moved attestation plugins to libpts in order to resolve circular reference with libimcv
[strongswan.git] / src / libpts / plugins / imv_attestation / imv_attestation.c
1 /*
2 * Copyright (C) 2011 Sansar Choinyambuu
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "imv_attestation_state.h"
17 #include "imv_attestation_process.h"
18 #include "imv_attestation_build.h"
19
20 #include <imv/imv_agent.h>
21 #include <pa_tnc/pa_tnc_msg.h>
22 #include <ietf/ietf_attr.h>
23 #include <ietf/ietf_attr_pa_tnc_error.h>
24 #include <ietf/ietf_attr_product_info.h>
25
26 #include <libpts.h>
27
28 #include <pts/pts.h>
29 #include <pts/pts_database.h>
30 #include <pts/pts_creds.h>
31
32 #include <tcg/tcg_attr.h>
33
34 #include <tncif_pa_subtypes.h>
35
36 #include <pen/pen.h>
37 #include <debug.h>
38 #include <credentials/credential_manager.h>
39 #include <utils/linked_list.h>
40
41 /* IMV definitions */
42
43 static const char imv_name[] = "Attestation";
44
45 #define IMV_VENDOR_ID PEN_TCG
46 #define IMV_SUBTYPE PA_SUBTYPE_TCG_PTS
47
48 static imv_agent_t *imv_attestation;
49
50 /**
51 * Supported PTS measurement algorithms
52 */
53 static pts_meas_algorithms_t supported_algorithms = PTS_MEAS_ALGO_NONE;
54
55 /**
56 * Supported PTS Diffie Hellman Groups
57 */
58 static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE;
59
60 /**
61 * Supported PTS Diffie Hellman Groups
62 */
63 static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE;
64
65 /**
66 * PTS file measurement database
67 */
68 static pts_database_t *pts_db;
69
70 /**
71 * PTS credentials
72 */
73 static pts_creds_t *pts_creds;
74
75 /**
76 * PTS credential manager
77 */
78 static credential_manager_t *pts_credmgr;
79
80 /**
81 * see section 3.7.1 of TCG TNC IF-IMV Specification 1.2
82 */
83 TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
84 TNC_Version min_version,
85 TNC_Version max_version,
86 TNC_Version *actual_version)
87 {
88 char *hash_alg, *dh_group, *uri, *cadir;
89
90 if (imv_attestation)
91 {
92 DBG1(DBG_IMV, "IMV \"%s\" has already been initialized", imv_name);
93 return TNC_RESULT_ALREADY_INITIALIZED;
94 }
95 if (!pts_meas_algo_probe(&supported_algorithms) ||
96 !pts_dh_group_probe(&supported_dh_groups))
97 {
98 return TNC_RESULT_FATAL;
99 }
100 if (!pts_probe_dh_groups(&supported_dh_groups))
101 {
102 return TNC_RESULT_FATAL;
103 }
104 imv_attestation = imv_agent_create(imv_name, IMV_VENDOR_ID, IMV_SUBTYPE,
105 imv_id, actual_version);
106 if (!imv_attestation)
107 {
108 return TNC_RESULT_FATAL;
109 }
110
111 libpts_init();
112
113 if (min_version > TNC_IFIMV_VERSION_1 || max_version < TNC_IFIMV_VERSION_1)
114 {
115 DBG1(DBG_IMV, "no common IF-IMV version");
116 return TNC_RESULT_NO_COMMON_VERSION;
117 }
118
119 hash_alg = lib->settings->get_str(lib->settings,
120 "libimcv.plugins.imv-attestation.hash_algorithm", "sha256");
121 dh_group = lib->settings->get_str(lib->settings,
122 "libimcv.plugins.imv-attestation.dh_group", "ecp256");
123
124 if (!pts_meas_algo_update(hash_alg, &supported_algorithms) ||
125 !pts_dh_group_update(dh_group, &supported_dh_groups))
126 {
127 return TNC_RESULT_FATAL;
128 }
129
130 /**
131 * Specify supported PTS Diffie-Hellman groups
132 *
133 * modp1024: PTS_DH_GROUP_IKE2
134 * modp1536: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5
135 * modp2048: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14
136 * ecp256: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 |
137 * PTS_DH_GROUP_IKE19
138 * ecp384: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 |
139 * PTS_DH_GROUP_IKE19 | PTS_DH_GROUP_IKE20
140 *
141 * we expect the PTS-IMC to select the strongest supported group
142 */
143 dh_group = lib->settings->get_str(lib->settings,
144 "libimcv.plugins.imv-attestation.dh_group", "ecp256");
145
146 if (!pts_meas_algo_update(hash_alg, &supported_algorithms) ||
147 !pts_dh_group_update(dh_group, &supported_dh_groups))
148 {
149 return TNC_RESULT_FATAL;
150 }
151
152 /* create a PTS credential manager */
153 pts_credmgr = credential_manager_create();
154
155 /* create PTS credential set */
156 cadir = lib->settings->get_str(lib->settings,
157 "libimcv.plugins.imv-attestation.cadir", NULL);
158 pts_creds = pts_creds_create(cadir);
159 if (pts_creds)
160 {
161 pts_credmgr->add_set(pts_credmgr, pts_creds->get_set(pts_creds));
162 }
163
164 /* attach file measurement database */
165 uri = lib->settings->get_str(lib->settings,
166 "libimcv.plugins.imv-attestation.database", NULL);
167 pts_db = pts_database_create(uri);
168
169 return TNC_RESULT_SUCCESS;
170 }
171
172 /**
173 * see section 3.7.2 of TCG TNC IF-IMV Specification 1.2
174 */
175 TNC_Result TNC_IMV_NotifyConnectionChange(TNC_IMVID imv_id,
176 TNC_ConnectionID connection_id,
177 TNC_ConnectionState new_state)
178 {
179 imv_state_t *state;
180
181 if (!imv_attestation)
182 {
183 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
184 return TNC_RESULT_NOT_INITIALIZED;
185 }
186 switch (new_state)
187 {
188 case TNC_CONNECTION_STATE_CREATE:
189 state = imv_attestation_state_create(connection_id);
190 return imv_attestation->create_state(imv_attestation, state);
191 case TNC_CONNECTION_STATE_DELETE:
192 return imv_attestation->delete_state(imv_attestation, connection_id);
193 case TNC_CONNECTION_STATE_HANDSHAKE:
194 default:
195 return imv_attestation->change_state(imv_attestation, connection_id,
196 new_state, NULL);
197 }
198 }
199
200 static TNC_Result send_message(TNC_ConnectionID connection_id)
201 {
202 pa_tnc_msg_t *msg;
203 imv_state_t *state;
204 imv_attestation_state_t *attestation_state;
205 TNC_Result result;
206
207 if (!imv_attestation->get_state(imv_attestation, connection_id, &state))
208 {
209 return TNC_RESULT_FATAL;
210 }
211 attestation_state = (imv_attestation_state_t*)state;
212 msg = pa_tnc_msg_create();
213
214 <<<<<<< HEAD
215 if (imv_attestation_build(msg, attestation_state, supported_algorithms,
216 supported_dh_groups, pts_db))
217 {
218 msg->build(msg);
219 result = imv_attestation->send_message(imv_attestation, connection_id,
220 msg->get_encoding(msg));
221 =======
222 if (handshake_state == IMV_ATTESTATION_STATE_NONCE_REQ &&
223 !(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T))
224 {
225 DBG1(DBG_IMV, "PTS-IMC has no TPM capability - "
226 "advancing to PTS measurement phase");
227 handshake_state = IMV_ATTESTATION_STATE_MEAS;
228 >>>>>>> added the IMV_ATTESTATION_STATE_NONCE_REQ state
229 }
230 else
231 {
232 <<<<<<< HEAD
233 result = TNC_RESULT_FATAL;
234 =======
235 case IMV_ATTESTATION_STATE_INIT:
236 {
237 pts_proto_caps_flag_t flags;
238
239 /* Send Request Protocol Capabilities attribute */
240 flags = pts->get_proto_caps(pts);
241 attr = tcg_pts_attr_proto_caps_create(flags, TRUE);
242 attr->set_noskip_flag(attr, TRUE);
243 msg->add_attribute(msg, attr);
244
245 /* Send Measurement Algorithms attribute */
246 attr = tcg_pts_attr_meas_algo_create(supported_algorithms, FALSE);
247 attr->set_noskip_flag(attr, TRUE);
248 msg->add_attribute(msg, attr);
249
250 attestation_state->set_handshake_state(attestation_state,
251 IMV_ATTESTATION_STATE_NONCE_REQ);
252 break;
253 }
254 case IMV_ATTESTATION_STATE_NONCE_REQ:
255 {
256 int min_nonce_len;
257
258 /* Send DH nonce parameters request attribute */
259 min_nonce_len = lib->settings->get_int(lib->settings,
260 "libimcv.plugins.imv-attestation.min_nonce_len", 0);
261 attr = tcg_pts_attr_dh_nonce_params_req_create(min_nonce_len,
262 supported_dh_groups);
263 attr->set_noskip_flag(attr, TRUE);
264 msg->add_attribute(msg, attr);
265
266 attestation_state->set_handshake_state(attestation_state,
267 IMV_ATTESTATION_STATE_TPM_INIT);
268 break;
269 }
270 case IMV_ATTESTATION_STATE_TPM_INIT:
271 {
272 pts_meas_algorithms_t selected_algorithm;
273 chunk_t initiator_value, initiator_nonce;
274
275 /* Send DH nonce finish attribute */
276 selected_algorithm = pts->get_meas_algorithm(pts);
277 pts->get_my_public_value(pts, &initiator_value, &initiator_nonce);
278 attr = tcg_pts_attr_dh_nonce_finish_create(selected_algorithm,
279 initiator_value, initiator_nonce);
280 attr->set_noskip_flag(attr, TRUE);
281 msg->add_attribute(msg, attr);
282
283 /* Send Get TPM Version attribute */
284 attr = tcg_pts_attr_get_tpm_version_info_create();
285 attr->set_noskip_flag(attr, TRUE);
286 msg->add_attribute(msg, attr);
287
288 /* Send Get AIK attribute */
289 attr = tcg_pts_attr_get_aik_create();
290 attr->set_noskip_flag(attr, TRUE);
291 msg->add_attribute(msg, attr);
292
293 attestation_state->set_handshake_state(attestation_state,
294 IMV_ATTESTATION_STATE_MEAS);
295 break;
296 }
297 case IMV_ATTESTATION_STATE_MEAS:
298 {
299
300 enumerator_t *enumerator;
301 u_int32_t delimiter = SOLIDUS_UTF;
302 char *platform_info, *pathname;
303 u_int16_t request_id;
304 int id, type;
305 bool is_dir;
306
307 attestation_state->set_handshake_state(attestation_state,
308 IMV_ATTESTATION_STATE_COMP_EVID);
309
310 /* Get Platform and OS of the PTS-IMC */
311 platform_info = pts->get_platform_info(pts);
312
313 if (!pts_db || !platform_info)
314 {
315 DBG1(DBG_IMV, "%s%s%s not available",
316 (pts_db) ? "" : "pts database",
317 (!pts_db && !platform_info) ? "and" : "",
318 (platform_info) ? "" : "platform info");
319 break;
320 }
321 DBG1(DBG_IMV, "platform is '%s'", platform_info);
322
323 /* Send Request File Metadata attribute */
324 attr = tcg_pts_attr_req_file_meta_create(FALSE, SOLIDUS_UTF, "/etc/tnc_config");
325 attr->set_noskip_flag(attr, TRUE);
326 msg->add_attribute(msg, attr);
327
328 /* Send Request File Measurement attribute */
329 enumerator = pts_db->create_file_enumerator(pts_db, platform_info);
330 if (!enumerator)
331 {
332 break;
333 }
334 while (enumerator->enumerate(enumerator, &id, &type, &pathname))
335 {
336 is_dir = (type != 0);
337 request_id = attestation_state->add_request(attestation_state,
338 id, is_dir);
339 DBG2(DBG_IMV, "measurement request %d for %s '%s'",
340 request_id, is_dir ? "directory" : "file", pathname);
341 attr = tcg_pts_attr_req_file_meas_create(is_dir, request_id,
342 delimiter, pathname);
343 attr->set_noskip_flag(attr, TRUE);
344 msg->add_attribute(msg, attr);
345 }
346 enumerator->destroy(enumerator);
347 break;
348 }
349 case IMV_ATTESTATION_STATE_COMP_EVID:
350 {
351 pts_attr_req_funct_comp_evid_flag_t flags;
352 u_int32_t sub_comp_depth;
353 pts_qualifier_t qualifier;
354 pts_funct_comp_name_t name;
355
356 attestation_state->set_handshake_state(attestation_state,
357 IMV_ATTESTATION_STATE_END);
358
359 flags = PTS_REQ_FUNC_COMP_FLAG_PCR;
360 sub_comp_depth = 0;
361 qualifier.kernel = FALSE;
362 qualifier.sub_component = FALSE;
363 qualifier.type = PTS_FUNC_COMP_TYPE_ALL;
364 name = PTS_FUNC_COMP_NAME_BIOS;
365
366 /* Send Request Functional Component Evidence attribute */
367 attr = tcg_pts_attr_req_funct_comp_evid_create(flags, sub_comp_depth,
368 PEN_TCG, qualifier, name);
369 attr->set_noskip_flag(attr, TRUE);
370 msg->add_attribute(msg, attr);
371 /* Send Generate Attestation Evidence attribute */
372 attr = tcg_pts_attr_gen_attest_evid_create();
373 attr->set_noskip_flag(attr, TRUE);
374 msg->add_attribute(msg, attr);
375
376 break;
377 }
378 default:
379 DBG1(DBG_IMV, "Attestation IMV is in unknown state: \"%s\"",
380 handshake_state);
381 return TNC_RESULT_FATAL;
382 >>>>>>> added the IMV_ATTESTATION_STATE_NONCE_REQ state
383 }
384 msg->destroy(msg);
385
386 return result;
387 }
388
389 /**
390 * see section 3.7.3 of TCG TNC IF-IMV Specification 1.2
391 */
392 TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
393 TNC_ConnectionID connection_id,
394 TNC_BufferReference msg,
395 TNC_UInt32 msg_len,
396 TNC_MessageType msg_type)
397 {
398 pa_tnc_msg_t *pa_tnc_msg;
399 pa_tnc_attr_t *attr;
400 linked_list_t *attr_list;
401 imv_state_t *state;
402 imv_attestation_state_t *attestation_state;
403 pts_t *pts;
404 enumerator_t *enumerator;
405 TNC_Result result;
406
407 if (!imv_attestation)
408 {
409 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
410 return TNC_RESULT_NOT_INITIALIZED;
411 }
412
413 /* get current IMV state */
414 if (!imv_attestation->get_state(imv_attestation, connection_id, &state))
415 {
416 return TNC_RESULT_FATAL;
417 }
418 attestation_state = (imv_attestation_state_t*)state;
419 pts = attestation_state->get_pts(attestation_state);
420
421 /* parse received PA-TNC message and automatically handle any errors */
422 result = imv_attestation->receive_message(imv_attestation, connection_id,
423 chunk_create(msg, msg_len), msg_type,
424 &pa_tnc_msg);
425
426 /* no parsed PA-TNC attributes available if an error occurred */
427 if (!pa_tnc_msg)
428 {
429 return result;
430 }
431
432 attr_list = linked_list_create();
433 result = TNC_RESULT_SUCCESS;
434
435 /* analyze PA-TNC attributes */
436 enumerator = pa_tnc_msg->create_attribute_enumerator(pa_tnc_msg);
437 while (enumerator->enumerate(enumerator, &attr))
438 {
439 if (attr->get_vendor_id(attr) == PEN_IETF)
440 {
441 if (attr->get_type(attr) == IETF_ATTR_PA_TNC_ERROR)
442 {
443 ietf_attr_pa_tnc_error_t *error_attr;
444 pen_t error_vendor_id;
445 pa_tnc_error_code_t error_code;
446 chunk_t msg_info, attr_info;
447 u_int32_t offset;
448
449 error_attr = (ietf_attr_pa_tnc_error_t*)attr;
450 error_vendor_id = error_attr->get_vendor_id(error_attr);
451 error_code = error_attr->get_error_code(error_attr);
452 msg_info = error_attr->get_msg_info(error_attr);
453
454 if (error_vendor_id == PEN_IETF)
455 {
456 DBG1(DBG_IMV, "received PA-TNC error '%N' "
457 "concerning message %#B",
458 pa_tnc_error_code_names, error_code, &msg_info);
459
460 switch (error_code)
461 {
462 case PA_ERROR_INVALID_PARAMETER:
463 offset = error_attr->get_offset(error_attr);
464 DBG1(DBG_IMV, " occurred at offset of %u bytes",
465 offset);
466 break;
467 case PA_ERROR_ATTR_TYPE_NOT_SUPPORTED:
468 attr_info = error_attr->get_attr_info(error_attr);
469 DBG1(DBG_IMV, " unsupported attribute %#B",
470 &attr_info);
471 break;
472 default:
473 break;
474 }
475 }
476 else if (error_vendor_id == PEN_TCG)
477 {
478 DBG1(DBG_IMV, "received TCG-PTS error '%N'",
479 pts_error_code_names, error_code);
480 DBG1(DBG_IMV, "error information: %B", &msg_info);
481 }
482 result = TNC_RESULT_FATAL;
483 }
484 else if (attr->get_type(attr) == IETF_ATTR_PRODUCT_INFORMATION)
485 {
486 ietf_attr_product_info_t *attr_cast;
487 char *platform_info;
488
489 attr_cast = (ietf_attr_product_info_t*)attr;
490 platform_info = attr_cast->get_info(attr_cast, NULL, NULL);
491 pts->set_platform_info(pts, platform_info);
492 }
493 }
494 else if (attr->get_vendor_id(attr) == PEN_TCG)
495 {
496 if (!imv_attestation_process(attr, attr_list, attestation_state,
497 supported_algorithms,supported_dh_groups, pts_db, pts_credmgr))
498 {
499 result = TNC_RESULT_FATAL;
500 break;
501 }
502 }
503 }
504 enumerator->destroy(enumerator);
505 pa_tnc_msg->destroy(pa_tnc_msg);
506
507 if (result != TNC_RESULT_SUCCESS)
508 {
509 attr_list->destroy(attr_list);
510 state->set_recommendation(state,
511 TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
512 TNC_IMV_EVALUATION_RESULT_ERROR);
513 return imv_attestation->provide_recommendation(imv_attestation,
514 connection_id);
515 }
516
517 if (attr_list->get_count(attr_list))
518 {
519 pa_tnc_msg = pa_tnc_msg_create();
520
521 enumerator = attr_list->create_enumerator(attr_list);
522 while (enumerator->enumerate(enumerator, &attr))
523 {
524 pa_tnc_msg->add_attribute(pa_tnc_msg, attr);
525 }
526 enumerator->destroy(enumerator);
527
528 pa_tnc_msg->build(pa_tnc_msg);
529 result = imv_attestation->send_message(imv_attestation, connection_id,
530 pa_tnc_msg->get_encoding(pa_tnc_msg));
531
532 pa_tnc_msg->destroy(pa_tnc_msg);
533 attr_list->destroy(attr_list);
534
535 return result;
536 }
537 attr_list->destroy(attr_list);
538
539 if (attestation_state->get_handshake_state(attestation_state) ==
540 IMV_ATTESTATION_STATE_END)
541 {
542 if (attestation_state->get_file_meas_request_count(attestation_state))
543 {
544 DBG1(DBG_IMV, "failure due to %d pending file measurements",
545 attestation_state->get_file_meas_request_count(attestation_state));
546 attestation_state->set_measurement_error(attestation_state);
547 }
548 if (attestation_state->get_component_count(attestation_state))
549 {
550 DBG1(DBG_IMV, "failure due to %d components waiting for evidence",
551 attestation_state->get_component_count(attestation_state));
552 attestation_state->set_measurement_error(attestation_state);
553 }
554 if (attestation_state->get_measurement_error(attestation_state))
555 {
556 state->set_recommendation(state,
557 TNC_IMV_ACTION_RECOMMENDATION_ISOLATE,
558 TNC_IMV_EVALUATION_RESULT_NONCOMPLIANT_MAJOR);
559 }
560 else
561 {
562 state->set_recommendation(state,
563 TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
564 TNC_IMV_EVALUATION_RESULT_COMPLIANT);
565 }
566 return imv_attestation->provide_recommendation(imv_attestation,
567 connection_id);
568 }
569
570 return send_message(connection_id);
571 }
572
573 /**
574 * see section 3.7.4 of TCG TNC IF-IMV Specification 1.2
575 */
576 TNC_Result TNC_IMV_SolicitRecommendation(TNC_IMVID imv_id,
577 TNC_ConnectionID connection_id)
578 {
579 if (!imv_attestation)
580 {
581 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
582 return TNC_RESULT_NOT_INITIALIZED;
583 }
584 return imv_attestation->provide_recommendation(imv_attestation,
585 connection_id);
586 }
587
588 /**
589 * see section 3.7.5 of TCG TNC IF-IMV Specification 1.2
590 */
591 TNC_Result TNC_IMV_BatchEnding(TNC_IMVID imv_id,
592 TNC_ConnectionID connection_id)
593 {
594 imv_state_t *state;
595 imv_attestation_state_t *attestation_state;
596
597 if (!imv_attestation)
598 {
599 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
600 return TNC_RESULT_NOT_INITIALIZED;
601 }
602 /* get current IMV state */
603 if (!imv_attestation->get_state(imv_attestation, connection_id, &state))
604 {
605 return TNC_RESULT_FATAL;
606 }
607 attestation_state = (imv_attestation_state_t*)state;
608
609 /* Check if IMV has to initiate the PA-TNC exchange */
610 if (attestation_state->get_handshake_state(attestation_state) ==
611 IMV_ATTESTATION_STATE_INIT)
612 {
613 return send_message(connection_id);
614 }
615 return TNC_RESULT_SUCCESS;
616 }
617
618 /**
619 * see section 3.7.6 of TCG TNC IF-IMV Specification 1.2
620 */
621 TNC_Result TNC_IMV_Terminate(TNC_IMVID imv_id)
622 {
623 if (!imv_attestation)
624 {
625 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
626 return TNC_RESULT_NOT_INITIALIZED;
627 }
628 if (pts_creds)
629 {
630 pts_credmgr->remove_set(pts_credmgr, pts_creds->get_set(pts_creds));
631 pts_creds->destroy(pts_creds);
632 }
633 DESTROY_IF(pts_db);
634 DESTROY_IF(pts_credmgr);
635
636 libpts_deinit();
637
638 imv_attestation->destroy(imv_attestation);
639 imv_attestation = NULL;
640
641 return TNC_RESULT_SUCCESS;
642 }
643
644 /**
645 * see section 4.2.8.1 of TCG TNC IF-IMV Specification 1.2
646 */
647 TNC_Result TNC_IMV_ProvideBindFunction(TNC_IMVID imv_id,
648 TNC_TNCS_BindFunctionPointer bind_function)
649 {
650 if (!imv_attestation)
651 {
652 DBG1(DBG_IMV, "IMV \"%s\" has not been initialized", imv_name);
653 return TNC_RESULT_NOT_INITIALIZED;
654 }
655 return imv_attestation->bind_functions(imv_attestation, bind_function);
656 }