\n Error reading SPDM Measurement Block"; + } + else { + spdmMeasBlockInfo += "\n Index = " + index; + spdmMeasBlockInfo += "\n MeasurementSpec = " + measurementSpec; + spdmMeasBlockInfo += spdmMeasurement.toString(); + } return spdmMeasBlockInfo; } - } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java index 1a5e7175..2e56828a 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java @@ -220,7 +220,7 @@ public class UefiVariable { case "devdb": // SPDM_DEVICE_POLICY and SPDM_DEVICE_AUTHORITY // (update when test patterns exist) efiVariable.append(" EV_EFI_SPDM_DEVICE_POLICY and EV_EFI_SPDM_DEVICE_AUTHORITY: " + - "To be processed once more test patterns exist\n"); + "To be processed once more test patterns exist"); break; case "Boot00": efiVariable.append(bootv.toString());