Implemented handling of DH Parameters Response and Finish attributes

Implemented calculating session secrets
This commit is contained in:
Sansar Choinyambuu 2011-09-23 16:06:29 +02:00 committed by Andreas Steffen
parent a2ca89676b
commit c10867f40b
4 changed files with 348 additions and 40 deletions

View File

@ -68,6 +68,12 @@ static pts_meas_algorithms_t supported_algorithms = 0;
*/
static pts_dh_group_t supported_dh_groups = 0;
/**
* High Entropy Random Data
* used in calculation of shared secret for the assessment session
*/
static chunk_t responder_nonce;
/**
* see section 3.7.1 of TCG TNC IF-IMC Specification 1.2
*/
@ -290,9 +296,21 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
tcg_pts_attr_dh_nonce_params_req_t *attr_cast;
u_int8_t min_nonce_len;
pts_dh_group_t offered_dh_groups, selected_dh_group;
rng_t *rng;
chunk_t responder_pub_val;
char buf[NONCE_LEN];
attr_cast = (tcg_pts_attr_dh_nonce_params_req_t*)attr;
min_nonce_len = attr_cast->get_min_nonce_len(attr_cast);
if (NONCE_LEN < min_nonce_len || NONCE_LEN <= 16)
{
attr_info = attr->get_value(attr);
attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
TCG_PTS_BAD_NONCE_LENGTH, attr_info);
attr_list->insert_last(attr_list, attr);
break;
}
offered_dh_groups = attr_cast->get_dh_groups(attr_cast);
if ((supported_dh_groups & PTS_DH_GROUP_IKE20) &&
@ -331,13 +349,58 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
/* Send DH Nonce Parameters Response attribute */
selected_dh_group = pts->get_dh_group(pts);
/* TODO: Implement */
if (!pts->create_dh(pts, selected_dh_group))
{
return TNC_RESULT_FATAL;
}
responder_pub_val = pts->get_my_pub_val(pts);
/* create a responder nonce */
rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
if (rng)
{
rng->get_bytes(rng, sizeof(buf), buf);
rng->destroy(rng);
}
responder_nonce = chunk_create(buf, sizeof(buf));
attr = tcg_pts_attr_dh_nonce_params_resp_create(NONCE_LEN,
selected_dh_group, supported_algorithms,
responder_nonce, responder_pub_val);
attr_list->insert_last(attr_list, attr);
break;
}
case TCG_PTS_DH_NONCE_FINISH:
{
/* TODO: Implement */
tcg_pts_attr_dh_nonce_finish_t *attr_cast;
u_int8_t nonce_len;
pts_meas_algorithms_t selected_algorithm;
chunk_t initiator_nonce, initiator_pub_val;
attr_cast = (tcg_pts_attr_dh_nonce_finish_t*)attr;
nonce_len = attr_cast->get_nonce_len(attr_cast);
if (nonce_len < 0 || nonce_len <= 16)
{
attr_info = attr->get_value(attr);
attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
TCG_PTS_BAD_NONCE_LENGTH, attr_info);
attr_list->insert_last(attr_list, attr);
break;
}
selected_algorithm = attr_cast->get_hash_algo(attr_cast);
initiator_pub_val = attr_cast->get_initiator_pub_val(attr_cast);
initiator_nonce = attr_cast->get_initiator_nonce(attr_cast);
DBG3(DBG_IMC, "Initiator nonce: %B", &initiator_nonce);
DBG3(DBG_IMC, "Responder nonce: %B", &responder_nonce);
pts->set_other_pub_val(pts, initiator_pub_val);
if (!pts->calculate_secret(pts, initiator_nonce,
responder_nonce, selected_algorithm))
{
return TNC_RESULT_FATAL;
}
break;
}
case TCG_PTS_MEAS_ALGO:
@ -729,6 +792,7 @@ TNC_Result TNC_IMC_Terminate(TNC_IMCID imc_id)
return TNC_RESULT_NOT_INITIALIZED;
}
free(responder_nonce.ptr);
libpts_deinit();
imc_attestation->destroy(imc_attestation);

View File

@ -72,6 +72,12 @@ static pts_meas_algorithms_t supported_algorithms = 0;
*/
static pts_dh_group_t supported_dh_groups = 0;
/**
* High Entropy Random Data
* used in calculation of shared secret for the assessment session
*/
static chunk_t initiator_nonce;
/**
* PTS file measurement database
*/
@ -87,6 +93,11 @@ static pts_creds_t *pts_creds;
*/
static credential_manager_t *pts_credmgr;
/**
* TRUE if DH Nonce Parameters Request attribute is sent
*/
static bool dh_nonce_req_sent = FALSE;
/**
* see section 3.7.1 of TCG TNC IF-IMV Specification 1.2
*/
@ -246,7 +257,7 @@ static TNC_Result send_message(TNC_ConnectionID connection_id)
msg = pa_tnc_msg_create();
switch_state:
/* Switch on the attribute type IMV has received */
switch (handshake_state)
{
@ -266,40 +277,61 @@ static TNC_Result send_message(TNC_ConnectionID connection_id)
msg->add_attribute(msg, attr);
attestation_state->set_handshake_state(attestation_state,
IMV_ATTESTATION_STATE_DH_NONCE);
IMV_ATTESTATION_STATE_TPM_INIT);
break;
}
case IMV_ATTESTATION_STATE_DH_NONCE:
case IMV_ATTESTATION_STATE_TPM_INIT:
{
bool request_sent = FALSE;
/* Jump to Measurement state if IMC has no TPM */
if(!(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T))
{
attestation_state->set_handshake_state(attestation_state,
IMV_ATTESTATION_STATE_MEAS);
handshake_state = IMV_ATTESTATION_STATE_MEAS;
DBG3(DBG_IMV, "TPM is not available on IMC side, ",
"jumping to measurement phase");
goto switch_state;
}
else if (!request_sent)
if (!dh_nonce_req_sent)
{
/* Send DH nonce parameters request attribute */
attr = tcg_pts_attr_dh_nonce_params_req_create(0, supported_dh_groups);
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
request_sent = TRUE;
dh_nonce_req_sent = TRUE;
}
else if (request_sent)
else
{
pts_meas_algorithms_t selected_algorithm;
chunk_t initiator_pub_val;
/* Send DH nonce finish attribute */
selected_algorithm = pts->get_meas_algorithm(pts);
initiator_pub_val = pts->get_my_pub_val(pts);
attr = tcg_pts_attr_dh_nonce_finish_create(NONCE_LEN,
selected_algorithm, initiator_nonce,
initiator_pub_val);
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
/* Send Get TPM Version attribute */
attr = tcg_pts_attr_get_tpm_version_info_create();
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
/* Send Get AIK attribute */
attr = tcg_pts_attr_get_aik_create();
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
attestation_state->set_handshake_state(attestation_state,
IMV_ATTESTATION_STATE_MEAS);
}
break;
}
case IMV_ATTESTATION_STATE_MEAS:
{
enumerator_t *enumerator;
u_int32_t delimiter = SOLIDUS_UTF;
char *platform_info, *pathname;
@ -310,19 +342,6 @@ static TNC_Result send_message(TNC_ConnectionID connection_id)
attestation_state->set_handshake_state(attestation_state,
IMV_ATTESTATION_STATE_COMP_EVID);
/* Does the PTS-IMC have TPM support? */
{
/* Send Get TPM Version attribute */
attr = tcg_pts_attr_get_tpm_version_info_create();
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
/* Send Get AIK attribute */
attr = tcg_pts_attr_get_aik_create();
attr->set_noskip_flag(attr, TRUE);
msg->add_attribute(msg, attr);
}
/* Get Platform and OS of the PTS-IMC */
platform_info = pts->get_platform_info(pts);
@ -423,6 +442,8 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
TNC_Result result;
bool fatal_error = FALSE;
bool measurement_error = FALSE;
linked_list_t *attr_list;
chunk_t attr_info;
if (!imv_attestation)
{
@ -449,6 +470,7 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
return result;
}
attr_list = linked_list_create();
/* analyze PA-TNC attributes */
enumerator = pa_tnc_msg->create_attribute_enumerator(pa_tnc_msg);
while (enumerator->enumerate(enumerator, &attr))
@ -522,11 +544,6 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
pts->set_proto_caps(pts, flags);
break;
}
case TCG_PTS_DH_NONCE_PARAMS_RESP:
{
/* TODO: Implement */
break;
}
case TCG_PTS_MEAS_ALGO_SELECTION:
{
tcg_pts_attr_meas_algo_t *attr_cast;
@ -537,6 +554,84 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
pts->set_meas_algorithm(pts, selected_algorithm);
break;
}
case TCG_PTS_DH_NONCE_PARAMS_RESP:
{
tcg_pts_attr_dh_nonce_params_resp_t *attr_cast;
u_int8_t nonce_len;
pts_dh_group_t dh_group;
pts_meas_algorithms_t offered_algorithms, selected_algorithm;
chunk_t responder_nonce;
chunk_t responder_pub_val;
rng_t *rng;
char buf[NONCE_LEN];
attr_cast = (tcg_pts_attr_dh_nonce_params_resp_t*)attr;
nonce_len = attr_cast->get_nonce_len(attr_cast);
if (nonce_len < 0 || nonce_len <= 16)
{
attr_info = attr->get_value(attr);
attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
TCG_PTS_BAD_NONCE_LENGTH, attr_info);
attr_list->insert_last(attr_list, attr);
break;
}
dh_group = attr_cast->get_dh_group(attr_cast);
offered_algorithms = attr_cast->get_hash_algo_set(attr_cast);
if ((supported_algorithms & PTS_MEAS_ALGO_SHA384) &&
(offered_algorithms & PTS_MEAS_ALGO_SHA384))
{
pts->set_meas_algorithm(pts, PTS_MEAS_ALGO_SHA384);
}
else if ((supported_algorithms & PTS_MEAS_ALGO_SHA256) &&
(offered_algorithms & PTS_MEAS_ALGO_SHA256))
{
pts->set_meas_algorithm(pts, PTS_MEAS_ALGO_SHA256);
}
else if ((supported_algorithms & PTS_MEAS_ALGO_SHA1) &&
(offered_algorithms & PTS_MEAS_ALGO_SHA1))
{
pts->set_meas_algorithm(pts, PTS_MEAS_ALGO_SHA1);
}
else
{
attr = pts_hash_alg_error_create(supported_algorithms);
attr_list->insert_last(attr_list, attr);
break;
}
selected_algorithm = pts->get_meas_algorithm(pts);
responder_nonce = attr_cast->get_responder_nonce(attr_cast);
responder_pub_val = attr_cast->get_responder_pub_val(attr_cast);
/* Calculate secret assessment value */
if (!pts->create_dh(pts, dh_group))
{
return TNC_RESULT_FATAL;
}
pts->set_other_pub_val(pts, responder_pub_val);
/* Create a initiator nonce */
rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
if (rng)
{
rng->get_bytes(rng, sizeof(buf), buf);
rng->destroy(rng);
}
initiator_nonce = chunk_create(buf, sizeof(buf));
DBG3(DBG_IMV, "Initiator nonce: %B", &initiator_nonce);
DBG3(DBG_IMV, "Responder nonce: %B", &responder_nonce);
if (!pts->calculate_secret(pts, initiator_nonce,
responder_nonce, selected_algorithm))
{
return TNC_RESULT_FATAL;
}
break;
}
case TCG_PTS_TPM_VERSION_INFO:
{
tcg_pts_attr_tpm_version_info_t *attr_cast;
@ -718,6 +813,25 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id,
connection_id);
}
if (attr_list->get_count(attr_list))
{
pa_tnc_msg = pa_tnc_msg_create();
enumerator = attr_list->create_enumerator(attr_list);
while (enumerator->enumerate(enumerator, &attr))
{
pa_tnc_msg->add_attribute(pa_tnc_msg, attr);
}
enumerator->destroy(enumerator);
pa_tnc_msg->build(pa_tnc_msg);
result = imv_attestation->send_message(imv_attestation, connection_id,
pa_tnc_msg->get_encoding(pa_tnc_msg));
pa_tnc_msg->destroy(pa_tnc_msg);
attr_list->destroy(attr_list);
return result;
}
if (attestation_state->get_handshake_state(attestation_state) &
IMV_ATTESTATION_STATE_END)
{
@ -807,6 +921,7 @@ TNC_Result TNC_IMV_Terminate(TNC_IMVID imv_id)
}
DESTROY_IF(pts_db);
DESTROY_IF(pts_credmgr);
free(initiator_nonce.ptr);
libpts_deinit();

View File

@ -56,14 +56,14 @@ struct private_pts_t {
pts_dh_group_t dh_group;
/**
* Contains a Diffie Hellman Nonce
* Contains a Diffie Hellman object
*/
chunk_t dh_nonce;
diffie_hellman_t *dh;
/**
* Contains a Diffie Hellman Public Value
* Secret assessment value to be used for TPM Quote as an external data
*/
chunk_t dh_public_value;
chunk_t secret;
/**
* Platform and OS Info
@ -141,10 +141,90 @@ METHOD(pts_t, set_dh_group, void,
diffie_hellman_group_names, dh_group);
if (dh_group != MODP_NONE)
{
this->dh_group = dh_group;
this->dh_group = group;
}
}
METHOD(pts_t, create_dh, bool,
private_pts_t *this, pts_dh_group_t group)
{
diffie_hellman_group_t dh_group;
dh_group = pts_dh_group_to_strongswan_dh_group(group);
if (dh_group != MODP_NONE)
{
this->dh = lib->crypto->create_dh(lib->crypto, dh_group);
return TRUE;
}
DBG1(DBG_PTS, "Unable to create Diffie Hellman object with group %N",
diffie_hellman_group_names, dh_group);
return FALSE;
}
METHOD(pts_t, get_my_pub_val, chunk_t,
private_pts_t *this)
{
chunk_t public_value;
this->dh->get_my_public_value(this->dh, &public_value);
DBG3(DBG_PTS, "My Public value:%B", &public_value);
return public_value;
}
METHOD(pts_t, set_other_pub_val, void,
private_pts_t *this, chunk_t value)
{
DBG3(DBG_PTS, "Partner's Public value:%B", &value);
this->dh->set_other_public_value(this->dh, value);
}
METHOD(pts_t, calculate_secret, bool,
private_pts_t *this, chunk_t initiator_nonce, chunk_t responder_nonce,
pts_meas_algorithms_t algorithm)
{
hasher_t *hasher;
hash_algorithm_t hash_alg;
u_char output[HASH_SIZE_SHA384];
chunk_t shared_secret;
/* Create a hasher */
hash_alg = pts_meas_to_hash_algorithm(algorithm);
hasher = lib->crypto->create_hasher(lib->crypto, hash_alg);
if (!hasher)
{
DBG1(DBG_PTS, " hasher %N not available", hash_algorithm_names, hash_alg);
return FALSE;
}
if (this->dh->get_shared_secret(this->dh, &shared_secret) != SUCCESS)
{
DBG1(DBG_PTS, "Shared secret couldn't be calculated");
hasher->destroy(hasher);
return FALSE;
}
hasher->get_hash(hasher, chunk_create("1", sizeof("1")), NULL);
hasher->get_hash(hasher, initiator_nonce, NULL);
hasher->get_hash(hasher, responder_nonce, NULL);
hasher->get_hash(hasher, shared_secret, output);
/**
* Link the hash output to the secret and set the length
* Truncate the output to 20 bytes to fit ExternalDate argument of TPM Quote
*/
this->secret = chunk_create(output, HASH_SIZE_SHA1);
DBG3(DBG_PTS, "Secret assessment value: %B", &this->secret);
hasher->destroy(hasher);
return TRUE;
}
METHOD(pts_t, get_secret, chunk_t,
private_pts_t *this)
{
return this->secret;
}
/**
* Print TPM 1.2 Version Info
*/
@ -553,8 +633,7 @@ METHOD(pts_t, destroy, void,
private_pts_t *this)
{
DESTROY_IF(this->aik);
free(this->dh_nonce.ptr);
free(this->dh_public_value.ptr);
DESTROY_IF(this->dh);
free(this->platform_info);
free(this->tpm_version_info.ptr);
free(this);
@ -722,6 +801,11 @@ pts_t *pts_create(bool is_imc)
.set_meas_algorithm = _set_meas_algorithm,
.get_dh_group = _get_dh_group,
.set_dh_group = _set_dh_group,
.create_dh = _create_dh,
.get_my_pub_val = _get_my_pub_val,
.set_other_pub_val = _set_other_pub_val,
.calculate_secret = _calculate_secret,
.get_secret = _get_secret,
.get_platform_info = _get_platform_info,
.set_platform_info = _set_platform_info,
.get_tpm_version_info = _get_tpm_version_info,

View File

@ -38,6 +38,11 @@ typedef struct pts_t pts_t;
#define SOLIDUS_UTF 0x2F
#define REVERSE_SOLIDUS_UTF 0x5C
/**
* Lenght of the generated nonce used for calculation of shared secret
*/
#define NONCE_LEN 20
/**
* Class implementing the TCG Platform Trust System (PTS)
*
@ -86,6 +91,46 @@ struct pts_t {
*/
void (*set_dh_group)(pts_t *this, pts_dh_group_t dh_group);
/**
* Set PTS Diffie Hellman Object
*
* @param dh D-H object
*/
bool (*create_dh)(pts_t *this, pts_dh_group_t group);
/**
* Gets Own Diffie Hellman Public Value
*
* @return D-H Public Value
*/
chunk_t (*get_my_pub_val)(pts_t *this);
/**
* Sets the public value of partner.
*
* @param value public value of partner
*/
void (*set_other_pub_val) (pts_t *this, chunk_t value);
/**
* Calculates secret assessment value to be used for TPM Quote as an external data
*
* @param initiator_nonce Initiator nonce (IMV nonce)
* @param responder_nonce Responder nonce (IMC nonce)
* @param algorithm Hashing algorithm
* @return TRUE, FALSE if not both DH public values and
* nonces are set
*/
bool (*calculate_secret) (pts_t *this, chunk_t initiator_nonce,
chunk_t responder_nonce, pts_meas_algorithms_t algorithm);
/**
* Returns secret assessment value to be used for TPM Quote as an external data
*
* @return Secret assessment value
*/
chunk_t (*get_secret) (pts_t *this);
/**
* Get Platform and OS Info
*