From 765927cfd16f93f3761da1e52017157e2b3c46b2 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Wed, 19 Jul 2023 18:26:21 +0200 Subject: [PATCH] parse and encrypted erasure --- ereuse_devicehub/parser/parser.py | 39 ++++++++++++++++----- ereuse_devicehub/parser/schemas.py | 3 ++ ereuse_devicehub/resources/action/models.py | 7 ++++ ereuse_devicehub/resources/enums.py | 8 +++++ 4 files changed, 48 insertions(+), 9 deletions(-) diff --git a/ereuse_devicehub/parser/parser.py b/ereuse_devicehub/parser/parser.py index 89b7609b..e7738e98 100644 --- a/ereuse_devicehub/parser/parser.py +++ b/ereuse_devicehub/parser/parser.py @@ -74,7 +74,6 @@ class ParseSnapshot: self.get_display() self.get_sound_card() self.get_networks() - self.get_networks() def get_cpu(self): for cpu in self.dmi.get('Processor'): @@ -99,6 +98,11 @@ class ParseSnapshot: def get_ram(self): for ram in self.dmi.get("Memory Device"): + if ram.get('size') == 'No Module Installed': + continue + if not ram.get("Speed"): + continue + self.components.append( { "actions": [], @@ -184,6 +188,7 @@ class ParseSnapshot: def sanitize(self, disk): disk_sanitize = None + # import pdb; pdb.set_trace() for d in self.sanitize_raw: s = d.get('device_info', {}).get('export_data', {}) s = s.get('block', {}).get('serial') @@ -194,8 +199,15 @@ class ParseSnapshot: return [] steps = [] + step_type = 'EraseBasic' + if disk.get('name') == 'Baseline Cryptographic': + step_type = 'EraseCrypto' + + if disk.get('type') == 'EraseCrypto': + step_type = 'EraseCrypto' + erase = { - 'type': 'EraseBasic', + 'type': step_type, 'severity': disk_sanitize['severity'].name, 'steps': steps, 'startTime': None, @@ -398,13 +410,17 @@ class ParseSnapshot: return slots def get_ram_size(self, ram): - memory = ram.get("Size", "0") - memory = memory.split(' ') - if len(memory) > 1: - size = int(memory[0]) - units = memory[1] - return base2.Quantity(size, units).to('MiB').m - return int(size.split(" ")[0]) + try: + memory = ram.get("Size", "0") + memory = memory.split(' ') + if len(memory) > 1: + size = int(memory[0]) + units = memory[1] + return base2.Quantity(size, units).to('MiB').m + return int(size.split(" ")[0]) + except Exception as err: + logger.error("get_ram_size error: {}".format(err)) + return 0 def get_ram_speed(self, ram): size = ram.get("Speed", "0") @@ -631,6 +647,11 @@ class ParseSnapshotLsHw: def get_ram(self): for ram in self.dmi.get("Memory Device"): + if ram.get('size') == 'No Module Installed': + continue + if not ram.get("Speed"): + continue + self.components.append( { "actions": [], diff --git a/ereuse_devicehub/parser/schemas.py b/ereuse_devicehub/parser/schemas.py index 4dbdb106..029827d1 100644 --- a/ereuse_devicehub/parser/schemas.py +++ b/ereuse_devicehub/parser/schemas.py @@ -33,6 +33,7 @@ class Steps(MarshmallowSchema): @pre_load def preload_datas(self, data: dict): + # import pdb; pdb.set_trace() data['severity'] = Severity.Info.name data.pop('duration', None) data.pop('commands', None) @@ -45,6 +46,8 @@ class Steps(MarshmallowSchema): if data.get('date_end'): data['date_end'] = datetime.fromtimestamp(data['date_end']).isoformat() + else: + data['date_end'] = data['date_init'] class Sanitize(MarshmallowSchema): diff --git a/ereuse_devicehub/resources/action/models.py b/ereuse_devicehub/resources/action/models.py index cc999136..53e1bf6c 100644 --- a/ereuse_devicehub/resources/action/models.py +++ b/ereuse_devicehub/resources/action/models.py @@ -523,11 +523,14 @@ class EraseSectors(EraseBasic): def get_public_name(self): steps_random = 0 steps_zeros = 0 + steps_encrypted = 0 for s in self.steps: if s.type == 'StepRandom': steps_random += 1 if s.type == 'StepZero': steps_zeros += 1 + if s.type == 'StepEncrypted': + steps_encrypted += 1 if steps_zeros == 0 and steps_random == 1: return "Basic" @@ -651,6 +654,10 @@ class StepRandom(Step): pass +class StepEncrypted(Step): + pass + + class Snapshot(JoinedWithOneDeviceMixin, ActionWithOneDevice): """The Snapshot sets the physical information of the device (S/N, model...) and updates it with erasures, benchmarks, ratings, and tests; updates the diff --git a/ereuse_devicehub/resources/enums.py b/ereuse_devicehub/resources/enums.py index 8662bfa8..d637012b 100644 --- a/ereuse_devicehub/resources/enums.py +++ b/ereuse_devicehub/resources/enums.py @@ -379,6 +379,14 @@ class ErasureStandards(Enum): And be an :class:`ereuse_devicehub.resources.action.models.EraseSectors`. """ + NIST = "Infosec HGM Baseline" + """Method for securely erasing data in compliance with HMG Infosec Standard 5 + guidelines includes a single step of a random write process on the full disk. + This process overwrites all data with a randomized pattern, ensuring that + it cannot be recovered. Built-in validation confirms that the data has been + written correctly, and a final validation confirms that all data has been deleted. + """ + def __str__(self): return self.value