catching exceptions

This commit is contained in:
iadgovuser58 2024-06-28 17:42:38 -04:00 committed by chubtub
parent 712c7f9e9d
commit 9fdc8b1bcb
12 changed files with 75 additions and 80 deletions

View File

@ -391,14 +391,7 @@ public class TpmPcrEvent {
break; break;
case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB: case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB:
case EvConstants.EV_EFI_SPDM_FIRMWARE_CONFIG: case EvConstants.EV_EFI_SPDM_FIRMWARE_CONFIG:
try {
sb.append(new EvEfiSpdmDeviceSecurityEvent(eventContent).toString()); sb.append(new EvEfiSpdmDeviceSecurityEvent(eventContent).toString());
} catch (UnsupportedEncodingException ueEx) {
log.error(ueEx);
sb.append(ueEx.toString());
} catch (IOException e) {
throw new RuntimeException(e);
}
break; break;
default: default:
sb.append("Unknown Event found\n"); sb.append("Unknown Event found\n");

View File

@ -69,7 +69,7 @@ public abstract class DeviceSecurityEvent {
private int deviceType = -1; private int deviceType = -1;
/** /**
* Human readable description of the data within the * Human-readable description of the data within the
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT. DEVICE can be either PCI or USB. * DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT. DEVICE can be either PCI or USB.
*/ */
@Getter @Getter

View File

@ -3,6 +3,7 @@ package hirs.utils.tpm.eventlog.events;
import lombok.Getter; import lombok.Getter;
import java.io.IOException; import java.io.IOException;
import java.io.UnsupportedEncodingException;
/** /**
* Class to process DEVICE_SECURITY_EVENT_DATA. * Class to process DEVICE_SECURITY_EVENT_DATA.
@ -27,7 +28,7 @@ public class DeviceSecurityEventData extends DeviceSecurityEvent {
* *
* @param dsedBytes byte array holding the DeviceSecurityEventData. * @param dsedBytes byte array holding the DeviceSecurityEventData.
*/ */
public DeviceSecurityEventData(final byte[] dsedBytes) throws IOException { public DeviceSecurityEventData(final byte[] dsedBytes) {
dsedHeader = new DeviceSecurityEventDataHeader(dsedBytes); dsedHeader = new DeviceSecurityEventDataHeader(dsedBytes);
setDeviceType(dsedHeader.getDeviceType()); setDeviceType(dsedHeader.getDeviceType());
int dsedHeaderLength = dsedHeader.getDsedHeaderLength(); int dsedHeaderLength = dsedHeader.getDsedHeaderLength();
@ -41,7 +42,7 @@ public class DeviceSecurityEventData extends DeviceSecurityEvent {
} }
/** /**
* Returns a human readable description of the data within this structure. * Returns a human-readable description of the data within this structure.
* *
* @return a description of this structure. * @return a description of this structure.
*/ */

View File

@ -3,6 +3,7 @@ package hirs.utils.tpm.eventlog.events;
import lombok.Getter; import lombok.Getter;
import java.io.IOException; import java.io.IOException;
import java.io.UnsupportedEncodingException;
import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_CERT_CHAIN; import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_CERT_CHAIN;
import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_MEAS_BLOCK; import static hirs.utils.tpm.eventlog.events.DeviceSecurityEventDataHeader2.SUBHEADERTYPE_MEAS_BLOCK;
@ -46,7 +47,7 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent {
* *
* @param dsedBytes byte array holding the DeviceSecurityEventData2. * @param dsedBytes byte array holding the DeviceSecurityEventData2.
*/ */
public DeviceSecurityEventData2(final byte[] dsedBytes) throws IOException { public DeviceSecurityEventData2(final byte[] dsedBytes) {
dsedHeader2 = new DeviceSecurityEventDataHeader2(dsedBytes); dsedHeader2 = new DeviceSecurityEventDataHeader2(dsedBytes);
setDeviceType(dsedHeader2.getDeviceType()); setDeviceType(dsedHeader2.getDeviceType());
@ -81,7 +82,7 @@ public class DeviceSecurityEventData2 extends DeviceSecurityEvent {
} }
/** /**
* Returns a human readable description of the data within this structure. * Returns a human-readable description of the data within this structure.
* *
* @return a description of this structure. * @return a description of this structure.
*/ */

View File

@ -8,6 +8,7 @@ import lombok.Getter;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.UnsupportedEncodingException;
/** /**
* Class to process the DEVICE_SECURITY_EVENT_DATA_HEADER. * Class to process the DEVICE_SECURITY_EVENT_DATA_HEADER.
@ -52,7 +53,7 @@ public class DeviceSecurityEventDataHeader extends DeviceSecurityEventHeader {
* *
* @param dsedBytes byte array holding the DeviceSecurityEventData. * @param dsedBytes byte array holding the DeviceSecurityEventData.
*/ */
public DeviceSecurityEventDataHeader(final byte[] dsedBytes) throws IOException { public DeviceSecurityEventDataHeader(final byte[] dsedBytes) {
super(dsedBytes); super(dsedBytes);

View File

@ -92,7 +92,7 @@ public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventHeader {
public static final int SUBHEADERTYPE_CERT_CHAIN = 1; public static final int SUBHEADERTYPE_CERT_CHAIN = 1;
public DeviceSecurityEventDataHeader2(final byte[] dsedBytes) throws UnsupportedEncodingException { public DeviceSecurityEventDataHeader2(final byte[] dsedBytes) {
super(dsedBytes); super(dsedBytes);

View File

@ -51,7 +51,7 @@ public class DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock extends Device
* *
* @param dsedSubHBytes byte array holding the DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock. * @param dsedSubHBytes byte array holding the DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock.
*/ */
public DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(final byte[] dsedSubHBytes) throws IOException { public DeviceSecurityEventDataSubHeaderSpdmMeasurementBlock(final byte[] dsedSubHBytes) {
spdmMeasurementBlockList = new ArrayList<>(); spdmMeasurementBlockList = new ArrayList<>();

View File

@ -151,8 +151,7 @@ public abstract class DeviceSecurityEventHeader {
* @param dsedBytes byte array holding the DeviceSecurityEventData/Data2. * @param dsedBytes byte array holding the DeviceSecurityEventData/Data2.
* @param startByte starting byte of device path (depends on header fields before it). * @param startByte starting byte of device path (depends on header fields before it).
*/ */
public void extractDevicePathAndFinalSize(final byte[] dsedBytes, int startByte) public void extractDevicePathAndFinalSize(final byte[] dsedBytes, int startByte) {
throws UnsupportedEncodingException {
// get the device path length // get the device path length
byte[] devicePathLengthBytes = new byte[UefiConstants.SIZE_8]; byte[] devicePathLengthBytes = new byte[UefiConstants.SIZE_8];
@ -166,9 +165,14 @@ public abstract class DeviceSecurityEventHeader {
byte[] devPathBytes = new byte[devicePathLength]; byte[] devPathBytes = new byte[devicePathLength];
System.arraycopy(dsedBytes, startByte, devPathBytes, System.arraycopy(dsedBytes, startByte, devPathBytes,
0, devicePathLength); 0, devicePathLength);
try {
devicePath = new UefiDevicePath(devPathBytes); devicePath = new UefiDevicePath(devPathBytes);
devicePathValid = true; devicePathValid = true;
} }
catch (UnsupportedEncodingException e) {
devicePathValid = false;
}
}
// header total size // header total size
dsedHeaderLength = startByte + devicePathLength; dsedHeaderLength = startByte + devicePathLength;

View File

@ -36,7 +36,7 @@ public class EvEfiSpdmDeviceSecurityEvent {
/** /**
* DeviceSecurityEvent Object. * DeviceSecurityEvent Object.
*/ */
private DeviceSecurityEvent dSED = null; private DeviceSecurityEvent dsed = null;
/** /**
* Signature (text) data. * Signature (text) data.
@ -54,7 +54,7 @@ public class EvEfiSpdmDeviceSecurityEvent {
* @param eventData byte array holding the event to process. * @param eventData byte array holding the event to process.
* @throws java.io.UnsupportedEncodingException if input fails to parse. * @throws java.io.UnsupportedEncodingException if input fails to parse.
*/ */
public EvEfiSpdmDeviceSecurityEvent(final byte[] eventData) throws IOException { public EvEfiSpdmDeviceSecurityEvent(final byte[] eventData) {
byte[] signatureBytes = new byte[UefiConstants.SIZE_16]; byte[] signatureBytes = new byte[UefiConstants.SIZE_16];
System.arraycopy(eventData, 0, signatureBytes, 0, UefiConstants.SIZE_16); System.arraycopy(eventData, 0, signatureBytes, 0, UefiConstants.SIZE_16);
@ -74,8 +74,8 @@ public class EvEfiSpdmDeviceSecurityEvent {
spdmInfo = " Signature = SPDM Device Sec2"; spdmInfo = " Signature = SPDM Device Sec2";
if (version.equals("0200")) { if (version.equals("0200")) {
dSED = new DeviceSecurityEventData2(eventData); dsed = new DeviceSecurityEventData2(eventData);
spdmInfo += dSED.toString(); spdmInfo += dsed.toString();
} }
else { else {
spdmInfo += " Incompatible version for DeviceSecurityEventData2: " + version; spdmInfo += " Incompatible version for DeviceSecurityEventData2: " + version;
@ -86,8 +86,8 @@ public class EvEfiSpdmDeviceSecurityEvent {
spdmInfo = " Signature = SPDM Device Sec"; spdmInfo = " Signature = SPDM Device Sec";
if (version.equals("0100")) { if (version.equals("0100")) {
dSED = new DeviceSecurityEventData(eventData); dsed = new DeviceSecurityEventData(eventData);
spdmInfo += dSED.toString(); spdmInfo += dsed.toString();
} }
else { else {
spdmInfo += " Incompatible version for DeviceSecurityEventData: " + version; spdmInfo += " Incompatible version for DeviceSecurityEventData: " + version;
@ -101,7 +101,7 @@ public class EvEfiSpdmDeviceSecurityEvent {
/** /**
* Returns a description of this event. * Returns a description of this event.
* *
* @return Human readable description of this event. * @return Human-readable description of this event.
*/ */
public String toString() { public String toString() {
return spdmInfo; return spdmInfo;

View File

@ -62,9 +62,11 @@ public class SpdmMeasurement {
} }
/** /**
* Returns a human readable description of the data within this structure. * Lookup for SPDM measurement value type
* *
* @return a description of this structure.. * @param measValType the numerical representation of the measurement value type.
*
* @return a description of the measurement value type.
*/ */
public String dmtfSpecMeasurementValueTypeToString(final int measValType) { public String dmtfSpecMeasurementValueTypeToString(final int measValType) {
@ -92,7 +94,7 @@ public class SpdmMeasurement {
measValTypeStr = "Mutable firmware's version number"; measValTypeStr = "Mutable firmware's version number";
break; break;
case 7: case 7:
measValTypeStr = "Mutable firmware's security verison number"; measValTypeStr = "Mutable firmware's security version number";
break; break;
case 8: case 8:
measValTypeStr = "Hash-extended measurement"; measValTypeStr = "Hash-extended measurement";
@ -109,6 +111,11 @@ public class SpdmMeasurement {
return measValTypeStr; return measValTypeStr;
} }
/**
* Returns a human-readable description of the data within this structure.
*
* @return a description of this structure.
*/
public String toString() { public String toString() {
String spdmMeasInfo = ""; String spdmMeasInfo = "";

View File

@ -4,8 +4,13 @@ import hirs.utils.HexUtils;
import hirs.utils.tpm.eventlog.uefi.UefiConstants; import hirs.utils.tpm.eventlog.uefi.UefiConstants;
import lombok.Getter; import lombok.Getter;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/** /**
* Class to process the SpdmMeasurementBlock. * Class to process the SpdmMeasurementBlock.
@ -41,15 +46,19 @@ public class SpdmMeasurementBlock {
* SPDM Measurement. * SPDM Measurement.
*/ */
private SpdmMeasurement spdmMeasurement; private SpdmMeasurement spdmMeasurement;
/**
* Error reading SPDM Measurement Block.
*/
private boolean spdmMeasurementBlockReadError = false;
/** /**
* SpdmMeasurementBlock Constructor. * SpdmMeasurementBlock Constructor.
* *
* @param spdmMeasBlocks byte array holding the SPDM Measurement Block bytes. * @param spdmMeasBlocks byte array holding the SPDM Measurement Block bytes.
*/ */
// public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) { public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) {
public SpdmMeasurementBlock(final ByteArrayInputStream spdmMeasBlocks) throws IOException {
try {
byte[] indexBytes = new byte[1]; byte[] indexBytes = new byte[1];
spdmMeasBlocks.read(indexBytes); spdmMeasBlocks.read(indexBytes);
index = HexUtils.leReverseInt(indexBytes); index = HexUtils.leReverseInt(indexBytes);
@ -66,50 +75,29 @@ public class SpdmMeasurementBlock {
byte[] measurementBytes = new byte[measurementSize]; byte[] measurementBytes = new byte[measurementSize];
spdmMeasBlocks.read(measurementBytes); spdmMeasBlocks.read(measurementBytes);
spdmMeasurement = new SpdmMeasurement(measurementBytes); spdmMeasurement = new SpdmMeasurement(measurementBytes);
} catch (IOException ioEx) {
spdmMeasurementBlockReadError = true;
}
} }
// /**
// * SpdmMeasurementBlock Constructor.
// *
// * @param spdmMeasBlockBytes byte array holding the SPDM Measurement Block bytes.
// */
// public SpdmMeasurementBlock(final byte[] spdmMeasBlockBytes) {
//
// byte[] indexBytes = new byte[1];
// System.arraycopy(spdmMeasBlockBytes, 0, indexBytes, 0,
// 1);
// index = HexUtils.leReverseInt(indexBytes);
//
// byte[] measurementSpecBytes = new byte[1];
// System.arraycopy(spdmMeasBlockBytes, 1, measurementSpecBytes, 0,
// 1);
// measurementSpec = HexUtils.leReverseInt(measurementSpecBytes);
//
// // in future, can crosscheck this measurement size with the MeasurementSpec hash alg size
// byte[] measurementSizeBytes = new byte[2];
// System.arraycopy(spdmMeasBlockBytes, 2, measurementSizeBytes, 0,
// 2);
// int measurementSize = HexUtils.leReverseInt(measurementSizeBytes);
//
// byte[] measurementBytes = new byte[measurementSize];
// System.arraycopy(spdmMeasBlockBytes, 4, measurementBytes, 0,
// measurementSize);
// spdmMeasurement = new SpdmMeasurement(measurementBytes);
// }
/** /**
* Returns a human readable description of the data within this structure. * Returns a human-readable description of the data within this structure.
* *
* @return a description of this structure.. * @return a description of this structure..
*/ */
public String toString() { public String toString() {
String spdmMeasBlockInfo = ""; String spdmMeasBlockInfo = "";
if(spdmMeasurementBlockReadError) {
spdmMeasBlockInfo += "\n Error reading SPDM Measurement Block";
}
else {
spdmMeasBlockInfo += "\n Index = " + index; spdmMeasBlockInfo += "\n Index = " + index;
spdmMeasBlockInfo += "\n MeasurementSpec = " + measurementSpec; spdmMeasBlockInfo += "\n MeasurementSpec = " + measurementSpec;
spdmMeasBlockInfo += spdmMeasurement.toString(); spdmMeasBlockInfo += spdmMeasurement.toString();
}
return spdmMeasBlockInfo; return spdmMeasBlockInfo;
} }
} }

View File

@ -220,7 +220,7 @@ public class UefiVariable {
case "devdb": // SPDM_DEVICE_POLICY and SPDM_DEVICE_AUTHORITY case "devdb": // SPDM_DEVICE_POLICY and SPDM_DEVICE_AUTHORITY
// (update when test patterns exist) // (update when test patterns exist)
efiVariable.append(" EV_EFI_SPDM_DEVICE_POLICY and EV_EFI_SPDM_DEVICE_AUTHORITY: " + efiVariable.append(" EV_EFI_SPDM_DEVICE_POLICY and EV_EFI_SPDM_DEVICE_AUTHORITY: " +
"To be processed once more test patterns exist\n"); "To be processed once more test patterns exist");
break; break;
case "Boot00": case "Boot00":
efiVariable.append(bootv.toString()); efiVariable.append(bootv.toString());