ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-29 09:19:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

additional descriptions for data structures

Browse Source
This commit is contained in:
iadgovuser58 2024-04-09 16:41:13 -04:00 committed by chubtub
parent c43e790c74
commit bb4bcf936e
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmFirmwareBlob.java
View File

@ -11,15 +11,25 @@ import java.util.ArrayList;
import java.util.List; import java.util.List;
/** /**
* Class to process the EV_EFI_SPDM_FIRMWARE_BLOB event using structure DEVICE_SECURITY_EVENT_DATA * Class to process the EV_EFI_SPDM_FIRMWARE_BLOB event. The event field MUST be a
* 1) DEVICE_SECURITY_EVENT_DATA or
* 1) DEVICE_SECURITY_EVENT_DATA2
* DEVICE_SECURITY_EVENT_DATA has 2 structures: * DEVICE_SECURITY_EVENT_DATA has 2 structures:
* 1) DEVICE_SECURITY_EVENT_DATA_HEADER * 1) DEVICE_SECURITY_EVENT_DATA_HEADER
* 2) DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT, which has 2 structures * 2) DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT, which has 2 structures
* a) DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT * a) DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT
* b) DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT * b) DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT
* DEVICE_SECURITY_EVENT_DATA2 has 3 structures:
* 1) DEVICE_SECURITY_EVENT_DATA_HEADER2
* 2) DEVICE_SECURITY_EVENT_DATA_SUB_HEADER
* 3) DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT, which has 2 structures (see above)
* The first 16 bytes of the event data header MUST be a String based identifier (Signature), * The first 16 bytes of the event data header MUST be a String based identifier (Signature),
* NUL-terminated. The only currently defined Signature is "SPDM Device Sec" * NUL-terminated, per PFP. The only currently defined Signature is "SPDM Device Sec",
* which implies the event data is a DEVICE_SECURITY_EVENT_DATA. * which implies the data is a DEVICE_SECURITY_EVENT_DATA.
* This event is used to record an extended digest for the firmware of an embedded component
* or an add-in device that supports SPDM GET_MEASUREMENTS functionality. This event records
* extended digests of SPDM GET_MEASUREMENT responses that correspond to firmware, such as
* immutable ROM, mutable firmware, firmware version, firmware secure version number, etc.
*/ */
public class EvEfiSpdmFirmwareBlob { public class EvEfiSpdmFirmwareBlob {
@ -30,12 +40,12 @@ public class EvEfiSpdmFirmwareBlob {
/** /**
* True if the event is a DEVICE_SECURITY_EVENT_DATA. * True if the event is a DEVICE_SECURITY_EVENT_DATA.
*/ */
private boolean bDeviceSecurityEventDataHeader = false; private boolean bDeviceSecurityEventData = false;
/** /**
* DeviceSecurityEventDataHeader Object. * DeviceSecurityEventData Object.
*/ */
@Getter @Getter
private DeviceSecurityEventDataHeader deviceSecurityEventDataHeader = null; private DeviceSecurityEventData deviceSecurityEventData = null;
/** /**
* EvEfiSpdmFirmwareBlob constructor. * EvEfiSpdmFirmwareBlob constructor.