Sort the pcr entries list everytime new entry is added
[strongswan.git] / src / libpts / pts / pts.c
1 /*
2 * Copyright (C) 2011 Sansar Choinyambuu
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "pts.h"
17
18 #include <debug.h>
19 #include <crypto/hashers/hasher.h>
20 #include <bio/bio_writer.h>
21 #include <bio/bio_reader.h>
22 /* for isdigit()*/
23 #include <ctype.h>
24
25 #include <trousers/tss.h>
26 #include <trousers/trousers.h>
27
28 #include <sys/stat.h>
29 #include <sys/utsname.h>
30 #include <errno.h>
31
32 #include <openssl/rsa.h>
33 #include <openssl/evp.h>
34 #include <openssl/x509.h>
35
36 #define PTS_BUF_SIZE 4096
37
38 typedef struct private_pts_t private_pts_t;
39
40 /**
41 * Private data of a pts_t object.
42 *
43 */
44 struct private_pts_t {
45
46 /**
47 * Public pts_t interface.
48 */
49 pts_t public;
50
51 /**
52 * PTS Protocol Capabilities
53 */
54 pts_proto_caps_flag_t proto_caps;
55
56 /**
57 * PTS Measurement Algorithm
58 */
59 pts_meas_algorithms_t algorithm;
60
61 /**
62 * DH Hash Algorithm
63 */
64 pts_meas_algorithms_t dh_hash_algorithm;
65
66 /**
67 * PTS Diffie-Hellman Secret
68 */
69 diffie_hellman_t *dh;
70
71 /**
72 * PTS Diffie-Hellman Initiator Nonce
73 */
74 chunk_t initiator_nonce;
75
76 /**
77 * PTS Diffie-Hellman Responder Nonce
78 */
79 chunk_t responder_nonce;
80
81 /**
82 * Secret assessment value to be used for TPM Quote as an external data
83 */
84 chunk_t secret;
85
86 /**
87 * Platform and OS Info
88 */
89 char *platform_info;
90
91 /**
92 * TRUE if IMC-PTS, FALSE if IMV-PTS
93 */
94 bool is_imc;
95
96 /**
97 * Do we have an activated TPM
98 */
99 bool has_tpm;
100
101 /**
102 * Contains a TPM_CAP_VERSION_INFO struct
103 */
104 chunk_t tpm_version_info;
105
106 /**
107 * Contains TSS Blob structure for AIK
108 */
109 chunk_t aik_blob;
110
111 /**
112 * Contains a Attestation Identity Key or Certificate
113 */
114 certificate_t *aik;
115
116 /**
117 * List of extended PCR's with corresponding values
118 */
119 linked_list_t *pcrs;
120 };
121
122 METHOD(pts_t, get_proto_caps, pts_proto_caps_flag_t,
123 private_pts_t *this)
124 {
125 return this->proto_caps;
126 }
127
128 METHOD(pts_t, set_proto_caps, void,
129 private_pts_t *this, pts_proto_caps_flag_t flags)
130 {
131 this->proto_caps = flags;
132 DBG2(DBG_PTS, "supported PTS protocol capabilities: %s%s%s%s%s",
133 flags & PTS_PROTO_CAPS_C ? "C" : ".",
134 flags & PTS_PROTO_CAPS_V ? "V" : ".",
135 flags & PTS_PROTO_CAPS_D ? "D" : ".",
136 flags & PTS_PROTO_CAPS_T ? "T" : ".",
137 flags & PTS_PROTO_CAPS_X ? "X" : ".");
138 }
139
140 METHOD(pts_t, get_meas_algorithm, pts_meas_algorithms_t,
141 private_pts_t *this)
142 {
143 return this->algorithm;
144 }
145
146 METHOD(pts_t, set_meas_algorithm, void,
147 private_pts_t *this, pts_meas_algorithms_t algorithm)
148 {
149 hash_algorithm_t hash_alg;
150
151 hash_alg = pts_meas_algo_to_hash(algorithm);
152 DBG2(DBG_PTS, "selected PTS measurement algorithm is %N",
153 hash_algorithm_names, hash_alg);
154 if (hash_alg != HASH_UNKNOWN)
155 {
156 this->algorithm = algorithm;
157 }
158 }
159
160 METHOD(pts_t, get_dh_hash_algorithm, pts_meas_algorithms_t,
161 private_pts_t *this)
162 {
163 return this->dh_hash_algorithm;
164 }
165
166 METHOD(pts_t, set_dh_hash_algorithm, void,
167 private_pts_t *this, pts_meas_algorithms_t algorithm)
168 {
169 hash_algorithm_t hash_alg;
170
171 hash_alg = pts_meas_algo_to_hash(algorithm);
172 DBG2(DBG_PTS, "selected DH hash algorithm is %N",
173 hash_algorithm_names, hash_alg);
174 if (hash_alg != HASH_UNKNOWN)
175 {
176 this->dh_hash_algorithm = algorithm;
177 }
178 }
179
180
181 METHOD(pts_t, create_dh_nonce, bool,
182 private_pts_t *this, pts_dh_group_t group, int nonce_len)
183 {
184 diffie_hellman_group_t dh_group;
185 chunk_t *nonce;
186 rng_t *rng;
187
188 dh_group = pts_dh_group_to_ike(group);
189 DBG2(DBG_PTS, "selected PTS DH group is %N",
190 diffie_hellman_group_names, dh_group);
191 DESTROY_IF(this->dh);
192 this->dh = lib->crypto->create_dh(lib->crypto, dh_group);
193
194 rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
195 if (!rng)
196 {
197 DBG1(DBG_PTS, "no rng available");
198 return FALSE;
199 }
200 DBG2(DBG_PTS, "nonce length is %d", nonce_len);
201 nonce = this->is_imc ? &this->responder_nonce : &this->initiator_nonce;
202 chunk_free(nonce);
203 rng->allocate_bytes(rng, nonce_len, nonce);
204 rng->destroy(rng);
205
206 return TRUE;
207 }
208
209 METHOD(pts_t, get_my_public_value, void,
210 private_pts_t *this, chunk_t *value, chunk_t *nonce)
211 {
212 this->dh->get_my_public_value(this->dh, value);
213 *nonce = this->is_imc ? this->responder_nonce : this->initiator_nonce;
214 }
215
216 METHOD(pts_t, set_peer_public_value, void,
217 private_pts_t *this, chunk_t value, chunk_t nonce)
218 {
219 this->dh->set_other_public_value(this->dh, value);
220
221 nonce = chunk_clone(nonce);
222 if (this->is_imc)
223 {
224 this->initiator_nonce = nonce;
225 }
226 else
227 {
228 this->responder_nonce = nonce;
229 }
230 }
231
232 METHOD(pts_t, calculate_secret, bool,
233 private_pts_t *this)
234 {
235 hasher_t *hasher;
236 hash_algorithm_t hash_alg;
237 chunk_t shared_secret;
238
239 /* Check presence of nonces */
240 if (!this->initiator_nonce.len || !this->responder_nonce.len)
241 {
242 DBG1(DBG_PTS, "initiator and/or responder nonce is not available");
243 return FALSE;
244 }
245 DBG3(DBG_PTS, "initiator nonce: %B", &this->initiator_nonce);
246 DBG3(DBG_PTS, "responder nonce: %B", &this->responder_nonce);
247
248 /* Calculate the DH secret */
249 if (this->dh->get_shared_secret(this->dh, &shared_secret) != SUCCESS)
250 {
251 DBG1(DBG_PTS, "shared DH secret computation failed");
252 return FALSE;
253 }
254 DBG4(DBG_PTS, "shared DH secret: %B", &shared_secret);
255
256 /* Calculate the secret assessment value */
257 hash_alg = pts_meas_algo_to_hash(this->dh_hash_algorithm);
258 hasher = lib->crypto->create_hasher(lib->crypto, hash_alg);
259
260 hasher->allocate_hash(hasher, chunk_from_chars('1'), NULL);
261 hasher->allocate_hash(hasher, this->initiator_nonce, NULL);
262 hasher->allocate_hash(hasher, this->responder_nonce, NULL);
263 hasher->allocate_hash(hasher, shared_secret, &this->secret);
264 hasher->destroy(hasher);
265
266 /* The DH secret must be destroyed */
267 chunk_clear(&shared_secret);
268
269 /*
270 * Truncate the hash to 20 bytes to fit the ExternalData
271 * argument of the TPM Quote command
272 */
273 this->secret.len = min(this->secret.len, 20);
274 DBG4(DBG_PTS, "secret assessment value: %B", &this->secret);
275 return TRUE;
276 }
277
278 /**
279 * Print TPM 1.2 Version Info
280 */
281 static void print_tpm_version_info(private_pts_t *this)
282 {
283 TPM_CAP_VERSION_INFO versionInfo;
284 UINT64 offset = 0;
285 TSS_RESULT result;
286
287 result = Trspi_UnloadBlob_CAP_VERSION_INFO(&offset,
288 this->tpm_version_info.ptr, &versionInfo);
289 if (result != TSS_SUCCESS)
290 {
291 DBG1(DBG_PTS, "could not parse tpm version info: tss error 0x%x",
292 result);
293 }
294 else
295 {
296 DBG2(DBG_PTS, "TPM 1.2 Version Info: Chip Version: %hhu.%hhu.%hhu.%hhu,"
297 " Spec Level: %hu, Errata Rev: %hhu, Vendor ID: %.4s",
298 versionInfo.version.major, versionInfo.version.minor,
299 versionInfo.version.revMajor, versionInfo.version.revMinor,
300 versionInfo.specLevel, versionInfo.errataRev,
301 versionInfo.tpmVendorID);
302 }
303 }
304
305 METHOD(pts_t, get_platform_info, char*,
306 private_pts_t *this)
307 {
308 return this->platform_info;
309 }
310
311 METHOD(pts_t, set_platform_info, void,
312 private_pts_t *this, char *info)
313 {
314 free(this->platform_info);
315 this->platform_info = strdup(info);
316 }
317
318 METHOD(pts_t, get_tpm_version_info, bool,
319 private_pts_t *this, chunk_t *info)
320 {
321 if (!this->has_tpm)
322 {
323 return FALSE;
324 }
325 *info = this->tpm_version_info;
326 print_tpm_version_info(this);
327 return TRUE;
328 }
329
330 METHOD(pts_t, set_tpm_version_info, void,
331 private_pts_t *this, chunk_t info)
332 {
333 this->tpm_version_info = chunk_clone(info);
334 print_tpm_version_info(this);
335 }
336
337 /**
338 * Load an AIK Blob (TSS_TSPATTRIB_KEYBLOB_BLOB attribute)
339 */
340 static void load_aik_blob(private_pts_t *this)
341 {
342 char *blob_path;
343 FILE *fp;
344 u_int32_t aikBlobLen;
345
346 blob_path = lib->settings->get_str(lib->settings,
347 "libimcv.plugins.imc-attestation.aik_blob", NULL);
348
349 if (blob_path)
350 {
351 /* Read aik key blob from a file */
352 if ((fp = fopen(blob_path, "r")) == NULL)
353 {
354 DBG1(DBG_PTS, "unable to open AIK Blob file: %s", blob_path);
355 return;
356 }
357
358 fseek(fp, 0, SEEK_END);
359 aikBlobLen = ftell(fp);
360 fseek(fp, 0L, SEEK_SET);
361
362 this->aik_blob = chunk_alloc(aikBlobLen);
363 if (fread(this->aik_blob.ptr, 1, aikBlobLen, fp))
364 {
365 DBG2(DBG_PTS, "loaded AIK Blob from '%s'", blob_path);
366 DBG3(DBG_PTS, "AIK Blob: %B", &this->aik_blob);
367 }
368 else
369 {
370 DBG1(DBG_PTS, "unable to read AIK Blob file '%s'", blob_path);
371 }
372 fclose(fp);
373 return;
374 }
375
376 DBG1(DBG_PTS, "AIK Blob is not available");
377 }
378
379 /**
380 * Load an AIK certificate or public key
381 * the certificate having precedence over the public key if both are present
382 */
383 static void load_aik(private_pts_t *this)
384 {
385 char *cert_path, *key_path;
386
387 cert_path = lib->settings->get_str(lib->settings,
388 "libimcv.plugins.imc-attestation.aik_cert", NULL);
389 key_path = lib->settings->get_str(lib->settings,
390 "libimcv.plugins.imc-attestation.aik_key", NULL);
391
392 if (cert_path)
393 {
394 this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
395 CERT_X509, BUILD_FROM_FILE,
396 cert_path, BUILD_END);
397 if (this->aik)
398 {
399 DBG2(DBG_PTS, "loaded AIK certificate from '%s'", cert_path);
400 return;
401 }
402 }
403 if (key_path)
404 {
405 this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
406 CERT_TRUSTED_PUBKEY, BUILD_FROM_FILE,
407 key_path, BUILD_END);
408 if (this->aik)
409 {
410 DBG2(DBG_PTS, "loaded AIK public key from '%s'", key_path);
411 return;
412 }
413 }
414
415 DBG1(DBG_PTS, "neither AIK certificate nor public key is available");
416 }
417
418 METHOD(pts_t, get_aik, certificate_t*,
419 private_pts_t *this)
420 {
421 return this->aik;
422 }
423
424 METHOD(pts_t, set_aik, void,
425 private_pts_t *this, certificate_t *aik)
426 {
427 DESTROY_IF(this->aik);
428 this->aik = aik->get_ref(aik);
429 }
430
431 METHOD(pts_t, hash_file, bool,
432 private_pts_t *this, hasher_t *hasher, char *pathname, u_char *hash)
433 {
434 u_char buffer[PTS_BUF_SIZE];
435 FILE *file;
436 int bytes_read;
437
438 file = fopen(pathname, "rb");
439 if (!file)
440 {
441 DBG1(DBG_PTS," file '%s' can not be opened, %s", pathname,
442 strerror(errno));
443 return FALSE;
444 }
445 while (TRUE)
446 {
447 bytes_read = fread(buffer, 1, sizeof(buffer), file);
448 if (bytes_read > 0)
449 {
450 hasher->get_hash(hasher, chunk_create(buffer, bytes_read), NULL);
451 }
452 else
453 {
454 hasher->get_hash(hasher, chunk_empty, hash);
455 break;
456 }
457 }
458 fclose(file);
459
460 return TRUE;
461 }
462
463 /**
464 * Get the relative filename of a fully qualified file pathname
465 */
466 static char* get_filename(char *pathname)
467 {
468 char *pos, *filename;
469
470 pos = filename = pathname;
471 while (pos && *(++pos) != '\0')
472 {
473 filename = pos;
474 pos = strchr(filename, '/');
475 }
476 return filename;
477 }
478
479 METHOD(pts_t, is_path_valid, bool,
480 private_pts_t *this, char *path, pts_error_code_t *error_code)
481 {
482 struct stat st;
483
484 *error_code = 0;
485
486 if (!stat(path, &st))
487 {
488 return TRUE;
489 }
490 else if (errno == ENOENT || errno == ENOTDIR)
491 {
492 DBG1(DBG_PTS, "file/directory does not exist %s", path);
493 *error_code = TCG_PTS_FILE_NOT_FOUND;
494 }
495 else if (errno == EFAULT)
496 {
497 DBG1(DBG_PTS, "bad address %s", path);
498 *error_code = TCG_PTS_INVALID_PATH;
499 }
500 else
501 {
502 DBG1(DBG_PTS, "error: %s occured while validating path: %s",
503 strerror(errno), path);
504 return FALSE;
505 }
506
507 return TRUE;
508 }
509
510 METHOD(pts_t, do_measurements, pts_file_meas_t*,
511 private_pts_t *this, u_int16_t request_id, char *pathname, bool is_directory)
512 {
513 hasher_t *hasher;
514 hash_algorithm_t hash_alg;
515 u_char hash[HASH_SIZE_SHA384];
516 chunk_t measurement;
517 pts_file_meas_t *measurements;
518
519 /* Create a hasher */
520 hash_alg = pts_meas_algo_to_hash(this->algorithm);
521 hasher = lib->crypto->create_hasher(lib->crypto, hash_alg);
522 if (!hasher)
523 {
524 DBG1(DBG_PTS, " hasher %N not available", hash_algorithm_names, hash_alg);
525 return NULL;
526 }
527
528 /* Create a measurement object */
529 measurements = pts_file_meas_create(request_id);
530
531 /* Link the hash to the measurement and set the measurement length */
532 measurement = chunk_create(hash, hasher->get_hash_size(hasher));
533
534 if (is_directory)
535 {
536 enumerator_t *enumerator;
537 char *rel_name, *abs_name;
538 struct stat st;
539
540 enumerator = enumerator_create_directory(pathname);
541 if (!enumerator)
542 {
543 DBG1(DBG_PTS," directory '%s' can not be opened, %s", pathname,
544 strerror(errno));
545 hasher->destroy(hasher);
546 measurements->destroy(measurements);
547 return NULL;
548 }
549 while (enumerator->enumerate(enumerator, &rel_name, &abs_name, &st))
550 {
551 /* measure regular files only */
552 if (S_ISREG(st.st_mode) && *rel_name != '.')
553 {
554 if (!hash_file(this, hasher, abs_name, hash))
555 {
556 enumerator->destroy(enumerator);
557 hasher->destroy(hasher);
558 measurements->destroy(measurements);
559 return NULL;
560 }
561 DBG2(DBG_PTS, " %#B for '%s'", &measurement, rel_name);
562 measurements->add(measurements, rel_name, measurement);
563 }
564 }
565 enumerator->destroy(enumerator);
566 }
567 else
568 {
569 char *filename;
570
571 if (!hash_file(this, hasher, pathname, hash))
572 {
573 hasher->destroy(hasher);
574 measurements->destroy(measurements);
575 return NULL;
576 }
577 filename = get_filename(pathname);
578 DBG2(DBG_PTS, " %#B for '%s'", &measurement, filename);
579 measurements->add(measurements, filename, measurement);
580 }
581 hasher->destroy(hasher);
582
583 return measurements;
584 }
585
586 /**
587 * Obtain statistical information describing a file
588 */
589 static bool file_metadata(char *pathname, pts_file_metadata_t **entry)
590 {
591 struct stat st;
592 pts_file_metadata_t *tmp;
593
594 tmp = malloc_thing(pts_file_metadata_t);
595
596 if (stat(pathname, &st))
597 {
598 DBG1(DBG_PTS, "Unable to obtain statistical information about %s", pathname);
599 return FALSE;
600 }
601
602 tmp->filename = strdup(pathname);
603 tmp->meta_length = PTS_FILE_METADATA_SIZE + strlen(tmp->filename);
604
605 if (S_ISREG(st.st_mode))
606 {
607 tmp->type = PTS_FILE_REGULAR;
608 }
609 else if (S_ISDIR(st.st_mode))
610 {
611 tmp->type = PTS_FILE_DIRECTORY;
612 }
613 else if (S_ISCHR(st.st_mode))
614 {
615 tmp->type = PTS_FILE_CHAR_SPEC;
616 }
617 else if (S_ISBLK(st.st_mode))
618 {
619 tmp->type = PTS_FILE_BLOCK_SPEC;
620 }
621 else if (S_ISFIFO(st.st_mode))
622 {
623 tmp->type = PTS_FILE_FIFO;
624 }
625 else if (S_ISLNK(st.st_mode))
626 {
627 tmp->type = PTS_FILE_SYM_LINK;
628 }
629 else if (S_ISSOCK(st.st_mode))
630 {
631 tmp->type = PTS_FILE_SOCKET;
632 }
633 else
634 {
635 tmp->type = PTS_FILE_OTHER;
636 }
637
638 tmp->filesize = (u_int64_t)st.st_size;
639 tmp->create_time = st.st_ctime;
640 tmp->last_modify_time = st.st_mtime;
641 tmp->last_access_time = st.st_atime;
642 tmp->owner_id = (u_int64_t)st.st_uid;
643 tmp->group_id = (u_int64_t)st.st_gid;
644
645 *entry = tmp;
646
647 return TRUE;
648 }
649
650 METHOD(pts_t, get_metadata, pts_file_meta_t*,
651 private_pts_t *this, char *pathname, bool is_directory)
652 {
653 pts_file_meta_t *metadata;
654 pts_file_metadata_t *entry;
655
656 /* Create a metadata object */
657 metadata = pts_file_meta_create();
658
659 if (is_directory)
660 {
661 enumerator_t *enumerator;
662 char *rel_name, *abs_name;
663 struct stat st;
664
665 enumerator = enumerator_create_directory(pathname);
666 if (!enumerator)
667 {
668 DBG1(DBG_PTS," directory '%s' can not be opened, %s", pathname,
669 strerror(errno));
670 metadata->destroy(metadata);
671 return NULL;
672 }
673 while (enumerator->enumerate(enumerator, &rel_name, &abs_name, &st))
674 {
675 /* measure regular files only */
676 if (S_ISREG(st.st_mode) && *rel_name != '.')
677 {
678 if (!file_metadata(abs_name, &entry))
679 {
680 enumerator->destroy(enumerator);
681 metadata->destroy(metadata);
682 return NULL;
683 }
684 metadata->add(metadata, entry);
685 }
686 }
687 enumerator->destroy(enumerator);
688 }
689 else
690 {
691 char *filename;
692
693 if (!file_metadata(pathname, &entry))
694 {
695 metadata->destroy(metadata);
696 return NULL;
697 }
698 filename = get_filename(pathname);
699 metadata->add(metadata, entry);
700 }
701
702 return metadata;
703 }
704
705 METHOD(pts_t, read_pcr, bool,
706 private_pts_t *this, u_int32_t pcr_num, chunk_t *output)
707 {
708 TSS_HCONTEXT hContext;
709 TSS_HTPM hTPM;
710 TSS_RESULT result;
711 u_int32_t pcr_length;
712 chunk_t pcr_value;
713
714 result = Tspi_Context_Create(&hContext);
715 if (result != TSS_SUCCESS)
716 {
717 DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x", result);
718 return FALSE;
719 }
720
721 result = Tspi_Context_Connect(hContext, NULL);
722 if (result != TSS_SUCCESS)
723 {
724 goto err;
725 }
726 result = Tspi_Context_GetTpmObject (hContext, &hTPM);
727 if (result != TSS_SUCCESS)
728 {
729 goto err;
730 }
731 pcr_value = chunk_alloc(PCR_LEN);
732 result = Tspi_TPM_PcrRead(hTPM, pcr_num, &pcr_length, &pcr_value.ptr);
733 if (result != TSS_SUCCESS)
734 {
735 goto err;
736 }
737
738 *output = pcr_value;
739 *output = chunk_clone(*output);
740
741 chunk_clear(&pcr_value);
742 Tspi_Context_Close(hContext);
743 DBG3(DBG_PTS, "PCR %d value:%B", pcr_num, output);
744 return TRUE;
745
746 err:
747 chunk_clear(&pcr_value);
748 DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
749 Tspi_Context_Close(hContext);
750 return FALSE;
751 }
752
753 METHOD(pts_t, extend_pcr, bool,
754 private_pts_t *this, u_int32_t pcr_num, chunk_t input, chunk_t *output)
755 {
756 TSS_HCONTEXT hContext;
757 TSS_HTPM hTPM;
758 TSS_RESULT result;
759 u_int32_t pcr_length;
760 chunk_t pcr_value;
761
762 result = Tspi_Context_Create(&hContext);
763 if (result != TSS_SUCCESS)
764 {
765 DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x", result);
766 return FALSE;
767 }
768 result = Tspi_Context_Connect(hContext, NULL);
769 if (result != TSS_SUCCESS)
770 {
771 goto err;
772 }
773 result = Tspi_Context_GetTpmObject (hContext, &hTPM);
774 if (result != TSS_SUCCESS)
775 {
776 goto err;
777 }
778
779 pcr_value = chunk_alloc(PCR_LEN);
780 result = Tspi_TPM_PcrExtend(hTPM, pcr_num, PCR_LEN, input.ptr,
781 NULL, &pcr_length, &pcr_value.ptr);
782 if (result != TSS_SUCCESS)
783 {
784 goto err;
785 }
786
787 *output = pcr_value;
788 *output = chunk_clone(*output);
789
790 chunk_clear(&pcr_value);
791 Tspi_Context_Close(hContext);
792 DBG3(DBG_PTS, "PCR %d extended with: %B", pcr_num, &input);
793 DBG3(DBG_PTS, "PCR %d value after extend: %B", pcr_num, output);
794 return TRUE;
795
796 err:
797 chunk_clear(&pcr_value);
798 DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
799 Tspi_Context_Close(hContext);
800 return FALSE;
801 }
802
803 METHOD(pts_t, quote_tpm, bool,
804 private_pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
805 chunk_t *pcr_composite, chunk_t *quote_signature)
806 {
807 TSS_HCONTEXT hContext;
808 TSS_HTPM hTPM;
809 TSS_HKEY hAIK;
810 TSS_HKEY hSRK;
811 TSS_HPOLICY srkUsagePolicy;
812 TSS_UUID SRK_UUID = TSS_UUID_SRK;
813 BYTE secret[] = TSS_WELL_KNOWN_SECRET;
814 TSS_HPCRS hPcrComposite;
815 TSS_VALIDATION valData;
816 u_int32_t i;
817 TSS_RESULT result;
818 chunk_t pcr_comp, quote_sign;
819
820 result = Tspi_Context_Create(&hContext);
821 if (result != TSS_SUCCESS)
822 {
823 DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x", result);
824 return FALSE;
825 }
826 result = Tspi_Context_Connect(hContext, NULL);
827 if (result != TSS_SUCCESS)
828 {
829 goto err1;
830 }
831 result = Tspi_Context_GetTpmObject (hContext, &hTPM);
832 if (result != TSS_SUCCESS)
833 {
834 goto err1;
835 }
836
837 /* Retrieve SRK from TPM and set the authentication data as well known secret*/
838 result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
839 SRK_UUID, &hSRK);
840 if (result != TSS_SUCCESS)
841 {
842 goto err1;
843 }
844
845 result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
846 if (result != TSS_SUCCESS)
847 {
848 goto err1;
849 }
850 result = Tspi_Policy_SetSecret(srkUsagePolicy, TSS_SECRET_MODE_SHA1,
851 20, secret);
852 if (result != TSS_SUCCESS)
853 {
854 goto err1;
855 }
856
857 result = Tspi_Context_LoadKeyByBlob (hContext, hSRK, this->aik_blob.len,
858 this->aik_blob.ptr, &hAIK);
859 if (result != TSS_SUCCESS)
860 {
861 goto err1;
862 }
863
864 /* Create PCR composite object */
865 result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0, &hPcrComposite);
866 if (result != TSS_SUCCESS)
867 {
868 goto err2;
869 }
870
871 /* Select PCR's */
872 for (i = 0; i < num_of_pcrs ; i++)
873 {
874 if (pcrs[i] < 0 || pcrs[i] >= MAX_NUM_PCR )
875 {
876 DBG1(DBG_PTS, "Invalid PCR number: %d", pcrs[i]);
877 goto err3;
878 }
879 result = Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, pcrs[i]);
880 if (result != TSS_SUCCESS)
881 {
882 goto err3;
883 }
884 }
885
886 /* Set the Validation Data */
887 valData.ulExternalDataLength = this->secret.len;
888 valData.rgbExternalData = (BYTE *)this->secret.ptr;
889
890
891 /* TPM Quote */
892 result = Tspi_TPM_Quote(hTPM, hAIK, hPcrComposite, &valData);
893 if (result != TSS_SUCCESS)
894 {
895 goto err4;
896 }
897
898 /* Set output chunks */
899 pcr_comp = chunk_alloc(HASH_SIZE_SHA1);
900 memcpy(pcr_comp.ptr, valData.rgbData + 8, HASH_SIZE_SHA1);
901 *pcr_composite = pcr_comp;
902 *pcr_composite = chunk_clone(*pcr_composite);
903 DBG3(DBG_PTS, "Hash of PCR Composite: %B",pcr_composite);
904
905 quote_sign = chunk_alloc(valData.ulValidationDataLength);
906 memcpy(quote_sign.ptr, valData.rgbValidationData,
907 valData.ulValidationDataLength);
908 *quote_signature = quote_sign;
909 *quote_signature = chunk_clone(*quote_signature);
910 DBG3(DBG_PTS, "TOM Quote Signature: %B",quote_signature);
911
912 chunk_clear(&quote_sign);
913 Tspi_Context_FreeMemory(hContext, NULL);
914 Tspi_Context_CloseObject(hContext, hPcrComposite);
915 Tspi_Context_CloseObject(hContext, hAIK);
916 Tspi_Context_Close(hContext);
917 free(pcrs);
918 return TRUE;
919
920 /* Cleanup */
921 err4:
922 Tspi_Context_FreeMemory(hContext, NULL);
923
924 err3:
925 Tspi_Context_CloseObject(hContext, hPcrComposite);
926
927 err2:
928 Tspi_Context_CloseObject(hContext, hAIK);
929
930 err1:
931 Tspi_Context_Close(hContext);
932 free(pcrs);
933 DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
934 return FALSE;
935 }
936
937 /**
938 * Comparison function for pcr_entry_t struct
939 */
940 static int pcr_entry_compare(const pcr_entry_t *a, const pcr_entry_t *b)
941 {
942 return (a->pcr_number - b->pcr_number);
943 }
944
945 static int pcr_entry_compare_qsort(const void *a, const void *b)
946 {
947 return pcr_entry_compare(*(const pcr_entry_t *const *)a
948 , *(const pcr_entry_t *const *)b);
949 }
950
951 METHOD(pts_t, add_pcr_entry, void,
952 private_pts_t *this, pcr_entry_t *new)
953 {
954 enumerator_t *e;
955 pcr_entry_t *entry;
956
957 if (!this->pcrs)
958 {
959 this->pcrs = linked_list_create();
960 }
961
962 e = this->pcrs->create_enumerator(this->pcrs);
963 while (e->enumerate(e, &entry))
964 {
965 if (entry->pcr_number == new->pcr_number)
966 {
967 DBG4(DBG_PTS, "updating already added PCR%d value",
968 entry->pcr_number);
969 this->pcrs->remove_at(this->pcrs, e);
970 free(entry);
971 break;
972 }
973 }
974 DESTROY_IF(e);
975
976 this->pcrs->insert_last(this->pcrs, new);
977
978 qsort(this->pcrs, this->pcrs->get_count(this->pcrs),
979 sizeof(pcr_entry_t *), pcr_entry_compare_qsort);
980 }
981
982 /**
983 * 1. build a TCPA_PCR_COMPOSITE structure which contains (pcrCompositeBuf)
984 * TCPA_PCR_SELECTION structure (bitmask length network order + length bytes bitmask)
985 * UINT32 (network order) gives the number of bytes following (pcr entries * 20)
986 * TCPA_PCRVALUE[] with the pcr values
987 *
988 * The first two bytes of the message represent the length
989 * of the bitmask that follows. The bitmask represents the
990 * requested PCRs to be quoted.
991 *
992 * TPM Main-Part 2 TPM Structures_v1.2 8.1
993 * The bitmask is in big endian order"
994 *
995 * BYTE 1 BYTE 2 ...
996 * Bit: 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0 0 ...
997 * Pcr: 7 6 5 4 3 2 1 0 15 14 13 12 11 10 9 8 ...
998 *
999 * 2. SHA1(pcrCompositeBuf)
1000 *
1001 * 3. build a TCPA_QUOTE_INFO structure which contains
1002 * 4 bytes of version
1003 * 4 bytes 'Q' 'U' 'O' 'T'
1004 * 20 byte SHA1 of TCPA_PCR_COMPOSITE
1005 * 20 byte nonce
1006 */
1007
1008 METHOD(pts_t, get_quote_info, bool,
1009 private_pts_t *this, chunk_t *out_pcr_composite, chunk_t *out_quote_info)
1010 {
1011 enumerator_t *e;
1012 pcr_entry_t *pcr_entry;
1013 chunk_t pcr_composite;
1014 u_int32_t pcr_composite_len;
1015 bio_writer_t *writer;
1016 u_int8_t mask_bytes[PCR_MASK_LEN] = {0,0,0}, i;
1017 hasher_t *hasher;
1018
1019 if (this->pcrs->get_count(this->pcrs) == 0)
1020 {
1021 DBG1(DBG_PTS, "PCR entries unavailable, unable to construct TPM Quote Info");
1022 return FALSE;
1023 }
1024
1025 pcr_composite_len = 2 + PCR_MASK_LEN + 4 +
1026 this->pcrs->get_count(this->pcrs) * PCR_LEN;
1027
1028 writer = bio_writer_create(pcr_composite_len);
1029 /* Lenght of the bist mask field */
1030 writer->write_uint16(writer, PCR_MASK_LEN);
1031 /* Bit mask indicating selected PCRs */
1032 e = this->pcrs->create_enumerator(this->pcrs);
1033 while (e->enumerate(e, &pcr_entry))
1034 {
1035 u_int32_t index = pcr_entry->pcr_number;
1036 mask_bytes[index / 8] |= (1 << (index % 8));
1037 }
1038 e->destroy(e);
1039
1040 for (i = 0; i< PCR_MASK_LEN ; i++)
1041 {
1042 writer->write_uint8(writer, mask_bytes[i]);
1043 }
1044
1045 /* Lenght of the pcr entries */
1046 writer->write_uint32(writer, this->pcrs->get_count(this->pcrs) * PCR_LEN);
1047 /* Actual PCR values */
1048 e = this->pcrs->create_enumerator(this->pcrs);
1049 while (e->enumerate(e, &pcr_entry))
1050 {
1051 writer->write_data(writer, chunk_create(pcr_entry->pcr_value, PCR_LEN));
1052 }
1053 free(pcr_entry);
1054 e->destroy(e);
1055
1056 /* PCR Composite structure */
1057 pcr_composite = chunk_clone(writer->get_buf(writer));
1058 writer->destroy(writer);
1059
1060 writer = bio_writer_create(TPM_QUOTE_INFO_LEN);
1061 /* Version number */
1062 writer->write_uint8(writer, 1);
1063 writer->write_uint8(writer, 1);
1064 writer->write_uint8(writer, 0);
1065 writer->write_uint8(writer, 0);
1066
1067 /* Magic QUOT value, depends on TPM Ordinal */
1068 writer->write_uint8(writer, 'Q');
1069 writer->write_uint8(writer, 'U');
1070 writer->write_uint8(writer, 'O');
1071 writer->write_uint8(writer, 'T');
1072
1073 /* SHA1 hash of PCR Composite Structure */
1074 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1075 hasher->allocate_hash(hasher, pcr_composite, out_pcr_composite);
1076 DBG4(DBG_PTS, "Hash of calculated PCR Composite: %B", out_pcr_composite);
1077
1078 chunk_clear(&pcr_composite);
1079 hasher->destroy(hasher);
1080 writer->write_data(writer, *out_pcr_composite);
1081
1082 if (!this->secret.ptr)
1083 {
1084 DBG1(DBG_PTS, "Secret assessment value unavailable",
1085 "unable to construct TPM Quote Info");
1086 chunk_clear(out_pcr_composite);
1087 writer->destroy(writer);
1088 return FALSE;
1089 }
1090 /* Secret assessment value 20 bytes (nonce) */
1091 writer->write_data(writer, this->secret);
1092 /* TPM Quote Info */
1093 *out_quote_info = chunk_clone(writer->get_buf(writer));
1094 DBG4(DBG_PTS, "Calculated TPM Quote Info: %B", out_quote_info);
1095 writer->destroy(writer);
1096
1097 return TRUE;
1098 }
1099
1100 METHOD(pts_t, verify_quote_signature, bool,
1101 private_pts_t *this, chunk_t data, chunk_t signature)
1102 {
1103 public_key_t *aik_pub_key;
1104 chunk_t key_encoding;
1105 EVP_PKEY *pkey = NULL;
1106 RSA *rsa = NULL;
1107 unsigned char *p;
1108
1109 aik_pub_key = this->aik->get_public_key(this->aik);
1110 if (!aik_pub_key)
1111 {
1112 DBG1(DBG_PTS, "failed to get public key from AIK certificate");
1113 return FALSE;
1114 }
1115
1116 /** Implementation using strongswan -> not working */
1117 /*if (!aik_pub_key->verify(aik_pub_key, SIGN_RSA_EMSA_PKCS1_SHA1, data, signature))
1118 {
1119 DBG1(DBG_PTS, "signature verification failed for TPM Quote Info");
1120 goto cleanup;
1121 }
1122 */
1123
1124 if (!aik_pub_key->get_encoding(aik_pub_key, PUBKEY_SPKI_ASN1_DER, &key_encoding))
1125 {
1126 DBG1(DBG_PTS, "failed to get encoding of AIK public key");
1127 goto cleanup;
1128 }
1129
1130 p = key_encoding.ptr;
1131 pkey = d2i_PUBKEY(NULL, (const unsigned char**)&p, key_encoding.len);
1132 if (!pkey)
1133 {
1134 DBG1(DBG_PTS, "failed to get EVP_PKEY object from AIK public key encoding");
1135 goto cleanup;
1136 }
1137
1138 rsa = EVP_PKEY_get1_RSA(pkey);
1139 if (!rsa)
1140 {
1141 DBG1(DBG_PTS, "failed to get RSA object from EVP_PKEY");
1142 goto cleanup;
1143 }
1144
1145 if (RSA_verify(NID_sha1, data.ptr, data.len, signature.ptr, signature.len, rsa) != 1)
1146 {
1147 DBG1(DBG_PTS, "signature verification failed for TPM Quote Info");
1148 goto cleanup;
1149 }
1150
1151 RSA_free(rsa);
1152 EVP_PKEY_free(pkey);
1153 if (key_encoding.ptr)
1154 {
1155 chunk_clear(&key_encoding);
1156 }
1157 aik_pub_key->destroy(aik_pub_key);
1158 return TRUE;
1159
1160 cleanup:
1161 if (rsa)
1162 {
1163 RSA_free(rsa);
1164 }
1165 if (pkey)
1166 {
1167 EVP_PKEY_free(pkey);
1168 }
1169 if (key_encoding.ptr)
1170 {
1171 chunk_clear(&key_encoding);
1172 }
1173 DESTROY_IF(aik_pub_key);
1174 return FALSE;
1175 }
1176
1177 METHOD(pts_t, destroy, void,
1178 private_pts_t *this)
1179 {
1180 DESTROY_IF(this->aik);
1181 DESTROY_IF(this->dh);
1182 DESTROY_IF(this->pcrs);
1183 free(this->initiator_nonce.ptr);
1184 free(this->responder_nonce.ptr);
1185 free(this->secret.ptr);
1186 free(this->platform_info);
1187 free(this->aik_blob.ptr);
1188 free(this->tpm_version_info.ptr);
1189 free(this);
1190 }
1191
1192 /**
1193 * Determine Linux distribution and hardware platform
1194 */
1195 static char* extract_platform_info(void)
1196 {
1197 FILE *file;
1198 char buf[BUF_LEN], *pos, *value = NULL;
1199 int i, len;
1200 struct utsname uninfo;
1201
1202 /* Linux/Unix distribution release info (from http://linuxmafia.com) */
1203 const char* releases[] = {
1204 "/etc/lsb-release", "/etc/debian_version",
1205 "/etc/SuSE-release", "/etc/novell-release",
1206 "/etc/sles-release", "/etc/redhat-release",
1207 "/etc/fedora-release", "/etc/gentoo-release",
1208 "/etc/slackware-version", "/etc/annvix-release",
1209 "/etc/arch-release", "/etc/arklinux-release",
1210 "/etc/aurox-release", "/etc/blackcat-release",
1211 "/etc/cobalt-release", "/etc/conectiva-release",
1212 "/etc/debian_release", "/etc/immunix-release",
1213 "/etc/lfs-release", "/etc/linuxppc-release",
1214 "/etc/mandrake-release", "/etc/mandriva-release",
1215 "/etc/mandrakelinux-release", "/etc/mklinux-release",
1216 "/etc/pld-release", "/etc/redhat_version",
1217 "/etc/slackware-release", "/etc/e-smith-release",
1218 "/etc/release", "/etc/sun-release",
1219 "/etc/tinysofa-release", "/etc/turbolinux-release",
1220 "/etc/ultrapenguin-release", "/etc/UnitedLinux-release",
1221 "/etc/va-release", "/etc/yellowdog-release"
1222 };
1223
1224 const char description[] = "DISTRIB_DESCRIPTION=\"";
1225
1226 for (i = 0; i < countof(releases); i++)
1227 {
1228 file = fopen(releases[i], "r");
1229 if (!file)
1230 {
1231 continue;
1232 }
1233 fseek(file, 0, SEEK_END);
1234 len = min(ftell(file), sizeof(buf)-1);
1235 rewind(file);
1236 buf[len] = '\0';
1237 if (fread(buf, 1, len, file) != len)
1238 {
1239 DBG1(DBG_PTS, "failed to read file '%s'", releases[i]);
1240 fclose(file);
1241 return NULL;
1242 }
1243 fclose(file);
1244
1245 if (i == 0) /* LSB release */
1246 {
1247 pos = strstr(buf, description);
1248 if (!pos)
1249 {
1250 DBG1(DBG_PTS, "failed to find begin of lsb-release "
1251 "DESCRIPTION field");
1252 return NULL;
1253 }
1254 value = pos + strlen(description);
1255 pos = strchr(value, '"');
1256 if (!pos)
1257 {
1258 DBG1(DBG_PTS, "failed to find end of lsb-release "
1259 "DESCRIPTION field");
1260 return NULL;
1261 }
1262 }
1263 else
1264 {
1265 value = buf;
1266 pos = strchr(value, '\n');
1267 if (!pos)
1268 {
1269 DBG1(DBG_PTS, "failed to find end of release string");
1270 return NULL;
1271 }
1272 }
1273 break;
1274 }
1275
1276 if (!value)
1277 {
1278 DBG1(DBG_PTS, "no distribution release file found");
1279 return NULL;
1280 }
1281
1282 if (uname(&uninfo) < 0)
1283 {
1284 DBG1(DBG_PTS, "could not retrieve machine architecture");
1285 return NULL;
1286 }
1287
1288 *pos++ = ' ';
1289 len = sizeof(buf)-1 + (pos - buf);
1290 strncpy(pos, uninfo.machine, len);
1291
1292 DBG1(DBG_PTS, "platform is '%s'", value);
1293 return strdup(value);
1294 }
1295
1296 /**
1297 * Check for a TPM by querying for TPM Version Info
1298 */
1299 static bool has_tpm(private_pts_t *this)
1300 {
1301 TSS_HCONTEXT hContext;
1302 TSS_HTPM hTPM;
1303 TSS_RESULT result;
1304 u_int32_t version_info_len;
1305
1306 result = Tspi_Context_Create(&hContext);
1307 if (result != TSS_SUCCESS)
1308 {
1309 DBG1(DBG_PTS, "TPM context could not be created: tss error 0x%x", result);
1310 return FALSE;
1311 }
1312 result = Tspi_Context_Connect(hContext, NULL);
1313 if (result != TSS_SUCCESS)
1314 {
1315 goto err;
1316 }
1317 result = Tspi_Context_GetTpmObject (hContext, &hTPM);
1318 if (result != TSS_SUCCESS)
1319 {
1320 goto err;
1321 }
1322 result = Tspi_TPM_GetCapability(hTPM, TSS_TPMCAP_VERSION_VAL, 0, NULL,
1323 &version_info_len,
1324 &this->tpm_version_info.ptr);
1325 this->tpm_version_info.len = version_info_len;
1326 if (result != TSS_SUCCESS)
1327 {
1328 goto err;
1329 }
1330 this->tpm_version_info = chunk_clone(this->tpm_version_info);
1331 Tspi_Context_Close(hContext);
1332 return TRUE;
1333
1334 err:
1335 DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
1336 Tspi_Context_Close(hContext);
1337 return FALSE;
1338 }
1339
1340 /**
1341 * See header
1342 */
1343 pts_t *pts_create(bool is_imc)
1344 {
1345 private_pts_t *this;
1346
1347 INIT(this,
1348 .public = {
1349 .get_proto_caps = _get_proto_caps,
1350 .set_proto_caps = _set_proto_caps,
1351 .get_meas_algorithm = _get_meas_algorithm,
1352 .set_meas_algorithm = _set_meas_algorithm,
1353 .get_dh_hash_algorithm = _get_dh_hash_algorithm,
1354 .set_dh_hash_algorithm = _set_dh_hash_algorithm,
1355 .create_dh_nonce = _create_dh_nonce,
1356 .get_my_public_value = _get_my_public_value,
1357 .set_peer_public_value = _set_peer_public_value,
1358 .calculate_secret = _calculate_secret,
1359 .get_platform_info = _get_platform_info,
1360 .set_platform_info = _set_platform_info,
1361 .get_tpm_version_info = _get_tpm_version_info,
1362 .set_tpm_version_info = _set_tpm_version_info,
1363 .get_aik = _get_aik,
1364 .set_aik = _set_aik,
1365 .is_path_valid = _is_path_valid,
1366 .hash_file = _hash_file,
1367 .do_measurements = _do_measurements,
1368 .get_metadata = _get_metadata,
1369 .read_pcr = _read_pcr,
1370 .extend_pcr = _extend_pcr,
1371 .quote_tpm = _quote_tpm,
1372 .add_pcr_entry = _add_pcr_entry,
1373 .get_quote_info = _get_quote_info,
1374 .verify_quote_signature = _verify_quote_signature,
1375 .destroy = _destroy,
1376 },
1377 .is_imc = is_imc,
1378 .proto_caps = PTS_PROTO_CAPS_V,
1379 .algorithm = PTS_MEAS_ALGO_SHA256,
1380 .dh_hash_algorithm = PTS_MEAS_ALGO_SHA256,
1381 );
1382
1383 if (is_imc)
1384 {
1385 this->platform_info = extract_platform_info();
1386
1387 if (has_tpm(this))
1388 {
1389 this->has_tpm = TRUE;
1390 this->proto_caps |= PTS_PROTO_CAPS_T;
1391 load_aik(this);
1392 load_aik_blob(this);
1393 }
1394 }
1395 else
1396 {
1397 this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_C;
1398 }
1399
1400 return &this->public;
1401 }