![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ita_comp_tgrub.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libimcv / pts / components / ita|
Return to ita_comp_tgrub.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libimcv / pts / components / ita |
1.1 misho 1: /*
2: * Copyright (C) 2011-2012 Andreas Steffen
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include "ita_comp_tgrub.h"
17: #include "ita_comp_func_name.h"
18:
19: #include "pts/components/pts_component.h"
20:
21: #include <utils/debug.h>
22: #include <pen/pen.h>
23:
24: typedef struct pts_ita_comp_tgrub_t pts_ita_comp_tgrub_t;
25:
26: /**
27: * Private data of a pts_ita_comp_tgrub_t object.
28: *
29: */
30: struct pts_ita_comp_tgrub_t {
31:
32: /**
33: * Public pts_component_t interface.
34: */
35: pts_component_t public;
36:
37: /**
38: * Component Functional Name
39: */
40: pts_comp_func_name_t *name;
41:
42: /**
43: * Sub-component depth
44: */
45: uint32_t depth;
46:
47: /**
48: * PTS measurement database
49: */
50: pts_database_t *pts_db;
51:
52: /**
53: * Reference count
54: */
55: refcount_t ref;
56:
57: };
58:
59: METHOD(pts_component_t, get_comp_func_name, pts_comp_func_name_t*,
60: pts_ita_comp_tgrub_t *this)
61: {
62: return this->name;
63: }
64:
65: METHOD(pts_component_t, get_evidence_flags, uint8_t,
66: pts_ita_comp_tgrub_t *this)
67: {
68: return PTS_REQ_FUNC_COMP_EVID_PCR;
69: }
70:
71: METHOD(pts_component_t, get_depth, uint32_t,
72: pts_ita_comp_tgrub_t *this)
73: {
74: return this->depth;
75: }
76:
77: METHOD(pts_component_t, measure, status_t,
78: pts_ita_comp_tgrub_t *this, uint8_t qualifier, pts_t *pts,
79: pts_comp_evidence_t **evidence)
80: {
81: size_t pcr_len;
82: pts_pcr_transform_t pcr_transform;
83: pts_meas_algorithms_t hash_algo;
84: pts_comp_evidence_t *evid;
85: uint32_t extended_pcr;
86: time_t measurement_time;
87: chunk_t measurement, pcr_before, pcr_after;
88:
89: /* Provisional implementation for TGRUB */
90: extended_pcr = PCR_DEBUG;
91: time(&measurement_time);
92:
93: if (!pts->read_pcr(pts, extended_pcr, &pcr_after, HASH_SHA1))
94: {
95: DBG1(DBG_PTS, "error occurred while reading PCR: %d", extended_pcr);
96: return FAILED;
97: }
98:
99: hash_algo = PTS_MEAS_ALGO_SHA1;
100: pcr_len = HASH_SIZE_SHA1;
101: pcr_transform = pts_meas_algo_to_pcr_transform(hash_algo, pcr_len);
102:
103: measurement = chunk_alloc(pcr_len);
104: memset(measurement.ptr, 0x00, measurement.len);
105:
106: pcr_before = chunk_alloc(pcr_len);
107: memset(pcr_before.ptr, 0x00, pcr_before.len);
108:
109: evid = *evidence = pts_comp_evidence_create(this->name->clone(this->name),
110: this->depth, extended_pcr,
111: hash_algo, pcr_transform,
112: measurement_time, measurement);
113: evid->set_pcr_info(evid, pcr_before, pcr_after);
114:
115: return SUCCESS;
116: }
117:
118: METHOD(pts_component_t, verify, status_t,
119: pts_ita_comp_tgrub_t *this, uint8_t qualifier, pts_t *pts,
120: pts_comp_evidence_t *evidence)
121: {
122: bool has_pcr_info;
123: uint32_t extended_pcr;
124: pts_meas_algorithms_t algo;
125: pts_pcr_transform_t transform;
126: pts_pcr_t *pcrs;
127: time_t measurement_time;
128: chunk_t pcr_before, pcr_after;
129: chunk_t measurement __attribute__((unused));
130:
131: pcrs = pts->get_pcrs(pts);
132: measurement = evidence->get_measurement(evidence, &extended_pcr,
133: &algo, &transform, &measurement_time);
134: if (extended_pcr != PCR_DEBUG)
135: {
136: return FAILED;
137: }
138:
139: /* TODO check measurement in database */
140:
141: has_pcr_info = evidence->get_pcr_info(evidence, &pcr_before, &pcr_after);
142: if (has_pcr_info)
143: {
144: if (!chunk_equals_const(pcr_before, pcrs->get(pcrs, extended_pcr)))
145: {
146: DBG1(DBG_PTS, "PCR %2u: pcr_before is not equal to pcr value");
147: }
148: if (pcrs->set(pcrs, extended_pcr, pcr_after))
149: {
150: return SUCCESS;
151: }
152: }
153:
154: return SUCCESS;
155: }
156:
157: METHOD(pts_component_t, finalize, bool,
158: pts_ita_comp_tgrub_t *this, uint8_t qualifier, bio_writer_t *result)
159: {
160: return FALSE;
161: }
162:
163: METHOD(pts_component_t, get_ref, pts_component_t*,
164: pts_ita_comp_tgrub_t *this)
165: {
166: ref_get(&this->ref);
167: return &this->public;
168: }
169:
170: METHOD(pts_component_t, destroy, void,
171: pts_ita_comp_tgrub_t *this)
172: {
173: if (ref_put(&this->ref))
174: {
175: this->name->destroy(this->name);
176: free(this);
177: }
178: }
179:
180: /**
181: * See header
182: */
183: pts_component_t *pts_ita_comp_tgrub_create(uint32_t depth,
184: pts_database_t *pts_db)
185: {
186: pts_ita_comp_tgrub_t *this;
187:
188: INIT(this,
189: .public = {
190: .get_comp_func_name = _get_comp_func_name,
191: .get_evidence_flags = _get_evidence_flags,
192: .get_depth = _get_depth,
193: .measure = _measure,
194: .verify = _verify,
195: .finalize = _finalize,
196: .get_ref = _get_ref,
197: .destroy = _destroy,
198: },
199: .name = pts_comp_func_name_create(PEN_ITA, PTS_ITA_COMP_FUNC_NAME_TGRUB,
200: PTS_ITA_QUALIFIER_FLAG_KERNEL |
201: PTS_ITA_QUALIFIER_TYPE_TRUSTED),
202: .depth = depth,
203: .pts_db = pts_db,
204: .ref = 1,
205: );
206:
207: return &this->public;
208: }