Skip to content

Commit

Permalink
Merge pull request #861 from nsacyber/v3_issue_860-spdm
Browse files Browse the repository at this point in the history 
fix checkstyle changes that were lost during merge conflict of pciids PR
  • Loading branch information
@iadgovuser58
iadgovuser58 authored Oct 24, 2024
2 parents 9662c08 + 7759dbb commit 775ab4a
Show file tree
Hide file tree
Showing 23 changed files with 251 additions and 223 deletions.
52 changes: 36 additions & 16 deletions HIRS_Utils/src/main/java/hirs/utils/PciIds.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ public final class PciIds {
}
}

if(dbFile != null) {
if (dbFile != null) {
InputStream is = null;
try {
is = new FileInputStream(dbFile);
Expand All @@ -97,9 +97,9 @@ public final class PciIds {
}

// if pciids file is not found on the system or not accessible, then attempt to grab it from code
if(pciidsFileStatus == UefiConstants.FILESTATUS_NOT_ACCESSIBLE) {
if (pciidsFileStatus == UefiConstants.FILESTATUS_NOT_ACCESSIBLE) {
InputStream isFromCode = PciIds.class.getResourceAsStream(PCIIDS_FILENAME);
if(isFromCode != null) {
if (isFromCode != null) {
try {
DB.loadStream(isFromCode);
pciidsFileStatus = UefiConstants.FILESTATUS_FROM_CODE;
Expand All @@ -115,20 +115,21 @@ public final class PciIds {
}

// if pciids file is not accessible on system or from within code, then log error
if(pciidsFileStatus == UefiConstants.FILESTATUS_NOT_ACCESSIBLE) {
if (pciidsFileStatus == UefiConstants.FILESTATUS_NOT_ACCESSIBLE) {
log.info("PCI IDs file was NOT accessible from within the system or within the code");
}
}
}

/**
* Default private constructor so checkstyles doesn't complain
* Default private constructor so checkstyles doesn't complain.
*/
private PciIds() { }

/**
* Look up the vendor name from the PCI IDs list, if the input string contains an ID.
* If any part of this fails, return the original manufacturer value.
*
* @param refManufacturer DERUTF8String, likely from a ComponentIdentifier
* @return DERUTF8String with the discovered vendor name, or the original manufacturer value.
*/
Expand All @@ -148,6 +149,7 @@ public static ASN1UTF8String translateVendor(final ASN1UTF8String refManufacture
/**
* Look up the vendor name from the PCI IDs list, if the input string contains an ID.
* If any part of this fails, return the original manufacturer value.
*
* @param refManufacturer String, likely from a ComponentResult
* @return String with the discovered vendor name, or the original manufacturer value.
*/
Expand All @@ -168,6 +170,7 @@ public static String translateVendor(final String refManufacturer) {
* Look up the device name from the PCI IDs list, if the input strings contain IDs.
* The Device lookup requires the Vendor ID AND the Device ID to be valid values.
* If any part of this fails, return the original model value.
*
* @param refManufacturer ASN1UTF8String, likely from a ComponentIdentifier
* @param refModel ASN1UTF8String, likely from a ComponentIdentifier
* @return ASN1UTF8String with the discovered device name, or the original model value.
Expand All @@ -194,6 +197,7 @@ public static ASN1UTF8String translateDevice(final ASN1UTF8String refManufacture
* Look up the device name from the PCI IDs list, if the input strings contain IDs.
* The Device lookup requires the Vendor ID AND the Device ID to be valid values.
* If any part of this fails, return the original model value.
*
* @param refManufacturer String, likely from a ComponentResult
* @param refModel String, likely from a ComponentResult
* @return String with the discovered device name, or the original model value.
Expand All @@ -218,15 +222,16 @@ public static String translateDevice(final String refManufacturer,
/**
* Look up the device class name from the PCI IDs list, if the input string contains an ID.
* If any part of this fails, return the original manufacturer value.
*
* @param refClassCode String, formatted as 2 characters (1 byte) for each of the 3 categories
* Example "010802":
* Class: "01"
* Subclass: "08"
* Programming Interface: "02"
* . Example "010802":
* . Class: "01"
* . Subclass: "08"
* . Programming Interface: "02"
* @return List<String> 3-element list with the class code
* 1st element: human-readable description of Class
* 2nd element: human-readable description of Subclass
* 3rd element: human-readable description of Programming Interface
* . 1st element: human-readable description of Class
* . 2nd element: human-readable description of Subclass
* . 3rd element: human-readable description of Programming Interface
*/
public static List<String> translateDeviceClass(final String refClassCode) {
List<String> translatedClassCode = new ArrayList<>();
Expand All @@ -235,9 +240,24 @@ public static List<String> translateDeviceClass(final String refClassCode) {
if (!pciidsFileStatus.equals(UefiConstants.FILESTATUS_NOT_ACCESSIBLE)
&& classCode != null
&& classCode.trim().matches("^[0-9A-Fa-f]{6}$")) {
String deviceClass = classCode.substring(0, 2).toLowerCase();
String deviceSubclass = classCode.substring(2, 4).toLowerCase();
String programInterface = classCode.substring(4, 6).toLowerCase();

final int startIndexOfDeviceClass = 0;
final int endIndexOfDeviceClass = 2;
String deviceClass =
classCode.substring(startIndexOfDeviceClass, endIndexOfDeviceClass).toLowerCase();

final int startIndexOfDeviceSubclass = 2;
final int endIndexOfDeviceSubclass = 4;
String deviceSubclass =
classCode.substring(startIndexOfDeviceSubclass, endIndexOfDeviceSubclass)
.toLowerCase();

final int startIndexOfProgramInterface = 4;
final int endIndexOfProgramInterface = 6;
final String programInterface =
classCode.substring(startIndexOfProgramInterface, endIndexOfProgramInterface)
.toLowerCase();

translatedClassCode.add(deviceClass);
translatedClassCode.add(deviceSubclass);
translatedClassCode.add(programInterface);
Expand All @@ -256,4 +276,4 @@ public static List<String> translateDeviceClass(final String refClassCode) {
}
return translatedClassCode;
}
}
}
4 changes: 2 additions & 2 deletions HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TcgTpmtHa.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@
* Class to for the TCG defined TPMT_HA structure used to support the Crypto Agile Log format.
* <p>
* typedef struct {
* TPMI_ALG_HASH hashAlg;
* TPMU_HA digest;
* . TPMI_ALG_HASH hashAlg;
* . TPMU_HA digest;
* } TPMT_HA;
*/
public class TcgTpmtHa {
Expand Down
20 changes: 10 additions & 10 deletions HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,16 +39,16 @@
* TCG_PCR_EVENT is used when the Event log uses the SHA1 Format as described in the
* TCG Platform Firmware Profile (PFP) specification.
* typedef struct {
* TCG_PCRINDEX PCRIndex; //PCR Index value that either
* //matches the PCRIndex of a
* //previous extend operation or
* //indicates that this Event Log
* //entry is not associated with
* //an extend operation
* TCG_EVENTTYPE EventType; //See Log event types defined in toStrng()
* TCG_DIGEST digest; //The hash of the event data
* UINT32 EventSize; //Size of the event data
* UINT8 Event[EventSize]; //The event data
* . TCG_PCRINDEX PCRIndex; //PCR Index value that either
* . //matches the PCRIndex of a
* . //previous extend operation or
* . //indicates that this Event Log
* . //entry is not associated with
* . //an extend operation
* . TCG_EVENTTYPE EventType; //See Log event types defined in toStrng()
* . TCG_DIGEST digest; //The hash of the event data
* . UINT32 EventSize; //Size of the event data
* . UINT8 Event[EventSize]; //The event data
* } TCG_PCR_EVENT;
*/
@Log4j2
Expand Down
10 changes: 5 additions & 5 deletions HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent1.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,11 @@
* TCG Platform Firmware Profile specification.
* typedef struct {
* UINT32 PCRIndex; //PCR Index value that either
* //matches the PCRIndex of a
* //previous extend operation or
* //indicates that this Event Log
* //entry is not associated with
* //an extend operation
* . //matches the PCRIndex of a
* . //previous extend operation or
* . //indicates that this Event Log
* . //entry is not associated with
* . //an extend operation
* UINT32 EventType; //See Log event types
* BYTE digest[20]; //The SHA1 hash of the event data
* UINT32 EventSize; //Size of the event data
Expand Down
38 changes: 19 additions & 19 deletions HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent2.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,30 +16,30 @@
* TCG Platform Firmware Profile specification.
* This class will only process SHA-256 digests.
* typedef struct {
* UINT32 PCRIndex; //PCR Index value that either
* //matches the PCRIndex of a
* //previous extend operation or
* //indicates that this Event Log
* //entry is not associated with
* //an extend operation
* UINT32 EventType; //See Log event types
* TPML_DIGEST_VALUES digest; //The hash of the event data
* UINT32 EventSize; //Size of the event data
* BYTE Event[1]; //The event data
* } TCG_PCR_EVENT2; //The event data structure to be added
* . UINT32 PCRIndex; //PCR Index value that either
* . //matches the PCRIndex of a
* . //previous extend operation or
* . //indicates that this Event Log
* . //entry is not associated with
* . //an extend operation
* . UINT32 EventType; //See Log event types
* . TPML_DIGEST_VALUES digest; //The hash of the event data
* . UINT32 EventSize; //Size of the event data
* . BYTE Event[1]; //The event data
* } TCG_PCR_EVENT2; //The event data structure to be added
* typedef struct {
* UINT32 count;
* TPMT_HA digests[HASH_COUNT];
* . UINT32 count;
* . TPMT_HA digests[HASH_COUNT];
* } TPML_DIGEST_VALUES;
* typedef struct {
* TPMI_ALG_HASH hashAlg;
* TPMU_HA digest;
* . TPMI_ALG_HASH hashAlg;
* . TPMU_HA digest;
* } TPMT_HA;
* typedef union {
* BYTE sha1[SHA1_DIGEST_SIZE];
* BYTE sha256[SHA256_DIGEST_SIZE];
* BYTE sha384[SHA384_DIGEST_SIZE];
* BYTE sha512[SHA512_DIGEST_SIZE];
* . BYTE sha1[SHA1_DIGEST_SIZE];
* . BYTE sha256[SHA256_DIGEST_SIZE];
* . BYTE sha384[SHA384_DIGEST_SIZE];
* . BYTE sha512[SHA512_DIGEST_SIZE];
* } TPMU_HA;
* define SHA1_DIGEST_SIZE 20
* define SHA256_DIGEST_SIZE 32
Expand Down
33 changes: 17 additions & 16 deletions HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,34 +8,34 @@
* Abstract base class to process the DEVICE_SECURITY_EVENT_DATA or ..DATA2 event.
* Parses event data per PFP v1.06 Rev52 Tables 20 and 26.
* The event data comes in 2 forms:
* 1) DEVICE_SECURITY_EVENT_DATA or
* 2) DEVICE_SECURITY_EVENT_DATA2
* . 1) DEVICE_SECURITY_EVENT_DATA or
* . 2) DEVICE_SECURITY_EVENT_DATA2
* The first 2 fields of the respective headers are the same in both ..DATA and ..DATA2.
* Field 1:
* The first 16 bytes of the event data header MUST be a String based identifier (Signature),
* per PFP. The only currently defined Signatures are "SPDM Device Sec" and "SPDM Device Sec2",
* which implies the data is a DEVICE_SECURITY_EVENT_DATA or ..DATA2, respectively.
* . The first 16 bytes of the event data header MUST be a String based identifier (Signature),
* . per PFP. The only currently defined Signatures are "SPDM Device Sec" and "SPDM Device Sec2",
* . which implies the data is a DEVICE_SECURITY_EVENT_DATA or ..DATA2, respectively.
* Field 2:
* The Version field also indicates whether the Device Security Event is ..DATA or ..DATA2.
* . The Version field also indicates whether the Device Security Event is ..DATA or ..DATA2.
*
* DEVICE SECURITY EVENT structures defined by PFP v1.06 Rev 52:
* <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA {
* DEVICE_SECURITY_EVENT_DATA_HEADER EventDataHeader;
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* . DEVICE_SECURITY_EVENT_DATA_HEADER EventDataHeader;
* . DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* } DEVICE_SECURITY_EVENT_DATA;
* <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA2 {
* DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
* DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* . DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
* . DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
* . DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* } DEVICE_SECURITY_EVENT_DATA2;
* <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER or HEADER2 {
* UINT8 Signature[16];
* UINT16 Version;
* ... ...
* (The rest of the components are different for HEADER vs HEADER2)
* . UINT8 Signature[16];
* . UINT16 Version;
* . ... ...
* . (The rest of the components are different for HEADER vs HEADER2)
* }
* <p>
*/
Expand Down Expand Up @@ -64,7 +64,8 @@ public abstract class DeviceSecurityEvent {
/**
* Track status of pci.ids
* This is only used for events that access the pci.ids file.
* (In this class, this is only needed if DeviceSecurityEvent includes a DeviceSecurityEventDataPciContext)
* (In this class, this is only needed if DeviceSecurityEvent includes
* a DeviceSecurityEventDataPciContext)
* Default is normal status (normal status is from-filesystem).
* Status will only change IF this is an event that uses this file,
* and if that event causes a different status.
Expand Down
4 changes: 2 additions & 2 deletions HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@
* Parses event data per PFP v1.06 Rev52 Table 20.
* <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA {
* DEVICE_SECURITY_EVENT_DATA_HEADER EventDataHeader;
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* . DEVICE_SECURITY_EVENT_DATA_HEADER EventDataHeader;
* . DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* } DEVICE_SECURITY_EVENT_DATA;
* <p>
*/
Expand Down
6 changes: 3 additions & 3 deletions HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventData2.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@
* Parses event data per PFP v1.06 Rev52 Table 26.
* <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA2 {
* DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
* DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
* DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* . DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
* . DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
* . DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
* } DEVICE_SECURITY_EVENT_DATA2;
* <p>
*/
Expand Down
4 changes: 2 additions & 2 deletions ...ls/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataDeviceContext.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@
* or USB connection.
* <p>
* typedef union tdDEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT {
* DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT PciContext;
* DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT UsbContext;
* . DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT PciContext;
* . DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT UsbContext;
* } DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT;
* <p>
*/
Expand Down
16 changes: 8 additions & 8 deletions HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,14 @@
* HEADERS defined by PFP v1.06 Rev 52:
* <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER {
* UINT8 Signature[16];
* UINT16 Version;
* UINT16 Length;
* UINT32 SpdmHashAlg;
* UINT32 DeviceType;
* SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock;
* UINT64 DevicePathLength;
* UNIT8 DevicePath[DevicePathLength]
* . UINT8 Signature[16];
* . UINT16 Version;
* . UINT16 Length;
* . UINT32 SpdmHashAlg;
* . UINT32 DeviceType;
* . SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock;
* . UINT64 DevicePathLength;
* . UNIT8 DevicePath[DevicePathLength]
* } DEVICE_SECURITY_EVENT_DATA_HEADER;
* <p>
* Assumption: there is only 1 SpdmMeasurementBlock per event. Need more test patterns to verify.
Expand Down
22 changes: 11 additions & 11 deletions HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEventDataHeader2.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,17 +11,17 @@
* HEADERS defined by PFP v1.06 Rev 52:
* <p>
* typedef struct tdDEVICE_SECURITY_EVENT_DATA_HEADER2 {
* UINT8 Signature[16];
* UINT16 Version;
* UINT8 AuthState;
* UINT8 Reserved
* UINT32 Length;
* UINT32 DeviceType;
* UINT32 SubHeaderType;
* UINT32 SubHeaderLength;
* UINT64 SubHeaderUID;
* UINT64 DevicePathLength;
* UNIT8 DevicePath[DevicePathLength]
* . UINT8 Signature[16];
* . UINT16 Version;
* . UINT8 AuthState;
* . UINT8 Reserved
* . UINT32 Length;
* . UINT32 DeviceType;
* . UINT32 SubHeaderType;
* . UINT32 SubHeaderLength;
* . UINT64 SubHeaderUID;
* . UINT64 DevicePathLength;
* . UNIT8 DevicePath[DevicePathLength]
* } DEVICE_SECURITY_EVENT_DATA_HEADER2;
* <p>
*/
Expand Down
Loading

0 comments on commit 775ab4a

Please sign in to comment.