1: /*
2: * Copyright (C) 2011-2020 Andreas Steffen
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include "ita_comp_tgrub.h"
17: #include "ita_comp_func_name.h"
18:
19: #include "pts/components/pts_component.h"
20:
21: #include <utils/debug.h>
22: #include <pen/pen.h>
23:
24: typedef struct pts_ita_comp_tgrub_t pts_ita_comp_tgrub_t;
25:
26: /**
27: * Private data of a pts_ita_comp_tgrub_t object.
28: *
29: */
30: struct pts_ita_comp_tgrub_t {
31:
32: /**
33: * Public pts_component_t interface.
34: */
35: pts_component_t public;
36:
37: /**
38: * Component Functional Name
39: */
40: pts_comp_func_name_t *name;
41:
42: /**
43: * Sub-component depth
44: */
45: uint32_t depth;
46:
47: /**
48: * PTS measurement database
49: */
50: pts_database_t *pts_db;
51:
52: /**
53: * Reference count
54: */
55: refcount_t ref;
56:
57: };
58:
59: METHOD(pts_component_t, get_comp_func_name, pts_comp_func_name_t*,
60: pts_ita_comp_tgrub_t *this)
61: {
62: return this->name;
63: }
64:
65: METHOD(pts_component_t, get_evidence_flags, uint8_t,
66: pts_ita_comp_tgrub_t *this)
67: {
68: return PTS_REQ_FUNC_COMP_EVID_PCR;
69: }
70:
71: METHOD(pts_component_t, get_depth, uint32_t,
72: pts_ita_comp_tgrub_t *this)
73: {
74: return this->depth;
75: }
76:
77: METHOD(pts_component_t, measure, status_t,
78: pts_ita_comp_tgrub_t *this, uint8_t qualifier, pts_t *pts,
79: pts_comp_evidence_t **evidence)
80: {
81: size_t pcr_len;
82: pts_pcr_transform_t pcr_transform;
83: pts_meas_algorithms_t hash_algo;
84: pts_comp_evidence_t *evid;
85: uint32_t extended_pcr;
86: time_t measurement_time;
87: chunk_t measurement, pcr_before, pcr_after;
88:
89: /* Provisional implementation for TGRUB */
90: extended_pcr = PCR_DEBUG;
91: time(&measurement_time);
92:
93: if (!pts->read_pcr(pts, extended_pcr, &pcr_after, HASH_SHA1))
94: {
95: DBG1(DBG_PTS, "error occurred while reading PCR: %d", extended_pcr);
96: return FAILED;
97: }
98:
99: hash_algo = PTS_MEAS_ALGO_SHA1;
100: pcr_len = HASH_SIZE_SHA1;
101: pcr_transform = pts_meas_algo_to_pcr_transform(hash_algo, pcr_len);
102:
103: measurement = chunk_alloc(pcr_len);
104: memset(measurement.ptr, 0x00, measurement.len);
105:
106: pcr_before = chunk_alloc(pcr_len);
107: memset(pcr_before.ptr, 0x00, pcr_before.len);
108:
109: evid = *evidence = pts_comp_evidence_create(this->name->clone(this->name),
110: this->depth, extended_pcr,
111: hash_algo, pcr_transform,
112: measurement_time, measurement);
113: evid->set_pcr_info(evid, pcr_before, pcr_after);
114:
115: return SUCCESS;
116: }
117:
118: METHOD(pts_component_t, verify, status_t,
119: pts_ita_comp_tgrub_t *this, uint8_t qualifier, pts_t *pts,
120: pts_comp_evidence_t *evidence)
121: {
122: bool has_pcr_info;
123: uint32_t extended_pcr;
124: pts_meas_algorithms_t algo;
125: pts_pcr_transform_t transform;
126: pts_pcr_t *pcrs;
127: time_t measurement_time;
128: chunk_t pcr_before, pcr_after;
129: chunk_t measurement __attribute__((unused));
130:
131: pcrs = pts->get_pcrs(pts);
132: if (!pcrs)
133: {
134: return FAILED;
135: }
136: measurement = evidence->get_measurement(evidence, &extended_pcr,
137: &algo, &transform, &measurement_time);
138: if (extended_pcr != PCR_DEBUG)
139: {
140: return FAILED;
141: }
142:
143: /* TODO check measurement in database */
144:
145: has_pcr_info = evidence->get_pcr_info(evidence, &pcr_before, &pcr_after);
146: if (has_pcr_info)
147: {
148: if (!chunk_equals_const(pcr_before, pcrs->get(pcrs, extended_pcr)))
149: {
150: DBG1(DBG_PTS, "PCR %2u: pcr_before is not equal to pcr value");
151: }
152: if (pcrs->set(pcrs, extended_pcr, pcr_after))
153: {
154: return SUCCESS;
155: }
156: }
157:
158: return SUCCESS;
159: }
160:
161: METHOD(pts_component_t, finalize, bool,
162: pts_ita_comp_tgrub_t *this, uint8_t qualifier, bio_writer_t *result)
163: {
164: return FALSE;
165: }
166:
167: METHOD(pts_component_t, get_ref, pts_component_t*,
168: pts_ita_comp_tgrub_t *this)
169: {
170: ref_get(&this->ref);
171: return &this->public;
172: }
173:
174: METHOD(pts_component_t, destroy, void,
175: pts_ita_comp_tgrub_t *this)
176: {
177: if (ref_put(&this->ref))
178: {
179: this->name->destroy(this->name);
180: free(this);
181: }
182: }
183:
184: /**
185: * See header
186: */
187: pts_component_t *pts_ita_comp_tgrub_create(uint32_t depth,
188: pts_database_t *pts_db)
189: {
190: pts_ita_comp_tgrub_t *this;
191:
192: INIT(this,
193: .public = {
194: .get_comp_func_name = _get_comp_func_name,
195: .get_evidence_flags = _get_evidence_flags,
196: .get_depth = _get_depth,
197: .measure = _measure,
198: .verify = _verify,
199: .finalize = _finalize,
200: .get_ref = _get_ref,
201: .destroy = _destroy,
202: },
203: .name = pts_comp_func_name_create(PEN_ITA, PTS_ITA_COMP_FUNC_NAME_TGRUB,
204: PTS_ITA_QUALIFIER_FLAG_KERNEL |
205: PTS_ITA_QUALIFIER_TYPE_TRUSTED),
206: .depth = depth,
207: .pts_db = pts_db,
208: .ref = 1,
209: );
210:
211: return &this->public;
212: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to ita_comp_tgrub.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libimcv / pts / components / ita