mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-01-14 00:39:46 +00:00
propogated the error where vendor-table is not accessible through the classes, so that it can be printed out at the beginning of the list of event printouts
This commit is contained in:
parent
b04e038869
commit
d7c540f09f
@ -77,6 +77,11 @@ public final class TCGEventLog {
|
||||
/** Event Output Flag use. */
|
||||
@Getter
|
||||
private boolean bCryptoAgile = false;
|
||||
/** Track if vendor-table file is inaccessible.
|
||||
* If vendor-table file is not used, this remains false.
|
||||
* */
|
||||
@Getter
|
||||
private boolean bVendorTableFileInaccessbile = false;
|
||||
|
||||
/**
|
||||
* Default blank object constructor.
|
||||
@ -147,6 +152,9 @@ public final class TCGEventLog {
|
||||
} else {
|
||||
eventList.put(eventNumber, new TpmPcrEvent1(is, eventNumber++));
|
||||
}
|
||||
if(eventList.get(eventNumber-1).isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
}
|
||||
calculatePcrValues();
|
||||
}
|
||||
|
@ -117,6 +117,12 @@ public class TpmPcrEvent {
|
||||
@Setter @Getter
|
||||
private boolean error = false;
|
||||
|
||||
/** Track if vendor-table file is inaccessible.
|
||||
* If vendor-table file is not used, this remains false.
|
||||
* */
|
||||
@Getter
|
||||
private boolean bVendorTableFileInaccessbile = false;
|
||||
|
||||
/**
|
||||
* Constructor.
|
||||
*
|
||||
@ -508,9 +514,16 @@ public class TpmPcrEvent {
|
||||
String efiVarDescription = efiVar.toString().replace("\n", "\n ");
|
||||
description += "Event Content:\n " + efiVarDescription.substring(0,
|
||||
efiVarDescription.length() - INDENT_3);
|
||||
if(efiVar.isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
break;
|
||||
case EvConstants.EV_EFI_VARIABLE_BOOT:
|
||||
description += "Event Content:\n" + new UefiVariable(content).toString();
|
||||
UefiVariable efiVarBoot = new UefiVariable(content);
|
||||
description += "Event Content:\n" + efiVarBoot.toString();
|
||||
if(efiVarBoot.isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
break;
|
||||
case EvConstants.EV_EFI_BOOT_SERVICES_APPLICATION:
|
||||
EvEfiBootServicesApp bootServices = new EvEfiBootServicesApp(content);
|
||||
@ -539,7 +552,11 @@ public class TpmPcrEvent {
|
||||
case EvConstants.EV_EFI_HCRTM_EVENT:
|
||||
break;
|
||||
case EvConstants.EV_EFI_VARIABLE_AUTHORITY:
|
||||
description += "Event Content:\n" + new UefiVariable(content).toString();
|
||||
UefiVariable efiVarAuth = new UefiVariable(content);
|
||||
description += "Event Content:\n" + efiVarAuth.toString();
|
||||
if(efiVarAuth.isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
break;
|
||||
case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB:
|
||||
description += "Event Content:\n" + new EvEfiSpdmFirmwareBlob(content).toString();
|
||||
|
@ -45,10 +45,6 @@ public class UefiGuid {
|
||||
System.arraycopy(guidBytes, 0, guid, 0, UefiConstants.SIZE_16);
|
||||
uuid = processGuid(guidBytes);
|
||||
uefiVendorRef = JsonUtils.getSpecificJsonObject(JSON_PATH, "VendorTable");
|
||||
|
||||
if(uefiVendorRef.isEmpty()) {
|
||||
System.out.println("XXXX IS EMPTY");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -102,13 +98,12 @@ public class UefiGuid {
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Checks whether the handle to the file needed to look up the UUID is valid. If empty,
|
||||
* this likely means the file was not accessible to due to existence or permissions.
|
||||
*
|
||||
* @return true if the reference to the file handle needed to look up the UUID is empty
|
||||
*/
|
||||
public boolean isUefiVendorRefEmpty() {
|
||||
public boolean isVendorTableReferenceHandleEmpty() {
|
||||
return uefiVendorRef.isEmpty();
|
||||
}
|
||||
|
||||
|
@ -69,6 +69,11 @@ public class UefiSignatureList {
|
||||
* Type of signature.
|
||||
*/
|
||||
private UefiGuid signatureType = null;
|
||||
/** Track if vendor-table file is inaccessible.
|
||||
* If vendor-table file is not used, this remains false.
|
||||
* */
|
||||
@Getter
|
||||
private boolean bVendorTableFileInaccessbile = false;
|
||||
|
||||
/**
|
||||
* UefiSignatureList constructor.
|
||||
@ -114,9 +119,9 @@ public class UefiSignatureList {
|
||||
byte[] guid = new byte[UefiConstants.SIZE_16];
|
||||
lists.read(guid);
|
||||
signatureType = new UefiGuid(guid);
|
||||
// if(signatureType.getVendorTableReference().isEmpty()) {
|
||||
// System.out.println("XXXX IS EMPTY");
|
||||
// }
|
||||
if(signatureType.isVendorTableReferenceHandleEmpty()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
|
||||
// if signatureType is invalid, don't even process any of the data
|
||||
// however, if signatureTYpe is valid, but some of the data later on is invalid, that will
|
||||
|
@ -63,6 +63,12 @@ public class UefiVariable {
|
||||
*/
|
||||
private byte[] uefiVariableData = null;
|
||||
|
||||
/** Track if vendor-table file is inaccessible.
|
||||
* If vendor-table file is not used, this remains false.
|
||||
* */
|
||||
@Getter
|
||||
private boolean bVendorTableFileInaccessbile = false;
|
||||
|
||||
/**
|
||||
* EFIVariable constructor.
|
||||
* The UEFI_VARIABLE_DATA contains a "VariableName" field which is used to determine
|
||||
@ -147,6 +153,9 @@ public class UefiVariable {
|
||||
UefiSignatureList list;
|
||||
list = new UefiSignatureList(certData);
|
||||
// efiVariableSigListContents += list.toString();
|
||||
if(list.isBVendorTableFileInaccessbile()) {
|
||||
bVendorTableFileInaccessbile = true;
|
||||
}
|
||||
if(!list.isSignatureTypeValid()) {
|
||||
invalidSignatureListEncountered = true;
|
||||
invalidSignatureListStatus = list.toString();
|
||||
@ -163,6 +172,7 @@ public class UefiVariable {
|
||||
*/
|
||||
public String toString() {
|
||||
StringBuilder efiVariable = new StringBuilder();
|
||||
|
||||
efiVariable.append("UEFI Variable Name: " + efiVarName + "\n");
|
||||
efiVariable.append("UEFI Variable GUID: " + uefiVarGuid.toString() + "\n");
|
||||
if (efiVarName != "") {
|
||||
|
@ -127,6 +127,10 @@ final class Main {
|
||||
writeOut("\nEvent Log follows the \"SHA1\" format and has "
|
||||
+ evLog.getEventList().size() + " events:\n\n");
|
||||
}
|
||||
if (evLog.isBVendorTableFileInaccessbile()) {
|
||||
writeOut("*** WARNING: The file vendor-table.json file was not accessible so data " +
|
||||
"in some Secure Boot PCR 7 events cannot be processed.\n\n");
|
||||
}
|
||||
}
|
||||
int eventCount = 0;
|
||||
for (TpmPcrEvent event : evLog.getEventList()) {
|
||||
|
Loading…
Reference in New Issue
Block a user