libpts: Move settings to <ns>.plugins with fallback to libimcv
This commit is contained in:
parent
bf3f4bf7a2
commit
50fdff70e8
|
@ -109,8 +109,8 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, imc_msg_t *msg,
|
||||||
int nonce_len, min_nonce_len;
|
int nonce_len, min_nonce_len;
|
||||||
|
|
||||||
nonce_len = lib->settings->get_int(lib->settings,
|
nonce_len = lib->settings->get_int(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.nonce_len",
|
"%s.plugins.imc-attestation.nonce_len",
|
||||||
DEFAULT_NONCE_LEN);
|
DEFAULT_NONCE_LEN, lib->ns);
|
||||||
|
|
||||||
attr_cast = (tcg_pts_attr_dh_nonce_params_req_t*)attr;
|
attr_cast = (tcg_pts_attr_dh_nonce_params_req_t*)attr;
|
||||||
min_nonce_len = attr_cast->get_min_nonce_len(attr_cast);
|
min_nonce_len = attr_cast->get_min_nonce_len(attr_cast);
|
||||||
|
@ -165,8 +165,8 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, imc_msg_t *msg,
|
||||||
initiator_nonce = attr_cast->get_initiator_nonce(attr_cast);
|
initiator_nonce = attr_cast->get_initiator_nonce(attr_cast);
|
||||||
|
|
||||||
nonce_len = lib->settings->get_int(lib->settings,
|
nonce_len = lib->settings->get_int(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.nonce_len",
|
"%s.plugins.imc-attestation.nonce_len",
|
||||||
DEFAULT_NONCE_LEN);
|
DEFAULT_NONCE_LEN, lib->ns);
|
||||||
if (nonce_len != initiator_nonce.len)
|
if (nonce_len != initiator_nonce.len)
|
||||||
{
|
{
|
||||||
DBG1(DBG_IMC, "initiator and responder DH nonces "
|
DBG1(DBG_IMC, "initiator and responder DH nonces "
|
||||||
|
@ -428,7 +428,8 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, imc_msg_t *msg,
|
||||||
}
|
}
|
||||||
|
|
||||||
use_quote2 = lib->settings->get_bool(lib->settings,
|
use_quote2 = lib->settings->get_bool(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.use_quote2", TRUE);
|
"%s.plugins.imc-attestation.use_quote2", TRUE,
|
||||||
|
lib->ns);
|
||||||
if (!pts->quote_tpm(pts, use_quote2, &pcr_composite, "e_sig))
|
if (!pts->quote_tpm(pts, use_quote2, &pcr_composite, "e_sig))
|
||||||
{
|
{
|
||||||
DBG1(DBG_IMC, "error occurred during TPM quote operation");
|
DBG1(DBG_IMC, "error occurred during TPM quote operation");
|
||||||
|
|
|
@ -181,8 +181,8 @@ static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg)
|
||||||
full_tags = (flags & TCG_SWID_ATTR_REQ_FLAG_R) == 0;
|
full_tags = (flags & TCG_SWID_ATTR_REQ_FLAG_R) == 0;
|
||||||
|
|
||||||
swid_directory = lib->settings->get_str(lib->settings,
|
swid_directory = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-swid.swid_directory",
|
"%s.plugins.imc-swid.swid_directory",
|
||||||
SWID_DIRECTORY);
|
SWID_DIRECTORY, lib->ns);
|
||||||
swid_inventory = swid_inventory_create(full_tags);
|
swid_inventory = swid_inventory_create(full_tags);
|
||||||
if (!swid_inventory->collect(swid_inventory, swid_directory, targets))
|
if (!swid_inventory->collect(swid_inventory, swid_directory, targets))
|
||||||
{
|
{
|
||||||
|
|
|
@ -712,11 +712,11 @@ imv_agent_if_t *imv_attestation_agent_create(const char *name, TNC_IMVID id,
|
||||||
}
|
}
|
||||||
|
|
||||||
hash_alg = lib->settings->get_str(lib->settings,
|
hash_alg = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imv-attestation.hash_algorithm", "sha256");
|
"%s.plugins.imv-attestation.hash_algorithm", "sha256", lib->ns);
|
||||||
dh_group = lib->settings->get_str(lib->settings,
|
dh_group = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imv-attestation.dh_group", "ecp256");
|
"%s.plugins.imv-attestation.dh_group", "ecp256", lib->ns);
|
||||||
cadir = lib->settings->get_str(lib->settings,
|
cadir = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imv-attestation.cadir", NULL);
|
"%s.plugins.imv-attestation.cadir", NULL, lib->ns);
|
||||||
|
|
||||||
INIT(this,
|
INIT(this,
|
||||||
.public = {
|
.public = {
|
||||||
|
|
|
@ -47,7 +47,7 @@ bool imv_attestation_build(imv_msg_t *out_msg, imv_state_t *state,
|
||||||
|
|
||||||
/* Send DH nonce parameters request attribute */
|
/* Send DH nonce parameters request attribute */
|
||||||
min_nonce_len = lib->settings->get_int(lib->settings,
|
min_nonce_len = lib->settings->get_int(lib->settings,
|
||||||
"libimcv.plugins.imv-attestation.min_nonce_len", 0);
|
"%s.plugins.imv-attestation.min_nonce_len", 0, lib->ns);
|
||||||
attr = tcg_pts_attr_dh_nonce_params_req_create(min_nonce_len,
|
attr = tcg_pts_attr_dh_nonce_params_req_create(min_nonce_len,
|
||||||
supported_dh_groups);
|
supported_dh_groups);
|
||||||
attr->set_noskip_flag(attr, TRUE);
|
attr->set_noskip_flag(attr, TRUE);
|
||||||
|
|
|
@ -93,7 +93,7 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg,
|
||||||
|
|
||||||
/* check compliance of responder nonce length */
|
/* check compliance of responder nonce length */
|
||||||
min_nonce_len = lib->settings->get_int(lib->settings,
|
min_nonce_len = lib->settings->get_int(lib->settings,
|
||||||
"libimcv.plugins.imv-attestation.min_nonce_len", 0);
|
"%s.plugins.imv-attestation.min_nonce_len", 0, lib->ns);
|
||||||
nonce_len = responder_nonce.len;
|
nonce_len = responder_nonce.len;
|
||||||
if (nonce_len < PTS_MIN_NONCE_LEN ||
|
if (nonce_len < PTS_MIN_NONCE_LEN ||
|
||||||
(min_nonce_len > 0 && nonce_len < min_nonce_len))
|
(min_nonce_len > 0 && nonce_len < min_nonce_len))
|
||||||
|
|
|
@ -951,7 +951,7 @@ pts_component_t *pts_ita_comp_ima_create(u_int32_t depth,
|
||||||
.bios_list = linked_list_create(),
|
.bios_list = linked_list_create(),
|
||||||
.ima_list = linked_list_create(),
|
.ima_list = linked_list_create(),
|
||||||
.pcr_info = lib->settings->get_bool(lib->settings,
|
.pcr_info = lib->settings->get_bool(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.pcr_info", TRUE),
|
"%s.plugins.imc-attestation.pcr_info", TRUE, lib->ns),
|
||||||
.ref = 1,
|
.ref = 1,
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
|
@ -130,21 +130,21 @@ METHOD(pts_component_t, measure, status_t,
|
||||||
/* dummy data since currently the TBOOT log is not retrieved */
|
/* dummy data since currently the TBOOT log is not retrieved */
|
||||||
time(&this->measurement_time);
|
time(&this->measurement_time);
|
||||||
meas_hex = lib->settings->get_str(lib->settings,
|
meas_hex = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.pcr17_meas", NULL);
|
"%s.plugins.imc-attestation.pcr17_meas", NULL, lib->ns);
|
||||||
pcr_before_hex = lib->settings->get_str(lib->settings,
|
pcr_before_hex = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.pcr17_before", NULL);
|
"%s.plugins.imc-attestation.pcr17_before", NULL, lib->ns);
|
||||||
pcr_after_hex = lib->settings->get_str(lib->settings,
|
pcr_after_hex = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.pcr17_after", NULL);
|
"%s.plugins.imc-attestation.pcr17_after", NULL, lib->ns);
|
||||||
extended_pcr = PCR_TBOOT_POLICY;
|
extended_pcr = PCR_TBOOT_POLICY;
|
||||||
break;
|
break;
|
||||||
case 1:
|
case 1:
|
||||||
/* dummy data since currently the TBOOT log is not retrieved */
|
/* dummy data since currently the TBOOT log is not retrieved */
|
||||||
meas_hex = lib->settings->get_str(lib->settings,
|
meas_hex = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.pcr18_meas", NULL);
|
"%s.plugins.imc-attestation.pcr18_meas", NULL, lib->ns);
|
||||||
pcr_before_hex = lib->settings->get_str(lib->settings,
|
pcr_before_hex = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.pcr18_before", NULL);
|
"%s.plugins.imc-attestation.pcr18_before", NULL, lib->ns);
|
||||||
pcr_after_hex = lib->settings->get_str(lib->settings,
|
pcr_after_hex = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.pcr18_after", NULL);
|
"%s.plugins.imc-attestation.pcr18_after", NULL, lib->ns);
|
||||||
extended_pcr = PCR_TBOOT_MLE;
|
extended_pcr = PCR_TBOOT_MLE;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
|
|
@ -377,7 +377,7 @@ static void load_aik_blob(private_pts_t *this)
|
||||||
u_int32_t aikBlobLen;
|
u_int32_t aikBlobLen;
|
||||||
|
|
||||||
blob_path = lib->settings->get_str(lib->settings,
|
blob_path = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.aik_blob", NULL);
|
"%s.plugins.imc-attestation.aik_blob", NULL, lib->ns);
|
||||||
|
|
||||||
if (blob_path)
|
if (blob_path)
|
||||||
{
|
{
|
||||||
|
@ -418,9 +418,9 @@ static void load_aik(private_pts_t *this)
|
||||||
char *cert_path, *key_path;
|
char *cert_path, *key_path;
|
||||||
|
|
||||||
cert_path = lib->settings->get_str(lib->settings,
|
cert_path = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.aik_cert", NULL);
|
"%s.plugins.imc-attestation.aik_cert", NULL, lib->ns);
|
||||||
key_path = lib->settings->get_str(lib->settings,
|
key_path = lib->settings->get_str(lib->settings,
|
||||||
"libimcv.plugins.imc-attestation.aik_key", NULL);
|
"%s.plugins.imc-attestation.aik_key", NULL, lib->ns);
|
||||||
|
|
||||||
if (cert_path)
|
if (cert_path)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue