src/libimcv/pts/components/ita/ita_comp_tgrub.c

   1 /*
   2  * Copyright (C) 2011-2020 Andreas Steffen
   3  * HSR Hochschule fuer Technik Rapperswil
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  */
  15
  16 #include "ita_comp_tgrub.h"
  17 #include "ita_comp_func_name.h"
  18
  19 #include "pts/components/pts_component.h"
  20
  21 #include <utils/debug.h>
  22 #include <pen/pen.h>
  23
  24 typedef struct pts_ita_comp_tgrub_t pts_ita_comp_tgrub_t;
  25
  26 /**
  27  * Private data of a pts_ita_comp_tgrub_t object.
  28  *
  29  */
  30 struct pts_ita_comp_tgrub_t {
  31
  32         /**
  33          * Public pts_component_t interface.
  34          */
  35         pts_component_t public;
  36
  37         /**
  38          * Component Functional Name
  39          */
  40         pts_comp_func_name_t *name;
  41
  42         /**
  43          * Sub-component depth
  44          */
  45         uint32_t depth;
  46
  47         /**
  48          * PTS measurement database
  49          */
  50         pts_database_t *pts_db;
  51
  52         /**
  53          * Reference count
  54          */
  55         refcount_t ref;
  56
  57 };
  58
  59 METHOD(pts_component_t, get_comp_func_name, pts_comp_func_name_t*,
  60         pts_ita_comp_tgrub_t *this)
  61 {
  62         return this->name;
  63 }
  64
  65 METHOD(pts_component_t, get_evidence_flags, uint8_t,
  66         pts_ita_comp_tgrub_t *this)
  67 {
  68         return PTS_REQ_FUNC_COMP_EVID_PCR;
  69 }
  70
  71 METHOD(pts_component_t, get_depth, uint32_t,
  72         pts_ita_comp_tgrub_t *this)
  73 {
  74         return this->depth;
  75 }
  76
  77 METHOD(pts_component_t, measure, status_t,
  78         pts_ita_comp_tgrub_t *this, uint8_t qualifier, pts_t *pts,
  79         pts_comp_evidence_t **evidence)
  80 {
  81         size_t pcr_len;
  82         pts_pcr_transform_t pcr_transform;
  83         pts_meas_algorithms_t hash_algo;
  84         pts_comp_evidence_t *evid;
  85         uint32_t extended_pcr;
  86         time_t measurement_time;
  87         chunk_t measurement, pcr_before, pcr_after;
  88
  89         /* Provisional implementation for TGRUB */
  90         extended_pcr = PCR_DEBUG;
  91         time(&measurement_time);
  92
  93         if (!pts->read_pcr(pts, extended_pcr, &pcr_after, HASH_SHA1))
  94         {
  95                 DBG1(DBG_PTS, "error occurred while reading PCR: %d", extended_pcr);
  96                 return FAILED;
  97         }
  98
  99         hash_algo = PTS_MEAS_ALGO_SHA1;
 100         pcr_len = HASH_SIZE_SHA1;
 101         pcr_transform = pts_meas_algo_to_pcr_transform(hash_algo, pcr_len);
 102
 103         measurement = chunk_alloc(pcr_len);
 104         memset(measurement.ptr, 0x00, measurement.len);
 105
 106         pcr_before = chunk_alloc(pcr_len);
 107         memset(pcr_before.ptr, 0x00, pcr_before.len);
 108
 109         evid = *evidence = pts_comp_evidence_create(this->name->clone(this->name),
 110                                                                 this->depth, extended_pcr,
 111                                                                 hash_algo, pcr_transform,
 112                                                                 measurement_time, measurement);
 113         evid->set_pcr_info(evid, pcr_before, pcr_after);
 114
 115         return SUCCESS;
 116 }
 117
 118 METHOD(pts_component_t, verify, status_t,
 119         pts_ita_comp_tgrub_t *this, uint8_t qualifier, pts_t *pts,
 120         pts_comp_evidence_t *evidence)
 121 {
 122         bool has_pcr_info;
 123         uint32_t extended_pcr;
 124         pts_meas_algorithms_t algo;
 125         pts_pcr_transform_t transform;
 126         pts_pcr_t *pcrs;
 127         time_t measurement_time;
 128         chunk_t pcr_before, pcr_after;
 129         chunk_t measurement __attribute__((unused));
 130
 131         pcrs = pts->get_pcrs(pts);
 132         if (!pcrs)
 133         {
 134                 return FAILED;
 135         }
 136         measurement = evidence->get_measurement(evidence, &extended_pcr,
 137                                                                 &algo, &transform, &measurement_time);
 138         if (extended_pcr != PCR_DEBUG)
 139         {
 140                 return FAILED;
 141         }
 142
 143         /* TODO check measurement in database */
 144
 145         has_pcr_info = evidence->get_pcr_info(evidence, &pcr_before, &pcr_after);
 146         if (has_pcr_info)
 147         {
 148                 if (!chunk_equals_const(pcr_before, pcrs->get(pcrs, extended_pcr)))
 149                 {
 150                         DBG1(DBG_PTS, "PCR %2u: pcr_before is not equal to pcr value");
 151                 }
 152                 if (pcrs->set(pcrs, extended_pcr, pcr_after))
 153                 {
 154                         return SUCCESS;
 155                 }
 156         }
 157
 158         return SUCCESS;
 159 }
 160
 161 METHOD(pts_component_t, finalize, bool,
 162         pts_ita_comp_tgrub_t *this, uint8_t qualifier, bio_writer_t *result)
 163 {
 164         return FALSE;
 165 }
 166
 167 METHOD(pts_component_t, get_ref, pts_component_t*,
 168         pts_ita_comp_tgrub_t *this)
 169 {
 170         ref_get(&this->ref);
 171         return &this->public;
 172 }
 173
 174 METHOD(pts_component_t, destroy, void,
 175         pts_ita_comp_tgrub_t *this)
 176 {
 177         if (ref_put(&this->ref))
 178         {
 179                 this->name->destroy(this->name);
 180                 free(this);
 181         }
 182 }
 183
 184 /**
 185  * See header
 186  */
 187 pts_component_t *pts_ita_comp_tgrub_create(uint32_t depth,
 188                                                                                    pts_database_t *pts_db)
 189 {
 190         pts_ita_comp_tgrub_t *this;
 191
 192         INIT(this,
 193                 .public = {
 194                         .get_comp_func_name = _get_comp_func_name,
 195                         .get_evidence_flags = _get_evidence_flags,
 196                         .get_depth = _get_depth,
 197                         .measure = _measure,
 198                         .verify = _verify,
 199                         .finalize = _finalize,
 200                         .get_ref = _get_ref,
 201                         .destroy = _destroy,
 202                 },
 203                 .name = pts_comp_func_name_create(PEN_ITA, PTS_ITA_COMP_FUNC_NAME_TGRUB,
 204                                                                                   PTS_ITA_QUALIFIER_FLAG_KERNEL |
 205                                                                                   PTS_ITA_QUALIFIER_TYPE_TRUSTED),
 206                 .depth = depth,
 207                 .pts_db = pts_db,
 208                 .ref = 1,
 209         );
 210
 211         return &this->public;
 212 }