Began implementing handline of Functional Component Measuring attributes
authorSansar Choinyambuu <schoinya@hsr.ch>
Fri, 16 Sep 2011 14:13:50 +0000 (16:13 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 28 Nov 2011 14:14:13 +0000 (15:14 +0100)
src/libimcv/plugins/imv_attestation/imv_attestation.c
src/libpts/tcg/tcg_pts_attr_req_funct_comp_evid.c
src/libpts/tcg/tcg_pts_attr_simple_evid_final.c

index 0558bde..10ee35e 100644 (file)
 #include <pts/pts_creds.h>
 
 #include <tcg/tcg_attr.h>
-<<<<<<< HEAD
-=======
-#include <tcg/tcg_pts_attr_proto_caps.h>
-#include <tcg/tcg_pts_attr_meas_algo.h>
-#include <tcg/tcg_pts_attr_get_tpm_version_info.h>
-#include <tcg/tcg_pts_attr_tpm_version_info.h>
-#include <tcg/tcg_pts_attr_get_aik.h>
-#include <tcg/tcg_pts_attr_aik.h>
-#include <tcg/tcg_pts_attr_req_funct_comp_evid.h>
-#include <tcg/tcg_pts_attr_gen_attest_evid.h>
-#include <tcg/tcg_pts_attr_simple_comp_evid.h>
-#include <tcg/tcg_pts_attr_simple_evid_final.h>
-#include <tcg/tcg_pts_attr_req_file_meas.h>
-#include <tcg/tcg_pts_attr_file_meas.h>
-#include <tcg/tcg_pts_attr_req_file_meta.h>
-#include <tcg/tcg_pts_attr_unix_file_meta.h>
->>>>>>> Implemented handling of File Metadata
 
 #include <tncif_pa_subtypes.h>
 
@@ -211,7 +194,6 @@ static TNC_Result send_message(TNC_ConnectionID connection_id)
        if (imv_attestation_build(msg, attestation_state, supported_algorithms,
                                                          supported_dh_groups, pts_db))
        {
-<<<<<<< HEAD
                msg->build(msg);
                result = imv_attestation->send_message(imv_attestation, connection_id,
                                                                                           msg->get_encoding(msg));
@@ -219,102 +201,6 @@ static TNC_Result send_message(TNC_ConnectionID connection_id)
        else
        {
                result = TNC_RESULT_FATAL;
-=======
-               case IMV_ATTESTATION_STATE_INIT:
-               {
-                       pts_proto_caps_flag_t flags;
-
-                       /* Send Request Protocol Capabilities attribute */
-                       flags = pts->get_proto_caps(pts);
-                       attr = tcg_pts_attr_proto_caps_create(flags, TRUE);
-                       attr->set_noskip_flag(attr, TRUE);
-                       msg->add_attribute(msg, attr);
-       
-                       /* Send Measurement Algorithms attribute */
-                       attr = tcg_pts_attr_meas_algo_create(supported_algorithms, FALSE);
-                       attr->set_noskip_flag(attr, TRUE);
-                       msg->add_attribute(msg, attr);
-
-                       attestation_state->set_handshake_state(attestation_state,
-                                                                               IMV_ATTESTATION_STATE_MEAS);
-                       break;
-               }
-
-               case IMV_ATTESTATION_STATE_MEAS:
-               {
-                       enumerator_t *enumerator;
-                       u_int32_t delimiter = SOLIDUS_UTF;
-                       char *platform_info, *pathname;
-                       u_int16_t request_id;
-                       int id, type;
-                       bool is_dir;
-
-                       attestation_state->set_handshake_state(attestation_state,
-                                                                               IMV_ATTESTATION_STATE_END);
-
-                       /* Does the PTS-IMC have TPM support? */
-                       if (pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T)
-                       {
-                               /* Send Get TPM Version attribute */
-                               attr = tcg_pts_attr_get_tpm_version_info_create();
-                               attr->set_noskip_flag(attr, TRUE);
-                               msg->add_attribute(msg, attr);
-       
-                               /* Send Get AIK attribute */
-                               attr = tcg_pts_attr_get_aik_create();
-                               attr->set_noskip_flag(attr, TRUE);
-                               msg->add_attribute(msg, attr);
-                       }
-
-                       /* Get Platform and OS of the PTS-IMC */
-                       platform_info = pts->get_platform_info(pts);
-
-                       if (!pts_db || !platform_info)
-                       {
-                               DBG1(DBG_IMV, "%s%s%s not available",
-                                       (pts_db) ? "" : "pts database",
-                                       (!pts_db && !platform_info) ? "and" : "",
-                                       (platform_info) ? "" : "platform info");
-                               break;
-                       }
-                       DBG1(DBG_IMV, "platform is '%s'", platform_info);
-
-                       /* Send Request File Metadata attribute */
-                       attr = tcg_pts_attr_req_file_meta_create(FALSE, SOLIDUS_UTF, "/etc/tnc_config");
-                       attr->set_noskip_flag(attr, TRUE);
-                       msg->add_attribute(msg, attr);
-
-                       /* Send Request File Measurement attribute */
-                       enumerator = pts_db->create_file_enumerator(pts_db, platform_info);
-                       if (!enumerator)
-                       {
-                               break;
-                       }
-                       while (enumerator->enumerate(enumerator, &id, &type, &pathname))
-                       {
-                               is_dir = (type != 0);
-                               request_id = attestation_state->add_request(attestation_state,
-                                                                                                                       id, is_dir);
-                               DBG2(DBG_IMV, "measurement request %d for %s '%s'",
-                                        request_id, is_dir ? "directory" : "file", pathname);
-                               attr = tcg_pts_attr_req_file_meas_create(is_dir, request_id,
-                                                                                                        delimiter, pathname);
-                               attr->set_noskip_flag(attr, TRUE);
-                               msg->add_attribute(msg, attr);
-                       }
-                       enumerator->destroy(enumerator);
-                       break;
-               }
-               case IMV_ATTESTATION_STATE_COMP_EVID:
-               case IMV_ATTESTATION_STATE_IML:
-                       DBG1(DBG_IMV, "Attestation IMV has nothing to send: \"%s\"",
-                                handshake_state);
-                       return TNC_RESULT_FATAL;
-               default:
-                       DBG1(DBG_IMV, "Attestation IMV is in unknown state: \"%s\"",
-                                handshake_state);
-                       return TNC_RESULT_FATAL;
->>>>>>> Implemented handling of File Metadata
        }
        msg->destroy(msg);
 
index 7f08f57..123bd9b 100644 (file)
@@ -303,7 +303,7 @@ pa_tnc_attr_t *tcg_pts_attr_req_funct_comp_evid_create(
                                                                        pts_attr_req_funct_comp_evid_flag_t flags,
                                                                        u_int32_t depth, u_int32_t vendor_id,
                                                                        pts_qualifier_t qualifier,
-                                                                       pts_ita_funct_comp_name_t name)
+                                                                       pts_funct_comp_name_t name)
 {
        private_tcg_pts_attr_req_funct_comp_evid_t *this;
 
index dc7fb84..ab429f7 100644 (file)
@@ -167,13 +167,11 @@ METHOD(pa_tnc_attr_t, build, void,
        writer->write_uint8 (writer, flags);
        writer->write_uint8 (writer, PTS_SIMPLE_EVID_FINAL_RESERVED);
        
-       /** Optional Composite Hash Algorithm field is always present
-        * Field has value of all zeroes if not used.
-        * Implemented adhering the suggestion of Paul Sangster 28.Oct.2011
-        */
-       writer->write_uint16(writer, this->comp_hash_algorithm);
-
        /* Optional fields */
+       if (this->comp_hash_algorithm)
+       {
+               writer->write_uint16(writer, this->comp_hash_algorithm);
+       }
        if (this->pcr_comp.ptr && this->pcr_comp.len > 0)
        {
                writer->write_uint32 (writer, this->pcr_comp.len);
@@ -210,9 +208,15 @@ METHOD(pa_tnc_attr_t, process, status_t,
        reader = bio_reader_create(this->value);
        
        reader->read_uint8(reader, &flags);
+       reader->read_uint8(reader, &reserved);
        
        /* Determine the flags to set*/
-       if (!((flags >> 7) & 1) && !((flags >> 6) & 1))
+       if ((flags >> 5) & 1)
+       {
+               this->flags |= PTS_SIMPLE_EVID_FINAL_FLAG_EVID;
+       }
+       
+       if (!((flags >> 6) & PTS_SIMPLE_EVID_FINAL_FLAG_NO))
        {
                this->flags = PTS_SIMPLE_EVID_FINAL_FLAG_NO;
        }
@@ -228,26 +232,14 @@ METHOD(pa_tnc_attr_t, process, status_t,
        {
                this->flags = PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER;
        }
-       if ((flags >> 5) & 1)
-       {
-               this->evid_sign_included = TRUE;
-       }
-       
-       reader->read_uint8(reader, &reserved);
 
-       /** Optional Composite Hash Algorithm field is always present
-        * Field has value of all zeroes if not used.
-        * Implemented adhering the suggestion of Paul Sangster 28.Oct.2011
-        */
-       
-       reader->read_uint16(reader, &algorithm);
-       this->comp_hash_algorithm = algorithm;
-       
        /*  Optional Composite Hash Algorithm and TPM PCR Composite field is included */
-       if (this->flags != PTS_SIMPLE_EVID_FINAL_FLAG_NO)
+       if ((flags >> 6) & PTS_SIMPLE_EVID_FINAL_FLAG_NO)
        {
-               u_int32_t pcr_comp_len, tpm_quote_sign_len;
-               
+               u_int32_t pcr_comp_len;
+               u_int32_t tpm_quote_sign_len;
+               reader->read_uint16(reader, &algorithm);
+               this->comp_hash_algorithm = algorithm;
                reader->read_uint32(reader, &pcr_comp_len);
                reader->read_data(reader, pcr_comp_len, &this->pcr_comp);
                this->pcr_comp = chunk_clone(this->pcr_comp);