[BACK]Return to pts_comp_evidence.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libimcv / pts / components
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libimcv / pts / components / pts_comp_evidence.c
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Jun 3 09:46:43 2020 UTC (4 years, 3 months ago) by misho
Branches: strongswan, MAIN
CVS tags: v5_9_2p0, v5_8_4p7, HEAD
Strongswan

    1: /*
    2:  * Copyright (C) 2011 Sansar Choinyambuu, Andreas Steffen
    3:  * HSR Hochschule fuer Technik Rapperswil
    4:  *
    5:  * This program is free software; you can redistribute it and/or modify it
    6:  * under the terms of the GNU General Public License as published by the
    7:  * Free Software Foundation; either version 2 of the License, or (at your
    8:  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
    9:  *
   10:  * This program is distributed in the hope that it will be useful, but
   11:  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
   12:  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
   13:  * for more details.
   14:  */
   15: 
   16: #include "pts/components/pts_comp_evidence.h"
   17: 
   18: #include <utils/debug.h>
   19: 
   20: typedef struct private_pts_comp_evidence_t private_pts_comp_evidence_t;
   21: 
   22: /**
   23:  * Private data of a pts_comp_evidence_t object.
   24:  */
   25: struct private_pts_comp_evidence_t {
   26: 
   27: 	/**
   28: 	 * Public pts_comp_evidence_t interface.
   29: 	 */
   30: 	pts_comp_evidence_t public;
   31: 
   32: 	/**
   33: 	 * Component Functional Name
   34: 	 */
   35: 	pts_comp_func_name_t *name;
   36: 
   37: 	/**
   38: 	 * Sub-Component Depth
   39: 	 */
   40: 	uint32_t depth;
   41: 
   42: 	/**
   43: 	 * Measurement Time
   44: 	 */
   45: 	time_t measurement_time;
   46: 
   47: 	/**
   48: 	 * Measurement Time
   49: 	 */
   50: 	chunk_t measurement;
   51: 
   52: 	/**
   53: 	 * Measurement Hash Algorithm
   54: 	 */
   55: 	pts_meas_algorithms_t hash_algorithm;
   56: 
   57: 	/**
   58: 	 * Is PCR Information included?
   59: 	 */
   60: 	bool has_pcr_info;
   61: 
   62: 	/**
   63: 	 * PCR the measurement was extended into
   64: 	 */
   65: 	uint32_t extended_pcr;
   66: 
   67: 	/**
   68: 	 * PCR value before extension
   69: 	 */
   70: 	chunk_t pcr_before;
   71: 
   72: 	/**
   73: 	 * PCR value after extension
   74: 	 */
   75: 	chunk_t pcr_after;
   76: 
   77: 	/**
   78: 	 * Transformation used for extending measurement into PCR
   79: 	 */
   80: 	pts_pcr_transform_t transform;
   81: 
   82: 	/**
   83: 	 * Component Validation Result
   84: 	 */
   85: 	pts_comp_evid_validation_t validation;
   86: 
   87: 	/**
   88: 	 * Verification Policy URI
   89: 	 */
   90: 	char *policy_uri;
   91: 
   92: };
   93: 
   94: METHOD(pts_comp_evidence_t, get_comp_func_name, pts_comp_func_name_t*,
   95: 	private_pts_comp_evidence_t *this, uint32_t *depth)
   96: {
   97: 	if (depth)
   98: 	{
   99: 		*depth = this->depth;
  100: 	}
  101: 	return this->name;
  102: }
  103: 
  104: METHOD(pts_comp_evidence_t, get_extended_pcr, uint32_t,
  105: 	private_pts_comp_evidence_t *this)
  106: {
  107: 	return this->extended_pcr;
  108: }
  109: 
  110: METHOD(pts_comp_evidence_t, get_measurement, chunk_t,
  111: 	private_pts_comp_evidence_t *this, uint32_t *extended_pcr,
  112: 	pts_meas_algorithms_t *algo, pts_pcr_transform_t *transform,
  113: 	time_t *measurement_time)
  114: {
  115: 	if (extended_pcr)
  116: 	{
  117: 		*extended_pcr = this->extended_pcr;
  118: 	}
  119: 	if (algo)
  120: 	{
  121: 		*algo = this->hash_algorithm;
  122: 	}
  123: 	if (transform)
  124: 	{
  125: 		*transform = this->transform;
  126: 	}
  127: 	if (measurement_time)
  128: 	{
  129: 		*measurement_time = this->measurement_time;
  130: 	}
  131: 	return this->measurement;
  132: }
  133: 
  134: METHOD(pts_comp_evidence_t, get_pcr_info, bool,
  135: 	private_pts_comp_evidence_t *this, chunk_t *pcr_before, chunk_t *pcr_after)
  136: {
  137: 	if (pcr_before)
  138: 	{
  139: 		*pcr_before = this->pcr_before;
  140: 	}
  141: 	if (pcr_after)
  142: 	{
  143: 		*pcr_after = this->pcr_after;
  144: 	}
  145: 	return this->has_pcr_info;
  146: }
  147: 
  148: METHOD(pts_comp_evidence_t, set_pcr_info, void,
  149: 	private_pts_comp_evidence_t *this, chunk_t pcr_before, chunk_t pcr_after)
  150: {
  151: 	this->has_pcr_info = TRUE;
  152: 	this->pcr_before = pcr_before;
  153: 	this->pcr_after =  pcr_after;
  154: 
  155: 	DBG3(DBG_PTS, "PCR %2d before value : %#B", this->extended_pcr, &pcr_before);
  156: 	DBG3(DBG_PTS, "PCR %2d after value  : %#B", this->extended_pcr, &pcr_after);
  157: }
  158: 
  159: METHOD(pts_comp_evidence_t, get_validation, pts_comp_evid_validation_t,
  160: 	private_pts_comp_evidence_t *this, char **uri)
  161: {
  162: 	if (uri)
  163: 	{
  164: 		*uri = this->policy_uri;
  165: 	}
  166: 	return this->validation;
  167: }
  168: 
  169: METHOD(pts_comp_evidence_t, set_validation, void,
  170: 	private_pts_comp_evidence_t *this, pts_comp_evid_validation_t validation,
  171: 	char *uri)
  172: {
  173: 	this->validation = validation;
  174: 	if (uri)
  175: 	{
  176: 		this->policy_uri = strdup(uri);
  177: 		DBG3(DBG_PTS, "'%s'", uri);
  178: 	}
  179: }
  180: 
  181: METHOD(pts_comp_evidence_t, destroy, void,
  182: 	private_pts_comp_evidence_t *this)
  183: {
  184: 	this->name->destroy(this->name);
  185: 	free(this->measurement.ptr);
  186: 	free(this->pcr_before.ptr);
  187: 	free(this->pcr_after.ptr);
  188: 	free(this->policy_uri);
  189: 	free(this);
  190: }
  191: 
  192: /**
  193:  * See header
  194:  */
  195: pts_comp_evidence_t *pts_comp_evidence_create(pts_comp_func_name_t *name,
  196: 											  uint32_t depth,
  197: 											  uint32_t extended_pcr,
  198: 											  pts_meas_algorithms_t algo,
  199: 											  pts_pcr_transform_t transform,
  200: 											  time_t measurement_time,
  201: 											  chunk_t measurement)
  202: {
  203: 	private_pts_comp_evidence_t *this;
  204: 
  205: 	INIT(this,
  206: 		.public = {
  207: 			.get_comp_func_name = _get_comp_func_name,
  208: 			.get_extended_pcr = _get_extended_pcr,
  209: 			.get_measurement = _get_measurement,
  210: 			.get_pcr_info = _get_pcr_info,
  211: 			.set_pcr_info = _set_pcr_info,
  212: 			.get_validation = _get_validation,
  213: 			.set_validation = _set_validation,
  214: 			.destroy = _destroy,
  215: 		},
  216: 		.name = name,
  217: 		.depth = depth,
  218: 		.extended_pcr = extended_pcr,
  219: 		.hash_algorithm = algo,
  220: 		.transform = transform,
  221: 		.measurement_time = measurement_time,
  222: 		.measurement = measurement,
  223: 	);
  224: 
  225: 	name->log(name, "");
  226: 	DBG3(DBG_PTS, "measurement time: %T", &measurement_time, FALSE);
  227: 	DBG3(DBG_PTS, "PCR %2d extended with: %#B", extended_pcr, &measurement);
  228: 
  229: 	return &this->public;
  230: }
  231: 
  232: /**
  233:  * See header
  234:  */
  235: pts_pcr_transform_t pts_meas_algo_to_pcr_transform(pts_meas_algorithms_t algo,
  236: 												   size_t pcr_len)
  237: {
  238: 	size_t hash_size;
  239: 
  240: 	hash_size = pts_meas_algo_hash_size(algo);
  241: 	if (hash_size == 0)
  242: 	{
  243: 		return PTS_PCR_TRANSFORM_NO;
  244: 	}
  245: 	if (hash_size == pcr_len)
  246: 	{
  247: 		return PTS_PCR_TRANSFORM_MATCH;
  248: 	}
  249: 	if (hash_size > pcr_len)
  250: 	{
  251: 		return PTS_PCR_TRANSFORM_LONG;
  252: 	}
  253: 	return PTS_PCR_TRANSFORM_SHORT;
  254: }
  255:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>