mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-24 07:06:46 +00:00
Merge pull request #828 from nsacyber/v3_issue_820-spdm
Add processing for EV_EFI_NOACTION NvIndexDynamic structure
This commit is contained in:
commit
b30468eb50
@ -1,16 +1,16 @@
|
|||||||
package hirs.utils;
|
package hirs.utils;
|
||||||
|
|
||||||
import lombok.AccessLevel;
|
|
||||||
import lombok.NoArgsConstructor;
|
|
||||||
|
|
||||||
import java.math.BigInteger;
|
import java.math.BigInteger;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Utilities for working with hex strings and byte arrays.
|
* Utilities for working with hex strings and byte arrays.
|
||||||
*/
|
*/
|
||||||
@NoArgsConstructor(access = AccessLevel.PRIVATE)
|
|
||||||
public final class HexUtils {
|
public final class HexUtils {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default private constructor so checkstyles doesn't complain
|
||||||
|
*/
|
||||||
|
private HexUtils() { }
|
||||||
/**
|
/**
|
||||||
* The mathematical base for the hexadecimal representation.
|
* The mathematical base for the hexadecimal representation.
|
||||||
*/
|
*/
|
||||||
|
@ -2,8 +2,6 @@ package hirs.utils;
|
|||||||
|
|
||||||
import com.eclipsesource.json.Json;
|
import com.eclipsesource.json.Json;
|
||||||
import com.eclipsesource.json.JsonObject;
|
import com.eclipsesource.json.JsonObject;
|
||||||
import lombok.AccessLevel;
|
|
||||||
import lombok.NoArgsConstructor;
|
|
||||||
import lombok.extern.log4j.Log4j2;
|
import lombok.extern.log4j.Log4j2;
|
||||||
|
|
||||||
import java.io.FileInputStream;
|
import java.io.FileInputStream;
|
||||||
@ -20,9 +18,13 @@ import java.nio.file.Path;
|
|||||||
* library.
|
* library.
|
||||||
*/
|
*/
|
||||||
@Log4j2
|
@Log4j2
|
||||||
@NoArgsConstructor(access = AccessLevel.PRIVATE)
|
|
||||||
public final class JsonUtils {
|
public final class JsonUtils {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default private constructor so checkstyles doesn't complain
|
||||||
|
*/
|
||||||
|
private JsonUtils() { }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Getter for the JSON Object that is associated with the elementName value
|
* Getter for the JSON Object that is associated with the elementName value
|
||||||
* mapped in the associated JSON file.
|
* mapped in the associated JSON file.
|
||||||
|
@ -25,6 +25,11 @@ import java.util.List;
|
|||||||
@Log4j2
|
@Log4j2
|
||||||
public final class PciIds {
|
public final class PciIds {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default private constructor so checkstyles doesn't complain
|
||||||
|
*/
|
||||||
|
private PciIds() { }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This pci ids file can be in different places on different distributions.
|
* This pci ids file can be in different places on different distributions.
|
||||||
*/
|
*/
|
||||||
|
@ -1,6 +1,12 @@
|
|||||||
package hirs.utils.enums;
|
package hirs.utils.enums;
|
||||||
|
|
||||||
public final class DeviceInfoEnums {
|
public final class DeviceInfoEnums {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default private constructor so checkstyles doesn't complain
|
||||||
|
*/
|
||||||
|
private DeviceInfoEnums() { }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* A variable used to describe unavailable hardware, firmware, or OS info.
|
* A variable used to describe unavailable hardware, firmware, or OS info.
|
||||||
*/
|
*/
|
||||||
|
@ -3,7 +3,6 @@ package hirs.utils.swid;
|
|||||||
import javax.xml.XMLConstants;
|
import javax.xml.XMLConstants;
|
||||||
import javax.xml.namespace.QName;
|
import javax.xml.namespace.QName;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class contains the String constants that are referenced by the gateway
|
* This class contains the String constants that are referenced by the gateway
|
||||||
* class. It is expected that member properties of this class will expand as
|
* class. It is expected that member properties of this class will expand as
|
||||||
@ -11,6 +10,11 @@ import javax.xml.namespace.QName;
|
|||||||
*/
|
*/
|
||||||
public class SwidTagConstants {
|
public class SwidTagConstants {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default private constructor so checkstyles doesn't complain
|
||||||
|
*/
|
||||||
|
private SwidTagConstants() { }
|
||||||
|
|
||||||
public static final String DEFAULT_KEYSTORE_FILE = "keystore.jks";//"/opt/hirs/rimtool/keystore.jks";
|
public static final String DEFAULT_KEYSTORE_FILE = "keystore.jks";//"/opt/hirs/rimtool/keystore.jks";
|
||||||
public static final String DEFAULT_KEYSTORE_PASSWORD = "password";
|
public static final String DEFAULT_KEYSTORE_PASSWORD = "password";
|
||||||
public static final String DEFAULT_PRIVATE_KEY_ALIAS = "1";
|
public static final String DEFAULT_PRIVATE_KEY_ALIAS = "1";
|
||||||
|
@ -1,15 +1,16 @@
|
|||||||
package hirs.utils.tpm.eventlog.events;
|
package hirs.utils.tpm.eventlog.events;
|
||||||
|
|
||||||
import lombok.AccessLevel;
|
|
||||||
import lombok.NoArgsConstructor;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class for defining constants referenced in the PC Client
|
* Class for defining constants referenced in the PC Client
|
||||||
* Platform Firmware Profile specification.
|
* Platform Firmware Profile specification.
|
||||||
*/
|
*/
|
||||||
@NoArgsConstructor(access = AccessLevel.PRIVATE)
|
|
||||||
public final class EvConstants {
|
public final class EvConstants {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default private constructor so checkstyles doesn't complain
|
||||||
|
*/
|
||||||
|
private EvConstants() { }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Type length = 4 bytes.
|
* Type length = 4 bytes.
|
||||||
*/
|
*/
|
||||||
|
@ -10,13 +10,17 @@ import java.nio.charset.StandardCharsets;
|
|||||||
/**
|
/**
|
||||||
* Class to process the EV_NO_ACTION event.
|
* Class to process the EV_NO_ACTION event.
|
||||||
* The first 16 bytes of the event data MUST be a String based identifier (Signature).
|
* The first 16 bytes of the event data MUST be a String based identifier (Signature).
|
||||||
* The only currently defined Signatures are
|
* Currently defined Signatures are
|
||||||
* 1) "Spec ID Event03"
|
* "Spec ID Event03"
|
||||||
* - implies the data is a TCG_EfiSpecIDEvent
|
* - implies the data is a TCG_EfiSpecIDEvent
|
||||||
* - TCG_EfiSpecIDEvent is the first event in a TPM Event Log and is used to determine
|
* - TCG_EfiSpecIDEvent is the first event in a TPM Event Log and is used to determine
|
||||||
* if the format of the Log (SHA1 vs Crypto Agile).
|
* if the format of the Log (SHA1 vs Crypto Agile).
|
||||||
* 2) "NvIndexInstance"
|
* "StartupLocality"
|
||||||
|
* - implies the data represents locality info (use lookup to interpret)
|
||||||
|
* "NvIndexInstance"
|
||||||
* - implies the data is a NV_INDEX_INSTANCE_EVENT_LOG_DATA
|
* - implies the data is a NV_INDEX_INSTANCE_EVENT_LOG_DATA
|
||||||
|
* "NvIndexDynamic"
|
||||||
|
* - implies the data is a NV_INDEX_DYNAMIC_EVENT_LOG_DATA
|
||||||
* <p>
|
* <p>
|
||||||
* Notes:
|
* Notes:
|
||||||
* 1. First 16 bytes of the structure is an ASCII with a fixed Length of 16
|
* 1. First 16 bytes of the structure is an ASCII with a fixed Length of 16
|
||||||
@ -74,10 +78,13 @@ public class EvNoAction {
|
|||||||
} else if (signature.contains("NvIndexInstance")) {
|
} else if (signature.contains("NvIndexInstance")) {
|
||||||
NvIndexInstanceEventLogData nvIndexInstanceEvent = new NvIndexInstanceEventLogData(eventData);
|
NvIndexInstanceEventLogData nvIndexInstanceEvent = new NvIndexInstanceEventLogData(eventData);
|
||||||
noActionInfo += nvIndexInstanceEvent.toString();
|
noActionInfo += nvIndexInstanceEvent.toString();
|
||||||
|
} else if (signature.contains("NvIndexDynamic")) {
|
||||||
|
NvIndexDynamicEventLogData nvIndexDynamicEvent = new NvIndexDynamicEventLogData(eventData);
|
||||||
|
noActionInfo += nvIndexDynamicEvent.toString();
|
||||||
} else {
|
} else {
|
||||||
noActionInfo = "EV_NO_ACTION event named " + signature
|
noActionInfo = " EV_NO_ACTION event named \"" + signature
|
||||||
+ " encountered but support for processing it has not been"
|
+ "\" encountered but support for processing it has not been"
|
||||||
+ " added to this application.\n";
|
+ " added to this application.\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -0,0 +1,97 @@
|
|||||||
|
package hirs.utils.tpm.eventlog.events;
|
||||||
|
|
||||||
|
import hirs.utils.HexUtils;
|
||||||
|
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Class to process the NV_INDEX_DYNAMIC_EVENT_LOG_DATA per PFP.
|
||||||
|
* Per PFP, the first 16 bytes of the structure are a String based identifier (Signature),
|
||||||
|
* which are a NULL-terminated ASCII string "NvIndexDynamic".
|
||||||
|
*
|
||||||
|
* HEADERS defined by PFP v1.06 Rev 52.
|
||||||
|
* Certain fields are common to both ..HEADER and ..HEADER2, and are noted below the structures.
|
||||||
|
* <p>
|
||||||
|
* typedef struct tdNV_INDEX_DYNAMIC_EVENT_LOG_DATA {
|
||||||
|
* BYTE Signature[16];
|
||||||
|
* UINT16 Version;
|
||||||
|
* UINT8[6] Reserved;
|
||||||
|
* UINT64 UID;
|
||||||
|
* UINT16 DescriptionSize;
|
||||||
|
* UINT8 Description[DescriptionSize];
|
||||||
|
* UINT16 DataSize;
|
||||||
|
* DEVICE_SECURITY_EVENT_DATA2 Data[DataSize];
|
||||||
|
* } NV_INDEX_DYNAMIC_EVENT_LOG_DATA;
|
||||||
|
* <p>
|
||||||
|
*/
|
||||||
|
public class NvIndexDynamicEventLogData {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Signature (text) data.
|
||||||
|
*/
|
||||||
|
private String signature = "";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Human-readable description of the data within this DEVICE_SECURITY_EVENT_DATA/..DATA2 event.
|
||||||
|
*/
|
||||||
|
private String nvIndexDynamicInfo = "";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NvIndexInstanceEventLogData constructor.
|
||||||
|
*
|
||||||
|
* @param eventData byte array holding the event to process.
|
||||||
|
*/
|
||||||
|
public NvIndexDynamicEventLogData(final byte[] eventData) {
|
||||||
|
|
||||||
|
byte[] signatureBytes = new byte[16];
|
||||||
|
System.arraycopy(eventData, 0, signatureBytes, 0, 16);
|
||||||
|
signature = new String(signatureBytes, StandardCharsets.UTF_8);
|
||||||
|
signature = signature.replaceAll("[^\\P{C}\t\r\n]", ""); // remove null characters
|
||||||
|
|
||||||
|
byte[] versionBytes = new byte[2];
|
||||||
|
System.arraycopy(eventData, 16, versionBytes, 0, 2);
|
||||||
|
String nvIndexVersion = HexUtils.byteArrayToHexString(versionBytes);
|
||||||
|
if (nvIndexVersion.isEmpty()) {
|
||||||
|
nvIndexVersion = "version not readable";
|
||||||
|
}
|
||||||
|
nvIndexDynamicInfo = " Nv Index Dynamic Signature = " + signature + "\n";
|
||||||
|
nvIndexDynamicInfo += " Nv Index Dynamic Version = " + nvIndexVersion + "\n";
|
||||||
|
|
||||||
|
// 6 bytes of Reserved data
|
||||||
|
|
||||||
|
byte[] uidBytes = new byte[8];
|
||||||
|
System.arraycopy(eventData, 24, uidBytes, 0, 8);
|
||||||
|
String uid = HexUtils.byteArrayToHexString(uidBytes);
|
||||||
|
nvIndexDynamicInfo += " UID = " + uid + "\n";
|
||||||
|
|
||||||
|
byte[] descriptionSizeBytes = new byte[2];
|
||||||
|
System.arraycopy(eventData, 32, descriptionSizeBytes, 0, 2);
|
||||||
|
int descriptionSize = HexUtils.leReverseInt(descriptionSizeBytes);
|
||||||
|
|
||||||
|
byte[] descriptionBytes = new byte[descriptionSize];
|
||||||
|
System.arraycopy(eventData, 34, descriptionBytes, 0, descriptionSize);
|
||||||
|
String description = new String(descriptionBytes, StandardCharsets.UTF_8);
|
||||||
|
description = description.replaceAll("[^\\P{C}\t\r\n]", ""); // remove null characters
|
||||||
|
nvIndexDynamicInfo += " Description = " + description + "\n";
|
||||||
|
|
||||||
|
int dataSizeStartByte = 34 + descriptionSize;
|
||||||
|
byte[] dataSizeBytes = new byte[2];
|
||||||
|
System.arraycopy(eventData, dataSizeStartByte, dataSizeBytes, 0, 2);
|
||||||
|
int dataSize = HexUtils.leReverseInt(dataSizeBytes);
|
||||||
|
|
||||||
|
int dataStartByte = dataSizeStartByte + 2;
|
||||||
|
byte[] dataBytes = new byte[dataSize];
|
||||||
|
System.arraycopy(eventData, dataStartByte, dataBytes, 0, dataSize);
|
||||||
|
String data = HexUtils.byteArrayToHexString(dataBytes);
|
||||||
|
nvIndexDynamicInfo += " Data = " + data + "\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns a description of this event.
|
||||||
|
*
|
||||||
|
* @return Human-readable description of this event.
|
||||||
|
*/
|
||||||
|
public String toString() {
|
||||||
|
return nvIndexDynamicInfo;
|
||||||
|
}
|
||||||
|
}
|
@ -1,5 +1,5 @@
|
|||||||
/**
|
/**
|
||||||
* Non-persistant classes related to TGC Event Logs.
|
* Non-persistent classes related to TGC Event Logs.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package hirs.utils.tpm.eventlog.events;
|
package hirs.utils.tpm.eventlog.events;
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/**
|
/**
|
||||||
* Non-persistant classes related to TGC Event Logs.
|
* Non-persistent classes related to TGC Event Logs.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package hirs.utils.tpm.eventlog;
|
package hirs.utils.tpm.eventlog;
|
||||||
|
@ -1,15 +1,16 @@
|
|||||||
package hirs.utils.tpm.eventlog.spdm;
|
package hirs.utils.tpm.eventlog.spdm;
|
||||||
|
|
||||||
import lombok.AccessLevel;
|
|
||||||
import lombok.NoArgsConstructor;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class for defining hash algorithms referenced in the DMTF SPDM specification.
|
* Class for defining hash algorithms referenced in the DMTF SPDM specification.
|
||||||
* SPDM 1.3.0, Table 21, MeasurementHashAlgo.
|
* SPDM 1.3.0, Table 21, MeasurementHashAlgo.
|
||||||
*/
|
*/
|
||||||
@NoArgsConstructor(access = AccessLevel.PRIVATE)
|
|
||||||
public class SpdmHa {
|
public class SpdmHa {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default private constructor so checkstyles doesn't complain
|
||||||
|
*/
|
||||||
|
private SpdmHa() { }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Spdm Hash Alg = Raw bit stream.
|
* Spdm Hash Alg = Raw bit stream.
|
||||||
*/
|
*/
|
||||||
|
@ -0,0 +1,5 @@
|
|||||||
|
/**
|
||||||
|
* Non-persistent classes related to TGC Event Logs.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package hirs.utils.tpm.eventlog.spdm;
|
@ -1,16 +1,17 @@
|
|||||||
package hirs.utils.tpm.eventlog.uefi;
|
package hirs.utils.tpm.eventlog.uefi;
|
||||||
|
|
||||||
import lombok.AccessLevel;
|
|
||||||
import lombok.NoArgsConstructor;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class contains the String constants that are referenced by UEFI.
|
* This class contains the String constants that are referenced by UEFI.
|
||||||
* It is expected that member properties of this class will expand as
|
* It is expected that member properties of this class will expand as
|
||||||
* more functionality is added.
|
* more functionality is added.
|
||||||
*/
|
*/
|
||||||
@NoArgsConstructor(access = AccessLevel.PRIVATE)
|
|
||||||
public final class UefiConstants {
|
public final class UefiConstants {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default private constructor so checkstyles doesn't complain
|
||||||
|
*/
|
||||||
|
private UefiConstants() { }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 2 byte size.
|
* 2 byte size.
|
||||||
*/
|
*/
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/**
|
/**
|
||||||
* Non-persistant classes related to TGC Event Logs.
|
* Non-persistent classes related to TGC Event Logs.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package hirs.utils.tpm.eventlog.uefi;
|
package hirs.utils.tpm.eventlog.uefi;
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/**
|
/**
|
||||||
* Non-persistant classes related to TPM.
|
* Non-persistent classes related to TPM.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package hirs.utils.tpm;
|
package hirs.utils.tpm;
|
||||||
|
Loading…
Reference in New Issue
Block a user