Changed definition of output and set them in quote_tpm function
authorSansar Choinyambuu <schoinya@hsr.ch>
Fri, 7 Oct 2011 09:15:37 +0000 (11:15 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 28 Nov 2011 13:34:21 +0000 (14:34 +0100)
src/libpts/pts/pts.c
src/libpts/pts/pts.h

index 4ee5d49..14271f6 100644 (file)
@@ -716,7 +716,8 @@ METHOD(pts_t, extend_pcr, bool,
 }
 
 METHOD(pts_t, quote_tpm, bool,
-          private_pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs, chunk_t *output)
+          private_pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
+          chunk_t *pcr_composite, chunk_t *quote_signature)
 {
        TSS_HCONTEXT hContext;
        TSS_HTPM hTPM;
@@ -731,6 +732,7 @@ METHOD(pts_t, quote_tpm, bool,
        u_int32_t i;
        TSS_RESULT result;
        chunk_t aik_key_encoding;
+       chunk_t pcr_composite_without_nonce;
 
        result = Tspi_Context_Create(&hContext);
        if (result != TSS_SUCCESS)
@@ -822,7 +824,7 @@ METHOD(pts_t, quote_tpm, bool,
                        DBG1(DBG_PTS, "Invalid PCR number: %d", pcr);
                        goto err3;
                }
-               result = Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, 1);
+               result = Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, pcr);
                if (result != TSS_SUCCESS)
                {
                        goto err3;
@@ -842,23 +844,36 @@ METHOD(pts_t, quote_tpm, bool,
 
        quoteInfo = (TPM_QUOTE_INFO *)valData.rgbData;
 
-       //display quote info
-       printf("version:\n");
-       for(i=0;i<4;i++)
-               printf("%02x ",valData.rgbData[i]);
-       printf("\n");
-       printf("fixed value:\n");
-       for(i=4;i<8;i++)
-               printf("%c",valData.rgbData[i]);
-       printf("\n");
-       printf("pcr digest:\n");
-       for(i=8;i<28;i++)
-               printf("%02x ",valData.rgbData[i]);
-       printf("\n");
-       printf("nonce:\n");
-       for(i=28;i<valData.ulDataLength;i++)
-               printf("%c",valData.rgbData[i]);
-       printf("\n");
+       /* Display quote info */
+       DBG3(DBG_PTS, "version:");
+       for(i = 0 ; i < 4 ; i++)
+       {
+               DBG3(DBG_PTS, "%02x ",valData.rgbData[i]);
+       }
+       DBG3(DBG_PTS, "fixed value:");
+       for(i = 4 ; i < 8 ; i++)
+       {
+               DBG3(DBG_PTS, "%c",valData.rgbData[i]);
+       }
+       DBG3(DBG_PTS, "pcr digest:");
+       for(i = 8 ; i < 28 ; i++)
+       {
+               DBG3(DBG_PTS, "%02x ",valData.rgbData[i]);
+       }
+       DBG3(DBG_PTS, "nonce:");
+       for(i = 28 ; i < valData.ulDataLength ; i++)
+       {
+               DBG3(DBG_PTS, "%c",valData.rgbData[i]);
+       }
+
+       /* Set output chunks */
+       pcr_composite_without_nonce = chunk_alloc(
+               valData.ulDataLength - ASSESSMENT_SECRET_LEN);
+       memcpy(pcr_composite_without_nonce.ptr, valData.rgbData,
+                  valData.ulDataLength - ASSESSMENT_SECRET_LEN);
+       *pcr_composite = pcr_composite_without_nonce;
+       *quote_signature = chunk_from_thing(valData.rgbValidationData);
+       *quote_signature = chunk_clone(*quote_signature);
        
        Tspi_Context_FreeMemory(hContext, NULL);
        Tspi_Context_CloseObject(hContext, hPcrComposite);
index f872d00..efc7271 100644 (file)
@@ -249,12 +249,15 @@ struct pts_t {
         * Quote over PCR's
         * Expects owner and SRK secret to be WELL_KNOWN_SECRET and no password set for AIK
         *
-        * @param pcrs                  Set of PCR's to make quotation over
-        * @param num_of_pcr    Number of PCR's
-        * @param quote                 Chunk to save quote operation output
-        * @return                              FALSE in case of TSS error, TRUE otherwise
+        * @param pcrs                                  Set of PCR's to make quotation over
+        * @param num_of_pcr                    Number of PCR's
+        * @param pcr_composite                 Chunk to save pcr composite structure
+        * @param quote_signature               Chunk to save quote operation output
+        *                                                              without external data (anti-replay protection)
+        * @return                                              FALSE in case of TSS error, TRUE otherwise
         */
-        bool (*quote_tpm)(pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs, chunk_t *quote);
+        bool (*quote_tpm)(pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
+                                          chunk_t *pcr_composite, chunk_t *quote_signature);
 
        /**
         * Destroys a pts_t object.
@@ -270,4 +273,4 @@ struct pts_t {
  */
 pts_t* pts_create(bool is_imc);
 
-#endif /** PTS_H_ @} */
+#endif /** PTS_H_ @}*/
\ No newline at end of file