#include <tcg/tcg_pts_attr_simple_evid_final.h>
#include <tcg/tcg_pts_attr_req_file_meas.h>
#include <tcg/tcg_pts_attr_file_meas.h>
+#include <tcg/tcg_pts_attr_req_file_meta.h>
+#include <tcg/tcg_pts_attr_unix_file_meta.h>
#include <tncif_pa_subtypes.h>
pts_t *pts;
TNC_Result result;
bool fatal_error = FALSE;
+ chunk_t attr_info;
+ pts_error_code_t pts_error;
+ bool valid_path;
if (!imc_attestation)
{
break;
case TCG_PTS_GEN_ATTEST_EVID:
break;
+ case TCG_PTS_REQ_FILE_META:
+ {
+ tcg_pts_attr_req_file_meta_t *attr_cast;
+ char *pathname;
+ bool is_directory;
+ u_int8_t delimiter;
+ pts_file_meta_t *metadata;
+
+ attr_info = attr->get_value(attr);
+ attr_cast = (tcg_pts_attr_req_file_meta_t*)attr;
+ is_directory = attr_cast->get_directory_flag(attr_cast);
+ delimiter = attr_cast->get_delimiter(attr_cast);
+ pathname = attr_cast->get_pathname(attr_cast);
+
+ valid_path = pts->is_path_valid(pts, pathname, &pts_error);
+ if (valid_path && pts_error)
+ {
+ attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
+ pts_error, attr_info);
+ attr_list->insert_last(attr_list, attr);
+ break;
+ }
+ else if (!valid_path)
+ {
+ break;
+ }
+ if (delimiter != SOLIDUS_UTF && delimiter != REVERSE_SOLIDUS_UTF)
+ {
+ attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
+ TCG_PTS_INVALID_DELIMITER, attr_info);
+ attr_list->insert_last(attr_list, attr);
+ break;
+ }
+ /* Get File Metadata and send them to PTS-IMV */
+ DBG2(DBG_IMC, "metadata request for %s '%s'",
+ is_directory ? "directory" : "file",
+ pathname);
+ metadata = pts->get_metadata(pts, pathname, is_directory);
+
+ if (!metadata)
+ {
+ /* TODO handle error codes from measurements */
+ return TNC_RESULT_FATAL;
+ }
+ attr = tcg_pts_attr_unix_file_meta_create(metadata);
+ attr->set_noskip_flag(attr, TRUE);
+ attr_list->insert_last(attr_list, attr);
+
+ break;
+ }
case TCG_PTS_REQ_FILE_MEAS:
{
tcg_pts_attr_req_file_meas_t *attr_cast;
bool is_directory;
u_int32_t delimiter;
pts_file_meas_t *measurements;
- pts_error_code_t pts_error;
- chunk_t attr_info;
-
+
attr_info = attr->get_value(attr);
attr_cast = (tcg_pts_attr_req_file_meas_t*)attr;
is_directory = attr_cast->get_directory_flag(attr_cast);
request_id = attr_cast->get_request_id(attr_cast);
delimiter = attr_cast->get_delimiter(attr_cast);
pathname = attr_cast->get_pathname(attr_cast);
+ valid_path = pts->is_path_valid(pts, pathname, &pts_error);
- if (pts->is_path_valid(pts, pathname, &pts_error) && pts_error)
+ if (valid_path && pts_error)
{
attr_info = attr->get_value(attr);
attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
attr_list->insert_last(attr_list, attr);
break;
}
- else if (!pts->is_path_valid(pts, pathname, &pts_error))
+ else if (!valid_path)
{
break;
}
/* TODO: Not implemented yet */
case TCG_PTS_DH_NONCE_PARAMS_REQ:
case TCG_PTS_DH_NONCE_FINISH:
- case TCG_PTS_REQ_FILE_META:
case TCG_PTS_REQ_INTEG_MEAS_LOG:
/* Attributes using XML */
case TCG_PTS_REQ_TEMPL_REF_MANI_SET_META:
#include <tcg/tcg_pts_attr_simple_evid_final.h>
#include <tcg/tcg_pts_attr_req_file_meas.h>
#include <tcg/tcg_pts_attr_file_meas.h>
+#include <tcg/tcg_pts_attr_req_file_meta.h>
+#include <tcg/tcg_pts_attr_unix_file_meta.h>
#include <tncif_pa_subtypes.h>
}
DBG1(DBG_IMV, "platform is '%s'", platform_info);
+ /* Send Request File Metadata attribute */
+ attr = tcg_pts_attr_req_file_meta_create(FALSE, SOLIDUS_UTF, "/etc/tnc_config");
+ attr->set_noskip_flag(attr, TRUE);
+ msg->add_attribute(msg, attr);
+
/* Send Request File Measurement attribute */
enumerator = pts_db->create_file_enumerator(pts_db, platform_info);
if (!enumerator)
e_hash->destroy(e_hash);
break;
}
+ case TCG_PTS_UNIX_FILE_META:
+ {
+ tcg_pts_attr_file_meta_t *attr_cast;
+ int file_count;
+ pts_file_meta_t *metadata;
+ enumerator_t *e;
+ pts_file_metadata_t *entry;
+
+ attr_cast = (tcg_pts_attr_file_meta_t*)attr;
+ metadata = attr_cast->get_metadata(attr_cast);
+ file_count = metadata->get_file_count(metadata);
+
+ DBG1(DBG_IMV, "metadata request returned %d file%s:",
+ file_count, (file_count == 1) ? "":"s");
+
+ e = metadata->create_enumerator(metadata);
+ while(e->enumerate(e, &entry))
+ {
+ DBG1(DBG_IMV, "File name: %s", entry->filename);
+ DBG1(DBG_IMV, " type: %d", entry->type);
+ DBG1(DBG_IMV, " size: %d", entry->filesize);
+ DBG1(DBG_IMV, " create time: %s", ctime(&entry->create_time));
+ DBG1(DBG_IMV, " last modified: %s", ctime(&entry->last_modify_time));
+ DBG1(DBG_IMV, " last accessed: %s", ctime(&entry->last_access_time));
+ DBG1(DBG_IMV, " owner id: %d", entry->owner_id);
+ DBG1(DBG_IMV, " group id: %d", entry->group_id);
+ }
+
+ e->destroy(e);
+
+ break;
+ }
/* TODO: Not implemented yet */
case TCG_PTS_DH_NONCE_PARAMS_RESP:
- case TCG_PTS_UNIX_FILE_META:
case TCG_PTS_INTEG_MEAS_LOG:
/* Attributes using XML */
case TCG_PTS_TEMPL_REF_MANI_SET_META:
tcg/tcg_pts_attr_simple_evid_final.h tcg/tcg_pts_attr_simple_evid_final.c \
tcg/tcg_pts_attr_req_file_meas.h tcg/tcg_pts_attr_req_file_meas.c \
tcg/tcg_pts_attr_file_meas.h tcg/tcg_pts_attr_file_meas.c \
+ tcg/tcg_pts_attr_req_file_meta.h tcg/tcg_pts_attr_req_file_meta.c \
tcg/tcg_pts_attr_unix_file_meta.h tcg/tcg_pts_attr_unix_file_meta.c
pts_error_code_t *error_code)
{
int error;
- struct stat sb;
-
+ struct stat st;
+
*error_code = 0;
- error = stat(path, &sb);
+ error = stat(path, &st);
if (error == 0)
{
return TRUE;
return measurements;
}
+/**
+ * Obtain statistical information describing a file
+ */
+static bool file_metadata(char *pathname, pts_file_metadata_t **entry)
+{
+ struct stat st;
+ pts_file_metadata_t *tmp;
+
+ tmp = malloc_thing(pts_file_metadata_t);
+
+ if (stat(pathname, &st))
+ {
+ DBG1(DBG_PTS, "Unable to obtain statistical information about %s", pathname);
+ return FALSE;
+ }
+
+ tmp->filename = strdup(pathname);
+ tmp->meta_length = PTS_FILE_METADATA_SIZE + strlen(tmp->filename);
+
+ if (S_ISREG(st.st_mode))
+ {
+ tmp->type = PTS_FILE_REGULAR;
+ }
+ else if (S_ISDIR(st.st_mode))
+ {
+ tmp->type = PTS_FILE_DIRECTORY;
+ }
+ else if (S_ISCHR(st.st_mode))
+ {
+ tmp->type = PTS_FILE_CHAR_SPEC;
+ }
+ else if (S_ISBLK(st.st_mode))
+ {
+ tmp->type = PTS_FILE_BLOCK_SPEC;
+ }
+ else if (S_ISFIFO(st.st_mode))
+ {
+ tmp->type = PTS_FILE_FIFO;
+ }
+ else if (S_ISLNK(st.st_mode))
+ {
+ tmp->type = PTS_FILE_SYM_LINK;
+ }
+ else if (S_ISSOCK(st.st_mode))
+ {
+ tmp->type = PTS_FILE_SOCKET;
+ }
+ else
+ {
+ tmp->type = PTS_FILE_OTHER;
+ }
+
+ tmp->filesize = (u_int64_t)st.st_size;
+ tmp->create_time = st.st_ctime;
+ tmp->last_modify_time = st.st_mtime;
+ tmp->last_access_time = st.st_atime;
+ tmp->owner_id = (u_int64_t)st.st_uid;
+ tmp->group_id = (u_int64_t)st.st_gid;
+
+ *entry = tmp;
+
+ return TRUE;
+}
+
+METHOD(pts_t, get_metadata, pts_file_meta_t*,
+ private_pts_t *this, char *pathname, bool is_directory)
+{
+ pts_file_meta_t *metadata;
+ pts_file_metadata_t *entry;
+
+ /* Create a metadata object */
+ metadata = pts_file_meta_create();
+
+ if (is_directory)
+ {
+ enumerator_t *enumerator;
+ char *rel_name, *abs_name;
+ struct stat st;
+
+ enumerator = enumerator_create_directory(pathname);
+ if (!enumerator)
+ {
+ DBG1(DBG_PTS," directory '%s' can not be opened, %s", pathname,
+ strerror(errno));
+ metadata->destroy(metadata);
+ return NULL;
+ }
+ while (enumerator->enumerate(enumerator, &rel_name, &abs_name, &st))
+ {
+ /* measure regular files only */
+ if (S_ISREG(st.st_mode) && *rel_name != '.')
+ {
+ if (!file_metadata(abs_name, &entry))
+ {
+ enumerator->destroy(enumerator);
+ metadata->destroy(metadata);
+ return NULL;
+ }
+ DBG3(DBG_PTS, "File name: %s", entry->filename);
+ DBG3(DBG_PTS, " type: %d", entry->type);
+ DBG3(DBG_PTS, " size: %d", entry->filesize);
+ DBG3(DBG_PTS, " create time: %s", ctime(&entry->create_time));
+ DBG3(DBG_PTS, " last modified: %s", ctime(&entry->last_modify_time));
+ DBG3(DBG_PTS, " last accessed: %s", ctime(&entry->last_access_time));
+ DBG3(DBG_PTS, " owner id: %d", entry->owner_id);
+ DBG3(DBG_PTS, " group id: %d", entry->group_id);
+
+ metadata->add(metadata, entry);
+ }
+ }
+ enumerator->destroy(enumerator);
+ }
+ else
+ {
+ char *filename;
+
+ if (!file_metadata(pathname, &entry))
+ {
+ metadata->destroy(metadata);
+ return NULL;
+ }
+ filename = get_filename(pathname);
+ DBG3(DBG_PTS, "File name: %s", entry->filename);
+ DBG3(DBG_PTS, " type: %d", entry->type);
+ DBG3(DBG_PTS, " size: %d", entry->filesize);
+ DBG3(DBG_PTS, " create time: %s", ctime(&entry->create_time));
+ DBG3(DBG_PTS, " last modified: %s", ctime(&entry->last_modify_time));
+ DBG3(DBG_PTS, " last accessed: %s", ctime(&entry->last_access_time));
+ DBG3(DBG_PTS, " owner id: %d", entry->owner_id);
+ DBG3(DBG_PTS, " group id: %d", entry->group_id);
+ metadata->add(metadata, entry);
+ }
+
+ return metadata;
+}
+
+
METHOD(pts_t, destroy, void,
private_pts_t *this)
{
.set_aik = _set_aik,
.is_path_valid = _is_path_valid,
.do_measurements = _do_measurements,
+ .get_metadata = _get_metadata,
.destroy = _destroy,
},
.proto_caps = PTS_PROTO_CAPS_V,
#include "pts_proto_caps.h"
#include "pts_meas_algo.h"
#include "pts_file_meas.h"
+#include "pts_file_meta.h"
#include <library.h>
/**
* UTF-8 encoding of the character used to delimiter the filename
*/
-#define SOLIDUS_UTF 0x002F
-#define REVERSE_SOLIDUS_UTF 0x005C
+#define SOLIDUS_UTF 0x2F
+#define REVERSE_SOLIDUS_UTF 0x5C
/**
* Class implementing the TCG Platform Trust System (PTS)
*/
pts_file_meas_t* (*do_measurements)(pts_t *this, u_int16_t request_id,
char *pathname, bool is_directory);
+
+ /**
+ * Obtain file metadata
+ *
+ * @param pathname Absolute pathname of file/directory
+ * @param is_directory if TRUE directory contents are requested
+ * @return PTS File Metadata or NULL if FAILED
+ */
+ pts_file_meta_t* (*get_metadata)(pts_t *this, char *pathname, bool is_directory);
/**
* Destroys a pts_t object.
}
METHOD(pts_file_meta_t, add, void,
- private_pts_file_meta_t *this, char *filename, pts_file_type_t type,
- u_int64_t filesize, time_t create_time, time_t last_modify_time, time_t last_access_time,
- u_int64_t owner_id, u_int64_t group_id)
+ private_pts_file_meta_t *this, pts_file_metadata_t *metadata)
{
- pts_file_metadata_t *entry;
-
- entry = malloc_thing(pts_file_metadata_t);
-
- entry->filename = strdup(filename);
- entry->meta_length = PTS_FILE_METADATA_SIZE + strlen(entry->filename);
- entry->type = type;
- entry->filesize = filesize;
- entry->create_time = create_time;
- entry->last_modify_time = last_modify_time;
- entry->last_access_time = last_access_time;
- entry->owner_id = owner_id;
- entry->group_id = group_id;
-
- this->list->insert_last(this->list, entry);
-}
-
-/**
- * Enumerate file metadata entries
- */
-static bool entry_filter(void *null, pts_file_metadata_t **entry,
- char **filename, void *i2, u_int16_t *meta_length, void *i3,
- pts_file_type_t *type, void *i4, u_int64_t *filesize, void *i5,
- time_t *create_time, void *i6, time_t *last_modify_time, void *i7,
- time_t *last_access_time, void *i8, u_int64_t *owner_id, void *i9,
- u_int64_t *group_id)
-{
- *filename = (*entry)->filename;
- *meta_length = (*entry)->meta_length;
- *type = (*entry)->type;
- *filesize = (*entry)->filesize;
- *create_time = (*entry)->create_time;
- *last_modify_time = (*entry)->last_modify_time;
- *last_access_time = (*entry)->last_access_time;
- *owner_id = (*entry)->owner_id;
- *group_id = (*entry)->group_id;
- return TRUE;
+ this->list->insert_last(this->list, metadata);
}
METHOD(pts_file_meta_t, create_enumerator, enumerator_t*,
private_pts_file_meta_t *this)
{
- return enumerator_create_filter(this->list->create_enumerator(this->list),
- (void*)entry_filter, NULL, NULL);
+ return this->list->create_enumerator(this->list);
}
METHOD(pts_file_meta_t, destroy, void,
* @param filename Name of measured file or directory
* @param metadata File metadata
*/
- void (*add)(pts_file_meta_t *this, char *filename, pts_file_type_t type,
- u_int64_t filesize, time_t create_time, time_t last_modfy_time, time_t last_access_time,
- u_int64_t owner_id, u_int64_t group_id);
+ void (*add)(pts_file_meta_t *this, pts_file_metadata_t *metadata);
/**
* Create a PTS File Metadata enumerator
* see section 3.17.3 of PTS Protocol: Binding to TNC IF-M Specification
*/
enum pts_file_type_t {
- /** Ignore */
+ /** Either unknown or different from standardized types */
PTS_FILE_OTHER = 0x0000,
- /** CRTM */
+ /** Pipe communication file */
PTS_FILE_FIFO = 0x0001,
- /** BIOS */
+ /** Character special file */
PTS_FILE_CHAR_SPEC = 0x0002,
- /** Platform Extensions */
+ /** Directory */
PTS_FILE_DIRECTORY = 0x0004,
- /** Motherboard firmware */
+ /** Block special file */
PTS_FILE_BLOCK_SPEC = 0x0006,
- /** Initial Program Loader */
+ /** Regular file */
PTS_FILE_REGULAR = 0x0008,
- /** Option ROMs */
+ /** Symbolic link */
PTS_FILE_SYM_LINK = 0x000A,
- /** Option ROMs */
+ /** Socket communication special file */
PTS_FILE_SOCKET = 0x000C,
};
#include "tcg/tcg_pts_attr_simple_evid_final.h"
#include "tcg/tcg_pts_attr_req_file_meas.h"
#include "tcg/tcg_pts_attr_file_meas.h"
+#include "tcg/tcg_pts_attr_req_file_meta.h"
+#include "tcg/tcg_pts_attr_unix_file_meta.h"
ENUM_BEGIN(tcg_attr_names, TCG_PTS_REQ_FUNCT_COMP_EVID,
TCG_PTS_REQ_FUNCT_COMP_EVID,
return tcg_pts_attr_req_file_meas_create_from_data(value);
case TCG_PTS_FILE_MEAS:
return tcg_pts_attr_file_meas_create_from_data(value);
+ case TCG_PTS_REQ_FILE_META:
+ return tcg_pts_attr_req_file_meta_create_from_data(value);
+ case TCG_PTS_UNIX_FILE_META:
+ return tcg_pts_attr_unix_file_meta_create_from_data(value);
case TCG_PTS_DH_NONCE_PARAMS_REQ:
case TCG_PTS_DH_NONCE_PARAMS_RESP:
case TCG_PTS_DH_NONCE_FINISH:
case TCG_PTS_UPDATE_TEMPL_REF_MANI:
case TCG_PTS_VERIFICATION_RESULT:
case TCG_PTS_INTEG_REPORT:
- case TCG_PTS_REQ_FILE_META:
case TCG_PTS_WIN_FILE_META:
- case TCG_PTS_UNIX_FILE_META:
case TCG_PTS_REQ_REGISTRY_VALUE:
case TCG_PTS_REGISTRY_VALUE:
case TCG_PTS_REQ_INTEG_MEAS_LOG:
return this->directory_flag;
}
-METHOD(tcg_pts_attr_req_file_meta_t, get_delimiter, u_int32_t,
+METHOD(tcg_pts_attr_req_file_meta_t, get_delimiter, u_int8_t,
private_tcg_pts_attr_req_file_meta_t *this)
{
return this->delimiter;
/**
* Described in header.
*/
-pa_tnc_attr_t *tcg_pts_attr_req_file_meas_create(bool directory_flag,
+pa_tnc_attr_t *tcg_pts_attr_req_file_meta_create(bool directory_flag,
u_int8_t delimiter,
char *pathname)
{
/**
* Described in header.
*/
-pa_tnc_attr_t *tcg_pts_attr_req_file_meas_create_from_data(chunk_t data)
+pa_tnc_attr_t *tcg_pts_attr_req_file_meta_create_from_data(chunk_t data)
{
private_tcg_pts_attr_req_file_meta_t *this;
{
bio_writer_t *writer;
enumerator_t *enumerator;
+ pts_file_metadata_t *entry;
u_int64_t number_of_files;
- char *filename;
- u_int16_t meta_length;
- pts_file_type_t type;
- u_int64_t filesize;
- time_t create_time;
- time_t last_modify_time;
- time_t last_access_time;
- u_int64_t owner_id;
- u_int64_t group_id;
number_of_files = this->metadata->get_file_count(this->metadata);
writer = bio_writer_create(PTS_FILE_META_SIZE);
writer->write_uint32(writer, number_of_files & 0xffffffff);
enumerator = this->metadata->create_enumerator(this->metadata);
- while (enumerator->enumerate(enumerator, &filename, &meta_length, &type,
- &filesize, &filesize, &create_time, &last_modify_time, &last_access_time,
- &owner_id, &group_id))
+ while (enumerator->enumerate(enumerator, &entry))
{
- u_int64_t create_time64 = (u_int64_t)create_time;
- u_int64_t modify_time64 = (u_int64_t)last_modify_time;
- u_int64_t access_time64 = (u_int64_t)last_access_time;
-
- writer->write_uint16(writer, PTS_FILE_METADATA_SIZE + strlen(filename));
- writer->write_uint8 (writer, type);
+ writer->write_uint16(writer, PTS_FILE_METADATA_SIZE + strlen(entry->filename));
+ writer->write_uint8 (writer, entry->type);
writer->write_uint8 (writer, PTS_FILE_MEAS_RESERVED);
/* Write the 64 bit integer fields as two 32 bit parts */
- writer->write_uint32(writer, filesize >> 32);
- writer->write_uint32(writer, filesize & 0xffffffff);
- writer->write_uint32(writer, create_time64 >> 32);
- writer->write_uint32(writer, create_time64 & 0xffffffff);
- writer->write_uint32(writer, modify_time64 >> 32);
- writer->write_uint32(writer, modify_time64 & 0xffffffff);
- writer->write_uint32(writer, access_time64 >> 32);
- writer->write_uint32(writer, access_time64 & 0xffffffff);
- writer->write_uint32(writer, owner_id >> 32);
- writer->write_uint32(writer, owner_id & 0xffffffff);
- writer->write_uint32(writer, group_id >> 32);
- writer->write_uint32(writer, group_id & 0xffffffff);
+ writer->write_uint32(writer, entry->filesize >> 32);
+ writer->write_uint32(writer, entry->filesize & 0xffffffff);
+ writer->write_uint32(writer, ((u_int64_t)entry->create_time) >> 32);
+ writer->write_uint32(writer, ((u_int64_t)entry->create_time) & 0xffffffff);
+ writer->write_uint32(writer, ((u_int64_t)entry->last_modify_time) >> 32);
+ writer->write_uint32(writer, ((u_int64_t)entry->last_modify_time) & 0xffffffff);
+ writer->write_uint32(writer, ((u_int64_t)entry->last_access_time) >> 32);
+ writer->write_uint32(writer, ((u_int64_t)entry->last_access_time) & 0xffffffff);
+ writer->write_uint32(writer, entry->owner_id >> 32);
+ writer->write_uint32(writer, entry->owner_id & 0xffffffff);
+ writer->write_uint32(writer, entry->group_id >> 32);
+ writer->write_uint32(writer, entry->group_id & 0xffffffff);
- writer->write_data (writer, chunk_create(filename, strlen(filename)));
+ writer->write_data (writer, chunk_create(entry->filename, strlen(entry->filename)));
}
enumerator->destroy(enumerator);
private_tcg_pts_attr_file_meta_t *this, u_int32_t *offset)
{
bio_reader_t *reader;
+ pts_file_metadata_t *entry;
+
int number_of_files;
u_int32_t number_of_files32;
goto end;
}
- len = min(filename.len, BUF_LEN-1);
+ len = min(filename.len, BUF_LEN - 1);
memcpy(buf, filename.ptr, len);
buf[len] = '\0';
- this->metadata->add(this->metadata, buf, type, filesize, create_time_t,
- modify_time_t, access_time_t, owner_id, group_id);
+
+ entry = malloc_thing(pts_file_metadata_t);
+ entry->filename = strdup(buf);
+ entry->meta_length = PTS_FILE_METADATA_SIZE + strlen(entry->filename);
+ entry->type = type;
+ entry->filesize = filesize;
+ entry->create_time = create_time_t;
+ entry->last_modify_time = modify_time_t;
+ entry->last_access_time = access_time_t;
+ entry->owner_id = owner_id;
+ entry->group_id = group_id;
+
+ this->metadata->add(this->metadata, entry);
}
status = SUCCESS;
projects / strongswan.git / commitdiff