ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

finished refactoring functional components

This commit is contained in:
Andreas Steffen 2011-11-19 01:56:05 +01:00
parent 2efc03758d
commit a1ac4d5e01
16 changed files with 264 additions and 241 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
src/libimcv/plugins/imc_attestation/imc_attestation_process.c
View File

@ -33,7 +33,7 @@
#include <tcg/tcg_pts_attr_tpm_version_info.h>
#include <tcg/tcg_pts_attr_get_aik.h>
#include <tcg/tcg_pts_attr_aik.h>
#include <tcg/tcg_pts_attr_req_funct_comp_evid.h>
#include <tcg/tcg_pts_attr_req_func_comp_evid.h>
#include <tcg/tcg_pts_attr_gen_attest_evid.h>
#include <tcg/tcg_pts_attr_simple_comp_evid.h>
#include <tcg/tcg_pts_attr_simple_evid_final.h>
@ -436,37 +436,29 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
break;
}
case TCG_PTS_REQ_FUNCT_COMP_EVID:
case TCG_PTS_REQ_FUNC_COMP_EVID:
{
tcg_pts_attr_req_funct_comp_evid_t *attr_cast;
tcg_pts_attr_req_func_comp_evid_t *attr_cast;
pts_proto_caps_flag_t negotiated_caps;
enumerator_t *e;
pts_funct_comp_evid_req_t *requests;
funct_comp_evid_req_entry_t *entry;
u_int32_t requests_count;
pts_attr_req_funct_comp_evid_flag_t flags;
u_int32_t sub_comp_depth;
pts_comp_func_name_t *name;
u_int32_t depth;
u_int8_t flags;
enumerator_t *e;
attr_info = attr->get_value(attr);
attr_cast = (tcg_pts_attr_req_funct_comp_evid_t*)attr;
requests = attr_cast->get_requests(attr_cast);
requests_count = requests->get_req_count(requests);
attr_cast = (tcg_pts_attr_req_func_comp_evid_t*)attr;
DBG1(DBG_IMC, "IMV requests evidence%s for: %d functional components",
(requests_count == 1) ? "":"s", requests_count);
DBG1(DBG_IMC, "IMV requests evidence for %d functional components",
attr_cast->get_count(attr_cast));
e = requests->create_enumerator(requests);
while (e->enumerate(e, &entry))
e = attr_cast->create_enumerator(attr_cast);
while (e->enumerate(e, &flags, &depth, &name))
{
flags = entry->flags;
sub_comp_depth = entry->sub_comp_depth;
name = entry->name->clone(entry->name);
negotiated_caps = pts->get_proto_caps(pts);
DBG1(DBG_IMC, "Requested Evidence flags: %d, depth: %d,"
" vendor_id: %d, qualifier %d, name: %d",
flags, sub_comp_depth, name->get_vendor_id(name),
flags, depth, name->get_vendor_id(name),
name->get_qualifier(name), name->get_name(name));
if (flags & PTS_REQ_FUNC_COMP_FLAG_TTC)
@ -500,7 +492,7 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
attr_list->insert_last(attr_list, attr);
break;
}
if (sub_comp_depth != 0)
if (depth != 0)
{
DBG1(DBG_IMC, "current version of Attestation IMC does not "
"support sub component measurement deeper than "
@ -513,14 +505,6 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
"only functional component namings by ITA");
return FALSE;
}
/* Check Family */
if (name->get_qualifier(name) & PTS_REQ_FUNCT_COMP_FAMILY_MASK)
{
attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
TCG_PTS_INVALID_NAME_FAM, attr_info);
attr_list->insert_last(attr_list, attr);
break;
}
/* Check if Unknown or Wildcard was set for qualifier */
if (name->get_qualifier(name) & PTS_QUALIFIER_WILDCARD)

6
src/libimcv/plugins/imv_attestation/imv_attestation.c
View File

@ -556,10 +556,10 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
attestation_state->get_file_meas_request_count(attestation_state));
attestation_state->set_measurement_error(attestation_state);
}
if (attestation_state->get_comp_evid_request_count(attestation_state))
if (attestation_state->get_component_count(attestation_state))
{
DBG1(DBG_IMV, "failure due to %d pending simple component evidences",
attestation_state->get_comp_evid_request_count(attestation_state));
DBG1(DBG_IMV, "failure due to %d components waiting for evidence",
attestation_state->get_component_count(attestation_state));
attestation_state->set_measurement_error(attestation_state);
}
if (attestation_state->get_measurement_error(attestation_state))

56
src/libimcv/plugins/imv_attestation/imv_attestation_build.c
View File

@ -23,7 +23,7 @@
#include <tcg/tcg_pts_attr_dh_nonce_finish.h>
#include <tcg/tcg_pts_attr_get_tpm_version_info.h>
#include <tcg/tcg_pts_attr_get_aik.h>
#include <tcg/tcg_pts_attr_req_funct_comp_evid.h>
#include <tcg/tcg_pts_attr_req_func_comp_evid.h>
#include <tcg/tcg_pts_attr_gen_attest_evid.h>
#include <tcg/tcg_pts_attr_req_file_meas.h>
#include <tcg/tcg_pts_attr_req_file_meta.h>
@ -38,7 +38,7 @@ bool imv_attestation_build(pa_tnc_msg_t *msg,
{
imv_attestation_handshake_state_t handshake_state;
pts_t *pts;
pa_tnc_attr_t *attr;
pa_tnc_attr_t *attr = NULL;
handshake_state = attestation_state->get_handshake_state(attestation_state);
pts = attestation_state->get_pts(attestation_state);
@ -208,11 +208,11 @@ bool imv_attestation_build(pa_tnc_msg_t *msg,
}
case IMV_ATTESTATION_STATE_COMP_EVID:
{
tcg_pts_attr_req_func_comp_evid_t *attr_cast;
enumerator_t *enumerator;
char flags[8];
char *platform_info;
pts_funct_comp_evid_req_t *requests = NULL;
funct_comp_evid_req_entry_t *entry;
char flags[8], *platform_info;
pts_component_t *comp;
pts_comp_func_name_t *comp_name;
int vid, name, qualifier, type;
enum_name_t *names, *types;
bool first = TRUE;
@ -230,8 +230,6 @@ bool imv_attestation_build(pa_tnc_msg_t *msg,
(platform_info) ? "" : "platform info");
break;
}
DBG1(DBG_IMV, "platform is '%s'", platform_info);
enumerator = pts_db->create_comp_evid_enumerator(pts_db, platform_info);
if (!enumerator)
@ -240,17 +238,14 @@ bool imv_attestation_build(pa_tnc_msg_t *msg,
}
while (enumerator->enumerate(enumerator, &vid, &name, &qualifier))
{
entry = malloc_thing(funct_comp_evid_req_entry_t);
entry->flags = PTS_REQ_FUNC_COMP_FLAG_PCR;
entry->sub_comp_depth = 0;
entry->name = pts_comp_func_name_create(vid, name, qualifier);
comp_name = pts_comp_func_name_create(vid, name, qualifier);
names = pts_components->get_comp_func_names(pts_components, vid);
types = pts_components->get_qualifier_type_names(pts_components, vid);
if (names && types)
{
type = pts_components->get_qualifier(pts_components,
entry->name, &flags);
comp_name, flags);
DBG2(DBG_TNC, "%N component evidence request '%N' [%s] '%N'",
pen_names, vid, names, name, flags, types, type);
}
@ -259,27 +254,36 @@ bool imv_attestation_build(pa_tnc_msg_t *msg,
DBG2(DBG_TNC, "0x%06x component evidence request 0x%08x 0x%02x",
vid, name, qualifier);
}
comp = pts_components->create(pts_components, comp_name);
if (!comp)
{
DBG2(DBG_TNC, " functional component not registered");
comp_name->destroy(comp_name);
continue;
}
attestation_state->add_component(attestation_state, comp);
if (first)
{
/* Create a requests object */
requests = pts_funct_comp_evid_req_create();
attr = tcg_pts_attr_req_func_comp_evid_create();
attr->set_noskip_flag(attr, TRUE);
first = FALSE;
}
requests->add(requests, entry);
attestation_state->add_comp_evid_request(attestation_state, entry);
attr_cast = (tcg_pts_attr_req_func_comp_evid_t *)attr;
attr_cast->add_component(attr, comp->get_evidence_flags(comp),
0, comp_name);
}
enumerator->destroy(enumerator);
/* Send Request Functional Component Evidence attribute */
attr = tcg_pts_attr_req_funct_comp_evid_create(requests);
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
if (attr)
{
/* Send Request Functional Component Evidence attribute */
msg->add_attribute(msg, attr);
/* Send Generate Attestation Evidence attribute */
attr = tcg_pts_attr_gen_attest_evid_create();
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
/* Send Generate Attestation Evidence attribute */
attr = tcg_pts_attr_gen_attest_evid_create();
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
}
break;
}
default:

10
src/libimcv/plugins/imv_attestation/imv_attestation_process.c
View File

@ -268,6 +268,7 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
u_int32_t depth, extended_pcr;
u_int8_t measurement_type;
pts_comp_func_name_t *name;
pts_component_t *component;
pts_meas_algorithms_t hash_algorithm;
pts_pcr_transform_t transformation;
chunk_t measurement_time, policy_uri;
@ -317,12 +318,15 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
return FALSE;
}
if (!attestation_state->check_off_comp_evid_request(
attestation_state, name))
component = attestation_state->check_off_component(attestation_state,
name);
if (!component)
{
DBG1(DBG_IMV, " no entry found for component evidence request");
break;
}
component->verify(component);
component->destroy(component);
measurement_type = attr_cast->get_measurement_type(attr_cast);
hash_algorithm = attr_cast->get_hash_algorithm(attr_cast);
@ -508,7 +512,7 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
case TCG_PTS_REQ_TEMPL_REF_MANI_SET_META:
case TCG_PTS_UPDATE_TEMPL_REF_MANI:
case TCG_PTS_GET_AIK:
case TCG_PTS_REQ_FUNCT_COMP_EVID:
case TCG_PTS_REQ_FUNC_COMP_EVID:
case TCG_PTS_GEN_ATTEST_EVID:
case TCG_PTS_REQ_FILE_META:
case TCG_PTS_REQ_FILE_MEAS:

44
src/libimcv/plugins/imv_attestation/imv_attestation_state.c
View File

@ -77,9 +77,9 @@ struct private_imv_attestation_state_t {
linked_list_t *file_meas_requests;
/**
* List of Functional Component Evidence requests
* List of Functional Components
*/
linked_list_t *comp_evid_requests;
linked_list_t *components;
/**
* PTS object
@ -191,7 +191,8 @@ METHOD(imv_state_t, destroy, void,
private_imv_attestation_state_t *this)
{
this->file_meas_requests->destroy_function(this->file_meas_requests, free);
this->comp_evid_requests->destroy_function(this->comp_evid_requests, free);
this->components->destroy_offset(this->components,
offsetof(pts_component_t, destroy));
this->pts->destroy(this->pts);
free(this);
}
@ -260,30 +261,25 @@ METHOD(imv_attestation_state_t, get_file_meas_request_count, int,
return this->file_meas_requests->get_count(this->file_meas_requests);
}
METHOD(imv_attestation_state_t, add_comp_evid_request, void,
private_imv_attestation_state_t *this, funct_comp_evid_req_entry_t *entry)
METHOD(imv_attestation_state_t, add_component, void,
private_imv_attestation_state_t *this, pts_component_t *entry)
{
pts_comp_func_name_t *request;
request = entry->name->clone(entry->name);
this->comp_evid_requests->insert_last(this->comp_evid_requests, request);
this->components->insert_last(this->components, entry);
}
METHOD(imv_attestation_state_t, check_off_comp_evid_request, bool,
METHOD(imv_attestation_state_t, check_off_component, pts_component_t*,
private_imv_attestation_state_t *this, pts_comp_func_name_t *name)
{
enumerator_t *enumerator;
pts_comp_func_name_t *request;
bool found = FALSE;
pts_component_t *entry, *found = NULL;
enumerator = this->comp_evid_requests->create_enumerator(this->comp_evid_requests);
while (enumerator->enumerate(enumerator, &request))
enumerator = this->components->create_enumerator(this->components);
while (enumerator->enumerate(enumerator, &entry))
{
if (name->equals(name, request))
if (name->equals(name, entry->get_comp_func_name(entry)))
{
found = TRUE;
this->comp_evid_requests->remove_at(this->comp_evid_requests, enumerator);
free(request);
found = entry;
this->components->remove_at(this->components, enumerator);
break;
}
}
@ -291,10 +287,10 @@ METHOD(imv_attestation_state_t, check_off_comp_evid_request, bool,
return found;
}
METHOD(imv_attestation_state_t, get_comp_evid_request_count, int,
METHOD(imv_attestation_state_t, get_component_count, int,
private_imv_attestation_state_t *this)
{
return this->comp_evid_requests->get_count(this->comp_evid_requests);
return this->components->get_count(this->components);
}
METHOD(imv_attestation_state_t, get_measurement_error, bool,
@ -333,9 +329,9 @@ imv_state_t *imv_attestation_state_create(TNC_ConnectionID connection_id)
.add_file_meas_request = _add_file_meas_request,
.check_off_file_meas_request = _check_off_file_meas_request,
.get_file_meas_request_count = _get_file_meas_request_count,
.add_comp_evid_request = _add_comp_evid_request,
.check_off_comp_evid_request = _check_off_comp_evid_request,
.get_comp_evid_request_count = _get_comp_evid_request_count,
.add_component = _add_component,
.check_off_component = _check_off_component,
.get_component_count = _get_component_count,
.get_measurement_error = _get_measurement_error,
.set_measurement_error = _set_measurement_error,
},
@ -345,7 +341,7 @@ imv_state_t *imv_attestation_state_create(TNC_ConnectionID connection_id)
.rec = TNC_IMV_ACTION_RECOMMENDATION_NO_RECOMMENDATION,
.eval = TNC_IMV_EVALUATION_RESULT_DONT_KNOW,
.file_meas_requests = linked_list_create(),
.comp_evid_requests = linked_list_create(),
.components = linked_list_create(),
.pts = pts_create(FALSE),
);

21
src/libimcv/plugins/imv_attestation/imv_attestation_state.h
View File

@ -103,28 +103,27 @@ struct imv_attestation_state_t {
u_int16_t id, int *file_id, bool *is_dir);
/**
* Add an entry to the list of pending Function Component Evidences
* Add an entry to the list of Functional Components waiting for evidence
*
* @param entry Functional Component Evidence Request
* @param entry Functional Component
*/
void (*add_comp_evid_request)(imv_attestation_state_t *this,
funct_comp_evid_req_entry_t *entry);
void (*add_component)(imv_attestation_state_t *this, pts_component_t *entry);
/**
* Returns the number of pending Function Component Evidences
* Returns the number of Functional Component waiting for evidence
*
* @return Number of pending evidences
* @return Number of waiting Functional Components
*/
int (*get_comp_evid_request_count)(imv_attestation_state_t *this);
int (*get_component_count)(imv_attestation_state_t *this);
/**
* Check for presence of Component Evidence Request and remove if exists
* Check for presence of Functional Component and remove and return it
*
* @param name Name of the requested Functional Component
* @return TRUE if component request found, FALSE otherwise
* @return Functional Component if found, NULL otherwise
*/
bool (*check_off_comp_evid_request)(imv_attestation_state_t *this,
pts_comp_func_name_t *name);
pts_component_t* (*check_off_component)(imv_attestation_state_t *this,
pts_comp_func_name_t *name);
/**
* Indicates if a file measurement error occurred

4
src/libpts/Makefile.am
View File

@ -10,7 +10,7 @@ libpts_la_SOURCES = \
pts/pts.h pts/pts.c \
pts/pts_error.h pts/pts_error.c \
pts/pts_proto_caps.h \
pts/pts_funct_comp_evid_req.h pts/pts_funct_comp_evid_req.c \
pts/pts_func_comp_evid_req.h \
pts/pts_creds.h pts/pts_creds.c \
pts/pts_database.h pts/pts_database.c \
pts/pts_dh_group.h pts/pts_dh_group.c \
@ -35,7 +35,7 @@ libpts_la_SOURCES = \
tcg/tcg_pts_attr_tpm_version_info.h tcg/tcg_pts_attr_tpm_version_info.c \
tcg/tcg_pts_attr_get_aik.h tcg/tcg_pts_attr_get_aik.c \
tcg/tcg_pts_attr_aik.h tcg/tcg_pts_attr_aik.c \
tcg/tcg_pts_attr_req_funct_comp_evid.h tcg/tcg_pts_attr_req_funct_comp_evid.c \
tcg/tcg_pts_attr_req_func_comp_evid.h tcg/tcg_pts_attr_req_func_comp_evid.c \
tcg/tcg_pts_attr_gen_attest_evid.h tcg/tcg_pts_attr_gen_attest_evid.c \
tcg/tcg_pts_attr_simple_comp_evid.h tcg/tcg_pts_attr_simple_comp_evid.c \
tcg/tcg_pts_attr_simple_evid_final.h tcg/tcg_pts_attr_simple_evid_final.c \

8
src/libpts/pts/components/ita/ita_comp_tboot.c
View File

@ -17,6 +17,7 @@
#include "ita_comp_tboot.h"
#include "ita_comp_func_name.h"
#include "pts/pts_func_comp_evid_req.h"
#include "pts/components/pts_component.h"
#include <debug.h>
@ -47,6 +48,12 @@ METHOD(pts_component_t, get_comp_func_name, pts_comp_func_name_t*,
return this->name;
}
METHOD(pts_component_t, get_evidence_flags, u_int8_t,
pts_ita_comp_tboot_t *this)
{
return PTS_REQ_FUNC_COMP_FLAG_PCR;
}
METHOD(pts_component_t, measure, bool,
pts_ita_comp_tboot_t *this)
{
@ -78,6 +85,7 @@ pts_component_t *pts_ita_comp_tboot_create(u_int8_t qualifier)
INIT(this,
.public = {
.get_comp_func_name = _get_comp_func_name,
.get_evidence_flags = _get_evidence_flags,
.measure = _measure,
.verify = _verify,
.destroy = _destroy,

8
src/libpts/pts/components/ita/ita_comp_tgrub.c
View File

@ -17,6 +17,7 @@
#include "ita_comp_tgrub.h"
#include "ita_comp_func_name.h"
#include "pts/pts_func_comp_evid_req.h"
#include "pts/components/pts_component.h"
#include <debug.h>
@ -47,6 +48,12 @@ METHOD(pts_component_t, get_comp_func_name, pts_comp_func_name_t*,
return this->name;
}
METHOD(pts_component_t, get_evidence_flags, u_int8_t,
pts_ita_comp_tgrub_t *this)
{
return PTS_REQ_FUNC_COMP_FLAG_PCR;
}
METHOD(pts_component_t, measure, bool,
pts_ita_comp_tgrub_t *this)
{
@ -78,6 +85,7 @@ pts_component_t *pts_ita_comp_tgrub_create(u_int8_t qualifier)
INIT(this,
.public = {
.get_comp_func_name = _get_comp_func_name,
.get_evidence_flags = _get_evidence_flags,
.measure = _measure,
.verify = _verify,
.destroy = _destroy,

7
src/libpts/pts/components/pts_component.h
View File

@ -39,6 +39,13 @@ struct pts_component_t {
*/
pts_comp_func_name_t* (*get_comp_func_name)(pts_component_t *this);
/**
* Get the PTS Component Evidence Flags
*
* @return PTS Component Functional Name
*/
u_int8_t (*get_evidence_flags)(pts_component_t *this);
/**
* Do measurements on the PTS Functional Component
*

2
src/libpts/pts/pts.h
View File

@ -30,7 +30,7 @@ typedef struct pcr_entry_t pcr_entry_t;
#include "pts_file_meas.h"
#include "pts_file_meta.h"
#include "pts_dh_group.h"
#include "pts_funct_comp_evid_req.h"
#include "pts_func_comp_evid_req.h"
#include "components/pts_comp_func_name.h"
#include "components/tcg/tcg_comp_func_name.h"
#include "components/ita/ita_comp_func_name.h"

69
src/libpts/pts/pts_func_comp_evid_req.h
View File

@ -14,23 +14,17 @@
*/
/**
* @defgroup pts_funct_comp_evid_req pts_funct_comp_evid_req
* @defgroup pts_func_comp_evid_req pts_func_comp_evid_req
* @{ @ingroup pts
*/
#ifndef PTS_FUNCT_COMP_EVID_REQ_H_
#define PTS_FUNCT_COMP_EVID_REQ_H_
#ifndef PTS_FUNC_COMP_EVID_REQ_H_
#define PTS_FUNC_COMP_EVID_REQ_H_
typedef struct pts_funct_comp_evid_req_t pts_funct_comp_evid_req_t;
typedef enum pts_attr_req_funct_comp_evid_flag_t pts_attr_req_funct_comp_evid_flag_t;
typedef struct funct_comp_evid_req_entry_t funct_comp_evid_req_entry_t;
#include "pts/components/pts_comp_func_name.h"
typedef enum pts_attr_req_func_comp_evid_flag_t pts_attr_req_func_comp_evid_flag_t;
#include <library.h>
#define PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM 0x00
/**
* PTS Request Functional Component Evidence Flags
*/
@ -38,60 +32,11 @@ enum pts_attr_req_funct_comp_evid_flag_t {
/** Transitive Trust Chain flag */
PTS_REQ_FUNC_COMP_FLAG_TTC = (1<<7),
/** Verify Component flag */
PTS_REQ_FUNC_COMP_FLAG_VER = (1<<6),
PTS_REQ_FUNC_COMP_FLAG_VER = (1<<6),
/** Current Evidence flag */
PTS_REQ_FUNC_COMP_FLAG_CURR = (1<<5),
PTS_REQ_FUNC_COMP_FLAG_CURR = (1<<5),
/** PCR Information flag */
PTS_REQ_FUNC_COMP_FLAG_PCR = (1<<4),
PTS_REQ_FUNC_COMP_FLAG_PCR = (1<<4),
};
/**
* PTS Functional Component Evidence Request entry
*/
struct funct_comp_evid_req_entry_t {
pts_attr_req_funct_comp_evid_flag_t flags;
u_int32_t sub_comp_depth;
pts_comp_func_name_t *name;
};
/**
* Class storing PTS Functional Component Evidence Request
*/
struct pts_funct_comp_evid_req_t {
/**
* Get the number of requested components
*
* @return Number of requested components
*/
int (*get_req_count)(pts_funct_comp_evid_req_t *this);
/**
* Add a PTS File Measurement
*
* @param entry PTS Functional Component Evidence Request entry
*/
void (*add)(pts_funct_comp_evid_req_t *this,
funct_comp_evid_req_entry_t *entry);
/**
* Create a PTS Functional Component Evidence Request enumerator
*
* @return Enumerator returning flags, sub-component depth and
* functional component name
*/
enumerator_t* (*create_enumerator)(pts_funct_comp_evid_req_t *this);
/**
* Destroys a pts_funct_comp_evid_req_t object.
*/
void (*destroy)(pts_funct_comp_evid_req_t *this);
};
/**
* Creates a pts_funct_comp_evid_req_t object
*/
pts_funct_comp_evid_req_t* pts_funct_comp_evid_req_create();
#endif /** PTS_FUNCT_COMP_EVID_REQ_H_ @}*/

12
src/libpts/tcg/tcg_attr.c
View File

@ -22,7 +22,7 @@
#include "tcg/tcg_pts_attr_tpm_version_info.h"
#include "tcg/tcg_pts_attr_get_aik.h"
#include "tcg/tcg_pts_attr_aik.h"
#include "tcg/tcg_pts_attr_req_funct_comp_evid.h"
#include "tcg/tcg_pts_attr_req_func_comp_evid.h"
#include "tcg/tcg_pts_attr_gen_attest_evid.h"
#include "tcg/tcg_pts_attr_simple_comp_evid.h"
#include "tcg/tcg_pts_attr_simple_evid_final.h"
@ -31,12 +31,12 @@
#include "tcg/tcg_pts_attr_req_file_meta.h"
#include "tcg/tcg_pts_attr_unix_file_meta.h"
ENUM_BEGIN(tcg_attr_names, TCG_PTS_REQ_FUNCT_COMP_EVID,
TCG_PTS_REQ_FUNCT_COMP_EVID,
ENUM_BEGIN(tcg_attr_names, TCG_PTS_REQ_FUNC_COMP_EVID,
TCG_PTS_REQ_FUNC_COMP_EVID,
"Request Functional Component Evidence");
ENUM_NEXT(tcg_attr_names, TCG_PTS_GEN_ATTEST_EVID,
TCG_PTS_GEN_ATTEST_EVID,
TCG_PTS_REQ_FUNCT_COMP_EVID,
TCG_PTS_REQ_FUNC_COMP_EVID,
"Generate Attestation Evidence");
ENUM_NEXT(tcg_attr_names, TCG_PTS_SIMPLE_COMP_EVID,
TCG_PTS_SIMPLE_COMP_EVID,
@ -177,8 +177,8 @@ pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, chunk_t value)
return tcg_pts_attr_get_aik_create_from_data(value);
case TCG_PTS_AIK:
return tcg_pts_attr_aik_create_from_data(value);
case TCG_PTS_REQ_FUNCT_COMP_EVID:
return tcg_pts_attr_req_funct_comp_evid_create_from_data(value);
case TCG_PTS_REQ_FUNC_COMP_EVID:
return tcg_pts_attr_req_func_comp_evid_create_from_data(value);
case TCG_PTS_GEN_ATTEST_EVID:
return tcg_pts_attr_gen_attest_evid_create_from_data(value);
case TCG_PTS_SIMPLE_COMP_EVID:

2
src/libpts/tcg/tcg_attr.h
View File

@ -48,7 +48,7 @@ enum tcg_attr_t {
TCG_PTS_AIK = 0x0E000000,
/* PTS-based Attestation Evidence */
TCG_PTS_REQ_FUNCT_COMP_EVID = 0x00100000,
TCG_PTS_REQ_FUNC_COMP_EVID = 0x00100000,
TCG_PTS_GEN_ATTEST_EVID = 0x00200000,
TCG_PTS_SIMPLE_COMP_EVID = 0x00300000,
TCG_PTS_SIMPLE_EVID_FINAL = 0x00400000,

163
src/libpts/tcg/tcg_pts_attr_req_func_comp_evid.c
View File

@ -13,14 +13,15 @@
* for more details.
*/
#include "tcg_pts_attr_req_funct_comp_evid.h"
#include "tcg_pts_attr_req_func_comp_evid.h"
#include <pa_tnc/pa_tnc_msg.h>
#include <bio/bio_writer.h>
#include <bio/bio_reader.h>
#include <utils/linked_list.h>
#include <debug.h>
typedef struct private_tcg_pts_attr_req_funct_comp_evid_t private_tcg_pts_attr_req_funct_comp_evid_t;
typedef struct private_tcg_pts_attr_req_func_comp_evid_t private_tcg_pts_attr_req_func_comp_evid_t;
/**
* Request Functional Component Evidence
@ -58,17 +59,18 @@ typedef struct private_tcg_pts_attr_req_funct_comp_evid_t private_tcg_pts_attr_r
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
#define PTS_REQ_FUNCT_COMP_EVID_SIZE 12
#define PTS_REQ_FUNC_COMP_EVID_SIZE 12
#define PTS_REQ_FUNC_COMP_FAMILY_MASK 0xC0
/**
* Private data of an tcg_pts_attr_req_funct_comp_evid_t object.
* Private data of an tcg_pts_attr_req_func_comp_evid_t object.
*/
struct private_tcg_pts_attr_req_funct_comp_evid_t {
struct private_tcg_pts_attr_req_func_comp_evid_t {
/**
* Public members of tcg_pts_attr_req_funct_comp_evid_t
* Public members of tcg_pts_attr_req_func_comp_evid_t
*/
tcg_pts_attr_req_funct_comp_evid_t public;
tcg_pts_attr_req_func_comp_evid_t public;
/**
* Attribute vendor ID
@ -91,55 +93,92 @@ struct private_tcg_pts_attr_req_funct_comp_evid_t {
bool noskip_flag;
/**
* PTS Functional Component Evidence Requests
* List of Functional Components
*/
pts_funct_comp_evid_req_t *requests;
linked_list_t *list;
};
typedef struct entry_t entry_t;
/**
* Functional component entry
*/
struct entry_t {
u_int8_t flags;
u_int32_t depth;
pts_comp_func_name_t *name;
};
/**
* Enumerate functional component entries
*/
static bool entry_filter(void *null, entry_t **entry, u_int8_t *flags,
void *i2, u_int32_t *depth, void *i3,
pts_comp_func_name_t **name)
{
*flags = (*entry)->flags;
*depth = (*entry)->depth;
*name = (*entry)->name;
return TRUE;
}
/**
* Free an entry_t object
*/
static void free_entry(entry_t *this)
{
if (this)
{
this->name->destroy(this->name);
free(this);
}
}
METHOD(pa_tnc_attr_t, get_vendor_id, pen_t,
private_tcg_pts_attr_req_funct_comp_evid_t *this)
private_tcg_pts_attr_req_func_comp_evid_t *this)
{
return this->vendor_id;
}
METHOD(pa_tnc_attr_t, get_type, u_int32_t,
private_tcg_pts_attr_req_funct_comp_evid_t *this)
private_tcg_pts_attr_req_func_comp_evid_t *this)
{
return this->type;
}
METHOD(pa_tnc_attr_t, get_value, chunk_t,
private_tcg_pts_attr_req_funct_comp_evid_t *this)
private_tcg_pts_attr_req_func_comp_evid_t *this)
{
return this->value;
}
METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
private_tcg_pts_attr_req_funct_comp_evid_t *this)
private_tcg_pts_attr_req_func_comp_evid_t *this)
{
return this->noskip_flag;
}
METHOD(pa_tnc_attr_t, set_noskip_flag,void,
private_tcg_pts_attr_req_funct_comp_evid_t *this, bool noskip)
private_tcg_pts_attr_req_func_comp_evid_t *this, bool noskip)
{
this->noskip_flag = noskip;
}
METHOD(pa_tnc_attr_t, build, void,
private_tcg_pts_attr_req_funct_comp_evid_t *this)
private_tcg_pts_attr_req_func_comp_evid_t *this)
{
bio_writer_t *writer;
enumerator_t *enumerator;
funct_comp_evid_req_entry_t *entry;
entry_t *entry;
writer = bio_writer_create(PTS_REQ_FUNCT_COMP_EVID_SIZE);
writer = bio_writer_create(PTS_REQ_FUNC_COMP_EVID_SIZE);
enumerator = this->requests->create_enumerator(this->requests);
enumerator = this->list->create_enumerator(this->list);
while (enumerator->enumerate(enumerator, &entry))
{
writer->write_uint8 (writer, entry->flags);
writer->write_uint24(writer, entry->sub_comp_depth);
writer->write_uint24(writer, entry->depth);
writer->write_uint24(writer, entry->name->get_vendor_id(entry->name));
writer->write_uint8 (writer, entry->name->get_qualifier(entry->name));
writer->write_uint32(writer, entry->name->get_name(entry->name));
@ -151,24 +190,22 @@ METHOD(pa_tnc_attr_t, build, void,
}
METHOD(pa_tnc_attr_t, process, status_t,
private_tcg_pts_attr_req_funct_comp_evid_t *this, u_int32_t *offset)
private_tcg_pts_attr_req_func_comp_evid_t *this, u_int32_t *offset)
{
bio_reader_t *reader;
status_t status = FAILED;
funct_comp_evid_req_entry_t *entry = NULL;
u_int32_t sub_comp_depth, vendor_id, name;
u_int32_t depth, vendor_id, name;
u_int8_t flags, fam_and_qualifier, qualifier;
if (this->value.len < PTS_REQ_FUNCT_COMP_EVID_SIZE)
status_t status = FAILED;
entry_t *entry = NULL;
if (this->value.len < PTS_REQ_FUNC_COMP_EVID_SIZE)
{
DBG1(DBG_TNC, "insufficient data for Request Functional "
"Component Evidence");
*offset = 0;
return FAILED;
}
reader = bio_reader_create(this->value);
this->requests = pts_funct_comp_evid_req_create();
while (reader->remaining(reader))
{
@ -178,7 +215,7 @@ METHOD(pa_tnc_attr_t, process, status_t,
"Component Evidence Flags");
goto end;
}
if (!reader->read_uint24(reader, &sub_comp_depth))
if (!reader->read_uint24(reader, &depth))
{
DBG1(DBG_TNC, "insufficient data for PTS Request Functional "
"Component Evidence Sub Component Depth");
@ -196,7 +233,7 @@ METHOD(pa_tnc_attr_t, process, status_t,
"Component Evidence Family and Qualifier");
goto end;
}
if (fam_and_qualifier & PTS_REQ_FUNCT_COMP_FAMILY_MASK)
if (fam_and_qualifier & PTS_REQ_FUNC_COMP_FAMILY_MASK)
{
DBG1(DBG_TNC, "the Functional Name Encoding Family "
"is not Binary Enumeration");
@ -208,48 +245,62 @@ METHOD(pa_tnc_attr_t, process, status_t,
"Component Evidence Component Functional Name");
goto end;
}
qualifier = fam_and_qualifier & !PTS_REQ_FUNCT_COMP_FAMILY_MASK;
qualifier = fam_and_qualifier & !PTS_REQ_FUNC_COMP_FAMILY_MASK;
entry = malloc_thing(funct_comp_evid_req_entry_t);
entry = malloc_thing(entry_t);
entry->flags = flags;
entry->sub_comp_depth = sub_comp_depth;
entry->depth = depth;
entry->name = pts_comp_func_name_create(vendor_id, name, qualifier);
this->requests->add(this->requests, entry);
this->list->insert_last(this->list, entry);
}
status = SUCCESS;
end:
if (entry)
{
free(entry);
}
reader->destroy(reader);
return status;
}
METHOD(pa_tnc_attr_t, destroy, void,
private_tcg_pts_attr_req_funct_comp_evid_t *this)
private_tcg_pts_attr_req_func_comp_evid_t *this)
{
this->requests->destroy(this->requests);
this->list->destroy_function(this->list, (void *)free_entry);
free(this->value.ptr);
free(this);
}
METHOD(tcg_pts_attr_req_funct_comp_evid_t, get_requests,
pts_funct_comp_evid_req_t*,
private_tcg_pts_attr_req_funct_comp_evid_t *this)
METHOD(tcg_pts_attr_req_func_comp_evid_t, add_component, void,
private_tcg_pts_attr_req_func_comp_evid_t *this, u_int8_t flags,
u_int32_t depth, pts_comp_func_name_t *name)
{
return this->requests;
entry_t *entry;
entry = malloc_thing(entry_t);
entry->flags = flags;
entry->depth = depth;
entry->name = name->clone(name);
this->list->insert_last(this->list, entry);
}
METHOD(tcg_pts_attr_req_func_comp_evid_t, get_count, int,
private_tcg_pts_attr_req_func_comp_evid_t *this)
{
return this->list->get_count(this->list);
}
METHOD(tcg_pts_attr_req_func_comp_evid_t, create_enumerator, enumerator_t*,
private_tcg_pts_attr_req_func_comp_evid_t *this)
{
return enumerator_create_filter(this->list->create_enumerator(this->list),
(void*)entry_filter, NULL, NULL);
}
/**
* Described in header.
*/
pa_tnc_attr_t *tcg_pts_attr_req_funct_comp_evid_create(
pts_funct_comp_evid_req_t *requests)
pa_tnc_attr_t *tcg_pts_attr_req_func_comp_evid_create(void)
{
private_tcg_pts_attr_req_funct_comp_evid_t *this;
private_tcg_pts_attr_req_func_comp_evid_t *this;
INIT(this,
.public = {
@ -263,23 +314,24 @@ pa_tnc_attr_t *tcg_pts_attr_req_funct_comp_evid_create(
.process = _process,
.destroy = _destroy,
},
.get_requests = _get_requests,
.add_component = _add_component,
.get_count = _get_count,
.create_enumerator = _create_enumerator,
},
.vendor_id = PEN_TCG,
.type = TCG_PTS_REQ_FUNCT_COMP_EVID,
.requests = requests,
.type = TCG_PTS_REQ_FUNC_COMP_EVID,
.list = linked_list_create(),
);
return &this->public.pa_tnc_attribute;
}
/**
* Described in header.
*/
pa_tnc_attr_t *tcg_pts_attr_req_funct_comp_evid_create_from_data(chunk_t data)
pa_tnc_attr_t *tcg_pts_attr_req_func_comp_evid_create_from_data(chunk_t data)
{
private_tcg_pts_attr_req_funct_comp_evid_t *this;
private_tcg_pts_attr_req_func_comp_evid_t *this;
INIT(this,
.public = {
@ -293,10 +345,13 @@ pa_tnc_attr_t *tcg_pts_attr_req_funct_comp_evid_create_from_data(chunk_t data)
.process = _process,
.destroy = _destroy,
},
.get_requests = _get_requests,
.add_component = _add_component,
.get_count = _get_count,
.create_enumerator = _create_enumerator,
},
.vendor_id = PEN_TCG,
.type = TCG_PTS_REQ_FUNCT_COMP_EVID,
.type = TCG_PTS_REQ_FUNC_COMP_EVID,
.list = linked_list_create(),
.value = chunk_clone(data),
);

51
src/libpts/tcg/tcg_pts_attr_req_func_comp_evid.h
View File

@ -14,27 +14,24 @@
*/
/**
* @defgroup tcg_pts_attr_req_funct_comp_evid tcg_pts_attr_req_funct_comp_evid
* @{ @ingroup tcg_pts_attr_req_funct_comp_evid
* @defgroup tcg_pts_attr_req_func_comp_evid tcg_pts_attr_req_func_comp_evid
* @{ @ingroup tcg_pts_attr_req_func_comp_evid
*/
#ifndef TCG_PTS_ATTR_REQ_FUNCT_COMP_EVID_H_
#define TCG_PTS_ATTR_REQ_FUNCT_COMP_EVID_H_
#ifndef TCG_PTS_ATTR_REQ_FUNC_COMP_EVID_H_
#define TCG_PTS_ATTR_REQ_FUNC_COMP_EVID_H_
typedef struct tcg_pts_attr_req_funct_comp_evid_t tcg_pts_attr_req_funct_comp_evid_t;
typedef struct tcg_pts_attr_req_func_comp_evid_t tcg_pts_attr_req_func_comp_evid_t;
#include "tcg_attr.h"
#include "pts/components/pts_comp_func_name.h"
#include "pts/pts_funct_comp_evid_req.h"
#include "pa_tnc/pa_tnc_attr.h"
#define PTS_REQ_FUNCT_COMP_FAMILY_MASK 0xC0
/**
* Class implementing the TCG PTS Request Functional Component Evidence attribute
*
*/
struct tcg_pts_attr_req_funct_comp_evid_t {
struct tcg_pts_attr_req_func_comp_evid_t {
/**
* Public PA-TNC attribute interface
@ -42,26 +39,42 @@ struct tcg_pts_attr_req_funct_comp_evid_t {
pa_tnc_attr_t pa_tnc_attribute;
/**
* Get PTS Functional Component Evidence Requests
* Add a component to the Functional Component Evidence Request
*
* @return PTS Functional Component Evidence Requests
* @param flags Component Evidence Request Flags
* @param depth Sub-component Depth
* @param name Functional Component Name
*/
pts_funct_comp_evid_req_t* (*get_requests)(tcg_pts_attr_req_funct_comp_evid_t *this);
void (*add_component)(tcg_pts_attr_req_func_comp_evid_t *this,
u_int8_t flags, u_int32_t depth,
pts_comp_func_name_t *name);
/**
* Returns the number of Functional Component entries
*
* @return Number of entries
*/
int (*get_count)(tcg_pts_attr_req_func_comp_evid_t *this);
/**
* Enumerator over Functional Component entries
*
* @return Entry enumerator
*/
enumerator_t* (*create_enumerator)(tcg_pts_attr_req_func_comp_evid_t *this);
};
/**
* Creates an tcg_pts_attr_req_funct_comp_evid_t object
*
* @param requests Linked list of PTS Functional Component Evidence Requests
* Creates a tcg_pts_attr_req_func_comp_evid_t object
*/
pa_tnc_attr_t* tcg_pts_attr_req_funct_comp_evid_create(pts_funct_comp_evid_req_t *requests);
pa_tnc_attr_t* tcg_pts_attr_req_func_comp_evid_create(void);
/**
* Creates an tcg_pts_attr_req_funct_comp_evid_t object from received data
* Creates a tcg_pts_attr_req_func_comp_evid_t object from received data
*
* @param value Unparsed attribute value
*/
pa_tnc_attr_t* tcg_pts_attr_req_funct_comp_evid_create_from_data(chunk_t value);
pa_tnc_attr_t* tcg_pts_attr_req_func_comp_evid_create_from_data(chunk_t value);
#endif /** TCG_PTS_ATTR_REQ_FUNCT_COMP_EVID_H_ @}*/
#endif /** TCG_PTS_ATTR_REQ_FUNC_COMP_EVID_H_ @}*/