Tobias Brunner
fbb70c968b
pts: Don't rely on BIOS event buffer to be null terminated
2021-02-16 15:16:25 +01:00
Andreas Steffen
2889133cc0
imc_attestation: Fixed double free of tpm_version_info chunk
2021-01-08 11:00:15 +01:00
Andreas Steffen
2ea1dac203
libimcv: Support symlinks introduced by usrmerge
...
Debian, Ubuntu, Fedora et. al. started to apply usrmerge to their
latest Linux distributions, i.e. /bin, /sbin, and /lib are now
symbolical links to /usr/bin, /usr/sbin, and /usr/lib, respectively.
Since executables and libraries are contained only once in Linux
packages (e.g. /bin/cp in coreutils but not /usr/bin/cp) this leads
to missing file measurments due to the symlinks when doing remote
attestation.
The new ita_attr_symlinks PA-TNC attribute fixes this problem by
collecting symbolic links pointing to directories on the client
platform.
2021-01-08 11:00:15 +01:00
Andreas Steffen
9b4a2322d6
libimcv: Evaluate IMA SHA-256 measurements
2021-01-08 11:00:15 +01:00
Tobias Brunner
c810912d2f
libimcv: Fix Doxygen comments for some pts_meas_algo_* functions
2020-10-12 13:48:57 +02:00
Andreas Steffen
3e5a528aec
tpm: Auto-detection of legacy TPM 2.0 devices
2020-10-07 16:54:32 +02:00
Andreas Steffen
3ef5b23903
pts: Variable size PCR banks
2020-10-07 16:54:32 +02:00
Andreas Steffen
d647a8f91d
pts: Parse TPM 2.0 BIOS/EFI event log
2020-10-07 16:54:32 +02:00
Josh Soref
b3ab7a48cc
Spelling fixes
...
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior
Closes strongswan/strongswan#164 .
2020-02-11 18:23:07 +01:00
Tobias Brunner
b9949e98c2
Some whitespace fixes
...
Didn't change some of the larger testing scripts that use an inconsistent
indentation style.
2019-08-22 15:18:06 +02:00
Tobias Brunner
ddc797686f
pts: Remove commented call of inexistent function
2018-09-17 18:51:42 +02:00
Tobias Brunner
cdfa0ba4d1
libimcv: Fix typo in PTS hash algorithm mapping for 512-bit SHA-3
...
Fixes: 40f2589abf
("gmp: Support of SHA-3 RSA signatures")
2018-03-02 08:30:13 +01:00
Tobias Brunner
2db6d5b8b3
Fixed some typos, courtesy of codespell
2018-02-13 12:19:54 +01:00
Tobias Brunner
a413571f3b
public-key: Add optional parameters argument to verify() method
2017-11-08 16:48:10 +01:00
Andreas Steffen
076aac7069
imv-attestation: Fixed file hash measurements
...
The introduction of file versions broke file hash measurements.
This has been fixed by using a generic product versions having an
empty package name.
2017-09-01 10:51:15 +02:00
Andreas Steffen
60da0153ee
libimcv: Update database to ISO 19770-2:2015 SWID standard
2017-07-08 23:19:51 +02:00
Tobias Brunner
525cc46cab
Change interface for enumerator_create_filter() callback
...
This avoids the unportable 5 pointer hack, but requires enumerating in
the callback.
2017-05-26 13:56:44 +02:00
Tobias Brunner
95a63bf281
Migrate all enumerators to venumerate() interface change
2017-05-26 13:56:44 +02:00
Andreas Steffen
40f2589abf
gmp: Support of SHA-3 RSA signatures
2016-09-22 17:34:31 +02:00
Andreas Steffen
288ee54875
libimcv: No need to load AIK pubkey if AIK certificate is available
2016-08-31 16:12:55 +02:00
Andreas Steffen
37ffa99cf2
imcv: Added EFI HCRTM event
2016-06-30 16:20:10 +02:00
Andreas Steffen
721ed31b39
Refactoring to tpm_tss_quote_info object
2016-06-26 18:19:05 +02:00
Andreas Steffen
12e1a06987
libimcv: Changed debug level for functional components from 2 to 3
2016-06-26 18:19:05 +02:00
Andreas Steffen
30d4989aec
libimcv: migrate pts to tpm_tss
2016-06-22 15:33:44 +02:00
Andreas Steffen
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
Tobias Brunner
36d42daf4d
imv-attestation: Fix memory leaks when creating functional components
2015-12-11 15:18:38 +01:00
Martin Willi
161a015782
utils: Use chunk_equals_const() for all cryptographic purposes
2015-04-14 12:02:51 +02:00
Martin Willi
a777155ffe
diffie-hellman: Add a bool return value to set_other_public_value()
2015-03-23 17:54:03 +01:00
Martin Willi
42431690e0
diffie-hellman: Add a bool return value to get_my_public_value()
2015-03-23 17:54:03 +01:00
Martin Willi
8a7dbf3c2a
libimcv: Allow pts_t.set_peer_public_value() to fail
2015-03-23 17:54:02 +01:00
Martin Willi
83cda57e2d
libimcv: Allow pts_t.get_my_public_value() to fail
2015-03-23 17:54:02 +01:00
Martin Willi
bace1d6479
diffie-hellman: Use bool instead of status_t as get_shared_secret() return value
...
While such a change is not unproblematic, keeping status_t makes the API
inconsistent once we introduce return values for the public value operations.
2015-03-23 17:54:02 +01:00
Andreas Steffen
08feb4548a
Replace kid by aik_id in ITA TBOOT functional component
2015-03-16 17:15:28 +01:00
Tobias Brunner
17eed801e7
libimcv: Fix Doxygen comments after merging libpts into libimcv
2014-10-13 17:11:57 +02:00
Andreas Steffen
d6fb2cc6e3
Merged libpts into libimcv
2014-10-05 12:55:37 +02:00