Construct PCR Composite using information received in Simple Component Evidence attri...
authorSansar Choinyambuu <schoinya@hsr.ch>
Mon, 24 Oct 2011 08:39:17 +0000 (10:39 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 28 Nov 2011 18:15:13 +0000 (19:15 +0100)
src/libpts/pts/pts.c
src/libpts/pts/pts.h

index 7692ba2..2ce2545 100644 (file)
@@ -810,7 +810,7 @@ METHOD(pts_t, quote_tpm, bool,
        TSS_VALIDATION valData;
        u_int32_t i;
        TSS_RESULT result;
-       chunk_t pcr_comp, quote_sign;
+       chunk_t quote_sign;
 
        result = Tspi_Context_Create(&hContext);
        if (result != TSS_SUCCESS)
@@ -991,40 +991,31 @@ static u_int32_t get_max_pcr_index(private_pts_t *this)
 METHOD(pts_t, does_pcr_value_match, bool,
        private_pts_t *this, chunk_t pcr_after_value)
 {
-       linked_list_t *entries;
        enumerator_t *e;
-       pcr_entry_t *pcr_entry;
-       bool match_found = FALSE;
+       pcr_entry_t *entry;
        
-       if (!load_pcr_entries(&entries))
+       if (!this->pcrs)
        {
-               DBG1(DBG_PTS, "failed to load PCR entries");
-               return FALSE;
+               this->pcrs = linked_list_create();
        }
-       
-       e = entries->create_enumerator(entries);
-       while (e->enumerate(e, &pcr_entry))
+
+       e = this->pcrs->create_enumerator(this->pcrs);
+       while (e->enumerate(e, &entry))
        {
-               if (strncmp(pcr_entry->pcr_value, pcr_after_value.ptr, PCR_LEN) == 0)
+               if (entry->pcr_number == new->pcr_number)
                {
-                       DBG1(DBG_PTS, "PCR %d value matched with configured value",
-                                pcr_entry->pcr_number);
-                       match_found = TRUE;
+                       DBG4(DBG_PTS, "updating already added PCR%d value",
+                                entry->pcr_number);
+                       this->pcrs->remove_at(this->pcrs, e);
+                       free(entry);
                        break;
                }
        }
-       
        DESTROY_IF(e);
-       DESTROY_IF(entries);
-       free(pcr_entry);
-
-       if (match_found)
-       {
-               return TRUE;
-       }
        
-       DBG1(DBG_PTS, "PCR after value didn't match with any of the configured values");
-       return FALSE;
+       this->pcrs->insert_last(this->pcrs, new);
+
+       /* TODO: Sort pcr entries with pcr index */
 }
 
 /**
@@ -1088,7 +1079,6 @@ METHOD(pts_t, get_quote_info, bool,
                u_int32_t index = pcr_entry->pcr_number;
                mask_bytes[index / 8] |= (1 << (index % 8));
        }
-       
        e->destroy(e);
 
        for (i = 0; i< bitmask_len ; i++)
index 6de3615..0ddcc3f 100644 (file)
@@ -389,19 +389,20 @@ struct pts_t {
                                           chunk_t *pcr_composite, chunk_t *quote_signature);
 
         /**
-        * Check PCR after value in Simple Component Evidence matches configured value
+        * Add extended PCR with its corresponding value
         *
         * @return                                      FALSE in case of any error or non-match, TRUE otherwise
         */
-        bool (*does_pcr_value_match)(pts_t *this, chunk_t pcr_after_value);
+        void (*add_pcr_entry)(pts_t *this, pcr_entry_t *entry);
 
         /**
         * Constructs and returns TPM Quote Info structure expected from IMC
-        * 
-        * @param digest                        Output variable to store quote digest
+        *
+        * @param pcr_composite                 Output variable to store PCR Composite
+        * @param quote_info                    Output variable to store TPM Quote Info
         * @return                                      FALSE in case of any error, TRUE otherwise
         */
-        bool (*get_quote_info)(pts_t *this, chunk_t *quote_info);
+        bool (*get_quote_info)(pts_t *this, chunk_t *pcr_composite, chunk_t *quote_info);
 
         /**
         * Constructs and returns PCR Quote Digest structure expected from IMC