attestation_state = (imc_attestation_state_t*)state;
pts = attestation_state->get_pts(attestation_state);
- /* parse received PA-TNC message and automatically handle any errors */
+ /* parse received PA-TNC message and automatically handle any errors */
result = imc_attestation->receive_message(imc_attestation, connection_id,
chunk_create(msg, msg_len), msg_type,
&pa_tnc_msg);
imc_flags = pts->get_proto_caps(pts);
pts->set_proto_caps(pts, imc_flags & imv_flags);
- /* Send PTS Protocol Capabilities attribute */
+ /* Send PTS Protocol Capabilities attribute */
attr = tcg_pts_attr_proto_caps_create(imc_flags & imv_flags,
FALSE);
attr_list->insert_last(attr_list, attr);
{
tcg_pts_attr_meas_algo_t *attr_cast;
pts_meas_algorithms_t selected_algorithm;
-
+
attr_cast = (tcg_pts_attr_meas_algo_t*)attr;
selected_algorithm = attr_cast->get_algorithms(attr_cast);
break;
}
- /* Send Measurement Algorithm Selection attribute */
+ /* Send Measurement Algorithm Selection attribute */
selected_algorithm = pts->get_meas_algorithm(pts);
attr = tcg_pts_attr_meas_algo_create(selected_algorithm,
TRUE);
attr_list->insert_last(attr_list, attr);
break;
}
-
+
case TCG_PTS_GET_TPM_VERSION_INFO:
{
chunk_t tpm_version_info, attr_info;
attr_list->insert_last(attr_list, attr);
break;
}
-
- /* Send TPM Version Info attribute */
+
+ /* Send TPM Version Info attribute */
attr = tcg_pts_attr_tpm_version_info_create(tpm_version_info);
attr_list->insert_last(attr_list, attr);
break;
}
-
+
case TCG_PTS_GET_AIK:
{
chunk_t aik;
DBG1(DBG_IMC, "Obtaining AIK Certificate failed");
break;
}
-
- /* Send AIK attribute */
+
+ /* Send AIK attribute */
attr = tcg_pts_attr_aik_create(is_naked_key, aik);
attr_list->insert_last(attr_list, attr);
break;
}
-
+
/* PTS-based Attestation Evidence */
case TCG_PTS_REQ_FUNCT_COMP_EVID:
break;
case TCG_PTS_MEAS_ALGO_SELECTION:
case TCG_PTS_TPM_VERSION_INFO:
case TCG_PTS_TEMPL_REF_MANI_SET_META:
- case TCG_PTS_AIK:
+ case TCG_PTS_AIK:
case TCG_PTS_SIMPLE_COMP_EVID:
case TCG_PTS_SIMPLE_EVID_FINAL:
case TCG_PTS_VERIFICATION_RESULT:
pa_tnc_msg->destroy(pa_tnc_msg);
result = TNC_RESULT_SUCCESS;
-
+
if (attr_list->get_count(attr_list))
{
pa_tnc_msg = pa_tnc_msg_create();
return result;
}
attestation_state = (imv_attestation_state_t*)state;
-
+
/* TODO: Get some configurations */
-
+
return TNC_RESULT_SUCCESS;
default:
return imv_attestation->change_state(imv_attestation, connection_id,
attr = tcg_pts_attr_proto_caps_create(flags, TRUE);
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
-
+
/* Send Measurement Algorithms attribute */
attr = tcg_pts_attr_meas_algo_create(supported_algorithms, FALSE);
attr->set_noskip_flag(attr, TRUE);
attr = tcg_pts_attr_get_tpm_version_info_create();
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
-
+
/* Send Get AIK attribute */
attr = tcg_pts_attr_get_aik_create();
attr->set_noskip_flag(attr, TRUE);
}
while (enumerator->enumerate(enumerator, &id, &type, &pathname))
{
- is_directory = (type != 0);
+ is_directory = (type != 0);
DBG2(DBG_IMV, "measurement request %d for %s '%s'",
id, is_directory ? "directory" : "file", pathname);
attr = tcg_pts_attr_req_file_meas_create(is_directory, id,
msg->build(msg);
result = imv_attestation->send_message(imv_attestation, connection_id,
- msg->get_encoding(msg));
+ msg->get_encoding(msg));
msg->destroy(msg);
return result;
return TNC_RESULT_FATAL;
}
attestation_state = (imv_attestation_state_t*)state;
- pts = attestation_state->get_pts(attestation_state);
+ pts = attestation_state->get_pts(attestation_state);
- /* parse received PA-TNC message and automatically handle any errors */
+ /* parse received PA-TNC message and automatically handle any errors */
result = imv_attestation->receive_message(imv_attestation, connection_id,
chunk_create(msg, msg_len), msg_type,
&pa_tnc_msg);
{
tcg_pts_attr_proto_caps_t *attr_cast;
pts_proto_caps_flag_t flags;
-
+
attr_cast = (tcg_pts_attr_proto_caps_t*)attr;
flags = attr_cast->get_flags(attr_cast);
pts->set_proto_caps(pts, flags);
{
tcg_pts_attr_meas_algo_t *attr_cast;
pts_meas_algorithms_t selected_algorithm;
-
+
attr_cast = (tcg_pts_attr_meas_algo_t*)attr;
selected_algorithm = attr_cast->get_algorithms(attr_cast);
- pts->set_meas_algorithm(pts, selected_algorithm);
+ pts->set_meas_algorithm(pts, selected_algorithm);
attestation_state->set_handshake_state(attestation_state,
IMV_ATTESTATION_STATE_MEAS);
{
tcg_pts_attr_tpm_version_info_t *attr_cast;
chunk_t tpm_version_info;
-
+
attr_cast = (tcg_pts_attr_tpm_version_info_t*)attr;
tpm_version_info = attr_cast->get_tpm_version_info(attr_cast);
pts->set_tpm_version_info(pts, tpm_version_info);
tcg_pts_attr_aik_t *attr_cast;
chunk_t aik;
bool is_naked_key;
-
+
attr_cast = (tcg_pts_attr_aik_t*)attr;
aik = attr_cast->get_aik(attr_cast);
is_naked_key = attr_cast->get_naked_flag(attr_cast);
pts->set_aik(pts, aik, is_naked_key);
-
+
attestation_state->set_handshake_state(attestation_state,
IMV_ATTESTATION_STATE_END);
break;
}
-
+
/* PTS-based Attestation Evidence */
case TCG_PTS_SIMPLE_COMP_EVID:
break;
chunk_t measurement;
char *platform_info, *filename;
enumerator_t *e_meas;
-
+
platform_info = pts->get_platform_info(pts);
if (!pts_db || !platform_info)
{
}
e->destroy(e);
}
- e_meas->destroy(e_meas);
+ e_meas->destroy(e_meas);
attestation_state->set_handshake_state(attestation_state,
IMV_ATTESTATION_STATE_END);
break;
}
-
+
/* TODO: Not implemented yet */
case TCG_PTS_DH_NONCE_PARAMS_RESP:
case TCG_PTS_UNIX_FILE_META:
{
state->set_recommendation(state,
TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
- TNC_IMV_EVALUATION_RESULT_ERROR);
+ TNC_IMV_EVALUATION_RESULT_ERROR);
return imv_attestation->provide_recommendation(imv_attestation,
connection_id);
}
state->set_recommendation(state,
TNC_IMV_ACTION_RECOMMENDATION_ALLOW,
TNC_IMV_EVALUATION_RESULT_COMPLIANT);
- }
+ }
return imv_attestation->provide_recommendation(imv_attestation,
connection_id);
}
if (chunk_equals(lang, pref_lang))
{
*reason_language = lang;
- *reason_string = chunk_create(reasons[i].string,
+ *reason_string = chunk_create(reasons[i].string,
strlen(reasons[i].string));
return TRUE;
}
/* no preferred language match found - use the default language */
*reason_string = chunk_create(reasons[0].string,
strlen(reasons[0].string));
- *reason_language = chunk_create(reasons[0].lang,
+ *reason_language = chunk_create(reasons[0].lang,
strlen(reasons[0].lang));
return TRUE;
}
);
platform_info = lib->settings->get_str(lib->settings,
- "libimcv.plugins.imv-attestation.platform_info", NULL);
+ "libimcv.plugins.imv-attestation.platform_info", NULL);
if (platform_info)
{
this->pts->set_platform_info(this->pts, platform_info);
char fakeEKCert[0x41a] = {
/* 00000000 */ 0x30, 0x82, 0x04, 0x16, 0x30, 0x82, 0x02, 0xfe,
- 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x40, /* |0...0..........@| */
+ 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x40, /* |0...0..........@| */
/* 00000010 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, /* |...............0| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, /* |...............0| */
/* 00000020 */ 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
- 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3e, /* |...*.H........0>| */
+ 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3e, /* |...*.H........0>| */
/* 00000030 */ 0x31, 0x3c, 0x30, 0x3a, 0x06, 0x03, 0x55, 0x04,
- 0x03, 0x13, 0x33, 0x49, 0x6e, 0x73, 0x65, 0x63, /* |1<0:..U...3Insec| */
+ 0x03, 0x13, 0x33, 0x49, 0x6e, 0x73, 0x65, 0x63, /* |1<0:..U...3Insec| */
/* 00000040 */ 0x75, 0x72, 0x65, 0x20, 0x44, 0x65, 0x6d, 0x6f,
- 0x2f, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x6e, /* |ure Demo/Test En| */
+ 0x2f, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x6e, /* |ure Demo/Test En| */
/* 00000050 */ 0x64, 0x6f, 0x72, 0x73, 0x65, 0x6d, 0x65, 0x6e,
- 0x74, 0x20, 0x4b, 0x65, 0x79, 0x20, 0x52, 0x6f, /* |dorsement Key Ro| */
+ 0x74, 0x20, 0x4b, 0x65, 0x79, 0x20, 0x52, 0x6f, /* |dorsement Key Ro| */
/* 00000060 */ 0x6f, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69,
- 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x30, 0x1e, /* |ot Certificate0.| */
+ 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x30, 0x1e, /* |ot Certificate0.| */
/* 00000070 */ 0x17, 0x0d, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31,
- 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17, /* |..010101000000Z.| */
+ 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17, /* |..010101000000Z.| */
/* 00000080 */ 0x0d, 0x34, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
- 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x00, /* |.491231235959Z0.| */
+ 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x00, /* |.491231235959Z0.| */
/* 00000090 */ 0x30, 0x82, 0x01, 0x37, 0x30, 0x22, 0x06, 0x09,
- 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* |0..70"..*.H.....| */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* |0..70"..*.H.....| */
/* 000000a0 */ 0x07, 0x30, 0x15, 0xa2, 0x13, 0x30, 0x11, 0x06,
- 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, /* |.0...0...*.H....| */
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, /* |.0...0...*.H....| */
/* 000000b0 */ 0x01, 0x09, 0x04, 0x04, 0x54, 0x43, 0x50, 0x41,
- 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, /* |....TCPA.....0..| */
+ 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, /* |....TCPA.....0..| */
/* 000000c0 */ 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0x80, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000000d0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000000e0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000000f0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000100 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000110 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000120 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000130 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000140 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000150 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000160 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000170 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000180 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000190 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000001a0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000001b0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000001c0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x03,
- 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01, 0x37, 0x30, /* |..............70| */
+ 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01, 0x37, 0x30, /* |..............70| */
/* 000001d0 */ 0x82, 0x01, 0x33, 0x30, 0x37, 0x06, 0x03, 0x55,
- 0x1d, 0x09, 0x04, 0x30, 0x30, 0x2e, 0x30, 0x16, /* |..307..U...00.0.| */
+ 0x1d, 0x09, 0x04, 0x30, 0x30, 0x2e, 0x30, 0x16, /* |..307..U...00.0.| */
/* 000001e0 */ 0x06, 0x05, 0x67, 0x81, 0x05, 0x02, 0x10, 0x31,
- 0x0d, 0x30, 0x0b, 0x0c, 0x03, 0x31, 0x2e, 0x31, /* |..g....1.0...1.1| */
+ 0x0d, 0x30, 0x0b, 0x0c, 0x03, 0x31, 0x2e, 0x31, /* |..g....1.0...1.1| */
/* 000001f0 */ 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x14,
- 0x06, 0x05, 0x67, 0x81, 0x05, 0x02, 0x12, 0x31, /* |......0...g....1| */
+ 0x06, 0x05, 0x67, 0x81, 0x05, 0x02, 0x12, 0x31, /* |......0...g....1| */
/* 00000200 */ 0x0b, 0x30, 0x09, 0x80, 0x01, 0x00, 0x81, 0x01,
- 0x00, 0x82, 0x01, 0x02, 0x30, 0x50, 0x06, 0x03, /* |.0..........0P..| */
+ 0x00, 0x82, 0x01, 0x02, 0x30, 0x50, 0x06, 0x03, /* |.0..........0P..| */
/* 00000210 */ 0x55, 0x1d, 0x11, 0x01, 0x01, 0xff, 0x04, 0x46,
- 0x30, 0x44, 0xa4, 0x42, 0x30, 0x40, 0x31, 0x16, /* |U......F0D.B0@1.| */
+ 0x30, 0x44, 0xa4, 0x42, 0x30, 0x40, 0x31, 0x16, /* |U......F0D.B0@1.| */
/* 00000220 */ 0x30, 0x14, 0x06, 0x05, 0x67, 0x81, 0x05, 0x02,
- 0x01, 0x0c, 0x0b, 0x69, 0x64, 0x3a, 0x30, 0x30, /* |0...g......id:00| */
+ 0x01, 0x0c, 0x0b, 0x69, 0x64, 0x3a, 0x30, 0x30, /* |0...g......id:00| */
/* 00000230 */ 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x31, 0x12,
- 0x30, 0x10, 0x06, 0x05, 0x67, 0x81, 0x05, 0x02, /* |0000001.0...g...| */
+ 0x30, 0x10, 0x06, 0x05, 0x67, 0x81, 0x05, 0x02, /* |0000001.0...g...| */
/* 00000240 */ 0x02, 0x0c, 0x07, 0x55, 0x6e, 0x6b, 0x6e, 0x6f,
- 0x77, 0x6e, 0x31, 0x12, 0x30, 0x10, 0x06, 0x05, /* |...Unknown1.0...| */
+ 0x77, 0x6e, 0x31, 0x12, 0x30, 0x10, 0x06, 0x05, /* |...Unknown1.0...| */
/* 00000250 */ 0x67, 0x81, 0x05, 0x02, 0x03, 0x0c, 0x07, 0x69,
- 0x64, 0x3a, 0x30, 0x30, 0x30, 0x30, 0x30, 0x0c, /* |g......id:00000.| */
+ 0x64, 0x3a, 0x30, 0x30, 0x30, 0x30, 0x30, 0x0c, /* |g......id:00000.| */
/* 00000260 */ 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff,
- 0x04, 0x02, 0x30, 0x00, 0x30, 0x75, 0x06, 0x03, /* |..U.......0.0u..| */
+ 0x04, 0x02, 0x30, 0x00, 0x30, 0x75, 0x06, 0x03, /* |..U.......0.0u..| */
/* 00000270 */ 0x55, 0x1d, 0x20, 0x01, 0x01, 0xff, 0x04, 0x6b,
- 0x30, 0x69, 0x30, 0x67, 0x06, 0x04, 0x55, 0x1d, /* |U. ....k0i0g..U.| */
+ 0x30, 0x69, 0x30, 0x67, 0x06, 0x04, 0x55, 0x1d, /* |U. ....k0i0g..U.| */
/* 00000280 */ 0x20, 0x00, 0x30, 0x5f, 0x30, 0x25, 0x06, 0x08,
- 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, /* | .0_0%..+.......| */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, /* | .0_0%..+.......| */
/* 00000290 */ 0x16, 0x19, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
- 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x70, 0x72, 0x69, /* |..http://www.pri| */
+ 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x70, 0x72, 0x69, /* |..http://www.pri| */
/* 000002a0 */ 0x76, 0x61, 0x63, 0x79, 0x63, 0x61, 0x2e, 0x63,
- 0x6f, 0x6d, 0x2f, 0x30, 0x36, 0x06, 0x08, 0x2b, /* |vacyca.com/06..+| */
+ 0x6f, 0x6d, 0x2f, 0x30, 0x36, 0x06, 0x08, 0x2b, /* |vacyca.com/06..+| */
/* 000002b0 */ 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x02, 0x30,
- 0x2a, 0x0c, 0x28, 0x54, 0x43, 0x50, 0x41, 0x20, /* |.......0*.(TCPA | */
+ 0x2a, 0x0c, 0x28, 0x54, 0x43, 0x50, 0x41, 0x20, /* |.......0*.(TCPA | */
/* 000002c0 */ 0x54, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x20,
- 0x50, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, /* |Trusted Platform| */
+ 0x50, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, /* |Trusted Platform| */
/* 000002d0 */ 0x20, 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x20,
- 0x45, 0x6e, 0x64, 0x6f, 0x72, 0x73, 0x65, 0x6d, /* | Module Endorsem| */
+ 0x45, 0x6e, 0x64, 0x6f, 0x72, 0x73, 0x65, 0x6d, /* | Module Endorsem| */
/* 000002e0 */ 0x65, 0x6e, 0x74, 0x30, 0x21, 0x06, 0x03, 0x55,
- 0x1d, 0x23, 0x04, 0x1a, 0x30, 0x18, 0x80, 0x16, /* |ent0!..U.#..0...| */
+ 0x1d, 0x23, 0x04, 0x1a, 0x30, 0x18, 0x80, 0x16, /* |ent0!..U.#..0...| */
/* 000002f0 */ 0x04, 0x14, 0x34, 0xa8, 0x8c, 0x24, 0x7a, 0x97,
- 0xf8, 0xcc, 0xc7, 0x56, 0x6d, 0xfb, 0x44, 0xa8, /* |..4..$z....Vm.D.| */
+ 0xf8, 0xcc, 0xc7, 0x56, 0x6d, 0xfb, 0x44, 0xa8, /* |..4..$z....Vm.D.| */
/* 00000300 */ 0xd4, 0x41, 0xaa, 0x5f, 0x4f, 0x1d, 0x30, 0x0d,
- 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, /* |.A._O.0...*.H...| */
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, /* |.A._O.0...*.H...| */
/* 00000310 */ 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01,
- 0x01, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x01, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000320 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000330 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000340 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000350 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000360 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000370 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000380 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000390 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000003a0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000003b0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000003c0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000003d0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000003e0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 000003f0 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000400 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* |................| */
/* 00000410 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x01 /* |..........| */
+ 0x00, 0x01 /* |..........| */
};
#endif /** PTS_FAKE_EK_CERT_H_ @}*/
* Contains a TPM_CAP_VERSION_INFO struct
*/
chunk_t tpm_version_info;
-
+
/**
* Contains a Attestation Identity Key
*/
chunk_t aik;
-
+
/**
* True if AIK is naked public key, not a certificate
*/
bool is_naked_key;
-
+
};
METHOD(pts_t, get_proto_caps, pts_proto_caps_flag_t,
- private_pts_t *this)
+ private_pts_t *this)
{
return this->proto_caps;
}
METHOD(pts_t, set_proto_caps, void,
- private_pts_t *this, pts_proto_caps_flag_t flags)
+ private_pts_t *this, pts_proto_caps_flag_t flags)
{
this->proto_caps = flags;
DBG2(DBG_TNC, "supported PTS protocol capabilities: %s%s%s%s%s",
- flags & PTS_PROTO_CAPS_C ? "C" : ".",
- flags & PTS_PROTO_CAPS_V ? "V" : ".",
- flags & PTS_PROTO_CAPS_D ? "D" : ".",
- flags & PTS_PROTO_CAPS_T ? "T" : ".",
- flags & PTS_PROTO_CAPS_X ? "X" : ".");
+ flags & PTS_PROTO_CAPS_C ? "C" : ".",
+ flags & PTS_PROTO_CAPS_V ? "V" : ".",
+ flags & PTS_PROTO_CAPS_D ? "D" : ".",
+ flags & PTS_PROTO_CAPS_T ? "T" : ".",
+ flags & PTS_PROTO_CAPS_X ? "X" : ".");
}
METHOD(pts_t, get_meas_algorithm, pts_meas_algorithms_t,
- private_pts_t *this)
+ private_pts_t *this)
{
return this->algorithm;
}
METHOD(pts_t, set_meas_algorithm, void,
- private_pts_t *this, pts_meas_algorithms_t algorithm)
+ private_pts_t *this, pts_meas_algorithms_t algorithm)
{
hash_algorithm_t hash_alg;
hash_alg = pts_meas_to_hash_algorithm(algorithm);
DBG2(DBG_TNC, "selected PTS measurement algorithm is %N",
- hash_algorithm_names, hash_alg);
+ hash_algorithm_names, hash_alg);
if (hash_alg != HASH_UNKNOWN)
{
this->algorithm = algorithm;
TSS_RESULT result;
result = Trspi_UnloadBlob_CAP_VERSION_INFO(&offset,
- this->tpm_version_info.ptr, &versionInfo);
+ this->tpm_version_info.ptr, &versionInfo);
if (result != TSS_SUCCESS)
{
DBG1(DBG_TNC, "could not parse tpm version info: tss error 0x%x",
else
{
DBG2(DBG_TNC, "TPM 1.2 Version Info: Chip Version: %hhu.%hhu.%hhu.%hhu,"
- " Spec Level: %hu, Errata Rev: %hhu, Vendor ID: %.4s",
- versionInfo.version.major, versionInfo.version.minor,
- versionInfo.version.revMajor, versionInfo.version.revMinor,
- versionInfo.specLevel, versionInfo.errataRev,
- versionInfo.tpmVendorID);
+ " Spec Level: %hu, Errata Rev: %hhu, Vendor ID: %.4s",
+ versionInfo.version.major, versionInfo.version.minor,
+ versionInfo.version.revMajor, versionInfo.version.revMinor,
+ versionInfo.specLevel, versionInfo.errataRev,
+ versionInfo.tpmVendorID);
}
}
METHOD(pts_t, get_platform_info, char*,
- private_pts_t *this)
+ private_pts_t *this)
{
return this->platform_info;
}
METHOD(pts_t, set_platform_info, void,
- private_pts_t *this, char *info)
+ private_pts_t *this, char *info)
{
free(this->platform_info);
this->platform_info = strdup(info);
}
METHOD(pts_t, get_tpm_version_info, bool,
- private_pts_t *this, chunk_t *info)
+ private_pts_t *this, chunk_t *info)
{
if (!this->has_tpm)
{
}
METHOD(pts_t, set_tpm_version_info, void,
- private_pts_t *this, chunk_t info)
+ private_pts_t *this, chunk_t info)
{
this->tpm_version_info = chunk_clone(info);
print_tpm_version_info(this);
}
/**
- * Create a fake endorsement key cert using system's actual EK
+ * Create a fake endorsement key cert using system's actual EK
*/
static TSS_RESULT makeEKCert(TSS_HCONTEXT hContext, TSS_HTPM hTPM, UINT32 *pCertLen, BYTE **pCert)
return result;
}
result = Tspi_GetAttribData (hPubek, TSS_TSPATTRIB_RSAKEY_INFO,
- TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, &modulusLen, &modulus);
+ TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, &modulusLen, &modulus);
Tspi_Context_CloseObject (hContext, hPubek);
if (result != TSS_SUCCESS)
{
DBG1(DBG_IMC, "Error in: Tspi_Context_CloseObject");
return result;
}
- if (modulusLen != 256) {
+ if (modulusLen != 256)
+ {
DBG1(DBG_IMC, "Tspi_GetAttribData modulusLen != 256");
Tspi_Context_FreeMemory (hContext, modulus);
return result;
}
/* TODO define fakeEKCert
- *pCertLen = sizeof(fakeEKCert);
- *pCert = malloc (*pCertLen);
- memcpy (*pCert, fakeEKCert, *pCertLen);
- memcpy (*pCert + 0xc6, modulus, modulusLen);
- */
+ * pCertLen = sizeof(fakeEKCert);
+ *pCert = malloc (*pCertLen);
+ memcpy (*pCert, fakeEKCert, *pCertLen);
+ memcpy (*pCert + 0xc6, modulus, modulusLen);
+ */
Tspi_Context_FreeMemory (hContext, modulus);
return TSS_SUCCESS;
}
-/**
- * Read the level N CA from privacyca.com
- * Assume Curl library has been initialized
+/**
+ * Read the level N CA from privacyca.com
+ * Assume Curl library has been initialized
*/
static X509* readPCAcert (int level)
curl_easy_setopt (hCurl, CURLOPT_URL, url);
curl_easy_setopt(hCurl, CURLOPT_WRITEDATA, (BYTE **)f_tmp);
- if ((result = curl_easy_perform(hCurl))) {
+ if ((result = curl_easy_perform(hCurl)))
+ {
DBG1(DBG_IMC, "Unable to connect to Privacy CA, curl library result code %d", result);
fclose(f_tmp);
return NULL;
BYTE *rgbTCPAIdentityReq;
UINT32 ulTCPAIdentityReqLength;
UINT32 initFlags = TSS_KEY_TYPE_IDENTITY | TSS_KEY_SIZE_2048 |
- TSS_KEY_VOLATILE | TSS_KEY_NOT_MIGRATABLE;
+ TSS_KEY_VOLATILE | TSS_KEY_NOT_MIGRATABLE;
BYTE asymBuf[EKSIZE];
BYTE *symBuf;
BYTE *credBuf;
UINT32 ekCertLen = 0;
char url[128];
int result;
-
+
this->aik = chunk_empty;
this->is_naked_key = false;
-
+
curl_global_init (CURL_GLOBAL_ALL);
-
+
DBG3(DBG_IMC, "Retrieving PCA certificate...");
-
+
/* TPM has EK Certificate */
- if(REALEK)
+ if (REALEK)
{
level = 1;
}
x509 = readPCAcert (level);
- if (x509 == NULL) {
+ if (x509 == NULL)
+ {
DBG1(DBG_IMC, "Error reading PCA key");
goto err;
}
pcaKey = X509_get_pubkey(x509);
rsa = EVP_PKEY_get1_RSA(pcaKey);
- if (rsa == NULL) {
+ if (rsa == NULL)
+ {
DBG1(DBG_IMC, "Error reading RSA key from PCA");
goto err;
}
X509_free (x509);
result = Tspi_Context_Create(&hContext);
- if (result != TSS_SUCCESS) {
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_Context_Create", result);
goto err;
}
result = Tspi_Context_Connect(hContext, NULL);
- if (result != TSS_SUCCESS) {
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_Context_Connect", result);
goto err;
}
result = Tspi_Context_GetTpmObject (hContext, &hTPM);
- if (result != TSS_SUCCESS) {
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_Context_GetTpmObject", result);
goto err;
}
result = Tspi_Context_LoadKeyByUUID(hContext,
- TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
- if (result != TSS_SUCCESS) {
+ TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_Context_LoadKeyByUUID for SRK", result);
goto err;
}
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSrkPolicy);
- if (result != TSS_SUCCESS) {
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_GetPolicyObject for SRK", result);
goto err;
}
result = Tspi_Policy_SetSecret(hSrkPolicy, TSS_SECRET_MODE_SHA1, 20, secret);
- if (result != TSS_SUCCESS) {
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_Policy_SetSecret for SRK", result);
goto err;
}
result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTPMPolicy);
- if (result != TSS_SUCCESS) {
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_GetPolicyObject for TPM", result);
goto err;
}
result = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_SHA1, 20, secret);
- if (result != TSS_SUCCESS) {
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_Policy_SetSecret for TPM", result);
goto err;
}
result = Tspi_Context_CreateObject(hContext,
- TSS_OBJECT_TYPE_RSAKEY,
- initFlags, &hIdentKey);
- if (result != TSS_SUCCESS) {
+ TSS_OBJECT_TYPE_RSAKEY,
+ initFlags, &hIdentKey);
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_Context_CreateObject for key", result);
goto err;
}
result = Tspi_Context_CreateObject(hContext,
- TSS_OBJECT_TYPE_RSAKEY,
- TSS_KEY_TYPE_LEGACY|TSS_KEY_SIZE_2048,
- &hPCAKey);
- if (result != TSS_SUCCESS) {
- DBG1(DBG_IMC, "Error 0x%x on Tspi_Context_CreateObject for PCA\n", result);
+ TSS_OBJECT_TYPE_RSAKEY,
+ TSS_KEY_TYPE_LEGACY|TSS_KEY_SIZE_2048,
+ &hPCAKey);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_IMC, "Error 0x%x on Tspi_Context_CreateObject for PCA", result);
goto err;
}
- if ((size_n = BN_bn2bin(rsa->n, n)) <= 0) {
- printf("BN_bn2bin failed\n");
- goto err;;
- }
+ if ((size_n = BN_bn2bin(rsa->n, n)) <= 0)
+ {
+ DBG1(DBG_IMC, "BN_bn2bin failed");
+ goto err;;
+ }
result = Tspi_SetAttribData (hPCAKey, TSS_TSPATTRIB_RSAKEY_INFO,
- TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, size_n, n);
- if (result != TSS_SUCCESS) {
+ TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, size_n, n);
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_SetAttribData for PCA modulus", result);
goto err;
}
result = Tspi_SetAttribUint32(hPCAKey, TSS_TSPATTRIB_KEY_INFO,
- TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
- TSS_ES_RSAESPKCSV15);
- if (result != TSS_SUCCESS) {
+ TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
+ TSS_ES_RSAESPKCSV15);
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_SetAttribUint32 for PCA encscheme", result);
goto err;
}
- if(!REALEK)
+ if (!REALEK)
{
result = makeEKCert(hContext, hTPM, &ekCertLen, &ekCert);
- if (result != TSS_SUCCESS) {
- DBG1(DBG_IMC, "Error 0x%x on makeEKCert\n", result);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_IMC, "Error 0x%x on makeEKCert", result);
goto err;
}
-
+
result = Tspi_SetAttribData(hTPM, TSS_TSPATTRIB_TPM_CREDENTIAL,
- TSS_TPMATTRIB_EKCERT, ekCertLen, ekCert);
- if (result != TSS_SUCCESS) {
+ TSS_TPMATTRIB_EKCERT, ekCertLen, ekCert);
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on SetAttribData for EKCert", result);
goto err;
}
DBG3(DBG_IMC, "Generating attestation identity key...");
result = Tspi_TPM_CollateIdentityRequest(hTPM, hSRK, hPCAKey, 0,
- NULL, hIdentKey, TSS_ALG_AES,
- &ulTCPAIdentityReqLength,
- &rgbTCPAIdentityReq);
- if (result != TSS_SUCCESS){
+ NULL, hIdentKey, TSS_ALG_AES,
+ &ulTCPAIdentityReqLength,
+ &rgbTCPAIdentityReq);
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_TPM_CollateIdentityRequest", result);
goto err;
}
slist = curl_slist_append (slist, "Content-Type: application/octet-stream");
slist = curl_slist_append (slist, "Content-Transfer-Encoding: binary");
curl_easy_setopt (hCurl, CURLOPT_HTTPHEADER, slist);
- if ((result = curl_easy_perform(hCurl))) {
+ if ((result = curl_easy_perform(hCurl)))
+ {
DBG1(DBG_IMC, "Unable to connect to Privacy CA, curl library result code %d", result);
exit (result);
}
symBufSize = ftell(f_tmp);
symBuf = malloc(symBufSize);
rewind(f_tmp);
- if(!fread (symBuf, 1, symBufSize, f_tmp))
+ if (!fread (symBuf, 1, symBufSize, f_tmp))
{
DBG1(DBG_IMC, "Failed to read buffer");
goto err;
}
-
+
fclose (f_tmp);
asymBufSize = sizeof(asymBuf);
symBuf += asymBufSize;
result = Tspi_Key_LoadKey (hIdentKey, hSRK);
- if (result != TSS_SUCCESS) {
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_Key_LoadKey for AIK", result);
goto err;
}
result = Tspi_TPM_ActivateIdentity (hTPM, hIdentKey, asymBufSize, asymBuf,
- symBufSize, symBuf,
- &credBufSize, &credBuf);
- if (result != TSS_SUCCESS) {
+ symBufSize, symBuf,
+ &credBufSize, &credBuf);
+ if (result != TSS_SUCCESS)
+ {
DBG1(DBG_IMC, "Error 0x%x on Tspi_TPM_ActivateIdentity", result);
goto err;
}
-
+
/* Output credential in PEM format */
tbuf = credBuf;
x509 = d2i_X509(NULL, (const BYTE **)&tbuf, credBufSize);
- if (x509 == NULL) {
+ if (x509 == NULL)
+ {
DBG1(DBG_IMC, "Unable to parse returned credential");
goto err;
}
- if (tbuf-credBuf != credBufSize) {
+ if (tbuf-credBuf != credBufSize)
+ {
DBG1(DBG_IMC, "Note, not all data from privacy ca was parsed correctly");
}
-
- if(x509)
+
+ if (x509)
{
BUF_MEM *mem_buf;
BIO* bp;
u_int32_t len;
-
+
bp = BIO_new(BIO_s_mem());
PEM_write_bio_X509(bp, x509);
-
+
len = BIO_get_mem_data(bp, &mem_buf);
char tmp[len+1];
-
+
memcpy(tmp, mem_buf, len);
tmp[len] = '\0';
- DBG3(DBG_IMC,"X509 Certificate (PEM format):\n%s\n", tmp);
+ DBG3(DBG_IMC,"X509 Certificate (PEM format):");
+ DBG3(DBG_IMC,"%s", tmp);
this->aik = chunk_create(tmp, len + 1);
this->aik = chunk_clone(this->aik);
-
+
X509_free (x509);
-
+
}
else
{
DBG1(DBG_IMC, "Neither AIK Key blob, nor AIK Certificate is available");
goto err;
}
-
+
DBG3(DBG_IMC, "Succeeded at obtaining AIK Certificate from Privacy CA!");
return TRUE;
-
-err:
+
+ err:
return FALSE;
}
METHOD(pts_t, get_aik, bool,
- private_pts_t *this, chunk_t *aik, bool *is_naked_key)
+ private_pts_t *this, chunk_t *aik, bool *is_naked_key)
{
- if(obtain_aik(this) != TRUE )
+ if (obtain_aik(this) != TRUE )
{
return FALSE;
}
-
+
*aik = this->aik;
*is_naked_key = this->is_naked_key;
-
+
return TRUE;
}
METHOD(pts_t, set_aik, void,
- private_pts_t *this, chunk_t aik, bool is_naked_key)
+ private_pts_t *this, chunk_t aik, bool is_naked_key)
{
this->aik = chunk_clone(aik);
this->is_naked_key = is_naked_key;
}
/**
- * Compute a hash over a file
+ * Compute a hash over a file
*/
static bool hash_file(hasher_t *hasher, char *pathname, u_char *hash)
{
fclose(file);
return TRUE;
-}
+}
/**
- * Get the relative filename of a fully qualified file pathname
+ * Get the relative filename of a fully qualified file pathname
*/
static char* get_filename(char *pathname)
{
filename = pos;
pos = strchr(filename, '/');
}
- return filename;
+ return filename;
}
METHOD(pts_t, do_measurements, pts_file_meas_t*,
- private_pts_t *this, u_int16_t request_id, char *pathname, bool is_directory)
+ private_pts_t *this, u_int16_t request_id, char *pathname, bool is_directory)
{
hasher_t *hasher;
hash_algorithm_t hash_alg;
strerror(errno));
hasher->destroy(hasher);
measurements->destroy(measurements);
- return NULL;
+ return NULL;
}
while (enumerator->enumerate(enumerator, &rel_name, &abs_name, &st))
{
enumerator->destroy(enumerator);
hasher->destroy(hasher);
measurements->destroy(measurements);
- return NULL;
+ return NULL;
}
DBG2(DBG_IMC, " %#B for '%s'", &measurement, rel_name);
measurements->add(measurements, rel_name, measurement);
- }
+ }
}
- enumerator->destroy(enumerator);
+ enumerator->destroy(enumerator);
}
else
{
{
hasher->destroy(hasher);
measurements->destroy(measurements);
- return NULL;
+ return NULL;
}
filename = get_filename(pathname);
DBG2(DBG_IMC, " %#B for '%s'", &measurement, filename);
}
METHOD(pts_t, destroy, void,
- private_pts_t *this)
+ private_pts_t *this)
{
free(this->platform_info);
free(this->tpm_version_info.ptr);
this->tpm_version_info = chunk_clone(this->tpm_version_info);
return TRUE;
-err:
+ err:
DBG1(DBG_TNC, "TPM not available: tss error 0x%x", result);
return FALSE;
}
private_pts_t *this;
INIT(this,
- .public = {
- .get_proto_caps = _get_proto_caps,
- .set_proto_caps = _set_proto_caps,
- .get_meas_algorithm = _get_meas_algorithm,
- .set_meas_algorithm = _set_meas_algorithm,
- .get_platform_info = _get_platform_info,
- .set_platform_info = _set_platform_info,
- .get_tpm_version_info = _get_tpm_version_info,
- .set_tpm_version_info = _set_tpm_version_info,
- .get_aik = _get_aik,
- .set_aik = _set_aik,
- .do_measurements = _do_measurements,
- .destroy = _destroy,
- },
- .proto_caps = PTS_PROTO_CAPS_V,
- .algorithm = PTS_MEAS_ALGO_SHA256,
+ .public = {
+ .get_proto_caps = _get_proto_caps,
+ .set_proto_caps = _set_proto_caps,
+ .get_meas_algorithm = _get_meas_algorithm,
+ .set_meas_algorithm = _set_meas_algorithm,
+ .get_platform_info = _get_platform_info,
+ .set_platform_info = _set_platform_info,
+ .get_tpm_version_info = _get_tpm_version_info,
+ .set_tpm_version_info = _set_tpm_version_info,
+ .get_aik = _get_aik,
+ .set_aik = _set_aik,
+ .do_measurements = _do_measurements,
+ .destroy = _destroy,
+ },
+ .proto_caps = PTS_PROTO_CAPS_V,
+ .algorithm = PTS_MEAS_ALGO_SHA256,
);
if (is_imc)
/**
* Get PTS Protocol Capabilities
*
- * @return protocol capabilities flags
+ * @return protocol capabilities flags
*/
pts_proto_caps_flag_t (*get_proto_caps)(pts_t *this);
/**
* Set PTS Protocol Capabilities
*
- * @param flags protocol capabilities flags
+ * @param flags protocol capabilities flags
*/
void (*set_proto_caps)(pts_t *this, pts_proto_caps_flag_t flags);
/**
* Get PTS Measurement Algorithm
*
- * @return measurement algorithm
+ * @return measurement algorithm
*/
pts_meas_algorithms_t (*get_meas_algorithm)(pts_t *this);
/**
* Set PTS Measurement Algorithm
*
- * @param algorithm measurement algorithm
+ * @param algorithm measurement algorithm
*/
void (*set_meas_algorithm)(pts_t *this, pts_meas_algorithms_t algorithm);
* Get TPM 1.2 Version Info
*
* @param info chunk containing a TPM_CAP_VERSION_INFO struct
- * @return TRUE if TPM Version Info available
+ * @return TRUE if TPM Version Info available
*/
bool (*get_tpm_version_info)(pts_t *this, chunk_t *info);
/**
* Set TPM 1.2 Version Info
*
- * @param info chunk containing a TPM_CAP_VERSION_INFO struct
+ * @param info chunk containing a TPM_CAP_VERSION_INFO struct
*/
void (*set_tpm_version_info)(pts_t *this, chunk_t info);
/**
* Set Attestation Identity Key
*
- * @param aik chunk containing a AIK naked public key or certificate
+ * @param aik chunk containing a AIK naked public key or certificate
* @param is_naked_key TRUE if AIK is naked public key, without certificate
*/
void (*set_aik)(pts_t *this, chunk_t aik, bool is_naked_key);
* @param request_id ID of PTS File Measurement Request
* @param pathname Absolute pathname of file to be measured
* @param is_directory if TRUE directory contents are measured
- * @return PTS File Measurements of NULL if FAILED
+ * @return PTS File Measurements of NULL if FAILED
*/
pts_file_meas_t* (*do_measurements)(pts_t *this, u_int16_t request_id,
- char *pathname, bool is_directory);
+ char *pathname, bool is_directory);
/**
* Destroys a pts_t object.
*/
struct pts_database_t {
- /**
+/**
* Get files to be measured by PTS
*
* @product software product (os, vpn client, etc.)
- * @return enumerator over all files matching a given release
+ * @return enumerator over all files matching a given release
*/
enumerator_t* (*create_file_enumerator)(pts_database_t *this, char *product);
* @product software product (os, vpn client, etc.)
* @id primary key in files table
* @algorithm measurement algorithm type
- * @return enumerator over all measurements matching a given release
+ * @return enumerator over all measurements matching a given release
*/
enumerator_t* (*create_meas_enumerator)(pts_database_t *this, char *product, int id, pts_meas_algorithms_t algorithm);
* see section 3.14.2 of PTS Protocol: Binding to TNC IF-M Specification
*/
enum pts_error_code_t {
- TCG_PTS_RESERVED_ERROR = 0,
+ TCG_PTS_RESERVED_ERROR = 0,
TCG_PTS_HASH_ALG_NOT_SUPPORTED = 1,
- TCG_PTS_INVALID_PATH = 2,
- TCG_PTS_FILE_NOT_FOUND = 3,
- TCG_PTS_REG_NOT_SUPPORTED = 4,
- TCG_PTS_REG_KEY_NOT_FOUND = 5,
- TCG_PTS_DH_GRPS_NOT_SUPPORTED = 6,
- TCG_PTS_BAD_NONCE_LENGTH = 7,
- TCG_PTS_INVALID_NAME_FAM = 8,
+ TCG_PTS_INVALID_PATH = 2,
+ TCG_PTS_FILE_NOT_FOUND = 3,
+ TCG_PTS_REG_NOT_SUPPORTED = 4,
+ TCG_PTS_REG_KEY_NOT_FOUND = 5,
+ TCG_PTS_DH_GRPS_NOT_SUPPORTED = 6,
+ TCG_PTS_BAD_NONCE_LENGTH = 7,
+ TCG_PTS_INVALID_NAME_FAM = 8,
TCG_PTS_TPM_VERS_NOT_SUPPORTED = 9,
- TCG_PTS_INVALID_DELIMITER = 10,
+ TCG_PTS_INVALID_DELIMITER = 10,
TCG_PTS_OPERATION_NOT_SUPPORTED = 11,
- TCG_PTS_RM_ERROR = 12,
- TCG_PTS_UNABLE_LOCAL_VAL = 13,
- TCG_PTS_UNABLE_CUR_EVID = 14,
- TCG_PTS_UNABLE_DET_TTC = 15,
- TCG_PTS_UNABLE_DET_PCR = 16,
+ TCG_PTS_RM_ERROR = 12,
+ TCG_PTS_UNABLE_LOCAL_VAL = 13,
+ TCG_PTS_UNABLE_CUR_EVID = 14,
+ TCG_PTS_UNABLE_DET_TTC = 15,
+ TCG_PTS_UNABLE_DET_PCR = 16,
};
/**
* PTS File Measurement entry
*/
struct entry_t {
- char *filename;
+ char *filename;
chunk_t measurement;
};
/**
* Create a PTS File Measurement enumerator
*
- * @return Enumerator returning filename and measurement
+ * @return Enumerator returning filename and measurement
*/
enumerator_t* (*create_enumerator)(pts_file_meas_t *this);
/** Unknown */
PTS_FUNC_COMP_TYPE_UNKNOWN = 0x0,
/** Trusted Platform */
- PTS_FUNC_COMP_TYPE_TRUSTED = 0x1,
+ PTS_FUNC_COMP_TYPE_TRUSTED = 0x1,
/** Operating System */
- PTS_FUNC_COMP_TYPE_OS = 0x2,
+ PTS_FUNC_COMP_TYPE_OS = 0x2,
/** Graphical User Interface */
- PTS_FUNC_COMP_TYPE_GUI = 0x3,
+ PTS_FUNC_COMP_TYPE_GUI = 0x3,
/** Application */
PTS_FUNC_COMP_TYPE_APP = 0x4,
/** Networking */
- PTS_FUNC_COMP_TYPE_NET = 0x5,
+ PTS_FUNC_COMP_TYPE_NET = 0x5,
/** Library */
- PTS_FUNC_COMP_TYPE_LIB = 0x6,
+ PTS_FUNC_COMP_TYPE_LIB = 0x6,
/** TNC Defined Component */
- PTS_FUNC_COMP_TYPE_TNC = 0x7,
+ PTS_FUNC_COMP_TYPE_TNC = 0x7,
/** All matching Components */
- PTS_FUNC_COMP_TYPE_ALL = 0xF,
+ PTS_FUNC_COMP_TYPE_ALL = 0xF,
};
/**
/** Ignore */
PTS_FUNC_COMP_NAME_IGNORE = 0x0000,
/** CRTM */
- PTS_FUNC_COMP_NAME_CRTM = 0x0001,
+ PTS_FUNC_COMP_NAME_CRTM = 0x0001,
/** BIOS */
- PTS_FUNC_COMP_NAME_BIOS = 0x0002,
+ PTS_FUNC_COMP_NAME_BIOS = 0x0002,
/** Platform Extensions */
PTS_FUNC_COMP_NAME_PLATFORM_EXT = 0x0003,
/** Motherboard firmware */
PTS_FUNC_COMP_NAME_BOARD = 0x0004,
/** Initial Program Loader */
- PTS_FUNC_COMP_NAME_INIT_LOADER = 0x0005,
+ PTS_FUNC_COMP_NAME_INIT_LOADER = 0x0005,
/** Option ROMs */
- PTS_FUNC_COMP_NAME_OPT_ROMS = 0x0006,
+ PTS_FUNC_COMP_NAME_OPT_ROMS = 0x0006,
};
/**
* Qualifier for Functional Component
*/
struct pts_qualifier_t {
- bool kernel;
- bool sub_component;
+ bool kernel;
+ bool sub_component;
pts_funct_comp_type_t type;
};
bool pts_meas_probe_algorithms(pts_meas_algorithms_t *algorithms)
{
enumerator_t *enumerator;
- hash_algorithm_t hash_alg;
- const char *plugin_name;
+ hash_algorithm_t hash_alg;
+ const char *plugin_name;
char format1[] = " %s PTS measurement algorithm %N[%s] available";
char format2[] = " %s PTS measurement algorithm %N not available";
enumerator->destroy(enumerator);
if (!(*algorithms & PTS_MEAS_ALGO_SHA384))
- {
+ {
DBG1(DBG_TNC, format2, "optional ", hash_algorithm_names, HASH_SHA384);
}
if ((*algorithms & PTS_MEAS_ALGO_SHA1) &&
return TRUE;
}
if (!(*algorithms & PTS_MEAS_ALGO_SHA1))
- {
+ {
DBG1(DBG_TNC, format2, "mandatory", hash_algorithm_names, HASH_SHA1);
}
if (!(*algorithms & PTS_MEAS_ALGO_SHA256))
- {
+ {
DBG1(DBG_TNC, format2, "mandatory", hash_algorithm_names, HASH_SHA256);
}
return FALSE;
* PTS Measurement Algorithms
*/
enum pts_meas_algorithms_t {
- PTS_MEAS_ALGO_SHA1 = (1<<15),
- PTS_MEAS_ALGO_SHA256 = (1<<14),
- PTS_MEAS_ALGO_SHA384 = (1<<13),
+ PTS_MEAS_ALGO_SHA1 = (1<<15),
+ PTS_MEAS_ALGO_SHA256 = (1<<14),
+ PTS_MEAS_ALGO_SHA384 = (1<<13),
};
/**
* Diffie-Hellman Hash Algorithm Values
* see section 3.8.5 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1
+ * 1
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* |1|2|3|R|R|R|R|R|R|R|R|R|R|R|R|R|
/** XML based Evidence Support flag */
PTS_PROTO_CAPS_X = (1<<0),
/** Trusted Platform Evidence flag */
- PTS_PROTO_CAPS_T = (1<<1),
+ PTS_PROTO_CAPS_T = (1<<1),
/** DH Nonce Negotiation Support flag */
- PTS_PROTO_CAPS_D = (1<<2),
+ PTS_PROTO_CAPS_D = (1<<2),
/** Verification Support flag */
- PTS_PROTO_CAPS_V = (1<<3),
+ PTS_PROTO_CAPS_V = (1<<3),
/** Current (In-Memory) Evidence Support flag */
PTS_PROTO_CAPS_C = (1<<4),
};
* Attestation Identity Key
* see section 3.13 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Attestation Identity Key (Variable Length) ~
+ * | Flags | Attestation Identity Key (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Attestation Identity Key (Variable Length) ~
+ * | Attestation Identity Key (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
writer = bio_writer_create(PTS_AIK_SIZE);
- if(this->naked_pub_aik) flags += 128;
+ if (this->naked_pub_aik)
+ {
+ flags += 128;
+ }
writer->write_uint8 (writer, flags);
writer->write_data(writer, this->aik);
reader = bio_reader_create(this->value);
reader->read_uint8(reader, &flags);
- if((flags >> 7 ) & 1) this->naked_pub_aik = true;
+ if ((flags >> 7 ) & 1)
+ {
+ this->naked_pub_aik = true;
+ }
reader->read_data (reader, this->value.len - 1, &this->aik);
this->aik = chunk_clone(this->aik);
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
*
* @param naked flag
*/
- void (*set_naked_flag)(tcg_pts_attr_aik_t *this,
+ void (*set_naked_flag)(tcg_pts_attr_aik_t *this,
bool naked_pub_aik);
/**
*
* @param flags set of flags
*/
- void (*set_aik)(tcg_pts_attr_aik_t *this,
+ void (*set_aik)(tcg_pts_attr_aik_t *this,
chunk_t aik);
};
* File Measurement
* see section 3.19.2 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Number of Files included |
+ * | Number of Files included |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Number of Files included |
+ * | Number of Files included |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Request ID | Measurement Length |
+ * | Request ID | Measurement Length |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement #1 (Variable Length) |
+ * | Measurement #1 (Variable Length) |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Filename Length | Filename (Variable Length) ~
+ * | Filename Length | Filename (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Filename (Variable Length) ~
+ * ~ Filename (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement #2 (Variable Length) |
+ * | Measurement #2 (Variable Length) |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Filename Length | Filename (Variable Length) ~
+ * | Filename Length | Filename (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Filename (Variable Length) ~
+ * ~ Filename (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ...........................
+ * ...........................
*/
#define PTS_FILE_MEAS_SIZE 12
end:
reader->destroy(reader);
- return status;
+ return status;
}
METHOD(pa_tnc_attr_t, destroy, void,
* Public PA-TNC attribute interface
*/
pa_tnc_attr_t pa_tnc_attribute;
-
+
/**
* Get PTS File Measurements
*
* Generate Attestation Evidence
* see section 3.14.2 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
*
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved |
+ * | Reserved |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
reader->read_uint32 (reader, &reserved);
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
* Get Attestation Identity Key
* see section 3.12 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved |
+ * | Reserved |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
reader->read_uint32 (reader, &reserved);
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
* Get TPM Version Information
* see section 3.10 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
*
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved |
+ * | Reserved |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
* PTS Measurement Algorithm
* see section 3.9.1 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved | Hash Algorithm Set |
+ * | Reserved | Hash Algorithm Set |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
this->algorithms = algorithms;
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
* PTS Protocol Capabilities
* see section 3.7 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved |C|V|D|T|X|
+ * | Reserved |C|V|D|T|X|
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
this->flags = flags;
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
* Request File Measurement
* see section 3.19.1 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Reserved | Request ID |
+ * | Flags | Reserved | Request ID |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Delimiter |
+ * | Delimiter |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Fully Qualified File Pathname (Variable Length) ~
+ * ~ Fully Qualified File Pathname (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
* UTF8 Encoding of Delimiter Character
*/
u_int32_t delimiter;
-
+
/**
* Fully Qualified File Pathname
*/
chunk_t pathname;
bio_writer_t *writer;
- if (this->directory_flag)
+ if (this->directory_flag)
{
flags |= DIRECTORY_CONTENTS_FLAG;
}
this->pathname[pathname.len] = '\0';
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
* @return Pathname
*/
char* (*get_pathname)(tcg_pts_attr_req_file_meas_t *this);
-
+
};
/**
* Request Functional Component Evidence
* see section 3.14.1 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
*
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Sub-component Depth |
+ * | Flags | Sub-component Depth |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name |
+ * | Component Functional Name |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
/**
* Component Functional Name Structure (see section 5.1 of PTS Protocol: Binding to TNC IF-M Specification)
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
*
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name Vendor ID |Fam| Qualifier |
+ * | Component Functional Name Vendor ID |Fam| Qualifier |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name |
+ * | Component Functional Name |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
* Qualifier for Functional Component
* see section 5.2 of PTS Protocol: Binding to TNC IF-M Specification
*
- *
- * 0 1 2 3 4 5
+ *
+ * 0 1 2 3 4 5
* +-+-+-+-+-+-+
* |K|S| Type |
* +-+-+-+-+-+-+
writer->write_uint24 (writer, this->depth);
writer->write_uint24 (writer, this->comp_vendor_id);
- if(this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
+ if (this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
{
DBG1(DBG_TNC, "Functional Name Encoding Family is not set to 00");
}
/* TODO: Generate an IF-M error attribute indicating */
/* TCG_PTS_INVALID_NAME_FAM */
- //if(&this->comp_vendor_id==PEN_TCG && this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
+ //if (&this->comp_vendor_id==PEN_TCG && this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
//{
// DBG1(DBG_TNC, "Functional Name Encoding Family is not set to 00");
//}
/* TODO: Check the name is defined in pts_funct_comp_name_t */
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
*/
pa_tnc_attr_t *tcg_pts_attr_req_funct_comp_evid_create(
pts_attr_req_funct_comp_evid_flag_t flags,
- u_int32_t depth, u_int32_t vendor_id,
- pts_qualifier_t qualifier,
- pts_funct_comp_name_t name)
+ u_int32_t depth, u_int32_t vendor_id,
+ pts_qualifier_t qualifier,
+ pts_funct_comp_name_t name)
{
private_tcg_pts_attr_req_funct_comp_evid_t *this;
/** Transitive Trust Chain flag */
PTS_REQ_FUNC_COMP_FLAG_TTC = (1<<7),
/** Verify Component flag */
- PTS_REQ_FUNC_COMP_FLAG_VER = (1<<6),
+ PTS_REQ_FUNC_COMP_FLAG_VER = (1<<6),
/** Current Evidence flag */
- PTS_REQ_FUNC_COMP_FLAG_CURR = (1<<5),
+ PTS_REQ_FUNC_COMP_FLAG_CURR = (1<<5),
/** PCR Information flag */
- PTS_REQ_FUNC_COMP_FLAG_PCR = (1<<4),
+ PTS_REQ_FUNC_COMP_FLAG_PCR = (1<<4),
};
/**
*
* @param flags Set of flags
*/
- void (*set_flags)(tcg_pts_attr_req_funct_comp_evid_t *this,
+ void (*set_flags)(tcg_pts_attr_req_funct_comp_evid_t *this,
pts_attr_req_funct_comp_evid_flag_t flags);
/**
* Simple Component Evidence
* see section 3.15.1 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Sub-Component Depth |
+ * | Flags | Sub-Component Depth |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Specific Functional Component |
+ * | Specific Functional Component |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Specific Functional Component |
+ * | Specific Functional Component |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measure. Type | Extended into PCR |
+ * | Measure. Type | Extended into PCR |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Hash Algorithm | PCR Transform | Reserved |
+ * | Hash Algorithm | PCR Transform | Reserved |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
+ * | Measurement Date/Time |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
+ * | Measurement Date/Time |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
+ * | Measurement Date/Time |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
+ * | Measurement Date/Time |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
+ * | Measurement Date/Time |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Optional Policy URI Length | Opt. Verification Policy URI ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional Verification Policy URI ~
+ * ~ Optional Verification Policy URI ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Optional PCR Length | Optional PCR Before Value ~
+ * | Optional PCR Length | Optional PCR Before Value ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional PCR Before Value (Variable Length) ~
+ * ~ Optional PCR Before Value (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional PCR After Value (Variable Length) ~
+ * ~ Optional PCR After Value (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Component Measurement (Variable Length) ~
+ * ~ Component Measurement (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
* Specific Functional Component -> Component Functional Name Structure
* see section 5.1 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name Vendor ID |Fam| Qualifier |
+ * | Component Functional Name Vendor ID |Fam| Qualifier |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name |
+ * | Component Functional Name |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
* Qualifier for Functional Component
* see section 5.2 of PTS Protocol: Binding to TNC IF-M Specification
*
- *
+ *
* 0 1 2 3 4 5
* +-+-+-+-+-+-+
* |K|S| Type |
u_int8_t measurement_type;
/**
- * Which PCR the functional component is extended into
+ * Which PCR the functional component is extended into
*/
u_int32_t extended_pcr;
pts_meas_algorithms_t hash_algorithm;
/**
- * Transformation type for PCR
+ * Transformation type for PCR
*/
pts_pcr_transform_t transformation;
if (!qualifier || qualifier == 63)
{
DBG1(DBG_TNC, "Unknown or Wildcard should not be used for"
- " Functional Name Qualifier");
+ " Functional Name Qualifier");
}
writer->write_uint8 (writer, qualifier);
writer->write_data (writer, this->measurement_time);
/* Optional fields */
- if (this->policy_uri.ptr && this->policy_uri.len > 0)
+ if (this->policy_uri.ptr && this->policy_uri.len > 0)
{
writer->write_uint16(writer, this->policy_uri.len);
writer->write_data (writer, this->policy_uri);
/* Determine the flags to set*/
if ((flags >> 7) & 1)
{
- this->flags |= PTS_SIMPLE_COMP_EVID_FLAG_PCR;
+ this->flags |= PTS_SIMPLE_COMP_EVID_FLAG_PCR;
}
if (!((flags >> 6) & 1) && !((flags >> 5) & 1))
{
this->flags |= PTS_SIMPLE_COMP_EVID_FLAG_NO_VALID;
}
else if (!((flags >> 6) & 1) && ((flags >> 5) & 1))
- {
+ {
this->flags |= PTS_SIMPLE_COMP_EVID_FLAG_NO_VER;
}
else if (((flags >> 6) & 1) && !((flags >> 5) & 1))
/* TODO: Generate an IF-M error attribute indicating */
/* TCG_PTS_INVALID_NAME_FAM */
- //if(&this->comp_vendor_id==PEN_TCG && this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
+ //if (&this->comp_vendor_id==PEN_TCG && this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
//{
// DBG1(DBG_TNC, "Functional Name Encoding Family is not set to 00");
//}
{
this->qualifier.kernel = true;
}
- if (((fam_and_qualifier >> 4) & 1) )
+ if (((fam_and_qualifier >> 4) & 1) )
{
this->qualifier.sub_component = true;
}
if (!(fam_and_qualifier & 0x3F) || (fam_and_qualifier & 0x3F) == 0x3F)
{
DBG1(DBG_TNC, "Unknown or Wildcard should not be used for"
- " Functional Name Qualifier");
+ " Functional Name Qualifier");
}
reader->read_uint32(reader, &this->name);
reader->read_uint24(reader, &this->extended_pcr);
reader->read_uint16(reader, &algorithm);
- this->hash_algorithm = algorithm;
+ this->hash_algorithm = algorithm;
reader->read_uint8(reader, &transformation);
this->transformation = transformation;
this->measurement_time = chunk_clone(this->measurement_time);
/* Optional Policy URI field is included */
- if (this->flags & PTS_SIMPLE_COMP_EVID_FLAG_VER_FAIL ||
+ if (this->flags & PTS_SIMPLE_COMP_EVID_FLAG_VER_FAIL ||
this->flags & PTS_SIMPLE_COMP_EVID_FLAG_VER_PASS)
{
u_int16_t policy_uri_len;
this->measurement = chunk_clone(this->measurement);
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
METHOD(tcg_pts_attr_simple_comp_evid_t, get_pcr_len, u_int16_t,
private_tcg_pts_attr_simple_comp_evid_t *this)
{
- if (this->pcr_before.ptr && this->pcr_after.ptr &&
+ if (this->pcr_before.ptr && this->pcr_after.ptr &&
this->pcr_before.len == this->pcr_after.len &&
- this->pcr_before.len > 0 && this->pcr_after.len > 0)
+ this->pcr_before.len > 0 && this->pcr_after.len > 0)
{
return this->pcr_before.len;
}
/** PCR information fields inlcuded */
PTS_SIMPLE_COMP_EVID_FLAG_PCR = 0,
/** No Validation was attempted */
- PTS_SIMPLE_COMP_EVID_FLAG_NO_VALID = 1,
+ PTS_SIMPLE_COMP_EVID_FLAG_NO_VALID = 1,
/** Attempted validation, unable to verify */
- PTS_SIMPLE_COMP_EVID_FLAG_NO_VER = 2,
+ PTS_SIMPLE_COMP_EVID_FLAG_NO_VER = 2,
/** Attempted validation, verification failed */
- PTS_SIMPLE_COMP_EVID_FLAG_VER_FAIL = 3,
+ PTS_SIMPLE_COMP_EVID_FLAG_VER_FAIL = 3,
/** Attempted validation, verification passed */
- PTS_SIMPLE_COMP_EVID_FLAG_VER_PASS = 4,
+ PTS_SIMPLE_COMP_EVID_FLAG_VER_PASS = 4,
};
/**
/** No Transformation */
PTS_PCR_TRANSFORM_NO = 0,
/** Hash Value matched PCR size */
- PTS_PCR_TRANSFORM_MATCH = 1,
+ PTS_PCR_TRANSFORM_MATCH = 1,
/** Hash value shorter than PCR size */
- PTS_PCR_TRANSFORM_SHORT = 2,
+ PTS_PCR_TRANSFORM_SHORT = 2,
/** Hash value longer than PCR size */
- PTS_PCR_TRANSFORM_LONG = 3,
+ PTS_PCR_TRANSFORM_LONG = 3,
};
/**
*
* @param flags Set of flags
*/
- void (*set_flags)(tcg_pts_attr_simple_comp_evid_t *this,
+ void (*set_flags)(tcg_pts_attr_simple_comp_evid_t *this,
pts_attr_simple_comp_evid_flag_t flags);
/**
u_int8_t (*get_measurement_type)(tcg_pts_attr_simple_comp_evid_t *this);
/**
- * Get which PCR the functional component is extended into
+ * Get which PCR the functional component is extended into
*
* @return Number of PCR
*/
u_int32_t (*get_extended_pcr)(tcg_pts_attr_simple_comp_evid_t *this);
/**
- * Set which PCR the functional component is extended into
+ * Set which PCR the functional component is extended into
*
* @param pcr_number Number of PCR
*/
pts_meas_algorithms_t hash_algorithm);
/**
- * Get PCR Transformation
+ * Get PCR Transformation
*
* @return Transformation type of PCR
*/
* @return Policy URI
*/
chunk_t (*get_policy_uri)(tcg_pts_attr_simple_comp_evid_t *this);
-
+
/**
* Set Optional Policy URI
*
* @return PCR before value
*/
chunk_t (*get_pcr_before_value)(tcg_pts_attr_simple_comp_evid_t *this);
-
+
/**
* Set Optional PCR before value
*
* @return PCR after value
*/
chunk_t (*get_pcr_after_value)(tcg_pts_attr_simple_comp_evid_t *this);
-
+
/**
* Set Optional PCR after value
*
* @return Component Measurement Hash
*/
chunk_t (*get_comp_measurement)(tcg_pts_attr_simple_comp_evid_t *this);
-
+
/**
* Set Component Measurement
*
* @param vendor_id Component Functional Name Vendor ID
* @param qualifier Functional Name Category Qualifier
* @param name Component Functional Name
- * @param extended_pcr Which PCR the functional component is extended into
+ * @param extended_pcr Which PCR the functional component is extended into
* @param hash_algorithm Hash Algorithm
* @param transformation Transformation type for PCR
* @param measurement_time Measurement time
* @param measurement Component Measurement
*/
pa_tnc_attr_t* tcg_pts_attr_simple_comp_evid_create(pts_attr_simple_comp_evid_flag_t flags,
- u_int32_t depth,
- u_int32_t vendor_id,
- pts_qualifier_t qualifier,
- pts_funct_comp_name_t name,
- u_int32_t extended_pcr,
- pts_meas_algorithms_t hash_algorithm,
- pts_pcr_transform_t transformation,
- chunk_t measurement_time,
- chunk_t policy_uri,
- chunk_t pcr_before,
- chunk_t pcr_after,
- chunk_t measurement);
+ u_int32_t depth,
+ u_int32_t vendor_id,
+ pts_qualifier_t qualifier,
+ pts_funct_comp_name_t name,
+ u_int32_t extended_pcr,
+ pts_meas_algorithms_t hash_algorithm,
+ pts_pcr_transform_t transformation,
+ chunk_t measurement_time,
+ chunk_t policy_uri,
+ chunk_t pcr_before,
+ chunk_t pcr_after,
+ chunk_t measurement);
/**
* Creates an tcg_pts_attr_simple_comp_evid_t object from received data
* Simple Evidence Final
* see section 3.15.2 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Reserved | Optional Composite Hash Alg |
+ * | Flags | Reserved | Optional Composite Hash Alg |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Optional TPM PCR Composite Length |
+ * | Optional TPM PCR Composite Length |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional TPM PCR Composite (Variable Length) ~
+ * ~ Optional TPM PCR Composite (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Optional TPM Quote Signature Length |
+ * | Optional TPM Quote Signature Length |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional TPM Quote Signature (Variable Length) ~
+ * ~ Optional TPM Quote Signature (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional Evidence Signature (Variable Length) ~
+ * ~ Optional Evidence Signature (Variable Length) ~
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
writer->write_uint16(writer, this->comp_hash_algorithm);
/* Optional fields */
- if (this->pcr_comp.ptr && this->pcr_comp.len > 0)
+ if (this->pcr_comp.ptr && this->pcr_comp.len > 0)
{
writer->write_uint32 (writer, this->pcr_comp.len);
writer->write_data (writer, this->pcr_comp);
/* Determine the flags to set*/
if (!((flags >> 7) & 1) && !((flags >> 6) & 1))
- {
+ {
this->flags |= PTS_SIMPLE_EVID_FINAL_FLAG_NO;
}
else if (!((flags >> 7) & 1) && ((flags >> 6) & 1))
- {
+ {
this->flags |= PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO;
}
else if (((flags >> 7) & 1) && !((flags >> 6) & 1))
reader->read_uint8(reader, &reserved);
reader->read_uint16(reader, &algorithm);
- this->comp_hash_algorithm = algorithm;
-
+ this->comp_hash_algorithm = algorithm;
+
/* Optional TPM PCR Composite field is included */
if (!(this->flags & PTS_SIMPLE_EVID_FINAL_FLAG_NO))
{
}
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
private_tcg_pts_attr_simple_evid_final_t *this)
{
if (this->pcr_comp.ptr && this->pcr_comp.len > 0)
- {
+ {
return this->pcr_comp.len;
}
return 0;
* Described in header.
*/
pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create(
- pts_simple_evid_final_flag_t flags,
- pts_meas_algorithms_t comp_hash_algorithm,
- chunk_t pcr_comp,
- chunk_t tpm_quote_sign,
- chunk_t evid_sign)
+ pts_simple_evid_final_flag_t flags,
+ pts_meas_algorithms_t comp_hash_algorithm,
+ chunk_t pcr_comp,
+ chunk_t tpm_quote_sign,
+ chunk_t evid_sign)
{
private_tcg_pts_attr_simple_evid_final_t *this;
PTS_SIMPLE_EVID_FINAL_FLAG_NO = 0,
/** Optional TPM PCR Composite and Optional TPM Quote Signature fields included */
/** using TPM_QUOTE_INFO */
- PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO = 1,
+ PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO = 1,
/** Optional TPM PCR Composite and Optional TPM Quote Signature fields included */
/** using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO was not appended */
- PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2 = 2,
+ PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2 = 2,
/** Optional TPM PCR Composite and Optional TPM Quote Signature fields included */
/** using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO was appended */
- PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER = 3,
+ PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER = 3,
/** Optional Evidence Signature included */
- PTS_SIMPLE_EVID_FINAL_FLAG_EVID = 4,
+ PTS_SIMPLE_EVID_FINAL_FLAG_EVID = 4,
};
/**
*
* @param flags Set of flags
*/
- void (*set_flags)(tcg_pts_attr_simple_evid_final_t *this,
+ void (*set_flags)(tcg_pts_attr_simple_evid_final_t *this,
pts_simple_evid_final_flag_t flags);
/**
*/
void (*set_comp_hash_algorithm)(tcg_pts_attr_simple_evid_final_t *this,
pts_meas_algorithms_t hash_algorithm);
-
+
/**
* Get Optional TPM PCR Composite Length
*
u_int32_t (*get_comp_pcr_len)(tcg_pts_attr_simple_evid_final_t *this);
/**
- * Get Optional TPM PCR Composite
+ * Get Optional TPM PCR Composite
*
* @return PCR Composite
*/
chunk_t (*get_pcr_comp)(tcg_pts_attr_simple_evid_final_t *this);
-
+
/**
- * Set Optional TPM PCR Composite
+ * Set Optional TPM PCR Composite
*
* @param pcr_comp PCR Composite
*/
u_int32_t (*get_tpm_quote_sign_len)(tcg_pts_attr_simple_evid_final_t *this);
/**
- * Get Optional TPM Quote Signature
+ * Get Optional TPM Quote Signature
*
- * @return TPM Quote Signature
+ * @return TPM Quote Signature
*/
chunk_t (*get_tpm_quote_sign)(tcg_pts_attr_simple_evid_final_t *this);
-
+
/**
- * Set Optional TPM Quote Signature
+ * Set Optional TPM Quote Signature
*
- * @param tpm_quote_sign TPM Quote Signature
+ * @param tpm_quote_sign TPM Quote Signature
*/
void (*set_tpm_quote_sign)(tcg_pts_attr_simple_evid_final_t *this,
chunk_t tpm_quote_sign);
* @return Optional Evidence Signature
*/
chunk_t (*get_evid_sign)(tcg_pts_attr_simple_evid_final_t *this);
-
+
/**
* Set Optional Evidence Signature
*
* TPM Version Information
* see section 3.11 of PTS Protocol: Binding to TNC IF-M Specification
*
- * 1 2 3
+ * 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
*
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | TPM Version Information (Variable Lenght) |
+ * | TPM Version Information (Variable Lenght) |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
* see TPM Structure Specification Part 2, section 21.6: TPM_CAP_VERSION_INFO
this->tpm_version_info = chunk_clone(this->tpm_version_info);
reader->destroy(reader);
- return SUCCESS;
+ return SUCCESS;
}
METHOD(pa_tnc_attr_t, destroy, void,
*
* @param tpm_version_info TPM version info
*/
- void (*set_tpm_version_info)(tcg_pts_attr_tpm_version_info_t *this,
+ void (*set_tpm_version_info)(tcg_pts_attr_tpm_version_info_t *this,
chunk_t tpm_version_info);
};
projects / strongswan.git / commitdiff