projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
imv-attestation: Fix memory leaks when creating functional components
[strongswan.git] / src / libimcv / plugins / imv_attestation / imv_attestation_state.h
1 /*
2 * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup imv_attestation imv_attestation
18 * @ingroup libimcv_plugins
19 *
20 * @defgroup imv_attestation_state_t imv_attestation_state
21 * @{ @ingroup imv_attestation
22 */
23
24 #ifndef IMV_ATTESTATION_STATE_H_
25 #define IMV_ATTESTATION_STATE_H_
26
27 #include <imv/imv_state.h>
28 #include <imv/imv_reason_string.h>
29 #include <pts/pts.h>
30 #include <pts/pts_database.h>
31 #include <pts/components/pts_component.h>
32
33 #include <library.h>
34 #include <bio/bio_writer.h>
35
36 typedef struct imv_attestation_state_t imv_attestation_state_t;
37 typedef enum imv_attestation_flag_t imv_attestation_flag_t;
38 typedef enum imv_attestation_handshake_state_t imv_attestation_handshake_state_t;
39 typedef enum imv_meas_error_t imv_meas_error_t;
40
41 /**
42 * IMV Attestation Flags set for completed actions
43 */
44 enum imv_attestation_flag_t {
45 IMV_ATTESTATION_ATTR_PRODUCT_INFO = (1<<0),
46 IMV_ATTESTATION_ATTR_STRING_VERSION = (1<<1),
47 IMV_ATTESTATION_ATTR_DEVICE_ID = (1<<2),
48 IMV_ATTESTATION_ATTR_MUST = (1<<3)-1,
49 IMV_ATTESTATION_ATTR_REQ = (1<<3),
50 IMV_ATTESTATION_ALGO = (1<<4),
51 IMV_ATTESTATION_DH_NONCE = (1<<5),
52 IMV_ATTESTATION_AIK = (1<<6),
53 IMV_ATTESTATION_FILE_MEAS = (1<<7),
54 IMV_ATTESTATION_REC = (1<<8)
55 };
56
57 /**
58 * IMV Attestation Handshake States (state machine)
59 */
60 enum imv_attestation_handshake_state_t {
61 IMV_ATTESTATION_STATE_INIT,
62 IMV_ATTESTATION_STATE_DISCOVERY,
63 IMV_ATTESTATION_STATE_NONCE_REQ,
64 IMV_ATTESTATION_STATE_TPM_INIT,
65 IMV_ATTESTATION_STATE_COMP_EVID,
66 IMV_ATTESTATION_STATE_EVID_FINAL,
67 IMV_ATTESTATION_STATE_END,
68 };
69
70 /**
71 * IMV Measurement Error Types
72 */
73 enum imv_meas_error_t {
74 IMV_ATTESTATION_ERROR_FILE_MEAS_FAIL = 1,
75 IMV_ATTESTATION_ERROR_FILE_MEAS_PEND = 2,
76 IMV_ATTESTATION_ERROR_NO_TRUSTED_AIK = 4,
77 IMV_ATTESTATION_ERROR_COMP_EVID_FAIL = 8,
78 IMV_ATTESTATION_ERROR_COMP_EVID_PEND = 16,
79 IMV_ATTESTATION_ERROR_TPM_QUOTE_FAIL = 32
80 };
81
82 /**
83 * Internal state of an imv_attestation_t connection instance
84 */
85 struct imv_attestation_state_t {
86
87 /**
88 * imv_state_t interface
89 */
90 imv_state_t interface;
91
92 /**
93 * Get state of the handshake
94 *
95 * @return the handshake state of IMV
96 */
97 imv_attestation_handshake_state_t (*get_handshake_state)(
98 imv_attestation_state_t *this);
99
100 /**
101 * Set state of the handshake
102 *
103 * @param new_state the handshake state of IMV
104 */
105 void (*set_handshake_state)(imv_attestation_state_t *this,
106 imv_attestation_handshake_state_t new_state);
107
108 /**
109 * Get the PTS object
110 *
111 * @return PTS object
112 */
113 pts_t* (*get_pts)(imv_attestation_state_t *this);
114
115 /**
116 * Create and add an entry to the list of Functional Components
117 *
118 * @param name Component Functional Name (cloned)
119 * @param depth Sub-component Depth
120 * @param pts_db PTS measurement database
121 * @return created functional component instance or NULL
122 */
123 pts_component_t* (*create_component)(imv_attestation_state_t *this,
124 pts_comp_func_name_t *name,
125 uint32_t depth,
126 pts_database_t *pts_db);
127
128 /**
129 * Enumerate over all Functional Components
130 *
131 * @return Functional Component enumerator
132 */
133 enumerator_t* (*create_component_enumerator)(imv_attestation_state_t *this);
134
135 /**
136 * Get a Functional Component with a given name
137 *
138 * @param name Name of the requested Functional Component
139 * @return Functional Component if found, NULL otherwise
140 */
141 pts_component_t* (*get_component)(imv_attestation_state_t *this,
142 pts_comp_func_name_t *name);
143
144 /**
145 * Tell the Functional Components to finalize any measurement registrations
146 * and to check if all expected measurements were received
147 *
148 * @param result Writer appending component measurement results
149 */
150 void (*finalize_components)(imv_attestation_state_t *this,
151 bio_writer_t *result);
152
153 /**
154 * Indicates the types of measurement errors that occurred
155 *
156 * @return Measurement error flags
157 */
158 uint32_t (*get_measurement_error)(imv_attestation_state_t *this);
159
160 /**
161 * Call if a measurement error is encountered
162 *
163 * @param error Measurement error type
164 */
165 void (*set_measurement_error)(imv_attestation_state_t *this,
166 uint32_t error);
167
168 /**
169 * Returns a concatenation of File Measurement reason strings
170 *
171 * @param reason_string Concatenated reason strings
172 */
173 void (*add_file_meas_reasons)(imv_attestation_state_t *this,
174 imv_reason_string_t *reason_string);
175
176 /**
177 * Returns a concatenation of Component Evidence reason strings
178 *
179 * @param reason_string Concatenated reason strings
180 */
181 void (*add_comp_evid_reasons)(imv_attestation_state_t *this,
182 imv_reason_string_t *reason_string);
183 };
184
185 /**
186 * Create an imv_attestation_state_t instance
187 *
188 * @param id connection ID
189 */
190 imv_state_t* imv_attestation_state_create(TNC_ConnectionID id);
191
192 #endif /** IMV_ATTESTATION_STATE_H_ @}*/
strongSwan - IPsec VPN