Implemented first version of tpm quote function
[strongswan.git] / src / libpts / pts / pts.h
1 /*
2 * Copyright (C) 2011 Sansar Choinyambuu
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup pts pts
18 * @{ @ingroup pts
19 */
20
21 #ifndef PTS_H_
22 #define PTS_H_
23
24 typedef struct pts_t pts_t;
25
26 #include "pts_error.h"
27 #include "pts_proto_caps.h"
28 #include "pts_meas_algo.h"
29 #include "pts_file_meas.h"
30 #include "pts_file_meta.h"
31 #include "pts_dh_group.h"
32
33 #include <library.h>
34
35 /**
36 * UTF-8 encoding of the character used to delimiter the filename
37 */
38 #define SOLIDUS_UTF 0x2F
39 #define REVERSE_SOLIDUS_UTF 0x5C
40
41 /**
42 * Lenght of the generated nonce used for calculation of shared secret
43 */
44 #define NONCE_LEN 20
45
46 /**
47 * Lenght of the generated nonce used for calculation of shared secret
48 */
49 #define ASSESSMENT_SECRET_LEN 20
50
51 /**
52 * Maximum number of PCR's of TPM, TPM Spec 1.2
53 */
54 #define MAX_NUM_PCR 24
55
56 /**
57 * Class implementing the TCG Platform Trust System (PTS)
58 *
59 */
60 struct pts_t {
61
62 /**
63 * Get PTS Protocol Capabilities
64 *
65 * @return protocol capabilities flags
66 */
67 pts_proto_caps_flag_t (*get_proto_caps)(pts_t *this);
68
69 /**
70 * Set PTS Protocol Capabilities
71 *
72 * @param flags protocol capabilities flags
73 */
74 void (*set_proto_caps)(pts_t *this, pts_proto_caps_flag_t flags);
75
76 /**
77 * Get PTS Measurement Algorithm
78 *
79 * @return measurement algorithm
80 */
81 pts_meas_algorithms_t (*get_meas_algorithm)(pts_t *this);
82
83 /**
84 * Set PTS Measurement Algorithm
85 *
86 * @param algorithm measurement algorithm
87 */
88 void (*set_meas_algorithm)(pts_t *this, pts_meas_algorithms_t algorithm);
89
90 /**
91 * Get PTS Diffie Hellman Group
92 *
93 * @return DH Group
94 */
95 pts_dh_group_t (*get_dh_group)(pts_t *this);
96
97 /**
98 * Set PTS Diffie Hellman Group
99 *
100 * @param dh_group DH Group
101 */
102 void (*set_dh_group)(pts_t *this, pts_dh_group_t dh_group);
103
104 /**
105 * Set PTS Diffie Hellman Object
106 *
107 * @param dh D-H object
108 */
109 bool (*create_dh)(pts_t *this, pts_dh_group_t group);
110
111 /**
112 * Gets Own Diffie Hellman Public Value
113 *
114 * @param info chunk to keep own public value
115 */
116 void (*get_my_pub_val)(pts_t *this, chunk_t *pub_value);
117
118 /**
119 * Sets the public value of partner.
120 *
121 * @param value public value of partner
122 */
123 void (*set_other_pub_val) (pts_t *this, chunk_t value);
124
125 /**
126 * Calculates secret assessment value to be used for TPM Quote as an external data
127 *
128 * @param initiator_nonce Initiator nonce (IMV nonce)
129 * @param responder_nonce Responder nonce (IMC nonce)
130 * @param algorithm Hashing algorithm
131 * @return TRUE, FALSE if not both DH public values and
132 * nonces are set
133 */
134 bool (*calculate_secret) (pts_t *this, chunk_t initiator_nonce,
135 chunk_t responder_nonce, pts_meas_algorithms_t algorithm);
136
137 /**
138 * Returns secret assessment value to be used for TPM Quote as an external data
139 *
140 * @return Secret assessment value
141 */
142 chunk_t (*get_secret) (pts_t *this);
143
144 /**
145 * Get Platform and OS Info
146 *
147 * @return platform and OS info
148 */
149 char* (*get_platform_info)(pts_t *this);
150
151 /**
152 * Set Platform and OS Info
153 *
154 * @param info platform and OS info
155 */
156 void (*set_platform_info)(pts_t *this, char *info);
157
158 /**
159 * Get TPM 1.2 Version Info
160 *
161 * @param info chunk containing a TPM_CAP_VERSION_INFO struct
162 * @return TRUE if TPM Version Info available
163 */
164 bool (*get_tpm_version_info)(pts_t *this, chunk_t *info);
165
166 /**
167 * Set TPM 1.2 Version Info
168 *
169 * @param info chunk containing a TPM_CAP_VERSION_INFO struct
170 */
171 void (*set_tpm_version_info)(pts_t *this, chunk_t info);
172
173 /**
174 * Get Attestation Identity Certificate or Public Key
175 *
176 * @return AIK Certificate or Public Key
177 */
178 certificate_t* (*get_aik)(pts_t *this);
179
180 /**
181 * Set Attestation Identity Certificate or Public Key
182 *
183 * @param aik AIK Certificate or Public Key
184 */
185 void (*set_aik)(pts_t *this, certificate_t *aik);
186
187 /**
188 * Check whether path is valid file/directory on filesystem
189 *
190 * @param path Absolute path
191 * @param error_code Output variable for PTS error code
192 * @return TRUE if path is valid or file/directory doesn't exist
193 * or path is invalid
194 * FALSE if local error occurred within stat function
195 */
196 bool (*is_path_valid)(pts_t *this, char *path, pts_error_code_t *error_code);
197
198 /**
199 * Compute a hash over a file
200 * @param hasher Hasher to be used
201 * @param pathname Absolute path of a file
202 * @param hash Buffer to keep hash output
203 * @return TRUE if path is valid and hashing succeeded, FALSE otherwise
204 */
205 bool (*hash_file)(pts_t *this, hasher_t *hasher, char *pathname, u_char *hash);
206
207 /**
208 * Do PTS File Measurements
209 *
210 * @param request_id ID of PTS File Measurement Request
211 * @param pathname Absolute pathname of file to be measured
212 * @param is_directory if TRUE directory contents are measured
213 * @return PTS File Measurements of NULL if FAILED
214 */
215 pts_file_meas_t* (*do_measurements)(pts_t *this, u_int16_t request_id,
216 char *pathname, bool is_directory);
217
218 /**
219 * Obtain file metadata
220 *
221 * @param pathname Absolute pathname of file/directory
222 * @param is_directory if TRUE directory contents are requested
223 * @return PTS File Metadata or NULL if FAILED
224 */
225 pts_file_meta_t* (*get_metadata)(pts_t *this, char *pathname, bool is_directory);
226
227 /**
228 * Reads given PCR value and returns it
229 * Expects owner secret to be WELL_KNOWN_SECRET
230 *
231 * @param pcr_num Number of PCR to read
232 * @param pcr_value Chunk to save pcr read output
233 * @return NULL in case of TSS error, PCR value otherwise
234 */
235 bool (*read_pcr)(pts_t *this, u_int32_t pcr_num, chunk_t *pcr_value);
236
237 /**
238 * Extends given PCR with given value
239 * Expects owner secret to be WELL_KNOWN_SECRET
240 *
241 * @param pcr_num Number of PCR to extend
242 * @param input Value to extend
243 * @param output Chunk to save PCR value after extension
244 * @return FALSE in case of TSS error, TRUE otherwise
245 */
246 bool (*extend_pcr)(pts_t *this, u_int32_t pcr_num, chunk_t input, chunk_t *output);
247
248 /**
249 * Quote over PCR's
250 * Expects owner and SRK secret to be WELL_KNOWN_SECRET and no password set for AIK
251 *
252 * @param pcrs Set of PCR's to make quotation over
253 * @param num_of_pcr Number of PCR's
254 * @param quote Chunk to save quote operation output
255 * @return FALSE in case of TSS error, TRUE otherwise
256 */
257 bool (*quote_tpm)(pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs, chunk_t *quote);
258
259 /**
260 * Destroys a pts_t object.
261 */
262 void (*destroy)(pts_t *this);
263
264 };
265
266 /**
267 * Creates an pts_t object
268 *
269 * @param is_imc TRUE if running on an IMC
270 */
271 pts_t* pts_create(bool is_imc);
272
273 #endif /** PTS_H_ @} */