propogated the error where vendor-table is not accessible through the classes, so that it can be printed out at the beginning of the list of event printouts

This commit is contained in:
iadgovuser58 2024-05-14 13:22:03 -04:00 committed by chubtub
parent b04e038869
commit d7c540f09f
6 changed files with 50 additions and 11 deletions

View File

@ -77,6 +77,11 @@ public final class TCGEventLog {
/** Event Output Flag use. */
@Getter
private boolean bCryptoAgile = false;
/** Track if vendor-table file is inaccessible.
* If vendor-table file is not used, this remains false.
* */
@Getter
private boolean bVendorTableFileInaccessbile = false;
/**
* Default blank object constructor.
@ -147,6 +152,9 @@ public final class TCGEventLog {
} else {
eventList.put(eventNumber, new TpmPcrEvent1(is, eventNumber++));
}
if(eventList.get(eventNumber-1).isBVendorTableFileInaccessbile()) {
bVendorTableFileInaccessbile = true;
}
}
calculatePcrValues();
}

View File

@ -117,6 +117,12 @@ public class TpmPcrEvent {
@Setter @Getter
private boolean error = false;
/** Track if vendor-table file is inaccessible.
* If vendor-table file is not used, this remains false.
* */
@Getter
private boolean bVendorTableFileInaccessbile = false;
/**
* Constructor.
*
@ -508,9 +514,16 @@ public class TpmPcrEvent {
String efiVarDescription = efiVar.toString().replace("\n", "\n ");
description += "Event Content:\n " + efiVarDescription.substring(0,
efiVarDescription.length() - INDENT_3);
if(efiVar.isBVendorTableFileInaccessbile()) {
bVendorTableFileInaccessbile = true;
}
break;
case EvConstants.EV_EFI_VARIABLE_BOOT:
description += "Event Content:\n" + new UefiVariable(content).toString();
UefiVariable efiVarBoot = new UefiVariable(content);
description += "Event Content:\n" + efiVarBoot.toString();
if(efiVarBoot.isBVendorTableFileInaccessbile()) {
bVendorTableFileInaccessbile = true;
}
break;
case EvConstants.EV_EFI_BOOT_SERVICES_APPLICATION:
EvEfiBootServicesApp bootServices = new EvEfiBootServicesApp(content);
@ -539,7 +552,11 @@ public class TpmPcrEvent {
case EvConstants.EV_EFI_HCRTM_EVENT:
break;
case EvConstants.EV_EFI_VARIABLE_AUTHORITY:
description += "Event Content:\n" + new UefiVariable(content).toString();
UefiVariable efiVarAuth = new UefiVariable(content);
description += "Event Content:\n" + efiVarAuth.toString();
if(efiVarAuth.isBVendorTableFileInaccessbile()) {
bVendorTableFileInaccessbile = true;
}
break;
case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB:
description += "Event Content:\n" + new EvEfiSpdmFirmwareBlob(content).toString();

View File

@ -45,10 +45,6 @@ public class UefiGuid {
System.arraycopy(guidBytes, 0, guid, 0, UefiConstants.SIZE_16);
uuid = processGuid(guidBytes);
uefiVendorRef = JsonUtils.getSpecificJsonObject(JSON_PATH, "VendorTable");
if(uefiVendorRef.isEmpty()) {
System.out.println("XXXX IS EMPTY");
}
}
/**
@ -102,13 +98,12 @@ public class UefiGuid {
}
/**
*
* Checks whether the handle to the file needed to look up the UUID is valid. If empty,
* this likely means the file was not accessible to due to existence or permissions.
*
* @return true if the reference to the file handle needed to look up the UUID is empty
*/
public boolean isUefiVendorRefEmpty() {
public boolean isVendorTableReferenceHandleEmpty() {
return uefiVendorRef.isEmpty();
}

View File

@ -69,6 +69,11 @@ public class UefiSignatureList {
* Type of signature.
*/
private UefiGuid signatureType = null;
/** Track if vendor-table file is inaccessible.
* If vendor-table file is not used, this remains false.
* */
@Getter
private boolean bVendorTableFileInaccessbile = false;
/**
* UefiSignatureList constructor.
@ -114,9 +119,9 @@ public class UefiSignatureList {
byte[] guid = new byte[UefiConstants.SIZE_16];
lists.read(guid);
signatureType = new UefiGuid(guid);
// if(signatureType.getVendorTableReference().isEmpty()) {
// System.out.println("XXXX IS EMPTY");
// }
if(signatureType.isVendorTableReferenceHandleEmpty()) {
bVendorTableFileInaccessbile = true;
}
// if signatureType is invalid, don't even process any of the data
// however, if signatureTYpe is valid, but some of the data later on is invalid, that will

View File

@ -63,6 +63,12 @@ public class UefiVariable {
*/
private byte[] uefiVariableData = null;
/** Track if vendor-table file is inaccessible.
* If vendor-table file is not used, this remains false.
* */
@Getter
private boolean bVendorTableFileInaccessbile = false;
/**
* EFIVariable constructor.
* The UEFI_VARIABLE_DATA contains a "VariableName" field which is used to determine
@ -147,6 +153,9 @@ public class UefiVariable {
UefiSignatureList list;
list = new UefiSignatureList(certData);
// efiVariableSigListContents += list.toString();
if(list.isBVendorTableFileInaccessbile()) {
bVendorTableFileInaccessbile = true;
}
if(!list.isSignatureTypeValid()) {
invalidSignatureListEncountered = true;
invalidSignatureListStatus = list.toString();
@ -163,6 +172,7 @@ public class UefiVariable {
*/
public String toString() {
StringBuilder efiVariable = new StringBuilder();
efiVariable.append("UEFI Variable Name: " + efiVarName + "\n");
efiVariable.append("UEFI Variable GUID: " + uefiVarGuid.toString() + "\n");
if (efiVarName != "") {

View File

@ -127,6 +127,10 @@ final class Main {
writeOut("\nEvent Log follows the \"SHA1\" format and has "
+ evLog.getEventList().size() + " events:\n\n");
}
if (evLog.isBVendorTableFileInaccessbile()) {
writeOut("*** WARNING: The file vendor-table.json file was not accessible so data " +
"in some Secure Boot PCR 7 events cannot be processed.\n\n");
}
}
int eventCount = 0;
for (TpmPcrEvent event : evLog.getEventList()) {