}
/**
+ * Get the maximum PCR index received in pcr_after_value field
+ */
+static u_int32_t get_max_pcr_index(private_pts_t *this)
+{
+ enumerator_t *e;
+ pcr_entry_t *pcr_entry;
+ u_int32_t ret = 0;
+
+ if (this->pcrs->get_count(this->pcrs) == 0)
+ {
+ return -1;
+ }
+
+ e = this->pcrs->create_enumerator(this->pcrs);
+ while (e->enumerate(e, &pcr_entry))
+ {
+ if (pcr_entry->pcr_number > ret)
+ {
+ ret = pcr_entry->pcr_number;
+ }
+ }
+ e->destroy(e);
+
+ return ret;
+}
+
+/**
* 1. build a TCPA_PCR_COMPOSITE structure which contains (pcrCompositeBuf)
* TCPA_PCR_SELECTION structure (bitmask length + bitmask)
* UINT32 (network order) gives the number of bytes following (pcr entries * 20)
enumerator_t *e;
pcr_entry_t *pcr_entry;
chunk_t pcr_composite, hash_pcr_composite;
- u_int32_t pcr_composite_len;
+ u_int32_t pcr_composite_len, i, maximum_pcr_index, bitmask_len;
bio_writer_t *writer;
- u_int8_t mask_bytes[PCR_MASK_LEN] = {0,0,0}, i;
hasher_t *hasher;
- if (this->pcrs->get_count(this->pcrs) == 0)
+ maximum_pcr_index = get_max_pcr_index(this);
+ if (maximum_pcr_index == -1)
{
DBG1(DBG_PTS, "PCR entries unavailable, unable to construct "
"TPM Quote Info");
return FALSE;
}
-
- pcr_composite_len = 2 + PCR_MASK_LEN + 4 +
+
+ bitmask_len = maximum_pcr_index/8 +1;
+ u_int8_t mask_bytes[MAX_NUM_PCR/8] = {0};
+
+ pcr_composite_len = 2 + bitmask_len + 4 +
this->pcrs->get_count(this->pcrs) * PCR_LEN;
writer = bio_writer_create(pcr_composite_len);
/* Lenght of the bist mask field */
- writer->write_uint16(writer, PCR_MASK_LEN);
+ writer->write_uint16(writer, bitmask_len);
/* Bit mask indicating selected PCRs */
e = this->pcrs->create_enumerator(this->pcrs);
while (e->enumerate(e, &pcr_entry))
}
e->destroy(e);
- for (i = 0; i< PCR_MASK_LEN ; i++)
+ for (i = 0; i< bitmask_len ; i++)
{
writer->write_uint8(writer, mask_bytes[i]);
}
/**
* PCR indices used for measurements of various functional components
*/
-/** Commented the real PCR indices out, use just PCR16 for debugging
#define PCR_BIOS 0
#define PCR_PLATFORM_EXT 1
#define PCR_MOTHERBOARD 1
#define PCR_TGRUB_CMD_LINE_ARGS 12
#define PCR_TGRUB_CHECKFILE 13
#define PCR_TGRUB_LOADED_FILES 14
-*/
-#define PCR_BIOS 16
-#define PCR_PLATFORM_EXT 16
-#define PCR_MOTHERBOARD 16
-#define PCR_OPTION_ROMS 16
-#define PCR_IPL 16
-
-#define PCR_TBOOT_POLICY 16
-#define PCR_TBOOT_MLE 16
-
-#define PCR_TGRUB_MBR_STAGE1 16
-#define PCR_TGRUB_STAGE2_PART1 16
-#define PCR_TGRUB_STAGE2_PART2 16
-#define PCR_TGRUB_CMD_LINE_ARGS 16
-#define PCR_TGRUB_CHECKFILE 16
-#define PCR_TGRUB_LOADED_FILES 16
/**
* Length of the generated nonce used for calculation of shared secret
#define TPM_QUOTE_INFO_LEN 48
/**
- * Bitmask Lenght for PCR Composite structure
- */
-#define PCR_MASK_LEN MAX_NUM_PCR/8
-
-/**
* Hashing algorithm used by tboot and trustedGRUB
*/
#define TRUSTED_HASH_ALGO PTS_MEAS_ALGO_SHA1
projects / strongswan.git / commitdiff