Changed definition of output and set them in quote_tpm function

2011-10-07 11:15:37 +02:00 · 2011-10-07 11:15:37 +02:00 · a3be32a2d5
parent 20c70d9839
commit a3be32a2d5
2 changed files with 43 additions and 25 deletions
--- a/src/libpts/pts/pts.c
+++ b/src/libpts/pts/pts.c
@ -716,7 +716,8 @@ METHOD(pts_t, extend_pcr, bool,
 }

 METHOD(pts_t, quote_tpm, bool,
-	   private_pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs, chunk_t *output)
+	   private_pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
+	   chunk_t *pcr_composite, chunk_t *quote_signature)
 {
 	TSS_HCONTEXT hContext;
 	TSS_HTPM hTPM;
@ -731,6 +732,7 @@ METHOD(pts_t, quote_tpm, bool,
 	u_int32_t i;
 	TSS_RESULT result;
 	chunk_t aik_key_encoding;
+	chunk_t pcr_composite_without_nonce;

 	result = Tspi_Context_Create(&hContext);
 	if (result != TSS_SUCCESS)
@ -822,7 +824,7 @@ METHOD(pts_t, quote_tpm, bool,
 			DBG1(DBG_PTS, "Invalid PCR number: %d", pcr);
 			goto err3;
 		}
-		result = Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, 1);
+		result = Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, pcr);
 		if (result != TSS_SUCCESS)
 		{
 			goto err3;
@ -842,23 +844,36 @@ METHOD(pts_t, quote_tpm, bool,

 	quoteInfo = (TPM_QUOTE_INFO *)valData.rgbData;

-	//display quote info
-	printf("version:\n");
-	for(i=0;i<4;i++)
-		printf("%02x ",valData.rgbData[i]);
-	printf("\n");
-	printf("fixed value:\n");
-	for(i=4;i<8;i++)
-		printf("%c",valData.rgbData[i]);
-	printf("\n");
-	printf("pcr digest:\n");
-	for(i=8;i<28;i++)
-		printf("%02x ",valData.rgbData[i]);
-	printf("\n");
-	printf("nonce:\n");
-	for(i=28;i<valData.ulDataLength;i++)
-		printf("%c",valData.rgbData[i]);
-	printf("\n");
+	/* Display quote info */
+	DBG3(DBG_PTS, "version:");
+	for(i = 0 ; i < 4 ; i++)
+	{
+		DBG3(DBG_PTS, "%02x ",valData.rgbData[i]);
+	}
+	DBG3(DBG_PTS, "fixed value:");
+	for(i = 4 ; i < 8 ; i++)
+	{
+		DBG3(DBG_PTS, "%c",valData.rgbData[i]);
+	}
+	DBG3(DBG_PTS, "pcr digest:");
+	for(i = 8 ; i < 28 ; i++)
+	{
+		DBG3(DBG_PTS, "%02x ",valData.rgbData[i]);
+	}
+	DBG3(DBG_PTS, "nonce:");
+	for(i = 28 ; i < valData.ulDataLength ; i++)
+	{
+		DBG3(DBG_PTS, "%c",valData.rgbData[i]);
+	}
+
+	/* Set output chunks */
+	pcr_composite_without_nonce = chunk_alloc(
+		valData.ulDataLength - ASSESSMENT_SECRET_LEN);
+	memcpy(pcr_composite_without_nonce.ptr, valData.rgbData,
+		   valData.ulDataLength - ASSESSMENT_SECRET_LEN);
+	*pcr_composite = pcr_composite_without_nonce;
+	*quote_signature = chunk_from_thing(valData.rgbValidationData);
+	*quote_signature = chunk_clone(*quote_signature);
 	
 	Tspi_Context_FreeMemory(hContext, NULL);
 	Tspi_Context_CloseObject(hContext, hPcrComposite);
--- a/src/libpts/pts/pts.h
+++ b/src/libpts/pts/pts.h
@ -249,12 +249,15 @@ struct pts_t {
 	 * Quote over PCR's
 	 * Expects owner and SRK secret to be WELL_KNOWN_SECRET and no password set for AIK
 	 *
-	 * @param pcrs			Set of PCR's to make quotation over
-	 * @param num_of_pcr	Number of PCR's
-	 * @param quote			Chunk to save quote operation output
-	 * @return				FALSE in case of TSS error, TRUE otherwise
+	 * @param pcrs					Set of PCR's to make quotation over
+	 * @param num_of_pcr			Number of PCR's
+	 * @param pcr_composite			Chunk to save pcr composite structure
+	 * @param quote_signature		Chunk to save quote operation output
+	 *								without external data (anti-replay protection)
+	 * @return						FALSE in case of TSS error, TRUE otherwise
 	 */
-	 bool (*quote_tpm)(pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs, chunk_t *quote);
+	 bool (*quote_tpm)(pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
+					   chunk_t *pcr_composite, chunk_t *quote_signature);

 	/**
 	 * Destroys a pts_t object.
@ -270,4 +273,4 @@ struct pts_t {
 */
 pts_t* pts_create(bool is_imc);

-#endif /** PTS_H_ @} */
+#endif /** PTS_H_ @}*/