mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-27 16:28:57 +00:00
catching exceptions
This commit is contained in:
parent
712c7f9e9d
commit
9fdc8b1bcb
@ -391,14 +391,7 @@ public class TpmPcrEvent {
|
||||
break;
|
||||
case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB:
|
||||
case EvConstants.EV_EFI_SPDM_FIRMWARE_CONFIG:
|
||||
try {
|
||||
sb.append(new EvEfiSpdmDeviceSecurityEvent(eventContent).toString());
|
||||
} catch (UnsupportedEncodingException ueEx) {
|
||||
log.error(ueEx);
|
||||
sb.append(ueEx.toString());
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
sb.append(new EvEfiSpdmDeviceSecurityEvent(eventContent).toString());
|
||||
break;
|
||||
default:
|
||||
sb.append("Unknown Event found\n");
|
||||
|
@ -69,7 +69,7 @@ public abstract class DeviceSecurityEvent {
|
||||
private int deviceType = -1;
|
||||
|
||||
/**
|
||||
* Human readable description of the data within the
|
||||
* Human-readable description of the data within the
|
||||
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT. DEVICE can be either PCI or USB.
|
||||
*/
|
||||
@Getter
|
||||
|
@ -3,6 +3,7 @@ package hirs.utils.tpm.eventlog.events;
|
||||
import lombok.Getter;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
|
||||
/**
|
||||
* Class to process DEVICE_SECURITY_EVENT_DATA.
|
||||
@ -27,7 +28,7 @@ public class DeviceSecurityEventData extends DeviceSecurityEvent {
|
||||
*
|
||||
* @param dsedBytes byte array holding the DeviceSecurityEventData.
|
||||
*/
|
||||
public DeviceSecurityEventData(final byte[] dsedBytes) throws IOException {
|
||||
public DeviceSecurityEventData(final byte[] dsedBytes) {
|
||||
dsedHeader = new DeviceSecurityEventDataHeader(dsedBytes);
|
||||
setDeviceType(dsedHeader.getDeviceType());
|
||||
int dsedHeaderLength = dsedHeader.getDsedHeaderLength();
|
||||
@ -41,7 +42,7 @@ public class DeviceSecurityEventData extends DeviceSecurityEvent {
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a human readable description of the data within this structure.
|
||||
* Returns a human-readable description of the data within this structure.
|
||||
*
|
||||
* @return a description of this structure.
|
||||
*/
|
||||
|
@ -3,6 +3,7 @@ package hirs.utils.tpm.eventlog.events;
|
||||
import lombok.Getter;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
|
||||
import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_CERT_CHAIN;
|
||||
import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_MEAS_BLOCK;
|
||||
@ -46,7 +47,7 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent {
|
||||
*
|
||||
* @param dsedBytes byte array holding the DeviceSecurityEventData2.
|
||||
*/
|
||||
public DeviceSecurityEventData2(final byte[] dsedBytes) throws IOException {
|
||||
public DeviceSecurityEventData2(final byte[] dsedBytes) {
|
||||
|
||||
dsedHeader2 = new DeviceSecurityEventDataHeader2(dsedBytes);
|
||||
setDeviceType(dsedHeader2.getDeviceType());
|
||||
@ -81,7 +82,7 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent {
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a human readable description of the data within this structure.
|
||||
* Returns a human-readable description of the data within this structure.
|
||||
*
|
||||
* @return a description of this structure.
|
||||
*/
|
||||
|
@ -8,6 +8,7 @@ import lombok.Getter;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
|
||||
/**
|
||||
* Class to process the DEVICE_SECURITY_EVENT_DATA_HEADER.
|
||||
@ -52,7 +53,7 @@ public class DeviceSecurityEventDataHeader extends DeviceSecurityEventHeader {
|
||||
*
|
||||
* @param dsedBytes byte array holding the DeviceSecurityEventData.
|
||||
*/
|
||||
public DeviceSecurityEventDataHeader(final byte[] dsedBytes) throws IOException {
|
||||
public DeviceSecurityEventDataHeader(final byte[] dsedBytes) {
|
||||
|
||||
super(dsedBytes);
|
||||
|
||||
|
@ -92,7 +92,7 @@ public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader {
|
||||
public static final int SUBHEADERTYPE_CERT_CHAIN = 1;
|
||||
|
||||
|
||||
public DeviceSecurityEventDataHeader2(final byte[] dsedBytes) throws UnsupportedEncodingException {
|
||||
public DeviceSecurityEventDataHeader2(final byte[] dsedBytes) {
|
||||
|
||||
super(dsedBytes);
|
||||
|
||||
|
@ -51,7 +51,7 @@ public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends Device
|
||||
*
|
||||
* @param dsedSubHBytes byte array holding the DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.
|
||||
*/
|
||||
public DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(final byte[] dsedSubHBytes) throws IOException {
|
||||
public DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(final byte[] dsedSubHBytes) {
|
||||
|
||||
spdmMeasurementBlockList = new ArrayList<>();
|
||||
|
||||
|
@ -151,8 +151,7 @@ public abstract class DeviceSecurityEventHeader {
|
||||
* @param dsedBytes byte array holding the DeviceSecurityEventData/Data2.
|
||||
* @param startByte starting byte of device path (depends on header fields before it).
|
||||
*/
|
||||
public void extractDevicePathAndFinalSize(final byte[] dsedBytes, int startByte)
|
||||
throws UnsupportedEncodingException {
|
||||
public void extractDevicePathAndFinalSize(final byte[] dsedBytes, int startByte) {
|
||||
|
||||
// get the device path length
|
||||
byte[] devicePathLengthBytes = new byte[UefiConstants.SIZE_8];
|
||||
@ -166,8 +165,13 @@ public abstract class DeviceSecurityEventHeader {
|
||||
byte[] devPathBytes = new byte[devicePathLength];
|
||||
System.arraycopy(dsedBytes, startByte, devPathBytes,
|
||||
0, devicePathLength);
|
||||
devicePath = new UefiDevicePath(devPathBytes);
|
||||
devicePathValid = true;
|
||||
try {
|
||||
devicePath = new UefiDevicePath(devPathBytes);
|
||||
devicePathValid = true;
|
||||
}
|
||||
catch (UnsupportedEncodingException e) {
|
||||
devicePathValid = false;
|
||||
}
|
||||
}
|
||||
|
||||
// header total size
|
||||
|
@ -36,7 +36,7 @@ public class EvEfiSpdmDeviceSecurityEvent {
|
||||
/**
|
||||
* DeviceSecurityEvent Object.
|
||||
*/
|
||||
private DeviceSecurityEvent dSED = null;
|
||||
private DeviceSecurityEvent dsed = null;
|
||||
|
||||
/**
|
||||
* Signature (text) data.
|
||||
@ -54,7 +54,7 @@ public class EvEfiSpdmDeviceSecurityEvent {
|
||||
* @param eventData byte array holding the event to process.
|
||||
* @throws java.io.UnsupportedEncodingException if input fails to parse.
|
||||
*/
|
||||
public EvEfiSpdmDeviceSecurityEvent(final byte[] eventData) throws IOException {
|
||||
public EvEfiSpdmDeviceSecurityEvent(final byte[] eventData) {
|
||||
|
||||
byte[] signatureBytes = new byte[UefiConstants.SIZE_16];
|
||||
System.arraycopy(eventData, 0, signatureBytes, 0, UefiConstants.SIZE_16);
|
||||
@ -74,8 +74,8 @@ public class EvEfiSpdmDeviceSecurityEvent {
|
||||
spdmInfo = " Signature = SPDM Device Sec2";
|
||||
|
||||
if (version.equals("0200")) {
|
||||
dSED = new DeviceSecurityEventData2(eventData);
|
||||
spdmInfo += dSED.toString();
|
||||
dsed = new DeviceSecurityEventData2(eventData);
|
||||
spdmInfo += dsed.toString();
|
||||
}
|
||||
else {
|
||||
spdmInfo += " Incompatible version for DeviceSecurityEventData2: " + version;
|
||||
@ -86,8 +86,8 @@ public class EvEfiSpdmDeviceSecurityEvent {
|
||||
spdmInfo = " Signature = SPDM Device Sec";
|
||||
|
||||
if (version.equals("0100")) {
|
||||
dSED = new DeviceSecurityEventData(eventData);
|
||||
spdmInfo += dSED.toString();
|
||||
dsed = new DeviceSecurityEventData(eventData);
|
||||
spdmInfo += dsed.toString();
|
||||
}
|
||||
else {
|
||||
spdmInfo += " Incompatible version for DeviceSecurityEventData: " + version;
|
||||
@ -101,7 +101,7 @@ public class EvEfiSpdmDeviceSecurityEvent {
|
||||
/**
|
||||
* Returns a description of this event.
|
||||
*
|
||||
* @return Human readable description of this event.
|
||||
* @return Human-readable description of this event.
|
||||
*/
|
||||
public String toString() {
|
||||
return spdmInfo;
|
||||
|
@ -62,9 +62,11 @@ public class SpdmMeasurement {
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a human readable description of the data within this structure.
|
||||
* Lookup for SPDM measurement value type
|
||||
*
|
||||
* @return a description of this structure..
|
||||
* @param measValType the numerical representation of the measurement value type.
|
||||
*
|
||||
* @return a description of the measurement value type.
|
||||
*/
|
||||
public String dmtfSpecMeasurementValueTypeToString(final int measValType) {
|
||||
|
||||
@ -92,7 +94,7 @@ public class SpdmMeasurement {
|
||||
measValTypeStr = "Mutable firmware's version number";
|
||||
break;
|
||||
case 7:
|
||||
measValTypeStr = "Mutable firmware's security verison number";
|
||||
measValTypeStr = "Mutable firmware's security version number";
|
||||
break;
|
||||
case 8:
|
||||
measValTypeStr = "Hash-extended measurement";
|
||||
@ -109,6 +111,11 @@ public class SpdmMeasurement {
|
||||
return measValTypeStr;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a human-readable description of the data within this structure.
|
||||
*
|
||||
* @return a description of this structure.
|
||||
*/
|
||||
public String toString() {
|
||||
String spdmMeasInfo = "";
|
||||
|
||||
|
@ -4,8 +4,13 @@ import hirs.utils.HexUtils;
|
||||
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
|
||||
import lombok.Getter;
|
||||
|
||||
import java.io.BufferedInputStream;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
/**
|
||||
* Class to process the SpdmMeasurementBlock.
|
||||
@ -41,75 +46,58 @@ public class SpdmMeasurementBlock {
|
||||
* SPDM Measurement.
|
||||
*/
|
||||
private SpdmMeasurement spdmMeasurement;
|
||||
/**
|
||||
* Error reading SPDM Measurement Block.
|
||||
*/
|
||||
private boolean spdmMeasurementBlockReadError = false;
|
||||
|
||||
/**
|
||||
* SpdmMeasurementBlock Constructor.
|
||||
*
|
||||
* @param spdmMeasBlocks byte array holding the SPDM Measurement Block bytes.
|
||||
*/
|
||||
// public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) {
|
||||
public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) throws IOException {
|
||||
public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) {
|
||||
|
||||
byte[] indexBytes = new byte[1];
|
||||
spdmMeasBlocks.read(indexBytes);
|
||||
index = HexUtils.leReverseInt(indexBytes);
|
||||
try {
|
||||
byte[] indexBytes = new byte[1];
|
||||
spdmMeasBlocks.read(indexBytes);
|
||||
index = HexUtils.leReverseInt(indexBytes);
|
||||
|
||||
byte[] measurementSpecBytes = new byte[1];
|
||||
spdmMeasBlocks.read(measurementSpecBytes);
|
||||
measurementSpec = HexUtils.leReverseInt(measurementSpecBytes);
|
||||
byte[] measurementSpecBytes = new byte[1];
|
||||
spdmMeasBlocks.read(measurementSpecBytes);
|
||||
measurementSpec = HexUtils.leReverseInt(measurementSpecBytes);
|
||||
|
||||
// in future, can crosscheck this measurement size with the MeasurementSpec hash alg size
|
||||
byte[] measurementSizeBytes = new byte[2];
|
||||
spdmMeasBlocks.read(measurementSizeBytes);
|
||||
int measurementSize = HexUtils.leReverseInt(measurementSizeBytes);
|
||||
// in future, can crosscheck this measurement size with the MeasurementSpec hash alg size
|
||||
byte[] measurementSizeBytes = new byte[2];
|
||||
spdmMeasBlocks.read(measurementSizeBytes);
|
||||
int measurementSize = HexUtils.leReverseInt(measurementSizeBytes);
|
||||
|
||||
byte[] measurementBytes = new byte[measurementSize];
|
||||
spdmMeasBlocks.read(measurementBytes);
|
||||
spdmMeasurement = new SpdmMeasurement(measurementBytes);
|
||||
byte[] measurementBytes = new byte[measurementSize];
|
||||
spdmMeasBlocks.read(measurementBytes);
|
||||
spdmMeasurement = new SpdmMeasurement(measurementBytes);
|
||||
} catch (IOException ioEx) {
|
||||
spdmMeasurementBlockReadError = true;
|
||||
}
|
||||
}
|
||||
|
||||
// /**
|
||||
// * SpdmMeasurementBlock Constructor.
|
||||
// *
|
||||
// * @param spdmMeasBlockBytes byte array holding the SPDM Measurement Block bytes.
|
||||
// */
|
||||
// public SpdmMeasurementBlock(final byte[] spdmMeasBlockBytes) {
|
||||
//
|
||||
// byte[] indexBytes = new byte[1];
|
||||
// System.arraycopy(spdmMeasBlockBytes, 0, indexBytes, 0,
|
||||
// 1);
|
||||
// index = HexUtils.leReverseInt(indexBytes);
|
||||
//
|
||||
// byte[] measurementSpecBytes = new byte[1];
|
||||
// System.arraycopy(spdmMeasBlockBytes, 1, measurementSpecBytes, 0,
|
||||
// 1);
|
||||
// measurementSpec = HexUtils.leReverseInt(measurementSpecBytes);
|
||||
//
|
||||
// // in future, can crosscheck this measurement size with the MeasurementSpec hash alg size
|
||||
// byte[] measurementSizeBytes = new byte[2];
|
||||
// System.arraycopy(spdmMeasBlockBytes, 2, measurementSizeBytes, 0,
|
||||
// 2);
|
||||
// int measurementSize = HexUtils.leReverseInt(measurementSizeBytes);
|
||||
//
|
||||
// byte[] measurementBytes = new byte[measurementSize];
|
||||
// System.arraycopy(spdmMeasBlockBytes, 4, measurementBytes, 0,
|
||||
// measurementSize);
|
||||
// spdmMeasurement = new SpdmMeasurement(measurementBytes);
|
||||
// }
|
||||
|
||||
/**
|
||||
* Returns a human readable description of the data within this structure.
|
||||
* Returns a human-readable description of the data within this structure.
|
||||
*
|
||||
* @return a description of this structure..
|
||||
*/
|
||||
public String toString() {
|
||||
|
||||
String spdmMeasBlockInfo = "";
|
||||
|
||||
spdmMeasBlockInfo += "\n Index = " + index;
|
||||
spdmMeasBlockInfo += "\n MeasurementSpec = " + measurementSpec;
|
||||
spdmMeasBlockInfo += spdmMeasurement.toString();
|
||||
if(spdmMeasurementBlockReadError) {
|
||||
spdmMeasBlockInfo += "\n Error reading SPDM Measurement Block";
|
||||
}
|
||||
else {
|
||||
spdmMeasBlockInfo += "\n Index = " + index;
|
||||
spdmMeasBlockInfo += "\n MeasurementSpec = " + measurementSpec;
|
||||
spdmMeasBlockInfo += spdmMeasurement.toString();
|
||||
}
|
||||
|
||||
return spdmMeasBlockInfo;
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -220,7 +220,7 @@ public class UefiVariable {
|
||||
case "devdb": // SPDM_DEVICE_POLICY and SPDM_DEVICE_AUTHORITY
|
||||
// (update when test patterns exist)
|
||||
efiVariable.append(" EV_EFI_SPDM_DEVICE_POLICY and EV_EFI_SPDM_DEVICE_AUTHORITY: " +
|
||||
"To be processed once more test patterns exist\n");
|
||||
"To be processed once more test patterns exist");
|
||||
break;
|
||||
case "Boot00":
|
||||
efiVariable.append(bootv.toString());
|
||||
|
Loading…
Reference in New Issue
Block a user