diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java index 44123f3b..da86554f 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java @@ -77,6 +77,11 @@ public final class TCGEventLog { /** Event Output Flag use. */ @Getter private boolean bCryptoAgile = false; + /** Track if vendor-table file is inaccessible. + * If vendor-table file is not used, this remains false. + * */ + @Getter + private boolean bVendorTableFileInaccessbile = false; /** * Default blank object constructor. @@ -147,6 +152,9 @@ public final class TCGEventLog { } else { eventList.put(eventNumber, new TpmPcrEvent1(is, eventNumber++)); } + if(eventList.get(eventNumber-1).isBVendorTableFileInaccessbile()) { + bVendorTableFileInaccessbile = true; + } } calculatePcrValues(); } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java index 128e7853..407b681a 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java @@ -117,6 +117,12 @@ public class TpmPcrEvent { @Setter @Getter private boolean error = false; + /** Track if vendor-table file is inaccessible. + * If vendor-table file is not used, this remains false. + * */ + @Getter + private boolean bVendorTableFileInaccessbile = false; + /** * Constructor. * @@ -508,9 +514,16 @@ public class TpmPcrEvent { String efiVarDescription = efiVar.toString().replace("\n", "\n "); description += "Event Content:\n " + efiVarDescription.substring(0, efiVarDescription.length() - INDENT_3); + if(efiVar.isBVendorTableFileInaccessbile()) { + bVendorTableFileInaccessbile = true; + } break; case EvConstants.EV_EFI_VARIABLE_BOOT: - description += "Event Content:\n" + new UefiVariable(content).toString(); + UefiVariable efiVarBoot = new UefiVariable(content); + description += "Event Content:\n" + efiVarBoot.toString(); + if(efiVarBoot.isBVendorTableFileInaccessbile()) { + bVendorTableFileInaccessbile = true; + } break; case EvConstants.EV_EFI_BOOT_SERVICES_APPLICATION: EvEfiBootServicesApp bootServices = new EvEfiBootServicesApp(content); @@ -539,7 +552,11 @@ public class TpmPcrEvent { case EvConstants.EV_EFI_HCRTM_EVENT: break; case EvConstants.EV_EFI_VARIABLE_AUTHORITY: - description += "Event Content:\n" + new UefiVariable(content).toString(); + UefiVariable efiVarAuth = new UefiVariable(content); + description += "Event Content:\n" + efiVarAuth.toString(); + if(efiVarAuth.isBVendorTableFileInaccessbile()) { + bVendorTableFileInaccessbile = true; + } break; case EvConstants.EV_EFI_SPDM_FIRMWARE_BLOB: description += "Event Content:\n" + new EvEfiSpdmFirmwareBlob(content).toString(); diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiGuid.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiGuid.java index d4d97370..e0feae84 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiGuid.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiGuid.java @@ -45,10 +45,6 @@ public class UefiGuid { System.arraycopy(guidBytes, 0, guid, 0, UefiConstants.SIZE_16); uuid = processGuid(guidBytes); uefiVendorRef = JsonUtils.getSpecificJsonObject(JSON_PATH, "VendorTable"); - - if(uefiVendorRef.isEmpty()) { - System.out.println("XXXX IS EMPTY"); - } } /** @@ -102,13 +98,12 @@ public class UefiGuid { } /** - * * Checks whether the handle to the file needed to look up the UUID is valid. If empty, * this likely means the file was not accessible to due to existence or permissions. * * @return true if the reference to the file handle needed to look up the UUID is empty */ - public boolean isUefiVendorRefEmpty() { + public boolean isVendorTableReferenceHandleEmpty() { return uefiVendorRef.isEmpty(); } diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureList.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureList.java index c5f574b3..ebc8f63d 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureList.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiSignatureList.java @@ -69,6 +69,11 @@ public class UefiSignatureList { * Type of signature. */ private UefiGuid signatureType = null; + /** Track if vendor-table file is inaccessible. + * If vendor-table file is not used, this remains false. + * */ + @Getter + private boolean bVendorTableFileInaccessbile = false; /** * UefiSignatureList constructor. @@ -114,9 +119,9 @@ public class UefiSignatureList { byte[] guid = new byte[UefiConstants.SIZE_16]; lists.read(guid); signatureType = new UefiGuid(guid); -// if(signatureType.getVendorTableReference().isEmpty()) { -// System.out.println("XXXX IS EMPTY"); -// } + if(signatureType.isVendorTableReferenceHandleEmpty()) { + bVendorTableFileInaccessbile = true; + } // if signatureType is invalid, don't even process any of the data // however, if signatureTYpe is valid, but some of the data later on is invalid, that will diff --git a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java index f57e418e..ca159cdc 100644 --- a/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java +++ b/HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/uefi/UefiVariable.java @@ -63,6 +63,12 @@ public class UefiVariable { */ private byte[] uefiVariableData = null; + /** Track if vendor-table file is inaccessible. + * If vendor-table file is not used, this remains false. + * */ + @Getter + private boolean bVendorTableFileInaccessbile = false; + /** * EFIVariable constructor. * The UEFI_VARIABLE_DATA contains a "VariableName" field which is used to determine @@ -147,6 +153,9 @@ public class UefiVariable { UefiSignatureList list; list = new UefiSignatureList(certData); // efiVariableSigListContents += list.toString(); + if(list.isBVendorTableFileInaccessbile()) { + bVendorTableFileInaccessbile = true; + } if(!list.isSignatureTypeValid()) { invalidSignatureListEncountered = true; invalidSignatureListStatus = list.toString(); @@ -163,6 +172,7 @@ public class UefiVariable { */ public String toString() { StringBuilder efiVariable = new StringBuilder(); + efiVariable.append("UEFI Variable Name: " + efiVarName + "\n"); efiVariable.append("UEFI Variable GUID: " + uefiVarGuid.toString() + "\n"); if (efiVarName != "") { diff --git a/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java b/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java index 6d41143a..ce49ccf6 100644 --- a/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java +++ b/tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java @@ -127,6 +127,10 @@ final class Main { writeOut("\nEvent Log follows the \"SHA1\" format and has " + evLog.getEventList().size() + " events:\n\n"); } + if (evLog.isBVendorTableFileInaccessbile()) { + writeOut("*** WARNING: The file vendor-table.json file was not accessible so data " + + "in some Secure Boot PCR 7 events cannot be processed.\n\n"); + } } int eventCount = 0; for (TpmPcrEvent event : evLog.getEventList()) {