From d10aa3a197b011e58265694cf57758dc9e8b0054 Mon Sep 17 00:00:00 2001 From: iadgovuser58 <124906646+iadgovuser58@users.noreply.github.com> Date: Mon, 15 Apr 2024 17:56:23 -0400 Subject: [PATCH] spdm processing --- .../events/DeviceSecurityEventData.java | 22 +++++--- .../events/DeviceSecurityEventDataHeader.java | 50 ++++++++++++------- 2 files changed, 47 insertions(+), 25 deletions(-) diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java index 5d98b8bd..779d2c3e 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java @@ -18,8 +18,8 @@ import java.util.List; * 2) DEVICE_SECURITY_EVENT_DATA2 * The first 16 bytes of the event data header MUST be a String based identifier (Signature), * NUL-terminated, per PFP. The only currently defined Signature is "SPDM Device Sec", which - * implies the data is a DEVICE_SECURITY_EVENT_DATA or ..DATA2. The Version field indicates - * whether it is ..DATA or ..DATA2. + * implies the data is a DEVICE_SECURITY_EVENT_DATA or ..DATA2. The Version field in the HEADER + * or HEADER2 indicates whether the Device Security Event is ..DATA or ..DATA2. * * DEVICE SECURITY EVENT structures defined by PFP v1.06 Rev 52: *

@@ -34,6 +34,12 @@ import java.util.List; * DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext; * } DEVICE_SECURITY_EVENT_DATA; *

+ * typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER or HEADER2 { + * UINT8 Signature[16]; + * UINT16 Version; + * ... ... + * } + *

* typedef struct tdDEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT { * DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT PciContext; * DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT UsbContext; @@ -55,11 +61,11 @@ public class DeviceSecurityEventData { /** * Version determines data structure used (..DATA or ..DATA2). */ -// @Getter -// private String version = ""; -// /** -// * Contains the human-readable info inside the Device Security Event. -// */ + @Getter + private String version = ""; + /** + * Contains the human-readable info inside the Device Security Event. + */ @Getter private String dSEDinfo = ""; /** @@ -94,7 +100,7 @@ public class DeviceSecurityEventData { byte[] versionBytes = new byte[UefiConstants.SIZE_4]; System.arraycopy(dSEDbytes, UefiConstants.OFFSET_16, versionBytes, 0, UefiConstants.SIZE_4); - String version = HexUtils.byteArrayToHexString(versionBytes); + version = HexUtils.byteArrayToHexString(versionBytes); // If version is 0x01, the event is a DEVICE_SECURITY_EVENT_DATA // If version is 0x02, the event is a DEVICE_SECURITY_EVENT_DATA2 diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java index 1bee8f51..772b766e 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java @@ -95,15 +95,20 @@ public class DeviceSecurityEventDataHeader { @Getter private String version = ""; /** - * Event Data Length. + * Event data length. */ @Getter private String length = ""; /** - * Signature (text) data. + * SPDM hash algorithm. */ @Getter private String spdmHashAlgo = ""; + /** + * Device type. + */ + @Getter + private String deviceType = ""; /** * DeviceSecurityEventDataHeader Constructor. @@ -112,21 +117,32 @@ public class DeviceSecurityEventDataHeader { */ public DeviceSecurityEventDataHeader(final byte[] dSEDbytes) { // algList = new ArrayList<>(); -// byte[] signatureBytes = new byte[UefiConstants.SIZE_16]; -// System.arraycopy(efiSpecId, 0, signatureBytes, 0, UefiConstants.SIZE_16); -// signature = HexUtils.byteArrayToHexString(signatureBytes); -// signature = new String(signatureBytes, StandardCharsets.UTF_8) -// .substring(0, UefiConstants.SIZE_15); -// -// byte[] platformClassBytes = new byte[UefiConstants.SIZE_4]; -// System.arraycopy(efiSpecId, UefiConstants.OFFSET_16, platformClassBytes, 0, -// UefiConstants.SIZE_4); -// platformClass = HexUtils.byteArrayToHexString(platformClassBytes); -// -// byte[] specVersionMinorBytes = new byte[1]; -// System.arraycopy(efiSpecId, UefiConstants.OFFSET_20, specVersionMinorBytes, 0, 1); -// versionMinor = HexUtils.byteArrayToHexString(specVersionMinorBytes); -// + byte[] signatureBytes = new byte[UefiConstants.SIZE_16]; + System.arraycopy(dSEDbytes, 0, signatureBytes, 0, UefiConstants.SIZE_16); + //signature = HexUtils.byteArrayToHexString(signatureBytes); + signature = new String(signatureBytes, StandardCharsets.UTF_8) + .substring(0, UefiConstants.SIZE_15); + + byte[] versionBytes = new byte[UefiConstants.SIZE_4]; + System.arraycopy(dSEDbytes, UefiConstants.OFFSET_16, versionBytes, 0, + UefiConstants.SIZE_4); + version = HexUtils.byteArrayToHexString(versionBytes); + + byte[] lengthBytes = new byte[UefiConstants.SIZE_4]; + System.arraycopy(dSEDbytes, UefiConstants.OFFSET_20, lengthBytes, 0, + UefiConstants.SIZE_4); + length = HexUtils.byteArrayToHexString(lengthBytes); + + byte[] spdmHashAlgoBytes = new byte[UefiConstants.SIZE_8]; + System.arraycopy(dSEDbytes, UefiConstants.OFFSET_24, spdmHashAlgoBytes, 0, + UefiConstants.SIZE_4); + spdmHashAlgo = HexUtils.byteArrayToHexString(spdmHashAlgoBytes); + + byte[] deviceTypeBytes = new byte[UefiConstants.SIZE_8]; + System.arraycopy(dSEDbytes, UefiConstants.OFFSET_24, deviceTypeBytes, 0, + UefiConstants.SIZE_4); + deviceType = HexUtils.byteArrayToHexString(deviceTypeBytes); + // byte[] specVersionMajorBytes = new byte[1]; // System.arraycopy(efiSpecId, UefiConstants.OFFSET_21, specVersionMajorBytes, 0, 1); // versionMajor = HexUtils.byteArrayToHexString(specVersionMajorBytes);