From 379f7a7533b36162ae9cc6373e25c9b16f9746dc Mon Sep 17 00:00:00 2001 From: Sansar Choinyambuu Date: Mon, 31 Oct 2011 11:26:00 +0100 Subject: [PATCH] Implemented matching of Optional PCR Composite field value when Hashing was done to reduce the size of it Optional Composite Hash Algorithm field is always present, has value of all zeroes if was not used --- src/libpts/pts/pts.c | 20 ++++++++++++++++++-- src/libpts/tcg/tcg_pts_attr_simple_evid_final.c | 20 +++++++++++++++----- 2 files changed, 33 insertions(+), 7 deletions(-) diff --git a/src/libpts/pts/pts.c b/src/libpts/pts/pts.c index 1c349d7..3d5e233 100644 --- a/src/libpts/pts/pts.c +++ b/src/libpts/pts/pts.c @@ -1158,9 +1158,25 @@ METHOD(pts_t, get_quote_info, bool, chunk_clear(&pcr_composite); chunk_clear(&hash_pcr_composite); - chunk_clear(&pcr_composite); + /* Hash the PCR Composite Structure */ + hasher->allocate_hash(hasher, pcr_composite, out_pcr_composite); + DBG4(DBG_PTS, "Hash of calculated PCR Composite: %B", out_pcr_composite); + hasher->destroy(hasher); + } + else + { + *out_pcr_composite = chunk_clone(pcr_composite); + DBG4(DBG_PTS, "calculated PCR Composite: %B", out_pcr_composite); + } + + /* SHA1 hash of PCR Composite to construct TPM_QUOTE_INFO */ + hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); + hasher->allocate_hash(hasher, pcr_composite, &hash_pcr_composite); hasher->destroy(hasher); - writer->write_data(writer, *out_pcr_composite); + + writer->write_data(writer, hash_pcr_composite); + chunk_clear(&pcr_composite); + chunk_clear(&hash_pcr_composite); if (!this->secret.ptr) { diff --git a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c index 5f2137e..58a3e3a 100644 --- a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c +++ b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c @@ -167,11 +167,13 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint8 (writer, flags); writer->write_uint8 (writer, PTS_SIMPLE_EVID_FINAL_RESERVED); + /** Optional Composite Hash Algorithm field is always present + * Field has value of all zeroes if not used. + * Implemented adhering the suggestion of Paul Sangster 28.Oct.2011 + */ + writer->write_uint16(writer, this->comp_hash_algorithm); + /* Optional fields */ - if (this->comp_hash_algorithm) - { - writer->write_uint16(writer, this->comp_hash_algorithm); - } if (this->pcr_comp.ptr && this->pcr_comp.len > 0) { writer->write_uint32 (writer, this->pcr_comp.len); @@ -197,7 +199,7 @@ METHOD(pa_tnc_attr_t, process, status_t, bio_reader_t *reader; u_int8_t flags; u_int8_t reserved; - /** u_int16_t algorithm;*/ + u_int16_t algorithm; if (this->value.len < PTS_SIMPLE_EVID_FINAL_SIZE) { @@ -232,6 +234,14 @@ METHOD(pa_tnc_attr_t, process, status_t, } reader->read_uint8(reader, &reserved); + + /** Optional Composite Hash Algorithm field is always present + * Field has value of all zeroes if not used. + * Implemented adhering the suggestion of Paul Sangster 28.Oct.2011 + */ + + reader->read_uint16(reader, &algorithm); + this->comp_hash_algorithm = algorithm; /* Optional Composite Hash Algorithm and TPM PCR Composite field is included */ if (this->flags != PTS_SIMPLE_EVID_FINAL_FLAG_NO) -- 2.7.4