char *pathname;
u_int16_t request_id;
bool is_directory;
+ u_int32_t delimiter;
pts_file_meas_t *measurements;
-
+ pts_error_code_t pts_error;
+ chunk_t attr_info;
+
attr_cast = (tcg_pts_attr_req_file_meas_t*)attr;
is_directory = attr_cast->get_directory_flag(attr_cast);
request_id = attr_cast->get_request_id(attr_cast);
+ delimiter = attr_cast->get_delimiter(attr_cast);
pathname = attr_cast->get_pathname(attr_cast);
+
+ if (pts->is_path_valid(pts, pathname, &pts_error) && pts_error)
+ {
+ attr_info = attr->get_value(attr);
+ attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
+ pts_error, attr_info);
+ attr_list->insert_last(attr_list, attr);
+ break;
+ }
+ else if (!pts->is_path_valid(pts, pathname, &pts_error))
+ {
+ break;
+ }
+
+ if (delimiter != SOLIDUS_UTF && delimiter != REVERSE_SOLIDUS_UTF)
+ {
+ attr_info = attr->get_value(attr);
+ attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
+ TCG_PTS_INVALID_DELIMITER, attr_info);
+ attr_list->insert_last(attr_list, attr);
+ break;
+ }
/* Do PTS File Measurements and send them to PTS-IMV */
DBG2(DBG_IMC, "measurement request %d for %s '%s'",
#define IMV_VENDOR_ID PEN_TCG
#define IMV_SUBTYPE PA_SUBTYPE_TCG_PTS
-/**
- * UTF-8 encoding of the character used to delimiter the filename
- */
-#define SOLIDUS_UTF 0x002F
-#define REVERSE_SOLIDUS_UTF 0x005C
-
static imv_agent_t *imv_attestation;
/**
return filename;
}
+METHOD(pts_t, is_path_valid, bool, private_pts_t *this, char *path,
+ pts_error_code_t *error_code)
+{
+ int error;
+ struct stat sb;
+
+ error_code = NULL;
+ error = stat(path, &sb);
+ if (error == 0)
+ {
+ return TRUE;
+ }
+ else if (error == ENOENT || error == ENOTDIR)
+ {
+ DBG1(DBG_IMC, "file/directory does not exist %s", path);
+ *error_code = TCG_PTS_FILE_NOT_FOUND;
+ }
+ else if (error == EFAULT)
+ {
+ DBG1(DBG_IMC, "bad address %s", path);
+ *error_code = TCG_PTS_INVALID_PATH;
+ }
+ else
+ {
+ DBG1(DBG_IMC, "error: %s occured while validating path: %s", strerror(error), path);
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
METHOD(pts_t, do_measurements, pts_file_meas_t*,
private_pts_t *this, u_int16_t request_id, char *pathname, bool is_directory)
{
.set_tpm_version_info = _set_tpm_version_info,
.get_aik = _get_aik,
.set_aik = _set_aik,
+ .is_path_valid = _is_path_valid,
.do_measurements = _do_measurements,
.destroy = _destroy,
},
typedef struct pts_t pts_t;
+#include "pts_error.h"
#include "pts_proto_caps.h"
#include "pts_meas_algo.h"
#include "pts_file_meas.h"
#include <library.h>
/**
+ * UTF-8 encoding of the character used to delimiter the filename
+ */
+#define SOLIDUS_UTF 0x002F
+#define REVERSE_SOLIDUS_UTF 0x005C
+
+/**
* Class implementing the TCG Platform Trust System (PTS)
*
*/
void (*set_aik)(pts_t *this, certificate_t *aik);
/**
+ * Check whether path is valid file/directory on filesystem
+ *
+ * @param path Absolute path
+ * @param error_code Output variable for PTS error code
+ * @return TRUE if path is valid or file/directory doesn't exist
+ * or path is invalid
+ * FALSE if local error occured within stat function
+ */
+ bool (*is_path_valid)(pts_t *this, char *path, pts_error_code_t *error_code);
+
+ /**
* Do PTS File Measurements
*
* @param request_id ID of PTS File Measurement Request
writer->destroy(writer);
return attr;
-}
+}
\ No newline at end of file
projects / strongswan.git / commitdiff