fixed two memory leaks
[strongswan.git] / src / libpts / pts / components / ita / ita_comp_tboot.c
1 /*
2 * Copyright (C) 2011 Andreas Steffen
3 *
4 * HSR Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "ita_comp_tboot.h"
18 #include "ita_comp_func_name.h"
19
20 #include "pts/components/pts_component.h"
21
22 #include <debug.h>
23 #include <pen/pen.h>
24
25 typedef struct pts_ita_comp_tboot_t pts_ita_comp_tboot_t;
26
27 /**
28 * Private data of a pts_ita_comp_tboot_t object.
29 *
30 */
31 struct pts_ita_comp_tboot_t {
32
33 /**
34 * Public pts_component_t interface.
35 */
36 pts_component_t public;
37
38 /**
39 * Component Functional Name
40 */
41 pts_comp_func_name_t *name;
42
43 /**
44 * Extended PCR last handled
45 */
46 u_int32_t extended_pcr;
47
48 /**
49 * Time of TBOOT measurement
50 */
51 time_t measurement_time;
52
53 };
54
55 METHOD(pts_component_t, get_comp_func_name, pts_comp_func_name_t*,
56 pts_ita_comp_tboot_t *this)
57 {
58 return this->name;
59 }
60
61 METHOD(pts_component_t, get_evidence_flags, u_int8_t,
62 pts_ita_comp_tboot_t *this)
63 {
64 return PTS_REQ_FUNC_COMP_FLAG_PCR;
65 }
66
67 METHOD(pts_component_t, measure, status_t,
68 pts_ita_comp_tboot_t *this, pts_t *pts, pts_comp_evidence_t **evidence)
69 {
70 pts_comp_evidence_t *evid;
71 char *meas_hex, *pcr_before_hex, *pcr_after_hex;
72 chunk_t measurement, pcr_before, pcr_after;
73
74 switch (this->extended_pcr)
75 {
76 case 0:
77 /* dummy data since currently the TBOOT log is not retrieved */
78 time(&this->measurement_time);
79 meas_hex = lib->settings->get_str(lib->settings,
80 "libimcv.plugins.imc-attestation.pcr17_meas", NULL);
81 pcr_before_hex = lib->settings->get_str(lib->settings,
82 "libimcv.plugins.imc-attestation.pcr17_before", NULL);
83 pcr_after_hex = lib->settings->get_str(lib->settings,
84 "libimcv.plugins.imc-attestation.pcr17_after", NULL);
85 this->extended_pcr = PCR_TBOOT_POLICY;
86 break;
87 case PCR_TBOOT_POLICY:
88 /* dummy data since currently the TBOOT log is not retrieved */
89 meas_hex = lib->settings->get_str(lib->settings,
90 "libimcv.plugins.imc-attestation.pcr18_meas", NULL);
91 pcr_before_hex = lib->settings->get_str(lib->settings,
92 "libimcv.plugins.imc-attestation.pcr18_before", NULL);
93 pcr_after_hex = lib->settings->get_str(lib->settings,
94 "libimcv.plugins.imc-attestation.pcr18_after", NULL);
95 this->extended_pcr = PCR_TBOOT_MLE;
96 break;
97 default:
98 return FAILED;
99 }
100
101 measurement = chunk_from_hex(
102 chunk_create(meas_hex, strlen(meas_hex)), NULL);
103 pcr_before = chunk_from_hex(
104 chunk_create(pcr_before_hex, strlen(pcr_before_hex)), NULL);
105 pcr_after = chunk_from_hex(
106 chunk_create(pcr_after_hex, strlen(pcr_after_hex)), NULL);
107
108 evid = *evidence = pts_comp_evidence_create(this->name->clone(this->name),
109 0, this->extended_pcr,
110 PTS_MEAS_ALGO_SHA1, PTS_PCR_TRANSFORM_NO,
111 this->measurement_time, measurement);
112 evid->set_pcr_info(evid, pcr_before, pcr_after);
113
114 return (this->extended_pcr == PCR_TBOOT_MLE) ? SUCCESS : NEED_MORE;
115 }
116
117 METHOD(pts_component_t, verify, status_t,
118 pts_ita_comp_tboot_t *this, pts_t *pts, pts_database_t *pts_db,
119 pts_comp_evidence_t *evidence)
120 {
121 bool has_pcr_info;
122 u_int32_t extended_pcr;
123 pts_meas_algorithms_t algo;
124 pts_pcr_transform_t transform;
125 time_t measurement_time;
126 chunk_t measurement, pcr_before, pcr_after;
127 pcr_entry_t *entry;
128
129 switch (this->extended_pcr)
130 {
131 case 0:
132 this->extended_pcr = PCR_TBOOT_POLICY;
133 break;
134 case PCR_TBOOT_POLICY:
135 this->extended_pcr = PCR_TBOOT_MLE;
136 break;
137 default:
138 return FAILED;
139 }
140
141 measurement = evidence->get_measurement(evidence, &extended_pcr,
142 &algo, &transform, &measurement_time);
143 if (extended_pcr != this->extended_pcr)
144 {
145 return FAILED;
146 }
147
148 /* TODO check measurement in database */
149
150 has_pcr_info = evidence->get_pcr_info(evidence, &pcr_before, &pcr_after);
151 if (has_pcr_info)
152 {
153 entry = malloc_thing(pcr_entry_t);
154 entry->pcr_number = extended_pcr;
155 memcpy(entry->pcr_value, pcr_after.ptr, PCR_LEN);
156 pts->add_pcr_entry(pts, entry);
157 }
158
159 return (this->extended_pcr == PCR_TBOOT_MLE) ? SUCCESS : NEED_MORE;
160 }
161
162 METHOD(pts_component_t, destroy, void,
163 pts_ita_comp_tboot_t *this)
164 {
165 this->name->destroy(this->name);
166 free(this);
167 }
168
169 /**
170 * See header
171 */
172 pts_component_t *pts_ita_comp_tboot_create(u_int8_t qualifier)
173 {
174 pts_ita_comp_tboot_t *this;
175
176 INIT(this,
177 .public = {
178 .get_comp_func_name = _get_comp_func_name,
179 .get_evidence_flags = _get_evidence_flags,
180 .measure = _measure,
181 .verify = _verify,
182 .destroy = _destroy,
183 },
184 .name = pts_comp_func_name_create(PEN_ITA, PTS_ITA_COMP_FUNC_NAME_TBOOT,
185 qualifier),
186 );
187
188 return &this->public;
189 }
190