a7e1f37371
added pts_dh_group_select
2011-11-28 18:05:01 +01:00
2b899b50ca
combine two algorithm checks
2011-11-28 18:03:34 +01:00
09f01caf3a
fixed setting of PTS DH group
2011-11-28 18:01:08 +01:00
0788198047
Improved implementation of Read PCR/ Extend PCR/ Quote_TPM functions
...
Implemented creating/handling of Simple Evidence Final attribute (incomplete)
2011-11-28 17:53:34 +01:00
ee6a3bd711
Changed definition of output and set them in quote_tpm function
2011-11-28 17:46:54 +01:00
6c33703c4a
Implemented first version of tpm quote function
2011-11-28 17:43:00 +01:00
c0e4e0a6ab
added newline at end of file
2011-11-28 17:39:53 +01:00
54af64dc10
Changed definition of get_my_pub_val function a little
2011-11-28 17:34:40 +01:00
0bfdae3b90
Implemented hasndling of Request Functional Component Evidence and creation of Simple Component Evidences
2011-11-28 17:30:17 +01:00
09f34eb4d0
Implemented functions for reading and extending TPM PCR
...
Made hash_file function a member of pts object
2011-11-28 17:27:58 +01:00
b10465fdc1
Use struct containing the parameters for Create function
...
Deleted unnecessary setter functions
2011-11-28 17:23:52 +01:00
b9d6aded18
Fixed memory leaks
2011-11-28 17:19:40 +01:00
31b1e389ea
Clone chunk_t parameters in create function
2011-11-28 17:11:14 +01:00
be922d56b2
Implemented handling of DH Parameters Response and Finish attributes
...
Implemented calculating session secrets
2011-11-28 16:05:19 +01:00
e3cbd18892
Cloning chunk_t parameters in process message
2011-11-28 15:54:02 +01:00
d83bcc310d
Started implementing handling of DH Nonce attributes
2011-11-28 15:48:38 +01:00
8a55b83319
Implemented Diffie Hellman Nonce attributes
2011-11-28 15:32:36 +01:00
157c9c173d
Write/Read flags field directly to/from variable
2011-11-28 15:18:00 +01:00
d2a905ea98
Began implementing handline of Functional Component Measuring attributes
2011-11-28 15:14:13 +01:00
75d5f6d132
Fixed bug at checking error code from file stat
2011-11-28 15:02:49 +01:00
c5b346d1d0
Implemented handling of File Metadata
2011-11-28 15:01:53 +01:00
381b3452f3
File not Found, Invalid path, Invalid Delimiter PTS errors case checks implemented
2011-11-28 14:41:27 +01:00
1e28c937fe
Fixed bug in construction of PCR_SELECT structure
2011-11-28 14:39:53 +01:00
2aa28b164e
Defined functional components within ITA namespace
...
Implemented handling of functional components evidence request/response
2011-11-28 14:39:53 +01:00
19fa287f6e
Reverse the changes made to openssl plugin for signature verification
2011-11-28 14:39:53 +01:00
90cc99db5a
reordered options
2011-11-28 14:39:53 +01:00
103218b912
Reversed unintended commit
2011-11-28 14:39:53 +01:00
71741df078
Changed the static function name in openssl_rsa_public_key object
...
Removed unused chunk variable from PTS verify_quote_signature function
2011-11-28 14:39:53 +01:00
2b28a13182
implemented simple delete from database
2011-11-28 14:39:53 +01:00
f4159ff816
add product and file entries to database
2011-11-28 14:39:53 +01:00
3cd6077b75
use openssl rsa_verify function
2011-11-28 14:39:53 +01:00
cb66320fee
Implemented matching of Optional PCR Composite field value when Hashing was done to reduce the size of it
...
Optional Composite Hash Algorithm field is always present, has value of all zeroes if was not used
2011-11-28 14:39:53 +01:00
645f55eb20
allow file and product selection in hash query
2011-11-28 14:39:53 +01:00
0ee1fe1516
applied some database fixes
2011-11-28 14:39:53 +01:00
e881ee23ee
refactored attest database tool
2011-11-28 14:39:53 +01:00
e4ac6698bd
fixed SQL queries
2011-11-28 14:39:53 +01:00
09c4891459
get measurement hashes for a given file
2011-11-28 14:39:53 +01:00
63c6709041
add directory prefix to file path
2011-11-28 14:39:53 +01:00
4bf382742e
list file measurement hashes
2011-11-28 14:39:53 +01:00
1fa5b95962
remove attest
2011-11-28 14:39:52 +01:00
83ceee8abf
corrected copyright
2011-11-28 14:39:52 +01:00
2da75114d9
ipsec attest lists data stored in an attestation database
2011-11-28 14:39:52 +01:00
8209ab86a5
free memories that are bound to the context
2011-11-28 14:39:52 +01:00
cb83fb3b72
Both D and T flags required to be set for PTS Component Measurement
...
DH Finish is sent only when D flag is set in TPM_INIT phase
2011-11-28 14:39:52 +01:00
6c5c5b6a2e
use D flag for PTS Protocol Capabilities
2011-11-28 14:39:52 +01:00
a626ff9267
added measurements for Ubuntu 11.10 i686
2011-11-28 14:39:52 +01:00
7a40949e18
changed method name to create_file_meas_enumerator
2011-11-28 14:39:52 +01:00
d4171c6ea9
committed missing pts_file_type.c
2011-11-28 14:39:52 +01:00
7b81a60c51
added pts_file_type_names
2011-11-28 14:39:52 +01:00
96d611f585
Unix-Style File Metadata returns relative pathnames
2011-11-28 14:39:52 +01:00
ba361d3cd7
use write_uint64 and read_uint64 in file measurements
2011-11-28 14:39:52 +01:00
63ca82e56d
optimized handling of UNIX file metadata
2011-11-28 14:39:52 +01:00
fbeb94544c
extended bio_reader and bio_writer to handle u_int64_t
2011-11-28 14:39:52 +01:00
8ddf76dd13
shortened fieldnames of pts_file_metadata_t struct
2011-11-28 14:39:52 +01:00
bd96953568
removed empty line
2011-11-28 14:39:52 +01:00
5b0e14c48f
compacted file metadata debug output
2011-11-28 14:39:52 +01:00
dbe7751a22
Copy just 20 bytes of pcr after value
2011-11-28 14:39:52 +01:00
b8017b5eba
follow strongswan coding rules
2011-11-28 14:39:52 +01:00
954be9f5e4
Sort the pcr entries list everytime new entry is added
2011-11-28 14:39:52 +01:00
b532c454ad
Modified some unnecessary todo statement
2011-11-28 14:39:51 +01:00
20c005f9e4
Cosmetics
2011-11-28 14:39:51 +01:00
e2d26e47e9
Deleted unnecessary debuggin statements for File Metadata on IMC side
2011-11-28 14:39:51 +01:00
7fa72be3f2
Implemented creating and handling of Optional PCR Composite field in Simple Evidence Final attribute
2011-11-28 14:39:51 +01:00
d6fc5bace3
Construct PCR Composite using information received in Simple Component Evidence attributes
2011-11-28 14:39:51 +01:00
d09cf19716
Temporary commenting out of processing optional PCR Composite field
2011-11-28 14:39:51 +01:00
52ae3f27f8
Used Openssl RSA_verify function
2011-11-28 14:39:51 +01:00
72684a710b
Fixed calculate quote info function -> initialize PCR bit mask array with zeroes
...
Return TPM Quote Info only, hash of it is calculated in IMV Process
Renamed digest with quote info
2011-11-28 14:39:51 +01:00
baee8292ad
Included hasher.h
2011-11-28 14:39:51 +01:00
0dd5914cc1
fixed typo in reason strings
2011-11-28 14:39:51 +01:00
b8cc499b7e
Check if matching value configured with the received pcr after value in Simple Component Evidence
2011-11-28 14:39:51 +01:00
26b657ce2b
Changed definition of pcr_value in pcr_entry_t structure
...
Implemented function to check if recevied PCR after value matches with any configured pcr value
2011-11-28 14:39:51 +01:00
d631a1dda5
deleted unnecessary debuggin statement
2011-11-28 14:39:51 +01:00
2eb3dc40b9
return SHA1 hash of TPM Quote Info in calculate_quote_digest
2011-11-28 14:39:51 +01:00
67299653e4
Modified reason strings
2011-11-28 14:39:51 +01:00
47e5d106a6
Replaced static string path with Metadata requests retrieved from pts database
2011-11-28 14:39:51 +01:00
8ed9f5552e
Implemented new create enumerator function to get metadata request paths
...
Modified existing file_enumerator function to include just measurement requests
2011-11-28 14:39:51 +01:00
df918eca8d
Added measurement and metadata columns to files table
...
Added "/etc/tnc_config" file record for metadata request
Modified files table entries with measurement flag set
2011-11-28 14:39:51 +01:00
a8be826be4
Implemented Quote Digest constructing function for IMV
...
Implemented Signature verification function to check TPM Quote Signature
Implemented Handling of Simple Evidence Final attribute
Fixed bug within tpm_quote function
2011-11-28 14:39:50 +01:00
7037b55ff1
Replaced with boolean variable for PCR info included and Evidence Signature included flags
...
Write and Read flags to int first and set flags /Due to special definition/
2011-11-28 14:39:50 +01:00
d25b7b3d9a
Loading AIK Blob from file configured
...
Finalized implementation of quote_tpm function
2011-11-28 14:39:50 +01:00
fe247ba2a6
Get AIK certificate encoding in PUBKEY_ASN1_DER if it's just public key
2011-11-28 14:39:50 +01:00
f557e5fcaf
Added parentesis for logical conditions of IF statement to get rid of the warning
2011-11-28 14:39:50 +01:00
dc5995fb51
added pts_dh_group_error_create() and pts_dh_nonce_error_create()
2011-11-28 14:39:50 +01:00
d7bc2841ca
moved building of attributes to imv_attestation_build
2011-11-28 14:39:50 +01:00
5e5d6ecd94
cosmetics
2011-11-28 14:39:50 +01:00
cae9bc9b59
moved comments
2011-11-28 14:39:50 +01:00
03fe2ed684
added the IMV_ATTESTATION_STATE_NONCE_REQ state
2011-11-28 14:39:50 +01:00
325704e1b4
moved attribute processing to imc_attestation_process
2011-11-28 14:39:50 +01:00
95c6cdeee8
aborting after fatal imv_attestation error
2011-11-28 14:39:50 +01:00
350f855ca4
moved attribute processing to imv_attestation_process
2011-11-28 14:39:50 +01:00
cc1406d6fa
refactored DH group nonce exchange
2011-11-28 14:39:50 +01:00
6728e09d39
cosmetics
2011-11-28 14:39:50 +01:00
111ad5cc39
normalized and extended pts_meas_algo functions
2011-11-28 14:39:50 +01:00
f29a36f2a3
renamed conversion function to pts_dh_group_to_ike
2011-11-28 14:39:50 +01:00
2a415e77c7
normalized pts_dh_group function names
2011-11-28 14:39:49 +01:00
3be8995c3e
added pts_dh_group_select
2011-11-28 14:39:49 +01:00
542b33c350
combine two algorithm checks
2011-11-28 14:39:49 +01:00
02855188ef
fixed setting of PTS DH group
2011-11-28 14:39:49 +01:00
ea195cb6ef
Changed encoding type to ASN.1 DER
2011-11-28 14:34:21 +01:00
924f3bf59e
Improved implementation of Read PCR/ Extend PCR/ Quote_TPM functions
...
Implemented creating/handling of Simple Evidence Final attribute (incomplete)
2011-11-28 14:34:21 +01:00
e1aebc940a
Removed unnecessary setter functions
2011-11-28 14:34:21 +01:00
768b6b95d7
Fixes for memory leaks
2011-11-28 14:34:21 +01:00
3ca2e65f0d
Freeing memory allocated for AIK after writing
2011-11-28 14:34:21 +01:00
a3be32a2d5
Changed definition of output and set them in quote_tpm function
2011-11-28 14:34:21 +01:00
20c70d9839
Use already negotiated Measurement algorithm as Hashing algorithm for Diffie Hellman secret calculation
2011-11-28 14:34:21 +01:00
b46930bf5f
Implemented first version of tpm quote function
2011-11-28 14:34:21 +01:00
c0da11615b
added newline at end of file
2011-11-28 14:34:21 +01:00
a81a5f8bc4
fixed pts_probe_dh_groups warning
2011-11-28 14:34:21 +01:00
ef8ea80a28
Fixed some memory leaks
2011-11-28 14:34:21 +01:00
4b3d992d08
Changed definition of get_my_pub_val function a little
2011-11-28 14:34:21 +01:00
4002b41b92
Added ctime function to white list
2011-11-28 14:34:21 +01:00
10210cc6e9
Fixed freeing invalid memory issue
2011-11-28 14:34:21 +01:00
849b903baa
Implemented hasndling of Request Functional Component Evidence and creation of Simple Component Evidences
2011-11-28 14:34:21 +01:00
f39197dd92
Implemented functions for reading and extending TPM PCR
...
Made hash_file function a member of pts object
2011-11-28 14:34:21 +01:00
7c7034f64c
Use struct containing the parameters for Create function
...
Deleted unnecessary setter functions
2011-11-28 14:34:21 +01:00
97ebeaa45c
Fixed memory leaks
2011-11-28 14:34:20 +01:00
2f229f10b1
Clone chunk_t parameters in create function
2011-11-28 14:34:20 +01:00
c10867f40b
Implemented handling of DH Parameters Response and Finish attributes
...
Implemented calculating session secrets
2011-11-28 14:34:20 +01:00
a2ca89676b
Replaced DH_NONCE state with TPM_INIT state
2011-11-28 14:34:20 +01:00
808017f6b7
Cloning chunk_t parameters in process message
2011-11-28 14:34:20 +01:00
f27c30329d
Fixed bug for updating supported diffie hellman groups
2011-11-28 14:34:20 +01:00
9d7ec5b6cd
Removed unnecessary debug statement
2011-11-28 14:34:20 +01:00
246e46a97c
Return false if mandatory DH Group IKE19 is not available
2011-11-28 14:34:20 +01:00
0daee96b05
Started implementing handling of DH Nonce attributes
2011-11-28 14:34:20 +01:00
9a49d2e065
Implemented Diffie Hellman Nonce attributes
2011-11-28 14:34:20 +01:00
4ec5d26fdf
Write/Read flags field directly to/from variable
2011-11-28 14:34:20 +01:00
1c6ebda3db
Began implementing handline of Functional Component Measuring attributes
2011-11-28 14:34:20 +01:00
9032e61b88
Fixed bug at checking error code from file stat
2011-11-28 14:34:20 +01:00
3e951334a2
Implemented handling of File Metadata
2011-11-28 14:28:00 +01:00
d22716509a
File not Found, Invalid path, Invalid Delimiter PTS errors case checks implemented
2011-11-28 14:28:00 +01:00
b4f037bb08
libfast: Fixed compiler warning.
2011-11-25 10:22:41 +01:00
5ddeaf2884
Fixed compiler warnings for DH groups that define no subgroup.
2011-11-25 10:18:03 +01:00
a660f1426e
Fixed missing initializer compiler warning.
2011-11-25 09:52:19 +01:00
b46a5cd4ef
Fixed check for log groups when debug_t is unsigned.
...
The range and signedness of enum types is up to the compiler.
2011-11-25 09:48:32 +01:00
282dcb9974
Fixed check of max_poll_time as it is an unsigned int.
2011-11-25 09:46:45 +01:00
edad908792
Fixed compiler warnings regarding enum comparison.
...
Warnings like
comparison of unsigned expression < 0 is always false
are reported with -Wextra when enum types that are compiled to an
unsigned type (which is up to the compiler) are checked for negativity.
2011-11-25 09:40:30 +01:00
4f775afda9
Added missing Android.mk files to distribution.
2011-11-22 18:31:12 +01:00
b2e493ab58
Fixed proposal numbering check in sa_payload
2011-11-21 09:12:00 +01:00
00b9e598f3
Fix copy'n'paste error in libhydra's netlink interface
...
Detected by cppcheck.
2011-11-21 09:00:39 +01:00
3fcacd283e
Fix unaligned aliasing warning in raw socket
2011-11-17 18:22:07 +01:00
7b21873668
Fix network interface deletion handling in kernel-netlink plugin.
...
When the kernel reports the deletion of an interface (RTM_DELLINK),
the cached interface attributes, including ifindex, become invalid
and must be forgotten.
Interface link state changes ("up" and "down") show up as RTM_NEWLINK,
so they will not cause a cached entry to be removed or
prevent listening to address change notifications.
Once an interface has been deleted, the kernel ought to stop sending
notifications for it. If the interface gets recreated with the same
name later, the kernel again reports RTM_NEWLINK, which causes a new
cache entry to be created.
There should be no reason to keep a stale cache entry around, as was
claimed in the comment.
2011-11-14 15:24:48 +01:00
727fe0f99e
libfreeswan: Fixed compiler warning.
2011-11-09 19:20:10 +01:00
4de8f280e1
pkcs11: Fixed a bug when creating public keys.
2011-11-09 17:39:24 +01:00
99246a4fc2
gcrypt does not support MD2
2011-11-09 06:48:55 +01:00
4182d7a58d
added dummy libsimaka_init() function needed for integrity testing
2011-11-08 21:18:48 +01:00
e7cb8f9b37
added dummy libtls_init() function needed for integrity testing
2011-11-08 20:27:17 +01:00
856baca23e
Fixed monolithic build of libcharon with libtnccs enabled.
2011-11-08 18:35:11 +01:00
59c5f048bb
Correctly refer to tnc-tnccs plugin when building monolithically.
2011-11-08 18:35:11 +01:00
b12ad862c1
Calculate checksums for libsimaka and libtls.
...
These are currently not checked though. And because they don't define a
<libname>_init function an warning is reported when the checksum is
calculated.
2011-11-08 18:35:11 +01:00
89bad63bac
Defer calculation of checksums until installation.
...
The checksum is now calculated from the installed libraries and plugins.
This allows to calculate checksums for plugins linking to libraries like
libtls as these are relinked during installation.
2011-11-08 18:35:11 +01:00
4ad67fe7d5
Fixed formatting for longer plugin names in checksum_builder output.
2011-11-08 18:35:11 +01:00
9192f78f70
Don't link libtnccs to checksum_builder.
...
Linking is only required for libraries defining global symbols used by
plugins to which the plugins do not link themselves.
2011-11-08 18:35:11 +01:00
48e87e12ab
Revert "fixed integrity tests of plugins using libtls or libtnccs"
...
This reverts commit b597ac4a4c
2011-11-08 18:35:11 +01:00
e034cc9ca9
Revert "fixed integrity tests of plugins using libsimaka"
...
This reverts commit 8c42f16dee
2011-11-08 18:35:11 +01:00
bc0a4f7663
assign get_features method
2011-11-07 19:15:41 +01:00
72a1b2e308
Allow support for CA-certificate retrieval in scepclient
...
I think somehow this functionality got lost in the way from
strongswan-2.7.0...
2011-11-04 15:13:32 +01:00
866858527d
Fix 'ipsec pool --status' for empty pools.
2011-11-04 15:07:54 +01:00
39b30518c2
Syntax error in sqlite.sql fixed.
2011-11-04 14:37:22 +01:00
ef4206b50e
if available link libsimaka to checksum_builder
2011-11-04 11:27:19 +01:00
f094dbc9bf
use the correct USE_SIMAKA conditional
2011-11-04 11:27:19 +01:00
8c42f16dee
fixed integrity tests of plugins using libsimaka
2011-11-04 11:27:19 +01:00
93818392cd
Change order of ocsp uris when parsing a cert
2011-11-04 11:11:17 +01:00
6e5e2762d3
Handle certificates being on hold in a CRL
...
Certificates which are set on hold in a CRL might be removed from any
subsequent CRL. Hence you cannot conclude that a certificate is revoked
for good in this case, you would try to retrieve an update CRL to see if
the certificate on hold is still on it or not.
2011-11-04 11:11:17 +01:00
c125d1ba13
Memwipe request after sa update, too
2011-11-04 11:11:17 +01:00
42e2da606c
Use chunk_clear to memwipe shared secret
2011-11-04 11:11:17 +01:00
dbd2169569
Change order of destroy/get_ref function calls
...
Since DESTROY_IF might destroy the peer_cfg, a get_ref on a freed object
is subject to fail.
2011-11-04 11:11:17 +01:00
c230885a07
Fix resource leak in x509_ocsp_response
2011-11-04 11:11:17 +01:00
dbfd1a63aa
Extend xfrm_attr_type_names by newly added enum values
2011-11-04 11:11:17 +01:00
051226d5c0
Silently install route again, even if it did not change.
...
Address/interface changes can cause the route to disappear. Afterwards
the route might look the same but that does not mean it is still installed.
2011-11-04 11:11:17 +01:00
25d59e9e2d
Compile warning fixed in kernel interfaces.
2011-11-04 11:11:17 +01:00
f3eef176f4
Common spelling errors fixed.
2011-11-03 19:30:17 +01:00
1bdd255ed3
pkcs11: Make public key operations on tokens optional.
2011-11-03 17:56:40 +01:00
5b85b94e27
pkcs11: Make sure a key can be used for a given signature scheme.
2011-11-02 20:27:55 +01:00
58d0a8d49b
pkcs11: Register ECDSA feature.
2011-11-02 20:27:55 +01:00
fd48b220ed
pkcs11: We have to create our own hashes for some signature schemes.
2011-11-02 20:27:55 +01:00
30a3ede8ce
pkcs11: Lookup the public key of a private key by CKA_ID.
...
Currently this only works if a public key object with the same ID is
available, if there isn't one we could search for a certificate with the
same ID and extract the key from there.
2011-11-02 20:27:55 +01:00
5d2fccf439
pkcs11: Search for private keys in a more generic way.
...
Also, don't extract the public key directly from the private key. Some
tokens actually do not return the public exponent (it's not required).
We have to find a different way to get the public key.
2011-11-02 20:27:55 +01:00
9e3b1e1495
pkcs11: Added support to encode ECDSA public keys.
2011-11-02 20:27:55 +01:00
36d1627f6e
pkcs11: Parse ECDSA public keys and find/create them on tokens.
2011-11-02 20:27:55 +01:00
574261163f
pkcs11: Added generic functions to find/create public keys on tokens.
2011-11-02 20:27:55 +01:00
a8084ee011
pkcs11: Store public key length in bits.
2011-11-02 20:27:55 +01:00
8859c1f26b
pkcs11: Fix encoding of RSA public keys.
2011-11-02 20:27:55 +01:00
dae19d448d
pkcs11: Use create_object_attr_enumerator to encode RSA public key.
2011-11-02 20:27:54 +01:00
b0319fe860
pkcs11: Instead of a mutex use a new session to do multipart operations.
2011-11-02 20:27:54 +01:00
c198525104
pkcs11: Function added to retrieve multiple attributes from a single object.
2011-11-02 20:27:54 +01:00
817d165cbc
pkcs11: Memory leak fixed in DH/ECDH implementation.
2011-11-02 20:27:54 +01:00
43cd036a77
pkcs11: Invalid free fixed in DH/ECDH implementation.
2011-11-02 20:27:54 +01:00
50ad6eacb6
pkcs11: Changed how pkcs11-manager is initialized.
...
The manager is now created directly, but events and certificate loading
is deferred.
2011-11-02 20:27:54 +01:00
cf9d45ea08
pkcs11: Add attributes to specify what we use the DH/ECDH keys for.
2011-11-02 20:27:54 +01:00
90bb98f4ac
charon must load libtls if available
2011-11-02 09:28:09 +01:00
b597ac4a4c
fixed integrity tests of plugins using libtls or libtnccs
2011-11-02 06:42:08 +01:00
b7b5bca048
pkcs11: Allow to build pkcs11 plugin on Android.
2011-10-31 18:55:27 +01:00
23b50b776b
pkcs11: Use callback registration for pkcs11-manager.
...
Otherwise a plugin providing X509 decoding capabilities might be unloaded
before the manager which will result in a segmentation fault when
certificates in the manager's credential sets are to be destroyed.
2011-10-31 18:45:37 +01:00
10b82be61f
pkcs11: Merged the ECDH into the DH implementation.
2011-10-31 18:45:37 +01:00
89de89be57
pkcs11: Use get_ck_attribute for ECDH.
2011-10-31 18:45:37 +01:00
cac6853180
pkcs11: Use get_ck_attribute for DH.
2011-10-31 18:45:37 +01:00
8531106578
pkcs11: Method added to library to extract a single attribute from an object.
2011-10-31 18:45:36 +01:00
6a5020fc67
pkcs11: Added names for CKA_* constants.
2011-10-31 18:45:36 +01:00
4e346b1f97
pkcs11: Added support for ECDH.
2011-10-31 18:45:36 +01:00
612e431305
pkcs11: Added definitions needed for ECDH to pkcs11.h.
2011-10-31 18:45:36 +01:00
Andreas Steffen