mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-28 08:48:59 +00:00
cleaned up comments
This commit is contained in:
parent
f573456c95
commit
d813e3b7fd
@ -1,9 +1,18 @@
|
|||||||
package hirs.utils.tpm.eventlog.events;
|
package hirs.utils.tpm.eventlog.events;
|
||||||
|
|
||||||
|
|
||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Class to process DEVICE_SECURITY_EVENT_DATA.
|
||||||
|
* Parses event data per PFP v1.06 Rev52 Table 20.
|
||||||
|
* <p>
|
||||||
|
* typedef struct tdDEVICE_SECURITY_EVENT_DATA {
|
||||||
|
* DEVICE_SECURITY_EVENT_DATA_HEADER EventDataHeader;
|
||||||
|
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
|
||||||
|
* } DEVICE_SECURITY_EVENT_DATA;
|
||||||
|
* <p>
|
||||||
|
*/
|
||||||
public class DeviceSecurityEventData extends DeviceSecurityEventDataBase {
|
public class DeviceSecurityEventData extends DeviceSecurityEventDataBase {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -2,33 +2,45 @@ package hirs.utils.tpm.eventlog.events;
|
|||||||
|
|
||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
|
|
||||||
|
// TODO Placeholder class to be implemented upon getting test pattern
|
||||||
|
/**
|
||||||
|
* Class to process DEVICE_SECURITY_EVENT_DATA2.
|
||||||
|
* Parses event data per PFP v1.06 Rev52 Table 26.
|
||||||
|
* <p>
|
||||||
|
* typedef struct tdDEVICE_SECURITY_EVENT_DATA2 {
|
||||||
|
* DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
|
||||||
|
* DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
|
||||||
|
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
|
||||||
|
* } DEVICE_SECURITY_EVENT_DATA2;
|
||||||
|
* <p>
|
||||||
|
*/
|
||||||
public class DeviceSecurityEventData2 extends DeviceSecurityEventDataBase {
|
public class DeviceSecurityEventData2 extends DeviceSecurityEventDataBase {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* DeviceSecurityEventDataHeader2 Object.
|
* DeviceSecurityEventDataHeader Object.
|
||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private DeviceSecurityEventDataHeader2 dsedHeader2 = null;
|
private DeviceSecurityEventDataHeader2 dsedHeader2 = null;
|
||||||
// /**
|
|
||||||
// * DeviceSecurityEventDataSubHeader Object.
|
|
||||||
// */
|
|
||||||
// @Getter
|
|
||||||
// private DeviceSecurityEventDataSubHeader dsedSubHeader = null;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* DeviceSecurityEventData2 Constructor.
|
* DeviceSecurityEventData2 Constructor.
|
||||||
*
|
*
|
||||||
* @param dSEDbytes byte array holding the DeviceSecurityEventData.
|
* @param dSEDbytes byte array holding the DeviceSecurityEventData2.
|
||||||
*/
|
*/
|
||||||
public DeviceSecurityEventData2(final byte[] dSEDbytes) {
|
public DeviceSecurityEventData2(final byte[] dSEDbytes) {
|
||||||
|
|
||||||
|
dsedHeader2 = new DeviceSecurityEventDataHeader2(dSEDbytes);
|
||||||
|
// get subheader
|
||||||
|
parseDeviceContext(dSEDbytes, dsedHeader2.getDSEDheaderByteSize(), dsedHeader2.getDeviceType());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns a human readable description of the data within this structure.
|
||||||
|
*
|
||||||
|
* @return a description of this structure.
|
||||||
|
*/
|
||||||
public String toString() {
|
public String toString() {
|
||||||
String dsedInfo = "";
|
String dsedInfo = "";
|
||||||
// dsedInfo += dsedHeader2.toString();
|
|
||||||
// dsedInfo += dsedSubHeader.toString();
|
|
||||||
// dsedInfo += dsedDeviceContext.toString();
|
|
||||||
return dsedInfo;
|
return dsedInfo;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -9,7 +9,7 @@ import java.nio.charset.StandardCharsets;
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Abstract base class to process the DEVICE_SECURITY_EVENT_DATA or ..DATA2 event.
|
* Abstract base class to process the DEVICE_SECURITY_EVENT_DATA or ..DATA2 event.
|
||||||
* Parses event data for DEVICE_SECURITY_EVENT_DATA per PFP v1.06 Rev52 Table 20.
|
* Parses event data per PFP v1.06 Rev52 Tables 20 and 26.
|
||||||
* The event data comes in 2 forms:
|
* The event data comes in 2 forms:
|
||||||
* 1) DEVICE_SECURITY_EVENT_DATA or
|
* 1) DEVICE_SECURITY_EVENT_DATA or
|
||||||
* 2) DEVICE_SECURITY_EVENT_DATA2
|
* 2) DEVICE_SECURITY_EVENT_DATA2
|
||||||
@ -32,7 +32,7 @@ import java.nio.charset.StandardCharsets;
|
|||||||
* DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
|
* DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
|
||||||
* DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
|
* DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
|
||||||
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
|
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
|
||||||
* } DEVICE_SECURITY_EVENT_DATA;
|
* } DEVICE_SECURITY_EVENT_DATA2;
|
||||||
* <p>
|
* <p>
|
||||||
* typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER or HEADER2 {
|
* typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER or HEADER2 {
|
||||||
* UINT8 Signature[16];
|
* UINT8 Signature[16];
|
||||||
@ -54,12 +54,6 @@ import java.nio.charset.StandardCharsets;
|
|||||||
*/
|
*/
|
||||||
public abstract class DeviceSecurityEventDataBase {
|
public abstract class DeviceSecurityEventDataBase {
|
||||||
|
|
||||||
// /**
|
|
||||||
// * DeviceSecurityEventDataDeviceContext Object.
|
|
||||||
// */
|
|
||||||
// @Getter
|
|
||||||
// private DeviceSecurityEventDataDeviceContext dsedDeviceContext = null;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Human readable description of the data within the
|
* Human readable description of the data within the
|
||||||
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT. DEVICE can be either PCI or USB.
|
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT. DEVICE can be either PCI or USB.
|
||||||
@ -75,6 +69,14 @@ public abstract class DeviceSecurityEventDataBase {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Parse the Device Context structure, can be PCI or USB based on device type field.
|
||||||
|
*
|
||||||
|
* @param dSEDbytes byte array holding the DeviceSecurityEventData.
|
||||||
|
* @param startByte starting byte of the device structure (depends on length of header).
|
||||||
|
* @param deviceType device type either PCI or USB.
|
||||||
|
*
|
||||||
|
*/
|
||||||
public void parseDeviceContext(final byte[] dSEDbytes, int startByte, int deviceType) {
|
public void parseDeviceContext(final byte[] dSEDbytes, int startByte, int deviceType) {
|
||||||
|
|
||||||
int deviceContextLength = dSEDbytes.length - startByte;
|
int deviceContextLength = dSEDbytes.length - startByte;
|
||||||
@ -92,15 +94,14 @@ public abstract class DeviceSecurityEventDataBase {
|
|||||||
= new DeviceSecurityEventDataPciContext(deviceContextBytes);
|
= new DeviceSecurityEventDataPciContext(deviceContextBytes);
|
||||||
deviceContextInfo = dSEDpciContext.toString();
|
deviceContextInfo = dSEDpciContext.toString();
|
||||||
}
|
}
|
||||||
else if (deviceType == 2) {
|
//else if (deviceType == 2) {
|
||||||
// DeviceSecurityEventDataUsbContext dSEDusbContext
|
//DeviceSecurityEventDataUsbContext dSEDusbContext
|
||||||
// = new DeviceSecurityEventDataUsbContext(deviceContextBytes);
|
// = new DeviceSecurityEventDataUsbContext(deviceContextBytes);
|
||||||
// deviceContextInfo = dSEDusbContext.toString();
|
//deviceContextInfo = dSEDusbContext.toString();
|
||||||
deviceContextInfo = "Device type is USB - to be implemented in future";
|
//deviceContextInfo = "Device type is USB - to be implemented in future";
|
||||||
}
|
//}
|
||||||
else {
|
else {
|
||||||
deviceContextInfo = " Unknown device type; cannot process device context";
|
deviceContextInfo = " Unknown device type; cannot process device context";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -1,12 +1,8 @@
|
|||||||
package hirs.utils.tpm.eventlog.events;
|
package hirs.utils.tpm.eventlog.events;
|
||||||
|
|
||||||
import hirs.utils.HexUtils;
|
import hirs.utils.HexUtils;
|
||||||
import hirs.utils.tpm.eventlog.spdm.SpdmMeasurementBlock;
|
|
||||||
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
|
|
||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
|
|
||||||
import java.nio.charset.StandardCharsets;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class to process the DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT event per PFP.
|
* Class to process the DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT event per PFP.
|
||||||
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT is a common SPDM structure which includes the
|
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT is a common SPDM structure which includes the
|
||||||
@ -21,11 +17,6 @@ import java.nio.charset.StandardCharsets;
|
|||||||
*/
|
*/
|
||||||
public abstract class DeviceSecurityEventDataDeviceContext {
|
public abstract class DeviceSecurityEventDataDeviceContext {
|
||||||
|
|
||||||
// /**
|
|
||||||
// * SPDM Measurement Block.
|
|
||||||
// */
|
|
||||||
// private DeviceSecurityEventDataPciContext deviceSecurityEventDataPciContext = null;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* PCI Version.
|
* PCI Version.
|
||||||
*/
|
*/
|
||||||
|
@ -8,7 +8,6 @@ import lombok.Getter;
|
|||||||
|
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class to process the DEVICE_SECURITY_EVENT_DATA_HEADER.
|
* Class to process the DEVICE_SECURITY_EVENT_DATA_HEADER.
|
||||||
* DEVICE_SECURITY_EVENT_DATA_HEADER contains the measurement(s) and hash algorithm identifier
|
* DEVICE_SECURITY_EVENT_DATA_HEADER contains the measurement(s) and hash algorithm identifier
|
||||||
@ -41,10 +40,7 @@ public class DeviceSecurityEventDataHeader extends DeviceSecurityEventDataHeader
|
|||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private int spdmHashAlgo = -1;
|
private int spdmHashAlgo = -1;
|
||||||
/**
|
|
||||||
* SPDM Measurement Block list. -implement this if there can be multiple SPDM blocks in one event
|
|
||||||
*/
|
|
||||||
//private List<SpdmMeasurementBlock> spdmMeasurementBlockList;
|
|
||||||
/**
|
/**
|
||||||
* SPDM Measurement Block.
|
* SPDM Measurement Block.
|
||||||
*/
|
*/
|
||||||
@ -84,24 +80,10 @@ public class DeviceSecurityEventDataHeader extends DeviceSecurityEventDataHeader
|
|||||||
sizeOfSpdmMeasBlock);
|
sizeOfSpdmMeasBlock);
|
||||||
spdmMeasurementBlock = new SpdmMeasurementBlock(spdmMeasBlockBytes);
|
spdmMeasurementBlock = new SpdmMeasurementBlock(spdmMeasBlockBytes);
|
||||||
|
|
||||||
|
|
||||||
// (can there be many >1 spdm block per event ?)
|
|
||||||
|
|
||||||
// byte[] algorithmIDBytes = new byte[UefiConstants.SIZE_2];
|
|
||||||
// int algLocation = UefiConstants.SIZE_28;
|
|
||||||
// for (int i = 0; i < numberOfAlg; i++) {
|
|
||||||
// System.arraycopy(efiSpecId, algLocation + UefiConstants.OFFSET_4 * i, algorithmIDBytes,
|
|
||||||
// 0, UefiConstants.SIZE_2);
|
|
||||||
// String alg = TcgTpmtHa.tcgAlgIdToString(HexUtils.leReverseInt(algorithmIDBytes));
|
|
||||||
// algList.add(alg);
|
|
||||||
// }
|
|
||||||
|
|
||||||
int devPathLenStartByte = 28 + sizeOfSpdmMeasBlock;
|
int devPathLenStartByte = 28 + sizeOfSpdmMeasBlock;
|
||||||
extractDevicePathAndFinalSize(dSEDbytes, devPathLenStartByte);
|
extractDevicePathAndFinalSize(dSEDbytes, devPathLenStartByte);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns a human readable description of the data within this structure.
|
* Returns a human readable description of the data within this structure.
|
||||||
*
|
*
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
package hirs.utils.tpm.eventlog.events;
|
package hirs.utils.tpm.eventlog.events;
|
||||||
|
|
||||||
|
// Placeholder for Header2 data structure.
|
||||||
public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventDataHeaderBase {
|
public class DeviceSecurityEventDataHeader2 extends DeviceSecurityEventDataHeaderBase {
|
||||||
|
|
||||||
public DeviceSecurityEventDataHeader2(final byte[] dSEDbytes) {
|
public DeviceSecurityEventDataHeader2(final byte[] dSEDbytes) {
|
||||||
|
@ -1,8 +1,6 @@
|
|||||||
package hirs.utils.tpm.eventlog.events;
|
package hirs.utils.tpm.eventlog.events;
|
||||||
|
|
||||||
import hirs.utils.HexUtils;
|
import hirs.utils.HexUtils;
|
||||||
import hirs.utils.tpm.eventlog.spdm.SpdmHa;
|
|
||||||
import hirs.utils.tpm.eventlog.spdm.SpdmMeasurementBlock;
|
|
||||||
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
|
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
|
||||||
import hirs.utils.tpm.eventlog.uefi.UefiDevicePath;
|
import hirs.utils.tpm.eventlog.uefi.UefiDevicePath;
|
||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
@ -47,14 +45,8 @@ import java.nio.charset.StandardCharsets;
|
|||||||
*/
|
*/
|
||||||
public abstract class DeviceSecurityEventDataHeaderBase {
|
public abstract class DeviceSecurityEventDataHeaderBase {
|
||||||
|
|
||||||
// /**
|
|
||||||
// * Contains the human-readable info inside the Device Security Event.
|
|
||||||
// */
|
|
||||||
// @Getter
|
|
||||||
// private String dSEDheaderInfo = "";
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Contains the size (in bytes) of the Header.
|
* Contains the size (in bytes) of the header.
|
||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private Integer dSEDheaderByteSize = 0;
|
private Integer dSEDheaderByteSize = 0;
|
||||||
@ -103,6 +95,9 @@ public abstract class DeviceSecurityEventDataHeaderBase {
|
|||||||
public static final int DEVICE_TYPE_USB = 2;
|
public static final int DEVICE_TYPE_USB = 2;
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* DeviceSecurityEventDataHeaderBase Default Constructor.
|
||||||
|
*/
|
||||||
public DeviceSecurityEventDataHeaderBase() {
|
public DeviceSecurityEventDataHeaderBase() {
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -114,8 +109,6 @@ public abstract class DeviceSecurityEventDataHeaderBase {
|
|||||||
*/
|
*/
|
||||||
public DeviceSecurityEventDataHeaderBase(final byte[] dSEDbytes) {
|
public DeviceSecurityEventDataHeaderBase(final byte[] dSEDbytes) {
|
||||||
|
|
||||||
// spdmMeasurementBlockList = new ArrayList<>();
|
|
||||||
|
|
||||||
byte[] signatureBytes = new byte[UefiConstants.SIZE_16];
|
byte[] signatureBytes = new byte[UefiConstants.SIZE_16];
|
||||||
System.arraycopy(dSEDbytes, 0, signatureBytes, 0, UefiConstants.SIZE_16);
|
System.arraycopy(dSEDbytes, 0, signatureBytes, 0, UefiConstants.SIZE_16);
|
||||||
signature = new String(signatureBytes, StandardCharsets.UTF_8)
|
signature = new String(signatureBytes, StandardCharsets.UTF_8)
|
||||||
@ -128,6 +121,12 @@ public abstract class DeviceSecurityEventDataHeaderBase {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Parse the device type from the Device Security Event Data Header/Header2.
|
||||||
|
*
|
||||||
|
* @param dSEDbytes byte array holding the DeviceSecurityEventData/Data2.
|
||||||
|
* @param startByte starting byte of device type (depends on header fields before it).
|
||||||
|
*/
|
||||||
public void extractDeviceType(final byte[] dSEDbytes, int startByte) {
|
public void extractDeviceType(final byte[] dSEDbytes, int startByte) {
|
||||||
|
|
||||||
// get the device type ID
|
// get the device type ID
|
||||||
@ -137,6 +136,13 @@ public abstract class DeviceSecurityEventDataHeaderBase {
|
|||||||
deviceType = HexUtils.leReverseInt(deviceTypeBytes);
|
deviceType = HexUtils.leReverseInt(deviceTypeBytes);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Parse the device path from the Device Security Event Data Header/Header2.
|
||||||
|
* Also, determine final length of header (will be used to extract the next data structure).
|
||||||
|
*
|
||||||
|
* @param dSEDbytes byte array holding the DeviceSecurityEventData/Data2.
|
||||||
|
* @param startByte starting byte of device path (depends on header fields before it).
|
||||||
|
*/
|
||||||
public void extractDevicePathAndFinalSize(final byte[] dSEDbytes, int startByte)
|
public void extractDevicePathAndFinalSize(final byte[] dSEDbytes, int startByte)
|
||||||
throws UnsupportedEncodingException {
|
throws UnsupportedEncodingException {
|
||||||
|
|
||||||
@ -156,6 +162,7 @@ public abstract class DeviceSecurityEventDataHeaderBase {
|
|||||||
devicePathValid = true;
|
devicePathValid = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// header total size
|
||||||
dSEDheaderByteSize = startByte + devicePathLength;
|
dSEDheaderByteSize = startByte + devicePathLength;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -185,7 +192,7 @@ public abstract class DeviceSecurityEventDataHeaderBase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns a human readable description of the data within this structure.
|
* Returns a human readable description of the data common to header structures.
|
||||||
*
|
*
|
||||||
* @return a description of this structure.
|
* @return a description of this structure.
|
||||||
*/
|
*/
|
||||||
@ -203,5 +210,4 @@ public abstract class DeviceSecurityEventDataHeaderBase {
|
|||||||
|
|
||||||
return dsedHeaderCommonInfo;
|
return dsedHeaderCommonInfo;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -1,19 +1,8 @@
|
|||||||
package hirs.utils.tpm.eventlog.events;
|
package hirs.utils.tpm.eventlog.events;
|
||||||
|
|
||||||
//import hirs.attestationca.persist.util.PciIds;
|
|
||||||
import com.google.common.base.Strings;
|
|
||||||
import hirs.utils.HexUtils;
|
import hirs.utils.HexUtils;
|
||||||
import hirs.utils.tpm.eventlog.spdm.SpdmHa;
|
|
||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
|
|
||||||
import java.io.File;
|
|
||||||
import java.io.FileInputStream;
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.io.InputStream;
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.Collections;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class to process the DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT event per PFP.
|
* Class to process the DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT event per PFP.
|
||||||
* <p>
|
* <p>
|
||||||
@ -47,32 +36,32 @@ public class DeviceSecurityEventDataPciContext extends DeviceSecurityEventDataDe
|
|||||||
* PCI Vendor ID.
|
* PCI Vendor ID.
|
||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private String pciVendorId = "";
|
private String vendorId = "";
|
||||||
/**
|
/**
|
||||||
* PCI Device ID.
|
* PCI Device ID.
|
||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private String pciDeviceId = "";
|
private String deviceId = "";
|
||||||
/**
|
/**
|
||||||
* PCI Revision ID.
|
* PCI Revision ID.
|
||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private String pciRevisionId = "";
|
private String revisionId = "";
|
||||||
/**
|
/**
|
||||||
* PCI Class Code.
|
* PCI Class Code.
|
||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private String pciClassCode = "";
|
private String classCode = "";
|
||||||
/**
|
/**
|
||||||
* PCI Subsystem Vendor ID.
|
* PCI Subsystem Vendor ID.
|
||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private String pciSubsystemVendorId = "";
|
private String subsystemVendorId = "";
|
||||||
/**
|
/**
|
||||||
* PCI Subsystem ID.
|
* PCI Subsystem ID.
|
||||||
*/
|
*/
|
||||||
@Getter
|
@Getter
|
||||||
private String pciSubsystemId = "";
|
private String subsystemId = "";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* DeviceSecurityEventDataPciContext Constructor.
|
* DeviceSecurityEventDataPciContext Constructor.
|
||||||
@ -85,27 +74,27 @@ public class DeviceSecurityEventDataPciContext extends DeviceSecurityEventDataDe
|
|||||||
|
|
||||||
byte[] pciVendorIdBytes = new byte[2];
|
byte[] pciVendorIdBytes = new byte[2];
|
||||||
System.arraycopy(dSEDpciContextBytes, 4, pciVendorIdBytes, 0, 2);
|
System.arraycopy(dSEDpciContextBytes, 4, pciVendorIdBytes, 0, 2);
|
||||||
pciVendorId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciVendorIdBytes));
|
vendorId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciVendorIdBytes));
|
||||||
|
|
||||||
byte[] pciDeviceIdBytes = new byte[2];
|
byte[] pciDeviceIdBytes = new byte[2];
|
||||||
System.arraycopy(dSEDpciContextBytes, 6, pciDeviceIdBytes, 0, 2);
|
System.arraycopy(dSEDpciContextBytes, 6, pciDeviceIdBytes, 0, 2);
|
||||||
pciDeviceId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciDeviceIdBytes));
|
deviceId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciDeviceIdBytes));
|
||||||
|
|
||||||
byte[] pciRevisionIdBytes = new byte[1];
|
byte[] pciRevisionIdBytes = new byte[1];
|
||||||
System.arraycopy(dSEDpciContextBytes, 8, pciRevisionIdBytes, 0, 1);
|
System.arraycopy(dSEDpciContextBytes, 8, pciRevisionIdBytes, 0, 1);
|
||||||
pciRevisionId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciRevisionIdBytes));
|
revisionId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciRevisionIdBytes));
|
||||||
|
|
||||||
byte[] pciClassCodeBytes = new byte[3];
|
byte[] pciClassCodeBytes = new byte[3];
|
||||||
System.arraycopy(dSEDpciContextBytes, 9, pciClassCodeBytes, 0, 3);
|
System.arraycopy(dSEDpciContextBytes, 9, pciClassCodeBytes, 0, 3);
|
||||||
pciClassCode = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciClassCodeBytes));
|
classCode = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciClassCodeBytes));
|
||||||
|
|
||||||
byte[] pciSubsystemVendorIdBytes = new byte[2];
|
byte[] pciSubsystemVendorIdBytes = new byte[2];
|
||||||
System.arraycopy(dSEDpciContextBytes, 12, pciSubsystemVendorIdBytes, 0, 2);
|
System.arraycopy(dSEDpciContextBytes, 12, pciSubsystemVendorIdBytes, 0, 2);
|
||||||
pciSubsystemVendorId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciSubsystemVendorIdBytes));
|
subsystemVendorId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciSubsystemVendorIdBytes));
|
||||||
|
|
||||||
byte[] pciSubsystemIdBytes = new byte[2];
|
byte[] pciSubsystemIdBytes = new byte[2];
|
||||||
System.arraycopy(dSEDpciContextBytes, 14, pciSubsystemIdBytes, 0, 2);
|
System.arraycopy(dSEDpciContextBytes, 14, pciSubsystemIdBytes, 0, 2);
|
||||||
pciSubsystemId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciSubsystemIdBytes));
|
subsystemId = HexUtils.byteArrayToHexString(HexUtils.leReverseByte(pciSubsystemIdBytes));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -119,12 +108,12 @@ public class DeviceSecurityEventDataPciContext extends DeviceSecurityEventDataDe
|
|||||||
|
|
||||||
dSEDpciContextInfo += deviceContextCommonInfoToString();
|
dSEDpciContextInfo += deviceContextCommonInfoToString();
|
||||||
dSEDpciContextInfo += "\n Device Type = PCI";
|
dSEDpciContextInfo += "\n Device Type = PCI";
|
||||||
dSEDpciContextInfo += "\n VendorID = 0x" + pciVendorId;
|
dSEDpciContextInfo += "\n VendorID = 0x" + vendorId;
|
||||||
dSEDpciContextInfo += "\n DeviceID = 0x" + pciDeviceId;
|
dSEDpciContextInfo += "\n DeviceID = 0x" + deviceId;
|
||||||
dSEDpciContextInfo += "\n RevisionID = 0x" + pciRevisionId;
|
dSEDpciContextInfo += "\n RevisionID = 0x" + revisionId;
|
||||||
dSEDpciContextInfo += "\n ClassCode = 0x" + pciClassCode;
|
dSEDpciContextInfo += "\n ClassCode = 0x" + classCode;
|
||||||
dSEDpciContextInfo += "\n SubsystemVendorID = 0x" + pciSubsystemVendorId;
|
dSEDpciContextInfo += "\n SubsystemVendorID = 0x" + subsystemVendorId;
|
||||||
dSEDpciContextInfo += "\n SubsystemID = 0x" + pciSubsystemId;
|
dSEDpciContextInfo += "\n SubsystemID = 0x" + subsystemId;
|
||||||
|
|
||||||
return dSEDpciContextInfo;
|
return dSEDpciContextInfo;
|
||||||
}
|
}
|
||||||
|
@ -1,14 +1,10 @@
|
|||||||
package hirs.utils.tpm.eventlog.events;
|
package hirs.utils.tpm.eventlog.events;
|
||||||
|
|
||||||
import hirs.utils.HexUtils;
|
import hirs.utils.HexUtils;
|
||||||
import hirs.utils.tpm.eventlog.TcgTpmtHa;
|
|
||||||
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
|
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
|
||||||
import lombok.Getter;
|
|
||||||
|
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class to process the EV_EFI_SPDM_FIRMWARE_BLOB event. The event field MUST be a
|
* Class to process the EV_EFI_SPDM_FIRMWARE_BLOB event. The event field MUST be a
|
||||||
@ -41,7 +37,7 @@ public class EvEfiSpdmFirmwareBlob {
|
|||||||
/**
|
/**
|
||||||
* True if the event is a DEVICE_SECURITY_EVENT_DATA or ..DATA2.
|
* True if the event is a DEVICE_SECURITY_EVENT_DATA or ..DATA2.
|
||||||
*/
|
*/
|
||||||
private boolean bDeviceSecurityEventData = false;
|
private boolean bSpdmDeviceSecurityEventData = false;
|
||||||
/**
|
/**
|
||||||
* Human readable description of the data within this DEVICE_SECURITY_EVENT_DATA/..DATA2 event.
|
* Human readable description of the data within this DEVICE_SECURITY_EVENT_DATA/..DATA2 event.
|
||||||
*/
|
*/
|
||||||
@ -61,7 +57,7 @@ public class EvEfiSpdmFirmwareBlob {
|
|||||||
signature = signature.replaceAll("[^\\P{C}\t\r\n]", ""); // remove null characters
|
signature = signature.replaceAll("[^\\P{C}\t\r\n]", ""); // remove null characters
|
||||||
|
|
||||||
if (signature.contains("SPDM Device Sec")) { // implies Device Security event
|
if (signature.contains("SPDM Device Sec")) { // implies Device Security event
|
||||||
bDeviceSecurityEventData = true;
|
bSpdmDeviceSecurityEventData = true;
|
||||||
|
|
||||||
byte[] versionBytes = new byte[UefiConstants.SIZE_2];
|
byte[] versionBytes = new byte[UefiConstants.SIZE_2];
|
||||||
System.arraycopy(eventData, UefiConstants.OFFSET_16, versionBytes, 0,
|
System.arraycopy(eventData, UefiConstants.OFFSET_16, versionBytes, 0,
|
||||||
@ -87,8 +83,8 @@ public class EvEfiSpdmFirmwareBlob {
|
|||||||
*
|
*
|
||||||
* @return true of the event is a DeviceSecurityEventData.
|
* @return true of the event is a DeviceSecurityEventData.
|
||||||
*/
|
*/
|
||||||
public boolean isDeviceSecurityEventData() {
|
public boolean isSpdmDeviceSecurityEventData() {
|
||||||
return bDeviceSecurityEventData;
|
return bSpdmDeviceSecurityEventData;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -97,7 +93,7 @@ public class EvEfiSpdmFirmwareBlob {
|
|||||||
* @return Human readable description of this event.
|
* @return Human readable description of this event.
|
||||||
*/
|
*/
|
||||||
public String toString() {
|
public String toString() {
|
||||||
if (bDeviceSecurityEventData) {
|
if (bSpdmDeviceSecurityEventData) {
|
||||||
spdmInfo = " Signature = SPDM Device Sec" + spdmInfo;
|
spdmInfo = " Signature = SPDM Device Sec" + spdmInfo;
|
||||||
} else {
|
} else {
|
||||||
spdmInfo = "EV_EFI_SPDM_FIRMWARE_BLOB event named " + signature
|
spdmInfo = "EV_EFI_SPDM_FIRMWARE_BLOB event named " + signature
|
||||||
|
@ -1,20 +1,15 @@
|
|||||||
package hirs.utils.tpm.eventlog.spdm;
|
package hirs.utils.tpm.eventlog.spdm;
|
||||||
|
|
||||||
import hirs.utils.HexUtils;
|
|
||||||
import lombok.AccessLevel;
|
import lombok.AccessLevel;
|
||||||
import lombok.NoArgsConstructor;
|
import lombok.NoArgsConstructor;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class for defining constants referenced in the DMTF SPDM specification.
|
* Class for defining hash algorithms referenced in the DMTF SPDM specification.
|
||||||
|
* SPDM 1.3.0, Table 21, MeasurementHashAlgo.
|
||||||
*/
|
*/
|
||||||
@NoArgsConstructor(access = AccessLevel.PRIVATE)
|
@NoArgsConstructor(access = AccessLevel.PRIVATE)
|
||||||
public class SpdmHa {
|
public class SpdmHa {
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* ------------------- SPDM Spec: MeasurementHashAlgo -------------------
|
|
||||||
* SPDM 1.3.0, Table 21
|
|
||||||
*/
|
|
||||||
/**
|
/**
|
||||||
* Spdm Hash Alg = Raw bit stream
|
* Spdm Hash Alg = Raw bit stream
|
||||||
*/
|
*/
|
||||||
@ -80,5 +75,4 @@ public class SpdmHa {
|
|||||||
}
|
}
|
||||||
return alg;
|
return alg;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -39,9 +39,11 @@ public class SpdmMeasurement {
|
|||||||
@Getter
|
@Getter
|
||||||
private byte[] dmtfSpecMeasurementValue = null;
|
private byte[] dmtfSpecMeasurementValue = null;
|
||||||
|
|
||||||
@Getter(value = AccessLevel.PROTECTED)
|
/**
|
||||||
private byte[] digest = null;
|
* SpdmMeasurement Constructor.
|
||||||
|
*
|
||||||
|
* @param spdmMeasBytes byte array holding the SPDM Measurement bytes.
|
||||||
|
*/
|
||||||
public SpdmMeasurement(final byte[] spdmMeasBytes) {
|
public SpdmMeasurement(final byte[] spdmMeasBytes) {
|
||||||
|
|
||||||
byte[] dmtfSpecMeasurementValueTypeBytes = new byte[1];
|
byte[] dmtfSpecMeasurementValueTypeBytes = new byte[1];
|
||||||
@ -60,6 +62,11 @@ public class SpdmMeasurement {
|
|||||||
dmtfSpecMeasurementValueSize);
|
dmtfSpecMeasurementValueSize);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns a human readable description of the data within this structure.
|
||||||
|
*
|
||||||
|
* @return a description of this structure..
|
||||||
|
*/
|
||||||
public String dmtfSpecMeasurementValueTypeToString(final int measValType) {
|
public String dmtfSpecMeasurementValueTypeToString(final int measValType) {
|
||||||
|
|
||||||
String measValTypeStr;
|
String measValTypeStr;
|
||||||
|
@ -39,6 +39,11 @@ public class SpdmMeasurementBlock {
|
|||||||
*/
|
*/
|
||||||
private SpdmMeasurement spdmMeasurement;
|
private SpdmMeasurement spdmMeasurement;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* SpdmMeasurementBlock Constructor.
|
||||||
|
*
|
||||||
|
* @param spdmMeasBlockBytes byte array holding the SPDM Measurement Block bytes.
|
||||||
|
*/
|
||||||
public SpdmMeasurementBlock(final byte[] spdmMeasBlockBytes) {
|
public SpdmMeasurementBlock(final byte[] spdmMeasBlockBytes) {
|
||||||
|
|
||||||
byte[] indexBytes = new byte[1];
|
byte[] indexBytes = new byte[1];
|
||||||
@ -63,6 +68,11 @@ public class SpdmMeasurementBlock {
|
|||||||
spdmMeasurement = new SpdmMeasurement(measurementBytes);
|
spdmMeasurement = new SpdmMeasurement(measurementBytes);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns a human readable description of the data within this structure.
|
||||||
|
*
|
||||||
|
* @return a description of this structure..
|
||||||
|
*/
|
||||||
public String toString() {
|
public String toString() {
|
||||||
String spdmMeasBlockInfo = "";
|
String spdmMeasBlockInfo = "";
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user