The file and directory lists are queried from db
authorSansar Choinyambuu <schoinya@hsr.ch>
Wed, 24 Aug 2011 14:25:37 +0000 (16:25 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 8 Sep 2011 10:08:14 +0000 (12:08 +0200)
Request File Measurements sending and handling is implemented accordingly
Measuring the file and directories are tested

src/libimcv/plugins/imc_attestation/imc_attestation.c
src/libimcv/plugins/imv_attestation/imv_attestation.c
src/libimcv/tcg/pts/pts.c
src/libimcv/tcg/pts/pts.h

index 0803f80..46a5fa0 100644 (file)
@@ -300,7 +300,7 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
                                        u_int16_t request_id;
                                        u_int16_t meas_len;
                                        pts_meas_algorithms_t selected_algorithm;
-                                       char * file_hash;
+                                       chunk_t file_hash;
                                        bool directory_flag;
                                        linked_list_t *file_measurements;
 
@@ -310,8 +310,9 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
                                        delimiter = attr_cast->get_delimiter(attr_cast);
                                        path = attr_cast->get_file_path(attr_cast);
                                        
-                                       DBG3(DBG_IMC,"The Requested File/Directory to be measured: %s", path.ptr);
-
+                                       DBG3(DBG_IMC,"requested %s to be measured: %s", 
+                                            (directory_flag)? "directory":"file", path.ptr);
+                                       
                                        /* Send File Measurement attribute */
                                        selected_algorithm = pts->get_meas_algorithm(pts);
                                        meas_len = HASH_SIZE_SHA1;
@@ -334,23 +335,22 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
                                        attr_to_send->set_noskip_flag(attr_to_send, TRUE);
                                        attr_file_meas = (tcg_pts_attr_file_meas_t*)attr_to_send;
                                        
-                                       if(directory_flag)
+                                       if(!directory_flag)
                                        {
-                                               if(pts->hash_file(pts,path.ptr,file_hash) != true)
+                                               if(pts->hash_file(pts,path,&file_hash) != true)
                                                {
                                                        DBG1(DBG_IMC, "Hashing the given file has failed");
                                                        return TNC_RESULT_FATAL;
                                                }
-                                               attr_file_meas->add_file_meas(attr_file_meas, 
-                                                                     chunk_create(file_hash,strlen(file_hash)),
-                                                                     path);
+                                               attr_file_meas->add_file_meas(attr_file_meas, file_hash, path);
+                                                                                               
                                        }
                                        else
                                        {
                                                enumerator_t *meas_enumerator;
                                                file_meas_entry_t *meas_entry;
                                                u_int64_t num_of_files = 0 ;
-                                               if(pts->hash_directory(pts, path.ptr, file_measurements) != true)
+                                               if(pts->hash_directory(pts, path, &file_measurements) != true)
                                                {
                                                        DBG1(DBG_IMC, "Hashing the files in a given directory has failed");
                                                        return TNC_RESULT_FATAL;
index 5e8a8c9..851efb9 100644 (file)
@@ -68,16 +68,6 @@ static pts_meas_algorithms_t supported_algorithms = 0;
 static pts_database_t *pts_db;
 
 /**
- * List of files and directories to measure
- */
-static linked_list_t *file_list, *directory_list;
-
-/**
- * Monotonic increasing number for Request File Measurement attribute
- */
-static u_int16_t request_id_counter = 0;
-
-/**
  * see section 3.7.1 of TCG TNC IF-IMV Specification 1.2
  */
 TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
@@ -143,11 +133,6 @@ TNC_Result TNC_IMV_NotifyConnectionChange(TNC_IMVID imv_id,
 {
        imv_state_t *state;
        imv_attestation_state_t *attestation_state;
-       enumerator_t *enumerator;
-       char *files;
-       char *directories;
-       measurement_req_entry_t *entry;
-       char *token;
        TNC_Result result;
 
        if (!imv_attestation)
@@ -171,49 +156,8 @@ TNC_Result TNC_IMV_NotifyConnectionChange(TNC_IMVID imv_id,
                        }
                        attestation_state = (imv_attestation_state_t*)state;
                        
-                       /** 
-                        * Get the files to measure for
-                        * PTS Request File Measurement attribute
-                        */
+                       /* TODO: Get some configurations */
                        
-                       file_list = linked_list_create();
-                       directory_list = linked_list_create();
-                       
-                       files = lib->settings->get_str(lib->settings,
-                                       "libimcv.plugins.imv-attestation.files", "none");
-                       enumerator = enumerator_create_token(files, " ", " ");
-                       while (enumerator->enumerate(enumerator, &token))
-                       {
-                               entry = malloc_thing(measurement_req_entry_t);
-                               token = strdup(token);
-                               entry->path = token;
-                               entry->request_id = request_id_counter;
-                               file_list->insert_last(file_list, entry);
-                               DBG3(DBG_IMV, "File to measure:%s, with request id:%d",token, entry->request_id);
-                               free(token);
-                               request_id_counter ++;
-                       }
-                       
-                       /** 
-                        * Get the directories to measure for
-                        * PTS Request File Measurement attribute
-                        */
-                       
-                       directories = lib->settings->get_str(lib->settings,
-                                       "libimcv.plugins.imv-attestation.directories", "none");
-                       enumerator = enumerator_create_token(directories, " ", " ");
-                       while (enumerator->enumerate(enumerator, &token))
-                       {
-                               entry = malloc_thing(measurement_req_entry_t);
-                               token = strdup(token);
-                               entry->path = token;
-                               entry->request_id = request_id_counter;
-                               directory_list->insert_last(directory_list, entry);
-                               DBG3(DBG_IMV, "Directory to measure:%s, with request id:%d",token, entry->request_id);
-                               free(token);
-                               request_id_counter ++;
-                       }
-                       enumerator->destroy(enumerator);
                        return TNC_RESULT_SUCCESS;
                default:
                        return imv_attestation->change_state(imv_attestation, connection_id,
@@ -266,7 +210,6 @@ static TNC_Result send_message(TNC_ConnectionID connection_id)
                {
                        pa_tnc_attr_t *attr_req_file_meas;
                        enumerator_t *enumerator;
-                       measurement_req_entry_t *entry;
                        pts_meas_algorithms_t communicated_caps;
                        u_int32_t delimiter = SOLIDUS_UTF;
                        int id, type;
@@ -293,7 +236,7 @@ static TNC_Result send_message(TNC_ConnectionID connection_id)
                        /** 
                         * Add files to measure to PTS Request File Measurement attribute
                         */
-                       product = "Ubuntu 11.4 i686";
+                       product = "Ubuntu 10.10 x86_64";
 
                        if (!pts_db)
                        {
@@ -306,34 +249,22 @@ static TNC_Result send_message(TNC_ConnectionID connection_id)
                        }
                        while (enumerator->enumerate(enumerator, &id, &type, &path))
                        {
+                               bool is_directory;
+                               chunk_t path_chunk;
+                               
                                DBG2(DBG_IMV, "id = %d, type = %d, path = '%s'", id, type, path);
-                       }
-                       enumerator->destroy(enumerator);
-
-                       enumerator = file_list->create_enumerator(file_list);
-                       while (enumerator->enumerate(enumerator, &entry))
-                       {
-                               attr_req_file_meas = tcg_pts_attr_req_file_meas_create(false, 
-                                                       entry->request_id, delimiter, 
-                                                       chunk_create(entry->path, strlen(entry->path)));
-                               attr_req_file_meas->set_noskip_flag(attr_req_file_meas, TRUE);
-                               msg->add_attribute(msg, attr_req_file_meas);
-                       }
-                       /** Add directories to measure to  PTS Request File Measurement attribute
-                        */
-                       enumerator = file_list->create_enumerator(directory_list);
-                       while (enumerator->enumerate(enumerator, &entry))
-                       {
-                               attr_req_file_meas = tcg_pts_attr_req_file_meas_create(true, 
-                                                       entry->request_id, delimiter, 
-                                                       chunk_create(entry->path, strlen(entry->path)));
+                               
+                               is_directory = (type != 0) ? true : false;
+                               path_chunk = chunk_create(path, strlen(path));
+                               path_chunk = chunk_clone(path_chunk);
+                               
+                               attr_req_file_meas = tcg_pts_attr_req_file_meas_create(is_directory, 
+                                                       (u_int16_t)id, delimiter, path_chunk);
                                attr_req_file_meas->set_noskip_flag(attr_req_file_meas, TRUE);
                                msg->add_attribute(msg, attr_req_file_meas);
                        }
-                       
                        enumerator->destroy(enumerator);
-                       file_list->destroy(file_list);
-                       directory_list->destroy(directory_list);
+
                        break;
                }
                case IMV_ATTESTATION_STATE_COMP_EVID:
index 1f57ad1..e5e2566 100644 (file)
@@ -151,7 +151,7 @@ METHOD(pts_t, set_tpm_version_info, void,
  */
 
 METHOD(pts_t, hash_file, bool,
-       private_pts_t *this, char *path, char *out)
+       private_pts_t *this, chunk_t path, chunk_t *out)
 {
        char buffer[PTS_BUF_SIZE];
        FILE *file;
@@ -168,10 +168,10 @@ METHOD(pts_t, hash_file, bool,
                return false;
        }
 
-       file = fopen(path, "rb");
+       file = fopen(path.ptr, "rb");
        if (!file)
        {
-               DBG1(DBG_IMC,"file '%s' can not be opened", path);
+               DBG1(DBG_IMC,"file '%s' can not be opened, %s", path.ptr, strerror(errno));
                hasher->destroy(hasher);
                return false;
        }
@@ -180,14 +180,15 @@ METHOD(pts_t, hash_file, bool,
                bytes_read = fread(buffer, 1, sizeof(buffer), file);
                if (bytes_read > 0)
                {
-                       hasher->get_hash(hasher, chunk_create(buffer, bytes_read), NULL);
+                       hasher->allocate_hash(hasher, chunk_create(buffer, bytes_read), NULL);
                }
                else
                {
-                       hasher->get_hash(hasher, chunk_empty, out);
+                       hasher->allocate_hash(hasher, chunk_empty, out);
                        break;
                }
        }
+               
        fclose(file);
        hasher->destroy(hasher);
 
@@ -199,39 +200,45 @@ METHOD(pts_t, hash_file, bool,
  */
 
 METHOD(pts_t, hash_directory, bool,
-       private_pts_t *this, char *path, linked_list_t *file_measurements)
+       private_pts_t *this, chunk_t path, linked_list_t **file_measurements)
 {
        DIR *dir;
        struct dirent *ent;
        file_meas_entry_t *entry;
+       linked_list_t *list = *file_measurements;
        
-       file_measurements = linked_list_create();
+       list = linked_list_create();
        entry = malloc_thing(file_meas_entry_t);
        
-       dir = opendir(path);
+       dir = opendir(path.ptr);
        if (dir == NULL)
        {
-               DBG1(DBG_IMC, "opening directory '%s' failed: %s", path, strerror(errno));
+               DBG1(DBG_IMC, "opening directory '%s' failed: %s", path.ptr, strerror(errno));
                return false;
        }
        while ((ent = readdir(dir)))
        {
-               char *file_hash;
-               
-               if(this->public.hash_file(&this->public,ent->d_name,file_hash) != true)
+               if (*ent->d_name == '.')
+               {       /* skip ".", ".." and hidden files (such as ".svn") */
+                       continue;
+               }
+                               
+               if(this->public.hash_file(&this->public, chunk_cat("cc", path, chunk_create(ent->d_name, strlen(ent->d_name)))
+                       , &entry->measurement) != true)
                {
                        DBG1(DBG_IMC, "Hashing the given file has failed");
                        return false;
                }
                
-               entry->measurement = chunk_create(file_hash,strlen(file_hash));
                entry->file_name_len = strlen(ent->d_name);
                entry->file_name = chunk_create(ent->d_name,strlen(ent->d_name));
                
-               file_measurements->insert_last(file_measurements,entry);
+               list->insert_last(list,entry);
        }
+               
        closedir(dir);
        
+       *file_measurements = list;
        return true;
 }
 
index 462b8e2..d249a78 100644 (file)
@@ -29,7 +29,6 @@ typedef struct pts_t pts_t;
 
 #include <library.h>
 
-typedef struct measurement_req_entry_t measurement_req_entry_t;
 typedef struct file_meas_entry_t file_meas_entry_t;
 
 /**
@@ -97,7 +96,7 @@ struct pts_t {
         * @param out                   hash output value of a given file
         * @return                      TRUE if hashing file was successful 
         */
-       bool (*hash_file)(pts_t *this, char *path, char *out);
+       bool (*hash_file)(pts_t *this, chunk_t path, chunk_t *out);
        
        /**
         * Hash the given directory
@@ -106,7 +105,7 @@ struct pts_t {
         * @param file_measurements     list of hash output values of files in a given folder
         * @return                      TRUE if hashing directory was successful 
         */
-       bool (*hash_directory)(pts_t *this, char *path, linked_list_t *file_measurements);
+       bool (*hash_directory)(pts_t *this, chunk_t path, linked_list_t **file_measurements);
 
        /**
         * Destroys a pts_t object.