parse and encrypted erasure

This commit is contained in:
Cayo Puigdefabregas 2023-07-19 18:26:21 +02:00
parent 24b59a920e
commit 765927cfd1
4 changed files with 48 additions and 9 deletions

View file

@ -74,7 +74,6 @@ class ParseSnapshot:
self.get_display()
self.get_sound_card()
self.get_networks()
self.get_networks()
def get_cpu(self):
for cpu in self.dmi.get('Processor'):
@ -99,6 +98,11 @@ class ParseSnapshot:
def get_ram(self):
for ram in self.dmi.get("Memory Device"):
if ram.get('size') == 'No Module Installed':
continue
if not ram.get("Speed"):
continue
self.components.append(
{
"actions": [],
@ -184,6 +188,7 @@ class ParseSnapshot:
def sanitize(self, disk):
disk_sanitize = None
# import pdb; pdb.set_trace()
for d in self.sanitize_raw:
s = d.get('device_info', {}).get('export_data', {})
s = s.get('block', {}).get('serial')
@ -194,8 +199,15 @@ class ParseSnapshot:
return []
steps = []
step_type = 'EraseBasic'
if disk.get('name') == 'Baseline Cryptographic':
step_type = 'EraseCrypto'
if disk.get('type') == 'EraseCrypto':
step_type = 'EraseCrypto'
erase = {
'type': 'EraseBasic',
'type': step_type,
'severity': disk_sanitize['severity'].name,
'steps': steps,
'startTime': None,
@ -398,13 +410,17 @@ class ParseSnapshot:
return slots
def get_ram_size(self, ram):
memory = ram.get("Size", "0")
memory = memory.split(' ')
if len(memory) > 1:
size = int(memory[0])
units = memory[1]
return base2.Quantity(size, units).to('MiB').m
return int(size.split(" ")[0])
try:
memory = ram.get("Size", "0")
memory = memory.split(' ')
if len(memory) > 1:
size = int(memory[0])
units = memory[1]
return base2.Quantity(size, units).to('MiB').m
return int(size.split(" ")[0])
except Exception as err:
logger.error("get_ram_size error: {}".format(err))
return 0
def get_ram_speed(self, ram):
size = ram.get("Speed", "0")
@ -631,6 +647,11 @@ class ParseSnapshotLsHw:
def get_ram(self):
for ram in self.dmi.get("Memory Device"):
if ram.get('size') == 'No Module Installed':
continue
if not ram.get("Speed"):
continue
self.components.append(
{
"actions": [],

View file

@ -33,6 +33,7 @@ class Steps(MarshmallowSchema):
@pre_load
def preload_datas(self, data: dict):
# import pdb; pdb.set_trace()
data['severity'] = Severity.Info.name
data.pop('duration', None)
data.pop('commands', None)
@ -45,6 +46,8 @@ class Steps(MarshmallowSchema):
if data.get('date_end'):
data['date_end'] = datetime.fromtimestamp(data['date_end']).isoformat()
else:
data['date_end'] = data['date_init']
class Sanitize(MarshmallowSchema):

View file

@ -523,11 +523,14 @@ class EraseSectors(EraseBasic):
def get_public_name(self):
steps_random = 0
steps_zeros = 0
steps_encrypted = 0
for s in self.steps:
if s.type == 'StepRandom':
steps_random += 1
if s.type == 'StepZero':
steps_zeros += 1
if s.type == 'StepEncrypted':
steps_encrypted += 1
if steps_zeros == 0 and steps_random == 1:
return "Basic"
@ -651,6 +654,10 @@ class StepRandom(Step):
pass
class StepEncrypted(Step):
pass
class Snapshot(JoinedWithOneDeviceMixin, ActionWithOneDevice):
"""The Snapshot sets the physical information of the device (S/N, model...)
and updates it with erasures, benchmarks, ratings, and tests; updates the

View file

@ -379,6 +379,14 @@ class ErasureStandards(Enum):
And be an :class:`ereuse_devicehub.resources.action.models.EraseSectors`.
"""
NIST = "Infosec HGM Baseline"
"""Method for securely erasing data in compliance with HMG Infosec Standard 5
guidelines includes a single step of a random write process on the full disk.
This process overwrites all data with a randomized pattern, ensuring that
it cannot be recovered. Built-in validation confirms that the data has been
written correctly, and a final validation confirms that all data has been deleted.
"""
def __str__(self):
return self.value