mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-01-15 09:20:24 +00:00
fixed DeviceContext to include either/or PCI USB
This commit is contained in:
parent
12dbf545c0
commit
f573456c95
@ -2,7 +2,6 @@ package hirs.utils.tpm.eventlog.events;
|
||||
|
||||
|
||||
import lombok.Getter;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
|
||||
public class DeviceSecurityEventData extends DeviceSecurityEventDataBase {
|
||||
@ -20,7 +19,7 @@ public class DeviceSecurityEventData extends DeviceSecurityEventDataBase {
|
||||
*/
|
||||
public DeviceSecurityEventData(final byte[] dSEDbytes) throws UnsupportedEncodingException {
|
||||
dsedHeader = new DeviceSecurityEventDataHeader(dSEDbytes);
|
||||
extractDeviceContext(dSEDbytes, dsedHeader.getDSEDheaderByteSize());
|
||||
parseDeviceContext(dSEDbytes, dsedHeader.getDSEDheaderByteSize(), dsedHeader.getDeviceType());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -31,7 +30,7 @@ public class DeviceSecurityEventData extends DeviceSecurityEventDataBase {
|
||||
public String toString() {
|
||||
String dsedInfo = "";
|
||||
dsedInfo += dsedHeader.toString();
|
||||
dsedInfo += getDsedDeviceContext().toString();
|
||||
dsedInfo += getDeviceContextInfo();
|
||||
return dsedInfo;
|
||||
}
|
||||
}
|
||||
|
@ -54,11 +54,18 @@ import java.nio.charset.StandardCharsets;
|
||||
*/
|
||||
public abstract class DeviceSecurityEventDataBase {
|
||||
|
||||
// /**
|
||||
// * DeviceSecurityEventDataDeviceContext Object.
|
||||
// */
|
||||
// @Getter
|
||||
// private DeviceSecurityEventDataDeviceContext dsedDeviceContext = null;
|
||||
|
||||
/**
|
||||
* DeviceSecurityEventDataDeviceContext Object.
|
||||
* Human readable description of the data within the
|
||||
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT. DEVICE can be either PCI or USB.
|
||||
*/
|
||||
@Getter
|
||||
private DeviceSecurityEventDataDeviceContext dsedDeviceContext = null;
|
||||
String deviceContextInfo = "";
|
||||
|
||||
/**
|
||||
* DeviceSecurityEventData Default Constructor.
|
||||
@ -68,16 +75,32 @@ public abstract class DeviceSecurityEventDataBase {
|
||||
|
||||
}
|
||||
|
||||
public void extractDeviceContext(final byte[] dSEDbytes, int startByte) {
|
||||
public void parseDeviceContext(final byte[] dSEDbytes, int startByte, int deviceType) {
|
||||
|
||||
int deviceContextLength = dSEDbytes.length - startByte;
|
||||
|
||||
// get the device type ID
|
||||
// get the device context bytes
|
||||
byte[] deviceContextBytes = new byte[deviceContextLength];
|
||||
System.arraycopy(dSEDbytes, startByte, deviceContextBytes, 0,
|
||||
deviceContextLength);
|
||||
dsedDeviceContext = new DeviceSecurityEventDataDeviceContext(deviceContextBytes);
|
||||
|
||||
if (deviceType == 0) {
|
||||
deviceContextInfo = "No Device Context (indicated by device type value of 0";
|
||||
}
|
||||
else if (deviceType == 1) {
|
||||
DeviceSecurityEventDataPciContext dSEDpciContext
|
||||
= new DeviceSecurityEventDataPciContext(deviceContextBytes);
|
||||
deviceContextInfo = dSEDpciContext.toString();
|
||||
}
|
||||
else if (deviceType == 2) {
|
||||
// DeviceSecurityEventDataUsbContext dSEDusbContext
|
||||
// = new DeviceSecurityEventDataUsbContext(deviceContextBytes);
|
||||
// deviceContextInfo = dSEDusbContext.toString();
|
||||
deviceContextInfo = "Device type is USB - to be implemented in future";
|
||||
}
|
||||
else {
|
||||
deviceContextInfo = " Unknown device type; cannot process device context";
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -13,18 +13,29 @@ import java.nio.charset.StandardCharsets;
|
||||
* identification of the device, device vendor, subsystem, etc. Device can be either a PCI
|
||||
* or USB connection.
|
||||
* <p>
|
||||
* typedef struct tdDEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT {
|
||||
* typedef union tdDEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT {
|
||||
* DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT PciContext;
|
||||
* DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT UsbContext;
|
||||
* } DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT;
|
||||
* <p>
|
||||
*/
|
||||
public class DeviceSecurityEventDataDeviceContext {
|
||||
public abstract class DeviceSecurityEventDataDeviceContext {
|
||||
|
||||
// /**
|
||||
// * SPDM Measurement Block.
|
||||
// */
|
||||
// private DeviceSecurityEventDataPciContext deviceSecurityEventDataPciContext = null;
|
||||
|
||||
/**
|
||||
* SPDM Measurement Block.
|
||||
* PCI Version.
|
||||
*/
|
||||
private DeviceSecurityEventDataPciContext deviceSecurityEventDataPciContext = null;
|
||||
@Getter
|
||||
private int version = 0;
|
||||
/**
|
||||
* PCI Length.
|
||||
*/
|
||||
@Getter
|
||||
private int length = 0;
|
||||
|
||||
/**
|
||||
* DeviceSecurityEventDataDeviceContext Constructor.
|
||||
@ -33,28 +44,28 @@ public class DeviceSecurityEventDataDeviceContext {
|
||||
*/
|
||||
public DeviceSecurityEventDataDeviceContext(final byte[] dSEDdeviceContextBytes) {
|
||||
|
||||
byte[] dSEDpciContextLengthBytes = new byte[2];
|
||||
System.arraycopy(dSEDdeviceContextBytes, 2, dSEDpciContextLengthBytes, 0, 2);
|
||||
int dSEDpciContextLength = HexUtils.leReverseInt(dSEDpciContextLengthBytes);
|
||||
byte[] pciVersionBytes = new byte[2];
|
||||
System.arraycopy(dSEDdeviceContextBytes, 0, pciVersionBytes, 0, 2);
|
||||
version = HexUtils.leReverseInt(pciVersionBytes);
|
||||
|
||||
byte[] dSEDpciContextBytes = new byte[dSEDpciContextLength];
|
||||
System.arraycopy(dSEDdeviceContextBytes, 0, dSEDpciContextBytes, 0, dSEDpciContextLength);
|
||||
deviceSecurityEventDataPciContext = new DeviceSecurityEventDataPciContext(dSEDpciContextBytes);
|
||||
|
||||
//TODO add USB context
|
||||
byte[] pciLengthBytes = new byte[2];
|
||||
System.arraycopy(dSEDdeviceContextBytes, 2, pciLengthBytes, 0, 2);
|
||||
length = HexUtils.leReverseInt(pciLengthBytes);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a human readable description of the data within this structure.
|
||||
* Returns a human readable description of the data common to device context structures.
|
||||
*
|
||||
* @return a description of this structure..
|
||||
*/
|
||||
public String toString() {
|
||||
String dSEDdeviceContextInfo = "";
|
||||
public String deviceContextCommonInfoToString() {
|
||||
String dSEDdeviceContextCommonInfo = "";
|
||||
|
||||
dSEDdeviceContextInfo += deviceSecurityEventDataPciContext.toString();
|
||||
dSEDdeviceContextCommonInfo += "\n DeviceSecurityEventData - Device Info";
|
||||
dSEDdeviceContextCommonInfo += "\n Device Structure Version = " + version;
|
||||
|
||||
return dSEDdeviceContextInfo;
|
||||
return dSEDdeviceContextCommonInfo;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
@ -110,7 +110,7 @@ public class DeviceSecurityEventDataHeader extends DeviceSecurityEventDataHeader
|
||||
public String toString() {
|
||||
String dsedHeaderInfo = "";
|
||||
|
||||
dsedHeaderInfo += headerBaseToString();
|
||||
dsedHeaderInfo += headerCommonInfoToString();
|
||||
String spdmHashAlgoStr = SpdmHa.tcgAlgIdToString(spdmHashAlgo);
|
||||
dsedHeaderInfo += "\n SPDM Hash Algorithm = " + spdmHashAlgoStr;
|
||||
dsedHeaderInfo += "\n SPDM Measurement Block:";
|
||||
|
@ -189,19 +189,19 @@ public abstract class DeviceSecurityEventDataHeaderBase {
|
||||
*
|
||||
* @return a description of this structure.
|
||||
*/
|
||||
public String headerBaseToString() {
|
||||
String dsedHeaderInfo = "";
|
||||
public String headerCommonInfoToString() {
|
||||
String dsedHeaderCommonInfo = "";
|
||||
|
||||
dsedHeaderInfo += "\n SPDM Device Type = " + deviceTypeToString(deviceType);
|
||||
dsedHeaderCommonInfo += "\n SPDM Device Type = " + deviceTypeToString(deviceType);
|
||||
if (devicePathValid) {
|
||||
dsedHeaderInfo += "\n SPDM Device Path =\n";
|
||||
dsedHeaderInfo += devicePath;
|
||||
dsedHeaderCommonInfo += "\n SPDM Device Path =\n";
|
||||
dsedHeaderCommonInfo += devicePath;
|
||||
}
|
||||
else {
|
||||
dsedHeaderInfo += "\n SPDM Device Path = Unknown or invalid";
|
||||
dsedHeaderCommonInfo += "\n SPDM Device Path = Unknown or invalid";
|
||||
}
|
||||
|
||||
return dsedHeaderInfo;
|
||||
return dsedHeaderCommonInfo;
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -41,18 +41,8 @@ import java.util.List;
|
||||
* https://admin.pci-ids.ucw.cz/read/PD/
|
||||
* The revision ID is controlled by the vendor and cannot be looked up.
|
||||
*/
|
||||
public class DeviceSecurityEventDataPciContext {
|
||||
public class DeviceSecurityEventDataPciContext extends DeviceSecurityEventDataDeviceContext {
|
||||
|
||||
/**
|
||||
* PCI Version.
|
||||
*/
|
||||
@Getter
|
||||
private int pciVersion = 0;
|
||||
/**
|
||||
* PCI Length.
|
||||
*/
|
||||
@Getter
|
||||
private int pciLength = 0;
|
||||
/**
|
||||
* PCI Vendor ID.
|
||||
*/
|
||||
@ -91,13 +81,7 @@ public class DeviceSecurityEventDataPciContext {
|
||||
*/
|
||||
public DeviceSecurityEventDataPciContext(final byte[] dSEDpciContextBytes) {
|
||||
|
||||
byte[] pciVersionBytes = new byte[2];
|
||||
System.arraycopy(dSEDpciContextBytes, 0, pciVersionBytes, 0, 2);
|
||||
pciVersion = HexUtils.leReverseInt(pciVersionBytes);
|
||||
|
||||
byte[] pciLengthBytes = new byte[2];
|
||||
System.arraycopy(dSEDpciContextBytes, 2, pciLengthBytes, 0, 2);
|
||||
pciLength = HexUtils.leReverseInt(pciLengthBytes);
|
||||
super(dSEDpciContextBytes);
|
||||
|
||||
byte[] pciVendorIdBytes = new byte[2];
|
||||
System.arraycopy(dSEDpciContextBytes, 4, pciVendorIdBytes, 0, 2);
|
||||
@ -133,9 +117,8 @@ public class DeviceSecurityEventDataPciContext {
|
||||
public String toString() {
|
||||
String dSEDpciContextInfo = "";
|
||||
|
||||
dSEDpciContextInfo += "\n DeviceSecurityEventData - PCI Context";
|
||||
dSEDpciContextInfo += "\n Version = " + pciVersion;
|
||||
dSEDpciContextInfo += "\n Length = " + pciLength;
|
||||
dSEDpciContextInfo += deviceContextCommonInfoToString();
|
||||
dSEDpciContextInfo += "\n Device Type = PCI";
|
||||
dSEDpciContextInfo += "\n VendorID = 0x" + pciVendorId;
|
||||
dSEDpciContextInfo += "\n DeviceID = 0x" + pciDeviceId;
|
||||
dSEDpciContextInfo += "\n RevisionID = 0x" + pciRevisionId;
|
||||
|
Loading…
Reference in New Issue
Block a user