From a54471344871378fb24b7d1d0f58618dfa6e4cf6 Mon Sep 17 00:00:00 2001
From: iadgovuser58 <124906646+iadgovuser58@users.noreply.github.com>
Date: Tue, 9 Apr 2024 18:02:53 -0400
Subject: [PATCH] parsing event

---
 .../events/DeviceSecurityEventData.java       | 99 +++++++++++++++++++
 .../events/EvEfiSpdmFirmwareBlob.java         | 42 ++++----
 2 files changed, 120 insertions(+), 21 deletions(-)

diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java
index d4de40af..c2d74566 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java
@@ -37,5 +37,104 @@ import java.util.List;
  * 4. First 16 bytes of the structure header is an ASCII "SPDM Device Sec"
  */
 public class DeviceSecurityEventData {
+//    /**
+//     * Minor Version.
+//     */
+//    @Getter
+//    private String versionMinor = "";
+//    /**
+//     * Major Version.
+//     */
+//    @Getter
+//    private String versionMajor = "";
+//    /**
+//     * Specification errata version.
+//     */
+//    @Getter
+//    private String errata = "";
+    /**
+     * Signature (text) data.
+     */
+    @Getter
+    private String signature = "";
+    /**
+     * Platform class.
+     */
+    @Getter
+    private String version = "";
+//    /**
+//     * Algorithm count.
+//     */
+//    @Getter
+//    private int numberOfAlg = 0;
+//    /**
+//     * True if event log uses Crypto Agile format.
+//     */
+//    @Getter
+//    private boolean cryptoAgile = false;
+//    /**
+//     * Algorithm list.
+//     */
+//    private List<String> algList;
 
+    /**
+     * DeviceSecurityEventData Constructor.
+     *
+     * @param deviceSecurityEventDataBytes byte array holding the spec ID Event.
+     */
+    public DeviceSecurityEventData(final byte[] deviceSecurityEventDataBytes) {
+//        algList = new ArrayList<>();
+        byte[] signatureBytes = new byte[UefiConstants.SIZE_16];
+        System.arraycopy(deviceSecurityEventDataBytes, 0, signatureBytes, 0, UefiConstants.SIZE_16);
+        //signature = HexUtils.byteArrayToHexString(signatureBytes);
+        signature = new String(signatureBytes, StandardCharsets.UTF_8)
+                .substring(0, UefiConstants.SIZE_15);
+
+        byte[] versionBytes = new byte[UefiConstants.SIZE_4];
+        System.arraycopy(deviceSecurityEventDataBytes, UefiConstants.OFFSET_16, versionBytes, 0,
+                UefiConstants.SIZE_4);
+        version = HexUtils.byteArrayToHexString(versionBytes);
+
+        if (version == "1") {
+
+        } else if (version == "2") {
+
+        }
+
+//        byte[] platformClassBytes = new byte[UefiConstants.SIZE_4];
+//        System.arraycopy(efiSpecId, UefiConstants.OFFSET_16, platformClassBytes, 0,
+//                UefiConstants.SIZE_4);
+//        platformClass = HexUtils.byteArrayToHexString(platformClassBytes);
+//
+//        byte[] specVersionMinorBytes = new byte[1];
+//        System.arraycopy(efiSpecId, UefiConstants.OFFSET_20, specVersionMinorBytes, 0, 1);
+//        versionMinor = HexUtils.byteArrayToHexString(specVersionMinorBytes);
+//
+//        byte[] specVersionMajorBytes = new byte[1];
+//        System.arraycopy(efiSpecId, UefiConstants.OFFSET_21, specVersionMajorBytes, 0, 1);
+//        versionMajor = HexUtils.byteArrayToHexString(specVersionMajorBytes);
+//
+//        byte[] specErrataBytes = new byte[1];
+//        System.arraycopy(efiSpecId, UefiConstants.OFFSET_22, specErrataBytes, 0, 1);
+//        errata = HexUtils.byteArrayToHexString(specErrataBytes);
+//
+//        byte[] numberOfAlgBytes = new byte[UefiConstants.SIZE_4];
+//        System.arraycopy(efiSpecId, UefiConstants.OFFSET_24, numberOfAlgBytes, 0,
+//                UefiConstants.SIZE_4);
+//        numberOfAlg = HexUtils.leReverseInt(numberOfAlgBytes);
+//
+//        byte[] algorithmIDBytes = new byte[UefiConstants.SIZE_2];
+//        int algLocation = UefiConstants.SIZE_28;
+//        for (int i = 0; i < numberOfAlg; i++) {
+//            System.arraycopy(efiSpecId, algLocation + UefiConstants.OFFSET_4 * i, algorithmIDBytes,
+//                    0, UefiConstants.SIZE_2);
+//            String alg = TcgTpmtHa.tcgAlgIdToString(HexUtils.leReverseInt(algorithmIDBytes));
+//            algList.add(alg);
+//        }
+//        if ((algList.size() == 1) && (algList.get(0).compareTo("SHA1") == 0)) {
+//            cryptoAgile = false;
+//        } else {
+//            cryptoAgile = true;
+//        }
+    }
 }
diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java
index e4fb7150..42920012 100644
--- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java
@@ -55,22 +55,22 @@ public class EvEfiSpdmFirmwareBlob {
      */
     public EvEfiSpdmFirmwareBlob(final byte[] eventData) throws UnsupportedEncodingException {
         byte[] signatureBytes = new byte[UefiConstants.SIZE_15];
-//        System.arraycopy(eventData, 0, signatureBytes, 0, UefiConstants.SIZE_15);
-//        signature = new String(signatureBytes, StandardCharsets.UTF_8);
-//        signature = signature.replaceAll("[^\\P{C}\t\r\n]", ""); // remove null characters
-//        if (signature.contains("Spec ID Event03")) {      // implies CryptAgileFormat
-//            specIDEvent = new EvEfiSpecIdEvent(eventData);
-//            bSpecIDEvent = true;
-//        }
+        System.arraycopy(eventData, 0, signatureBytes, 0, UefiConstants.SIZE_15);
+        signature = new String(signatureBytes, StandardCharsets.UTF_8);
+        signature = signature.replaceAll("[^\\P{C}\t\r\n]", ""); // remove null characters
+        if (signature.contains("SPDM Device Sec")) {      // implies Device Security event
+            deviceSecurityEventData = new DeviceSecurityEventData(eventData);
+            bDeviceSecurityEventData = true;
+        }
     }
 
     /**
-     * Determines if this event is a SpecIDEvent.
+     * Determines if this event is a DeviceSecurityEventData.
      *
-     * @return true of the event is a SpecIDEvent.
+     * @return true of the event is a DeviceSecurityEventData.
      */
-    public boolean isDeviceSecurityEventDataHeader() {
-        return bDeviceSecurityEventDataHeader;
+    public boolean isDeviceSecurityEventData() {
+        return bDeviceSecurityEventData;
     }
 
     /**
@@ -78,10 +78,10 @@ public class EvEfiSpdmFirmwareBlob {
      *
      * @return Human readable description of this event.
      */
-//    public String toString() {
-//        String specInfo = "";
-//        if (bSpecIDEvent) {
-//            specInfo += "   Signature = Spec ID Event03 : ";
+    public String toString() {
+        String specInfo = "";
+        if (bDeviceSecurityEventData) {
+            specInfo += "   Signature =  SPDM Device Sec : ";
 //            if (specIDEvent.isCryptoAgile()) {
 //                specInfo += "Log format is Crypto Agile\n";
 //            } else {
@@ -90,10 +90,10 @@ public class EvEfiSpdmFirmwareBlob {
 //            specInfo += "   Platform Profile Specification version = "
 //                    + specIDEvent.getVersionMajor() + "." + specIDEvent.getVersionMinor()
 //                    + " using errata version " + specIDEvent.getErrata();
-//        } else {
-//            specInfo = "EV_NO_ACTION event named " + signature
-//                    + " encountered but support for processing it has not been added to this application.\n";
-//        }
-//        return specInfo;
-//    }
+        } else {
+            specInfo = "EV_EFI_SPDM_FIRMWARE_BLOB event named " + signature
+                    + " encountered but support for processing it has not been added to this application.\n";
+        }
+        return specInfo;
+    }
 }