moved to debug level 3
[strongswan.git] / src / libpts / pts / components / pts_comp_evidence.c
1 /*
2 * Copyright (C) 2011 Sansar Choinyambuu, Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "pts/components/pts_comp_evidence.h"
17
18 #include <debug.h>
19
20 typedef struct private_pts_comp_evidence_t private_pts_comp_evidence_t;
21
22 /**
23 * Private data of a pts_comp_evidence_t object.
24 */
25 struct private_pts_comp_evidence_t {
26
27 /**
28 * Public pts_comp_evidence_t interface.
29 */
30 pts_comp_evidence_t public;
31
32 /**
33 * Component Functional Name
34 */
35 pts_comp_func_name_t *name;
36
37 /**
38 * Sub-Component Depth
39 */
40 u_int32_t depth;
41
42 /**
43 * Measurement Time
44 */
45 time_t measurement_time;
46
47 /**
48 * Measurement Time
49 */
50 chunk_t measurement;
51
52 /**
53 * Measurement Hash Algorithm
54 */
55 pts_meas_algorithms_t hash_algorithm;
56
57 /**
58 * Is PCR Information included?
59 */
60 bool has_pcr_info;
61
62 /**
63 * PCR the measurement was extended into
64 */
65 u_int32_t extended_pcr;
66
67 /**
68 * PCR value before extension
69 */
70 chunk_t pcr_before;
71
72 /**
73 * PCR value after extension
74 */
75 chunk_t pcr_after;
76
77 /**
78 * Transformation used for extending measurement into PCR
79 */
80 pts_pcr_transform_t transform;
81
82 /**
83 * Component Validation Result
84 */
85 pts_comp_evid_validation_t validation;
86
87 /**
88 * Verification Policy URI
89 */
90 chunk_t policy_uri;
91
92 };
93
94 METHOD(pts_comp_evidence_t, get_comp_func_name, pts_comp_func_name_t*,
95 private_pts_comp_evidence_t *this, u_int32_t *depth)
96 {
97 if (depth)
98 {
99 *depth = this->depth;
100 }
101 return this->name;
102 }
103
104 METHOD(pts_comp_evidence_t, get_extended_pcr, u_int32_t,
105 private_pts_comp_evidence_t *this)
106 {
107 return this->extended_pcr;
108 }
109
110 METHOD(pts_comp_evidence_t, get_measurement, chunk_t,
111 private_pts_comp_evidence_t *this, u_int32_t *extended_pcr,
112 pts_meas_algorithms_t *algo, pts_pcr_transform_t *transform,
113 time_t *measurement_time)
114 {
115 if (extended_pcr)
116 {
117 *extended_pcr = this->extended_pcr;
118 }
119 if (algo)
120 {
121 *algo = this->hash_algorithm;
122 }
123 if (transform)
124 {
125 *transform = this->transform;
126 }
127 if (measurement_time)
128 {
129 *measurement_time = this->measurement_time;
130 }
131 return this->measurement;
132 }
133
134 METHOD(pts_comp_evidence_t, get_pcr_info, bool,
135 private_pts_comp_evidence_t *this, chunk_t *pcr_before, chunk_t *pcr_after)
136 {
137 if (pcr_before)
138 {
139 *pcr_before = this->pcr_before;
140 }
141 if (pcr_after)
142 {
143 *pcr_after = this->pcr_after;
144 }
145 return this->has_pcr_info;
146 }
147
148 METHOD(pts_comp_evidence_t, set_pcr_info, void,
149 private_pts_comp_evidence_t *this, chunk_t pcr_before, chunk_t pcr_after)
150 {
151 this->has_pcr_info = TRUE;
152 this->pcr_before = pcr_before;
153 this->pcr_after = pcr_after;
154
155 DBG3(DBG_PTS, "PCR %2d before value : %#B", this->extended_pcr, &pcr_before);
156 DBG3(DBG_PTS, "PCR %2d after value : %#B", this->extended_pcr, &pcr_after);
157 }
158
159 METHOD(pts_comp_evidence_t, get_validation, pts_comp_evid_validation_t,
160 private_pts_comp_evidence_t *this, chunk_t *uri)
161 {
162 if (uri)
163 {
164 *uri = this->policy_uri;
165 }
166 return this->validation;
167 }
168
169 METHOD(pts_comp_evidence_t, set_validation, void,
170 private_pts_comp_evidence_t *this, pts_comp_evid_validation_t validation,
171 chunk_t uri)
172 {
173 this->validation = validation;
174 this->policy_uri = chunk_clone(uri);
175 }
176
177 METHOD(pts_comp_evidence_t, destroy, void,
178 private_pts_comp_evidence_t *this)
179 {
180 this->name->destroy(this->name);
181 free(this->measurement.ptr);
182 free(this->pcr_before.ptr);
183 free(this->pcr_after.ptr);
184 free(this->policy_uri.ptr);
185 free(this);
186 }
187
188 /**
189 * See header
190 */
191 pts_comp_evidence_t *pts_comp_evidence_create(pts_comp_func_name_t *name,
192 u_int32_t depth,
193 u_int32_t extended_pcr,
194 pts_meas_algorithms_t algo,
195 pts_pcr_transform_t transform,
196 time_t measurement_time,
197 chunk_t measurement)
198 {
199 private_pts_comp_evidence_t *this;
200
201 INIT(this,
202 .public = {
203 .get_comp_func_name = _get_comp_func_name,
204 .get_extended_pcr = _get_extended_pcr,
205 .get_measurement = _get_measurement,
206 .get_pcr_info = _get_pcr_info,
207 .set_pcr_info = _set_pcr_info,
208 .get_validation = _get_validation,
209 .set_validation = _set_validation,
210 .destroy = _destroy,
211 },
212 .name = name,
213 .depth = depth,
214 .extended_pcr = extended_pcr,
215 .hash_algorithm = algo,
216 .transform = transform,
217 .measurement_time = measurement_time,
218 .measurement = measurement,
219 );
220
221 name->log(name, "");
222 DBG3(DBG_PTS, "measurement time: %T", &measurement_time, FALSE);
223 DBG3(DBG_PTS, "PCR %2d extended with: %#B", extended_pcr, &measurement);
224
225 return &this->public;
226 }
227
228 /**
229 * See header
230 */
231 pts_pcr_transform_t pts_meas_algo_to_pcr_transform(pts_meas_algorithms_t algo,
232 size_t pcr_len)
233 {
234 size_t hash_size;
235
236 hash_size = pts_meas_algo_hash_size(algo);
237 if (hash_size == 0)
238 {
239 return PTS_PCR_TRANSFORM_NO;
240 }
241 if (hash_size == pcr_len)
242 {
243 return PTS_PCR_TRANSFORM_MATCH;
244 }
245 if (hash_size > pcr_len)
246 {
247 return PTS_PCR_TRANSFORM_LONG;
248 }
249 return PTS_PCR_TRANSFORM_SHORT;
250 }
251