![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to pts_pcr.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libimcv / pts|
Return to pts_pcr.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libimcv / pts |
1.1 misho 1: /*
2: * Copyright (C) 2012 Andreas Steffen
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include "pts_pcr.h"
17:
18: #include <utils/debug.h>
19:
20: #include <stdarg.h>
21:
22: typedef struct private_pts_pcr_t private_pts_pcr_t;
23:
24: /**
25: * Private data of a pts_pcr_t object.
26: *
27: */
28: struct private_pts_pcr_t {
29:
30: /**
31: * Public pts_pcr_t interface.
32: */
33: pts_pcr_t public;
34:
35: /**
36: * Shadow PCR registers
37: */
38: chunk_t pcrs[PTS_PCR_MAX_NUM];
39:
40: /**
41: * Number of extended PCR registers
42: */
43: uint32_t pcr_count;
44:
45: /**
46: * Highest extended PCR register
47: */
48: uint32_t pcr_max;
49:
50: /**
51: * Bitmap of extended PCR registers
52: */
53: uint8_t pcr_select[PTS_PCR_MAX_NUM / 8];
54:
55: /**
56: * Hasher used to extend shadow PCRs
57: */
58: hasher_t *hasher;
59:
60: };
61:
62: METHOD(pts_pcr_t, get_count, uint32_t,
63: private_pts_pcr_t *this)
64: {
65: return this->pcr_count;
66: }
67:
68: METHOD(pts_pcr_t, select_pcr, bool,
69: private_pts_pcr_t *this, uint32_t pcr)
70: {
71: uint32_t i, f;
72:
73: if (pcr >= PTS_PCR_MAX_NUM)
74: {
75: DBG1(DBG_PTS, "PCR %2u: number is larger than maximum of %u",
76: pcr, PTS_PCR_MAX_NUM-1);
77: return FALSE;
78: }
79:
80: /* Determine PCR selection flag */
81: i = pcr / 8;
82: f = 1 << (pcr - 8*i);
83:
84: /* Has this PCR already been selected? */
85: if (!(this->pcr_select[i] & f))
86: {
87: this->pcr_select[i] |= f;
88: this->pcr_max = max(this->pcr_max, pcr);
89: this->pcr_count++;
90: }
91: return TRUE;
92: }
93:
94: METHOD(pts_pcr_t, get_selection_size, size_t,
95: private_pts_pcr_t *this)
96: {
97:
98: /**
99: * A TPM v1.2 has 24 PCR Registers so the bitmask field length
100: * used by TrouSerS is at least 3 bytes
101: */
102: return PTS_PCR_MAX_NUM / 8;
103: }
104:
105: typedef struct {
106: /** implements enumerator_t */
107: enumerator_t public;
108: /** current PCR */
109: uint32_t pcr;
110: /** back reference to parent */
111: private_pts_pcr_t *pcrs;
112: } pcr_enumerator_t;
113:
114: METHOD(enumerator_t, pcr_enumerator_enumerate, bool,
115: pcr_enumerator_t *this, va_list args)
116: {
117: uint32_t i, f, *pcr;
118:
119: VA_ARGS_VGET(args, pcr);
120:
121: while (this->pcr <= this->pcrs->pcr_max)
122: {
123: /* Determine PCR selection flag */
124: i = this->pcr / 8;
125: f = 1 << (this->pcr - 8*i);
126:
127: /* Assign current PCR to output argument and increase */
128: *pcr = this->pcr++;
129:
130: /* return if PCR is selected */
131: if (this->pcrs->pcr_select[i] & f)
132: {
133: return TRUE;
134: }
135: }
136: return FALSE;
137: }
138:
139: METHOD(pts_pcr_t, create_enumerator, enumerator_t*,
140: private_pts_pcr_t *this)
141: {
142: pcr_enumerator_t *enumerator;
143:
144: INIT(enumerator,
145: .public = {
146: .enumerate = enumerator_enumerate_default,
147: .venumerate = _pcr_enumerator_enumerate,
148: .destroy = (void*)free,
149: },
150: .pcrs = this,
151: );
152:
153: return (enumerator_t*)enumerator;
154: }
155:
156: METHOD(pts_pcr_t, get, chunk_t,
157: private_pts_pcr_t *this, uint32_t pcr)
158: {
159: return (pcr < PTS_PCR_MAX_NUM) ? this->pcrs[pcr] : chunk_empty;
160: }
161:
162: METHOD(pts_pcr_t, set, bool,
163: private_pts_pcr_t *this, uint32_t pcr, chunk_t value)
164: {
165: if (value.len != PTS_PCR_LEN)
166: {
167: DBG1(DBG_PTS, "PCR %2u: value does not fit", pcr);
168: return FALSE;
169: }
170: if (select_pcr(this, pcr))
171: {
172: memcpy(this->pcrs[pcr].ptr, value.ptr, PTS_PCR_LEN);
173: return TRUE;
174: }
175: return FALSE;
176: }
177:
178: METHOD(pts_pcr_t, extend, chunk_t,
179: private_pts_pcr_t *this, uint32_t pcr, chunk_t measurement)
180: {
181: if (measurement.len != PTS_PCR_LEN)
182: {
183: DBG1(DBG_PTS, "PCR %2u: measurement does not fit", pcr);
184: return chunk_empty;
185: }
186: if (!select_pcr(this, pcr))
187: {
188: return chunk_empty;
189: }
190: if (!this->hasher->get_hash(this->hasher, this->pcrs[pcr] , NULL) ||
191: !this->hasher->get_hash(this->hasher, measurement, this->pcrs[pcr].ptr))
192: {
193: DBG1(DBG_PTS, "PCR %2u: not extended due to hasher problem", pcr);
194: return chunk_empty;
195: }
196: return this->pcrs[pcr];
197: }
198:
199: METHOD(pts_pcr_t, get_composite, tpm_tss_pcr_composite_t*,
200: private_pts_pcr_t *this)
201: {
202: tpm_tss_pcr_composite_t *pcr_composite;
203: enumerator_t *enumerator;
204: uint16_t selection_size;
205: uint32_t pcr_field_size, pcr;
206: u_char *pos;
207:
208: selection_size = get_selection_size(this);
209: pcr_field_size = this->pcr_count * PTS_PCR_LEN;
210:
211: INIT(pcr_composite,
212: .pcr_select = chunk_alloc(selection_size),
213: .pcr_composite = chunk_alloc(pcr_field_size),
214: );
215:
216: memcpy(pcr_composite->pcr_select.ptr, this->pcr_select, selection_size);
217: pos = pcr_composite->pcr_composite.ptr;
218:
219: enumerator = create_enumerator(this);
220: while (enumerator->enumerate(enumerator, &pcr))
221: {
222: memcpy(pos, this->pcrs[pcr].ptr, PTS_PCR_LEN);
223: pos += PTS_PCR_LEN;
224: }
225: enumerator->destroy(enumerator);
226:
227: return pcr_composite;
228: }
229:
230: METHOD(pts_pcr_t, destroy, void,
231: private_pts_pcr_t *this)
232: {
233: uint32_t i;
234:
235: for (i = 0; i < PTS_PCR_MAX_NUM; i++)
236: {
237: free(this->pcrs[i].ptr);
238: }
239: this->hasher->destroy(this->hasher);
240: free(this);
241: }
242:
243: /**
244: * See header
245: */
246: pts_pcr_t *pts_pcr_create(void)
247: {
248: private_pts_pcr_t *this;
249: hasher_t *hasher;
250: uint32_t i;
251:
252: hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
253: if (!hasher)
254: {
255: DBG1(DBG_PTS, "%N hasher could not be created",
256: hash_algorithm_short_names, HASH_SHA1);
257: return NULL;
258: }
259:
260: INIT(this,
261: .public = {
262: .get_count = _get_count,
263: .select_pcr = _select_pcr,
264: .get_selection_size = _get_selection_size,
265: .create_enumerator = _create_enumerator,
266: .get = _get,
267: .set = _set,
268: .extend = _extend,
269: .get_composite = _get_composite,
270: .destroy = _destroy,
271: },
272: .hasher = hasher,
273: );
274:
275: for (i = 0; i < PTS_PCR_MAX_NUM; i++)
276: {
277: this->pcrs[i] = chunk_alloc(PTS_PCR_LEN);
278: memset(this->pcrs[i].ptr, 0x00, PTS_PCR_LEN);
279: }
280:
281: return &this->public;
282: }
283: