imcv=true;
fi
+if test x$imc_attestation = xtrue -o x$imv_attestation = xtrue; then
+ pts=true;
+fi
+
if test x$fips_prf = xtrue; then
if test x$openssl = xfalse; then
sha1=true;
AM_CONDITIONAL(USE_SIMAKA, test x$simaka = xtrue)
AM_CONDITIONAL(USE_TLS, test x$tls = xtrue)
AM_CONDITIONAL(USE_IMCV, test x$imcv = xtrue)
+AM_CONDITIONAL(USE_PTS, test x$pts = xtrue)
AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
dnl ==============================
src/libsimaka/Makefile
src/libtls/Makefile
src/libtncif/Makefile
+ src/libpts/Makefile
src/libimcv/Makefile
src/libimcv/plugins/imc_test/Makefile
src/libimcv/plugins/imv_test/Makefile
SUBDIRS += libtncif
endif
+if USE_PTS
+ SUBDIRS += libpts
+endif
+
if USE_IMCV
SUBDIRS += libimcv
endif
ipseclib_LTLIBRARIES = libimcv.la
-libimcv_la_LIBADD = $(top_builddir)/src/libtncif/libtncif.la -ltspi -lcurl
+libimcv_la_LIBADD = $(top_builddir)/src/libtncif/libtncif.la
libimcv_la_SOURCES = \
imcv.h imcv.c \
ita/ita_attr.h ita/ita_attr.c \
ita/ita_attr_command.h ita/ita_attr_command.c \
pa_tnc/pa_tnc_msg.h pa_tnc/pa_tnc_msg.c \
- pa_tnc/pa_tnc_attr.h pa_tnc/pa_tnc_attr.c \
- tcg/tcg_attr.h tcg/tcg_attr.c \
- tcg/tcg_pts_attr_proto_caps.h tcg/tcg_pts_attr_proto_caps.c \
- tcg/tcg_pts_attr_meas_algo.h tcg/tcg_pts_attr_meas_algo.c \
- tcg/tcg_pts_attr_get_tpm_version_info.h tcg/tcg_pts_attr_get_tpm_version_info.c \
- tcg/tcg_pts_attr_tpm_version_info.h tcg/tcg_pts_attr_tpm_version_info.c \
- tcg/tcg_pts_attr_get_aik.h tcg/tcg_pts_attr_get_aik.c \
- tcg/tcg_pts_attr_aik.h tcg/tcg_pts_attr_aik.c \
- tcg/tcg_pts_attr_req_funct_comp_evid.h tcg/tcg_pts_attr_req_funct_comp_evid.c \
- tcg/tcg_pts_attr_gen_attest_evid.h tcg/tcg_pts_attr_gen_attest_evid.c \
- tcg/tcg_pts_attr_simple_comp_evid.h tcg/tcg_pts_attr_simple_comp_evid.c \
- tcg/tcg_pts_attr_simple_evid_final.h tcg/tcg_pts_attr_simple_evid_final.c \
- tcg/tcg_pts_attr_req_file_meas.h tcg/tcg_pts_attr_req_file_meas.c \
- tcg/tcg_pts_attr_file_meas.h tcg/tcg_pts_attr_file_meas.c \
- tcg/pts/pts.h tcg/pts/pts.c \
- tcg/pts/pts_error.h tcg/pts/pts_error.c \
- tcg/pts/pts_proto_caps.h tcg/pts/pts_funct_comp_name.h \
- tcg/pts/pts_creds.h tcg/pts/pts_creds.c \
- tcg/pts/pts_database.h tcg/pts/pts_database.c \
- tcg/pts/pts_file_meas.h tcg/pts/pts_file_meas.c \
- tcg/pts/pts_meas_algo.h tcg/pts/pts_meas_algo.c
-
-# CFLAGS = -Wall -Werror
+ pa_tnc/pa_tnc_attr.h pa_tnc/pa_tnc_attr.c
SUBDIRS = .
+if USE_PTS
+ INCLUDES += -I$(top_srcdir)/src/libpts
+ AM_CFLAGS = -DUSE_PTS
+endif
+
if USE_IMC_TEST
SUBDIRS += plugins/imc_test
endif
#include "ietf/ietf_attr_pa_tnc_error.h"
#include "ietf/ietf_attr_port_filter.h"
#include "ietf/ietf_attr_product_info.h"
+
+#ifdef USE_PTS
#include "tcg/tcg_attr.h"
#include "tcg/tcg_pts_attr_proto_caps.h"
#include "tcg/tcg_pts_attr_meas_algo.h"
#include "tcg/tcg_pts_attr_simple_evid_final.h"
#include "tcg/tcg_pts_attr_req_file_meas.h"
#include "tcg/tcg_pts_attr_file_meas.h"
+#endif /* USE_PTS */
+
#include "ita/ita_attr.h"
#include "ita/ita_attr_command.h"
break;
}
break;
+#ifdef USE_PTS
case PEN_TCG:
switch (type)
{
break;
}
break;
+#endif /* HAVE _PTS */
case PEN_ITA:
switch (type)
{
#include "pa_tnc_msg.h"
#include "ietf/ietf_attr.h"
#include "ietf/ietf_attr_pa_tnc_error.h"
-#include "tcg/tcg_attr.h"
#include "ita/ita_attr.h"
+#ifdef USE_PTS
+#include "tcg/tcg_attr.h"
+#endif /* USE_PTS */
+
#include <bio/bio_writer.h>
#include <bio/bio_reader.h>
#include <utils/linked_list.h>
{
case PEN_IETF:
return ietf_attr_names;
+#ifdef USE_PTS
case PEN_TCG:
return tcg_attr_names;
+#endif /* USE_PTS */
case PEN_ITA:
return ita_attr_names;
default:
INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libtncif \
- -I$(top_srcdir)/src/libimcv
+ -I$(top_srcdir)/src/libimcv -I$(top_srcdir)/src/libpts
AM_CFLAGS = -rdynamic
imcv_LTLIBRARIES = imc-attestation.la
imc_attestation_la_LIBADD = $(top_builddir)/src/libimcv/libimcv.la \
- $(top_builddir)/src/libstrongswan/libstrongswan.la
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(top_builddir)/src/libpts/libpts.la
imc_attestation_la_SOURCES = imc_attestation.c \
imc_attestation_state.h imc_attestation_state.c
#include <ietf/ietf_attr_pa_tnc_error.h>
#include <ietf/ietf_attr_product_info.h>
-#include <tcg/pts/pts_error.h>
+#include <pts/pts_error.h>
#include <tcg/tcg_pts_attr_proto_caps.h>
#include <tcg/tcg_pts_attr_meas_algo.h>
#define IMC_ATTESTATION_STATE_H_
#include <imc/imc_state.h>
-#include <tcg/pts/pts.h>
+#include <pts/pts.h>
#include <library.h>
typedef struct imc_attestation_state_t imc_attestation_state_t;
INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libtncif \
- -I$(top_srcdir)/src/libimcv
+ -I$(top_srcdir)/src/libimcv -I$(top_srcdir)/src/libpts
AM_CFLAGS = -rdynamic
imcv_LTLIBRARIES = imv-attestation.la
imv_attestation_la_LIBADD = $(top_builddir)/src/libimcv/libimcv.la \
- $(top_builddir)/src/libstrongswan/libstrongswan.la
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(top_builddir)/src/libpts/libpts.la
imv_attestation_la_SOURCES = imv_attestation.c \
imv_attestation_state.h imv_attestation_state.c
#include <ietf/ietf_attr_pa_tnc_error.h>
#include <ietf/ietf_attr_product_info.h>
-#include <tcg/pts/pts_database.h>
-#include <tcg/pts/pts_creds.h>
-#include <tcg/pts/pts_error.h>
+#include <pts/pts_database.h>
+#include <pts/pts_creds.h>
+#include <pts/pts_error.h>
#include <tcg/tcg_attr.h>
#include <tcg/tcg_pts_attr_proto_caps.h>
#define IMV_ATTESTATION_STATE_H_
#include <imv/imv_state.h>
-#include <tcg/pts/pts.h>
+#include <pts/pts.h>
#include <library.h>
typedef struct imv_attestation_state_t imv_attestation_state_t;
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "pts.h"
-
-#include <debug.h>
-#include <crypto/hashers/hasher.h>
-
-#include <trousers/tss.h>
-#include <trousers/trousers.h>
-
-#include <sys/stat.h>
-#include <errno.h>
-
-#define PTS_BUF_SIZE 4096
-
-typedef struct private_pts_t private_pts_t;
-
-/**
- * Private data of a pts_t object.
- *
- */
-struct private_pts_t {
-
- /**
- * Public pts_t interface.
- */
- pts_t public;
-
- /**
- * PTS Protocol Capabilities
- */
- pts_proto_caps_flag_t proto_caps;
-
- /**
- * PTS Measurement Algorithm
- */
- pts_meas_algorithms_t algorithm;
-
- /**
- * Platform and OS Info
- */
- char *platform_info;
-
- /**
- * Do we have an activated TPM
- */
- bool has_tpm;
-
- /**
- * Contains a TPM_CAP_VERSION_INFO struct
- */
- chunk_t tpm_version_info;
-
- /**
- * Contains a Attestation Identity Key or Certificate
- */
- certificate_t *aik;
-
-};
-
-METHOD(pts_t, get_proto_caps, pts_proto_caps_flag_t,
- private_pts_t *this)
-{
- return this->proto_caps;
-}
-
-METHOD(pts_t, set_proto_caps, void,
- private_pts_t *this, pts_proto_caps_flag_t flags)
-{
- this->proto_caps = flags;
- DBG2(DBG_IMC, "supported PTS protocol capabilities: %s%s%s%s%s",
- flags & PTS_PROTO_CAPS_C ? "C" : ".",
- flags & PTS_PROTO_CAPS_V ? "V" : ".",
- flags & PTS_PROTO_CAPS_D ? "D" : ".",
- flags & PTS_PROTO_CAPS_T ? "T" : ".",
- flags & PTS_PROTO_CAPS_X ? "X" : ".");
-}
-
-METHOD(pts_t, get_meas_algorithm, pts_meas_algorithms_t,
- private_pts_t *this)
-{
- return this->algorithm;
-}
-
-METHOD(pts_t, set_meas_algorithm, void,
- private_pts_t *this, pts_meas_algorithms_t algorithm)
-{
- hash_algorithm_t hash_alg;
-
- hash_alg = pts_meas_to_hash_algorithm(algorithm);
- DBG2(DBG_IMC, "selected PTS measurement algorithm is %N",
- hash_algorithm_names, hash_alg);
- if (hash_alg != HASH_UNKNOWN)
- {
- this->algorithm = algorithm;
- }
-}
-
-/**
- * Print TPM 1.2 Version Info
- */
-static void print_tpm_version_info(private_pts_t *this)
-{
- TPM_CAP_VERSION_INFO versionInfo;
- UINT64 offset = 0;
- TSS_RESULT result;
-
- result = Trspi_UnloadBlob_CAP_VERSION_INFO(&offset,
- this->tpm_version_info.ptr, &versionInfo);
- if (result != TSS_SUCCESS)
- {
- DBG1(DBG_TNC, "could not parse tpm version info: tss error 0x%x",
- result);
- }
- else
- {
- DBG2(DBG_TNC, "TPM 1.2 Version Info: Chip Version: %hhu.%hhu.%hhu.%hhu,"
- " Spec Level: %hu, Errata Rev: %hhu, Vendor ID: %.4s",
- versionInfo.version.major, versionInfo.version.minor,
- versionInfo.version.revMajor, versionInfo.version.revMinor,
- versionInfo.specLevel, versionInfo.errataRev,
- versionInfo.tpmVendorID);
- }
-}
-
-METHOD(pts_t, get_platform_info, char*,
- private_pts_t *this)
-{
- return this->platform_info;
-}
-
-METHOD(pts_t, set_platform_info, void,
- private_pts_t *this, char *info)
-{
- free(this->platform_info);
- this->platform_info = strdup(info);
-}
-
-METHOD(pts_t, get_tpm_version_info, bool,
- private_pts_t *this, chunk_t *info)
-{
- if (!this->has_tpm)
- {
- return FALSE;
- }
- *info = this->tpm_version_info;
- print_tpm_version_info(this);
- return TRUE;
-}
-
-METHOD(pts_t, set_tpm_version_info, void,
- private_pts_t *this, chunk_t info)
-{
- this->tpm_version_info = chunk_clone(info);
- print_tpm_version_info(this);
-}
-
-/**
- * Load an AIK certificate or public key,
- * the certificate having precedence over the public key if both are present
- */
-static void load_aik(private_pts_t *this)
-{
- char *cert_path, *key_path;
-
- cert_path = lib->settings->get_str(lib->settings,
- "libimcv.plugins.imc-attestation.aik_cert", NULL);
- key_path = lib->settings->get_str(lib->settings,
- "libimcv.plugins.imc-attestation.aik_key", NULL);
-
- if (cert_path)
- {
- this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
- CERT_X509, BUILD_FROM_FILE,
- cert_path, BUILD_END);
- if (this->aik)
- {
- DBG2(DBG_IMC, "loaded AIK certificate from '%s'", cert_path);
- return;
- }
- }
- if (key_path)
- {
- this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
- CERT_TRUSTED_PUBKEY, BUILD_FROM_FILE,
- key_path, BUILD_END);
- if (this->aik)
- {
- DBG2(DBG_IMC, "loaded AIK public key from '%s'", key_path);
- return;
- }
- }
- DBG1(DBG_IMC, "neither AIK certificate nor public key is available");
-}
-
-METHOD(pts_t, get_aik, certificate_t*,
- private_pts_t *this)
-{
- return this->aik;
-}
-
-METHOD(pts_t, set_aik, void,
- private_pts_t *this, certificate_t *aik)
-{
- DESTROY_IF(this->aik);
- this->aik = aik->get_ref(aik);
-}
-
-/**
- * Compute a hash over a file
- */
-static bool hash_file(hasher_t *hasher, char *pathname, u_char *hash)
-{
- u_char buffer[PTS_BUF_SIZE];
- FILE *file;
- int bytes_read;
-
- file = fopen(pathname, "rb");
- if (!file)
- {
- DBG1(DBG_IMC," file '%s' can not be opened, %s", pathname,
- strerror(errno));
- return FALSE;
- }
- while (TRUE)
- {
- bytes_read = fread(buffer, 1, sizeof(buffer), file);
- if (bytes_read > 0)
- {
- hasher->get_hash(hasher, chunk_create(buffer, bytes_read), NULL);
- }
- else
- {
- hasher->get_hash(hasher, chunk_empty, hash);
- break;
- }
- }
- fclose(file);
-
- return TRUE;
-}
-
-/**
- * Get the relative filename of a fully qualified file pathname
- */
-static char* get_filename(char *pathname)
-{
- char *pos, *filename;
-
- pos = filename = pathname;
- while (pos && *(++pos) != '\0')
- {
- filename = pos;
- pos = strchr(filename, '/');
- }
- return filename;
-}
-
-METHOD(pts_t, do_measurements, pts_file_meas_t*,
- private_pts_t *this, u_int16_t request_id, char *pathname, bool is_directory)
-{
- hasher_t *hasher;
- hash_algorithm_t hash_alg;
- u_char hash[HASH_SIZE_SHA384];
- chunk_t measurement;
- pts_file_meas_t *measurements;
-
- /* Create a hasher */
- hash_alg = pts_meas_to_hash_algorithm(this->algorithm);
- hasher = lib->crypto->create_hasher(lib->crypto, hash_alg);
- if (!hasher)
- {
- DBG1(DBG_IMC, " hasher %N not available", hash_algorithm_names, hash_alg);
- return NULL;
- }
-
- /* Create a measurement object */
- measurements = pts_file_meas_create(request_id);
-
- /* Link the hash to the measurement and set the measurement length */
- measurement = chunk_create(hash, hasher->get_hash_size(hasher));
-
- if (is_directory)
- {
- enumerator_t *enumerator;
- char *rel_name, *abs_name;
- struct stat st;
-
- enumerator = enumerator_create_directory(pathname);
- if (!enumerator)
- {
- DBG1(DBG_IMC," directory '%s' can not be opened, %s", pathname,
- strerror(errno));
- hasher->destroy(hasher);
- measurements->destroy(measurements);
- return NULL;
- }
- while (enumerator->enumerate(enumerator, &rel_name, &abs_name, &st))
- {
- /* measure regular files only */
- if (S_ISREG(st.st_mode) && *rel_name != '.')
- {
- if (!hash_file(hasher, abs_name, hash))
- {
- enumerator->destroy(enumerator);
- hasher->destroy(hasher);
- measurements->destroy(measurements);
- return NULL;
- }
- DBG2(DBG_IMC, " %#B for '%s'", &measurement, rel_name);
- measurements->add(measurements, rel_name, measurement);
- }
- }
- enumerator->destroy(enumerator);
- }
- else
- {
- char *filename;
-
- if (!hash_file(hasher, pathname, hash))
- {
- hasher->destroy(hasher);
- measurements->destroy(measurements);
- return NULL;
- }
- filename = get_filename(pathname);
- DBG2(DBG_IMC, " %#B for '%s'", &measurement, filename);
- measurements->add(measurements, filename, measurement);
- }
- hasher->destroy(hasher);
-
- return measurements;
-}
-
-METHOD(pts_t, destroy, void,
- private_pts_t *this)
-{
- DESTROY_IF(this->aik);
- free(this->platform_info);
- free(this->tpm_version_info.ptr);
- free(this);
-}
-
-/**
- * Determine Linux distribution and hardware platform
- */
-static char* extract_platform_info(void)
-{
- FILE *file;
- const char description[] = "Description:";
- char buf[BUF_LEN], *pos, *value;
- int value_len;
-
- /* open a pipe stream for reading the output of the lsb_release commmand */
- file = popen("/usr/bin/lsb_release -d" , "r");
- if (!file)
- {
- DBG2(DBG_IMC, "failed to run lsb_release command");
- return NULL;
- }
-
- /* read the output the lsb_release command */
- if (!fgets(buf, BUF_LEN-1, file))
- {
- DBG2(DBG_IMC, "failed to read output of lsb_release command");
- pclose(file);
- return NULL;
- }
- pclose(file);
-
- pos = strstr(buf, description);
- if (!pos)
- {
- DBG2(DBG_IMC, "failed to find lsb_release description field");
- return NULL;
- }
- value = pos + strlen(description);
-
- /* eat whitespace */
- while (*value == ' ' || *value == '\t')
- {
- value++;
- }
-
- /* remove newline at the end and move value to the front of the buffer */
- value_len = strlen(value) - 1;
- memcpy(buf, value, value_len);
- buf[value_len] = ' ';
-
- /* open a pipe stream for reading the output of the arch commmand */
- file = popen("/usr/bin/arch" , "r");
- if (!file)
- {
- DBG2(DBG_IMC, "failed to run arch command");
- return NULL;
- }
-
- /* read the output the arch command */
- if (!fgets(buf + value_len + 1, BUF_LEN - value_len - 2, file))
- {
- DBG2(DBG_IMC, "failed to read output of arch command");
- pclose(file);
- return NULL;
- }
- pclose(file);
-
- /* remove newline at the end */
- buf[strlen(buf)-1] = '\0';
-
- DBG1(DBG_IMV, "platform is '%s'", buf);
- return strdup(buf);
-}
-
-/**
- * Check for a TPM by querying for TPM Version Info
- */
-static bool has_tpm(private_pts_t *this)
-{
- TSS_HCONTEXT hContext;
- TSS_HTPM hTPM;
- TSS_RESULT result;
-
- result = Tspi_Context_Create(&hContext);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- result = Tspi_Context_Connect(hContext, NULL);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- result = Tspi_Context_GetTpmObject (hContext, &hTPM);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- result = Tspi_TPM_GetCapability(hTPM, TSS_TPMCAP_VERSION_VAL, 0, NULL,
- &this->tpm_version_info.len,
- &this->tpm_version_info.ptr);
- if (result != TSS_SUCCESS)
- {
- goto err;
- }
- this->tpm_version_info = chunk_clone(this->tpm_version_info);
- return TRUE;
-
- err:
- DBG1(DBG_IMC, "TPM not available: tss error 0x%x", result);
- return FALSE;
-}
-
-/**
- * See header
- */
-pts_t *pts_create(bool is_imc)
-{
- private_pts_t *this;
-
- INIT(this,
- .public = {
- .get_proto_caps = _get_proto_caps,
- .set_proto_caps = _set_proto_caps,
- .get_meas_algorithm = _get_meas_algorithm,
- .set_meas_algorithm = _set_meas_algorithm,
- .get_platform_info = _get_platform_info,
- .set_platform_info = _set_platform_info,
- .get_tpm_version_info = _get_tpm_version_info,
- .set_tpm_version_info = _set_tpm_version_info,
- .get_aik = _get_aik,
- .set_aik = _set_aik,
- .do_measurements = _do_measurements,
- .destroy = _destroy,
- },
- .proto_caps = PTS_PROTO_CAPS_V,
- .algorithm = PTS_MEAS_ALGO_SHA256,
- );
-
- if (is_imc)
- {
- this->platform_info = extract_platform_info();
-
- if (has_tpm(this))
- {
- this->has_tpm = TRUE;
- this->proto_caps |= PTS_PROTO_CAPS_T;
- load_aik(this);
- }
- }
- else
- {
- this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_C;
- }
-
- return &this->public;
-}
-
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pts pts
- * @{ @ingroup pts
- */
-
-#ifndef PTS_H_
-#define PTS_H_
-
-typedef struct pts_t pts_t;
-
-#include "pts_proto_caps.h"
-#include "pts_meas_algo.h"
-#include "pts_file_meas.h"
-
-#include <library.h>
-
-/**
- * Class implementing the TCG Platform Trust System (PTS)
- *
- */
-struct pts_t {
-
- /**
- * Get PTS Protocol Capabilities
- *
- * @return protocol capabilities flags
- */
- pts_proto_caps_flag_t (*get_proto_caps)(pts_t *this);
-
- /**
- * Set PTS Protocol Capabilities
- *
- * @param flags protocol capabilities flags
- */
- void (*set_proto_caps)(pts_t *this, pts_proto_caps_flag_t flags);
-
- /**
- * Get PTS Measurement Algorithm
- *
- * @return measurement algorithm
- */
- pts_meas_algorithms_t (*get_meas_algorithm)(pts_t *this);
-
- /**
- * Set PTS Measurement Algorithm
- *
- * @param algorithm measurement algorithm
- */
- void (*set_meas_algorithm)(pts_t *this, pts_meas_algorithms_t algorithm);
-
- /**
- * Get Platform and OS Info
- *
- * @return platform and OS info
- */
- char* (*get_platform_info)(pts_t *this);
-
- /**
- * Set Platform and OS Info
- *
- * @param info platform and OS info
- */
- void (*set_platform_info)(pts_t *this, char *info);
-
- /**
- * Get TPM 1.2 Version Info
- *
- * @param info chunk containing a TPM_CAP_VERSION_INFO struct
- * @return TRUE if TPM Version Info available
- */
- bool (*get_tpm_version_info)(pts_t *this, chunk_t *info);
-
- /**
- * Set TPM 1.2 Version Info
- *
- * @param info chunk containing a TPM_CAP_VERSION_INFO struct
- */
- void (*set_tpm_version_info)(pts_t *this, chunk_t info);
-
- /**
- * Get Attestation Identity Certificate or Public Key
- *
- * @return AIK Certificate or Public Key
- */
- certificate_t* (*get_aik)(pts_t *this);
-
- /**
- * Set Attestation Identity Certificate or Public Key
- *
- * @param aik AIK Certificate or Public Key
- */
- void (*set_aik)(pts_t *this, certificate_t *aik);
-
- /**
- * Do PTS File Measurements
- *
- * @param request_id ID of PTS File Measurement Request
- * @param pathname Absolute pathname of file to be measured
- * @param is_directory if TRUE directory contents are measured
- * @return PTS File Measurements of NULL if FAILED
- */
- pts_file_meas_t* (*do_measurements)(pts_t *this, u_int16_t request_id,
- char *pathname, bool is_directory);
-
- /**
- * Destroys a pts_t object.
- */
- void (*destroy)(pts_t *this);
-
-};
-
-/**
- * Creates an pts_t object
- *
- * @param is_imc TRUE if running on an IMC
- */
-pts_t* pts_create(bool is_imc);
-
-#endif /** PTS_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "pts_creds.h"
-
-#include <debug.h>
-#include <credentials/certificates/x509.h>
-#include <credentials/sets/mem_cred.h>
-
-#include <sys/stat.h>
-
-typedef struct private_pts_creds_t private_pts_creds_t;
-
-/**
- * Private data of a pts_creds_t object.
- *
- */
-struct private_pts_creds_t {
-
- /**
- * Public pts_creds_t interface.
- */
- pts_creds_t public;
-
- /**
- * Credential set
- */
- mem_cred_t *creds;
-
-};
-
-METHOD(pts_creds_t, get_set, credential_set_t*,
- private_pts_creds_t *this)
-{
- return &this->creds->set;
-}
-
-
-METHOD(pts_creds_t, destroy, void,
- private_pts_creds_t *this)
-{
- this->creds->destroy(this->creds);
- free(this);
-}
-
-/**
- * Load trusted PTS CA certificates from a directory
- */
-static void load_cacerts(private_pts_creds_t *this, char *path)
-{
- enumerator_t *enumerator;
- struct stat st;
- char *file;
-
- DBG1(DBG_TNC, "loading PTS ca certificates from '%s'", path);
-
- enumerator = enumerator_create_directory(path);
- if (!enumerator)
- {
- return;
- }
-
- while (enumerator->enumerate(enumerator, NULL, &file, &st))
- {
- certificate_t *cert;
-
- if (!S_ISREG(st.st_mode))
- {
- /* skip special file */
- continue;
- }
- cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
- BUILD_FROM_FILE, file, BUILD_END);
- if (cert)
- {
- x509_t *x509 = (x509_t*)cert;
-
- if (!(x509->get_flags(x509) & X509_CA))
- {
- DBG1(DBG_TNC, " ca certificate \"%Y\" lacks ca basic constraint"
- ", discarded", cert->get_subject(cert));
- cert->destroy(cert);
- }
- else
- {
- DBG1(DBG_TNC, " loaded ca certificate \"%Y\" from '%s'",
- cert->get_subject(cert), file);
- this->creds->add_cert(this->creds, TRUE, cert);
- }
- }
- else
- {
- DBG1(DBG_TNC, " loading ca certificate from '%s' failed", file);
- }
- }
- enumerator->destroy(enumerator);
-}
-
-/**
- * See header
- */
-pts_creds_t *pts_creds_create(char *path)
-{
- private_pts_creds_t *this;
-
- if (!path)
- {
- DBG1(DBG_TNC, "no PTS cacerts directory defined");
- return NULL;
- }
-
- INIT(this,
- .public = {
- .get_set = _get_set,
- .destroy = _destroy,
- },
- .creds = mem_cred_create(),
- );
-
- load_cacerts(this, path);
-
- return &this->public;
-}
-
+++ /dev/null
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pts_creds pts_creds
- * @{ @ingroup pts
- */
-
-#ifndef PTS_CREDS_H_
-#define PTS_CREDS_H_
-
-typedef struct pts_creds_t pts_creds_t;
-
-#include <library.h>
-#include <credentials/credential_set.h>
-
-/**
- * Class implementing a PTS credentials set
- */
-struct pts_creds_t {
-
- /**
- * Get the credential set
- *
- * @return credential set
- */
- credential_set_t* (*get_set)(pts_creds_t *this);
-
- /**
- * Destroys a pts_creds_t object.
- */
- void (*destroy)(pts_creds_t *this);
-
-};
-
-/**
- * Creates an pts_creds_t object
- *
- * @param path path to the PTS cacerts directory
- */
-pts_creds_t* pts_creds_create(char *path);
-
-#endif /** PTS_CREDS_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "pts_database.h"
-
-#include <debug.h>
-#include <crypto/hashers/hasher.h>
-
-
-typedef struct private_pts_database_t private_pts_database_t;
-
-/**
- * Private data of a pts_database_t object.
- *
- */
-struct private_pts_database_t {
-
- /**
- * Public pts_database_t interface.
- */
- pts_database_t public;
-
- /**
- * database instance
- */
- database_t *db;
-
-};
-
-METHOD(pts_database_t, create_file_enumerator, enumerator_t*,
- private_pts_database_t *this, char *product)
-{
- enumerator_t *e;
-
- /* look for all entries belonging to a product in the files table */
- e = this->db->query(this->db,
- "SELECT f.id, f.type, f.path FROM files AS f "
- "JOIN product_file AS pf ON f.id = pf.file "
- "JOIN products AS p ON p.id = pf.product "
- "WHERE p.name = ?",
- DB_TEXT, product, DB_INT, DB_INT, DB_TEXT);
- return e;
-}
-
-METHOD(pts_database_t, create_hash_enumerator, enumerator_t*,
- private_pts_database_t *this, char *product, pts_meas_algorithms_t algo,
- int id, bool is_dir)
-{
- enumerator_t *e;
-
- if (is_dir)
- {
- e = this->db->query(this->db,
- "SELECT f.path, fh.hash FROM file_hashes AS fh "
- "JOIN files AS f ON fh.file = f.id "
- "JOIN products AS p ON fh.product = p.id "
- "WHERE p.name = ? AND fh.directory = ? AND fh.algo = ? "
- "ORDER BY f.path",
- DB_TEXT, product, DB_INT, id, DB_INT, algo, DB_TEXT, DB_BLOB);
- }
- else
- {
- e = this->db->query(this->db,
- "SELECT f.path, fh.hash FROM file_hashes AS fh "
- "JOIN files AS f ON fh.file = f.id "
- "JOIN products AS p ON fh.product = p.id "
- "WHERE p.name = ? AND fh.file = ? AND fh.algo = ?",
- DB_TEXT, product, DB_INT, id, DB_INT, algo, DB_TEXT, DB_BLOB);
- }
- return e;
-}
-
-METHOD(pts_database_t, destroy, void,
- private_pts_database_t *this)
-{
- this->db->destroy(this->db);
- free(this);
-}
-
-/**
- * See header
- */
-pts_database_t *pts_database_create(char *uri)
-{
- private_pts_database_t *this;
-
- INIT(this,
- .public = {
- .create_file_enumerator = _create_file_enumerator,
- .create_hash_enumerator = _create_hash_enumerator,
- .destroy = _destroy,
- },
- .db = lib->db->create(lib->db, uri),
- );
-
- if (!this->db)
- {
- DBG1(DBG_TNC, "failed to connect to PTS file measurement database '%s'",
- uri);
- free(this);
- return NULL;
- }
-
- return &this->public;
-}
-
+++ /dev/null
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pts_database pts_database
- * @{ @ingroup pts
- */
-
-#ifndef PTS_DATABASE_H_
-#define PTS_DATABASE_H_
-
-typedef struct pts_database_t pts_database_t;
-
-#include "pts_meas_algo.h"
-#include <library.h>
-
-/**
- * Class implementing the PTS File Measurement database
- *
- */
-struct pts_database_t {
-
- /**
- * Get files to be measured by PTS
- *
- * @param product software product (os, vpn client, etc.)
- * @return enumerator over all matching files
- */
- enumerator_t* (*create_file_enumerator)(pts_database_t *this, char *product);
-
- /**
- * Get stored measurement hash for single file or directory entries
- *
- * @param product software product (os, vpn client, etc.)
- * @param algo hash algorithm used for measurement
- * @param id primary key of measured file/directory
- * @param is_dir TRUE if directory was measured
- * @return enumerator over all matching measurement hashes
- */
- enumerator_t* (*create_hash_enumerator)(pts_database_t *this, char *product,
- pts_meas_algorithms_t algo,
- int id, bool is_dir);
-
- /**
- * Destroys a pts_database_t object.
- */
- void (*destroy)(pts_database_t *this);
-
-};
-
-/**
- * Creates an pts_database_t object
- *
- * @param uri database uri
- */
-pts_database_t* pts_database_create(char *uri);
-
-#endif /** PTS_DATABASE_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "pts_error.h"
-
-#include <bio/bio_writer.h>
-#include <ietf/ietf_attr_pa_tnc_error.h>
-
-ENUM(pts_error_code_names, TCG_PTS_RESERVED_ERROR, TCG_PTS_UNABLE_DET_PCR,
- "Reserved Error",
- "Hash Algorithm Not Supported",
- "Invalid Path",
- "File Not Found",
- "Registry Not Supported",
- "Registry Key Not Found",
- "D-H Group Not Supported",
- "DH-PN Nonce Not Acceptable",
- "Invalid Functional Name Family",
- "TPM Version Information Unavailable",
- "Invalid File Pathname Delimiter",
- "PTS Operation Not Supported",
- "Unable To Update Reference Manifest",
- "Unable To Perform Local Validation",
- "Unable To Collect Current Evidence",
- "Unable To Determine Transitive Trust Chain",
- "Unable To Determine PCR"
-);
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t* pts_hash_alg_error_create(pts_meas_algorithms_t algorithms)
-{
- bio_writer_t *writer;
- chunk_t msg_info;
- pa_tnc_attr_t *attr;
-
- writer = bio_writer_create(4);
- writer->write_uint16(writer, 0x0000);
- writer->write_uint16(writer, algorithms);
- msg_info = writer->get_buf(writer);
- attr = ietf_attr_pa_tnc_error_create(PEN_TCG, TCG_PTS_HASH_ALG_NOT_SUPPORTED,
- msg_info);
- writer->destroy(writer);
-
- return attr;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pts_error pts_error
- * @{ @ingroup pts
- */
-
-#ifndef PTS_ERROR_H_
-#define PTS_ERROR_H_
-
-typedef enum pts_error_code_t pts_error_code_t;
-
-#include "pts_meas_algo.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-#include <library.h>
-
-/**
- * PTS Attestation Error Codes
- * see section 3.14.2 of PTS Protocol: Binding to TNC IF-M Specification
- */
-enum pts_error_code_t {
- TCG_PTS_RESERVED_ERROR = 0,
- TCG_PTS_HASH_ALG_NOT_SUPPORTED = 1,
- TCG_PTS_INVALID_PATH = 2,
- TCG_PTS_FILE_NOT_FOUND = 3,
- TCG_PTS_REG_NOT_SUPPORTED = 4,
- TCG_PTS_REG_KEY_NOT_FOUND = 5,
- TCG_PTS_DH_GRPS_NOT_SUPPORTED = 6,
- TCG_PTS_BAD_NONCE_LENGTH = 7,
- TCG_PTS_INVALID_NAME_FAM = 8,
- TCG_PTS_TPM_VERS_NOT_SUPPORTED = 9,
- TCG_PTS_INVALID_DELIMITER = 10,
- TCG_PTS_OPERATION_NOT_SUPPORTED = 11,
- TCG_PTS_RM_ERROR = 12,
- TCG_PTS_UNABLE_LOCAL_VAL = 13,
- TCG_PTS_UNABLE_CUR_EVID = 14,
- TCG_PTS_UNABLE_DET_TTC = 15,
- TCG_PTS_UNABLE_DET_PCR = 16,
-};
-
-/**
- * enum name for pts_error_code_t.
- */
-extern enum_name_t *pts_error_code_names;
-
-/**
- * Creates a PTS Hash Algorithm Not Supported Error Attribute
- * see section 4.2.2 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * @param algorithms supported measurement hash algorithms
- */
-pa_tnc_attr_t* pts_hash_alg_error_create(pts_meas_algorithms_t algorithms);
-
-#endif /** PTS_ERROR_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "pts_file_meas.h"
-
-#include <utils/linked_list.h>
-#include <debug.h>
-
-typedef struct private_pts_file_meas_t private_pts_file_meas_t;
-
-/**
- * Private data of a pts_file_meas_t object.
- *
- */
-struct private_pts_file_meas_t {
-
- /**
- * Public pts_file_meas_t interface.
- */
- pts_file_meas_t public;
-
- /**
- * ID of PTS File Measurement Request
- */
- u_int16_t request_id;
-
- /**
- * List of File Measurements
- */
- linked_list_t *list;
-};
-
-typedef struct entry_t entry_t;
-
-/**
- * PTS File Measurement entry
- */
-struct entry_t {
- char *filename;
- chunk_t measurement;
-};
-
-/**
- * Free an entry_t object
- */
-static void free_entry(entry_t *entry)
-{
- if (entry)
- {
- free(entry->filename);
- free(entry->measurement.ptr);
- free(entry);
- }
-}
-
-METHOD(pts_file_meas_t, get_request_id, u_int16_t,
- private_pts_file_meas_t *this)
-{
- return this->request_id;
-}
-
-METHOD(pts_file_meas_t, get_file_count, int,
- private_pts_file_meas_t *this)
-{
- return this->list->get_count(this->list);
-}
-
-METHOD(pts_file_meas_t, add, void,
- private_pts_file_meas_t *this, char *filename, chunk_t measurement)
-{
- entry_t *entry;
-
- entry = malloc_thing(entry_t);
- entry->filename = strdup(filename);
- entry->measurement = chunk_clone(measurement);
-
- this->list->insert_last(this->list, entry);
-}
-
-/**
- * Enumerate file measurement entries
- */
-static bool entry_filter(void *null, entry_t **entry, char **filename,
- void *i2, chunk_t *measurement)
-{
- *filename = (*entry)->filename;
- *measurement = (*entry)->measurement;
- return TRUE;
-}
-
-METHOD(pts_file_meas_t, create_enumerator, enumerator_t*,
- private_pts_file_meas_t *this)
-{
- return enumerator_create_filter(this->list->create_enumerator(this->list),
- (void*)entry_filter, NULL, NULL);
-}
-
-METHOD(pts_file_meas_t, verify, bool,
- private_pts_file_meas_t *this, enumerator_t *e_hash, bool is_dir)
-{
- char *filename;
- chunk_t measurement;
- entry_t *entry;
- enumerator_t *enumerator;
- bool found, success = TRUE;
-
- while (e_hash->enumerate(e_hash, &filename, &measurement))
- {
- found = FALSE;
-
- enumerator = this->list->create_enumerator(this->list);
- while (enumerator->enumerate(enumerator, &entry))
- {
- if (!is_dir || streq(filename, entry->filename))
- {
- found = TRUE;
- break;
- }
- }
- enumerator->destroy(enumerator);
-
- if (!found)
- {
- DBG1(DBG_TNC, " no measurement found for '%s'", filename);
- success = FALSE;
- continue;
- }
- if (chunk_equals(measurement, entry->measurement))
- {
- DBG2(DBG_TNC, " %#B for '%s' is ok", &measurement, filename);
- }
- else
- {
- DBG1(DBG_TNC, " %#B for '%s' is incorrect", &measurement, filename);
- success = FALSE;
- }
- if (!is_dir)
- {
- break;
- }
- }
- return success;
-}
-
-METHOD(pts_file_meas_t, destroy, void,
- private_pts_file_meas_t *this)
-{
- this->list->destroy_function(this->list, (void *)free_entry);
- free(this);
-}
-
-/**
- * See header
- */
-pts_file_meas_t *pts_file_meas_create(u_int16_t request_id)
-{
- private_pts_file_meas_t *this;
-
- INIT(this,
- .public = {
- .get_request_id = _get_request_id,
- .get_file_count = _get_file_count,
- .add = _add,
- .create_enumerator = _create_enumerator,
- .verify = _verify,
- .destroy = _destroy,
- },
- .request_id = request_id,
- .list = linked_list_create(),
- );
-
- return &this->public;
-}
-
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pts_file_meas pts_file_meas
- * @{ @ingroup pts
- */
-
-#ifndef PTS_FILE_MEAS_H_
-#define PTS_FILE_MEAS_H_
-
-#include <library.h>
-
-typedef struct pts_file_meas_t pts_file_meas_t;
-
-/**
- * Class storing PTS File Measurements
- */
-struct pts_file_meas_t {
-
- /**
- * Get the ID of the PTS File Measurement Request
- *
- * @return ID of PTS File Measurement Request
- */
- u_int16_t (*get_request_id)(pts_file_meas_t *this);
-
- /**
- * Get the number of measured files
- *
- * @return Number of measured files
- */
- int (*get_file_count)(pts_file_meas_t *this);
-
- /**
- * Add a PTS File Measurement
- *
- * @param filename Name of measured file or directory
- * @param measurement PTS Measurement hash
- */
- void (*add)(pts_file_meas_t *this, char *filename, chunk_t measurement);
-
- /**
- * Create a PTS File Measurement enumerator
- *
- * @return Enumerator returning filename and measurement
- */
- enumerator_t* (*create_enumerator)(pts_file_meas_t *this);
-
- /**
- * Verify stored hashes against PTS File Measurements
- *
- * @param e_hash Hash enumerator
- * @paraem is_dir TRUE for directory contents hashes
- * @return TRUE if all hashes match a measurement
- */
- bool (*verify)(pts_file_meas_t *this, enumerator_t *e_hash, bool is_dir);
-
- /**
- * Destroys a pts_file_meas_t object.
- */
- void (*destroy)(pts_file_meas_t *this);
-
-};
-
-/**
- * Creates a pts_file_meas_t object
- *
- * @param request_id ID of PTS File Measurement Request
- */
-pts_file_meas_t* pts_file_meas_create(u_int16_t request_id);
-
-#endif /** PTS_FILE_MEAS_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pts_funct_comp_name pts_funct_comp_name
- * @{ @ingroup pts
- */
-
-#ifndef PTS_FUNCT_COMP_NAME_H_
-#define PTS_FUNCT_COMP_NAME_H_
-
-typedef enum pts_funct_comp_type_t pts_funct_comp_type_t;
-typedef enum pts_funct_comp_name_t pts_funct_comp_name_t;
-typedef struct pts_qualifier_t pts_qualifier_t;
-
-/**
- * PTS Component Functional Type for Qualifier field
- */
-enum pts_funct_comp_type_t {
- /** Unknown */
- PTS_FUNC_COMP_TYPE_UNKNOWN = 0x0,
- /** Trusted Platform */
- PTS_FUNC_COMP_TYPE_TRUSTED = 0x1,
- /** Operating System */
- PTS_FUNC_COMP_TYPE_OS = 0x2,
- /** Graphical User Interface */
- PTS_FUNC_COMP_TYPE_GUI = 0x3,
- /** Application */
- PTS_FUNC_COMP_TYPE_APP = 0x4,
- /** Networking */
- PTS_FUNC_COMP_TYPE_NET = 0x5,
- /** Library */
- PTS_FUNC_COMP_TYPE_LIB = 0x6,
- /** TNC Defined Component */
- PTS_FUNC_COMP_TYPE_TNC = 0x7,
- /** All matching Components */
- PTS_FUNC_COMP_TYPE_ALL = 0xF,
-};
-
-/**
- * PTS Component Functional Name Binary Enumeration
- */
-enum pts_funct_comp_name_t {
- /** Ignore */
- PTS_FUNC_COMP_NAME_IGNORE = 0x0000,
- /** CRTM */
- PTS_FUNC_COMP_NAME_CRTM = 0x0001,
- /** BIOS */
- PTS_FUNC_COMP_NAME_BIOS = 0x0002,
- /** Platform Extensions */
- PTS_FUNC_COMP_NAME_PLATFORM_EXT = 0x0003,
- /** Motherboard firmware */
- PTS_FUNC_COMP_NAME_BOARD = 0x0004,
- /** Initial Program Loader */
- PTS_FUNC_COMP_NAME_INIT_LOADER = 0x0005,
- /** Option ROMs */
- PTS_FUNC_COMP_NAME_OPT_ROMS = 0x0006,
-};
-
-/**
- * Qualifier for Functional Component
- */
-struct pts_qualifier_t {
- bool kernel;
- bool sub_component;
- pts_funct_comp_type_t type;
-};
-
-#endif /** PTS_FUNCT_COMP_NAME_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "pts_meas_algo.h"
-
-#include <debug.h>
-
-/**
- * Described in header.
- */
-bool pts_meas_probe_algorithms(pts_meas_algorithms_t *algorithms)
-{
- enumerator_t *enumerator;
- hash_algorithm_t hash_alg;
- const char *plugin_name;
- char format1[] = " %s PTS measurement algorithm %N[%s] available";
- char format2[] = " %s PTS measurement algorithm %N not available";
-
- *algorithms = 0;
-
- enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
- while (enumerator->enumerate(enumerator, &hash_alg, &plugin_name))
- {
- if (hash_alg == HASH_SHA1)
- {
- *algorithms |= PTS_MEAS_ALGO_SHA1;
- DBG2(DBG_TNC, format1, "mandatory", hash_algorithm_names, hash_alg,
- plugin_name);
- }
- else if (hash_alg == HASH_SHA256)
- {
- *algorithms |= PTS_MEAS_ALGO_SHA256;
- DBG2(DBG_TNC, format1, "mandatory", hash_algorithm_names, hash_alg,
- plugin_name);
- }
- else if (hash_alg == HASH_SHA384)
- {
- *algorithms |= PTS_MEAS_ALGO_SHA384;
- DBG2(DBG_TNC, format1, "optional ", hash_algorithm_names, hash_alg,
- plugin_name);
- }
- }
- enumerator->destroy(enumerator);
-
- if (!(*algorithms & PTS_MEAS_ALGO_SHA384))
- {
- DBG1(DBG_TNC, format2, "optional ", hash_algorithm_names, HASH_SHA384);
- }
- if ((*algorithms & PTS_MEAS_ALGO_SHA1) &&
- (*algorithms & PTS_MEAS_ALGO_SHA256))
- {
- return TRUE;
- }
- if (!(*algorithms & PTS_MEAS_ALGO_SHA1))
- {
- DBG1(DBG_TNC, format2, "mandatory", hash_algorithm_names, HASH_SHA1);
- }
- if (!(*algorithms & PTS_MEAS_ALGO_SHA256))
- {
- DBG1(DBG_TNC, format2, "mandatory", hash_algorithm_names, HASH_SHA256);
- }
- return FALSE;
-}
-
-/**
- * Described in header.
- */
-hash_algorithm_t pts_meas_to_hash_algorithm(pts_meas_algorithms_t algorithm)
-{
- switch (algorithm)
- {
- case PTS_MEAS_ALGO_SHA1:
- return HASH_SHA1;
- case PTS_MEAS_ALGO_SHA256:
- return HASH_SHA256;
- case PTS_MEAS_ALGO_SHA384:
- return HASH_SHA384;
- default:
- return HASH_UNKNOWN;
- }
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pts_meas_algo pts_meas_algo
- * @{ @ingroup pts
- */
-
-#ifndef PTS_MEAS_ALGO_H_
-#define PTS_MEAS_ALGO_H_
-
-#include <library.h>
-#include <crypto/hashers/hasher.h>
-
-typedef enum pts_meas_algorithms_t pts_meas_algorithms_t;
-
-/**
- * PTS Measurement Algorithms
- */
-enum pts_meas_algorithms_t {
- PTS_MEAS_ALGO_SHA1 = (1<<15),
- PTS_MEAS_ALGO_SHA256 = (1<<14),
- PTS_MEAS_ALGO_SHA384 = (1<<13),
-};
-
-/**
- * Diffie-Hellman Hash Algorithm Values
- * see section 3.8.5 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * |1|2|3|R|R|R|R|R|R|R|R|R|R|R|R|R|
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-
-/**
- * Probe available PTS measurement algorithms
- *
- * @param algorithms set of available algorithms
- * @return TRUE if mandatory algorithms are available
- */
-bool pts_meas_probe_algorithms(pts_meas_algorithms_t *algorithms);
-
-/**
- * Convert pts_meas_algorithms_t to hash_algorithm_t
- *
- * @param algorithm PTS measurement algorithm type
- * @return libstrongswan hash algorithm type
- */
-hash_algorithm_t pts_meas_to_hash_algorithm(pts_meas_algorithms_t algorithm);
-
-#endif /** PTS_MEAS_ALGO_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup pts_proto_caps pts_proto_caps
- * @{ @ingroup pts
- */
-
-#ifndef PTS_PROTO_CAPS_H_
-#define PTS_PROTO_CAPS_H_
-
-typedef enum pts_proto_caps_flag_t pts_proto_caps_flag_t;
-
-#include <library.h>
-
-/**
- * PTS Protocol Capabilities Flags
- */
-enum pts_proto_caps_flag_t {
- /** XML based Evidence Support flag */
- PTS_PROTO_CAPS_X = (1<<0),
- /** Trusted Platform Evidence flag */
- PTS_PROTO_CAPS_T = (1<<1),
- /** DH Nonce Negotiation Support flag */
- PTS_PROTO_CAPS_D = (1<<2),
- /** Verification Support flag */
- PTS_PROTO_CAPS_V = (1<<3),
- /** Current (In-Memory) Evidence Support flag */
- PTS_PROTO_CAPS_C = (1<<4),
-};
-
-#endif /** PTS_PROTO_CAPS_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_attr.h"
-
-ENUM_BEGIN(tcg_attr_names, TCG_PTS_REQ_FUNCT_COMP_EVID,
- TCG_PTS_REQ_FUNCT_COMP_EVID,
- "Request Functional Component Evidence");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_GEN_ATTEST_EVID,
- TCG_PTS_GEN_ATTEST_EVID,
- TCG_PTS_REQ_FUNCT_COMP_EVID,
- "Generate Attestation Evidence");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_SIMPLE_COMP_EVID,
- TCG_PTS_SIMPLE_COMP_EVID,
- TCG_PTS_GEN_ATTEST_EVID,
- "Simple Component Evidence");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_SIMPLE_EVID_FINAL,
- TCG_PTS_SIMPLE_EVID_FINAL,
- TCG_PTS_SIMPLE_COMP_EVID,
- "Simple Evidence Final");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_VERIFICATION_RESULT,
- TCG_PTS_VERIFICATION_RESULT,
- TCG_PTS_SIMPLE_EVID_FINAL,
- "Verification Result");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_INTEG_REPORT,
- TCG_PTS_INTEG_REPORT,
- TCG_PTS_VERIFICATION_RESULT,
- "Integrity Report");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_REQ_FILE_META,
- TCG_PTS_REQ_FILE_META,
- TCG_PTS_INTEG_REPORT,
- "Request File Metadata");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_WIN_FILE_META,
- TCG_PTS_WIN_FILE_META,
- TCG_PTS_REQ_FILE_META,
- "Windows-Style File Metadata");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_UNIX_FILE_META,
- TCG_PTS_UNIX_FILE_META,
- TCG_PTS_WIN_FILE_META,
- "Unix-Style File Metadata");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_REQ_REGISTRY_VALUE,
- TCG_PTS_REQ_REGISTRY_VALUE,
- TCG_PTS_UNIX_FILE_META,
- "Request Registry Value");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_REGISTRY_VALUE,
- TCG_PTS_REGISTRY_VALUE,
- TCG_PTS_REQ_REGISTRY_VALUE,
- "Registry Value");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_REQ_FILE_MEAS,
- TCG_PTS_REQ_FILE_MEAS,
- TCG_PTS_REGISTRY_VALUE,
- "Request File Measurement");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_FILE_MEAS,
- TCG_PTS_FILE_MEAS,
- TCG_PTS_REQ_FILE_MEAS,
- "File Measurement");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_REQ_INTEG_MEAS_LOG,
- TCG_PTS_REQ_INTEG_MEAS_LOG,
- TCG_PTS_FILE_MEAS,
- "Request Integrity Measurement Log");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_INTEG_MEAS_LOG,
- TCG_PTS_INTEG_MEAS_LOG,
- TCG_PTS_REQ_INTEG_MEAS_LOG,
- "Integrity Measurement Log");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_REQ_PROTO_CAPS,
- TCG_PTS_REQ_PROTO_CAPS,
- TCG_PTS_INTEG_MEAS_LOG,
- "Request PTS Protocol Capabilities");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_PROTO_CAPS,
- TCG_PTS_PROTO_CAPS,
- TCG_PTS_REQ_PROTO_CAPS,
- "PTS Protocol Capabilities");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_DH_NONCE_PARAMS_REQ,
- TCG_PTS_DH_NONCE_PARAMS_REQ,
- TCG_PTS_PROTO_CAPS,
- "DH Nonce Parameters Request");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_DH_NONCE_PARAMS_RESP,
- TCG_PTS_DH_NONCE_PARAMS_RESP,
- TCG_PTS_DH_NONCE_PARAMS_REQ,
- "DH Nonce Parameters Response");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_DH_NONCE_FINISH,
- TCG_PTS_DH_NONCE_FINISH,
- TCG_PTS_DH_NONCE_PARAMS_RESP,
- "DH Nonce Finish");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_MEAS_ALGO,
- TCG_PTS_MEAS_ALGO,
- TCG_PTS_DH_NONCE_FINISH,
- "PTS Measurement Algorithm Request");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_MEAS_ALGO_SELECTION,
- TCG_PTS_MEAS_ALGO_SELECTION,
- TCG_PTS_MEAS_ALGO,
- "PTS Measurement Algorithm");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_GET_TPM_VERSION_INFO,
- TCG_PTS_GET_TPM_VERSION_INFO,
- TCG_PTS_MEAS_ALGO_SELECTION,
- "Get TPM Version Information");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_TPM_VERSION_INFO,
- TCG_PTS_TPM_VERSION_INFO,
- TCG_PTS_GET_TPM_VERSION_INFO,
- "TPM Version Information");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_REQ_TEMPL_REF_MANI_SET_META,
- TCG_PTS_REQ_TEMPL_REF_MANI_SET_META,
- TCG_PTS_TPM_VERSION_INFO,
- "Request Template Reference Manifest Set Metadata");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_TEMPL_REF_MANI_SET_META,
- TCG_PTS_TEMPL_REF_MANI_SET_META,
- TCG_PTS_REQ_TEMPL_REF_MANI_SET_META,
- "Template Reference Manifest Set Metadata");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_UPDATE_TEMPL_REF_MANI,
- TCG_PTS_UPDATE_TEMPL_REF_MANI,
- TCG_PTS_TEMPL_REF_MANI_SET_META,
- "Update Template Reference Manifest");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_GET_AIK,
- TCG_PTS_GET_AIK,
- TCG_PTS_UPDATE_TEMPL_REF_MANI,
- "Get Attestation Identity Key");
-ENUM_NEXT(tcg_attr_names, TCG_PTS_AIK,
- TCG_PTS_AIK,
- TCG_PTS_GET_AIK,
- "Attestation Identity Key");
-ENUM_END(tcg_attr_names, TCG_PTS_AIK);
+++ /dev/null
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_attrt tcg_attr
- * @{ @ingroup tcg_attr
- */
-
-#ifndef TCG_ATTR_H_
-#define TCG_ATTR_H_
-
-#include <library.h>
-
-typedef enum tcg_attr_t tcg_attr_t;
-
-/**
- * TCG PTS IF-M Attributes (section 4 of PTS PROTO: Binding to TNC IF-M)
- */
-enum tcg_attr_t {
-
- /* PTS Protocol Negotiations */
- TCG_PTS_REQ_PROTO_CAPS = 0x01000000,
- TCG_PTS_PROTO_CAPS = 0x02000000,
- TCG_PTS_DH_NONCE_PARAMS_REQ = 0x03000000,
- TCG_PTS_DH_NONCE_PARAMS_RESP = 0x04000000,
- TCG_PTS_DH_NONCE_FINISH = 0x05000000,
- TCG_PTS_MEAS_ALGO = 0x06000000,
- TCG_PTS_MEAS_ALGO_SELECTION = 0x07000000,
- TCG_PTS_GET_TPM_VERSION_INFO = 0x08000000,
- TCG_PTS_TPM_VERSION_INFO = 0x09000000,
- TCG_PTS_REQ_TEMPL_REF_MANI_SET_META = 0x0A000000,
- TCG_PTS_TEMPL_REF_MANI_SET_META = 0x0B000000,
- TCG_PTS_UPDATE_TEMPL_REF_MANI = 0x0C000000,
- TCG_PTS_GET_AIK = 0x0D000000,
- TCG_PTS_AIK = 0x0E000000,
-
- /* PTS-based Attestation Evidence */
- TCG_PTS_REQ_FUNCT_COMP_EVID = 0x00100000,
- TCG_PTS_GEN_ATTEST_EVID = 0x00200000,
- TCG_PTS_SIMPLE_COMP_EVID = 0x00300000,
- TCG_PTS_SIMPLE_EVID_FINAL = 0x00400000,
- TCG_PTS_VERIFICATION_RESULT = 0x00500000,
- TCG_PTS_INTEG_REPORT = 0x00600000,
- TCG_PTS_REQ_FILE_META = 0x00700000,
- TCG_PTS_WIN_FILE_META = 0x00800000,
- TCG_PTS_UNIX_FILE_META = 0x00900000,
- TCG_PTS_REQ_REGISTRY_VALUE = 0x00A00000,
- TCG_PTS_REGISTRY_VALUE = 0x00B00000,
- TCG_PTS_REQ_FILE_MEAS = 0x00C00000,
- TCG_PTS_FILE_MEAS = 0x00D00000,
- TCG_PTS_REQ_INTEG_MEAS_LOG = 0x00E00000,
- TCG_PTS_INTEG_MEAS_LOG = 0x00F00000,
-};
-
-/**
- * enum name for tcg_attr_t.
- */
-extern enum_name_t *tcg_attr_names;
-
-#endif /** TCG_ATTR_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_aik.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_aik_t private_tcg_pts_attr_aik_t;
-
-/**
- * Attestation Identity Key
- * see section 3.13 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Attestation Identity Key (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Attestation Identity Key (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- */
-
-#define PTS_AIK_SIZE 4
-#define PTS_AIK_FLAGS_NONE 0
-#define PTS_AIK_FLAGS_NAKED_KEY (1<<7)
-/**
- * Private data of an tcg_pts_attr_aik_t object.
- */
-struct private_tcg_pts_attr_aik_t {
-
- /**
- * Public members of tcg_pts_attr_aik_t
- */
- tcg_pts_attr_aik_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-
- /**
- * AIK Certificate or Public Key
- */
- certificate_t *aik;
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_aik_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_aik_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_aik_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_aik_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_aik_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_aik_t *this)
-{
- bio_writer_t *writer;
- u_int8_t flags = PTS_AIK_FLAGS_NONE;
- cred_encoding_type_t encoding_type = CERT_ASN1_DER;
- chunk_t aik_blob;
-
- if (this->aik->get_type(this->aik) == CERT_TRUSTED_PUBKEY)
- {
- flags |= PTS_AIK_FLAGS_NAKED_KEY;
- encoding_type = PUBKEY_SPKI_ASN1_DER;
- }
- if (!this->aik->get_encoding(this->aik, encoding_type, &aik_blob))
- {
- DBG1(DBG_TNC, "encoding of Attestation Identity Key failed");
- aik_blob = chunk_empty;
- }
- writer = bio_writer_create(PTS_AIK_SIZE);
- writer->write_uint8(writer, flags);
- writer->write_data (writer, aik_blob);
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_aik_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int8_t flags;
- certificate_type_t type;
- chunk_t aik_blob;
-
- if (this->value.len < PTS_AIK_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for Attestation Identity Key");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
- reader->read_uint8(reader, &flags);
- reader->read_data (reader, reader->remaining(reader), &aik_blob);
-
- type = (flags & PTS_AIK_FLAGS_NAKED_KEY) ? CERT_TRUSTED_PUBKEY : CERT_X509;
-
- this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE, type,
- BUILD_BLOB_PEM, aik_blob, BUILD_END);
- reader->destroy(reader);
-
- if (!this->aik)
- {
- DBG1(DBG_TNC, "parsing of Attestation Identity Key failed");
- *offset = 0;
- return FAILED;
- }
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_aik_t *this)
-{
- DESTROY_IF(this->aik);
- free(this->value.ptr);
- free(this);
-}
-
-METHOD(tcg_pts_attr_aik_t, get_aik, certificate_t*,
- private_tcg_pts_attr_aik_t *this)
-{
- return this->aik;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_aik_create(certificate_t *aik)
-{
- private_tcg_pts_attr_aik_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_aik = _get_aik,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_AIK,
- .aik = aik->get_ref(aik),
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_aik_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_aik_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_aik = _get_aik,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_AIK,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_aik tcg_pts_attr_aik
- * @{ @ingroup tcg_pts_attr_aik
- */
-
-#ifndef TCG_PTS_ATTR_AIK_H_
-#define TCG_PTS_ATTR_AIK_H_
-
-typedef struct tcg_pts_attr_aik_t tcg_pts_attr_aik_t;
-
-#include "tcg_attr.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-#include <credentials/certificates/certificate.h>
-
-/**
- * Class implementing the TCG PTS Attestation Identity Key attribute
- *
- */
-struct tcg_pts_attr_aik_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-
- /**
- * Get AIK
- *
- * @return AIK Certificate or Public Key
- */
- certificate_t* (*get_aik)(tcg_pts_attr_aik_t *this);
-
-};
-
-/**
- * Creates an tcg_pts_attr_aik_t object
- *
- * @param aik Attestation Identity Key
- */
-pa_tnc_attr_t* tcg_pts_attr_aik_create(certificate_t *aik);
-
-/**
- * Creates an tcg_pts_attr_aik_t object from received data
- *
- * @param value unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_aik_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_AIK_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_file_meas.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <utils/linked_list.h>
-/* For pow function */
-#include <math.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_file_meas_t private_tcg_pts_attr_file_meas_t;
-
-/**
- * File Measurement
- * see section 3.19.2 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Number of Files included |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Number of Files included |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Request ID | Measurement Length |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement #1 (Variable Length) |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Filename Length | Filename (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Filename (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement #2 (Variable Length) |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Filename Length | Filename (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Filename (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ...........................
- */
-
-#define PTS_FILE_MEAS_SIZE 12
-
-/**
- * Private data of an tcg_pts_attr_file_meas_t object.
- */
-struct private_tcg_pts_attr_file_meas_t {
-
- /**
- * Public members of tcg_pts_attr_file_meas_t
- */
- tcg_pts_attr_file_meas_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-
- /**
- * PTS File Measurements
- */
- pts_file_meas_t *measurements;
-
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_file_meas_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_file_meas_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_file_meas_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_file_meas_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_file_meas_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_file_meas_t *this)
-{
- bio_writer_t *writer;
- enumerator_t *enumerator;
- u_int64_t number_of_files;
- u_int16_t request_id;
- char *filename;
- chunk_t measurement;
- bool first = TRUE;
-
- number_of_files = this->measurements->get_file_count(this->measurements);
- request_id = this->measurements->get_request_id(this->measurements);
- writer = bio_writer_create(PTS_FILE_MEAS_SIZE);
-
- /* Write the 64 bit integer as two 32 bit parts */
- writer->write_uint32(writer, number_of_files >> 32);
- writer->write_uint32(writer, number_of_files & 0xffffffff);
- writer->write_uint16(writer, request_id);
-
- enumerator = this->measurements->create_enumerator(this->measurements);
- while (enumerator->enumerate(enumerator, &filename, &measurement))
- {
- if (first)
- {
- writer->write_uint16(writer, measurement.len);
- first = FALSE;
- }
- writer->write_data (writer, measurement);
- writer->write_uint16(writer, strlen(filename));
- writer->write_data (writer, chunk_create(filename, strlen(filename)));
- }
- enumerator->destroy(enumerator);
-
- if (first)
- {
- /* no attached measurements */
- writer->write_uint16(writer, 0);
- }
-
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_file_meas_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- int count;
- u_int32_t number_of_files;
- u_int16_t request_id, meas_len, filename_len;
- size_t len;
- chunk_t measurement, filename;
- char buf[BUF_LEN];
- status_t status = FAILED;
-
- if (this->value.len < PTS_FILE_MEAS_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for PTS file measurement header");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
-
- reader->read_uint32(reader, &number_of_files);
- count = (sizeof(count) > 4) ? number_of_files << 32 : 0;
- reader->read_uint32(reader, &number_of_files);
- count += number_of_files;
- reader->read_uint16(reader, &request_id);
- reader->read_uint16(reader, &meas_len);
-
- this->measurements = pts_file_meas_create(request_id);
-
- while (count--)
- {
- if (!reader->read_data(reader, meas_len, &measurement))
- {
- DBG1(DBG_TNC, "insufficient data for PTS file measurement");
- goto end;
- }
- if (!reader->read_uint16(reader, &filename_len))
- {
- DBG1(DBG_TNC, "insufficient data for filename length");
- goto end;
- }
- if (!reader->read_data(reader, filename_len, &filename))
- {
- DBG1(DBG_TNC, "insufficient data for filename");
- goto end;
- }
-
- len = min(filename.len, BUF_LEN-1);
- memcpy(buf, filename.ptr, len);
- buf[len] = '\0';
- this->measurements->add(this->measurements, buf, measurement);
- }
- status = SUCCESS;
-
-end:
- reader->destroy(reader);
- return status;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_file_meas_t *this)
-{
- this->measurements->destroy(this->measurements);
- free(this->value.ptr);
- free(this);
-}
-
-METHOD(tcg_pts_attr_file_meas_t, get_measurements, pts_file_meas_t*,
- private_tcg_pts_attr_file_meas_t *this)
-{
- return this->measurements;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_file_meas_create(pts_file_meas_t *measurements)
-{
- private_tcg_pts_attr_file_meas_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_measurements = _get_measurements,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_FILE_MEAS,
- .measurements = measurements,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_file_meas_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_file_meas_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_measurements = _get_measurements,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_FILE_MEAS,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_file_meas tcg_pts_attr_file_meas
- * @{ @ingroup tcg_pts_attr_file_meas
- */
-
-#ifndef TCG_PTS_ATTR_FILE_MEAS_H_
-#define TCG_PTS_ATTR_FILE_MEAS_H_
-
-typedef struct tcg_pts_attr_file_meas_t tcg_pts_attr_file_meas_t;
-
-#include "tcg_attr.h"
-#include "pa_tnc/pa_tnc_attr.h"
-#include "pts/pts.h"
-#include "pts/pts_file_meas.h"
-
-/**
- * Class implementing the TCG PTS File Measurement attribute
- *
- */
-struct tcg_pts_attr_file_meas_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-
- /**
- * Get PTS File Measurements
- *
- * @return PTS File Measurements
- */
- pts_file_meas_t* (*get_measurements)(tcg_pts_attr_file_meas_t *this);
-
-};
-
-/**
- * Creates an tcg_pts_attr_file_meas_t object
- *
- * @param measurements PTS File Measurements
- */
-pa_tnc_attr_t* tcg_pts_attr_file_meas_create(pts_file_meas_t *measurements);
-
-/**
- * Creates an tcg_pts_attr_file_meas_t object from received data
- *
- * @param value unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_file_meas_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_FILE_MEAS_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_gen_attest_evid.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_gen_attest_evid_t private_tcg_pts_attr_gen_attest_evid_t;
-
-/**
- * Generate Attestation Evidence
- * see section 3.14.2 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- *
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-
-#define PTS_GEN_ATTEST_EVID_SIZE 4
-#define PTS_GEN_ATTEST_EVID_RESERVED 0x00
-
-/**
- * Private data of an tcg_pts_attr_gen_attest_evid_t object.
- */
-struct private_tcg_pts_attr_gen_attest_evid_t {
-
- /**
- * Public members of tcg_pts_attr_gen_attest_evid_t
- */
- tcg_pts_attr_gen_attest_evid_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_gen_attest_evid_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_gen_attest_evid_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_gen_attest_evid_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_gen_attest_evid_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_gen_attest_evid_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_gen_attest_evid_t *this)
-{
- bio_writer_t *writer;
-
- writer = bio_writer_create(PTS_GEN_ATTEST_EVID_SIZE);
- writer->write_uint32 (writer, PTS_GEN_ATTEST_EVID_RESERVED);
-
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_gen_attest_evid_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int32_t reserved;
-
- if (this->value.len < PTS_GEN_ATTEST_EVID_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for Generate Attestation Evidence");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
- reader->read_uint32 (reader, &reserved);
- reader->destroy(reader);
-
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_gen_attest_evid_t *this)
-{
- free(this->value.ptr);
- free(this);
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_gen_attest_evid_create()
-{
- private_tcg_pts_attr_gen_attest_evid_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_GEN_ATTEST_EVID,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_gen_attest_evid_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_gen_attest_evid_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_GEN_ATTEST_EVID,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_gen_attest_evid tcg_pts_attr_gen_attest_evid
- * @{ @ingroup tcg_pts_attr_gen_attest_evid
- */
-
-#ifndef TCG_PTS_ATTR_GEN_ATTEST_EVID_H_
-#define TCG_PTS_ATTR_GEN_ATTEST_EVID_H_
-
-typedef struct tcg_pts_attr_gen_attest_evid_t tcg_pts_attr_gen_attest_evid_t;
-
-#include "tcg_attr.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-/**
- * Class implementing the TCG PTS Generate Attestation Evidence Attribute
- *
- */
-struct tcg_pts_attr_gen_attest_evid_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-};
-
-/**
- * Creates an tcg_pts_attr_gen_attest_evid_t object
- */
-pa_tnc_attr_t* tcg_pts_attr_gen_attest_evid_create();
-
-/**
- * Creates an tcg_pts_attr_gen_attest_evid_t object from received data
- *
- * @param value unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_gen_attest_evid_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_GEN_ATTEST_EVID_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_get_aik.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_get_aik_t private_tcg_pts_attr_get_aik_t;
-
-/**
- * Get Attestation Identity Key
- * see section 3.12 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- */
-
-#define PTS_GET_AIK_SIZE 4
-#define PTS_GET_AIK_RESERVED 0x00000000
-
-/**
- * Private data of an tcg_pts_attr_get_aik_t object.
- */
-struct private_tcg_pts_attr_get_aik_t {
-
- /**
- * Public members of tcg_pts_attr_get_aik_t
- */
- tcg_pts_attr_get_aik_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_get_aik_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_get_aik_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_get_aik_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_get_aik_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_get_aik_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_get_aik_t *this)
-{
- bio_writer_t *writer;
-
- writer = bio_writer_create(PTS_GET_AIK_SIZE);
- writer->write_uint32 (writer, PTS_GET_AIK_RESERVED);
-
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_get_aik_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int32_t reserved;
-
- if (this->value.len < PTS_GET_AIK_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for Get AIK");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
- reader->read_uint32 (reader, &reserved);
- reader->destroy(reader);
-
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_get_aik_t *this)
-{
- free(this->value.ptr);
- free(this);
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_get_aik_create()
-{
- private_tcg_pts_attr_get_aik_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_GET_AIK,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_get_aik_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_get_aik_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_GET_AIK,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_get_aik tcg_pts_attr_get_aik
- * @{ @ingroup tcg_pts_attr_get_aik
- */
-
-#ifndef TCG_PTS_ATTR_GET_AIK_H_
-#define TCG_PTS_ATTR_GET_AIK_H_
-
-typedef struct tcg_pts_attr_get_aik_t tcg_pts_attr_get_aik_t;
-
-#include "tcg_attr.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-/**
- * Class implementing the TCG PTS Get Attestation Identity Key Attribute
- *
- */
-struct tcg_pts_attr_get_aik_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-};
-
-/**
- * Creates an tcg_pts_attr_get_aik_t object
- */
-pa_tnc_attr_t* tcg_pts_attr_get_aik_create();
-
-/**
- * Creates an tcg_pts_attr_get_aik_t object from received data
- *
- * @param value unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_get_aik_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_GET_AIK_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_get_tpm_version_info.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_get_tpm_version_info_t private_tcg_pts_attr_get_tpm_version_info_t;
-
-/**
- * Get TPM Version Information
- * see section 3.10 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- *
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-
-#define PTS_GET_TPM_VER_INFO_SIZE 4
-#define PTS_GET_TPM_VER_INFO_RESERVED 0x00
-
-/**
- * Private data of an tcg_pts_attr_get_tpm_version_info_t object.
- */
-struct private_tcg_pts_attr_get_tpm_version_info_t {
-
- /**
- * Public members of tcg_pts_attr_get_tpm_version_info_t
- */
- tcg_pts_attr_get_tpm_version_info_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_get_tpm_version_info_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_get_tpm_version_info_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_get_tpm_version_info_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_get_tpm_version_info_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_get_tpm_version_info_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_get_tpm_version_info_t *this)
-{
- bio_writer_t *writer;
-
- writer = bio_writer_create(PTS_GET_TPM_VER_INFO_SIZE);
- writer->write_uint32 (writer, PTS_GET_TPM_VER_INFO_RESERVED);
-
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_get_tpm_version_info_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int32_t reserved;
-
- if (this->value.len < PTS_GET_TPM_VER_INFO_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for Get TPM Version Information");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
- reader->read_uint32 (reader, &reserved);
- reader->destroy(reader);
-
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_get_tpm_version_info_t *this)
-{
- free(this->value.ptr);
- free(this);
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_get_tpm_version_info_create()
-{
- private_tcg_pts_attr_get_tpm_version_info_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_GET_TPM_VERSION_INFO,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_get_tpm_version_info_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_get_tpm_version_info_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_GET_TPM_VERSION_INFO,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_get_tpm_version_info tcg_pts_attr_get_tpm_version_info
- * @{ @ingroup tcg_pts_attr_get_tpm_version_info
- */
-
-#ifndef TCG_PTS_ATTR_GET_TPM_VERSION_INFO_H_
-#define TCG_PTS_ATTR_GET_TPM_VERSION_INFO_H_
-
-typedef struct tcg_pts_attr_get_tpm_version_info_t tcg_pts_attr_get_tpm_version_info_t;
-
-#include "tcg_attr.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-/**
- * Class implementing the TCG PTS Get TPM Version Info Attribute
- *
- */
-struct tcg_pts_attr_get_tpm_version_info_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-};
-
-/**
- * Creates an tcg_pts_attr_get_tpm_version_info_t object
- */
-pa_tnc_attr_t* tcg_pts_attr_get_tpm_version_info_create();
-
-/**
- * Creates an tcg_pts_attr_get_tpm_version_info_t object from received data
- *
- * @param value unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_get_tpm_version_info_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_GET_TPM_VERSION_INFO_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_meas_algo.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_meas_algo_t private_tcg_pts_attr_meas_algo_t;
-
-/**
- * PTS Measurement Algorithm
- * see section 3.9.1 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved | Hash Algorithm Set |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-
-#define PTS_MEAS_ALGO_SIZE 4
-#define PTS_MEAS_ALGO_RESERVED 0x0000
-
-/**
- * Private data of an tcg_pts_attr_meas_algo_t object.
- */
-struct private_tcg_pts_attr_meas_algo_t {
-
- /**
- * Public members of tcg_pts_attr_meas_algo_t
- */
- tcg_pts_attr_meas_algo_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-
- /**
- * Set of algorithms
- */
- pts_meas_algorithms_t algorithms;
-
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_meas_algo_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_meas_algo_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_meas_algo_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_meas_algo_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_meas_algo_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_meas_algo_t *this)
-{
- bio_writer_t *writer;
-
- writer = bio_writer_create(PTS_MEAS_ALGO_SIZE);
- writer->write_uint16(writer, PTS_MEAS_ALGO_RESERVED);
- writer->write_uint16(writer, this->algorithms);
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_meas_algo_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int16_t reserved, algorithms;
-
- if (this->value.len < PTS_MEAS_ALGO_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for PTS Measurement Algorithm");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
- reader->read_uint16(reader, &reserved);
- reader->read_uint16(reader, &algorithms);
- this->algorithms = algorithms;
- reader->destroy(reader);
-
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_meas_algo_t *this)
-{
- free(this->value.ptr);
- free(this);
-}
-
-METHOD(tcg_pts_attr_meas_algo_t, get_algorithms, pts_meas_algorithms_t,
- private_tcg_pts_attr_meas_algo_t *this)
-{
- return this->algorithms;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_meas_algo_create(pts_meas_algorithms_t algorithms,
- bool selection)
-{
- private_tcg_pts_attr_meas_algo_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_algorithms = _get_algorithms,
- },
- .vendor_id = PEN_TCG,
- .type = selection ? TCG_PTS_MEAS_ALGO_SELECTION : TCG_PTS_MEAS_ALGO,
- .algorithms = algorithms,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_meas_algo_create_from_data(chunk_t data,
- bool selection)
-{
- private_tcg_pts_attr_meas_algo_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_algorithms = _get_algorithms,
- },
- .vendor_id = PEN_TCG,
- .type = selection ? TCG_PTS_MEAS_ALGO_SELECTION : TCG_PTS_MEAS_ALGO,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_meas_algo tcg_pts_attr_meas_algo
- * @{ @ingroup tcg_pts_attr_meas_algo
- */
-
-#ifndef TCG_PTS_ATTR_MEAS_ALGO_H_
-#define TCG_PTS_ATTR_MEAS_ALGO_H_
-
-typedef struct tcg_pts_attr_meas_algo_t tcg_pts_attr_meas_algo_t;
-
-#include "tcg_attr.h"
-#include "pts/pts_meas_algo.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-/**
- * Class implementing the TCG Measurement Algorithm Attribute
- *
- */
-struct tcg_pts_attr_meas_algo_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-
- /**
- * Get PTS Measurement Algorithm Set
- *
- * @return set of algorithms
- */
- pts_meas_algorithms_t (*get_algorithms)(tcg_pts_attr_meas_algo_t *this);
-
-};
-
-/**
- * Creates an tcg_pts_attr_meas_algo_t object
- *
- * @param algorithms set of algorithms
- * @param selection TRUE if a selection
- */
-pa_tnc_attr_t* tcg_pts_attr_meas_algo_create(pts_meas_algorithms_t algorithms,
- bool selection);
-
-/**
- * Creates an tcg_pts_attr_meas_algo_t object from received data
- *
- * @param value unparsed attribute value
- * @param selection TRUE if a selection
- */
-pa_tnc_attr_t* tcg_pts_attr_meas_algo_create_from_data(chunk_t value,
- bool selection);
-
-#endif /** TCG_PTS_ATTR_MEAS_ALGO_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_proto_caps.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_proto_caps_t private_tcg_pts_attr_proto_caps_t;
-
-/**
- * PTS Protocol Capabilities
- * see section 3.7 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Reserved |C|V|D|T|X|
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-
-#define PTS_PROTO_CAPS_SIZE 4
-#define PTS_PROTO_CAPS_RESERVED 0x0000
-
-/**
- * Private data of an tcg_pts_attr_proto_caps_t object.
- */
-struct private_tcg_pts_attr_proto_caps_t {
-
- /**
- * Public members of tcg_pts_attr_proto_caps_t
- */
- tcg_pts_attr_proto_caps_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-
- /**
- * Set of flags
- */
- pts_proto_caps_flag_t flags;
-
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_proto_caps_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_proto_caps_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_proto_caps_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_proto_caps_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_proto_caps_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_proto_caps_t *this)
-{
- bio_writer_t *writer;
-
- writer = bio_writer_create(PTS_PROTO_CAPS_SIZE);
- writer->write_uint16(writer, PTS_PROTO_CAPS_RESERVED);
- writer->write_uint16(writer, this->flags);
-
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_proto_caps_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int16_t reserved, flags;
-
- if (this->value.len < PTS_PROTO_CAPS_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for PTS Protocol Capabilities");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
- reader->read_uint16(reader, &reserved);
- reader->read_uint16(reader, &flags);
- this->flags = flags;
- reader->destroy(reader);
-
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_proto_caps_t *this)
-{
- free(this->value.ptr);
- free(this);
-}
-
-METHOD(tcg_pts_attr_proto_caps_t, get_flags, pts_proto_caps_flag_t,
- private_tcg_pts_attr_proto_caps_t *this)
-{
- return this->flags;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_proto_caps_create(pts_proto_caps_flag_t flags,
- bool request)
-{
- private_tcg_pts_attr_proto_caps_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_flags = _get_flags,
- },
- .vendor_id = PEN_TCG,
- .type = request ? TCG_PTS_REQ_PROTO_CAPS : TCG_PTS_PROTO_CAPS,
- .flags = flags,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_proto_caps_create_from_data(chunk_t data,
- bool request)
-{
- private_tcg_pts_attr_proto_caps_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_flags = _get_flags,
- },
- .vendor_id = PEN_TCG,
- .type = request ? TCG_PTS_REQ_PROTO_CAPS : TCG_PTS_PROTO_CAPS,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_proto_caps tcg_pts_attr_proto_caps
- * @{ @ingroup tcg_pts_attr_proto_caps
- */
-
-#ifndef TCG_PTS_ATTR_PROTO_CAPS_H_
-#define TCG_PTS_ATTR_PROTO_CAPS_H_
-
-typedef struct tcg_pts_attr_proto_caps_t tcg_pts_attr_proto_caps_t;
-
-#include "tcg_attr.h"
-#include "pa_tnc/pa_tnc_attr.h"
-#include "pts/pts_proto_caps.h"
-
-/**
- * Class implementing the TCG PTS Protocol Capabilities Attribute
- */
-struct tcg_pts_attr_proto_caps_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-
- /**
- * Get PTS procol capabilities flags
- *
- * @return set of flags
- */
- pts_proto_caps_flag_t (*get_flags)(tcg_pts_attr_proto_caps_t *this);
-
-};
-
-/**
- * Creates an tcg_pts_attr_proto_caps_t object
- *
- * @param flags set of flags
- * @param request TRUE for a PTS protocol capabilities request
- */
-pa_tnc_attr_t* tcg_pts_attr_proto_caps_create(pts_proto_caps_flag_t flags,
- bool request);
-
-/**
- * Creates an tcg_pts_attr_proto_caps_t object from received data
- *
- * @param value unparsed attribute value
- * @param request TRUE for a PTS protocol capabilities request
- */
-pa_tnc_attr_t* tcg_pts_attr_proto_caps_create_from_data(chunk_t value,
- bool request);
-
-#endif /** TCG_PTS_ATTR_PROTO_CAPS_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_req_file_meas.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_req_file_meas_t private_tcg_pts_attr_req_file_meas_t;
-
-/**
- * Request File Measurement
- * see section 3.19.1 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Reserved | Request ID |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Delimiter |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Fully Qualified File Pathname (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- */
-
-#define PTS_REQ_FILE_MEAS_SIZE 8
-#define PTS_REQ_FILE_MEAS_RESERVED 0x00
-#define PTS_REQ_FILE_MEAS_NO_FLAGS 0x00
-
-#define DIRECTORY_CONTENTS_FLAG (1<<7)
-
-/**
- * Private data of an tcg_pts_attr_req_file_meas_t object.
- */
-struct private_tcg_pts_attr_req_file_meas_t {
-
- /**
- * Public members of tcg_pts_attr_req_file_meas_t
- */
- tcg_pts_attr_req_file_meas_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-
- /**
- * Directory Contents flag
- */
- bool directory_flag;
-
- /**
- * Request ID
- */
- u_int16_t request_id;
-
- /**
- * UTF8 Encoding of Delimiter Character
- */
- u_int32_t delimiter;
-
- /**
- * Fully Qualified File Pathname
- */
- char *pathname;
-
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_req_file_meas_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- u_int8_t flags = PTS_REQ_FILE_MEAS_NO_FLAGS;
- chunk_t pathname;
- bio_writer_t *writer;
-
- if (this->directory_flag)
- {
- flags |= DIRECTORY_CONTENTS_FLAG;
- }
- pathname = chunk_create(this->pathname, strlen(this->pathname));
-
- writer = bio_writer_create(PTS_REQ_FILE_MEAS_SIZE);
- writer->write_uint8 (writer, flags);
- writer->write_uint8 (writer, PTS_REQ_FILE_MEAS_RESERVED);
- writer->write_uint16(writer, this->request_id);
- writer->write_uint32(writer, this->delimiter);
- writer->write_data (writer, pathname);
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_req_file_meas_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int8_t flags;
- u_int8_t reserved;
- chunk_t pathname;
-
- if (this->value.len < PTS_REQ_FILE_MEAS_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for Request File Measurement");
- *offset = 0;
- return FAILED;
- }
-
- reader = bio_reader_create(this->value);
- reader->read_uint8 (reader, &flags);
- reader->read_uint8 (reader, &reserved);
- reader->read_uint16(reader, &this->request_id);
- reader->read_uint32(reader, &this->delimiter);
- reader->read_data (reader, reader->remaining(reader), &pathname);
-
- this->directory_flag = (flags & DIRECTORY_CONTENTS_FLAG) !=
- PTS_REQ_FILE_MEAS_NO_FLAGS;
-
- this->pathname = malloc(pathname.len + 1);
- memcpy(this->pathname, pathname.ptr, pathname.len);
- this->pathname[pathname.len] = '\0';
-
- reader->destroy(reader);
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- free(this->pathname);
- free(this->value.ptr);
- free(this);
-}
-
-METHOD(tcg_pts_attr_req_file_meas_t, get_directory_flag, bool,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- return this->directory_flag;
-}
-
-METHOD(tcg_pts_attr_req_file_meas_t, get_request_id, u_int16_t,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- return this->request_id;
-}
-
-METHOD(tcg_pts_attr_req_file_meas_t, get_delimiter, u_int32_t,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- return this->delimiter;
-}
-
-METHOD(tcg_pts_attr_req_file_meas_t, get_pathname, char*,
- private_tcg_pts_attr_req_file_meas_t *this)
-{
- return this->pathname;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_req_file_meas_create(bool directory_flag,
- u_int16_t request_id,
- u_int32_t delimiter,
- char *pathname)
-{
- private_tcg_pts_attr_req_file_meas_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_directory_flag = _get_directory_flag,
- .get_request_id = _get_request_id,
- .get_delimiter = _get_delimiter,
- .get_pathname = _get_pathname,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_REQ_FILE_MEAS,
- .directory_flag = directory_flag,
- .request_id = request_id,
- .delimiter = delimiter,
- .pathname = strdup(pathname),
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_req_file_meas_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_req_file_meas_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_directory_flag = _get_directory_flag,
- .get_request_id = _get_request_id,
- .get_delimiter = _get_delimiter,
- .get_pathname = _get_pathname,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_REQ_FILE_MEAS,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_req_file_meas tcg_pts_attr_req_file_meas
- * @{ @ingroup tcg_pts_attr_req_file_meas
- */
-
-#ifndef TCG_PTS_ATTR_REQ_FILE_MEAS_H_
-#define TCG_PTS_ATTR_REQ_FILE_MEAS_H_
-
-typedef struct tcg_pts_attr_req_file_meas_t tcg_pts_attr_req_file_meas_t;
-
-#include "tcg_attr.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-/**
- * Class implementing the TCG PTS Request File Measurement attribute
- *
- */
-struct tcg_pts_attr_req_file_meas_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-
- /**
- * Get flag for PTS Request File Measurement
- *
- * @return Directory Contents flag
- */
- bool (*get_directory_flag)(tcg_pts_attr_req_file_meas_t *this);
-
- /**
- * Get Request ID
- *
- * @return Request ID
- */
- u_int16_t (*get_request_id)(tcg_pts_attr_req_file_meas_t *this);
-
-
- /**
- * Get Delimiter
- *
- * @return UTF-8 encoding of a Delimiter Character
- */
- u_int32_t (*get_delimiter)(tcg_pts_attr_req_file_meas_t *this);
-
- /**
- * Get Fully Qualified File Pathname
- *
- * @return Pathname
- */
- char* (*get_pathname)(tcg_pts_attr_req_file_meas_t *this);
-
-};
-
-/**
- * Creates an tcg_pts_attr_req_file_meas_t object
- *
- * @param directory_flag Directory Contents Flag
- * @param request_id Request ID
- * @param delimiter Delimiter Character
- * @param pathname File Pathname
- */
-pa_tnc_attr_t* tcg_pts_attr_req_file_meas_create(bool directory_flag,
- u_int16_t request_id,
- u_int32_t delimiter,
- char *pathname);
-
-/**
- * Creates an tcg_pts_attr_req_file_meas_t object from received data
- *
- * @param value unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_req_file_meas_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_REQ_FILE_MEAS_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_req_funct_comp_evid.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_req_funct_comp_evid_t private_tcg_pts_attr_req_funct_comp_evid_t;
-
-/**
- * Request Functional Component Evidence
- * see section 3.14.1 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- *
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Sub-component Depth |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-
-/**
- * Component Functional Name Structure (see section 5.1 of PTS Protocol: Binding to TNC IF-M Specification)
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- *
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name Vendor ID |Fam| Qualifier |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-
-/**
- * Qualifier for Functional Component
- * see section 5.2 of PTS Protocol: Binding to TNC IF-M Specification
- *
- *
- * 0 1 2 3 4 5
- * +-+-+-+-+-+-+
- * |K|S| Type |
- * +-+-+-+-+-+-+
- */
-
-#define PTS_REQ_FUNCT_COMP_EVID_SIZE 12
-#define PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM 0x00
-
-/**
- * Private data of an tcg_pts_attr_req_funct_comp_evid_t object.
- */
-struct private_tcg_pts_attr_req_funct_comp_evid_t {
-
- /**
- * Public members of tcg_pts_attr_req_funct_comp_evid_t
- */
- tcg_pts_attr_req_funct_comp_evid_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-
- /**
- * Set of flags for Request Functional Component
- */
- pts_attr_req_funct_comp_evid_flag_t flags;
-
- /**
- * Sub-component Depth
- */
- u_int32_t depth;
-
- /**
- * Component Functional Name Vendor ID
- */
- u_int32_t comp_vendor_id;
-
- /**
- * Functional Name Encoding Family
- */
- u_int8_t family;
-
- /**
- * Functional Name Category Qualifier
- */
- pts_qualifier_t qualifier;
-
- /**
- * Component Functional Name
- */
- pts_funct_comp_name_t name;
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_req_funct_comp_evid_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- bio_writer_t *writer;
- u_int8_t flags = 0;
- u_int8_t qualifier = 0;
-
- writer = bio_writer_create(PTS_REQ_FUNCT_COMP_EVID_SIZE);
-
- /* Determine the flags to set*/
- if (this->flags & PTS_REQ_FUNC_COMP_FLAG_PCR)
- {
- flags += 128;
- }
- if (this->flags & PTS_REQ_FUNC_COMP_FLAG_CURR)
- {
- flags += 64;
- }
- if (this->flags & PTS_REQ_FUNC_COMP_FLAG_VER)
- {
- flags += 32;
- }
- if (this->flags & PTS_REQ_FUNC_COMP_FLAG_TTC)
- {
- flags += 16;
- }
- writer->write_uint8(writer, flags);
-
- writer->write_uint24 (writer, this->depth);
- writer->write_uint24 (writer, this->comp_vendor_id);
-
- if (this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
- {
- DBG1(DBG_TNC, "Functional Name Encoding Family is not set to 00");
- }
-
- qualifier += this->qualifier.type;
- if (this->qualifier.kernel)
- {
- qualifier += 16;
- }
- if (this->qualifier.sub_component)
- {
- qualifier += 32;
- }
- writer->write_uint8 (writer, qualifier);
- writer->write_uint32 (writer, this->name);
-
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int8_t flags;
- u_int8_t fam_and_qualifier;
-
- if (this->value.len < PTS_REQ_FUNCT_COMP_EVID_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for Request Functional Component Evidence");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
-
- reader->read_uint8(reader, &flags);
- if ((flags >> 4) & 1)
- {
- this->flags |= PTS_REQ_FUNC_COMP_FLAG_PCR;
- }
- if ((flags >> 5) & 1)
- {
- this->flags |= PTS_REQ_FUNC_COMP_FLAG_CURR;
- }
- if ((flags >> 6) & 1)
- {
- this->flags |= PTS_REQ_FUNC_COMP_FLAG_VER;
- }
- if ((flags >> 7) & 1)
- {
- this->flags |= PTS_REQ_FUNC_COMP_FLAG_TTC;
- }
-
- reader->read_uint24(reader, &this->depth);
- reader->read_uint24(reader, &this->comp_vendor_id);
- reader->read_uint8(reader, &fam_and_qualifier);
-
- if (((fam_and_qualifier >> 6) & 1) )
- {
- this->family += 1;
- }
- if (((fam_and_qualifier >> 7) & 1) )
- {
- this->family += 2;
- }
-
- /* TODO: Generate an IF-M error attribute indicating */
- /* TCG_PTS_INVALID_NAME_FAM */
- //if (&this->comp_vendor_id==PEN_TCG && this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
- //{
- // DBG1(DBG_TNC, "Functional Name Encoding Family is not set to 00");
- //}
-
- if (((fam_and_qualifier >> 5) & 1) )
- {
- this->qualifier.kernel = true;
- }
- if (((fam_and_qualifier >> 4) & 1) )
- {
- this->qualifier.sub_component = true;
- }
- this->qualifier.type = ( fam_and_qualifier & 0xF );
- /* TODO: Check the type is defined in pts_attr_req_funct_comp_type_t */
-
- reader->read_uint32(reader, &this->name);
- /* TODO: Check the name is defined in pts_funct_comp_name_t */
-
- reader->destroy(reader);
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- free(this->value.ptr);
- free(this);
-}
-
-METHOD(tcg_pts_attr_req_funct_comp_evid_t, get_flags, pts_attr_req_funct_comp_evid_flag_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->flags;
-}
-
-METHOD(tcg_pts_attr_req_funct_comp_evid_t, set_flags, void,
- private_tcg_pts_attr_req_funct_comp_evid_t *this, pts_attr_req_funct_comp_evid_flag_t flags)
-{
- this->flags = flags;
-}
-
-METHOD(tcg_pts_attr_req_funct_comp_evid_t, get_sub_component_depth, u_int32_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->depth;
-}
-
-METHOD(tcg_pts_attr_req_funct_comp_evid_t, get_comp_funct_name_vendor_id, u_int32_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->comp_vendor_id;
-}
-
-METHOD(tcg_pts_attr_req_funct_comp_evid_t, get_family, u_int8_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->family;
-}
-
-METHOD(tcg_pts_attr_req_funct_comp_evid_t, get_qualifier, pts_qualifier_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->qualifier;
-}
-
-METHOD(tcg_pts_attr_req_funct_comp_evid_t, set_qualifier, void,
- private_tcg_pts_attr_req_funct_comp_evid_t *this, pts_qualifier_t qualifier)
-{
- this->qualifier = qualifier;
-}
-
-METHOD(tcg_pts_attr_req_funct_comp_evid_t, get_comp_funct_name, pts_funct_comp_name_t,
- private_tcg_pts_attr_req_funct_comp_evid_t *this)
-{
- return this->name;
-}
-
-METHOD(tcg_pts_attr_req_funct_comp_evid_t, set_comp_funct_name, void,
- private_tcg_pts_attr_req_funct_comp_evid_t *this, pts_funct_comp_name_t name)
-{
- this->name = name;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_req_funct_comp_evid_create(
- pts_attr_req_funct_comp_evid_flag_t flags,
- u_int32_t depth, u_int32_t vendor_id,
- pts_qualifier_t qualifier,
- pts_funct_comp_name_t name)
-{
- private_tcg_pts_attr_req_funct_comp_evid_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_flags= _get_flags,
- .set_flags= _set_flags,
- .get_sub_component_depth = _get_sub_component_depth,
- .get_comp_funct_name_vendor_id = _get_comp_funct_name_vendor_id,
- .get_family = _get_family,
- .get_qualifier = _get_qualifier,
- .set_qualifier = _set_qualifier,
- .get_comp_funct_name = _get_comp_funct_name,
- .set_comp_funct_name = _set_comp_funct_name,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_REQ_FUNCT_COMP_EVID,
- .flags = flags,
- .depth = depth,
- .comp_vendor_id = vendor_id,
- .family = PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM,
- .qualifier = qualifier,
- .name = name,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_req_funct_comp_evid_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_req_funct_comp_evid_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_flags= _get_flags,
- .set_flags= _set_flags,
- .get_sub_component_depth = _get_sub_component_depth,
- .get_comp_funct_name_vendor_id = _get_comp_funct_name_vendor_id,
- .get_family = _get_family,
- .get_qualifier = _get_qualifier,
- .set_qualifier = _set_qualifier,
- .get_comp_funct_name = _get_comp_funct_name,
- .set_comp_funct_name = _set_comp_funct_name,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_REQ_FUNCT_COMP_EVID,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_req_funct_comp_evid tcg_pts_attr_req_funct_comp_evid
- * @{ @ingroup tcg_pts_attr_req_funct_comp_evid
- */
-
-#ifndef TCG_PTS_ATTR_REQ_FUNCT_COMP_EVID_H_
-#define TCG_PTS_ATTR_REQ_FUNCT_COMP_EVID_H_
-
-typedef struct tcg_pts_attr_req_funct_comp_evid_t tcg_pts_attr_req_funct_comp_evid_t;
-typedef enum pts_attr_req_funct_comp_evid_flag_t pts_attr_req_funct_comp_evid_flag_t;
-
-#include "tcg_attr.h"
-#include "pts/pts_funct_comp_name.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-/**
- * PTS Request Functional Component Evidence Flags
- */
-enum pts_attr_req_funct_comp_evid_flag_t {
- /** Transitive Trust Chain flag */
- PTS_REQ_FUNC_COMP_FLAG_TTC = (1<<7),
- /** Verify Component flag */
- PTS_REQ_FUNC_COMP_FLAG_VER = (1<<6),
- /** Current Evidence flag */
- PTS_REQ_FUNC_COMP_FLAG_CURR = (1<<5),
- /** PCR Information flag */
- PTS_REQ_FUNC_COMP_FLAG_PCR = (1<<4),
-};
-
-/**
- * Class implementing the TCG PTS Request Functional Component Evidence attribute
- *
- */
-struct tcg_pts_attr_req_funct_comp_evid_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-
- /**
- * Get flags for PTS Request Functional Component Evidence
- *
- * @return Set of flags
- */
- pts_attr_req_funct_comp_evid_flag_t (*get_flags)(tcg_pts_attr_req_funct_comp_evid_t *this);
-
- /**
- * Set flags for PTS Request Functional Component Evidence
- *
- * @param flags Set of flags
- */
- void (*set_flags)(tcg_pts_attr_req_funct_comp_evid_t *this,
- pts_attr_req_funct_comp_evid_flag_t flags);
-
- /**
- * Get Sub-component Depth
- *
- * @return Sub-component Depth
- */
- u_int32_t (*get_sub_component_depth)(tcg_pts_attr_req_funct_comp_evid_t *this);
-
- /**
- * Get Component Functional Name Vendor ID
- *
- * @return Component Functional Name Vendor ID
- */
- u_int32_t (*get_comp_funct_name_vendor_id)(tcg_pts_attr_req_funct_comp_evid_t *this);
-
- /**
- * Get Family
- *
- * @return Functional Name Family
- */
- u_int8_t (*get_family)(tcg_pts_attr_req_funct_comp_evid_t *this);
-
- /**
- * Get Qualifier
- *
- * @return Functional Name Category Qualifier
- */
- pts_qualifier_t (*get_qualifier)(tcg_pts_attr_req_funct_comp_evid_t *this);
-
- /**
- * Set qualifier for Component Functional Name
- *
- * @param qualifier Functional Name Category Qualifier
- */
- void (*set_qualifier)(tcg_pts_attr_req_funct_comp_evid_t *this,
- pts_qualifier_t qualifier);
-
- /**
- * Get Component Functional Name
- *
- * @return Component Functional Name
- */
- pts_funct_comp_name_t (*get_comp_funct_name)(tcg_pts_attr_req_funct_comp_evid_t *this);
-
-
- /**
- * Set Component Functional Name
- *
- * @param name Component Functional Name
- */
- void (*set_comp_funct_name)(tcg_pts_attr_req_funct_comp_evid_t *this,
- pts_funct_comp_name_t name);
-
-
-};
-
-/**
- * Creates an tcg_pts_attr_req_funct_comp_evid_t object
- *
- * @param flags Set of flags
- * @param depth Sub-component Depth
- * @param vendor_id Component Functional Name Vendor ID
- * @param qualifier Functional Name Category Qualifier
- * @param name Component Functional Name
- */
-pa_tnc_attr_t* tcg_pts_attr_req_funct_comp_evid_create(pts_attr_req_funct_comp_evid_flag_t flags,
- u_int32_t depth, u_int32_t vendor_id,
- pts_qualifier_t qualifier,
- pts_funct_comp_name_t name);
-
-/**
- * Creates an tcg_pts_attr_req_funct_comp_evid_t object from received data
- *
- * @param value Unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_req_funct_comp_evid_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_REQ_FUNCT_COMP_EVID_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_simple_comp_evid.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_simple_comp_evid_t private_tcg_pts_attr_simple_comp_evid_t;
-
-/**
- * Simple Component Evidence
- * see section 3.15.1 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Sub-Component Depth |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Specific Functional Component |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Specific Functional Component |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measure. Type | Extended into PCR |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Hash Algorithm | PCR Transform | Reserved |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Measurement Date/Time |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Optional Policy URI Length | Opt. Verification Policy URI ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional Verification Policy URI ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Optional PCR Length | Optional PCR Before Value ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional PCR Before Value (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional PCR After Value (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Component Measurement (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- */
-
-/**
- * Specific Functional Component -> Component Functional Name Structure
- * see section 5.1 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name Vendor ID |Fam| Qualifier |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Component Functional Name |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-
-/**
- * Qualifier for Functional Component
- * see section 5.2 of PTS Protocol: Binding to TNC IF-M Specification
- *
- *
- * 0 1 2 3 4 5
- * +-+-+-+-+-+-+
- * |K|S| Type |
- * +-+-+-+-+-+-+
- */
-
-
-
-#define PTS_SIMPLE_COMP_EVID_SIZE 40
-#define PTS_SIMPLE_COMP_EVID_MEASUREMENT_TIME_SIZE 20
-#define PTS_SIMPLE_COMP_EVID_RESERVED 0x00
-#define PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM 0x00
-
-/**
- * Private data of an tcg_pts_attr_simple_comp_evid_t object.
- */
-struct private_tcg_pts_attr_simple_comp_evid_t {
-
- /**
- * Public members of tcg_pts_attr_simple_comp_evid_t
- */
- tcg_pts_attr_simple_comp_evid_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-
- /**
- * Set of flags for Simple Component Evidence
- */
- pts_attr_simple_comp_evid_flag_t flags;
-
- /**
- * Sub-component Depth
- */
- u_int32_t depth;
-
- /**
- * Component Functional Name Vendor ID
- */
- u_int32_t comp_vendor_id;
-
- /**
- * Functional Name Encoding Family
- */
- u_int8_t family;
-
- /**
- * Functional Name Category Qualifier
- */
- pts_qualifier_t qualifier;
-
- /**
- * Component Functional Name
- */
- pts_funct_comp_name_t name;
-
- /**
- * Measurement type
- */
- u_int8_t measurement_type;
-
- /**
- * Which PCR the functional component is extended into
- */
- u_int32_t extended_pcr;
-
- /**
- * Hash Algorithm
- */
- pts_meas_algorithms_t hash_algorithm;
-
- /**
- * Transformation type for PCR
- */
- pts_pcr_transform_t transformation;
-
- /**
- * Measurement time
- */
- chunk_t measurement_time;
-
- /**
- * Optional Policy URI
- */
- chunk_t policy_uri;
-
- /**
- * Optional PCR before value
- */
- chunk_t pcr_before;
-
- /**
- * Optional PCR after value
- */
- chunk_t pcr_after;
-
- /**
- * Component Measurement
- */
- chunk_t measurement;
-
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_simple_comp_evid_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- bio_writer_t *writer;
- u_int8_t flags = 0;
- u_int8_t qualifier = 0;
-
- writer = bio_writer_create(PTS_SIMPLE_COMP_EVID_SIZE);
-
- /* Determine the flags to set*/
- if (this->flags & PTS_SIMPLE_COMP_EVID_FLAG_PCR)
- {
- flags += 128;
- }
- if (this->flags & PTS_SIMPLE_COMP_EVID_FLAG_NO_VER)
- {
- flags += 32;
- }
- else if (this->flags & PTS_SIMPLE_COMP_EVID_FLAG_VER_FAIL)
- {
- flags += 64;
- }
- else if (this->flags & PTS_SIMPLE_COMP_EVID_FLAG_VER_PASS)
- {
- flags += 96;
- }
-
- writer->write_uint8(writer, flags);
-
- writer->write_uint24 (writer, this->depth);
- writer->write_uint24 (writer, this->comp_vendor_id);
-
- if (this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
- {
- DBG1(DBG_TNC, "Functional Name Encoding Family is not set to 00");
- }
-
- qualifier += this->qualifier.type;
- if (this->qualifier.kernel)
- {
- qualifier += 16;
- }
- if (this->qualifier.sub_component)
- {
- qualifier += 32;
- }
-
- /* Unknown or Wildcard should not be used for Qualification*/
- if (!qualifier || qualifier == 63)
- {
- DBG1(DBG_TNC, "Unknown or Wildcard should not be used for"
- " Functional Name Qualifier");
- }
-
- writer->write_uint8 (writer, qualifier);
- writer->write_uint32(writer, this->name);
-
- writer->write_uint8 (writer, (this->measurement_type << 7));
- writer->write_uint24(writer, this->extended_pcr);
- writer->write_uint16(writer, this->hash_algorithm);
- writer->write_uint8 (writer, this->transformation);
- writer->write_data (writer, this->measurement_time);
-
- /* Optional fields */
- if (this->policy_uri.ptr && this->policy_uri.len > 0)
- {
- writer->write_uint16(writer, this->policy_uri.len);
- writer->write_data (writer, this->policy_uri);
- }
- if (this->pcr_before.ptr && this->pcr_after.ptr &&
- this->pcr_before.len == this->pcr_after.len &&
- this->pcr_before.len > 0 && this->pcr_after.len > 0)
- {
- writer->write_uint16(writer, this->pcr_before.len);
- writer->write_data (writer, this->pcr_before);
- writer->write_data (writer, this->pcr_after);
- }
-
- writer->write_data (writer, this->measurement);
-
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_simple_comp_evid_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int8_t flags;
- u_int8_t fam_and_qualifier;
- u_int8_t measurement_type;
- u_int16_t algorithm;
- u_int8_t transformation;
- u_int32_t measurement_len;
-
- if (this->value.len < PTS_SIMPLE_COMP_EVID_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for Simple Component Evidence");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
-
- reader->read_uint8(reader, &flags);
-
- /* Determine the flags to set*/
- if ((flags >> 7) & 1)
- {
- this->flags |= PTS_SIMPLE_COMP_EVID_FLAG_PCR;
- }
- if (!((flags >> 6) & 1) && !((flags >> 5) & 1))
- {
- this->flags |= PTS_SIMPLE_COMP_EVID_FLAG_NO_VALID;
- }
- else if (!((flags >> 6) & 1) && ((flags >> 5) & 1))
- {
- this->flags |= PTS_SIMPLE_COMP_EVID_FLAG_NO_VER;
- }
- else if (((flags >> 6) & 1) && !((flags >> 5) & 1))
- {
- this->flags |= PTS_SIMPLE_COMP_EVID_FLAG_VER_FAIL;
- }
- else if (((flags >> 6) & 1) && ((flags >> 5) & 1))
- {
- this->flags |= PTS_SIMPLE_COMP_EVID_FLAG_VER_PASS;
- }
-
- reader->read_uint24(reader, &this->depth);
- reader->read_uint24(reader, &this->comp_vendor_id);
- reader->read_uint8(reader, &fam_and_qualifier);
-
- if (((fam_and_qualifier >> 6) & 1) )
- {
- this->family += 1;
- }
- if (((fam_and_qualifier >> 7) & 1) )
- {
- this->family += 2;
- }
-
- /* TODO: Generate an IF-M error attribute indicating */
- /* TCG_PTS_INVALID_NAME_FAM */
- //if (&this->comp_vendor_id==PEN_TCG && this->family != PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM)
- //{
- // DBG1(DBG_TNC, "Functional Name Encoding Family is not set to 00");
- //}
-
- if (((fam_and_qualifier >> 5) & 1) )
- {
- this->qualifier.kernel = true;
- }
- if (((fam_and_qualifier >> 4) & 1) )
- {
- this->qualifier.sub_component = true;
- }
- this->qualifier.type = ( fam_and_qualifier & 0xF );
- /* TODO: Check the type is defined in pts_attr_req_funct_comp_type_t */
-
- /* Unknown or Wildcard should not be used for Qualification*/
- if (!(fam_and_qualifier & 0x3F) || (fam_and_qualifier & 0x3F) == 0x3F)
- {
- DBG1(DBG_TNC, "Unknown or Wildcard should not be used for"
- " Functional Name Qualifier");
- }
-
- reader->read_uint32(reader, &this->name);
- /* TODO: Check the name is defined in pts_funct_comp_name_t */
-
- reader->read_uint8(reader, &measurement_type);
- this->measurement_type = (measurement_type >> 7 ) & 1;
-
- reader->read_uint24(reader, &this->extended_pcr);
- reader->read_uint16(reader, &algorithm);
- this->hash_algorithm = algorithm;
-
- reader->read_uint8(reader, &transformation);
- this->transformation = transformation;
- /* TODO: Check the transformation is defined in pts_pcr_transform_t */
-
- reader->read_data(reader, PTS_SIMPLE_COMP_EVID_MEASUREMENT_TIME_SIZE,
- &this->measurement_time);
- this->measurement_time = chunk_clone(this->measurement_time);
-
- /* Optional Policy URI field is included */
- if (this->flags & PTS_SIMPLE_COMP_EVID_FLAG_VER_FAIL ||
- this->flags & PTS_SIMPLE_COMP_EVID_FLAG_VER_PASS)
- {
- u_int16_t policy_uri_len;
- reader->read_uint16(reader, &policy_uri_len);
- reader->read_data(reader, policy_uri_len, &this->policy_uri);
- this->policy_uri = chunk_clone(this->policy_uri);
- }
-
- /* Optional PCR value fields are included */
- if (this->flags & PTS_SIMPLE_COMP_EVID_FLAG_PCR)
- {
- u_int16_t pcr_value_len;
- reader->read_uint16(reader, &pcr_value_len);
- reader->read_data(reader, pcr_value_len, &this->pcr_before);
- this->pcr_before = chunk_clone(this->pcr_before);
- reader->read_data(reader, pcr_value_len, &this->pcr_after);
- this->pcr_after = chunk_clone(this->pcr_after);
- }
-
- measurement_len = reader->remaining(reader);
- reader->read_data(reader, measurement_len, &this->measurement);
- this->measurement = chunk_clone(this->measurement);
-
- reader->destroy(reader);
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- free(this->value.ptr);
- free(this->measurement_time.ptr);
- free(this->policy_uri.ptr);
- free(this->pcr_before.ptr);
- free(this->pcr_after.ptr);
- free(this->measurement.ptr);
- free(this);
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_flags, pts_attr_simple_comp_evid_flag_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->flags;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_flags, void,
- private_tcg_pts_attr_simple_comp_evid_t *this, pts_attr_simple_comp_evid_flag_t flags)
-{
- this->flags = flags;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_sub_component_depth, u_int32_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->depth;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_spec_comp_funct_name_vendor_id, u_int32_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->comp_vendor_id;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_family, u_int8_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->family;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_qualifier, pts_qualifier_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->qualifier;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_qualifier, void,
- private_tcg_pts_attr_simple_comp_evid_t *this,
- pts_qualifier_t qualifier)
-{
- this->qualifier = qualifier;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_comp_funct_name, pts_funct_comp_name_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->name;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_comp_funct_name, void,
- private_tcg_pts_attr_simple_comp_evid_t *this, pts_funct_comp_name_t name)
-{
- this->name = name;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_measurement_type, u_int8_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->measurement_type;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_extended_pcr, u_int32_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->extended_pcr;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_extended_pcr, void,
- private_tcg_pts_attr_simple_comp_evid_t *this, u_int32_t extended_pcr)
-{
- this->extended_pcr = extended_pcr;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_hash_algorithm, pts_meas_algorithms_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->hash_algorithm;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_hash_algorithm, void,
- private_tcg_pts_attr_simple_comp_evid_t *this,
- pts_meas_algorithms_t hash_algorithm)
-{
- this->hash_algorithm = hash_algorithm;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_pcr_trans, pts_pcr_transform_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->transformation;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_pcr_trans, void,
- private_tcg_pts_attr_simple_comp_evid_t *this, pts_pcr_transform_t transformation)
-{
- this->transformation = transformation;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_measurement_time, chunk_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->measurement_time;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_measurement_time, void,
- private_tcg_pts_attr_simple_comp_evid_t *this, chunk_t measurement_time)
-{
- this->measurement_time = measurement_time;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_policy_uri, chunk_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->policy_uri;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_policy_uri, void,
- private_tcg_pts_attr_simple_comp_evid_t *this, chunk_t policy_uri)
-{
- this->policy_uri = policy_uri;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_pcr_before_value, chunk_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->pcr_before;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_pcr_before_value, void,
- private_tcg_pts_attr_simple_comp_evid_t *this, chunk_t pcr_before)
-{
- this->pcr_before = pcr_before;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_pcr_after_value, chunk_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->pcr_after;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_pcr_after_value, void,
- private_tcg_pts_attr_simple_comp_evid_t *this, chunk_t pcr_after)
-{
- this->pcr_after = pcr_after;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_pcr_len, u_int16_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- if (this->pcr_before.ptr && this->pcr_after.ptr &&
- this->pcr_before.len == this->pcr_after.len &&
- this->pcr_before.len > 0 && this->pcr_after.len > 0)
- {
- return this->pcr_before.len;
- }
- return 0;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, get_comp_measurement, chunk_t,
- private_tcg_pts_attr_simple_comp_evid_t *this)
-{
- return this->measurement;
-}
-
-METHOD(tcg_pts_attr_simple_comp_evid_t, set_comp_measurement, void,
- private_tcg_pts_attr_simple_comp_evid_t *this, chunk_t measurement)
-{
- this->measurement = measurement;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_simple_comp_evid_create(
- pts_attr_simple_comp_evid_flag_t flags,
- u_int32_t depth, u_int32_t vendor_id,
- pts_qualifier_t qualifier,
- pts_funct_comp_name_t name,
- u_int32_t extended_pcr,
- pts_meas_algorithms_t hash_algorithm,
- pts_pcr_transform_t transformation,
- chunk_t measurement_time,
- chunk_t policy_uri,
- chunk_t pcr_before, chunk_t pcr_after,
- chunk_t measurement)
-{
- private_tcg_pts_attr_simple_comp_evid_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_flags= _get_flags,
- .set_flags= _set_flags,
- .get_sub_component_depth = _get_sub_component_depth,
- .get_spec_comp_funct_name_vendor_id = _get_spec_comp_funct_name_vendor_id,
- .get_family = _get_family,
- .get_qualifier = _get_qualifier,
- .set_qualifier = _set_qualifier,
- .get_comp_funct_name = _get_comp_funct_name,
- .set_comp_funct_name = _set_comp_funct_name,
- .get_measurement_type = _get_measurement_type,
- .get_extended_pcr = _get_extended_pcr,
- .set_extended_pcr = _set_extended_pcr,
- .get_hash_algorithm = _get_hash_algorithm,
- .set_hash_algorithm = _set_hash_algorithm,
- .get_pcr_trans = _get_pcr_trans,
- .set_pcr_trans = _set_pcr_trans,
- .get_measurement_time = _get_measurement_time,
- .set_measurement_time = _set_measurement_time,
- .get_policy_uri = _get_policy_uri,
- .set_policy_uri = _set_policy_uri,
- .get_pcr_before_value = _get_pcr_before_value,
- .set_pcr_before_value = _set_pcr_before_value,
- .get_pcr_after_value = _get_pcr_after_value,
- .set_pcr_after_value = _set_pcr_after_value,
- .get_pcr_len = _get_pcr_len,
- .get_comp_measurement = _get_comp_measurement,
- .set_comp_measurement = _set_comp_measurement,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_SIMPLE_COMP_EVID,
- .flags = flags,
- .depth = depth,
- .comp_vendor_id = vendor_id,
- .family = PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM,
- .qualifier = qualifier,
- .name = name,
- .extended_pcr = extended_pcr,
- .hash_algorithm = hash_algorithm,
- .transformation = transformation,
- .measurement_time = measurement_time,
- .policy_uri = policy_uri,
- .pcr_before = pcr_before,
- .pcr_after = pcr_after,
- .measurement = measurement,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_simple_comp_evid_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_simple_comp_evid_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_flags= _get_flags,
- .set_flags= _set_flags,
- .get_sub_component_depth = _get_sub_component_depth,
- .get_spec_comp_funct_name_vendor_id = _get_spec_comp_funct_name_vendor_id,
- .get_family = _get_family,
- .get_qualifier = _get_qualifier,
- .set_qualifier = _set_qualifier,
- .get_comp_funct_name = _get_comp_funct_name,
- .set_comp_funct_name = _set_comp_funct_name,
- .get_measurement_type = _get_measurement_type,
- .get_extended_pcr = _get_extended_pcr,
- .set_extended_pcr = _set_extended_pcr,
- .get_hash_algorithm = _get_hash_algorithm,
- .set_hash_algorithm = _set_hash_algorithm,
- .get_pcr_trans = _get_pcr_trans,
- .set_pcr_trans = _set_pcr_trans,
- .get_measurement_time = _get_measurement_time,
- .set_measurement_time = _set_measurement_time,
- .get_policy_uri = _get_policy_uri,
- .set_policy_uri = _set_policy_uri,
- .get_pcr_before_value = _get_pcr_before_value,
- .set_pcr_before_value = _set_pcr_before_value,
- .get_pcr_after_value = _get_pcr_after_value,
- .set_pcr_after_value = _set_pcr_after_value,
- .get_pcr_len = _get_pcr_len,
- .get_comp_measurement = _get_comp_measurement,
- .set_comp_measurement = _set_comp_measurement,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_SIMPLE_COMP_EVID,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_simple_comp_evid tcg_pts_attr_simple_comp_evid
- * @{ @ingroup tcg_pts_attr_simple_comp_evid
- */
-
-#ifndef TCG_PTS_ATTR_SIMPLE_COMP_EVID_H_
-#define TCG_PTS_ATTR_SIMPLE_COMP_EVID_H_
-
-typedef struct tcg_pts_attr_simple_comp_evid_t tcg_pts_attr_simple_comp_evid_t;
-typedef enum pts_attr_simple_comp_evid_flag_t pts_attr_simple_comp_evid_flag_t;
-typedef enum pts_pcr_transform_t pts_pcr_transform_t;
-
-#include "tcg_attr.h"
-#include "pts/pts_meas_algo.h"
-#include "pts/pts_funct_comp_name.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-/**
- * PTS Simple Component Evidence Flags
- */
-enum pts_attr_simple_comp_evid_flag_t {
- /** PCR information fields inlcuded */
- PTS_SIMPLE_COMP_EVID_FLAG_PCR = 0,
- /** No Validation was attempted */
- PTS_SIMPLE_COMP_EVID_FLAG_NO_VALID = 1,
- /** Attempted validation, unable to verify */
- PTS_SIMPLE_COMP_EVID_FLAG_NO_VER = 2,
- /** Attempted validation, verification failed */
- PTS_SIMPLE_COMP_EVID_FLAG_VER_FAIL = 3,
- /** Attempted validation, verification passed */
- PTS_SIMPLE_COMP_EVID_FLAG_VER_PASS = 4,
-};
-
-/**
- * PTS PCR Transformations
- */
-enum pts_pcr_transform_t {
- /** No Transformation */
- PTS_PCR_TRANSFORM_NO = 0,
- /** Hash Value matched PCR size */
- PTS_PCR_TRANSFORM_MATCH = 1,
- /** Hash value shorter than PCR size */
- PTS_PCR_TRANSFORM_SHORT = 2,
- /** Hash value longer than PCR size */
- PTS_PCR_TRANSFORM_LONG = 3,
-};
-
-/**
- * Class implementing the TCG PTS Simple Component Evidence attribute
- *
- */
-struct tcg_pts_attr_simple_comp_evid_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-
- /**
- * Get flags for PTS Simple Component Evidence
- *
- * @return Set of flags
- */
- pts_attr_simple_comp_evid_flag_t (*get_flags)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set flags for PTS Simple Component Evidence
- *
- * @param flags Set of flags
- */
- void (*set_flags)(tcg_pts_attr_simple_comp_evid_t *this,
- pts_attr_simple_comp_evid_flag_t flags);
-
- /**
- * Get Sub-component Depth
- *
- * @return Sub-component Depth
- */
- u_int32_t (*get_sub_component_depth)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Get Specific Component Functional Name Vendor ID
- *
- * @return Component Functional Name Vendor ID
- */
- u_int32_t (*get_spec_comp_funct_name_vendor_id)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Get Family
- *
- * @return Functional Name Family
- */
- u_int8_t (*get_family)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Get Qualifier
- *
- * @return Functional Name Category Qualifier
- */
- pts_qualifier_t (*get_qualifier)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set qualifier for Component Functional Name
- *
- * @param qualifier Functional Name Category Qualifier
- */
- void (*set_qualifier)(tcg_pts_attr_simple_comp_evid_t *this,
- pts_qualifier_t qualifier);
-
- /**
- * Get Special Component Functional Name
- *
- * @return Component Functional Name
- */
- pts_funct_comp_name_t (*get_comp_funct_name)(tcg_pts_attr_simple_comp_evid_t *this);
-
-
- /**
- * Set Component Functional Name
- *
- * @param name Component Functional Name
- */
- void (*set_comp_funct_name)(tcg_pts_attr_simple_comp_evid_t *this,
- pts_funct_comp_name_t name);
-
- /**
- * Get Measurement Type
- *
- * @return Measurement Type
- */
- u_int8_t (*get_measurement_type)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Get which PCR the functional component is extended into
- *
- * @return Number of PCR
- */
- u_int32_t (*get_extended_pcr)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set which PCR the functional component is extended into
- *
- * @param pcr_number Number of PCR
- */
- void (*set_extended_pcr)(tcg_pts_attr_simple_comp_evid_t *this,
- u_int32_t extended_pcr);
-
- /**
- * Get Hash Algorithm
- *
- * @return Hash Algorithm
- */
- pts_meas_algorithms_t (*get_hash_algorithm)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set Hash Algorithm
- *
- * @param hash_algorithm Hash Algorithm
- */
- void (*set_hash_algorithm)(tcg_pts_attr_simple_comp_evid_t *this,
- pts_meas_algorithms_t hash_algorithm);
-
- /**
- * Get PCR Transformation
- *
- * @return Transformation type of PCR
- */
- pts_pcr_transform_t (*get_pcr_trans)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set PCR Transformation
- *
- * @param transformation Transformation type of PCR
- */
- void (*set_pcr_trans)(tcg_pts_attr_simple_comp_evid_t *this,
- pts_pcr_transform_t transformation);
-
- /**
- * Get Measurement Time
- *
- * @return Measurement time
- */
- chunk_t (*get_measurement_time)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set Measurement Time
- *
- * @param time Measurement time
- */
- void (*set_measurement_time)(tcg_pts_attr_simple_comp_evid_t *this,
- chunk_t time);
-
- /**
- * Get Optional Policy URI
- *
- * @return Policy URI
- */
- chunk_t (*get_policy_uri)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set Optional Policy URI
- *
- * @param policy_uri Policy URI
- */
- void (*set_policy_uri)(tcg_pts_attr_simple_comp_evid_t *this,
- chunk_t policy_uri);
-
- /**
- * Get Optional PCR Length
- *
- * @return Length of PCR before/after values
- */
- u_int16_t (*get_pcr_len)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Get Optional PCR before value
- *
- * @return PCR before value
- */
- chunk_t (*get_pcr_before_value)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set Optional PCR before value
- *
- * @param pcr_before PCR before value
- */
- void (*set_pcr_before_value)(tcg_pts_attr_simple_comp_evid_t *this,
- chunk_t pcr_before);
-
- /**
- * Get Optional PCR after value
- *
- * @return PCR after value
- */
- chunk_t (*get_pcr_after_value)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set Optional PCR after value
- *
- * @param pcr_after PCR after value
- */
- void (*set_pcr_after_value)(tcg_pts_attr_simple_comp_evid_t *this,
- chunk_t pcr_after);
-
- /**
- * Get Component Measurement
- *
- * @return Component Measurement Hash
- */
- chunk_t (*get_comp_measurement)(tcg_pts_attr_simple_comp_evid_t *this);
-
- /**
- * Set Component Measurement
- *
- * @param measurement Component Measurement Hash
- */
- void (*set_comp_measurement)(tcg_pts_attr_simple_comp_evid_t *this,
- chunk_t measurement);
-
-};
-
-/**
- * Creates an tcg_pts_attr_simple_comp_evid_t object
- *
- * @param flags Set of flags
- * @param depth Sub-component Depth
- * @param vendor_id Component Functional Name Vendor ID
- * @param qualifier Functional Name Category Qualifier
- * @param name Component Functional Name
- * @param extended_pcr Which PCR the functional component is extended into
- * @param hash_algorithm Hash Algorithm
- * @param transformation Transformation type for PCR
- * @param measurement_time Measurement time
- * @param policy_uri Optional Policy URI
- * @param pcr_before Optional PCR before value
- * @param pcr_after Optional PCR after value
- * @param measurement Component Measurement
- */
-pa_tnc_attr_t* tcg_pts_attr_simple_comp_evid_create(pts_attr_simple_comp_evid_flag_t flags,
- u_int32_t depth,
- u_int32_t vendor_id,
- pts_qualifier_t qualifier,
- pts_funct_comp_name_t name,
- u_int32_t extended_pcr,
- pts_meas_algorithms_t hash_algorithm,
- pts_pcr_transform_t transformation,
- chunk_t measurement_time,
- chunk_t policy_uri,
- chunk_t pcr_before,
- chunk_t pcr_after,
- chunk_t measurement);
-
-/**
- * Creates an tcg_pts_attr_simple_comp_evid_t object from received data
- *
- * @param value Unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_simple_comp_evid_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_SIMPLE_COMP_EVID_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_simple_evid_final.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_simple_evid_final_t private_tcg_pts_attr_simple_evid_final_t;
-
-/**
- * Simple Evidence Final
- * see section 3.15.2 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Flags | Reserved | Optional Composite Hash Alg |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Optional TPM PCR Composite Length |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional TPM PCR Composite (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Optional TPM Quote Signature Length |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional TPM Quote Signature (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * ~ Optional Evidence Signature (Variable Length) ~
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- */
-
-#define PTS_SIMPLE_EVID_FINAL_SIZE 4
-#define PTS_SIMPLE_EVID_FINAL_RESERVED 0x00
-
-/**
- * Private data of an tcg_pts_attr_simple_evid_final_t object.
- */
-struct private_tcg_pts_attr_simple_evid_final_t {
-
- /**
- * Public members of tcg_pts_attr_simple_evid_final_t
- */
- tcg_pts_attr_simple_evid_final_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-
- /**
- * Set of flags for Simple Evidence Final
- */
- pts_simple_evid_final_flag_t flags;
-
- /**
- * Optional Composite Hash Algorithm
- */
- pts_meas_algorithms_t comp_hash_algorithm;
-
- /**
- * Optional TPM PCR Composite
- */
- chunk_t pcr_comp;
-
- /**
- * Optional TPM Quote Signature
- */
- chunk_t tpm_quote_sign;
-
- /**
- * Optional Evidence Signature
- */
- chunk_t evid_sign;
-
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_simple_evid_final_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- bio_writer_t *writer;
- u_int8_t flags = 0;
-
- writer = bio_writer_create(PTS_SIMPLE_EVID_FINAL_SIZE);
-
- /* Determine the flags to set*/
- if (this->flags & PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO)
- {
- flags += 64;
- }
- else if (this->flags & PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2)
- {
- flags += 128;
- }
- else if (this->flags & PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER)
- {
- flags += 192;
- }
- if (this->flags & PTS_SIMPLE_EVID_FINAL_FLAG_EVID)
- {
- flags += 32;
- }
- writer->write_uint8 (writer, flags);
- writer->write_uint8 (writer, PTS_SIMPLE_EVID_FINAL_RESERVED);
- writer->write_uint16(writer, this->comp_hash_algorithm);
-
- /* Optional fields */
- if (this->pcr_comp.ptr && this->pcr_comp.len > 0)
- {
- writer->write_uint32 (writer, this->pcr_comp.len);
- writer->write_data (writer, this->pcr_comp);
- }
- if (this->tpm_quote_sign.ptr && this->tpm_quote_sign.len > 0)
- {
- writer->write_uint32 (writer, this->tpm_quote_sign.len);
- writer->write_data (writer, this->tpm_quote_sign);
- }
- if (this->evid_sign.ptr && this->evid_sign.len > 0)
- {
- writer->write_data (writer, this->evid_sign);
- }
-
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_simple_evid_final_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
- u_int8_t flags;
- u_int8_t reserved;
- u_int16_t algorithm;
-
- if (this->value.len < PTS_SIMPLE_EVID_FINAL_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for Simple Evidence Final");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
-
- reader->read_uint8(reader, &flags);
-
- /* Determine the flags to set*/
- if (!((flags >> 7) & 1) && !((flags >> 6) & 1))
- {
- this->flags |= PTS_SIMPLE_EVID_FINAL_FLAG_NO;
- }
- else if (!((flags >> 7) & 1) && ((flags >> 6) & 1))
- {
- this->flags |= PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO;
- }
- else if (((flags >> 7) & 1) && !((flags >> 6) & 1))
- {
- this->flags |= PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2;
- }
- else if (((flags >> 7) & 1) && ((flags >> 6) & 1))
- {
- this->flags |= PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER;
- }
- if ((flags >> 5) & 1)
- {
- this->flags |= PTS_SIMPLE_EVID_FINAL_FLAG_EVID;
- }
-
- reader->read_uint8(reader, &reserved);
- reader->read_uint16(reader, &algorithm);
- this->comp_hash_algorithm = algorithm;
-
- /* Optional TPM PCR Composite field is included */
- if (!(this->flags & PTS_SIMPLE_EVID_FINAL_FLAG_NO))
- {
- u_int32_t pcr_comp_len;
- u_int32_t tpm_quote_sign_len;
- reader->read_uint32(reader, &pcr_comp_len);
- reader->read_data(reader, pcr_comp_len, &this->pcr_comp);
- this->pcr_comp = chunk_clone(this->pcr_comp);
- reader->read_uint32(reader, &tpm_quote_sign_len);
- reader->read_data(reader, tpm_quote_sign_len, &this->tpm_quote_sign);
- this->tpm_quote_sign = chunk_clone(this->tpm_quote_sign);
- }
-
- /* Optional Evidence Signature field is included */
- if (this->flags & PTS_SIMPLE_EVID_FINAL_FLAG_EVID)
- {
- u_int32_t evid_sign_len = reader->remaining(reader);
- reader->read_data(reader, evid_sign_len, &this->evid_sign);
- this->evid_sign = chunk_clone(this->evid_sign);
- }
-
- reader->destroy(reader);
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- free(this->value.ptr);
- free(this->pcr_comp.ptr);
- free(this->tpm_quote_sign.ptr);
- free(this->evid_sign.ptr);
- free(this);
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_flags, pts_simple_evid_final_flag_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- return this->flags;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, set_flags, void,
- private_tcg_pts_attr_simple_evid_final_t *this, pts_simple_evid_final_flag_t flags)
-{
- this->flags = flags;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_comp_hash_algorithm, pts_meas_algorithms_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- return this->comp_hash_algorithm;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, set_comp_hash_algorithm, void,
- private_tcg_pts_attr_simple_evid_final_t *this, pts_meas_algorithms_t comp_hash_algorithm)
-{
- this->comp_hash_algorithm = comp_hash_algorithm;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_comp_pcr_len, u_int32_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- if (this->pcr_comp.ptr && this->pcr_comp.len > 0)
- {
- return this->pcr_comp.len;
- }
- return 0;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_pcr_comp, chunk_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- return this->pcr_comp;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, set_pcr_comp, void,
- private_tcg_pts_attr_simple_evid_final_t *this, chunk_t pcr_comp)
-{
- this->pcr_comp = pcr_comp;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_tpm_quote_sign_len, u_int32_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- if (this->tpm_quote_sign.ptr && this->tpm_quote_sign.len > 0)
- {
- return this->tpm_quote_sign.len;
- }
- return 0;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_tpm_quote_sign, chunk_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- return this->tpm_quote_sign;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, set_tpm_quote_sign, void,
- private_tcg_pts_attr_simple_evid_final_t *this, chunk_t tpm_quote_sign)
-{
- this->tpm_quote_sign = tpm_quote_sign;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_evid_sign, chunk_t,
- private_tcg_pts_attr_simple_evid_final_t *this)
-{
- return this->evid_sign;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, set_evid_sign, void,
- private_tcg_pts_attr_simple_evid_final_t *this, chunk_t evid_sign)
-{
- this->evid_sign = evid_sign;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create(
- pts_simple_evid_final_flag_t flags,
- pts_meas_algorithms_t comp_hash_algorithm,
- chunk_t pcr_comp,
- chunk_t tpm_quote_sign,
- chunk_t evid_sign)
-{
- private_tcg_pts_attr_simple_evid_final_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_flags= _get_flags,
- .set_flags= _set_flags,
- .get_comp_hash_algorithm = _get_comp_hash_algorithm,
- .set_comp_hash_algorithm = _set_comp_hash_algorithm,
- .get_comp_pcr_len = _get_comp_pcr_len,
- .get_pcr_comp = _get_pcr_comp,
- .set_pcr_comp = _set_pcr_comp,
- .get_tpm_quote_sign_len = _get_tpm_quote_sign_len,
- .get_tpm_quote_sign = _get_tpm_quote_sign,
- .set_tpm_quote_sign = _set_tpm_quote_sign,
- .get_evid_sign = _get_evid_sign,
- .set_evid_sign = _set_evid_sign,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_SIMPLE_EVID_FINAL,
- .flags = flags,
- .comp_hash_algorithm = comp_hash_algorithm,
- .pcr_comp = pcr_comp,
- .tpm_quote_sign = tpm_quote_sign,
- .evid_sign = evid_sign,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_simple_evid_final_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_flags= _get_flags,
- .set_flags= _set_flags,
- .get_comp_hash_algorithm = _get_comp_hash_algorithm,
- .set_comp_hash_algorithm = _set_comp_hash_algorithm,
- .get_comp_pcr_len = _get_comp_pcr_len,
- .get_pcr_comp = _get_pcr_comp,
- .set_pcr_comp = _set_pcr_comp,
- .get_tpm_quote_sign_len = _get_tpm_quote_sign_len,
- .get_tpm_quote_sign = _get_tpm_quote_sign,
- .set_tpm_quote_sign = _set_tpm_quote_sign,
- .get_evid_sign = _get_evid_sign,
- .set_evid_sign = _set_evid_sign,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_SIMPLE_EVID_FINAL,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_simple_evid_final tcg_pts_attr_simple_evid_final
- * @{ @ingroup tcg_pts_attr_simple_evid_final
- */
-
-#ifndef TCG_PTS_ATTR_SIMPLE_EVID_FINAL_H_
-#define TCG_PTS_ATTR_SIMPLE_EVID_FINAL_H_
-
-typedef struct tcg_pts_attr_simple_evid_final_t tcg_pts_attr_simple_evid_final_t;
-typedef enum pts_simple_evid_final_flag_t pts_simple_evid_final_flag_t;
-
-#include "tcg_attr.h"
-#include "tcg_pts_attr_meas_algo.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-/**
- * PTS Simple Evidence Final Flags
- */
-enum pts_simple_evid_final_flag_t {
- /** No Optional TPM PCR Composite nor Optional TPM Quote Signature fields included */
- PTS_SIMPLE_EVID_FINAL_FLAG_NO = 0,
- /** Optional TPM PCR Composite and Optional TPM Quote Signature fields included */
- /** using TPM_QUOTE_INFO */
- PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO = 1,
- /** Optional TPM PCR Composite and Optional TPM Quote Signature fields included */
- /** using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO was not appended */
- PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2 = 2,
- /** Optional TPM PCR Composite and Optional TPM Quote Signature fields included */
- /** using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO was appended */
- PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER = 3,
- /** Optional Evidence Signature included */
- PTS_SIMPLE_EVID_FINAL_FLAG_EVID = 4,
-};
-
-/**
- * Class implementing the TCG PTS Simple Evidence Final attribute
- *
- */
-struct tcg_pts_attr_simple_evid_final_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-
- /**
- * Get flags for PTS Simple Evidence Final
- *
- * @return Set of flags
- */
- pts_simple_evid_final_flag_t (*get_flags)(tcg_pts_attr_simple_evid_final_t *this);
-
- /**
- * Set flags for PTS Simple Evidence Final
- *
- * @param flags Set of flags
- */
- void (*set_flags)(tcg_pts_attr_simple_evid_final_t *this,
- pts_simple_evid_final_flag_t flags);
-
- /**
- * Get Optional Composite Hash Algorithm
- *
- * @return Composite Hash Algorithm
- */
- pts_meas_algorithms_t (*get_comp_hash_algorithm)(tcg_pts_attr_simple_evid_final_t *this);
-
- /**
- * Set Optional Composite Hash Algorithm
- *
- * @param hash_algorithm Composite Hash Algorithm
- */
- void (*set_comp_hash_algorithm)(tcg_pts_attr_simple_evid_final_t *this,
- pts_meas_algorithms_t hash_algorithm);
-
- /**
- * Get Optional TPM PCR Composite Length
- *
- * @return Length of Composite PCR Length
- */
- u_int32_t (*get_comp_pcr_len)(tcg_pts_attr_simple_evid_final_t *this);
-
- /**
- * Get Optional TPM PCR Composite
- *
- * @return PCR Composite
- */
- chunk_t (*get_pcr_comp)(tcg_pts_attr_simple_evid_final_t *this);
-
- /**
- * Set Optional TPM PCR Composite
- *
- * @param pcr_comp PCR Composite
- */
- void (*set_pcr_comp)(tcg_pts_attr_simple_evid_final_t *this,
- chunk_t pcr_comp);
-
- /**
- * Get Optional TPM Quote Signature Length
- *
- * @return TPM Quote Signature Length
- */
- u_int32_t (*get_tpm_quote_sign_len)(tcg_pts_attr_simple_evid_final_t *this);
-
- /**
- * Get Optional TPM Quote Signature
- *
- * @return TPM Quote Signature
- */
- chunk_t (*get_tpm_quote_sign)(tcg_pts_attr_simple_evid_final_t *this);
-
- /**
- * Set Optional TPM Quote Signature
- *
- * @param tpm_quote_sign TPM Quote Signature
- */
- void (*set_tpm_quote_sign)(tcg_pts_attr_simple_evid_final_t *this,
- chunk_t tpm_quote_sign);
-
- /**
- * Get Optional Evidence Signature
- *
- * @return Optional Evidence Signature
- */
- chunk_t (*get_evid_sign)(tcg_pts_attr_simple_evid_final_t *this);
-
- /**
- * Set Optional Evidence Signature
- *
- * @param signature Optional Evidence Signature
- */
- void (*set_evid_sign)(tcg_pts_attr_simple_evid_final_t *this,
- chunk_t signature);
-
-};
-
-/**
- * Creates an tcg_pts_attr_simple_evid_final_t object
- *
- * @param flags Set of flags
- * @param comp_hash_algorithm Composite Hash Algorithm
- * @param pcr_comp Optional TPM PCR Composite
- * @param tpm_quote_sign Optional TPM Quote Signature
- * @param evid_sign Optional Evidence Signature
- */
-pa_tnc_attr_t* tcg_pts_attr_simple_evid_final_create(pts_simple_evid_final_flag_t flags,
- pts_meas_algorithms_t comp_hash_algorithm,
- chunk_t pcr_comp,
- chunk_t tpm_quote_sign,
- chunk_t evid_sign);
-
-/**
- * Creates an tcg_pts_attr_simple_evid_final_t object from received data
- *
- * @param value unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_simple_evid_final_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_SIMPLE_EVID_FINAL_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "tcg_pts_attr_tpm_version_info.h"
-
-#include <pa_tnc/pa_tnc_msg.h>
-#include <bio/bio_writer.h>
-#include <bio/bio_reader.h>
-#include <debug.h>
-
-typedef struct private_tcg_pts_attr_tpm_version_info_t private_tcg_pts_attr_tpm_version_info_t;
-
-/**
- * TPM Version Information
- * see section 3.11 of PTS Protocol: Binding to TNC IF-M Specification
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- *
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | TPM Version Information (Variable Lenght) |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- * see TPM Structure Specification Part 2, section 21.6: TPM_CAP_VERSION_INFO
- */
-
-#define PTS_TPM_VER_INFO_SIZE 4
-
-/**
- * Private data of an tcg_pts_attr_tpm_version_info_t object.
- */
-struct private_tcg_pts_attr_tpm_version_info_t {
-
- /**
- * Public members of tcg_pts_attr_tpm_version_info_t
- */
- tcg_pts_attr_tpm_version_info_t public;
-
- /**
- * Attribute vendor ID
- */
- pen_t vendor_id;
-
- /**
- * Attribute type
- */
- u_int32_t type;
-
- /**
- * Attribute value
- */
- chunk_t value;
-
- /**
- * Noskip flag
- */
- bool noskip_flag;
-
- /**
- * TPM Version Information
- */
- chunk_t tpm_version_info;
-};
-
-METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
- private_tcg_pts_attr_tpm_version_info_t *this)
-{
- return this->vendor_id;
-}
-
-METHOD(pa_tnc_attr_t, get_type, u_int32_t,
- private_tcg_pts_attr_tpm_version_info_t *this)
-{
- return this->type;
-}
-
-METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_pts_attr_tpm_version_info_t *this)
-{
- return this->value;
-}
-
-METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_pts_attr_tpm_version_info_t *this)
-{
- return this->noskip_flag;
-}
-
-METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_pts_attr_tpm_version_info_t *this, bool noskip)
-{
- this->noskip_flag = noskip;
-}
-
-METHOD(pa_tnc_attr_t, build, void,
- private_tcg_pts_attr_tpm_version_info_t *this)
-{
- bio_writer_t *writer;
-
- writer = bio_writer_create(PTS_TPM_VER_INFO_SIZE);
- writer->write_data(writer, this->tpm_version_info);
-
- this->value = chunk_clone(writer->get_buf(writer));
- writer->destroy(writer);
-}
-
-METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_pts_attr_tpm_version_info_t *this, u_int32_t *offset)
-{
- bio_reader_t *reader;
-
- if (this->value.len < PTS_TPM_VER_INFO_SIZE)
- {
- DBG1(DBG_TNC, "insufficient data for TPM Version Information");
- *offset = 0;
- return FAILED;
- }
- reader = bio_reader_create(this->value);
- reader->read_data (reader, this->value.len, &this->tpm_version_info);
- this->tpm_version_info = chunk_clone(this->tpm_version_info);
- reader->destroy(reader);
-
- return SUCCESS;
-}
-
-METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_pts_attr_tpm_version_info_t *this)
-{
- free(this->value.ptr);
- free(this->tpm_version_info.ptr);
- free(this);
-}
-
-METHOD(tcg_pts_attr_tpm_version_info_t, get_tpm_version_info, chunk_t,
- private_tcg_pts_attr_tpm_version_info_t *this)
-{
- return this->tpm_version_info;
-}
-
-METHOD(tcg_pts_attr_tpm_version_info_t, set_tpm_version_info, void,
- private_tcg_pts_attr_tpm_version_info_t *this,
- chunk_t tpm_version_info)
-{
- this->tpm_version_info = tpm_version_info;
-}
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_tpm_version_info_create(chunk_t tpm_version_info)
-{
- private_tcg_pts_attr_tpm_version_info_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_tpm_version_info = _get_tpm_version_info,
- .set_tpm_version_info = _set_tpm_version_info,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_TPM_VERSION_INFO,
- .tpm_version_info = tpm_version_info,
- );
-
- return &this->public.pa_tnc_attribute;
-}
-
-
-/**
- * Described in header.
- */
-pa_tnc_attr_t *tcg_pts_attr_tpm_version_info_create_from_data(chunk_t data)
-{
- private_tcg_pts_attr_tpm_version_info_t *this;
-
- INIT(this,
- .public = {
- .pa_tnc_attribute = {
- .get_vendor_id = _get_vendor_id,
- .get_type = _get_type,
- .get_value = _get_value,
- .get_noskip_flag = _get_noskip_flag,
- .set_noskip_flag = _set_noskip_flag,
- .build = _build,
- .process = _process,
- .destroy = _destroy,
- },
- .get_tpm_version_info = _get_tpm_version_info,
- .set_tpm_version_info = _set_tpm_version_info,
- },
- .vendor_id = PEN_TCG,
- .type = TCG_PTS_TPM_VERSION_INFO,
- .value = chunk_clone(data),
- );
-
- return &this->public.pa_tnc_attribute;
-}
+++ /dev/null
-/*
- * Copyright (C) 2011 Sansar Choinyambuu
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup tcg_pts_attr_tpm_version_info tcg_pts_attr_tpm_version_info
- * @{ @ingroup tcg_pts_attr_tpm_version_info
- */
-
-#ifndef TCG_PTS_ATTR_TPM_VERSION_INFO_H_
-#define TCG_PTS_ATTR_TPM_VERSION_INFO_H_
-
-typedef struct tcg_pts_attr_tpm_version_info_t tcg_pts_attr_tpm_version_info_t;
-
-#include "tcg_attr.h"
-#include "pa_tnc/pa_tnc_attr.h"
-
-/**
- * Class implementing the TCG PTS TPM Version Info Attribute
- *
- */
-struct tcg_pts_attr_tpm_version_info_t {
-
- /**
- * Public PA-TNC attribute interface
- */
- pa_tnc_attr_t pa_tnc_attribute;
-
- /**
- * Get TPM Version Info
- *
- * @return TPM version info
- */
- chunk_t (*get_tpm_version_info)(tcg_pts_attr_tpm_version_info_t *this);
-
- /**
- * Set TPM Version Info
- *
- * @param tpm_version_info TPM version info
- */
- void (*set_tpm_version_info)(tcg_pts_attr_tpm_version_info_t *this,
- chunk_t tpm_version_info);
-};
-
-/**
- * Creates an tcg_pts_attr_tpm_version_info_t object
- *
- * @param tpm_version_info TPM version info
- */
-pa_tnc_attr_t* tcg_pts_attr_tpm_version_info_create(chunk_t tpm_version_info);
-
-/**
- * Creates an tcg_pts_attr_tpm_version_info_t object from received data
- *
- * @param value unparsed attribute value
- */
-pa_tnc_attr_t* tcg_pts_attr_tpm_version_info_create_from_data(chunk_t value);
-
-#endif /** TCG_PTS_ATTR_TPM_VERSION_INFO_H_ @}*/
--- /dev/null
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libimcv
+
+ipseclib_LTLIBRARIES = libpts.la
+
+libpts_la_LIBADD = -ltspi
+
+libpts_la_SOURCES = \
+ pts/pts.h pts/pts.c \
+ pts/pts_error.h pts/pts_error.c \
+ pts/pts_proto_caps.h pts/pts_funct_comp_name.h \
+ pts/pts_creds.h pts/pts_creds.c \
+ pts/pts_database.h pts/pts_database.c \
+ pts/pts_file_meas.h pts/pts_file_meas.c \
+ pts/pts_meas_algo.h pts/pts_meas_algo.c \
+ tcg/tcg_attr.h tcg/tcg_attr.c \
+ tcg/tcg_pts_attr_proto_caps.h tcg/tcg_pts_attr_proto_caps.c \
+ tcg/tcg_pts_attr_meas_algo.h tcg/tcg_pts_attr_meas_algo.c \
+ tcg/tcg_pts_attr_get_tpm_version_info.h tcg/tcg_pts_attr_get_tpm_version_info.c \
+ tcg/tcg_pts_attr_tpm_version_info.h tcg/tcg_pts_attr_tpm_version_info.c \
+ tcg/tcg_pts_attr_get_aik.h tcg/tcg_pts_attr_get_aik.c \
+ tcg/tcg_pts_attr_aik.h tcg/tcg_pts_attr_aik.c \
+ tcg/tcg_pts_attr_req_funct_comp_evid.h tcg/tcg_pts_attr_req_funct_comp_evid.c \
+ tcg/tcg_pts_attr_gen_attest_evid.h tcg/tcg_pts_attr_gen_attest_evid.c \
+ tcg/tcg_pts_attr_simple_comp_evid.h tcg/tcg_pts_attr_simple_comp_evid.c \
+ tcg/tcg_pts_attr_simple_evid_final.h tcg/tcg_pts_attr_simple_evid_final.c \
+ tcg/tcg_pts_attr_req_file_meas.h tcg/tcg_pts_attr_req_file_meas.c \
+ tcg/tcg_pts_attr_file_meas.h tcg/tcg_pts_attr_file_meas.c
--- /dev/null
+/*
+ * Copyright (C) 2011 Sansar Choinyambuu
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pts.h"
+
+#include <debug.h>
+#include <crypto/hashers/hasher.h>
+
+#include <trousers/tss.h>
+#include <trousers/trousers.h>
+
+#include <sys/stat.h>
+#include <errno.h>
+
+#define PTS_BUF_SIZE 4096
+
+typedef struct private_pts_t private_pts_t;
+
+/**
+ * Private data of a pts_t object.
+ *
+ */
+struct private_pts_t {
+
+ /**
+ * Public pts_t interface.
+ */
+ pts_t public;
+
+ /**
+ * PTS Protocol Capabilities
+ */
+ pts_proto_caps_flag_t proto_caps;
+
+ /**
+ * PTS Measurement Algorithm
+ */
+ pts_meas_algorithms_t algorithm;
+
+ /**
+ * Platform and OS Info
+ */
+ char *platform_info;
+
+ /**
+ * Do we have an activated TPM
+ */
+ bool has_tpm;
+
+ /**
+ * Contains a TPM_CAP_VERSION_INFO struct
+ */
+ chunk_t tpm_version_info;
+
+ /**
+ * Contains a Attestation Identity Key or Certificate
+ */
+ certificate_t *aik;
+
+};
+
+METHOD(pts_t, get_proto_caps, pts_proto_caps_flag_t,
+ private_pts_t *this)
+{
+ return this->proto_caps;
+}
+
+METHOD(pts_t, set_proto_caps, void,
+ private_pts_t *this, pts_proto_caps_flag_t flags)
+{
+ this->proto_caps = flags;
+ DBG2(DBG_IMC, "supported PTS protocol capabilities: %s%s%s%s%s",
+ flags & PTS_PROTO_CAPS_C ? "C" : ".",
+ flags & PTS_PROTO_CAPS_V ? "V" : ".",
+ flags & PTS_PROTO_CAPS_D ? "D" : ".",
+ flags & PTS_PROTO_CAPS_T ? "T" : ".",
+ flags & PTS_PROTO_CAPS_X ? "X" : ".");
+}
+
+METHOD(pts_t, get_meas_algorithm, pts_meas_algorithms_t,
+ private_pts_t *this)
+{
+ return this->algorithm;
+}
+
+METHOD(pts_t, set_meas_algorithm, void,
+ private_pts_t *this, pts_meas_algorithms_t algorithm)
+{
+ hash_algorithm_t hash_alg;
+
+ hash_alg = pts_meas_to_hash_algorithm(algorithm);
+ DBG2(DBG_IMC, "selected PTS measurement algorithm is %N",
+ hash_algorithm_names, hash_alg);
+ if (hash_alg != HASH_UNKNOWN)
+ {
+ this->algorithm = algorithm;
+ }
+}
+
+/**
+ * Print TPM 1.2 Version Info
+ */
+static void print_tpm_version_info(private_pts_t *this)
+{
+ TPM_CAP_VERSION_INFO versionInfo;
+ UINT64 offset = 0;
+ TSS_RESULT result;
+
+ result = Trspi_UnloadBlob_CAP_VERSION_INFO(&offset,
+ this->tpm_version_info.ptr, &versionInfo);
+ if (result != TSS_SUCCESS)
+ {
+ DBG1(DBG_TNC, "could not parse tpm version info: tss error 0x%x",
+ result);
+ }
+ else
+ {
+ DBG2(DBG_TNC, "TPM 1.2 Version Info: Chip Version: %hhu.%hhu.%hhu.%hhu,"
+ " Spec Level: %hu, Errata Rev: %hhu, Vendor ID: %.4s",
+ versionInfo.version.major, versionInfo.version.minor,
+ versionInfo.version.revMajor, versionInfo.version.revMinor,
+ versionInfo.specLevel, versionInfo.errataRev,
+ versionInfo.tpmVendorID);
+ }
+}
+
+METHOD(pts_t, get_platform_info, char*,
+ private_pts_t *this)
+{
+ return this->platform_info;
+}
+
+METHOD(pts_t, set_platform_info, void,
+ private_pts_t *this, char *info)
+{
+ free(this->platform_info);
+ this->platform_info = strdup(info);
+}
+
+METHOD(pts_t, get_tpm_version_info, bool,
+ private_pts_t *this, chunk_t *info)
+{
+ if (!this->has_tpm)
+ {
+ return FALSE;
+ }
+ *info = this->tpm_version_info;
+ print_tpm_version_info(this);
+ return TRUE;
+}
+
+METHOD(pts_t, set_tpm_version_info, void,
+ private_pts_t *this, chunk_t info)
+{
+ this->tpm_version_info = chunk_clone(info);
+ print_tpm_version_info(this);
+}
+
+/**
+ * Load an AIK certificate or public key,
+ * the certificate having precedence over the public key if both are present
+ */
+static void load_aik(private_pts_t *this)
+{
+ char *cert_path, *key_path;
+
+ cert_path = lib->settings->get_str(lib->settings,
+ "libimcv.plugins.imc-attestation.aik_cert", NULL);
+ key_path = lib->settings->get_str(lib->settings,
+ "libimcv.plugins.imc-attestation.aik_key", NULL);
+
+ if (cert_path)
+ {
+ this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+ CERT_X509, BUILD_FROM_FILE,
+ cert_path, BUILD_END);
+ if (this->aik)
+ {
+ DBG2(DBG_IMC, "loaded AIK certificate from '%s'", cert_path);
+ return;
+ }
+ }
+ if (key_path)
+ {
+ this->aik = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+ CERT_TRUSTED_PUBKEY, BUILD_FROM_FILE,
+ key_path, BUILD_END);
+ if (this->aik)
+ {
+ DBG2(DBG_IMC, "loaded AIK public key from '%s'", key_path);
+ return;
+ }
+ }
+ DBG1(DBG_IMC, "neither AIK certificate nor public key is available");
+}
+
+METHOD(pts_t, get_aik, certificate_t*,
+ private_pts_t *this)
+{
+ return this->aik;
+}
+
+METHOD(pts_t, set_aik, void,
+ private_pts_t *this, certificate_t *aik)
+{
+ DESTROY_IF(this->aik);
+ this->aik = aik->get_ref(aik);
+}
+
+/**
+ * Compute a hash over a file
+ */
+static bool hash_file(hasher_t *hasher, char *pathname, u_char *hash)
+{
+ u_char buffer[PTS_BUF_SIZE];
+ FILE *file;
+ int bytes_read;
+
+ file = fopen(pathname, "rb");
+ if (!file)
+ {
+ DBG1(DBG_IMC," file '%s' can not be opened, %s", pathname,
+ strerror(errno));
+ return FALSE;
+ }
+ while (TRUE)
+ {
+ bytes_read = fread(buffer, 1, sizeof(buffer), file);
+ if (bytes_read > 0)
+ {
+ hasher->get_hash(hasher, chunk_create(buffer, bytes_read), NULL);
+ }
+ else
+ {
+ hasher->get_hash(hasher, chunk_empty, hash);
+ break;
+ }
+ }
+ fclose(file);
+
+ return TRUE;
+}
+
+/**
+ * Get the relative filename of a fully qualified file pathname
+ */
+static char* get_filename(char *pathname)
+{
+ char *pos, *filename;
+
+ pos = filename = pathname;
+ while (pos && *(++pos) != '\0')
+ {
+ filename = pos;
+ pos = strchr(filename, '/');
+ }
+ return filename;
+}
+
+METHOD(pts_t, do_measurements, pts_file_meas_t*,
+ private_pts_t *this, u_int16_t request_id, char *pathname, bool is_directory)
+{
+ hasher_t *hasher;
+ hash_algorithm_t hash_alg;
+ u_char hash[HASH_SIZE_SHA384];
+ chunk_t measurement;
+ pts_file_meas_t *measurements;
+
+ /* Create a hasher */
+ hash_alg = pts_meas_to_hash_algorithm(this->algorithm);
+ hasher = lib->crypto->create_hasher(lib->crypto, hash_alg);
+ if (!hasher)
+ {
+ DBG1(DBG_IMC, " hasher %N not available", hash_algorithm_names, hash_alg);
+ return NULL;
+ }
+
+ /* Create a measurement object */
+ measurements = pts_file_meas_create(request_id);
+
+ /* Link the hash to the measurement and set the measurement length */
+ measurement = chunk_create(hash, hasher->get_hash_size(hasher));
+
+ if (is_directory)
+ {
+ enumerator_t *enumerator;
+ char *rel_name, *abs_name;
+ struct stat st;
+
+ enumerator = enumerator_create_directory(pathname);
+ if (!enumerator)
+ {
+ DBG1(DBG_IMC," directory '%s' can not be opened, %s", pathname,
+ strerror(errno));
+ hasher->destroy(hasher);
+ measurements->destroy(measurements);
+ return NULL;
+ }
+ while (enumerator->enumerate(enumerator, &rel_name, &abs_name, &st))
+ {
+ /* measure regular files only */
+ if (S_ISREG(st.st_mode) && *rel_name != '.')
+ {
+ if (!hash_file(hasher, abs_name, hash))
+ {
+ enumerator->destroy(enumerator);
+ hasher->destroy(hasher);
+ measurements->destroy(measurements);
+ return NULL;
+ }
+ DBG2(DBG_IMC, " %#B for '%s'", &measurement, rel_name);
+ measurements->add(measurements, rel_name, measurement);
+ }
+ }
+ enumerator->destroy(enumerator);
+ }
+ else
+ {
+ char *filename;
+
+ if (!hash_file(hasher, pathname, hash))
+ {
+ hasher->destroy(hasher);
+ measurements->destroy(measurements);
+ return NULL;
+ }
+ filename = get_filename(pathname);
+ DBG2(DBG_IMC, " %#B for '%s'", &measurement, filename);
+ measurements->add(measurements, filename, measurement);
+ }
+ hasher->destroy(hasher);
+
+ return measurements;
+}
+
+METHOD(pts_t, destroy, void,
+ private_pts_t *this)
+{
+ DESTROY_IF(this->aik);
+ free(this->platform_info);
+ free(this->tpm_version_info.ptr);
+ free(this);
+}
+
+/**
+ * Determine Linux distribution and hardware platform
+ */
+static char* extract_platform_info(void)
+{
+ FILE *file;
+ const char description[] = "Description:";
+ char buf[BUF_LEN], *pos, *value;
+ int value_len;
+
+ /* open a pipe stream for reading the output of the lsb_release commmand */
+ file = popen("/usr/bin/lsb_release -d" , "r");
+ if (!file)
+ {
+ DBG2(DBG_IMC, "failed to run lsb_release command");
+ return NULL;
+ }
+
+ /* read the output the lsb_release command */
+ if (!fgets(buf, BUF_LEN-1, file))
+ {
+ DBG2(DBG_IMC, "failed to read output of lsb_release command");
+ pclose(file);
+ return NULL;
+ }
+ pclose(file);
+
+ pos = strstr(buf, description);
+ if (!pos)
+ {
+ DBG2(DBG_IMC, "failed to find lsb_release description field");
+ return NULL;
+ }
+ value = pos + strlen(description);
+
+ /* eat whitespace */
+ while (*value == ' ' || *value == '\t')
+ {
+ value++;
+ }
+
+ /* remove newline at the end and move value to the front of the buffer */
+ value_len = strlen(value) - 1;
+ memcpy(buf, value, value_len);
+ buf[value_len] = ' ';
+
+ /* open a pipe stream for reading the output of the arch commmand */
+ file = popen("/usr/bin/arch" , "r");
+ if (!file)
+ {
+ DBG2(DBG_IMC, "failed to run arch command");
+ return NULL;
+ }
+
+ /* read the output the arch command */
+ if (!fgets(buf + value_len + 1, BUF_LEN - value_len - 2, file))
+ {
+ DBG2(DBG_IMC, "failed to read output of arch command");
+ pclose(file);
+ return NULL;
+ }
+ pclose(file);
+
+ /* remove newline at the end */
+ buf[strlen(buf)-1] = '\0';
+
+ DBG1(DBG_IMV, "platform is '%s'", buf);
+ return strdup(buf);
+}
+
+/**
+ * Check for a TPM by querying for TPM Version Info
+ */
+static bool has_tpm(private_pts_t *this)
+{
+ TSS_HCONTEXT hContext;
+ TSS_HTPM hTPM;
+ TSS_RESULT result;
+
+ result = Tspi_Context_Create(&hContext);
+ if (result != TSS_SUCCESS)
+ {
+ goto err;
+ }
+ result = Tspi_Context_Connect(hContext, NULL);
+ if (result != TSS_SUCCESS)
+ {
+ goto err;
+ }
+ result = Tspi_Context_GetTpmObject (hContext, &hTPM);
+ if (result != TSS_SUCCESS)
+ {
+ goto err;
+ }
+ result = Tspi_TPM_GetCapability(hTPM, TSS_TPMCAP_VERSION_VAL, 0, NULL,
+ &this->tpm_version_info.len,
+ &this->tpm_version_info.ptr);
+ if (result != TSS_SUCCESS)
+ {
+ goto err;
+ }
+ this->tpm_version_info = chunk_clone(this->tpm_version_info);
+ return TRUE;
+
+ err:
+ DBG1(DBG_IMC, "TPM not available: tss error 0x%x", result);
+ return FALSE;
+}
+
+/**
+ * See header
+ */
+pts_t *pts_create(bool is_imc)
+{
+ private_pts_t *this;
+
+ INIT(this,
+ .public = {
+ .get_proto_caps = _get_proto_caps,
+ .set_proto_caps = _set_proto_caps,
+ .get_meas_algorithm = _get_meas_algorithm,
+ .set_meas_algorithm = _set_meas_algorithm,
+ .get_platform_info = _get_platform_info,
+ .set_platform_info = _set_platform_info,
+ .get_tpm_version_info = _get_tpm_version_info,
+ .set_tpm_version_info = _set_tpm_version_info,
+ .get_aik = _get_aik,
+ .set_aik = _set_aik,
+ .do_measurements = _do_measurements,
+ .destroy = _destroy,
+ },
+ .proto_caps = PTS_PROTO_CAPS_V,
+ .algorithm = PTS_MEAS_ALGO_SHA256,
+ );
+
+ if (is_imc)
+ {
+ this->platform_info = extract_platform_info();
+
+ if (has_tpm(this))
+ {
+ this->has_tpm = TRUE;
+ this->proto_caps |= PTS_PROTO_CAPS_T;
+ load_aik(this);
+ }
+ }
+ else
+ {
+ this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_C;
+ }
+
+ return &this->public;
+}
+
--- /dev/null
+/*
+ * Copyright (C) 2011 Sansar Choinyambuu
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pts pts
+ * @{ @ingroup pts
+ */
+
+#ifndef PTS_H_
+#define PTS_H_
+
+typedef struct pts_t pts_t;
+
+#include "pts_proto_caps.h"
+#include "pts_meas_algo.h"
+#include "pts_file_meas.h"
+
+#include <library.h>
+
+/**
+ * Class implementing the TCG Platform Trust System (PTS)
+ *
+ */
+struct pts_t {
+
+ /**
+ * Get PTS Protocol Capabilities
+ *
+ * @return protocol capabilities flags
+ */
+ pts_proto_caps_flag_t (*get_proto_caps)(pts_t *this);
+
+ /**
+ * Set PTS Protocol Capabilities
+ *
+ * @param flags protocol capabilities flags
+ */
+ void (*set_proto_caps)(pts_t *this, pts_proto_caps_flag_t flags);
+
+ /**
+ * Get PTS Measurement Algorithm
+ *
+ * @return measurement algorithm
+ */
+ pts_meas_algorithms_t (*get_meas_algorithm)(pts_t *this);
+
+ /**
+ * Set PTS Measurement Algorithm
+ *
+ * @param algorithm measurement algorithm
+ */
+ void (*set_meas_algorithm)(pts_t *this, pts_meas_algorithms_t algorithm);
+
+ /**
+ * Get Platform and OS Info
+ *
+ * @return platform and OS info
+ */
+ char* (*get_platform_info)(pts_t *this);
+
+ /**
+ * Set Platform and OS Info
+ *
+ * @param info platform and OS info
+ */
+ void (*set_platform_info)(pts_t *this, char *info);
+
+ /**
+ * Get TPM 1.2 Version Info
+ *
+ * @param info chunk containing a TPM_CAP_VERSION_INFO struct
+ * @return TRUE if TPM Version Info available
+ */
+ bool (*get_tpm_version_info)(pts_t *this, chunk_t *info);
+
+ /**
+ * Set TPM 1.2 Version Info
+ *
+ * @param info chunk containing a TPM_CAP_VERSION_INFO struct
+ */
+ void (*set_tpm_version_info)(pts_t *this, chunk_t info);
+
+ /**
+ * Get Attestation Identity Certificate or Public Key
+ *
+ * @return AIK Certificate or Public Key
+ */
+ certificate_t* (*get_aik)(pts_t *this);
+
+ /**
+ * Set Attestation Identity Certificate or Public Key
+ *
+ * @param aik AIK Certificate or Public Key
+ */
+ void (*set_aik)(pts_t *this, certificate_t *aik);
+
+ /**
+ * Do PTS File Measurements
+ *
+ * @param request_id ID of PTS File Measurement Request
+ * @param pathname Absolute pathname of file to be measured
+ * @param is_directory if TRUE directory contents are measured
+ * @return PTS File Measurements of NULL if FAILED
+ */
+ pts_file_meas_t* (*do_measurements)(pts_t *this, u_int16_t request_id,
+ char *pathname, bool is_directory);
+
+ /**
+ * Destroys a pts_t object.
+ */
+ void (*destroy)(pts_t *this);
+
+};
+
+/**
+ * Creates an pts_t object
+ *
+ * @param is_imc TRUE if running on an IMC
+ */
+pts_t* pts_create(bool is_imc);
+
+#endif /** PTS_H_ @}*/
--- /dev/null
+/*
+ * Copyright (C) 2011 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pts_creds.h"
+
+#include <debug.h>
+#include <credentials/certificates/x509.h>
+#include <credentials/sets/mem_cred.h>
+
+#include <sys/stat.h>
+
+typedef struct private_pts_creds_t private_pts_creds_t;
+
+/**
+ * Private data of a pts_creds_t object.
+ *
+ */
+struct private_pts_creds_t {
+
+ /**
+ * Public pts_creds_t interface.
+ */
+ pts_creds_t public;
+
+ /**
+ * Credential set
+ */
+ mem_cred_t *creds;
+
+};
+
+METHOD(pts_creds_t, get_set, credential_set_t*,
+ private_pts_creds_t *this)
+{
+ return &this->creds->set;
+}
+
+
+METHOD(pts_creds_t, destroy, void,
+ private_pts_creds_t *this)
+{
+ this->creds->destroy(this->creds);
+ free(this);
+}
+
+/**
+ * Load trusted PTS CA certificates from a directory
+ */
+static void load_cacerts(private_pts_creds_t *this, char *path)
+{
+ enumerator_t *enumerator;
+ struct stat st;
+ char *file;
+
+ DBG1(DBG_TNC, "loading PTS ca certificates from '%s'", path);
+
+ enumerator = enumerator_create_directory(path);
+ if (!enumerator)
+ {
+ return;
+ }
+
+ while (enumerator->enumerate(enumerator, NULL, &file, &st))
+ {
+ certificate_t *cert;
+
+ if (!S_ISREG(st.st_mode))
+ {
+ /* skip special file */
+ continue;
+ }
+ cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+ BUILD_FROM_FILE, file, BUILD_END);
+ if (cert)
+ {
+ x509_t *x509 = (x509_t*)cert;
+
+ if (!(x509->get_flags(x509) & X509_CA))
+ {
+ DBG1(DBG_TNC, " ca certificate \"%Y\" lacks ca basic constraint"
+ ", discarded", cert->get_subject(cert));
+ cert->destroy(cert);
+ }
+ else
+ {
+ DBG1(DBG_TNC, " loaded ca certificate \"%Y\" from '%s'",
+ cert->get_subject(cert), file);
+ this->creds->add_cert(this->creds, TRUE, cert);
+ }
+ }
+ else
+ {
+ DBG1(DBG_TNC, " loading ca certificate from '%s' failed", file);
+ }
+ }
+ enumerator->destroy(enumerator);
+}
+
+/**
+ * See header
+ */
+pts_creds_t *pts_creds_create(char *path)
+{
+ private_pts_creds_t *this;
+
+ if (!path)
+ {
+ DBG1(DBG_TNC, "no PTS cacerts directory defined");
+ return NULL;
+ }
+
+ INIT(this,
+ .public = {
+ .get_set = _get_set,
+ .destroy = _destroy,
+ },
+ .creds = mem_cred_create(),
+ );
+
+ load_cacerts(this, path);
+
+ return &this->public;
+}
+
--- /dev/null
+/*
+ * Copyright (C) 2011 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pts_creds pts_creds
+ * @{ @ingroup pts
+ */
+
+#ifndef PTS_CREDS_H_
+#define PTS_CREDS_H_
+
+typedef struct pts_creds_t pts_creds_t;
+
+#include <library.h>
+#include <credentials/credential_set.h>
+
+/**
+ * Class implementing a PTS credentials set
+ */
+struct pts_creds_t {
+
+ /**
+ * Get the credential set
+ *
+ * @return credential set
+ */
+ credential_set_t* (*get_set)(pts_creds_t *this);
+
+ /**
+ * Destroys a pts_creds_t object.
+ */
+ void (*destroy)(pts_creds_t *this);
+
+};
+
+/**
+ * Creates an pts_creds_t object
+ *
+ * @param path path to the PTS cacerts directory
+ */
+pts_creds_t* pts_creds_create(char *path);
+
+#endif /** PTS_CREDS_H_ @}*/
--- /dev/null
+/*
+ * Copyright (C) 2011 Sansar Choinyambuu
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pts_database.h"
+
+#include <debug.h>
+#include <crypto/hashers/hasher.h>
+
+
+typedef struct private_pts_database_t private_pts_database_t;
+
+/**
+ * Private data of a pts_database_t object.
+ *
+ */
+struct private_pts_database_t {
+
+ /**
+ * Public pts_database_t interface.
+ */
+ pts_database_t public;
+
+ /**
+ * database instance
+ */
+ database_t *db;
+
+};
+
+METHOD(pts_database_t, create_file_enumerator, enumerator_t*,
+ private_pts_database_t *this, char *product)
+{
+ enumerator_t *e;
+
+ /* look for all entries belonging to a product in the files table */
+ e = this->db->query(this->db,
+ "SELECT f.id, f.type, f.path FROM files AS f "
+ "JOIN product_file AS pf ON f.id = pf.file "
+ "JOIN products AS p ON p.id = pf.product "
+ "WHERE p.name = ?",
+ DB_TEXT, product, DB_INT, DB_INT, DB_TEXT);
+ return e;
+}
+
+METHOD(pts_database_t, create_hash_enumerator, enumerator_t*,
+ private_pts_database_t *this, char *product, pts_meas_algorithms_t algo,
+ int id, bool is_dir)
+{
+ enumerator_t *e;
+
+ if (is_dir)
+ {
+ e = this->db->query(this->db,
+ "SELECT f.path, fh.hash FROM file_hashes AS fh "
+ "JOIN files AS f ON fh.file = f.id "
+ "JOIN products AS p ON fh.product = p.id "
+ "WHERE p.name = ? AND fh.directory = ? AND fh.algo = ? "
+ "ORDER BY f.path",
+ DB_TEXT, product, DB_INT, id, DB_INT, algo, DB_TEXT, DB_BLOB);
+ }
+ else
+ {
+ e = this->db->query(this->db,
+ "SELECT f.path, fh.hash FROM file_hashes AS fh "
+ "JOIN files AS f ON fh.file = f.id "
+ "JOIN products AS p ON fh.product = p.id "
+ "WHERE p.name = ? AND fh.file = ? AND fh.algo = ?",
+ DB_TEXT, product, DB_INT, id, DB_INT, algo, DB_TEXT, DB_BLOB);
+ }
+ return e;
+}
+
projects / strongswan.git / commitdiff