differences incurred by rebasing - thanks Linus
This commit is contained in:
parent
4932278e4b
commit
1fe683c1bd
|
@ -28,6 +28,7 @@
|
|||
|
||||
#include <tcg/tcg_pts_attr_proto_caps.h>
|
||||
#include <tcg/tcg_pts_attr_meas_algo.h>
|
||||
|
||||
#include <tncif_pa_subtypes.h>
|
||||
|
||||
#include <pen/pen.h>
|
||||
|
@ -53,28 +54,6 @@ static pts_meas_algorithms_t supported_algorithms = PTS_MEAS_ALGO_NONE;
|
|||
*/
|
||||
static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE;
|
||||
|
||||
/**
|
||||
* List of buffered Simple Component Evidences
|
||||
* To be sent on reception of Generate Attestation Evidence attribute
|
||||
*/
|
||||
static linked_list_t *evidences = NULL;
|
||||
|
||||
/**
|
||||
* Supported PTS Diffie Hellman Groups
|
||||
*/
|
||||
static pts_dh_group_t supported_dh_groups = 0;
|
||||
|
||||
/**
|
||||
* Supported PTS Diffie Hellman Groups
|
||||
*/
|
||||
static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE;
|
||||
|
||||
/**
|
||||
* List of buffered Simple Component Evidences
|
||||
* To be sent on reception of Generate Attestation Evidence attribute
|
||||
*/
|
||||
static linked_list_t *evidences = NULL;
|
||||
|
||||
/**
|
||||
* see section 3.7.1 of TCG TNC IF-IMC Specification 1.2
|
||||
*/
|
||||
|
@ -268,6 +247,7 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
|
|||
supported_algorithms, supported_dh_groups))
|
||||
{
|
||||
result = TNC_RESULT_FATAL;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -125,11 +125,8 @@ static void do_args(int argc, char *argv[])
|
|||
{ "add", no_argument, NULL, 'a' },
|
||||
{ "delete", no_argument, NULL, 'd' },
|
||||
{ "del", no_argument, NULL, 'd' },
|
||||
{ "products", no_argument, NULL, 'p' },
|
||||
{ "hashes", no_argument, NULL, 'H' },
|
||||
{ "add", no_argument, NULL, 'a' },
|
||||
{ "delete", no_argument, NULL, 'd' },
|
||||
{ "del", no_argument, NULL, 'd' },
|
||||
{ "component", required_argument, NULL, 'C' },
|
||||
{ "comp", required_argument, NULL, 'C' },
|
||||
{ "directory", required_argument, NULL, 'D' },
|
||||
{ "dir", required_argument, NULL, 'D' },
|
||||
{ "file", required_argument, NULL, 'F' },
|
||||
|
@ -191,21 +188,6 @@ static void do_args(int argc, char *argv[])
|
|||
exit(EXIT_FAILURE);
|
||||
}
|
||||
continue;
|
||||
case 'H':
|
||||
op = OP_HASHES;
|
||||
continue;
|
||||
case 'a':
|
||||
op = OP_ADD;
|
||||
continue;
|
||||
case 'd':
|
||||
op = OP_DEL;
|
||||
continue;
|
||||
case 'D':
|
||||
if (!attest->set_directory(attest, optarg, op == OP_ADD))
|
||||
{
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
continue;
|
||||
case 'F':
|
||||
if (!attest->set_file(attest, optarg, op == OP_ADD))
|
||||
{
|
||||
|
@ -299,9 +281,6 @@ static void do_args(int argc, char *argv[])
|
|||
case OP_DEL:
|
||||
attest->delete(attest);
|
||||
break;
|
||||
case OP_HASHES:
|
||||
attest->list_hashes(attest);
|
||||
break;
|
||||
default:
|
||||
usage();
|
||||
exit(EXIT_FAILURE);
|
||||
|
|
|
@ -57,11 +57,6 @@ static pts_meas_algorithms_t supported_algorithms = PTS_MEAS_ALGO_NONE;
|
|||
*/
|
||||
static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE;
|
||||
|
||||
/**
|
||||
* Supported PTS Diffie Hellman Groups
|
||||
*/
|
||||
static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE;
|
||||
|
||||
/**
|
||||
* PTS file measurement database
|
||||
*/
|
||||
|
@ -97,10 +92,6 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
|
|||
{
|
||||
return TNC_RESULT_FATAL;
|
||||
}
|
||||
if (!pts_probe_dh_groups(&supported_dh_groups))
|
||||
{
|
||||
return TNC_RESULT_FATAL;
|
||||
}
|
||||
imv_attestation = imv_agent_create(imv_name, IMV_VENDOR_ID, IMV_SUBTYPE,
|
||||
imv_id, actual_version);
|
||||
if (!imv_attestation)
|
||||
|
@ -127,28 +118,6 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
|
|||
return TNC_RESULT_FATAL;
|
||||
}
|
||||
|
||||
/**
|
||||
* Specify supported PTS Diffie-Hellman groups
|
||||
*
|
||||
* modp1024: PTS_DH_GROUP_IKE2
|
||||
* modp1536: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5
|
||||
* modp2048: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14
|
||||
* ecp256: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 |
|
||||
* PTS_DH_GROUP_IKE19
|
||||
* ecp384: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 |
|
||||
* PTS_DH_GROUP_IKE19 | PTS_DH_GROUP_IKE20
|
||||
*
|
||||
* we expect the PTS-IMC to select the strongest supported group
|
||||
*/
|
||||
dh_group = lib->settings->get_str(lib->settings,
|
||||
"libimcv.plugins.imv-attestation.dh_group", "ecp256");
|
||||
|
||||
if (!pts_meas_algo_update(hash_alg, &supported_algorithms) ||
|
||||
!pts_dh_group_update(dh_group, &supported_dh_groups))
|
||||
{
|
||||
return TNC_RESULT_FATAL;
|
||||
}
|
||||
|
||||
/* create a PTS credential manager */
|
||||
pts_credmgr = credential_manager_create();
|
||||
|
||||
|
@ -211,175 +180,16 @@ static TNC_Result send_message(TNC_ConnectionID connection_id)
|
|||
attestation_state = (imv_attestation_state_t*)state;
|
||||
msg = pa_tnc_msg_create();
|
||||
|
||||
<<<<<<< HEAD
|
||||
if (imv_attestation_build(msg, attestation_state, supported_algorithms,
|
||||
supported_dh_groups, pts_db))
|
||||
{
|
||||
msg->build(msg);
|
||||
result = imv_attestation->send_message(imv_attestation, connection_id,
|
||||
msg->get_encoding(msg));
|
||||
=======
|
||||
if (handshake_state == IMV_ATTESTATION_STATE_NONCE_REQ &&
|
||||
!(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T))
|
||||
{
|
||||
DBG1(DBG_IMV, "PTS-IMC has no TPM capability - "
|
||||
"advancing to PTS measurement phase");
|
||||
handshake_state = IMV_ATTESTATION_STATE_MEAS;
|
||||
>>>>>>> added the IMV_ATTESTATION_STATE_NONCE_REQ state
|
||||
}
|
||||
else
|
||||
{
|
||||
<<<<<<< HEAD
|
||||
result = TNC_RESULT_FATAL;
|
||||
=======
|
||||
case IMV_ATTESTATION_STATE_INIT:
|
||||
{
|
||||
pts_proto_caps_flag_t flags;
|
||||
|
||||
/* Send Request Protocol Capabilities attribute */
|
||||
flags = pts->get_proto_caps(pts);
|
||||
attr = tcg_pts_attr_proto_caps_create(flags, TRUE);
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
|
||||
/* Send Measurement Algorithms attribute */
|
||||
attr = tcg_pts_attr_meas_algo_create(supported_algorithms, FALSE);
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
|
||||
attestation_state->set_handshake_state(attestation_state,
|
||||
IMV_ATTESTATION_STATE_NONCE_REQ);
|
||||
break;
|
||||
}
|
||||
case IMV_ATTESTATION_STATE_NONCE_REQ:
|
||||
{
|
||||
int min_nonce_len;
|
||||
|
||||
/* Send DH nonce parameters request attribute */
|
||||
min_nonce_len = lib->settings->get_int(lib->settings,
|
||||
"libimcv.plugins.imv-attestation.min_nonce_len", 0);
|
||||
attr = tcg_pts_attr_dh_nonce_params_req_create(min_nonce_len,
|
||||
supported_dh_groups);
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
|
||||
attestation_state->set_handshake_state(attestation_state,
|
||||
IMV_ATTESTATION_STATE_TPM_INIT);
|
||||
break;
|
||||
}
|
||||
case IMV_ATTESTATION_STATE_TPM_INIT:
|
||||
{
|
||||
pts_meas_algorithms_t selected_algorithm;
|
||||
chunk_t initiator_value, initiator_nonce;
|
||||
|
||||
/* Send DH nonce finish attribute */
|
||||
selected_algorithm = pts->get_meas_algorithm(pts);
|
||||
pts->get_my_public_value(pts, &initiator_value, &initiator_nonce);
|
||||
attr = tcg_pts_attr_dh_nonce_finish_create(selected_algorithm,
|
||||
initiator_value, initiator_nonce);
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
|
||||
/* Send Get TPM Version attribute */
|
||||
attr = tcg_pts_attr_get_tpm_version_info_create();
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
|
||||
/* Send Get AIK attribute */
|
||||
attr = tcg_pts_attr_get_aik_create();
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
|
||||
attestation_state->set_handshake_state(attestation_state,
|
||||
IMV_ATTESTATION_STATE_MEAS);
|
||||
break;
|
||||
}
|
||||
case IMV_ATTESTATION_STATE_MEAS:
|
||||
{
|
||||
|
||||
enumerator_t *enumerator;
|
||||
u_int32_t delimiter = SOLIDUS_UTF;
|
||||
char *platform_info, *pathname;
|
||||
u_int16_t request_id;
|
||||
int id, type;
|
||||
bool is_dir;
|
||||
|
||||
attestation_state->set_handshake_state(attestation_state,
|
||||
IMV_ATTESTATION_STATE_COMP_EVID);
|
||||
|
||||
/* Get Platform and OS of the PTS-IMC */
|
||||
platform_info = pts->get_platform_info(pts);
|
||||
|
||||
if (!pts_db || !platform_info)
|
||||
{
|
||||
DBG1(DBG_IMV, "%s%s%s not available",
|
||||
(pts_db) ? "" : "pts database",
|
||||
(!pts_db && !platform_info) ? "and" : "",
|
||||
(platform_info) ? "" : "platform info");
|
||||
break;
|
||||
}
|
||||
DBG1(DBG_IMV, "platform is '%s'", platform_info);
|
||||
|
||||
/* Send Request File Metadata attribute */
|
||||
attr = tcg_pts_attr_req_file_meta_create(FALSE, SOLIDUS_UTF, "/etc/tnc_config");
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
|
||||
/* Send Request File Measurement attribute */
|
||||
enumerator = pts_db->create_file_enumerator(pts_db, platform_info);
|
||||
if (!enumerator)
|
||||
{
|
||||
break;
|
||||
}
|
||||
while (enumerator->enumerate(enumerator, &id, &type, &pathname))
|
||||
{
|
||||
is_dir = (type != 0);
|
||||
request_id = attestation_state->add_request(attestation_state,
|
||||
id, is_dir);
|
||||
DBG2(DBG_IMV, "measurement request %d for %s '%s'",
|
||||
request_id, is_dir ? "directory" : "file", pathname);
|
||||
attr = tcg_pts_attr_req_file_meas_create(is_dir, request_id,
|
||||
delimiter, pathname);
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
break;
|
||||
}
|
||||
case IMV_ATTESTATION_STATE_COMP_EVID:
|
||||
{
|
||||
pts_attr_req_funct_comp_evid_flag_t flags;
|
||||
u_int32_t sub_comp_depth;
|
||||
pts_qualifier_t qualifier;
|
||||
pts_funct_comp_name_t name;
|
||||
|
||||
attestation_state->set_handshake_state(attestation_state,
|
||||
IMV_ATTESTATION_STATE_END);
|
||||
|
||||
flags = PTS_REQ_FUNC_COMP_FLAG_PCR;
|
||||
sub_comp_depth = 0;
|
||||
qualifier.kernel = FALSE;
|
||||
qualifier.sub_component = FALSE;
|
||||
qualifier.type = PTS_FUNC_COMP_TYPE_ALL;
|
||||
name = PTS_FUNC_COMP_NAME_BIOS;
|
||||
|
||||
/* Send Request Functional Component Evidence attribute */
|
||||
attr = tcg_pts_attr_req_funct_comp_evid_create(flags, sub_comp_depth,
|
||||
PEN_TCG, qualifier, name);
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
/* Send Generate Attestation Evidence attribute */
|
||||
attr = tcg_pts_attr_gen_attest_evid_create();
|
||||
attr->set_noskip_flag(attr, TRUE);
|
||||
msg->add_attribute(msg, attr);
|
||||
|
||||
break;
|
||||
}
|
||||
default:
|
||||
DBG1(DBG_IMV, "Attestation IMV is in unknown state: \"%s\"",
|
||||
handshake_state);
|
||||
return TNC_RESULT_FATAL;
|
||||
>>>>>>> added the IMV_ATTESTATION_STATE_NONCE_REQ state
|
||||
}
|
||||
msg->destroy(msg);
|
||||
|
||||
|
|
|
@ -1111,33 +1111,6 @@ METHOD(pts_t, add_pcr, bool,
|
|||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(pts_t, does_pcr_value_match, bool,
|
||||
private_pts_t *this, chunk_t pcr_after_value)
|
||||
{
|
||||
enumerator_t *e;
|
||||
pcr_entry_t *entry;
|
||||
|
||||
if (!this->pcrs)
|
||||
{
|
||||
this->pcrs = linked_list_create();
|
||||
}
|
||||
|
||||
e = this->pcrs->create_enumerator(this->pcrs);
|
||||
while (e->enumerate(e, &entry))
|
||||
{
|
||||
if (entry->pcr_number == new->pcr_number)
|
||||
{
|
||||
DBG4(DBG_PTS, "updating already added PCR%d value",
|
||||
entry->pcr_number);
|
||||
this->pcrs->remove_at(this->pcrs, e);
|
||||
free(entry);
|
||||
break;
|
||||
}
|
||||
}
|
||||
DESTROY_IF(e);
|
||||
this->pcrs->insert_last(this->pcrs, new);
|
||||
}
|
||||
|
||||
/**
|
||||
* TPM_QUOTE_INFO structure:
|
||||
* 4 bytes of version
|
||||
|
@ -1229,26 +1202,6 @@ METHOD(pts_t, get_quote_info, bool,
|
|||
hasher->allocate_hash(hasher, pcr_comp, &hash_pcr_comp);
|
||||
hasher->destroy(hasher);
|
||||
|
||||
writer->write_data(writer, hash_pcr_composite);
|
||||
chunk_clear(&pcr_composite);
|
||||
chunk_clear(&hash_pcr_composite);
|
||||
|
||||
/* Hash the PCR Composite Structure */
|
||||
hasher->allocate_hash(hasher, pcr_composite, out_pcr_composite);
|
||||
DBG4(DBG_PTS, "Hash of calculated PCR Composite: %B", out_pcr_composite);
|
||||
hasher->destroy(hasher);
|
||||
}
|
||||
else
|
||||
{
|
||||
*out_pcr_composite = chunk_clone(pcr_composite);
|
||||
DBG3(DBG_PTS, "calculated PCR Composite: %B", out_pcr_composite);
|
||||
}
|
||||
|
||||
/* SHA1 hash of PCR Composite to construct TPM_QUOTE_INFO */
|
||||
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
|
||||
hasher->allocate_hash(hasher, pcr_composite, &hash_pcr_composite);
|
||||
hasher->destroy(hasher);
|
||||
|
||||
/* Construct TPM_QUOTE_INFO/TPM_QUOTE_INFO2 structure */
|
||||
writer = bio_writer_create(TPM_QUOTE_INFO_LEN);
|
||||
|
||||
|
@ -1330,15 +1283,7 @@ METHOD(pts_t, verify_quote_signature, bool,
|
|||
DESTROY_IF(aik_pub_key);
|
||||
return FALSE;
|
||||
}
|
||||
*/
|
||||
|
||||
if (!aik_pub_key->get_encoding(aik_pub_key,
|
||||
PUBKEY_SPKI_ASN1_DER, &key_encoding))
|
||||
{
|
||||
DBG1(DBG_PTS, "failed to get encoding of AIK public key");
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
aik_pub_key->destroy(aik_pub_key);
|
||||
return TRUE;
|
||||
}
|
||||
|
|
|
@ -160,37 +160,6 @@ struct pts_t {
|
|||
*/
|
||||
bool (*calculate_secret) (pts_t *this);
|
||||
|
||||
/**
|
||||
* Set PTS Diffie Hellman Object
|
||||
*
|
||||
* @param dh D-H object
|
||||
*/
|
||||
bool (*create_dh_nonce)(pts_t *this, pts_dh_group_t group, int nonce_len);
|
||||
|
||||
/**
|
||||
* Get my Diffie-Hellman public value
|
||||
*
|
||||
* @param value My public DH value
|
||||
* @param nonce My DH nonce
|
||||
*/
|
||||
void (*get_my_public_value)(pts_t *this, chunk_t *value, chunk_t *nonce);
|
||||
|
||||
/**
|
||||
* Set peer Diffie.Hellman public value
|
||||
*
|
||||
* @param value Peer public DH value
|
||||
* @param nonce Peer DH nonce
|
||||
*/
|
||||
void (*set_peer_public_value) (pts_t *this, chunk_t value, chunk_t nonce);
|
||||
|
||||
/**
|
||||
* Calculates secret assessment value to be used for TPM Quote as ExternalData
|
||||
*
|
||||
* @return TRUE unless both DH public values
|
||||
* and nonces are set
|
||||
*/
|
||||
bool (*calculate_secret) (pts_t *this);
|
||||
|
||||
/**
|
||||
* Get Platform and OS Info
|
||||
*
|
||||
|
@ -261,8 +230,7 @@ struct pts_t {
|
|||
bool (*is_path_valid)(pts_t *this, char *path, pts_error_code_t *error_code);
|
||||
|
||||
/**
|
||||
* Compute a hash over a file
|
||||
*
|
||||
* Compute a hash over a file
|
||||
* @param hasher Hasher to be used
|
||||
* @param pathname Absolute path of a file
|
||||
* @param hash Buffer to keep hash output
|
||||
|
@ -368,68 +336,6 @@ struct pts_t {
|
|||
*/
|
||||
bool (*verify_quote_signature)(pts_t *this, chunk_t data, chunk_t signature);
|
||||
|
||||
/**
|
||||
* Reads given PCR value and returns it
|
||||
* Expects owner secret to be WELL_KNOWN_SECRET
|
||||
*
|
||||
* @param pcr_num Number of PCR to read
|
||||
* @param pcr_value Chunk to save pcr read output
|
||||
* @return NULL in case of TSS error, PCR value otherwise
|
||||
*/
|
||||
bool (*read_pcr)(pts_t *this, u_int32_t pcr_num, chunk_t *pcr_value);
|
||||
|
||||
/**
|
||||
* Extends given PCR with given value
|
||||
* Expects owner secret to be WELL_KNOWN_SECRET
|
||||
*
|
||||
* @param pcr_num Number of PCR to extend
|
||||
* @param input Value to extend
|
||||
* @param output Chunk to save PCR value after extension
|
||||
* @return FALSE in case of TSS error, TRUE otherwise
|
||||
*/
|
||||
bool (*extend_pcr)(pts_t *this, u_int32_t pcr_num, chunk_t input,
|
||||
chunk_t *output);
|
||||
|
||||
/**
|
||||
* Quote over PCR's
|
||||
* Expects owner and SRK secret to be WELL_KNOWN_SECRET and no password set for AIK
|
||||
*
|
||||
* @param pcrs Array of PCR's to make quotation over
|
||||
* @param num_of_pcrs Number of elements in pcrs array
|
||||
* @param pcr_composite Chunk to save pcr composite structure
|
||||
* @param quote_signature Chunk to save quote operation output
|
||||
* without external data (anti-replay protection)
|
||||
* @return FALSE in case of TSS error, TRUE otherwise
|
||||
*/
|
||||
bool (*quote_tpm)(pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
|
||||
chunk_t *pcr_composite, chunk_t *quote_signature);
|
||||
|
||||
/**
|
||||
* Add extended PCR with its corresponding value
|
||||
*
|
||||
* @return FALSE in case of any error or non-match, TRUE otherwise
|
||||
*/
|
||||
void (*add_pcr_entry)(pts_t *this, pcr_entry_t *entry);
|
||||
|
||||
/**
|
||||
* Constructs and returns TPM Quote Info structure expected from IMC
|
||||
*
|
||||
* @param pcr_composite Output variable to store PCR Composite
|
||||
* @param quote_info Output variable to store TPM Quote Info
|
||||
* @return FALSE in case of any error, TRUE otherwise
|
||||
*/
|
||||
bool (*get_quote_info)(pts_t *this, chunk_t *pcr_composite,
|
||||
chunk_t *quote_info);
|
||||
|
||||
/**
|
||||
* Constructs and returns PCR Quote Digest structure expected from IMC
|
||||
*
|
||||
* @param data Calculated TPM Quote Digest
|
||||
* @param signature TPM Quote Signature received from IMC
|
||||
* @return FALSE in case signature is not verified, TRUE otherwise
|
||||
*/
|
||||
bool (*verify_quote_signature)(pts_t *this, chunk_t data, chunk_t signature);
|
||||
|
||||
/**
|
||||
* Destroys a pts_t object.
|
||||
*/
|
||||
|
@ -445,4 +351,3 @@ struct pts_t {
|
|||
pts_t* pts_create(bool is_imc);
|
||||
|
||||
#endif /** PTS_H_ @}*/
|
||||
|
||||
|
|
|
@ -93,17 +93,6 @@ bool pts_dh_group_update(char *dh_group, pts_dh_group_t *dh_groups);
|
|||
pts_dh_group_t pts_dh_group_select(pts_dh_group_t supported_dh_groups,
|
||||
pts_dh_group_t offered_dh_groups);
|
||||
|
||||
/**
|
||||
* Select the strongest supported Diffie-Hellman group
|
||||
* among a set of offered DH groups
|
||||
*
|
||||
* @param dh_group set of supported DH groups
|
||||
* @param groups set of offered DH groups
|
||||
* @return selected DH group
|
||||
*/
|
||||
pts_dh_group_t pts_dh_group_select(pts_dh_group_t supported_dh_groups,
|
||||
pts_dh_group_t offered_dh_groups);
|
||||
|
||||
/**
|
||||
* Convert pts_dh_group_t to diffie_hellman_group_t
|
||||
*
|
||||
|
|
|
@ -226,15 +226,18 @@ METHOD(pa_tnc_attr_t, process, status_t,
|
|||
/* Optional Composite Hash Algorithm and TPM PCR Composite fields */
|
||||
if (this->flags != PTS_SIMPLE_EVID_FINAL_NO)
|
||||
{
|
||||
u_int32_t pcr_comp_len, tpm_quote_sign_len;
|
||||
|
||||
/** TODO: Ignoring Hashing algorithm field
|
||||
* There is no flag defined which indicates the precense of it
|
||||
* reader->read_uint16(reader, &algorithm);
|
||||
* this->comp_hash_algorithm = algorithm;
|
||||
*/
|
||||
reader->read_uint32(reader, &pcr_comp_len);
|
||||
reader->read_data(reader, pcr_comp_len, &this->pcr_comp);
|
||||
if (!reader->read_uint32(reader, &pcr_comp_len))
|
||||
{
|
||||
DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
|
||||
"PCR Composite Lenght");
|
||||
goto end;
|
||||
}
|
||||
if (!reader->read_data(reader, pcr_comp_len, &this->pcr_comp))
|
||||
{
|
||||
DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
|
||||
"PCR Composite");
|
||||
goto end;
|
||||
}
|
||||
this->pcr_comp = chunk_clone(this->pcr_comp);
|
||||
|
||||
if (!reader->read_uint32(reader, &tpm_quote_sig_len))
|
||||
|
|
Loading…
Reference in New Issue