ietf/ietf_attr_product_info.h ietf/ietf_attr_product_info.c \
ita/ita_attr.h ita/ita_attr.c \
ita/ita_attr_command.h ita/ita_attr_command.c \
+ pa_tnc/pa_tnc_attr.h \
pa_tnc/pa_tnc_msg.h pa_tnc/pa_tnc_msg.c \
- pa_tnc/pa_tnc_attr.h pa_tnc/pa_tnc_attr.c
+ pa_tnc/pa_tnc_attr_manager.h pa_tnc/pa_tnc_attr_manager.c
SUBDIRS = .
-if USE_PTS
- INCLUDES += -I$(top_srcdir)/src/libpts
- AM_CFLAGS = -DUSE_PTS
-endif
-
if USE_IMC_TEST
SUBDIRS += plugins/imc_test
endif
*/
#include "ietf_attr.h"
+#include "ietf/ietf_attr_pa_tnc_error.h"
+#include "ietf/ietf_attr_port_filter.h"
+#include "ietf/ietf_attr_product_info.h"
ENUM(ietf_attr_names, IETF_ATTR_TESTING, IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED,
"Testing",
"Factory Default Password Enabled",
);
+/**
+ * See header
+ */
+pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, chunk_t value)
+{
+ switch (type)
+ {
+ case IETF_ATTR_PORT_FILTER:
+ return ietf_attr_port_filter_create_from_data(value);
+ case IETF_ATTR_PA_TNC_ERROR:
+ return ietf_attr_pa_tnc_error_create_from_data(value);
+ case IETF_ATTR_PRODUCT_INFORMATION:
+ return ietf_attr_product_info_create_from_data(value);
+ case IETF_ATTR_TESTING:
+ case IETF_ATTR_ATTRIBUTE_REQUEST:
+ case IETF_ATTR_NUMERIC_VERSION:
+ case IETF_ATTR_STRING_VERSION:
+ case IETF_ATTR_OPERATIONAL_STATUS:
+ case IETF_ATTR_INSTALLED_PACKAGES:
+ case IETF_ATTR_ASSESSMENT_RESULT:
+ case IETF_ATTR_REMEDIATION_INSTRUCTIONS:
+ case IETF_ATTR_FORWARDING_ENABLED:
+ case IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED:
+ case IETF_ATTR_RESERVED:
+ default:
+ return NULL;
+ }
+}
#ifndef IETF_ATTR_H_
#define IETF_ATTR_H_
+#include "pa_tnc/pa_tnc_attr.h"
+
#include <library.h>
typedef enum ietf_attr_t ietf_attr_t;
*/
extern enum_name_t *ietf_attr_names;
+/**
+ * Create an IETF PA-TNC attribute from data
+ *
+ * @param type attribute type
+ * @param value attribute value
+ */
+pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, chunk_t value);
+
#endif /** IETF_ATTR_H_ @}*/
*/
#include "imcv.h"
+#include "ietf/ietf_attr.h"
+#include "ita/ita_attr.h"
-#include "utils.h"
+#include <utils.h>
#include <debug.h>
+#include <pen/pen.h>
#include <syslog.h>
#define IMCV_DEBUG_LEVEL 1
/**
- * Reference count for IMC/IMV instances
+ * PA-TNC attribute manager
*/
-refcount_t ref = 0;
+pa_tnc_attr_manager_t *imcv_pa_tnc_attributes;
+
+/**
+ * Reference count for libimcv
+ */
+static refcount_t libimcv_ref = 0;
+
+/**
+ * Reference count for libstrongswan
+ */
+static refcount_t libstrongswan_ref = 0;
/**
* Global configuration of imcv dbg function
if (lib)
{
/* did main program initialize libstrongswan? */
- if (ref == 0)
+ if (libstrongswan_ref == 0)
{
- ref_get(&ref);
+ ref_get(&libstrongswan_ref);
}
}
else
return FALSE;
}
- if (!lib->plugins->load(lib->plugins, NULL, "random"))
+ if (!lib->plugins->load(lib->plugins, NULL,
+ "sha1 sha2 random gmp pubkey x509"))
{
library_deinit();
return FALSE;
/* activate the imcv debugging hook */
dbg = imcv_dbg;
openlog("imcv", 0, LOG_DAEMON);
+ }
+ ref_get(&libstrongswan_ref);
+ if (libimcv_ref == 0)
+ {
+ /* initialize the PA-TNC attribute manager */
+ imcv_pa_tnc_attributes = pa_tnc_attr_manager_create();
+ imcv_pa_tnc_attributes->add_vendor(imcv_pa_tnc_attributes, PEN_IETF,
+ ietf_attr_create_from_data, ietf_attr_names);
+ imcv_pa_tnc_attributes->add_vendor(imcv_pa_tnc_attributes, PEN_ITA,
+ ita_attr_create_from_data, ita_attr_names);
DBG1(DBG_LIB, "libimcv initialized");
}
- ref_get(&ref);
+ ref_get(&libimcv_ref);
return TRUE;
}
*/
void libimcv_deinit(void)
{
- if (ref_put(&ref))
+ if (ref_put(&libimcv_ref))
{
+ imcv_pa_tnc_attributes->remove_vendor(imcv_pa_tnc_attributes, PEN_IETF);
+ imcv_pa_tnc_attributes->remove_vendor(imcv_pa_tnc_attributes, PEN_ITA);
+ DESTROY_IF(imcv_pa_tnc_attributes);
DBG1(DBG_LIB, "libimcv terminated");
+ }
+ if (ref_put(&libstrongswan_ref))
+ {
library_deinit();
}
}
-
#ifndef IMCV_H_
#define IMCV_H_
+#include "pa_tnc/pa_tnc_attr_manager.h"
+
#include <library.h>
/**
*/
void libimcv_deinit(void);
+/**
+ * PA-TNC attribute manager
+ */
+extern pa_tnc_attr_manager_t* imcv_pa_tnc_attributes;
+
#endif /** IMCV_H_ @}*/
*/
#include "ita_attr.h"
+#include "ita/ita_attr_command.h"
ENUM(ita_attr_names, ITA_ATTR_COMMAND, ITA_ATTR_COMMAND,
"Command",
);
+/**
+ * See header
+ */
+pa_tnc_attr_t* ita_attr_create_from_data(u_int32_t type, chunk_t value)
+{
+ switch (type)
+ {
+ case ITA_ATTR_COMMAND:
+ return ita_attr_command_create_from_data(value);
+ default:
+ return NULL;
+ }
+}
#ifndef ITA_ATTR_H_
#define ITA_ATTR_H_
+#include "pa_tnc/pa_tnc_attr.h"
+
#include <library.h>
typedef enum ita_attr_t ita_attr_t;
*/
extern enum_name_t *ita_attr_names;
+/**
+ * Create a ITA PA-TNC attribute from data
+ *
+ * @param type attribute type
+ * @param value attribute value
+ */
+pa_tnc_attr_t* ita_attr_create_from_data(u_int32_t type, chunk_t value);
+
#endif /** ITA_ATTR_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2011 Andreas Steffen
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "pa_tnc_attr.h"
-#include "ietf/ietf_attr.h"
-#include "ietf/ietf_attr_pa_tnc_error.h"
-#include "ietf/ietf_attr_port_filter.h"
-#include "ietf/ietf_attr_product_info.h"
-
-#ifdef USE_PTS
-#include "tcg/tcg_attr.h"
-#include "tcg/tcg_pts_attr_proto_caps.h"
-#include "tcg/tcg_pts_attr_meas_algo.h"
-#include "tcg/tcg_pts_attr_get_tpm_version_info.h"
-#include "tcg/tcg_pts_attr_tpm_version_info.h"
-#include "tcg/tcg_pts_attr_get_aik.h"
-#include "tcg/tcg_pts_attr_aik.h"
-#include "tcg/tcg_pts_attr_req_funct_comp_evid.h"
-#include "tcg/tcg_pts_attr_gen_attest_evid.h"
-#include "tcg/tcg_pts_attr_simple_comp_evid.h"
-#include "tcg/tcg_pts_attr_simple_evid_final.h"
-#include "tcg/tcg_pts_attr_req_file_meas.h"
-#include "tcg/tcg_pts_attr_file_meas.h"
-#endif /* USE_PTS */
-
-#include "ita/ita_attr.h"
-#include "ita/ita_attr_command.h"
-
-/**
- * See header
- */
-pa_tnc_attr_t* pa_tnc_attr_create_from_data(pen_t vendor_id, u_int32_t type,
- chunk_t value)
-{
- switch (vendor_id)
- {
- case PEN_IETF:
- switch (type)
- {
- case IETF_ATTR_PORT_FILTER:
- return ietf_attr_port_filter_create_from_data(value);
- case IETF_ATTR_PA_TNC_ERROR:
- return ietf_attr_pa_tnc_error_create_from_data(value);
- case IETF_ATTR_PRODUCT_INFORMATION:
- return ietf_attr_product_info_create_from_data(value);
- case IETF_ATTR_TESTING:
- case IETF_ATTR_ATTRIBUTE_REQUEST:
- case IETF_ATTR_NUMERIC_VERSION:
- case IETF_ATTR_STRING_VERSION:
- case IETF_ATTR_OPERATIONAL_STATUS:
- case IETF_ATTR_INSTALLED_PACKAGES:
- case IETF_ATTR_ASSESSMENT_RESULT:
- case IETF_ATTR_REMEDIATION_INSTRUCTIONS:
- case IETF_ATTR_FORWARDING_ENABLED:
- case IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED:
- case IETF_ATTR_RESERVED:
- default:
- break;
- }
- break;
-#ifdef USE_PTS
- case PEN_TCG:
- switch (type)
- {
- case TCG_PTS_REQ_PROTO_CAPS:
- return tcg_pts_attr_proto_caps_create_from_data(value, TRUE);
- case TCG_PTS_PROTO_CAPS:
- return tcg_pts_attr_proto_caps_create_from_data(value, FALSE);
- case TCG_PTS_MEAS_ALGO:
- return tcg_pts_attr_meas_algo_create_from_data(value, FALSE);
- case TCG_PTS_MEAS_ALGO_SELECTION:
- return tcg_pts_attr_meas_algo_create_from_data(value, TRUE);
- case TCG_PTS_GET_TPM_VERSION_INFO:
- return tcg_pts_attr_get_tpm_version_info_create_from_data(value);
- case TCG_PTS_TPM_VERSION_INFO:
- return tcg_pts_attr_tpm_version_info_create_from_data(value);
- case TCG_PTS_GET_AIK:
- return tcg_pts_attr_get_aik_create_from_data(value);
- case TCG_PTS_AIK:
- return tcg_pts_attr_aik_create_from_data(value);
- case TCG_PTS_REQ_FUNCT_COMP_EVID:
- return tcg_pts_attr_req_funct_comp_evid_create_from_data(value);
- case TCG_PTS_GEN_ATTEST_EVID:
- return tcg_pts_attr_gen_attest_evid_create_from_data(value);
- case TCG_PTS_SIMPLE_COMP_EVID:
- return tcg_pts_attr_simple_comp_evid_create_from_data(value);
- case TCG_PTS_SIMPLE_EVID_FINAL:
- return tcg_pts_attr_simple_evid_final_create_from_data(value);
- case TCG_PTS_REQ_FILE_MEAS:
- return tcg_pts_attr_req_file_meas_create_from_data(value);
- case TCG_PTS_FILE_MEAS:
- return tcg_pts_attr_file_meas_create_from_data(value);
- case TCG_PTS_DH_NONCE_PARAMS_REQ:
- case TCG_PTS_DH_NONCE_PARAMS_RESP:
- case TCG_PTS_DH_NONCE_FINISH:
- case TCG_PTS_REQ_TEMPL_REF_MANI_SET_META:
- case TCG_PTS_TEMPL_REF_MANI_SET_META:
- case TCG_PTS_UPDATE_TEMPL_REF_MANI:
- case TCG_PTS_VERIFICATION_RESULT:
- case TCG_PTS_INTEG_REPORT:
- case TCG_PTS_REQ_FILE_META:
- case TCG_PTS_WIN_FILE_META:
- case TCG_PTS_UNIX_FILE_META:
- case TCG_PTS_REQ_REGISTRY_VALUE:
- case TCG_PTS_REGISTRY_VALUE:
- case TCG_PTS_REQ_INTEG_MEAS_LOG:
- case TCG_PTS_INTEG_MEAS_LOG:
- default:
- break;
- }
- break;
-#endif /* HAVE _PTS */
- case PEN_ITA:
- switch (type)
- {
- case ITA_ATTR_COMMAND:
- return ita_attr_command_create_from_data(value);
- default:
- break;
- }
- break;
- default:
- break;
- }
- return NULL;
-}
#include <pen/pen.h>
/**
- * Return the PA-TNC attribute names for a given PEN
- *
- * @param pen Private Enterprise Number (PEN)
- * @return pa_attr_names if found, NULL else
- */
-extern enum_name_t *get_pa_attr_names(pen_t pen);
-
-/**
* Interface for an RFC 5792 PA-TNC Posture Attribute.
*
*/
void (*destroy)(pa_tnc_attr_t *this);
};
-/**
- * Create a PA-TNC attribute from data
- *
- * @param vendor_id attribute vendor ID
- * @param type attribute type
- * @param value attribute value
- *
- */
-pa_tnc_attr_t* pa_tnc_attr_create_from_data(pen_t vendor_id, u_int32_t type,
- chunk_t value);
-
#endif /** PA_TNC_ATTR_H_ @}*/
--- /dev/null
+/*
+ * Copyright (C) 2011 Andreas Steffen
+ *
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "pa_tnc_attr_manager.h"
+
+#include <utils/linked_list.h>
+#include <debug.h>
+
+typedef struct private_pa_tnc_attr_manager_t private_pa_tnc_attr_manager_t;
+typedef struct entry_t entry_t;
+
+struct entry_t {
+ pen_t vendor_id;
+ enum_name_t *attr_names;
+ pa_tnc_attr_create_t attr_create;
+};
+
+/**
+ * Private data of a pa_tnc_attr_manager_t object.
+ *
+ */
+struct private_pa_tnc_attr_manager_t {
+
+ /**
+ * Public pa_tnc_attr_manager_t interface.
+ */
+ pa_tnc_attr_manager_t public;
+
+ /**
+ * List of PA-TNC vendor attributes
+ */
+ linked_list_t *list;
+};
+
+METHOD(pa_tnc_attr_manager_t, add_vendor, void,
+ private_pa_tnc_attr_manager_t *this, pen_t vendor_id,
+ pa_tnc_attr_create_t attr_create, enum_name_t *attr_names)
+{
+ entry_t *entry;
+
+ entry = malloc_thing(entry_t);
+ entry->vendor_id = vendor_id;
+ entry->attr_create = attr_create;
+ entry->attr_names = attr_names;
+
+ this->list->insert_last(this->list, entry);
+ DBG2(DBG_TNC, "added %N attributes", pen_names, vendor_id);
+}
+
+METHOD(pa_tnc_attr_manager_t, remove_vendor, void,
+ private_pa_tnc_attr_manager_t *this, pen_t vendor_id)
+{
+ enumerator_t *enumerator;
+ entry_t *entry;
+
+ enumerator = this->list->create_enumerator(this->list);
+ while (enumerator->enumerate(enumerator, &entry))
+ {
+ if (entry->vendor_id == vendor_id)
+ {
+ this->list->remove_at(this->list, enumerator);
+ free(entry);
+ DBG2(DBG_TNC, "removed %N attributes", pen_names, vendor_id);
+ }
+ }
+ enumerator->destroy(enumerator);
+}
+
+METHOD(pa_tnc_attr_manager_t, get_names, enum_name_t*,
+ private_pa_tnc_attr_manager_t *this, pen_t vendor_id)
+{
+ enumerator_t *enumerator;
+ entry_t *entry;
+ enum_name_t *attr_names = NULL;
+
+ enumerator = this->list->create_enumerator(this->list);
+ while (enumerator->enumerate(enumerator, &entry))
+ {
+ if (entry->vendor_id == vendor_id)
+ {
+ attr_names = entry->attr_names;
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ return attr_names;
+}
+
+METHOD(pa_tnc_attr_manager_t, create, pa_tnc_attr_t*,
+ private_pa_tnc_attr_manager_t *this, pen_t vendor_id, u_int32_t type,
+ chunk_t value)
+{
+ enumerator_t *enumerator;
+ entry_t *entry;
+ pa_tnc_attr_t *attr = NULL;
+
+ enumerator = this->list->create_enumerator(this->list);
+ while (enumerator->enumerate(enumerator, &entry))
+ {
+ if (entry->vendor_id == vendor_id)
+ {
+ if (entry->attr_create)
+ {
+ attr = entry->attr_create(type, value);
+ }
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ return attr;
+}
+
+METHOD(pa_tnc_attr_manager_t, destroy, void,
+ private_pa_tnc_attr_manager_t *this)
+{
+ this->list->destroy_function(this->list, free);
+ free(this);
+}
+
+/**
+ * See header
+ */
+pa_tnc_attr_manager_t *pa_tnc_attr_manager_create(void)
+{
+ private_pa_tnc_attr_manager_t *this;
+
+ INIT(this,
+ .public = {
+ .add_vendor = _add_vendor,
+ .remove_vendor = _remove_vendor,
+ .get_names = _get_names,
+ .create = _create,
+ .destroy = _destroy,
+ },
+ .list = linked_list_create(),
+ );
+
+ return &this->public;
+}
+
--- /dev/null
+/*
+ * Copyright (C) 2011 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pa_tnc_attr_manager pa_tnc_attr_manager
+ * @{ @ingroup libimcv
+ */
+
+#ifndef PA_TNC_ATTR_MANAGER_H_
+#define PA_TNC_ATTR_MANAGER_H_
+
+typedef struct pa_tnc_attr_manager_t pa_tnc_attr_manager_t;
+
+#include "pa_tnc_attr.h"
+
+#include <library.h>
+
+typedef pa_tnc_attr_t* (*pa_tnc_attr_create_t)(u_int32_t type, chunk_t value);
+
+/**
+ * Manages PA-TNC attributes for arbitrary PENs
+ */
+struct pa_tnc_attr_manager_t {
+
+ /**
+ * Add vendor-specific attribute names and creation method
+ *
+ * @param vendor_id Private Enterprise Number (PEN)
+ * @param attr_create Vendor-specific attribute create method
+ * @param attr_names Vendor-specific attribute names
+ */
+ void (*add_vendor)(pa_tnc_attr_manager_t *this, pen_t vendor_id,
+ pa_tnc_attr_create_t attr_create,
+ enum_name_t *attr_names);
+
+ /**
+ * Remove vendor-specific attribute names and creation method
+ *
+ * @param vendor_id Private Enterprise Number (PEN)
+ */
+ void (*remove_vendor)(pa_tnc_attr_manager_t *this, pen_t vendor_id);
+
+ /*
+ * Return the PA-TNC attribute names for a given vendor ID
+ *
+ * @param vendor_id Private Enterprise Number (PEN)
+ * @return PA-TNC attribute names if found, NULL else
+ */
+ enum_name_t* (*get_names)(pa_tnc_attr_manager_t *this, pen_t vendor_id);
+
+ /**
+ * Create a PA-TNC attribute object from data for a given vendor ID and type
+ *
+ * @param vendor_id Private Enterprise Number (PEN)
+ * @param type PA-TNC attribute type
+ * @param value PA-TNC attribute value as encoded data
+ * @return PA-TNC attribute object if supported, NULL else
+ */
+ pa_tnc_attr_t* (*create)(pa_tnc_attr_manager_t *this, pen_t vendor_id,
+ u_int32_t type, chunk_t value);
+
+ /**
+ * Destroys a pa_tnc_attr_manager_t object.
+ */
+ void (*destroy)(pa_tnc_attr_manager_t *this);
+};
+
+/**
+ * Create a PA-TNC attribute manager
+ */
+pa_tnc_attr_manager_t* pa_tnc_attr_manager_create(void);
+
+#endif /** PA_TNC_ATTR_MANAGER_H_ @}*/
* for more details.
*/
+#include "imcv.h"
#include "pa_tnc_msg.h"
-#include "ietf/ietf_attr.h"
#include "ietf/ietf_attr_pa_tnc_error.h"
-#include "ita/ita_attr.h"
-
-#ifdef USE_PTS
-#include "tcg/tcg_attr.h"
-#endif /* USE_PTS */
#include <bio/bio_writer.h>
#include <bio/bio_reader.h>
flags = attr->get_noskip_flag(attr) ? PA_TNC_ATTR_FLAG_NOSKIP :
PA_TNC_ATTR_FLAG_NONE;
- pa_attr_names = get_pa_attr_names(vendor_id);
+ pa_attr_names = imcv_pa_tnc_attributes->get_names(imcv_pa_tnc_attributes,
+ vendor_id);
if (pa_attr_names)
{
DBG2(DBG_TNC, "creating PA-TNC attribute type '%N/%N' "
reader->read_uint32(reader, &type);
reader->read_uint32(reader, &length);
- pa_attr_names = get_pa_attr_names(vendor_id);
+ pa_attr_names = imcv_pa_tnc_attributes->get_names(imcv_pa_tnc_attributes,
+ vendor_id);
if (pa_attr_names)
{
DBG2(DBG_TNC, "processing PA-TNC attribute type '%N/%N' "
}
DBG3(DBG_TNC, "%B", &value);
- attr = pa_tnc_attr_create_from_data(vendor_id, type, value);
+ attr = imcv_pa_tnc_attributes->create(imcv_pa_tnc_attributes,
+ vendor_id, type, value);
if (!attr)
{
if (flags & PA_TNC_ATTR_FLAG_NOSKIP)
return pa_tnc_msg_create_from_data(chunk_empty);
}
-/**
- * See header
- */
-enum_name_t* get_pa_attr_names(pen_t pen)
-{
- switch (pen)
- {
- case PEN_IETF:
- return ietf_attr_names;
-#ifdef USE_PTS
- case PEN_TCG:
- return tcg_attr_names;
-#endif /* USE_PTS */
- case PEN_ITA:
- return ita_attr_names;
- default:
- return NULL;
- }
-}
-
#include <ietf/ietf_attr_pa_tnc_error.h>
#include <ietf/ietf_attr_product_info.h>
+#include <libpts.h>
+
#include <pts/pts_error.h>
#include <tcg/tcg_pts_attr_proto_caps.h>
DBG1(DBG_IMC, "IMC \"%s\" has already been initialized", imc_name);
return TNC_RESULT_ALREADY_INITIALIZED;
}
+ if (!pts_meas_probe_algorithms(&supported_algorithms))
+ {
+ return TNC_RESULT_FATAL;
+ }
imc_attestation = imc_agent_create(imc_name, IMC_VENDOR_ID, IMC_SUBTYPE,
- imc_id, actual_version);
- if (!imc_attestation || !pts_meas_probe_algorithms(&supported_algorithms))
+ imc_id, actual_version);
+ if (!imc_attestation)
{
return TNC_RESULT_FATAL;
}
+
+ libpts_init();
+
if (min_version > TNC_IFIMC_VERSION_1 || max_version < TNC_IFIMC_VERSION_1)
{
DBG1(DBG_IMC, "no common IF-IMC version");
DBG1(DBG_IMC, "IMC \"%s\" has not been initialized", imc_name);
return TNC_RESULT_NOT_INITIALIZED;
}
+
+ libpts_deinit();
+
imc_attestation->destroy(imc_attestation);
imc_attestation = NULL;
#include <ietf/ietf_attr_pa_tnc_error.h>
#include <ietf/ietf_attr_product_info.h>
+#include <libpts.h>
+
#include <pts/pts_database.h>
#include <pts/pts_creds.h>
#include <pts/pts_error.h>
DBG1(DBG_IMV, "IMV \"%s\" has already been initialized", imv_name);
return TNC_RESULT_ALREADY_INITIALIZED;
}
+ if (!pts_meas_probe_algorithms(&supported_algorithms))
+ {
+ return TNC_RESULT_FATAL;
+ }
imv_attestation = imv_agent_create(imv_name, IMV_VENDOR_ID, IMV_SUBTYPE,
- imv_id, actual_version);
- if (!imv_attestation || !pts_meas_probe_algorithms(&supported_algorithms))
+ imv_id, actual_version);
+ if (!imv_attestation)
{
return TNC_RESULT_FATAL;
}
+
+ libpts_init();
+
if (min_version > TNC_IFIMV_VERSION_1 || max_version < TNC_IFIMV_VERSION_1)
{
DBG1(DBG_IMV, "no common IF-IMV version");
}
DESTROY_IF(pts_db);
DESTROY_IF(pts_credmgr);
+
+ libpts_deinit();
+
imv_attestation->destroy(imv_attestation);
imv_attestation = NULL;
libpts_la_LIBADD = -ltspi
libpts_la_SOURCES = \
+ libpts.h libpts.c \
pts/pts.h pts/pts.c \
pts/pts_error.h pts/pts_error.c \
pts/pts_proto_caps.h pts/pts_funct_comp_name.h pts/pts_file_type.h \
--- /dev/null
+/*
+ * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "libpts.h"
+#include "tcg/tcg_attr.h"
+
+#include <imcv.h>
+
+#include <debug.h>
+
+/**
+ * Reference count for IMC/IMV instances
+ */
+static refcount_t libpts_ref = 0;
+
+/**
+ * Described in header.
+ */
+bool libpts_init(void)
+{
+ if (libpts_ref == 0)
+ {
+ if (!imcv_pa_tnc_attributes)
+ {
+ return FALSE;
+ }
+ imcv_pa_tnc_attributes->add_vendor(imcv_pa_tnc_attributes, PEN_TCG,
+ tcg_attr_create_from_data, tcg_attr_names);
+ DBG1(DBG_LIB, "libpts initialized");
+ }
+ ref_get(&libpts_ref);
+
+ return TRUE;
+}
+
+/**
+ * Described in header.
+ */
+void libpts_deinit(void)
+{
+ if (ref_put(&libpts_ref))
+ {
+ if (!imcv_pa_tnc_attributes)
+ {
+ return;
+ }
+ imcv_pa_tnc_attributes->remove_vendor(imcv_pa_tnc_attributes, PEN_TCG);
+ DBG1(DBG_LIB, "libpts terminated");
+ }
+}
+
--- /dev/null
+/*
+ * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup libpts libpts
+ *
+ * @defgroup iplugins plugins
+ * @ingroup libpts
+ *
+ * @addtogroup libpts
+ * @{
+ */
+
+#ifndef LIBPTS_H_
+#define LIBPTS_H_
+
+#include <library.h>
+
+/**
+ * Initialize libpts.
+ *
+ * @return FALSE if initialization failed
+ */
+bool libpts_init(void);
+
+/**
+ * Deinitialize libpts.
+ */
+void libpts_deinit(void);
+
+#endif /** LIBPTS_H_ @}*/
*/
#include "tcg_attr.h"
+#include "tcg/tcg_pts_attr_proto_caps.h"
+#include "tcg/tcg_pts_attr_meas_algo.h"
+#include "tcg/tcg_pts_attr_get_tpm_version_info.h"
+#include "tcg/tcg_pts_attr_tpm_version_info.h"
+#include "tcg/tcg_pts_attr_get_aik.h"
+#include "tcg/tcg_pts_attr_aik.h"
+#include "tcg/tcg_pts_attr_req_funct_comp_evid.h"
+#include "tcg/tcg_pts_attr_gen_attest_evid.h"
+#include "tcg/tcg_pts_attr_simple_comp_evid.h"
+#include "tcg/tcg_pts_attr_simple_evid_final.h"
+#include "tcg/tcg_pts_attr_req_file_meas.h"
+#include "tcg/tcg_pts_attr_file_meas.h"
ENUM_BEGIN(tcg_attr_names, TCG_PTS_REQ_FUNCT_COMP_EVID,
TCG_PTS_REQ_FUNCT_COMP_EVID,
TCG_PTS_GET_AIK,
"Attestation Identity Key");
ENUM_END(tcg_attr_names, TCG_PTS_AIK);
+
+/**
+ * See header
+ */
+pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, chunk_t value)
+{
+ switch (type)
+ {
+ case TCG_PTS_REQ_PROTO_CAPS:
+ return tcg_pts_attr_proto_caps_create_from_data(value, TRUE);
+ case TCG_PTS_PROTO_CAPS:
+ return tcg_pts_attr_proto_caps_create_from_data(value, FALSE);
+ case TCG_PTS_MEAS_ALGO:
+ return tcg_pts_attr_meas_algo_create_from_data(value, FALSE);
+ case TCG_PTS_MEAS_ALGO_SELECTION:
+ return tcg_pts_attr_meas_algo_create_from_data(value, TRUE);
+ case TCG_PTS_GET_TPM_VERSION_INFO:
+ return tcg_pts_attr_get_tpm_version_info_create_from_data(value);
+ case TCG_PTS_TPM_VERSION_INFO:
+ return tcg_pts_attr_tpm_version_info_create_from_data(value);
+ case TCG_PTS_GET_AIK:
+ return tcg_pts_attr_get_aik_create_from_data(value);
+ case TCG_PTS_AIK:
+ return tcg_pts_attr_aik_create_from_data(value);
+ case TCG_PTS_REQ_FUNCT_COMP_EVID:
+ return tcg_pts_attr_req_funct_comp_evid_create_from_data(value);
+ case TCG_PTS_GEN_ATTEST_EVID:
+ return tcg_pts_attr_gen_attest_evid_create_from_data(value);
+ case TCG_PTS_SIMPLE_COMP_EVID:
+ return tcg_pts_attr_simple_comp_evid_create_from_data(value);
+ case TCG_PTS_SIMPLE_EVID_FINAL:
+ return tcg_pts_attr_simple_evid_final_create_from_data(value);
+ case TCG_PTS_REQ_FILE_MEAS:
+ return tcg_pts_attr_req_file_meas_create_from_data(value);
+ case TCG_PTS_FILE_MEAS:
+ return tcg_pts_attr_file_meas_create_from_data(value);
+ case TCG_PTS_DH_NONCE_PARAMS_REQ:
+ case TCG_PTS_DH_NONCE_PARAMS_RESP:
+ case TCG_PTS_DH_NONCE_FINISH:
+ case TCG_PTS_REQ_TEMPL_REF_MANI_SET_META:
+ case TCG_PTS_TEMPL_REF_MANI_SET_META:
+ case TCG_PTS_UPDATE_TEMPL_REF_MANI:
+ case TCG_PTS_VERIFICATION_RESULT:
+ case TCG_PTS_INTEG_REPORT:
+ case TCG_PTS_REQ_FILE_META:
+ case TCG_PTS_WIN_FILE_META:
+ case TCG_PTS_UNIX_FILE_META:
+ case TCG_PTS_REQ_REGISTRY_VALUE:
+ case TCG_PTS_REGISTRY_VALUE:
+ case TCG_PTS_REQ_INTEG_MEAS_LOG:
+ case TCG_PTS_INTEG_MEAS_LOG:
+ default:
+ return NULL;
+ }
+}
#ifndef TCG_ATTR_H_
#define TCG_ATTR_H_
+#include <pa_tnc/pa_tnc_attr.h>
#include <library.h>
typedef enum tcg_attr_t tcg_attr_t;
*/
extern enum_name_t *tcg_attr_names;
+/**
+ * Create a TCG PA-TNC attribute from data
+ *
+ * @param type attribute type
+ * @param value attribute value
+ */
+pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, chunk_t value);
+
#endif /** TCG_ATTR_H_ @}*/
projects / strongswan.git / commitdiff