Modified some unnecessary todo statement
[strongswan.git] / src / libpts / pts / pts.c
1 /*
2 * Copyright (C) 2011 Sansar Choinyambuu
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "pts.h"
17
18 #include <debug.h>
19 #include <crypto/hashers/hasher.h>
20 #include <bio/bio_writer.h>
21 #include <bio/bio_reader.h>
22 /* for isdigit()*/
23 #include <ctype.h>
24
25 #include <trousers/tss.h>
26 #include <trousers/trousers.h>
27
28 #include <sys/stat.h>
29 #include <sys/utsname.h>
30 #include <errno.h>
31
32 #include <openssl/rsa.h>
33 #include <openssl/evp.h>
34 #include <openssl/x509.h>
35
36 #define PTS_BUF_SIZE 4096
37
38 typedef struct private_pts_t private_pts_t;
39
40 /**
41 * Private data of a pts_t object.
42 *
43 */
44 struct private_pts_t {
45
46 /**
47 * Public pts_t interface.
48 */
49 pts_t public;
50
51 /**
52 * PTS Protocol Capabilities
53 */
54 pts_proto_caps_flag_t proto_caps;
55
56 /**
57 * PTS Measurement Algorithm
58 */
59 pts_meas_algorithms_t algorithm;
60
61 /**
62 * DH Hash Algorithm
63 */
64 pts_meas_algorithms_t dh_hash_algorithm;
65
66 /**
67 * PTS Diffie-Hellman Secret
68 */
69 diffie_hellman_t *dh;
70
71 /**
72 * PTS Diffie-Hellman Initiator Nonce
73 */
74 chunk_t initiator_nonce;
75
76 /**
77 * PTS Diffie-Hellman Responder Nonce
78 */
79 chunk_t responder_nonce;
80
81 /**
82 * Secret assessment value to be used for TPM Quote as an external data
83 */
84 chunk_t secret;
85
86 /**
87 * Platform and OS Info
88 */
89 char *platform_info;
90
91 /**
92 * TRUE if IMC-PTS, FALSE if IMV-PTS
93 */
94 bool is_imc;
95
96 /**
97 * Do we have an activated TPM
98 */
99 bool has_tpm;
100
101 /**
102 * Contains a TPM_CAP_VERSION_INFO struct
103 */
104 chunk_t tpm_version_info;
105
106 /**
107 * Contains TSS Blob structure for AIK
108 */
109 chunk_t aik_blob;
110
111 /**
112 * Contains a Attestation Identity Key or Certificate
113 */
114 certificate_t *aik;
115
116 /**
117 * List of extended PCR's with corresponding values
118 */
119 linked_list_t *pcrs;
120 };
121
122 METHOD(pts_t, get_proto_caps, pts_proto_caps_flag_t,
123 private_pts_t *this)
124 {
125 return this->proto_caps;
126 }
127
128 METHOD(pts_t, set_proto_caps, void,
129 private_pts_t *this, pts_proto_caps_flag_t flags)
130 {
131 this->proto_caps = flags;
132 DBG2(DBG_PTS, "supported PTS protocol capabilities: %s%s%s%s%s",
133 flags & PTS_PROTO_CAPS_C ? "C" : ".",
134 flags & PTS_PROTO_CAPS_V ? "V" : ".",
135 flags & PTS_PROTO_CAPS_D ? "D" : ".",
136 flags & PTS_PROTO_CAPS_T ? "T" : ".",
137 flags & PTS_PROTO_CAPS_X ? "X" : ".");
138 }
139
140 METHOD(pts_t, get_meas_algorithm, pts_meas_algorithms_t,
141 private_pts_t *this)
142 {
143 return this->algorithm;
144 }
145
146 METHOD(pts_t, set_meas_algorithm, void,
147 private_pts_t *this, pts_meas_algorithms_t algorithm)
148 {
149 hash_algorithm_t hash_alg;
150
151 hash_alg = pts_meas_algo_to_hash(algorithm);
152 DBG2(DBG_PTS, "selected PTS measurement algorithm is %N",
153 hash_algorithm_names, hash_alg);
154 if (hash_alg != HASH_UNKNOWN)
155 {
156 this->algorithm = algorithm;
157 }
158 }
159
160 METHOD(pts_t, get_dh_hash_algorithm, pts_meas_algorithms_t,
161 private_pts_t *this)
162 {
163 return this->dh_hash_algorithm;
164 }
165
166 METHOD(pts_t, set_dh_hash_algorithm, void,
167 private_pts_t *this, pts_meas_algorithms_t algorithm)
168 {
169 hash_algorithm_t hash_alg;
170
171 hash_alg = pts_meas_algo_to_hash(algorithm);
172 DBG2(DBG_PTS, "selected DH hash algorithm is %N",
173 hash_algorithm_names, hash_alg);
174 if (hash_alg != HASH_UNKNOWN)
175 {
176 this->dh_hash_algorithm = algorithm;
177 }
178 }
179
180
181 METHOD(pts_t, create_dh_nonce, bool,
182 private_pts_t *this, pts_dh_group_t group, int nonce_len)
183 {
184 diffie_hellman_group_t dh_group;
185 chunk_t *nonce;
186 rng_t *rng;
187
188 dh_group = pts_dh_group_to_ike(group);
189 DBG2(DBG_PTS, "selected PTS DH group is %N",
190 diffie_hellman_group_names, dh_group);
191 DESTROY_IF(this->dh);
192 this->dh = lib->crypto->create_dh(lib->crypto, dh_group);
193
194 rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
195 if (!rng)
196 {
197 DBG1(DBG_PTS, "no rng available");
198 return FALSE;
199 }
200 DBG2(DBG_PTS, "nonce length is %d", nonce_len);
201 nonce = this->is_imc ? &this->responder_nonce : &this->initiator_nonce;
202 chunk_free(nonce);
203 rng->allocate_bytes(rng, nonce_len, nonce);
204 rng->destroy(rng);
205
206 return TRUE;
207 }
208
209 METHOD(pts_t, get_my_public_value, void,
210 private_pts_t *this, chunk_t *value, chunk_t *nonce)
211 {
212 this->dh->get_my_public_value(this->dh, value);
213 *nonce = this->is_imc ? this->responder_nonce : this->initiator_nonce;
214 }
215
216 METHOD(pts_t, set_peer_public_value, void,
217 private_pts_t *this, chunk_t value, chunk_t nonce)
218 {
219 this->dh->set_other_public_value(this->dh, value);
220
221 nonce = chunk_clone(nonce);
222 if (this->is_imc)
223 {
224 this->initiator_nonce = nonce;
225 }
226 else
227 {
228 this->responder_nonce = nonce;
229 }
230 }
231
232 METHOD(pts_t, calculate_secret, bool,
233 private_pts_t *this)
234 {
235 hasher_t *hasher;
236 hash_algorithm_t hash_alg;
237 chunk_t shared_secret;
238
239 /* Check presence of nonces */
240 if (!this->initiator_nonce.len || !this->responder_nonce.len)
241 {
242 DBG1(DBG_PTS, "initiator and/or responder nonce is not available");
243 return FALSE;
244 }
245 DBG3(DBG_PTS, "initiator nonce: %B", &this->initiator_nonce);
246 DBG3(DBG_PTS, "responder nonce: %B", &this->responder_nonce);
247
248 /* Calculate the DH secret */
249 if (this->dh->get_shared_secret(this->dh, &shared_secret) != SUCCESS)
250 {
251 DBG1(DBG_PTS, "shared DH secret computation failed");
252 return FALSE;
253 }
254 DBG4(DBG_PTS, "shared DH secret: %B", &shared_secret);
255
256 /* Calculate the secret assessment value */
257 hash_alg = pts_meas_algo_to_hash(this->dh_hash_algorithm);
258 hasher = lib->crypto->create_hasher(lib->crypto, hash_alg);
259
260 hasher->allocate_hash(hasher, chunk_from_chars('1'), NULL);
261 hasher->allocate_hash(hasher, this->initiator_nonce, NULL);
262 hasher->allocate_hash(hasher, this->responder_nonce, NULL);
263 hasher->allocate_hash(hasher, shared_secret, &this->secret);
264 hasher->destroy(hasher);
265
266 /* The DH secret must be destroyed */
267 chunk_clear(&shared_secret);
268
269 /*
270 * Truncate the hash to 20 bytes to fit the ExternalData
271 * argument of the TPM Quote command
272 */
273 this->secret.len = min(this->secret.len, 20);
274 DBG4(DBG_PTS, "secret assessment value: %B", &this->secret);
275 return TRUE;
276 }
277
278 /**
279 * Print TPM 1.2 Version Info
280 */
281 static void print_tpm_version_info(private_pts_t *this)
282 {
283 TPM_CAP_VERSION_INFO versionInfo;
284 UINT64 offset = 0;
285 TSS_RESULT result;
286
287 result = Trspi_UnloadBlob_CAP_VERSION_INFO(&offset,
288 this->tpm_version_info.ptr, &versionInfo);
289 if (result != TSS_SUCCESS)
290 {
291 DBG1(DBG_PTS, "could not parse tpm version info: tss error 0x%x",
292 result);
293 }
294 else
295 {
296 DBG2(DBG_PTS, "TPM 1.2 Version Info: Chip Version: %hhu.%hhu.%hhu.%hhu,"
297 " Spec Level: %hu, Errata Rev: %hhu, Vendor ID: %.4s",
298 versionInfo.version.major, versionInfo.version.minor,
299 versionInfo.version.revMajor, versionInfo.version.revMinor,
300 versionInfo.specLevel, versionInfo.errataRev,
301 versionInfo.tpmVendorID);
302 }
303 }
304
305 METHOD(pts_t, get_platform_info, char*,
306 private_pts_t *this)
307 {
308 return this->platform_info;
309 }
310
311 METHOD(pts_t, set_platform_info, void,
312 private_pts_t *this, char *info)
313 {
314 free(this->platform_info);
315 this->platform_info = strdup(info);
316 }
317
318 METHOD(pts_t, get_tpm_version_info, bool,
319 private_pts_t *this, chunk_t *info)
320 {
321 if (!this->has_tpm)
322 {
323 return FALSE;
324 }
325 *info = this->tpm_version_info;
326 print_tpm_version_info(this);
327 return TRUE;
328 }
329
330 METHOD(pts_t, set_tpm_version_info, void,
331 private_pts_t *this, chunk_t info)
332 {
333 this->tpm_version_info = chunk_clone(info);
334 print_tpm_version_info(this);
335 }
336
337 /**
338 * Load an AIK Blob (TSS_TSPATTRIB_KEYBLOB_BLOB attribute)
339 */
340 static void load_aik_blob(private_pts_t *this)
341 {
342 char *blob_path;
343 FILE *fp;
344 u_int32_t aikBlobLen;
345
346 blob_path = lib->settings->get_str(lib->settings,
347 "libimcv.plugins.imc-attestation.aik_blob", NULL);
348
349 if (blob_path)
350 {
351 /* Read aik key blob from a file */
352 if ((fp = fopen(blob_path, "r")) == NULL)
353 {
354 DBG1(DBG_PTS, "unable to open AIK Blob file: %s", blob_path);
355 return;
356 }
357
358 fseek(fp, 0, SEEK_END);
359 aikBlobLen = ftell(fp);
360 fseek(fp, 0L, SEEK_SET);
361
362 this->aik_blob = chunk_alloc(aikBlobLen);
363 if (fread(this->aik_blob.ptr, 1, aikBlobLen, fp))
364 {
365 DBG2(DBG_PTS, "loaded AIK Blob from '%s'", blob_path);
366 DBG3(DBG_PTS, "AIK Blob: %B", &this->aik_blob);
367 }
368 else
369 {
370 DBG1(DBG_PTS, "unable to read AIK Blob file '%s'", blob_path);
371 }
372 fclose(fp);
373 return;
374 }
375
376 DBG1(DBG_PTS, "AIK Blob is not available");
377 }
378
379 /**
380 * Load an AIK certificate or public key
381 * the certificate having precedence over the public key if both are present
382 */
383 static void load_aik(private_pts_t *this)
384 {
385 char *cert_path, *key_path;
386
387 cert_path = lib->settings->get_str(lib->settings,
388 "libimcv.plugins.imc-attestation.aik_cert", NULL);
389 key_path = lib->settings->get_str(lib->settings,
390 "libimcv.plugins.imc-attestation.aik_key", NULL);
391
392 if (cert_path)
393 {
394 this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
395 CERT_X509, BUILD_FROM_FILE,
396 cert_path, BUILD_END);
397 if (this->aik)
398 {
399 DBG2(DBG_PTS, "loaded AIK certificate from '%s'", cert_path);
400 return;
401 }
402 }
403 if (key_path)
404 {
405 this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
406 CERT_TRUSTED_PUBKEY, BUILD_FROM_FILE,
407 key_path, BUILD_END);
408 if (this->aik)
409 {
410 DBG2(DBG_PTS, "loaded AIK public key from '%s'", key_path);
411 return;
412 }
413 }
414
415 DBG1(DBG_PTS, "neither AIK certificate nor public key is available");
416 }
417
418 METHOD(pts_t, get_aik, certificate_t*,
419 private_pts_t *this)
420 {
421 return this->aik;
422 }
423
424 METHOD(pts_t, set_aik, void,
425 private_pts_t *this, certificate_t *aik)
426 {
427 DESTROY_IF(this->aik);
428 this->aik = aik->get_ref(aik);
429 }
430
431 METHOD(pts_t, hash_file, bool,
432 private_pts_t *this, hasher_t *hasher, char *pathname, u_char *hash)
433 {
434 u_char buffer[PTS_BUF_SIZE];
435 FILE *file;
436 int bytes_read;
437
438 file = fopen(pathname, "rb");
439 if (!file)
440 {
441 DBG1(DBG_PTS," file '%s' can not be opened, %s", pathname,
442 strerror(errno));
443 return FALSE;
444 }
445 while (TRUE)
446 {
447 bytes_read = fread(buffer, 1, sizeof(buffer), file);
448 if (bytes_read > 0)
449 {
450 hasher->get_hash(hasher, chunk_create(buffer, bytes_read), NULL);
451 }
452 else
453 {
454 hasher->get_hash(hasher, chunk_empty, hash);
455 break;
456 }
457 }
458 fclose(file);
459
460 return TRUE;
461 }
462
463 /**
464 * Get the relative filename of a fully qualified file pathname
465 */
466 static char* get_filename(char *pathname)
467 {
468 char *pos, *filename;
469
470 pos = filename = pathname;
471 while (pos && *(++pos) != '\0')
472 {
473 filename = pos;
474 pos = strchr(filename, '/');
475 }
476 return filename;
477 }
478
479 METHOD(pts_t, is_path_valid, bool,
480 private_pts_t *this, char *path, pts_error_code_t *error_code)
481 {
482 struct stat st;
483
484 *error_code = 0;
485
486 if (!stat(path, &st))
487 {
488 return TRUE;
489 }
490 else if (errno == ENOENT || errno == ENOTDIR)
491 {
492 DBG1(DBG_PTS, "file/directory does not exist %s", path);
493 *error_code = TCG_PTS_FILE_NOT_FOUND;
494 }
495 else if (errno == EFAULT)
496 {
497 DBG1(DBG_PTS, "bad address %s", path);
498 *error_code = TCG_PTS_INVALID_PATH;
499 }
500 else
501 {
502 DBG1(DBG_PTS, "error: %s occured while validating path: %s",
503 strerror(errno), path);
504 return FALSE;
505 }
506
507 return TRUE;
508 }
509
510 METHOD(pts_t, do_measurements, pts_file_meas_t*,
511 private_pts_t *this, u_int16_t request_id, char *pathname, bool is_directory)
512 {
513 hasher_t *hasher;
514 hash_algorithm_t hash_alg;
515 u_char hash[HASH_SIZE_SHA384];
516 chunk_t measurement;
517 pts_file_meas_t *measurements;
518
519 /* Create a hasher */
520 hash_alg = pts_meas_algo_to_hash(this->algorithm);
521 hasher = lib->crypto->create_hasher(lib->crypto, hash_alg);
522 if (!hasher)
523 {
524 DBG1(DBG_PTS, " hasher %N not available", hash_algorithm_names, hash_alg);
525 return NULL;
526 }
527
528 /* Create a measurement object */
529 measurements = pts_file_meas_create(request_id);
530
531 /* Link the hash to the measurement and set the measurement length */
532 measurement = chunk_create(hash, hasher->get_hash_size(hasher));
533
534 if (is_directory)
535 {
536 enumerator_t *enumerator;
537 char *rel_name, *abs_name;
538 struct stat st;
539
540 enumerator = enumerator_create_directory(pathname);
541 if (!enumerator)
542 {
543 DBG1(DBG_PTS," directory '%s' can not be opened, %s", pathname,
544 strerror(errno));
545 hasher->destroy(hasher);
546 measurements->destroy(measurements);
547 return NULL;
548 }
549 while (enumerator->enumerate(enumerator, &rel_name, &abs_name, &st))
550 {
551 /* measure regular files only */
552 if (S_ISREG(st.st_mode) && *rel_name != '.')
553 {
554 if (!hash_file(this, hasher, abs_name, hash))
555 {
556 enumerator->destroy(enumerator);
557 hasher->destroy(hasher);
558 measurements->destroy(measurements);
559 return NULL;
560 }
561 DBG2(DBG_PTS, " %#B for '%s'", &measurement, rel_name);
562 measurements->add(measurements, rel_name, measurement);
563 }
564 }
565 enumerator->destroy(enumerator);
566 }
567 else
568 {
569 char *filename;
570
571 if (!hash_file(this, hasher, pathname, hash))
572 {
573 hasher->destroy(hasher);
574 measurements->destroy(measurements);
575 return NULL;
576 }
577 filename = get_filename(pathname);
578 DBG2(DBG_PTS, " %#B for '%s'", &measurement, filename);
579 measurements->add(measurements, filename, measurement);
580 }
581 hasher->destroy(hasher);
582
583 return measurements;
584 }
585
586 /**
587 * Obtain statistical information describing a file
588 */
589 static bool file_metadata(char *pathname, pts_file_metadata_t **entry)
590 {
591 struct stat st;
592 pts_file_metadata_t *tmp;
593
594 tmp = malloc_thing(pts_file_metadata_t);
595
596 if (stat(pathname, &st))
597 {
598 DBG1(DBG_PTS, "Unable to obtain statistical information about %s", pathname);
599 return FALSE;
600 }
601
602 tmp->filename = strdup(pathname);
603 tmp->meta_length = PTS_FILE_METADATA_SIZE + strlen(tmp->filename);
604
605 if (S_ISREG(st.st_mode))
606 {
607 tmp->type = PTS_FILE_REGULAR;
608 }
609 else if (S_ISDIR(st.st_mode))
610 {
611 tmp->type = PTS_FILE_DIRECTORY;
612 }
613 else if (S_ISCHR(st.st_mode))
614 {
615 tmp->type = PTS_FILE_CHAR_SPEC;
616 }
617 else if (S_ISBLK(st.st_mode))
618 {
619 tmp->type = PTS_FILE_BLOCK_SPEC;
620 }
621 else if (S_ISFIFO(st.st_mode))
622 {
623 tmp->type = PTS_FILE_FIFO;
624 }
625 else if (S_ISLNK(st.st_mode))
626 {
627 tmp->type = PTS_FILE_SYM_LINK;
628 }
629 else if (S_ISSOCK(st.st_mode))
630 {
631 tmp->type = PTS_FILE_SOCKET;
632 }
633 else
634 {
635 tmp->type = PTS_FILE_OTHER;
636 }
637
638 tmp->filesize = (u_int64_t)st.st_size;
639 tmp->create_time = st.st_ctime;
640 tmp->last_modify_time = st.st_mtime;
641 tmp->last_access_time = st.st_atime;
642 tmp->owner_id = (u_int64_t)st.st_uid;
643 tmp->group_id = (u_int64_t)st.st_gid;
644
645 *entry = tmp;
646
647 return TRUE;
648 }
649
650 METHOD(pts_t, get_metadata, pts_file_meta_t*,
651 private_pts_t *this, char *pathname, bool is_directory)
652 {
653 pts_file_meta_t *metadata;
654 pts_file_metadata_t *entry;
655
656 /* Create a metadata object */
657 metadata = pts_file_meta_create();
658
659 if (is_directory)
660 {
661 enumerator_t *enumerator;
662 char *rel_name, *abs_name;
663 struct stat st;
664
665 enumerator = enumerator_create_directory(pathname);
666 if (!enumerator)
667 {
668 DBG1(DBG_PTS," directory '%s' can not be opened, %s", pathname,
669 strerror(errno));
670 metadata->destroy(metadata);
671 return NULL;
672 }
673 while (enumerator->enumerate(enumerator, &rel_name, &abs_name, &st))
674 {
675 /* measure regular files only */
676 if (S_ISREG(st.st_mode) && *rel_name != '.')
677 {
678 if (!file_metadata(abs_name, &entry))
679 {
680 enumerator->destroy(enumerator);
681 metadata->destroy(metadata);
682 return NULL;
683 }
684 metadata->add(metadata, entry);
685 }
686 }
687 enumerator->destroy(enumerator);
688 }
689 else
690 {
691 char *filename;
692
693 if (!file_metadata(pathname, &entry))
694 {
695 metadata->destroy(metadata);
696 return NULL;
697 }
698 filename = get_filename(pathname);
699 metadata->add(metadata, entry);
700 }
701
702 return metadata;
703 }
704
705 METHOD(pts_t, read_pcr, bool,
706 private_pts_t *this, u_int32_t pcr_num, chunk_t *output)
707 {
708 TSS_HCONTEXT hContext;
709 TSS_HTPM hTPM;
710 TSS_RESULT result;
711 u_int32_t pcr_length;
712 chunk_t pcr_value;
713
714 result = Tspi_Context_Create(&hContext);
715 if (result != TSS_SUCCESS)
716 {
717 DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x", result);
718 return FALSE;
719 }
720
721 result = Tspi_Context_Connect(hContext, NULL);
722 if (result != TSS_SUCCESS)
723 {
724 goto err;
725 }
726 result = Tspi_Context_GetTpmObject (hContext, &hTPM);
727 if (result != TSS_SUCCESS)
728 {
729 goto err;
730 }
731 pcr_value = chunk_alloc(PCR_LEN);
732 result = Tspi_TPM_PcrRead(hTPM, pcr_num, &pcr_length, &pcr_value.ptr);
733 if (result != TSS_SUCCESS)
734 {
735 goto err;
736 }
737
738 *output = pcr_value;
739 *output = chunk_clone(*output);
740
741 chunk_clear(&pcr_value);
742 Tspi_Context_Close(hContext);
743 DBG3(DBG_PTS, "PCR %d value:%B", pcr_num, output);
744 return TRUE;
745
746 err:
747 chunk_clear(&pcr_value);
748 DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
749 Tspi_Context_Close(hContext);
750 return FALSE;
751 }
752
753 METHOD(pts_t, extend_pcr, bool,
754 private_pts_t *this, u_int32_t pcr_num, chunk_t input, chunk_t *output)
755 {
756 TSS_HCONTEXT hContext;
757 TSS_HTPM hTPM;
758 TSS_RESULT result;
759 u_int32_t pcr_length;
760 chunk_t pcr_value;
761
762 result = Tspi_Context_Create(&hContext);
763 if (result != TSS_SUCCESS)
764 {
765 DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x", result);
766 return FALSE;
767 }
768 result = Tspi_Context_Connect(hContext, NULL);
769 if (result != TSS_SUCCESS)
770 {
771 goto err;
772 }
773 result = Tspi_Context_GetTpmObject (hContext, &hTPM);
774 if (result != TSS_SUCCESS)
775 {
776 goto err;
777 }
778
779 pcr_value = chunk_alloc(PCR_LEN);
780 result = Tspi_TPM_PcrExtend(hTPM, pcr_num, PCR_LEN, input.ptr,
781 NULL, &pcr_length, &pcr_value.ptr);
782 if (result != TSS_SUCCESS)
783 {
784 goto err;
785 }
786
787 *output = pcr_value;
788 *output = chunk_clone(*output);
789
790 chunk_clear(&pcr_value);
791 Tspi_Context_Close(hContext);
792 DBG3(DBG_PTS, "PCR %d extended with: %B", pcr_num, &input);
793 DBG3(DBG_PTS, "PCR %d value after extend: %B", pcr_num, output);
794 return TRUE;
795
796 err:
797 chunk_clear(&pcr_value);
798 DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
799 Tspi_Context_Close(hContext);
800 return FALSE;
801 }
802
803 METHOD(pts_t, quote_tpm, bool,
804 private_pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
805 chunk_t *pcr_composite, chunk_t *quote_signature)
806 {
807 TSS_HCONTEXT hContext;
808 TSS_HTPM hTPM;
809 TSS_HKEY hAIK;
810 TSS_HKEY hSRK;
811 TSS_HPOLICY srkUsagePolicy;
812 TSS_UUID SRK_UUID = TSS_UUID_SRK;
813 BYTE secret[] = TSS_WELL_KNOWN_SECRET;
814 TSS_HPCRS hPcrComposite;
815 TSS_VALIDATION valData;
816 u_int32_t i;
817 TSS_RESULT result;
818 chunk_t pcr_comp, quote_sign;
819
820 result = Tspi_Context_Create(&hContext);
821 if (result != TSS_SUCCESS)
822 {
823 DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x", result);
824 return FALSE;
825 }
826 result = Tspi_Context_Connect(hContext, NULL);
827 if (result != TSS_SUCCESS)
828 {
829 goto err1;
830 }
831 result = Tspi_Context_GetTpmObject (hContext, &hTPM);
832 if (result != TSS_SUCCESS)
833 {
834 goto err1;
835 }
836
837 /* Retrieve SRK from TPM and set the authentication data as well known secret*/
838 result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
839 SRK_UUID, &hSRK);
840 if (result != TSS_SUCCESS)
841 {
842 goto err1;
843 }
844
845 result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
846 if (result != TSS_SUCCESS)
847 {
848 goto err1;
849 }
850 result = Tspi_Policy_SetSecret(srkUsagePolicy, TSS_SECRET_MODE_SHA1,
851 20, secret);
852 if (result != TSS_SUCCESS)
853 {
854 goto err1;
855 }
856
857 result = Tspi_Context_LoadKeyByBlob (hContext, hSRK, this->aik_blob.len,
858 this->aik_blob.ptr, &hAIK);
859 if (result != TSS_SUCCESS)
860 {
861 goto err1;
862 }
863
864 /* Create PCR composite object */
865 result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0, &hPcrComposite);
866 if (result != TSS_SUCCESS)
867 {
868 goto err2;
869 }
870
871 /* Select PCR's */
872 for (i = 0; i < num_of_pcrs ; i++)
873 {
874 if (pcrs[i] < 0 || pcrs[i] >= MAX_NUM_PCR )
875 {
876 DBG1(DBG_PTS, "Invalid PCR number: %d", pcrs[i]);
877 goto err3;
878 }
879 result = Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, pcrs[i]);
880 if (result != TSS_SUCCESS)
881 {
882 goto err3;
883 }
884 }
885
886 /* Set the Validation Data */
887 valData.ulExternalDataLength = this->secret.len;
888 valData.rgbExternalData = (BYTE *)this->secret.ptr;
889
890
891 /* TPM Quote */
892 result = Tspi_TPM_Quote(hTPM, hAIK, hPcrComposite, &valData);
893 if (result != TSS_SUCCESS)
894 {
895 goto err4;
896 }
897
898 /* Set output chunks */
899 pcr_comp = chunk_alloc(HASH_SIZE_SHA1);
900 memcpy(pcr_comp.ptr, valData.rgbData + 8, HASH_SIZE_SHA1);
901 *pcr_composite = pcr_comp;
902 *pcr_composite = chunk_clone(*pcr_composite);
903 DBG3(DBG_PTS, "Hash of PCR Composite: %B",pcr_composite);
904
905 quote_sign = chunk_alloc(valData.ulValidationDataLength);
906 memcpy(quote_sign.ptr, valData.rgbValidationData,
907 valData.ulValidationDataLength);
908 *quote_signature = quote_sign;
909 *quote_signature = chunk_clone(*quote_signature);
910 DBG3(DBG_PTS, "TOM Quote Signature: %B",quote_signature);
911
912 chunk_clear(&quote_sign);
913 Tspi_Context_FreeMemory(hContext, NULL);
914 Tspi_Context_CloseObject(hContext, hPcrComposite);
915 Tspi_Context_CloseObject(hContext, hAIK);
916 Tspi_Context_Close(hContext);
917 free(pcrs);
918 return TRUE;
919
920 /* Cleanup */
921 err4:
922 Tspi_Context_FreeMemory(hContext, NULL);
923
924 err3:
925 Tspi_Context_CloseObject(hContext, hPcrComposite);
926
927 err2:
928 Tspi_Context_CloseObject(hContext, hAIK);
929
930 err1:
931 Tspi_Context_Close(hContext);
932 free(pcrs);
933 DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
934 return FALSE;
935 }
936
937 METHOD(pts_t, add_pcr_entry, void,
938 private_pts_t *this, pcr_entry_t *new)
939 {
940 enumerator_t *e;
941 pcr_entry_t *entry;
942
943 if (!this->pcrs)
944 {
945 this->pcrs = linked_list_create();
946 }
947
948 e = this->pcrs->create_enumerator(this->pcrs);
949 while (e->enumerate(e, &entry))
950 {
951 if (entry->pcr_number == new->pcr_number)
952 {
953 DBG4(DBG_PTS, "updating already added PCR%d value",
954 entry->pcr_number);
955 this->pcrs->remove_at(this->pcrs, e);
956 free(entry);
957 break;
958 }
959 }
960 DESTROY_IF(e);
961
962 this->pcrs->insert_last(this->pcrs, new);
963
964 /* TODO: Sort pcr entries with pcr index */
965 }
966
967 /**
968 * 1. build a TCPA_PCR_COMPOSITE structure which contains (pcrCompositeBuf)
969 * TCPA_PCR_SELECTION structure (bitmask length network order + length bytes bitmask)
970 * UINT32 (network order) gives the number of bytes following (pcr entries * 20)
971 * TCPA_PCRVALUE[] with the pcr values
972 *
973 * The first two bytes of the message represent the length
974 * of the bitmask that follows. The bitmask represents the
975 * requested PCRs to be quoted.
976 *
977 * TPM Main-Part 2 TPM Structures_v1.2 8.1
978 * The bitmask is in big endian order"
979 *
980 * BYTE 1 BYTE 2 ...
981 * Bit: 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0 0 ...
982 * Pcr: 7 6 5 4 3 2 1 0 15 14 13 12 11 10 9 8 ...
983 *
984 * 2. SHA1(pcrCompositeBuf)
985 *
986 * 3. build a TCPA_QUOTE_INFO structure which contains
987 * 4 bytes of version
988 * 4 bytes 'Q' 'U' 'O' 'T'
989 * 20 byte SHA1 of TCPA_PCR_COMPOSITE
990 * 20 byte nonce
991 */
992
993 METHOD(pts_t, get_quote_info, bool,
994 private_pts_t *this, chunk_t *out_pcr_composite, chunk_t *out_quote_info)
995 {
996 enumerator_t *e;
997 pcr_entry_t *pcr_entry;
998 chunk_t pcr_composite;
999 u_int32_t pcr_composite_len;
1000 bio_writer_t *writer;
1001 u_int8_t mask_bytes[PCR_MASK_LEN] = {0,0,0}, i;
1002 hasher_t *hasher;
1003
1004 if (this->pcrs->get_count(this->pcrs) == 0)
1005 {
1006 DBG1(DBG_PTS, "PCR entries unavailable, unable to construct TPM Quote Info");
1007 return FALSE;
1008 }
1009
1010 pcr_composite_len = 2 + PCR_MASK_LEN + 4 +
1011 this->pcrs->get_count(this->pcrs) * PCR_LEN;
1012
1013 writer = bio_writer_create(pcr_composite_len);
1014 /* Lenght of the bist mask field */
1015 writer->write_uint16(writer, PCR_MASK_LEN);
1016 /* Bit mask indicating selected PCRs */
1017 e = this->pcrs->create_enumerator(this->pcrs);
1018 while (e->enumerate(e, &pcr_entry))
1019 {
1020 u_int32_t index = pcr_entry->pcr_number;
1021 mask_bytes[index / 8] |= (1 << (index % 8));
1022 }
1023 e->destroy(e);
1024
1025 for (i = 0; i< PCR_MASK_LEN ; i++)
1026 {
1027 writer->write_uint8(writer, mask_bytes[i]);
1028 }
1029
1030 /* Lenght of the pcr entries */
1031 writer->write_uint32(writer, this->pcrs->get_count(this->pcrs) * PCR_LEN);
1032 /* Actual PCR values */
1033 e = this->pcrs->create_enumerator(this->pcrs);
1034 while (e->enumerate(e, &pcr_entry))
1035 {
1036 writer->write_data(writer, chunk_create(pcr_entry->pcr_value, PCR_LEN));
1037 }
1038 free(pcr_entry);
1039 e->destroy(e);
1040
1041 /* PCR Composite structure */
1042 pcr_composite = chunk_clone(writer->get_buf(writer));
1043 writer->destroy(writer);
1044
1045 writer = bio_writer_create(TPM_QUOTE_INFO_LEN);
1046 /* Version number */
1047 writer->write_uint8(writer, 1);
1048 writer->write_uint8(writer, 1);
1049 writer->write_uint8(writer, 0);
1050 writer->write_uint8(writer, 0);
1051
1052 /* Magic QUOT value, depends on TPM Ordinal */
1053 writer->write_uint8(writer, 'Q');
1054 writer->write_uint8(writer, 'U');
1055 writer->write_uint8(writer, 'O');
1056 writer->write_uint8(writer, 'T');
1057
1058 /* SHA1 hash of PCR Composite Structure */
1059 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1060 hasher->allocate_hash(hasher, pcr_composite, out_pcr_composite);
1061 DBG4(DBG_PTS, "Hash of calculated PCR Composite: %B", out_pcr_composite);
1062
1063 chunk_clear(&pcr_composite);
1064 hasher->destroy(hasher);
1065 writer->write_data(writer, *out_pcr_composite);
1066
1067 if (!this->secret.ptr)
1068 {
1069 DBG1(DBG_PTS, "Secret assessment value unavailable",
1070 "unable to construct TPM Quote Info");
1071 chunk_clear(out_pcr_composite);
1072 writer->destroy(writer);
1073 return FALSE;
1074 }
1075 /* Secret assessment value 20 bytes (nonce) */
1076 writer->write_data(writer, this->secret);
1077 /* TPM Quote Info */
1078 *out_quote_info = chunk_clone(writer->get_buf(writer));
1079 DBG4(DBG_PTS, "Calculated TPM Quote Info: %B", out_quote_info);
1080 writer->destroy(writer);
1081
1082 return TRUE;
1083 }
1084
1085 METHOD(pts_t, verify_quote_signature, bool,
1086 private_pts_t *this, chunk_t data, chunk_t signature)
1087 {
1088 public_key_t *aik_pub_key;
1089 chunk_t key_encoding;
1090 EVP_PKEY *pkey = NULL;
1091 RSA *rsa = NULL;
1092 unsigned char *p;
1093
1094 aik_pub_key = this->aik->get_public_key(this->aik);
1095 if (!aik_pub_key)
1096 {
1097 DBG1(DBG_PTS, "failed to get public key from AIK certificate");
1098 return FALSE;
1099 }
1100
1101 /** Implementation using strongswan -> not working */
1102 /*if (!aik_pub_key->verify(aik_pub_key, SIGN_RSA_EMSA_PKCS1_SHA1, data, signature))
1103 {
1104 DBG1(DBG_PTS, "signature verification failed for TPM Quote Info");
1105 goto cleanup;
1106 }
1107 */
1108
1109 if (!aik_pub_key->get_encoding(aik_pub_key, PUBKEY_SPKI_ASN1_DER, &key_encoding))
1110 {
1111 DBG1(DBG_PTS, "failed to get encoding of AIK public key");
1112 goto cleanup;
1113 }
1114
1115 p = key_encoding.ptr;
1116 pkey = d2i_PUBKEY(NULL, (const unsigned char**)&p, key_encoding.len);
1117 if (!pkey)
1118 {
1119 DBG1(DBG_PTS, "failed to get EVP_PKEY object from AIK public key encoding");
1120 goto cleanup;
1121 }
1122
1123 rsa = EVP_PKEY_get1_RSA(pkey);
1124 if (!rsa)
1125 {
1126 DBG1(DBG_PTS, "failed to get RSA object from EVP_PKEY");
1127 goto cleanup;
1128 }
1129
1130 if (RSA_verify(NID_sha1, data.ptr, data.len, signature.ptr, signature.len, rsa) != 1)
1131 {
1132 DBG1(DBG_PTS, "signature verification failed for TPM Quote Info");
1133 goto cleanup;
1134 }
1135
1136 RSA_free(rsa);
1137 EVP_PKEY_free(pkey);
1138 if (key_encoding.ptr)
1139 {
1140 chunk_clear(&key_encoding);
1141 }
1142 aik_pub_key->destroy(aik_pub_key);
1143 return TRUE;
1144
1145 cleanup:
1146 if (rsa)
1147 {
1148 RSA_free(rsa);
1149 }
1150 if (pkey)
1151 {
1152 EVP_PKEY_free(pkey);
1153 }
1154 if (key_encoding.ptr)
1155 {
1156 chunk_clear(&key_encoding);
1157 }
1158 DESTROY_IF(aik_pub_key);
1159 return FALSE;
1160 }
1161
1162 METHOD(pts_t, destroy, void,
1163 private_pts_t *this)
1164 {
1165 DESTROY_IF(this->aik);
1166 DESTROY_IF(this->dh);
1167 DESTROY_IF(this->pcrs);
1168 free(this->initiator_nonce.ptr);
1169 free(this->responder_nonce.ptr);
1170 free(this->secret.ptr);
1171 free(this->platform_info);
1172 free(this->aik_blob.ptr);
1173 free(this->tpm_version_info.ptr);
1174 free(this);
1175 }
1176
1177 /**
1178 * Determine Linux distribution and hardware platform
1179 */
1180 static char* extract_platform_info(void)
1181 {
1182 FILE *file;
1183 char buf[BUF_LEN], *pos, *value = NULL;
1184 int i, len;
1185 struct utsname uninfo;
1186
1187 /* Linux/Unix distribution release info (from http://linuxmafia.com) */
1188 const char* releases[] = {
1189 "/etc/lsb-release", "/etc/debian_version",
1190 "/etc/SuSE-release", "/etc/novell-release",
1191 "/etc/sles-release", "/etc/redhat-release",
1192 "/etc/fedora-release", "/etc/gentoo-release",
1193 "/etc/slackware-version", "/etc/annvix-release",
1194 "/etc/arch-release", "/etc/arklinux-release",
1195 "/etc/aurox-release", "/etc/blackcat-release",
1196 "/etc/cobalt-release", "/etc/conectiva-release",
1197 "/etc/debian_release", "/etc/immunix-release",
1198 "/etc/lfs-release", "/etc/linuxppc-release",
1199 "/etc/mandrake-release", "/etc/mandriva-release",
1200 "/etc/mandrakelinux-release", "/etc/mklinux-release",
1201 "/etc/pld-release", "/etc/redhat_version",
1202 "/etc/slackware-release", "/etc/e-smith-release",
1203 "/etc/release", "/etc/sun-release",
1204 "/etc/tinysofa-release", "/etc/turbolinux-release",
1205 "/etc/ultrapenguin-release", "/etc/UnitedLinux-release",
1206 "/etc/va-release", "/etc/yellowdog-release"
1207 };
1208
1209 const char description[] = "DISTRIB_DESCRIPTION=\"";
1210
1211 for (i = 0; i < countof(releases); i++)
1212 {
1213 file = fopen(releases[i], "r");
1214 if (!file)
1215 {
1216 continue;
1217 }
1218 fseek(file, 0, SEEK_END);
1219 len = min(ftell(file), sizeof(buf)-1);
1220 rewind(file);
1221 buf[len] = '\0';
1222 if (fread(buf, 1, len, file) != len)
1223 {
1224 DBG1(DBG_PTS, "failed to read file '%s'", releases[i]);
1225 fclose(file);
1226 return NULL;
1227 }
1228 fclose(file);
1229
1230 if (i == 0) /* LSB release */
1231 {
1232 pos = strstr(buf, description);
1233 if (!pos)
1234 {
1235 DBG1(DBG_PTS, "failed to find begin of lsb-release "
1236 "DESCRIPTION field");
1237 return NULL;
1238 }
1239 value = pos + strlen(description);
1240 pos = strchr(value, '"');
1241 if (!pos)
1242 {
1243 DBG1(DBG_PTS, "failed to find end of lsb-release "
1244 "DESCRIPTION field");
1245 return NULL;
1246 }
1247 }
1248 else
1249 {
1250 value = buf;
1251 pos = strchr(value, '\n');
1252 if (!pos)
1253 {
1254 DBG1(DBG_PTS, "failed to find end of release string");
1255 return NULL;
1256 }
1257 }
1258 break;
1259 }
1260
1261 if (!value)
1262 {
1263 DBG1(DBG_PTS, "no distribution release file found");
1264 return NULL;
1265 }
1266
1267 if (uname(&uninfo) < 0)
1268 {
1269 DBG1(DBG_PTS, "could not retrieve machine architecture");
1270 return NULL;
1271 }
1272
1273 *pos++ = ' ';
1274 len = sizeof(buf)-1 + (pos - buf);
1275 strncpy(pos, uninfo.machine, len);
1276
1277 DBG1(DBG_PTS, "platform is '%s'", value);
1278 return strdup(value);
1279 }
1280
1281 /**
1282 * Check for a TPM by querying for TPM Version Info
1283 */
1284 static bool has_tpm(private_pts_t *this)
1285 {
1286 TSS_HCONTEXT hContext;
1287 TSS_HTPM hTPM;
1288 TSS_RESULT result;
1289 u_int32_t version_info_len;
1290
1291 result = Tspi_Context_Create(&hContext);
1292 if (result != TSS_SUCCESS)
1293 {
1294 DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x", result);
1295 return FALSE;
1296 }
1297 result = Tspi_Context_Connect(hContext, NULL);
1298 if (result != TSS_SUCCESS)
1299 {
1300 goto err;
1301 }
1302 result = Tspi_Context_GetTpmObject (hContext, &hTPM);
1303 if (result != TSS_SUCCESS)
1304 {
1305 goto err;
1306 }
1307 result = Tspi_TPM_GetCapability(hTPM, TSS_TPMCAP_VERSION_VAL, 0, NULL,
1308 &version_info_len,
1309 &this->tpm_version_info.ptr);
1310 this->tpm_version_info.len = version_info_len;
1311 if (result != TSS_SUCCESS)
1312 {
1313 goto err;
1314 }
1315 this->tpm_version_info = chunk_clone(this->tpm_version_info);
1316 Tspi_Context_Close(hContext);
1317 return TRUE;
1318
1319 err:
1320 DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
1321 Tspi_Context_Close(hContext);
1322 return FALSE;
1323 }
1324
1325 /**
1326 * See header
1327 */
1328 pts_t *pts_create(bool is_imc)
1329 {
1330 private_pts_t *this;
1331
1332 INIT(this,
1333 .public = {
1334 .get_proto_caps = _get_proto_caps,
1335 .set_proto_caps = _set_proto_caps,
1336 .get_meas_algorithm = _get_meas_algorithm,
1337 .set_meas_algorithm = _set_meas_algorithm,
1338 .get_dh_hash_algorithm = _get_dh_hash_algorithm,
1339 .set_dh_hash_algorithm = _set_dh_hash_algorithm,
1340 .create_dh_nonce = _create_dh_nonce,
1341 .get_my_public_value = _get_my_public_value,
1342 .set_peer_public_value = _set_peer_public_value,
1343 .calculate_secret = _calculate_secret,
1344 .get_platform_info = _get_platform_info,
1345 .set_platform_info = _set_platform_info,
1346 .get_tpm_version_info = _get_tpm_version_info,
1347 .set_tpm_version_info = _set_tpm_version_info,
1348 .get_aik = _get_aik,
1349 .set_aik = _set_aik,
1350 .is_path_valid = _is_path_valid,
1351 .hash_file = _hash_file,
1352 .do_measurements = _do_measurements,
1353 .get_metadata = _get_metadata,
1354 .read_pcr = _read_pcr,
1355 .extend_pcr = _extend_pcr,
1356 .quote_tpm = _quote_tpm,
1357 .add_pcr_entry = _add_pcr_entry,
1358 .get_quote_info = _get_quote_info,
1359 .verify_quote_signature = _verify_quote_signature,
1360 .destroy = _destroy,
1361 },
1362 .is_imc = is_imc,
1363 .proto_caps = PTS_PROTO_CAPS_V,
1364 .algorithm = PTS_MEAS_ALGO_SHA256,
1365 .dh_hash_algorithm = PTS_MEAS_ALGO_SHA256,
1366 );
1367
1368 if (is_imc)
1369 {
1370 this->platform_info = extract_platform_info();
1371
1372 if (has_tpm(this))
1373 {
1374 this->has_tpm = TRUE;
1375 this->proto_caps |= PTS_PROTO_CAPS_T;
1376 load_aik(this);
1377 load_aik_blob(this);
1378 }
1379 }
1380 else
1381 {
1382 this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_C;
1383 }
1384
1385 return &this->public;
1386 }