use D flag for PTS Protocol Capabilities
authorSansar Choinyambuu <schoinya@hsr.ch>
Fri, 28 Oct 2011 13:17:58 +0000 (15:17 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 28 Nov 2011 13:39:52 +0000 (14:39 +0100)
src/libimcv/plugins/imv_attestation/imv_attestation_build.c
src/libpts/pts/pts.c

index 654782b..bea77d1 100644 (file)
@@ -43,12 +43,26 @@ bool imv_attestation_build(pa_tnc_msg_t *msg,
        pts = attestation_state->get_pts(attestation_state);
 
        if (handshake_state == IMV_ATTESTATION_STATE_NONCE_REQ &&
+               !(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_D))
+       {
+               DBG1(DBG_IMV, "PTS-IMC is not using Diffie-Hellman Nonce negotiation,"
+                                         "advancing to TPM Initialization phase");
+               handshake_state = IMV_ATTESTATION_STATE_TPM_INIT;
+       }
+       if (handshake_state == IMV_ATTESTATION_STATE_TPM_INIT &&
                !(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T))
        {
-               DBG1(DBG_IMV, "PTS-IMC has no TPM capability - "
-                                         "advancing to PTS measurement phase");
+               DBG1(DBG_IMV, "PTS-IMC has not got TPM available,"
+                                         "advancing to File Measurement phase");
                handshake_state = IMV_ATTESTATION_STATE_MEAS;
        }
+       if (handshake_state == IMV_ATTESTATION_STATE_COMP_EVID &&
+               !(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T))
+       {
+               DBG1(DBG_IMV, "PTS-IMC has not got TPM available,"
+                                         "skipping Component Measurement phase");
+               handshake_state = IMV_ATTESTATION_STATE_END;
+       }
 
        /* Switch on the attribute type IMV has received */
        switch (handshake_state)
index 269be41..18a64de 100644 (file)
@@ -1389,14 +1389,14 @@ pts_t *pts_create(bool is_imc)
                if (has_tpm(this))
                {
                        this->has_tpm = TRUE;
-                       this->proto_caps |= PTS_PROTO_CAPS_T;
+                       this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_D;
                        load_aik(this);
                        load_aik_blob(this);
                }
        }
        else
        {
-               this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_C;
+               this->proto_caps |= PTS_PROTO_CAPS_T | PTS_PROTO_CAPS_D;
        }
 
        return &this->public;