ARG_WITH_SUBST([routing-table-prio], [220], [set priority for IPsec routing table])
ARG_WITH_SUBST([ipsec-script], [ipsec], [change the name of the ipsec script])
+ARG_WITH_SET([tss], [no], [set implementation of the Trusted Computing Group's Software Stack (TSS). Currently the only supported value is "trousers"])
ARG_WITH_SET([capabilities], [no], [set capability dropping library. Currently supported values are "libcap" and "native"])
ARG_WITH_SET([mpz_powm_sec], [yes], [use the more side-channel resistant mpz_powm_sec in libgmp, if available])
ARG_WITH_SET([dev-headers], [no], [install strongSwan development headers to directory.])
AC_SUBST(axis2c_LIBS)
fi
-if test x$imc_attestation = xtrue -o x$imv_attestation = xtrue; then
+if test x$tss = xtrousers; then
AC_HAVE_LIBRARY([tspi],[LIBS="$LIBS"],[AC_MSG_ERROR([TrouSerS library libtspi not found])])
AC_CHECK_HEADER([trousers/tss.h],,[AC_MSG_ERROR([TrouSerS header trousers/tss.h not found!])])
fi
AM_CONDITIONAL(USE_RADIUS, test x$radius = xtrue)
AM_CONDITIONAL(USE_IMCV, test x$imcv = xtrue)
AM_CONDITIONAL(USE_PTS, test x$pts = xtrue)
+AM_CONDITIONAL(USE_TROUSERS, test x$tss = xtrousers)
AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
dnl ==============================
#include <bio/bio_writer.h>
#include <bio/bio_reader.h>
+#ifdef TSS_TROUSERS
#include <trousers/tss.h>
#include <trousers/trousers.h>
+#else
+#ifndef TPM_TAG_QUOTE_INFO2
+#define TPM_TAG_QUOTE_INFO2 0x0036
+#endif
+#ifndef TPM_LOC_ZERO
+#define TPM_LOC_ZERO 0x01
+#endif
+#endif
#include <sys/types.h>
#include <sys/stat.h>
return TRUE;
}
+#ifdef TSS_TROUSERS
+
/**
* Print TPM 1.2 Version Info
*/
}
}
+#else
+
+static void print_tpm_version_info(private_pts_t *this)
+{
+ DBG1(DBG_PTS, "unknown TPM version: no TSS implementation available");
+}
+
+#endif /* TSS_TROUSERS */
+
METHOD(pts_t, get_platform_info, char*,
private_pts_t *this)
{
return metadata;
}
+
+#ifdef TSS_TROUSERS
+
METHOD(pts_t, read_pcr, bool,
private_pts_t *this, u_int32_t pcr_num, chunk_t *pcr_value)
{
err1:
Tspi_Context_Close(hContext);
-
if (!success)
{
DBG1(DBG_PTS, "TPM not available: tss error 0x%x", result);
}
-
return success;
}
-METHOD(pts_t, get_pcrs, pts_pcr_t*,
- private_pts_t *this)
+#else /* TSS_TROUSERS */
+
+METHOD(pts_t, read_pcr, bool,
+ private_pts_t *this, u_int32_t pcr_num, chunk_t *pcr_value)
{
- return this->pcrs;
+ return FALSE;
+}
+
+METHOD(pts_t, extend_pcr, bool,
+ private_pts_t *this, u_int32_t pcr_num, chunk_t input, chunk_t *output)
+{
+ return FALSE;
}
+METHOD(pts_t, quote_tpm, bool,
+ private_pts_t *this, bool use_quote2, chunk_t *pcr_comp, chunk_t *quote_sig)
+{
+ return FALSE;
+}
+
+#endif /* TSS_TROUSERS */
+
/**
* TPM_QUOTE_INFO structure:
* 4 bytes of version
return TRUE;
}
+METHOD(pts_t, get_pcrs, pts_pcr_t*,
+ private_pts_t *this)
+{
+ return this->pcrs;
+}
+
METHOD(pts_t, destroy, void,
private_pts_t *this)
{
free(this);
}
+
+#ifdef TSS_TROUSERS
+
/**
* Check for a TPM by querying for TPM Version Info
*/
return FALSE;
}
+#else /* TSS_TROUSERS */
+
+static bool has_tpm(private_pts_t *this)
+{
+ return FALSE;
+}
+
+#endif /* TSS_TROUSERS */
+
+
/**
* See header
*/