check if TNC client has a valid and registered AIK
[strongswan.git] / src / libpts / pts / pts_database.h
1 /*
2 * Copyright (C) 2011 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup pts_database pts_database
18 * @{ @ingroup pts
19 */
20
21 #ifndef PTS_DATABASE_H_
22 #define PTS_DATABASE_H_
23
24 typedef struct pts_database_t pts_database_t;
25
26 #include "pts_meas_algo.h"
27 #include "components/pts_comp_func_name.h"
28 #include <library.h>
29
30 /**
31 * Class implementing the PTS File Measurement database
32 *
33 */
34 struct pts_database_t {
35
36 /**
37 * Get files/directories to be measured by PTS
38 *
39 * @param product Software product (os, vpn client, etc.)
40 * @return Enumerator over all matching files/directories
41 */
42 enumerator_t* (*create_file_meas_enumerator)(pts_database_t *this,
43 char *product);
44
45 /**
46 * Get files/directories to request metadata of
47 *
48 * @param product Software product (os, vpn client, etc.)
49 * @return Enumerator over all matching files/directories
50 */
51 enumerator_t* (*create_file_meta_enumerator)(pts_database_t *this,
52 char *product);
53
54 /**
55 * Get stored measurement hash for single file or directory entries
56 *
57 * @param product Software product (os, vpn client, etc.)
58 * @param algo Hash algorithm used for measurement
59 * @param id Primary key of measured file/directory
60 * @param is_dir TRUE if directory was measured
61 * @return Enumerator over all matching measurement hashes
62 */
63 enumerator_t* (*create_file_hash_enumerator)(pts_database_t *this,
64 char *product, pts_meas_algorithms_t algo,
65 int id, bool is_dir);
66
67 /**
68 * Check if an AIK given by its keyid is registered in the database
69 *
70 * @param keyid AIK keyid (SHA-1 hash of the AIK public key info)
71 * @param kid Primary key of AIK entry in keys table
72 * @return SUCCESS if AIK is present, FAILED otherwise
73 */
74 status_t (*check_aik_keyid)(pts_database_t *this, chunk_t keyid, int *kid);
75
76 /**
77 * Get functional components to request evidence of
78 *
79 * @param kid Primary key of AIK entry in keys table
80 * @return Enumerator over all matching components
81 */
82 enumerator_t* (*create_comp_evid_enumerator)(pts_database_t *this, int kid);
83
84 /**
85 * Check a functional component measurement against value stored in database
86 *
87 * @param measurement measurement hash
88 * @param cid Primary key of Component Functional Name entry
89 * @param kid Primary key of AIK entry in keys table
90 * @param seq_no Measurement sequence number
91 * @param prc Number of the PCR the measurement was extended into
92 * @param algo Hash algorithm used for measurement
93 * @return SUCCESS if check was successful
94 */
95 status_t (*check_comp_measurement)(pts_database_t *this, chunk_t measurement,
96 int cid, int kid, int seq_no, int pcr,
97 pts_meas_algorithms_t algo);
98
99 /**
100 * Insert a functional component measurement into the database
101 *
102 * @param measurement Measurement hash
103 * @param cid Primary key of Component Functional Name entry
104 * @param kid Primary key of AIK entry in keys table
105 * @param seq_no Measurement sequence number
106 * @param prc Number of the PCR the measurement was extended into
107 * @param algo Hash algorithm used for measurement
108 * @return SUCCESS if INSERT was successful
109 */
110 status_t (*insert_comp_measurement)(pts_database_t *this, chunk_t measurement,
111 int cid, int kid, int seq_no, int pcr,
112 pts_meas_algorithms_t algo);
113
114 /**
115 * Delete functional component measurements from the database
116 *
117 * @param cid Primary key of Component Functional Name entry
118 * @param kid Primary key of AIK entry in keys table
119 * @return number of deleted measurement entries
120 */
121 int (*delete_comp_measurements)(pts_database_t *this, int cid, int kid);
122
123 /**
124 * Get the number of measurements for a functional component and AIK
125 *
126 * @param comp_name Component Functional Name
127 * @param keyid SHA-1 hash of AIK public key info
128 * @param algo Hash algorithm used for measurement
129 * @param cid Primary key of Component Functional Name entry
130 * @param kid Primary key of AIK entry in keys table
131 * @param count measurement count
132 * @return SUCCESS if COUNT was successful
133 */
134 status_t (*get_comp_measurement_count)(pts_database_t *this,
135 pts_comp_func_name_t *comp_name, chunk_t keyid,
136 pts_meas_algorithms_t algo, int *cid, int *kid,
137 int *count);
138
139 /**
140 * Destroys a pts_database_t object.
141 */
142 void (*destroy)(pts_database_t *this);
143
144 };
145
146 /**
147 * Creates an pts_database_t object
148 *
149 * @param uri database uri
150 */
151 pts_database_t* pts_database_create(char *uri);
152
153 #endif /** PTS_DATABASE_H_ @}*/