efivalidate 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/efivalidate.gemspec +2 -2
  3. data/lib/efivalidate/ealf_row.rb +32 -1
  4. data/lib/efivalidate/efi_validator.rb +3 -1
  5. data/lib/efivalidate/version.rb +1 -1
  6. metadata +21 -20
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 037ca593ce0ba5a08920d051c191e5f9c4d3a71a
4
- data.tar.gz: cd59412dc988879399f553b91a965cdca1a59a77
3
+ metadata.gz: 514d5fb2a75126d7d039f6cc058a0fc19bedfbe4
4
+ data.tar.gz: a0164e6b1dd712b69a02b676a7d7bc4c0c232ac3
5
5
  SHA512:
6
- metadata.gz: 156c354cdf536fbc2a09b9a820cf29c023ebdcbd3042241f4286e0689d0b37441ef5b187fea248a6bd218b64d874e726923b2747412356263ce7543457976281
7
- data.tar.gz: 8496a21db212539db45a5e6547e361c16a6b25a581855e899ec7c45ad7a73c3a13f543c93d3bba114745709d784cd8e5a218598f294cb288262712ca5513a9de
6
+ metadata.gz: 1203c3812f4f9251bc4faf8103e91b8e1b5fb3f8043812c6aa4bcf3f6e3a8919ad51cf1b0dbad544e13dde405a7d39897aa5f90a49e0237e1ab542499b0ed200
7
+ data.tar.gz: 51db27828f8b0f91edddd7c292c5a0ebe64daca5661aa878e02f8eb836b4419c776a54ae3e66c44110b62a0ab34a0e12fcbfe9a76add6e07cf6c448306d63758
data/efivalidate.gemspec CHANGED
@@ -9,8 +9,8 @@ Gem::Specification.new do |spec|
9
9
  spec.authors = ["Rick Mark"]
10
10
  spec.email = ["rickmark@dropbox.com"]
11
11
 
12
- spec.summary = %q{Validate Apple EFI images offline}
13
- spec.description = %q{Implements an algorithm to compare Apple EFI against their EALF baselines.}
12
+ spec.summary = %q{Validate Apple EFI images against whitelist}
13
+ spec.description = %q{Implements an algorithm to compare Apple EFI against their EALF whitelist baselines.}
14
14
  spec.homepage = "https://github.com/rickmark/efivalidate"
15
15
  spec.license = "MIT"
16
16
 
data/lib/efivalidate/ealf_row.rb CHANGED
@@ -23,8 +23,39 @@ module EFIValidate
23
23
  UUIDTools::UUID.parse_raw(self.ealf_uuid)
24
24
  end
25
25
 
26
+ def is_privacy_row?
27
+ self.ealf_hash.each_byte.all? { |b| b == 0 }
28
+ end
29
+
26
30
  def to_s
27
- "<#{'%02x' % ealf_component}:#{ '%02x' % self.ealf_region }:#{ "%04x" % self.ealf_master }:#{ "%08x" % self.ealf_offset }:#{ "%08x" % self.ealf_length}:#{self.uuid}:#{self.hash}>"
31
+ "<#{'%02x' % ealf_component}:#{ '%02x' % self.ealf_region }:#{ "%04x" % self.ealf_master }:#{ "%08x" % self.ealf_offset }:#{ "%08x" % self.ealf_length}:#{self.format_uuid}:#{self.hash}>"
32
+ end
33
+
34
+ def format_uuid
35
+
36
+ value = EFIValidate::ROW_GUIDS[self.uuid.to_s]
37
+
38
+ if value
39
+ sprintf "%36.36s", value
40
+ else
41
+ self.uuid
42
+ end
28
43
  end
29
44
  end
45
+
46
+ ROW_GUIDS = { 'ef7f23e1-7ba0-a64a-baea-33edff15ba3f' => 'BIOS_EMPTY_SPACE',
47
+ 'd954937a-6804-4a44-81ce-0bf617d890df' => 'EFI_FLASH_FILE_SYSTEM_VOLUME',
48
+ '8c1b00bd-716a-7b48-a14f-0c2a2dcf7a5d' => 'APPLE_IMMUTABLE_FIRMWARE_VOLUME',
49
+ '78e58c8c-3d8a-1c4f-9935-896185c32dd3' => 'EFI_FIRMWARE_FILE_SYSTEM_2_VOLUME',
50
+ 'a980b9e3-e35f-e548-9b92-2798385a9027' => 'EMPTY_SHMOO_FIRMWARE_VOLUME',
51
+ '484c38ef-0cab-544b-8ed9-0710ad500c0f' => 'FIELD_SHMOO_FIRMWARE_VOLUME',
52
+ '0a369089-370e-2245-a8a7-a55041013deb' => 'DALE_SHMOO_FIRMWARE_VOLUME',
53
+ '97213d15-bd29-dc44-ac59-887f70e41a6b' => 'MICROCODE_FIRMWARE_VOLUME',
54
+ '8d2bf1ff-9676-8b4c-a985-2747075b4f50' => 'EFI_SYSTEM_NNRAM_FIRMWARE_VOLUME',
55
+ '096de3c3-9482-974b-a857-d5288fe33e28' => 'BIOS_IDENTIFIER',
56
+ 'b57d69bb-60ed-ac46-8754-7580b8b27ed0' => 'APPLE_SEC_VOLUMES_FILE',
57
+ '2e06a01b-79c7-8245-8566-336ae8f78f09' => 'SEC_CORE',
58
+ '17706906-2e5f-225e-ad94-5816399c720a' => 'APPLE_ROM_MANIFEST',
59
+ 'a3b9f5ce-6d47-7f49-9fdc-e98143e0422c' => 'AMI_NVRAM_FILE',
60
+ '24465000-598a-eb4e-bd0f-6b36e96128e0' => 'PHOENIX_NVRAM_FIRMWARE_VOLUME' }
30
61
  end
data/lib/efivalidate/efi_validator.rb CHANGED
@@ -12,11 +12,13 @@ module EFIValidate
12
12
  @errors = []
13
13
 
14
14
  @parser.rows.each do |row|
15
+ next if row.is_privacy_row?
16
+
15
17
  @data.seek row.ealf_offset
16
18
 
17
19
  section_data = @data.read row.ealf_length
18
20
 
19
- calculated_hash = @parser.header.create_hash.hexdigest section_data
21
+ calculated_hash = @parser.header.create_hash.hexdigest (section_data || '')
20
22
 
21
23
  @errors << EFIValidationError.new(row, section_data, calculated_hash) unless calculated_hash == row.hash
22
24
  end
data/lib/efivalidate/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EFIValidate
2
- VERSION = "1.0.0"
2
+ VERSION = "1.1.0"
3
3
  end
metadata CHANGED
@@ -1,86 +1,87 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: efivalidate
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rick Mark
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-12-24 00:00:00.000000000 Z
11
+ date: 2018-01-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: iostruct
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ~>
18
18
  - !ruby/object:Gem::Version
19
19
  version: 0.0.4
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - "~>"
24
+ - - ~>
25
25
  - !ruby/object:Gem::Version
26
26
  version: 0.0.4
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: uuidtools
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - "~>"
31
+ - - ~>
32
32
  - !ruby/object:Gem::Version
33
33
  version: '2.1'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - "~>"
38
+ - - ~>
39
39
  - !ruby/object:Gem::Version
40
40
  version: '2.1'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: bundler
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - "~>"
45
+ - - ~>
46
46
  - !ruby/object:Gem::Version
47
47
  version: '1.15'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - "~>"
52
+ - - ~>
53
53
  - !ruby/object:Gem::Version
54
54
  version: '1.15'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: rake
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - "~>"
59
+ - - ~>
60
60
  - !ruby/object:Gem::Version
61
61
  version: '10.0'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - "~>"
66
+ - - ~>
67
67
  - !ruby/object:Gem::Version
68
68
  version: '10.0'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rspec
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - "~>"
73
+ - - ~>
74
74
  - !ruby/object:Gem::Version
75
75
  version: '3.0'
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
- - - "~>"
80
+ - - ~>
81
81
  - !ruby/object:Gem::Version
82
82
  version: '3.0'
83
- description: Implements an algorithm to compare Apple EFI against their EALF baselines.
83
+ description: Implements an algorithm to compare Apple EFI against their EALF whitelist
84
+ baselines.
84
85
  email:
85
86
  - rickmark@dropbox.com
86
87
  executables:
@@ -88,9 +89,9 @@ executables:
88
89
  extensions: []
89
90
  extra_rdoc_files: []
90
91
  files:
91
- - ".gitignore"
92
- - ".rspec"
93
- - ".travis.yml"
92
+ - .gitignore
93
+ - .rspec
94
+ - .travis.yml
94
95
  - CODE_OF_CONDUCT.md
95
96
  - FORMAT.md
96
97
  - Gemfile
@@ -120,18 +121,18 @@ require_paths:
120
121
  - lib
121
122
  required_ruby_version: !ruby/object:Gem::Requirement
122
123
  requirements:
123
- - - ">="
124
+ - - '>='
124
125
  - !ruby/object:Gem::Version
125
126
  version: '0'
126
127
  required_rubygems_version: !ruby/object:Gem::Requirement
127
128
  requirements:
128
- - - ">="
129
+ - - '>='
129
130
  - !ruby/object:Gem::Version
130
131
  version: '0'
131
132
  requirements: []
132
133
  rubyforge_project:
133
- rubygems_version: 2.6.14
134
+ rubygems_version: 2.0.14.1
134
135
  signing_key:
135
136
  specification_version: 4
136
- summary: Validate Apple EFI images offline
137
+ summary: Validate Apple EFI images against whitelist
137
138
  test_files: []