tcg/pts/tcg_pts_attr_file_meas.h tcg/pts/tcg_pts_attr_file_meas.c \
tcg/pts/tcg_pts_attr_req_file_meta.h tcg/pts/tcg_pts_attr_req_file_meta.c \
tcg/pts/tcg_pts_attr_unix_file_meta.h tcg/pts/tcg_pts_attr_unix_file_meta.c \
- tcg/seg/tcg_seg_attr_max_size.h tcg/seg/tcg_seg_attr_max_size.c \
+ tcg/seg/tcg_seg_attr_seg_contract.h tcg/seg/tcg_seg_attr_seg_contract.c \
tcg/seg/tcg_seg_attr_seg_env.h tcg/seg/tcg_seg_attr_seg_env.c \
tcg/seg/tcg_seg_attr_next_seg.h tcg/seg/tcg_seg_attr_next_seg.c
tcg/pts/tcg_pts_attr_file_meas.h tcg/pts/tcg_pts_attr_file_meas.c \
tcg/pts/tcg_pts_attr_req_file_meta.h tcg/pts/tcg_pts_attr_req_file_meta.c \
tcg/pts/tcg_pts_attr_unix_file_meta.h tcg/pts/tcg_pts_attr_unix_file_meta.c \
- tcg/seg/tcg_seg_attr_max_size.h tcg/seg/tcg_seg_attr_max_size.c \
+ tcg/seg/tcg_seg_attr_seg_contract.h tcg/seg/tcg_seg_attr_seg_contract.c \
tcg/seg/tcg_seg_attr_seg_env.h tcg/seg/tcg_seg_attr_seg_env.c \
tcg/seg/tcg_seg_attr_next_seg.h tcg/seg/tcg_seg_attr_next_seg.c
* Copyright (C) 2012-2015 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include "ietf/ietf_attr.h"
#include "ietf/ietf_attr_assess_result.h"
#include "ietf/ietf_attr_remediation_instr.h"
-#include "tcg/seg/tcg_seg_attr_max_size.h"
+#include "tcg/seg/tcg_seg_attr_seg_contract.h"
#include "tcg/seg/tcg_seg_attr_seg_env.h"
#include "tcg/seg/tcg_seg_attr_next_seg.h"
enumerator = this->pa_msg->create_attribute_enumerator(this->pa_msg);
while (enumerator->enumerate(enumerator, &attr))
{
- uint32_t max_attr_size, max_seg_size, my_max_attr_size, my_max_seg_size;
+ uint32_t max_msg_size, max_seg_size, my_max_msg_size, my_max_seg_size;
seg_contract_t *contract;
seg_contract_manager_t *contracts;
char buf[BUF_LEN];
switch (type.type)
{
- case TCG_SEG_MAX_ATTR_SIZE_REQ:
+ case TCG_SEG_CONTRACT_REQ:
{
- tcg_seg_attr_max_size_t *attr_cast;
+ tcg_seg_attr_seg_contract_t *attr_cast;
- attr_cast = (tcg_seg_attr_max_size_t*)attr;
- attr_cast->get_attr_size(attr_cast, &max_attr_size,
- &max_seg_size);
+ attr_cast = (tcg_seg_attr_seg_contract_t*)attr;
+ attr_cast->get_max_size(attr_cast, &max_msg_size,
+ &max_seg_size);
contract = contracts->get_contract(contracts, this->msg_type,
FALSE, this->src_id);
if (contract)
{
- contract->set_max_size(contract, max_attr_size,
+ contract->set_max_size(contract, max_msg_size,
max_seg_size);
}
else
{
- contract = seg_contract_create(this->msg_type, max_attr_size,
+ contract = seg_contract_create(this->msg_type, max_msg_size,
max_seg_size, FALSE, this->src_id, TRUE);
contract->set_responder(contract, target_imc_id);
contracts->add_contract(contracts, contract);
- TCG_SEG_ATTR_SEG_ENV_HEADER;
/* If segmentation is possible select lower segment size */
- if (max_seg_size != SEG_CONTRACT_NO_FRAGMENTATION &&
+ if (max_seg_size != SEG_CONTRACT_NO_SEGMENTATION &&
max_seg_size > my_max_seg_size)
{
max_seg_size = my_max_seg_size;
- contract->set_max_size(contract, max_attr_size,
+ contract->set_max_size(contract, max_msg_size,
max_seg_size);
DBG2(DBG_IMC, " lowered maximum segment size to %u bytes",
max_seg_size);
}
- /* Add Maximum Attribute Size Response attribute */
- attr = tcg_seg_attr_max_size_create(max_attr_size,
- max_seg_size, FALSE);
+ /* Add Segmentation Contract Response attribute */
+ attr = tcg_seg_attr_seg_contract_create(max_msg_size,
+ max_seg_size, FALSE);
out_msg->add_attribute(out_msg, attr);
break;
}
- case TCG_SEG_MAX_ATTR_SIZE_RESP:
+ case TCG_SEG_CONTRACT_RESP:
{
- tcg_seg_attr_max_size_t *attr_cast;
+ tcg_seg_attr_seg_contract_t *attr_cast;
- attr_cast = (tcg_seg_attr_max_size_t*)attr;
- attr_cast->get_attr_size(attr_cast, &max_attr_size,
- &max_seg_size);
+ attr_cast = (tcg_seg_attr_seg_contract_t*)attr;
+ attr_cast->get_max_size(attr_cast, &max_msg_size,
+ &max_seg_size);
contract = contracts->get_contract(contracts, this->msg_type,
TRUE, this->src_id);
if (!contract)
}
if (contract)
{
- contract->get_max_size(contract, &my_max_attr_size,
+ contract->get_max_size(contract, &my_max_msg_size,
&my_max_seg_size);
- if (my_max_seg_size != SEG_CONTRACT_NO_FRAGMENTATION &&
+ if (my_max_seg_size != SEG_CONTRACT_NO_SEGMENTATION &&
my_max_seg_size > max_seg_size)
{
my_max_seg_size = max_seg_size;
- contract->set_max_size(contract, my_max_attr_size,
+ contract->set_max_size(contract, my_max_msg_size,
my_max_seg_size);
}
contract->get_info_string(contract, buf, BUF_LEN, FALSE);
}
break;
}
- case TCG_SEG_ATTR_SEG_ENV:
+ case TCG_SEG_ENVELOPE:
{
tcg_seg_attr_seg_env_t *seg_env_attr;
pa_tnc_attr_t *error;
- uint32_t base_attr_id;
+ uint32_t base_msg_id;
bool more;
seg_env_attr = (tcg_seg_attr_seg_env_t*)attr;
- base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr);
+ base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr);
contract = contracts->get_contract(contracts, this->msg_type,
TRUE, this->src_id);
if (!contract)
{
- DBG2(DBG_IMC, "no contract for received attribute segment "
- "with base attribute ID %u", base_attr_id);
+ DBG2(DBG_IMC, "no contract for received segment with base "
+ "message ID %u", base_msg_id);
continue;
}
attr = contract->add_segment(contract, attr, &error, &more);
if (more)
{
/* Send Next Segment Request */
- attr = tcg_seg_attr_next_seg_create(base_attr_id, FALSE);
+ attr = tcg_seg_attr_next_seg_create(base_msg_id, FALSE);
out_msg->add_attribute(out_msg, attr);
}
break;
}
- case TCG_SEG_NEXT_SEG_REQ:
+ case TCG_SEG_NEXT_SEGMENT:
{
tcg_seg_attr_next_seg_t *attr_cast;
- uint32_t base_attr_id;
+ uint32_t base_msg_id;
attr_cast = (tcg_seg_attr_next_seg_t*)attr;
- base_attr_id = attr_cast->get_base_attr_id(attr_cast);
+ base_msg_id = attr_cast->get_base_msg_id(attr_cast);
contract = contracts->get_contract(contracts, this->msg_type,
FALSE, this->src_id);
{
/* TODO no contract - generate error message */
DBG1(DBG_IMC, "no contract for received next segment "
- "request with base attribute ID %u", base_attr_id);
+ "request with base message ID %u", base_msg_id);
continue;
}
- attr = contract->next_segment(contract, base_attr_id);
+ attr = contract->next_segment(contract, base_msg_id);
if (attr)
{
out_msg->add_attribute(out_msg, attr);
{
/* TODO no more segments - generate error message */
DBG1(DBG_IMC, "no more segments found for "
- "base attribute ID %u", base_attr_id);
+ "base message ID %u", base_msg_id);
}
break;
}
* Copyright (C) 2011-2015 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
static int imcv_debug_level;
static bool imcv_stderr_quiet;
+/**
+ * Described in header.
+ */
+void imcv_list_pa_tnc_attribute_type(char *label, pen_t vendor_id, uint32_t type)
+{
+ enum_name_t *pa_attr_names;
+
+ pa_attr_names = imcv_pa_tnc_attributes->get_names(imcv_pa_tnc_attributes,
+ vendor_id);
+ if (pa_attr_names)
+ {
+ DBG2(DBG_TNC, "%s PA-TNC attribute type '%N/%N' 0x%06x/0x%08x",
+ label, pen_names, vendor_id, pa_attr_names, type, vendor_id, type);
+ }
+ else
+ {
+ DBG2(DBG_TNC, "%s PA-TNC attribute type '%N' 0x%06x/0x%08x",
+ label, pen_names, vendor_id, vendor_id, type);
+ }
+}
+
/**
* imvc dbg function
*/
* Copyright (C) 2011 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
*/
void libimcv_deinit(void);
+/**
+ * List PA-TNC attribute type and namespace (vendor ID)
+ *
+ * @param label label to be used (creating/processing)
+ * @param vendor_id namespace defined by Private Enterprise Number (PEN)
+ * @param type PA-TNC attribute type
+ */
+void imcv_list_pa_tnc_attribute_type(char *label, pen_t vendor_id, uint32_t type);
+
/**
* PA-TNC attribute manager
*/
* Copyright (C) 2012-2015 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include "ietf/ietf_attr.h"
#include "ietf/ietf_attr_assess_result.h"
#include "ietf/ietf_attr_remediation_instr.h"
-#include "tcg/seg/tcg_seg_attr_max_size.h"
+#include "tcg/seg/tcg_seg_attr_seg_contract.h"
#include "tcg/seg/tcg_seg_attr_seg_env.h"
#include "tcg/seg/tcg_seg_attr_next_seg.h"
{
space_left = pa_tnc_msg->get_space(pa_tnc_msg);
+ /* Segment PA-TNC messages consisting of a single attribute only */
if (contract && contract->check_size(contract, attr, &oversize))
{
if (oversize)
enumerator = this->pa_msg->create_attribute_enumerator(this->pa_msg);
while (enumerator->enumerate(enumerator, &attr))
{
- uint32_t max_attr_size, max_seg_size, my_max_attr_size, my_max_seg_size;
+ uint32_t max_msg_size, max_seg_size, my_max_msg_size, my_max_seg_size;
seg_contract_manager_t *contracts;
seg_contract_t *contract;
char buf[BUF_LEN];
switch (type.type)
{
- case TCG_SEG_MAX_ATTR_SIZE_REQ:
+ case TCG_SEG_CONTRACT_REQ:
{
- tcg_seg_attr_max_size_t *attr_cast;
+ tcg_seg_attr_seg_contract_t *attr_cast;
- attr_cast = (tcg_seg_attr_max_size_t*)attr;
- attr_cast->get_attr_size(attr_cast, &max_attr_size,
- &max_seg_size);
+ attr_cast = (tcg_seg_attr_seg_contract_t*)attr;
+ attr_cast->get_max_size(attr_cast, &max_msg_size,
+ &max_seg_size);
contract = contracts->get_contract(contracts, this->msg_type,
FALSE, this->src_id);
if (contract)
{
- contract->set_max_size(contract, max_attr_size,
+ contract->set_max_size(contract, max_msg_size,
max_seg_size);
}
else
{
- contract = seg_contract_create(this->msg_type, max_attr_size,
+ contract = seg_contract_create(this->msg_type, max_msg_size,
max_seg_size, FALSE, this->src_id, FALSE);
contract->set_responder(contract, target_imv_id);
contracts->add_contract(contracts, contract);
- TCG_SEG_ATTR_SEG_ENV_HEADER;
/* If segmentation is possible select lower segment size */
- if (max_seg_size != SEG_CONTRACT_NO_FRAGMENTATION &&
+ if (max_seg_size != SEG_CONTRACT_NO_SEGMENTATION &&
max_seg_size > my_max_seg_size)
{
max_seg_size = my_max_seg_size;
- contract->set_max_size(contract, max_attr_size,
+ contract->set_max_size(contract, max_msg_size,
max_seg_size);
DBG2(DBG_IMV, " lowered maximum segment size to %u bytes",
max_seg_size);
}
- /* Add Maximum Attribute Size Response attribute */
- attr = tcg_seg_attr_max_size_create(max_attr_size,
- max_seg_size, FALSE);
+ /* Add Segmentation Contract Response attribute */
+ attr = tcg_seg_attr_seg_contract_create(max_msg_size,
+ max_seg_size, FALSE);
out_msg->add_attribute(out_msg, attr);
break;
}
- case TCG_SEG_MAX_ATTR_SIZE_RESP:
+ case TCG_SEG_CONTRACT_RESP:
{
- tcg_seg_attr_max_size_t *attr_cast;
+ tcg_seg_attr_seg_contract_t *attr_cast;
- attr_cast = (tcg_seg_attr_max_size_t*)attr;
- attr_cast->get_attr_size(attr_cast, &max_attr_size,
- &max_seg_size);
+ attr_cast = (tcg_seg_attr_seg_contract_t*)attr;
+ attr_cast->get_max_size(attr_cast, &max_msg_size,
+ &max_seg_size);
contract = contracts->get_contract(contracts, this->msg_type,
TRUE, this->src_id);
if (!contract)
}
if (contract)
{
- contract->get_max_size(contract, &my_max_attr_size,
+ contract->get_max_size(contract, &my_max_msg_size,
&my_max_seg_size);
- if (my_max_seg_size != SEG_CONTRACT_NO_FRAGMENTATION &&
+ if (my_max_seg_size != SEG_CONTRACT_NO_SEGMENTATION &&
my_max_seg_size > max_seg_size)
{
my_max_seg_size = max_seg_size;
- contract->set_max_size(contract, my_max_attr_size,
+ contract->set_max_size(contract, my_max_msg_size,
my_max_seg_size);
}
contract->get_info_string(contract, buf, BUF_LEN, FALSE);
}
break;
}
- case TCG_SEG_ATTR_SEG_ENV:
+ case TCG_SEG_ENVELOPE:
{
tcg_seg_attr_seg_env_t *seg_env_attr;
pa_tnc_attr_t *error;
- uint32_t base_attr_id;
+ uint32_t base_msg_id;
bool more;
seg_env_attr = (tcg_seg_attr_seg_env_t*)attr;
- base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr);
+ base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr);
contract = contracts->get_contract(contracts, this->msg_type,
TRUE, this->src_id);
if (!contract)
{
- DBG2(DBG_IMV, "no contract for received attribute segment "
- "with base attribute ID %u", base_attr_id);
+ DBG2(DBG_IMV, "no contract for received segment with base "
+ "message ID %u", base_msg_id);
continue;
}
attr = contract->add_segment(contract, attr, &error, &more);
if (more)
{
/* Send Next Segment Request */
- attr = tcg_seg_attr_next_seg_create(base_attr_id, FALSE);
+ attr = tcg_seg_attr_next_seg_create(base_msg_id, FALSE);
out_msg->add_attribute(out_msg, attr);
}
break;
}
- case TCG_SEG_NEXT_SEG_REQ:
+ case TCG_SEG_NEXT_SEGMENT:
{
tcg_seg_attr_next_seg_t *attr_cast;
- uint32_t base_attr_id;
+ uint32_t base_msg_id;
attr_cast = (tcg_seg_attr_next_seg_t*)attr;
- base_attr_id = attr_cast->get_base_attr_id(attr_cast);
+ base_msg_id = attr_cast->get_base_msg_id(attr_cast);
contract = contracts->get_contract(contracts, this->msg_type,
FALSE, this->src_id);
{
/* TODO no contract - generate error message */
DBG1(DBG_IMV, "no contract for received next segment "
- "request with base attribute ID %u", base_attr_id);
+ "request with base message ID %u", base_msg_id);
continue;
}
- attr = contract->next_segment(contract, base_attr_id);
+ attr = contract->next_segment(contract, base_msg_id);
if (attr)
{
out_msg->add_attribute(out_msg, attr);
{
/* TODO no more segments - generate error message */
DBG1(DBG_IMV, "no more segments found for "
- "base attribute ID %u", base_attr_id);
+ "base message ID %u", base_msg_id);
}
break;
}
pen_t vendor_id;
pen_type_t unsupported_type;
pen_type_t error_code = { PEN_IETF, PA_ERROR_INVALID_PARAMETER };
- enum_name_t *pa_attr_names;
pa_tnc_attr_t *attr = NULL;
enumerator_t *enumerator;
entry_t *entry;
reader->read_uint32(reader, &type);
reader->read_uint32(reader, &length);
- pa_attr_names = imcv_pa_tnc_attributes->get_names(imcv_pa_tnc_attributes,
- vendor_id);
- if (pa_attr_names)
- {
- DBG2(DBG_TNC, "processing PA-TNC attribute type '%N/%N' "
- "0x%06x/0x%08x", pen_names, vendor_id,
- pa_attr_names, type, vendor_id, type);
- }
- else
- {
- DBG2(DBG_TNC, "processing PA-TNC attribute type '%N' "
- "0x%06x/0x%08x", pen_names, vendor_id,
- vendor_id, type);
- }
+ imcv_list_pa_tnc_attribute_type("processing", vendor_id, type);
if (length < PA_TNC_ATTR_HEADER_SIZE)
{
bio_writer_t *writer;
enumerator_t *enumerator;
pa_tnc_attr_t *attr;
- enum_name_t *pa_attr_names;
pen_type_t type;
uint8_t flags;
chunk_t value;
value = attr->get_value(attr);
flags = attr->get_noskip_flag(attr) ? PA_TNC_ATTR_FLAG_NOSKIP :
PA_TNC_ATTR_FLAG_NONE;
-
- pa_attr_names = imcv_pa_tnc_attributes->get_names(imcv_pa_tnc_attributes,
- type.vendor_id);
- if (pa_attr_names)
- {
- DBG2(DBG_TNC, "creating PA-TNC attribute type '%N/%N' "
- "0x%06x/0x%08x", pen_names, type.vendor_id,
- pa_attr_names, type.type, type.vendor_id, type.type);
- }
- else
- {
- DBG2(DBG_TNC, "creating PA-TNC attribute type '%N' "
- "0x%06x/0x%08x", pen_names, type.vendor_id,
- type.vendor_id, type.type);
- }
+ imcv_list_pa_tnc_attribute_type("creating", type.vendor_id, type.type);
DBG3(DBG_TNC, "%B", &value);
writer->write_uint8 (writer, flags);
* Copyright (C) 2011-2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
msg->add_attribute(msg, attr);
break;
}
- case TCG_SEG_MAX_ATTR_SIZE_REQ:
- case TCG_SEG_NEXT_SEG_REQ:
+ case TCG_SEG_CONTRACT_REQ:
+ case TCG_SEG_NEXT_SEGMENT:
break;
/* TODO: Not implemented yet */
* Copyright (C) 2017 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include "swima/swima_inventory.h"
#include "swima/swima_collector.h"
#include "swima/swima_error.h"
-#include "tcg/seg/tcg_seg_attr_max_size.h"
+#include "tcg/seg/tcg_seg_attr_seg_contract.h"
#include "tcg/seg/tcg_seg_attr_seg_env.h"
#include <tncif_pa_subtypes.h>
seg_contract_t *contract;
seg_contract_manager_t *contracts;
imc_swima_subscription_t *subscription;
- size_t max_attr_size = SWIMA_MAX_ATTR_SIZE;
+ size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT;
size_t max_seg_size;
char buf[BUF_LEN];
TNC_Result result = TNC_RESULT_SUCCESS;
- TCG_SEG_ATTR_SEG_ENV_HEADER;
/* Announce support of PA-TNC segmentation to IMV */
- contract = seg_contract_create(msg_types[0], max_attr_size, max_seg_size,
+ contract = seg_contract_create(msg_types[0], max_msg_size, max_seg_size,
TRUE, imc_id, TRUE);
contract->get_info_string(contract, buf, BUF_LEN, TRUE);
DBG2(DBG_IMC, "%s", buf);
contracts = state->get_contracts(state);
contracts->add_contract(contracts, contract);
- attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE);
+ attr = tcg_seg_attr_seg_contract_create(max_msg_size, max_seg_size, TRUE);
/* send PA-TNC message with the excl flag not set */
out_msg = imc_msg_create(imc_swima, state, connection_id, imc_id,
* Copyright (C) 2011-2020 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include <tcg/pts/tcg_pts_attr_proto_caps.h>
#include <tcg/pts/tcg_pts_attr_req_file_meas.h>
#include <tcg/pts/tcg_pts_attr_req_file_meta.h>
-#include "tcg/seg/tcg_seg_attr_max_size.h"
-#include "tcg/seg/tcg_seg_attr_seg_env.h"
+#include <tcg/seg/tcg_seg_attr_seg_contract.h>
+#include <tcg/seg/tcg_seg_attr_seg_env.h>
#include <pts/pts.h>
#include <pts/pts_database.h>
#include <pts/pts_creds.h>
#include <credentials/credential_manager.h>
#include <collections/linked_list.h>
-#define FILE_MEAS_MAX_ATTR_SIZE 100000000
-
typedef struct private_imv_attestation_agent_t private_imv_attestation_agent_t;
/* Subscribed PA-TNC message subtypes */
if (handshake_state == IMV_ATTESTATION_STATE_INIT)
{
- size_t max_attr_size = FILE_MEAS_MAX_ATTR_SIZE;
+ size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT;
size_t max_seg_size;
seg_contract_t *contract;
seg_contract_manager_t *contracts;
- TCG_SEG_ATTR_SEG_ENV_HEADER;
/* Announce support of PA-TNC segmentation to IMC */
- contract = seg_contract_create(msg_types[0], max_attr_size,
+ contract = seg_contract_create(msg_types[0], max_msg_size,
max_seg_size, TRUE, imv_id, FALSE);
contract->get_info_string(contract, buf, BUF_LEN, TRUE);
DBG2(DBG_IMV, "%s", buf);
contracts = state->get_contracts(state);
contracts->add_contract(contracts, contract);
- attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE);
+ attr = tcg_seg_attr_seg_contract_create(max_msg_size, max_seg_size, TRUE);
out_msg->add_attribute(out_msg, attr);
/* Send Request Protocol Capabilities attribute */
* Copyright (C) 2011-2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
}
break;
}
- case TCG_SEG_MAX_ATTR_SIZE_RESP:
- case TCG_SEG_ATTR_SEG_ENV:
+ case TCG_SEG_CONTRACT_RESP:
+ case TCG_SEG_ENVELOPE:
break;
/* TODO: Not implemented yet */
* Copyright (C) 2015 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include <ietf/ietf_attr_fwd_enabled.h>
#include <pwg/pwg_attr.h>
#include <pwg/pwg_attr_vendor_smi_code.h>
-#include "tcg/seg/tcg_seg_attr_max_size.h"
+#include "tcg/seg/tcg_seg_attr_seg_contract.h"
#include "tcg/seg/tcg_seg_attr_seg_env.h"
#include <tncif_names.h>
#include <pen/pen.h>
#include <utils/debug.h>
-#define HCD_MAX_ATTR_SIZE 10000000
-
typedef struct private_imv_hcd_agent_t private_imv_hcd_agent_t;
/* Subscribed PA-TNC message subtypes */
if (handshake_state == IMV_HCD_STATE_INIT)
{
- size_t max_attr_size = HCD_MAX_ATTR_SIZE;
+ size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT;
size_t max_seg_size;
seg_contract_t *contract;
seg_contract_manager_t *contracts;
/* Determine maximum PA-TNC attribute segment size */
max_seg_size = state->get_max_msg_len(state)
- - PA_TNC_HEADER_SIZE
- - PA_TNC_ATTR_HEADER_SIZE
- - TCG_SEG_ATTR_SEG_ENV_HEADER
- - PA_TNC_ATTR_HEADER_SIZE
- - TCG_SEG_ATTR_MAX_SIZE_SIZE;
+ - PA_TNC_HEADER_SIZE
+ - PA_TNC_ATTR_HEADER_SIZE
+ - TCG_SEG_ATTR_SEG_ENV_HEADER;
contracts = state->get_contracts(state);
for (i = 1; i < countof(msg_types); i++)
TNC_IMCID_ANY, msg_types[i]);
/* Announce support of PA-TNC segmentation to IMC */
- contract = seg_contract_create(msg_types[i], max_attr_size,
+ contract = seg_contract_create(msg_types[i], max_msg_size,
max_seg_size, TRUE, imv_id, FALSE);
contract->get_info_string(contract, buf, BUF_LEN, TRUE);
DBG2(DBG_IMV, "%s", buf);
contracts->add_contract(contracts, contract);
- attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size,
+ attr = tcg_seg_attr_seg_contract_create(max_msg_size, max_seg_size,
TRUE);
out_msg->add_attribute(out_msg, attr);
* Copyright (C) 2013-2015 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include <ita/ita_attr.h>
#include <ita/ita_attr_get_settings.h>
#include <ita/ita_attr_settings.h>
-#include "tcg/seg/tcg_seg_attr_max_size.h"
+#include "tcg/seg/tcg_seg_attr_seg_contract.h"
#include "tcg/seg/tcg_seg_attr_seg_env.h"
#include <tncif_names.h>
#include <pen/pen.h>
#include <utils/debug.h>
-#define INSTALLED_PACKAGES_MAX_ATTR_SIZE 100000000
-
typedef struct private_imv_os_agent_t private_imv_os_agent_t;
typedef enum imv_os_attr_t imv_os_attr_t;
if (handshake_state == IMV_OS_STATE_INIT)
{
- size_t max_attr_size = INSTALLED_PACKAGES_MAX_ATTR_SIZE;
+ size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT;
size_t max_seg_size;
seg_contract_t *contract;
seg_contract_manager_t *contracts;
- TCG_SEG_ATTR_SEG_ENV_HEADER;
/* Announce support of PA-TNC segmentation to IMC */
- contract = seg_contract_create(msg_types[0], max_attr_size,
+ contract = seg_contract_create(msg_types[0], max_msg_size,
max_seg_size, TRUE, imv_id, FALSE);
contract->get_info_string(contract, buf, BUF_LEN, TRUE);
DBG2(DBG_IMV, "%s", buf);
contracts = state->get_contracts(state);
contracts->add_contract(contracts, contract);
- attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE);
+ attr = tcg_seg_attr_seg_contract_create(max_msg_size, max_seg_size, TRUE);
out_msg->add_attribute(out_msg, attr);
if ((received & IMV_OS_ATTR_MUST) != IMV_OS_ATTR_MUST)
* Copyright (C) 2017 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include <imv/imv_agent.h>
#include <imv/imv_msg.h>
#include "rest/rest.h"
-#include "tcg/seg/tcg_seg_attr_max_size.h"
+#include "tcg/seg/tcg_seg_attr_seg_contract.h"
#include "tcg/seg/tcg_seg_attr_seg_env.h"
#include "ietf/swima/ietf_swima_attr_req.h"
#include "ietf/swima/ietf_swima_attr_sw_inv.h"
pen_type_t error_code;
chunk_t msg_info, description;
bio_reader_t *reader;
- uint32_t max_attr_size;
+ uint32_t max_msg_size;
bool success;
error_attr = (ietf_attr_pa_tnc_error_t*)attr;
}
if (error_code.type == PA_ERROR_SWIMA_RESPONSE_TOO_LARGE)
{
- if (!reader->read_uint32(reader, &max_attr_size))
+ if (!reader->read_uint32(reader, &max_msg_size))
{
reader->destroy(reader);
continue;
}
DBG1(DBG_IMV, " maximum PA-TNC attribute size is %u bytes",
- max_attr_size);
+ max_msg_size);
}
description = reader->peek(reader);
if (description.len)
if (handshake_state == IMV_SWIMA_STATE_INIT &&
session->get_policy_started(session))
{
- size_t max_attr_size = SWIMA_MAX_ATTR_SIZE;
+ size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT;
size_t max_seg_size;
ietf_swima_attr_req_t *cast_attr;
seg_contract_t *contract;
- TCG_SEG_ATTR_SEG_ENV_HEADER;
/* Announce support of PA-TNC segmentation to IMC */
- contract = seg_contract_create(msg_types[0], max_attr_size,
+ contract = seg_contract_create(msg_types[0], max_msg_size,
max_seg_size, TRUE, imv_id, FALSE);
contract->get_info_string(contract, buf, BUF_LEN, TRUE);
DBG2(DBG_IMV, "%s", buf);
contracts = state->get_contracts(state);
contracts->add_contract(contracts, contract);
- attr = tcg_seg_attr_max_size_create(max_attr_size,
- max_seg_size, TRUE);
+ attr = tcg_seg_attr_seg_contract_create(max_msg_size,
+ max_seg_size, TRUE);
out_msg->add_attribute(out_msg, attr);
}
return NULL;
}
agent->add_non_fatal_attr_type(agent,
- pen_type_create(PEN_TCG, TCG_SEG_MAX_ATTR_SIZE_REQ));
+ pen_type_create(PEN_TCG, TCG_SEG_CONTRACT_REQ));
INIT(this,
.public = {
* Copyright (C) 2014-2015 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include "seg_contract.h"
#include "seg_env.h"
+#include "imcv.h"
#include "ietf/ietf_attr_pa_tnc_error.h"
#include "tcg/seg/tcg_seg_attr_seg_env.h"
pen_type_t msg_type;
/**
- * Maximum PA-TNC attribute size
+ * Maximum PA-TNC message size
*/
- uint32_t max_attr_size;
+ uint32_t max_msg_size;
/**
- * Maximum PA-TNC attribute segment size
+ * Maximum PA-TNC segment value size
*/
uint32_t max_seg_size;
/**
- * Maximum PA-TNC attribute segment size
+ * Last base message ID
*/
- uint32_t last_base_attr_id;
+ uint32_t last_base_msg_id;
/**
* List of attribute segment envelopes
}
METHOD(seg_contract_t, set_max_size, void,
- private_seg_contract_t *this, uint32_t max_attr_size, uint32_t max_seg_size)
+ private_seg_contract_t *this, uint32_t max_msg_size, uint32_t max_seg_size)
{
- this->max_attr_size = max_attr_size;
+ this->max_msg_size = max_msg_size;
this->max_seg_size = max_seg_size;
- this->is_null = max_attr_size == SEG_CONTRACT_MAX_SIZE_VALUE &&
- max_seg_size == SEG_CONTRACT_MAX_SIZE_VALUE;
+ this->is_null = max_msg_size == SEG_CONTRACT_NO_MSG_SIZE_LIMIT &&
+ max_seg_size == SEG_CONTRACT_NO_SEGMENTATION;
}
METHOD(seg_contract_t, get_max_size, void,
- private_seg_contract_t *this, uint32_t *max_attr_size, uint32_t *max_seg_size)
+ private_seg_contract_t *this, uint32_t *max_msg_size, uint32_t *max_seg_size)
{
- if (max_attr_size)
+ if (max_msg_size)
{
- *max_attr_size = this->max_attr_size;
+ *max_msg_size = this->max_msg_size;
}
if (max_seg_size)
{
attr_value = attr->get_value(attr);
attr_len = PA_TNC_ATTR_HEADER_SIZE + attr_value.len;
- if (attr_len > this->max_attr_size)
+ if (attr_len > this->max_msg_size)
{
/* oversize attribute */
*oversize = TRUE;
return FALSE;
}
- if (this->max_seg_size == SEG_CONTRACT_NO_FRAGMENTATION)
+ if (this->max_seg_size == SEG_CONTRACT_NO_SEGMENTATION)
{
- /* no fragmentation wanted */
+ /* no segmentation wanted */
return FALSE;
}
return attr_value.len > this->max_seg_size + TCG_SEG_ATTR_SEG_ENV_HEADER;
private_seg_contract_t *this, pa_tnc_attr_t *attr, size_t max_attr_len)
{
seg_env_t *seg_env;
+ pen_type_t type;
+
+ type = attr->get_type(attr);
+ imcv_list_pa_tnc_attribute_type("creating", type.vendor_id, type.type);
- seg_env = seg_env_create(++this->last_base_attr_id, attr,
+ seg_env = seg_env_create(++this->last_base_msg_id, attr,
this->max_seg_size);
if (!seg_env)
{
}
METHOD(seg_contract_t, next_segment, pa_tnc_attr_t*,
- private_seg_contract_t *this, uint32_t base_attr_id)
+ private_seg_contract_t *this, uint32_t base_msg_id)
{
pa_tnc_attr_t *seg_env_attr = NULL;
seg_env_t *seg_env;
enumerator = this->seg_envs->create_enumerator(this->seg_envs);
while (enumerator->enumerate(enumerator, &seg_env))
{
- if (seg_env->get_base_attr_id(seg_env) == base_attr_id)
+ if (seg_env->get_base_msg_id(seg_env) == base_msg_id)
{
seg_env_attr = seg_env->next_segment(seg_env, &last_segment);
if (!seg_env_attr)
seg_env_t *current, *seg_env = NULL;
pa_tnc_attr_t *base_attr;
pen_type_t error_code;
- uint32_t base_attr_id;
+ uint32_t base_msg_id;
uint8_t flags;
chunk_t segment_data, msg_info;
enumerator_t *enumerator;
seg_env_attr = (tcg_seg_attr_seg_env_t*)attr;
- base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr);
+ base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr);
segment_data = seg_env_attr->get_segment(seg_env_attr, &flags);
*more = flags & SEG_ENV_FLAG_MORE;
*error = NULL;
enumerator = this->seg_envs->create_enumerator(this->seg_envs);
while (enumerator->enumerate(enumerator, ¤t))
{
- if (current->get_base_attr_id(current) == base_attr_id)
+ if (current->get_base_msg_id(current) == base_msg_id)
{
seg_env = current;
this->seg_envs->remove_at(this->seg_envs, enumerator);
{
if (seg_env)
{
- DBG1(DBG_TNC, "base attribute ID %d is already in use",
- base_attr_id);
+ DBG1(DBG_TNC, "base message ID %d is already in use", base_msg_id);
this->seg_envs->insert_last(this->seg_envs, seg_env);
return NULL;
}
- DBG2(DBG_TNC, "received first segment for base attribute ID %d "
- "(%d bytes)", base_attr_id, segment_data.len);
- seg_env = seg_env_create_from_data(base_attr_id, segment_data,
+ DBG2(DBG_TNC, "received first segment for base message ID %d "
+ "(%d bytes)", base_msg_id, segment_data.len);
+ seg_env = seg_env_create_from_data(base_msg_id, segment_data,
this->max_seg_size, error);
if (!seg_env)
{
{
if (!seg_env)
{
- DBG1(DBG_TNC, "base attribute ID %d not found", base_attr_id);
+ DBG1(DBG_TNC, "base message ID %d not found", base_msg_id);
return NULL;
}
- DBG2(DBG_TNC, "received %s segment for base attribute ID %d "
- "(%d bytes)", (*more) ? "next" : "last", base_attr_id,
+ DBG2(DBG_TNC, "received %s segment for base message ID %d "
+ "(%d bytes)", (*more) ? "next" : "last", base_msg_id,
segment_data.len);
if (!seg_env->add_segment(seg_env, segment_data, error))
{
if (!this->is_null)
{
- written = snprintf(pos, len, "\n maximum attribute size of %u bytes "
- "with ", this->max_attr_size);
+ if (this->max_msg_size == SEG_CONTRACT_NO_MSG_SIZE_LIMIT)
+ {
+ written = snprintf(pos, len, "\n no message size limit, ");
+ }
+ else
+ {
+ written = snprintf(pos, len, "\n maximum message size of %u bytes, "
+ "with ", this->max_msg_size);
+ }
if (written < 0 || written > len)
{
return;
pos += written;
len -= written;
- if (this->max_seg_size == SEG_CONTRACT_MAX_SIZE_VALUE)
+ if (this->max_seg_size == SEG_CONTRACT_NO_SEGMENTATION)
{
written = snprintf(pos, len, "no segmentation");
}
else
{
written = snprintf(pos, len, "maximum segment size of %u bytes",
- this->max_seg_size);
+ this->max_seg_size);
}
}
}
* See header
*/
seg_contract_t *seg_contract_create(pen_type_t msg_type,
- uint32_t max_attr_size,
+ uint32_t max_msg_size,
uint32_t max_seg_size,
bool is_issuer, TNC_UInt32 issuer_id,
bool is_imc)
.destroy = _destroy,
},
.msg_type = msg_type,
- .max_attr_size = max_attr_size,
+ .max_msg_size = max_msg_size,
.max_seg_size = max_seg_size,
.seg_envs = linked_list_create(),
.is_issuer = is_issuer,
.issuer_id = issuer_id,
.responder_id = is_imc ? TNC_IMVID_ANY : TNC_IMCID_ANY,
.is_imc = is_imc,
- .is_null = max_attr_size == SEG_CONTRACT_MAX_SIZE_VALUE &&
- max_seg_size == SEG_CONTRACT_MAX_SIZE_VALUE,
+ .is_null = max_msg_size == SEG_CONTRACT_NO_MSG_SIZE_LIMIT &&
+ max_seg_size == SEG_CONTRACT_NO_SEGMENTATION,
);
return &this->public;
* Copyright (C) 2014-2015 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include <tncif.h>
-#define SEG_CONTRACT_MAX_SIZE_VALUE 0xffffffff
-#define SEG_CONTRACT_NO_FRAGMENTATION SEG_CONTRACT_MAX_SIZE_VALUE
+#define SEG_CONTRACT_NO_MSG_SIZE_LIMIT 0xffffffff
+#define SEG_CONTRACT_NO_SEGMENTATION 0xffffffff
/**
- * Interface for a PA-TNC attribute segmentation contract
+ * Interface for a PA-TNC message segmentation contract
*
*/
struct seg_contract_t {
pen_type_t (*get_msg_type)(seg_contract_t *this);
/**
- * Set maximum PA-TNC attribute and segment size in octets
+ * Set maximum PA-TNC message and segment size in octets
*
- * @param max_attr_size Maximum PA-TNC attribute size in octets
- * @param max_seg_size Maximum PA-TNC attribute segment size in octets
+ * @param max_msg_size Maximum PA-TNC message size in octets
+ * @param max_seg_size Maximum PA-TNC message segment size in octets
*/
- void (*set_max_size)(seg_contract_t *this, uint32_t max_attr_size,
+ void (*set_max_size)(seg_contract_t *this, uint32_t max_msg_size,
uint32_t max_seg_size);
/**
- * Get maximum PA-TNC attribute and segment size in octets
+ * Get maximum PA-TNC message and segment size in octets
*
- * @param max_attr_size Maximum PA-TNC attribute size in octets
+ * @param max_msg_size Maximum PA-TNC attribute size in octets
* @param max_seg_size Maximum PA-TNC attribute segment size in octets
*/
- void (*get_max_size)(seg_contract_t *this, uint32_t *max_attr_size,
+ void (*get_max_size)(seg_contract_t *this, uint32_t *max_msg_size,
uint32_t *max_seg_size);
/**
size_t max_attr_len);
/**
- * Generate next segment of a PA-TNC attribute according to the contract
+ * Generate next segment of a PA-TNC message according to the contract
*
- * @param base_attr_id Base Attribute ID
+ * @param base_msg_id Base Message ID
* @return Next segment envelope attribute
*/
- pa_tnc_attr_t* (*next_segment)(seg_contract_t *this, uint32_t base_attr_id);
+ pa_tnc_attr_t* (*next_segment)(seg_contract_t *this, uint32_t base_msg_id);
/**
- * Add an attribute segments until the PA-TNC attribute is reconstructed
+ * Add segments until the PA-TNC attribute is reconstructed
*
* @param attr Segment envelope attribute
* @param error Error attribute if an error occurred or NULL
* Create a PA-TNC attribute segmentation contract
*
* @param msg_type PA-TNC message type
- * @param max_attr_size Maximum PA-TNC attribute size in octets
- * @param max_seg_size Maximum PA-TNC attribute segment size in octets
+ * @param max_msg_size Maximum PA-TNC message size in octets
+ * @param max_seg_size Maximum PA-TNC message segment size in octets
* @param is_issuer TRUE if issuer of the contract
* @param issuer_id IMC or IMV ID of issuer
* @param is_imc TRUE if IMC, FALSE if IMV
*/
seg_contract_t* seg_contract_create(pen_type_t msg_type,
- uint32_t max_attr_size,
+ uint32_t max_msg_size,
uint32_t max_seg_size,
bool is_issuer, TNC_UInt32 issuer_id,
bool is_imc);
* Copyright (C) 2014-2015 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
seg_env_t public;
/**
- * Base Attribute ID
+ * Base Message ID
*/
- uint32_t base_attr_id;
+ uint32_t base_msg_id;
/**
* Base Attribute
};
-METHOD(seg_env_t, get_base_attr_id, uint32_t,
+METHOD(seg_env_t, get_base_msg_id, uint32_t,
private_seg_env_t *this)
{
- return this->base_attr_id;
+ return this->base_msg_id;
}
METHOD(seg_env_t, get_base_attr, pa_tnc_attr_t*,
writer->destroy(writer);
this->data = chunk_skip(this->data, segment_data.len);
- DBG2(DBG_TNC, "creating first segment for base attribute ID %d (%d bytes)",
- this->base_attr_id, seg_size);
+ DBG2(DBG_TNC, "creating first segment for base message ID %d (%d bytes)",
+ this->base_msg_id, seg_size);
seg_env_flags = SEG_ENV_FLAG_START | SEG_ENV_FLAG_MORE;
seg_env_attr = tcg_seg_attr_seg_env_create(value, seg_env_flags,
- this->base_attr_id);
+ this->base_msg_id);
chunk_free(&value);
return seg_env_attr;
{
*last = is_last_segment;
}
- DBG2(DBG_TNC, "creating %s segment for base attribute ID %d (%d bytes)",
- is_last_segment ? "last" : "next", this->base_attr_id,
+ DBG2(DBG_TNC, "creating %s segment for base message ID %d (%d bytes)",
+ is_last_segment ? "last" : "next", this->base_msg_id,
segment_data.len);
seg_env_flags = is_last_segment ? SEG_ENV_FLAG_NONE : SEG_ENV_FLAG_MORE;
seg_env_attr = tcg_seg_attr_seg_env_create(segment_data, seg_env_flags,
- this->base_attr_id);
+ this->base_msg_id);
return seg_env_attr;
}
/**
* See header
*/
-seg_env_t *seg_env_create(uint32_t base_attr_id, pa_tnc_attr_t *base_attr,
+seg_env_t *seg_env_create(uint32_t base_msg_id, pa_tnc_attr_t *base_attr,
uint32_t max_seg_size)
{
private_seg_env_t *this;
INIT(this,
.public = {
- .get_base_attr_id = _get_base_attr_id,
+ .get_base_msg_id = _get_base_msg_id,
.get_base_attr = _get_base_attr,
.get_base_attr_info = _get_base_attr_info,
.first_segment = _first_segment,
.add_segment = _add_segment,
.destroy = _destroy,
},
- .base_attr_id = base_attr_id,
+ .base_msg_id = base_msg_id,
.base_attr = base_attr,
.max_seg_size = max_seg_size,
.data = base_attr->get_value(base_attr),
/**
* See header
*/
-seg_env_t *seg_env_create_from_data(uint32_t base_attr_id, chunk_t data,
+seg_env_t *seg_env_create_from_data(uint32_t base_msg_id, chunk_t data,
uint32_t max_seg_size, pa_tnc_attr_t** error)
{
private_seg_env_t *this;
INIT(this,
.public = {
- .get_base_attr_id = _get_base_attr_id,
+ .get_base_msg_id = _get_base_msg_id,
.get_base_attr = _get_base_attr,
.get_base_attr_info = _get_base_attr_info,
.first_segment = _first_segment,
.add_segment = _add_segment,
.destroy = _destroy,
},
- .base_attr_id = base_attr_id,
+ .base_msg_id = base_msg_id,
.max_seg_size = max_seg_size,
);
/* create info field to be used by PA-TNC error messages */
memset(this->base_attr_info, 0xff, 4);
- htoun32(this->base_attr_info + 4, base_attr_id);
+ htoun32(this->base_attr_info + 4, base_msg_id);
msg_info = get_base_attr_info(this);
/* extract from base attribute segment from data */
* Copyright (C) 2014-2015 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
struct seg_env_t {
/**
- * Get Base Attribute ID
+ * Get Base Message ID
*
- * @return Base Attribute ID
+ * @return Base Message ID
*/
- uint32_t (*get_base_attr_id)(seg_env_t *this);
+ uint32_t (*get_base_msg_id)(seg_env_t *this);
/**
* Get Base Attribute if it contains processed [incremental] data
/**
* Create a PA-TNC attribute segment envelope object
*
- * @param base_attr_id Base Attribute ID
- * @param base_attr Base Attribute to be segmented, owned by seg_env_t
+ * @param base_msg_id Base Message ID
+ * @param base_attr Base Message to be segmented, owned by seg_env_t
* @param max_seg_size Maximum segment size
*/
-seg_env_t* seg_env_create(uint32_t base_attr_id, pa_tnc_attr_t *base_attr,
+seg_env_t* seg_env_create(uint32_t base_msg_id, pa_tnc_attr_t *base_attr,
uint32_t max_seg_size);
/**
* Create a PA-TNC attribute segment envelope object
*
- * @param base_attr_id Base Attribute ID
+ * @param base_msg_id Base Message ID
* @param data First attribute segment
* @param max_seg_size Maximum segment size
* @param error Error attribute if a parsing error occurred
*/
-seg_env_t* seg_env_create_from_data(uint32_t base_attr_id, chunk_t data,
+seg_env_t* seg_env_create_from_data(uint32_t base_msg_id, chunk_t data,
uint32_t max_seg_size,
pa_tnc_attr_t** error);
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
ita_attr_command_t *ita_attr;
seg_env_t *seg_env, *seg_env1 = NULL;
pen_type_t type;
- uint32_t base_attr_id, max_seg_size, last_seg_size, seg_size, offset;
+ uint32_t base_msg_id, max_seg_size, last_seg_size, seg_size, offset;
uint8_t flags;
bool last, last_seg;
chunk_t value, segment, seg;
}
else
{
- ck_assert(seg_env->get_base_attr_id(seg_env) == id);
+ ck_assert(seg_env->get_base_msg_id(seg_env) == id);
base_attr1 = seg_env->get_base_attr(seg_env);
ck_assert(base_attr == base_attr1);
base_attr1->destroy(base_attr1);
value = attr->get_value(attr);
ck_assert(value.len == 4 + seg_size);
ck_assert(segment.len == seg_size);
- ck_assert(seg_env_attr->get_base_attr_id(seg_env_attr) == id);
+ ck_assert(seg_env_attr->get_base_msg_id(seg_env_attr) == id);
/* create parse segment envelope attribute from data */
attr1 = tcg_seg_attr_seg_env_create_from_data(value.len, value);
seg_env_attr = (tcg_seg_attr_seg_env_t*)attr1;
segment = seg_env_attr->get_segment(seg_env_attr, &flags);
- base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr);
- ck_assert(base_attr_id == id);
+ base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr);
+ ck_assert(base_msg_id == id);
/* create and update seg_env object on the receiving side */
if (n == 0)
{
ck_assert(flags == (SEG_ENV_FLAG_MORE | SEG_ENV_FLAG_START));
- seg_env1 = seg_env_create_from_data(base_attr_id, segment,
+ seg_env1 = seg_env_create_from_data(base_msg_id, segment,
max_seg_size, &error);
}
else
/* check some standard methods */
type = attr->get_type(attr);
ck_assert(type.vendor_id == PEN_TCG);
- ck_assert(type.type == TCG_SEG_ATTR_SEG_ENV);
+ ck_assert(type.type == TCG_SEG_ENVELOPE);
ck_assert(attr->get_noskip_flag(attr) == FALSE);
attr->set_noskip_flag(attr, TRUE);
ck_assert(attr->get_noskip_flag(attr) == TRUE);
ck_assert(attr1->process(attr1, &offset) == SUCCESS);
type = attr1->get_type(attr1);
ck_assert(type.vendor_id == PEN_TCG);
- ck_assert(type.type == TCG_SEG_ATTR_SEG_ENV);
+ ck_assert(type.type == TCG_SEG_ENVELOPE);
attr1->destroy(attr1);
/* cleanup */
ita_attr_command_t *ita_attr;
pa_tnc_attr_t *attr, *base_attr_i, *base_attr_r, *error;
pen_type_t type, msg_type = { PEN_ITA, PA_SUBTYPE_ITA_TEST };
- uint32_t max_seg_size, max_attr_size = 1000, issuer_id = 1;
- uint32_t base_attr_id;
+ uint32_t max_seg_size, max_msg_size = 1000, issuer_id = 1;
+ uint32_t base_msg_id;
bool more;
libimcv_init(FALSE);
max_seg_size = seg_env_tests[_i].max_seg_size;
base_attr_r = ita_attr_command_create(command);
base_attr_r->build(base_attr_r);
- contract_i = seg_contract_create(msg_type, max_attr_size, max_seg_size,
+ contract_i = seg_contract_create(msg_type, max_msg_size, max_seg_size,
TRUE, issuer_id, FALSE);
- contract_r = seg_contract_create(msg_type, max_attr_size, max_seg_size,
+ contract_r = seg_contract_create(msg_type, max_msg_size, max_seg_size,
FALSE, issuer_id, TRUE);
attr = contract_r->first_segment(contract_r,
base_attr_r->get_ref(base_attr_r), 0);
{
ck_assert(attr);
seg_env_attr = (tcg_seg_attr_seg_env_t*)attr;
- base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr);
- ck_assert(base_attr_id == 1);
+ base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr);
+ ck_assert(base_msg_id == 1);
base_attr_i = contract_i->add_segment(contract_i, attr, &error, &more);
ck_assert(base_attr_i == NULL);
attr->destroy(attr);
ck_assert(more);
while (more)
{
- attr = contract_r->next_segment(contract_r, base_attr_id);
+ attr = contract_r->next_segment(contract_r, base_msg_id);
ck_assert(attr);
seg_env_attr = (tcg_seg_attr_seg_env_t*)attr;
- base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr);
- ck_assert(base_attr_id == 1);
+ base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr);
+ ck_assert(base_msg_id == 1);
base_attr_i = contract_i->add_segment(contract_i, attr, &error,
&more);
attr->destroy(attr);
pa_tnc_attr_t *base_attr1_i, *base_attr2_i, *base_attr1_r, *base_attr2_r;
pa_tnc_attr_t *attr1_f, *attr2_f, *attr1_n, *attr2_n, *attr3, *error;
pen_type_t type, msg_type = { PEN_ITA, PA_SUBTYPE_ITA_TEST };
- uint32_t max_seg_size, max_attr_size, issuer_id = 1;
+ uint32_t max_seg_size, max_msg_size, issuer_id = 1;
uint32_t base_attr1_id, base_attr2_id;
char info[512];
bool oversize, more;
ck_assert(!contract_i->is_null(contract_i));
/* set null contract */
- contract_i->set_max_size(contract_i, SEG_CONTRACT_MAX_SIZE_VALUE,
- SEG_CONTRACT_MAX_SIZE_VALUE);
+ contract_i->set_max_size(contract_i, SEG_CONTRACT_NO_MSG_SIZE_LIMIT,
+ SEG_CONTRACT_NO_SEGMENTATION);
ck_assert(contract_i->is_null(contract_i));
- /* set and get maximum attribute and segment sizes */
+ /* set and get maximum message and segment sizes */
contract_i->set_max_size(contract_i, 1000, 47);
contract_i->get_max_size(contract_i, NULL, NULL);
- contract_i->get_max_size(contract_i, &max_attr_size, &max_seg_size);
+ contract_i->get_max_size(contract_i, &max_msg_size, &max_seg_size);
contract_i->get_info_string(contract_i, info, sizeof(info), TRUE);
- ck_assert(max_attr_size == 1000 && max_seg_size == 47);
+ ck_assert(max_msg_size == 1000 && max_seg_size == 47);
ck_assert(!contract_i->is_null(contract_i));
/* create a null responder contract*/
- contract_r = seg_contract_create(msg_type, SEG_CONTRACT_MAX_SIZE_VALUE,
- SEG_CONTRACT_MAX_SIZE_VALUE,
+ contract_r = seg_contract_create(msg_type, SEG_CONTRACT_NO_MSG_SIZE_LIMIT,
+ SEG_CONTRACT_NO_SEGMENTATION,
FALSE, issuer_id, TRUE);
ck_assert(!contract_r->is_issuer(contract_r));
ck_assert(!contract_r->check_size(contract_r, base_attr2_r, &oversize));
ck_assert(!oversize);
- /* allow no fragmentation */
- contract_r->set_max_size(contract_r, 1000, SEG_CONTRACT_MAX_SIZE_VALUE);
+ /* allow no segmentation */
+ contract_r->set_max_size(contract_r, 1000, SEG_CONTRACT_NO_SEGMENTATION);
ck_assert(!contract_r->is_null(contract_r));
ck_assert(!contract_r->check_size(contract_r, base_attr2_r, &oversize));
ck_assert(!oversize);
- /* no maximum size limit and no fragmentation needed */
- contract_r->set_max_size(contract_r, SEG_CONTRACT_MAX_SIZE_VALUE, 141);
+ /* no maximum size limit and no segmentation needed */
+ contract_r->set_max_size(contract_r, SEG_CONTRACT_NO_MSG_SIZE_LIMIT, 141);
ck_assert(!contract_r->is_null(contract_r));
ck_assert(!contract_r->check_size(contract_r, base_attr2_r, &oversize));
ck_assert(!oversize);
ck_assert(attr2_f);
seg_env_attr1 = (tcg_seg_attr_seg_env_t*)attr1_f;
seg_env_attr2 = (tcg_seg_attr_seg_env_t*)attr2_f;
- base_attr1_id = seg_env_attr1->get_base_attr_id(seg_env_attr1);
- base_attr2_id = seg_env_attr2->get_base_attr_id(seg_env_attr2);
+ base_attr1_id = seg_env_attr1->get_base_msg_id(seg_env_attr1);
+ base_attr2_id = seg_env_attr2->get_base_msg_id(seg_env_attr2);
ck_assert(base_attr1_id == 1);
ck_assert(base_attr2_id == 2);
START_TEST(test_imcv_seg_contract_invalid)
{
- uint32_t max_seg_size = 12, max_attr_size = 100, issuer_id = 1;
+ uint32_t max_seg_size = 12, max_msg_size = 100, issuer_id = 1;
pen_type_t msg_type = { PEN_ITA, PA_SUBTYPE_ITA_TEST };
pa_tnc_attr_t *attr_f, *attr_n, *base_attr, *error;
chunk_t value_f, value_n;
ck_assert(attr_f->process(attr_f, &offset) == SUCCESS);
ck_assert(attr_n->process(attr_n, &offset) == SUCCESS);
- contract = seg_contract_create(msg_type, max_attr_size, max_seg_size,
+ contract = seg_contract_create(msg_type, max_msg_size, max_seg_size,
TRUE, issuer_id, FALSE);
base_attr = contract->add_segment(contract, attr_f, &error, &more);
ck_assert(base_attr == NULL);
START_TEST(test_imcv_seg_contract_mgr)
{
char buf[BUF_LEN];
- uint32_t max_seg_size = 12, max_attr_size = 100;
+ uint32_t max_seg_size = 12, max_msg_size = 100;
pen_type_t msg_type1 = { PEN_ITA, PA_SUBTYPE_ITA_TEST };
pen_type_t msg_type2 = { PEN_IETF, PA_SUBTYPE_IETF_OPERATING_SYSTEM };
seg_contract_manager_t *contracts;
contracts = seg_contract_manager_create();
/* add contract template as issuer */
- c1 = seg_contract_create(msg_type1, max_attr_size, max_seg_size,
+ c1 = seg_contract_create(msg_type1, max_msg_size, max_seg_size,
TRUE, 1, FALSE);
c1->get_info_string(c1, buf, BUF_LEN, TRUE);
ck_assert(cx == NULL);
/* add directed contract as responder */
- c2 = seg_contract_create(msg_type1, max_attr_size, max_seg_size,
+ c2 = seg_contract_create(msg_type1, max_msg_size, max_seg_size,
FALSE, 2, FALSE);
c2->set_responder(c2, 1);
c2->get_info_string(c2, buf, BUF_LEN, TRUE);
ck_assert(cx == NULL);
/* add directed contract as responder */
- c4 = seg_contract_create(msg_type2, max_attr_size, max_seg_size,
+ c4 = seg_contract_create(msg_type2, max_msg_size, max_seg_size,
FALSE, 2, FALSE);
c4->set_responder(c4, 1);
contracts->add_contract(contracts, c4);
* Copyright (C) 2017 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#ifndef SWIMA_EVENTS_H_
#define SWIMA_EVENTS_H_
-#define SWIMA_MAX_ATTR_SIZE 10000000
-
#include "swima_event.h"
#include <library.h>
* Copyright (C) 2017 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#ifndef SWIMA_INVENTORY_H_
#define SWIMA_INVENTORY_H_
-#define SWIMA_MAX_ATTR_SIZE 10000000
-
#include "swima_record.h"
#include <library.h>
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
/**
* Next Segment
- * see TCG IF-M Segmentation Specification
+ * see TCG IF-M Segmentation Specification Version 1.0 Rev. 5, 4 April 2016
*
* 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * |C| Reserved | Base Attribute ID |
+ * |C| Reserved | Base Message ID |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
bool cancel_flag;
/**
- * Base Attribute ID
+ * Base Message ID
*/
- uint32_t base_attr_id;
+ uint32_t base_msg_id;
/**
* Reference count
writer = bio_writer_create(TCG_SEG_ATTR_NEXT_SEG_SIZE);
writer->write_uint8 (writer, this->cancel_flag ? NEXT_SEG_FLAG_CANCEL :
NEXT_SEG_FLAG_NONE);
- writer->write_uint24(writer, this->base_attr_id);
+ writer->write_uint24(writer, this->base_msg_id);
this->value = writer->extract_buf(writer);
this->length = this->value.len;
}
reader = bio_reader_create(this->value);
reader->read_uint8 (reader, &flags);
- reader->read_uint24(reader, &this->base_attr_id);
+ reader->read_uint24(reader, &this->base_msg_id);
reader->destroy(reader);
this->cancel_flag = (flags & NEXT_SEG_FLAG_CANCEL);
}
}
-METHOD(tcg_seg_attr_next_seg_t, get_base_attr_id, uint32_t,
+METHOD(tcg_seg_attr_next_seg_t, get_base_msg_id, uint32_t,
private_tcg_seg_attr_next_seg_t *this)
{
- return this->base_attr_id;
+ return this->base_msg_id;
}
METHOD(tcg_seg_attr_next_seg_t, get_cancel_flag, bool,
/**
* Described in header.
*/
-pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_attr_id, bool cancel)
+pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_msg_id, bool cancel)
{
private_tcg_seg_attr_next_seg_t *this;
.get_ref = _get_ref,
.destroy = _destroy,
},
- .get_base_attr_id = _get_base_attr_id,
+ .get_base_msg_id = _get_base_msg_id,
.get_cancel_flag = _get_cancel_flag,
},
- .type = { PEN_TCG, TCG_SEG_NEXT_SEG_REQ },
- .base_attr_id = base_attr_id,
+ .type = { PEN_TCG, TCG_SEG_NEXT_SEGMENT },
+ .base_msg_id = base_msg_id,
.cancel_flag = cancel,
.ref = 1,
);
.get_ref = _get_ref,
.destroy = _destroy,
},
- .get_base_attr_id = _get_base_attr_id,
+ .get_base_msg_id = _get_base_msg_id,
.get_cancel_flag = _get_cancel_flag,
},
- .type = { PEN_TCG, TCG_SEG_NEXT_SEG_REQ },
+ .type = { PEN_TCG, TCG_SEG_NEXT_SEGMENT },
.length = length,
.value = chunk_clone(data),
.ref = 1,
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
pa_tnc_attr_t pa_tnc_attribute;
/**
- * Get Base Attribute ID
+ * Get Base Message ID
*
- * @return Base Attribute ID
+ * @return Base Message ID
*/
- uint32_t (*get_base_attr_id)(tcg_seg_attr_next_seg_t *this);
+ uint32_t (*get_base_msg_id)(tcg_seg_attr_next_seg_t *this);
/**
* Get the Cancel flag
/**
* Creates an tcg_seg_attr_next_seg_t object
*
- * @param base_attr_id Base Attribute ID
+ * @param base_msg_id Base Message ID
* @param cancel If TRUE set Cancel flag
*/
-pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_attr_id, bool cancel);
+pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_msg_id, bool cancel);
/**
* Creates an tcg_seg_attr_next_seg_t object from received data
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* for more details.
*/
-#include "tcg_seg_attr_max_size.h"
+#include "tcg_seg_attr_seg_contract.h"
#include <pa_tnc/pa_tnc_msg.h>
#include <bio/bio_writer.h>
#include <bio/bio_reader.h>
#include <utils/debug.h>
-typedef struct private_tcg_seg_attr_max_size_t private_tcg_seg_attr_max_size_t;
+typedef struct private_tcg_seg_attr_seg_contract_t private_tcg_seg_attr_seg_contract_t;
/**
- * Maximum Attribute Size Request/Response
- * see TCG IF-M Segmentation Specification
+ * Segmentation Contract Request/Response
+ * see TCG IF-M Segmentation Specification Version 1.0 Rev. 5, 4 April 2016
*
* 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | Max Attribute Size |
+ * | Max Message Size |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Max Segment Size |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*/
/**
- * Private data of an tcg_seg_attr_max_size_t object.
+ * Private data of an tcg_seg_attr_seg_contract_t object.
*/
-struct private_tcg_seg_attr_max_size_t {
+struct private_tcg_seg_attr_seg_contract_t {
/**
- * Public members of tcg_seg_attr_max_size_t
+ * Public members of tcg_seg_attr_seg_contract_t
*/
- tcg_seg_attr_max_size_t public;
+ tcg_seg_attr_seg_contract_t public;
/**
* Vendor-specific attribute type
bool noskip_flag;
/**
- * Maximum IF-M attribute size in octets
+ * Maximum IF-M message size in octets
*/
- uint32_t max_attr_size;
+ uint32_t max_msg_size;
/**
* Maximum IF-M attribute segment size in octets
};
METHOD(pa_tnc_attr_t, get_type, pen_type_t,
- private_tcg_seg_attr_max_size_t *this)
+ private_tcg_seg_attr_seg_contract_t *this)
{
return this->type;
}
METHOD(pa_tnc_attr_t, get_value, chunk_t,
- private_tcg_seg_attr_max_size_t *this)
+ private_tcg_seg_attr_seg_contract_t *this)
{
return this->value;
}
METHOD(pa_tnc_attr_t, get_noskip_flag, bool,
- private_tcg_seg_attr_max_size_t *this)
+ private_tcg_seg_attr_seg_contract_t *this)
{
return this->noskip_flag;
}
METHOD(pa_tnc_attr_t, set_noskip_flag,void,
- private_tcg_seg_attr_max_size_t *this, bool noskip)
+ private_tcg_seg_attr_seg_contract_t *this, bool noskip)
{
this->noskip_flag = noskip;
}
METHOD(pa_tnc_attr_t, build, void,
- private_tcg_seg_attr_max_size_t *this)
+ private_tcg_seg_attr_seg_contract_t *this)
{
bio_writer_t *writer;
{
return;
}
- writer = bio_writer_create(TCG_SEG_ATTR_MAX_SIZE_SIZE);
- writer->write_uint32(writer, this->max_attr_size);
+ writer = bio_writer_create(TCG_SEG_ATTR_SEG_CONTRACT_SIZE);
+ writer->write_uint32(writer, this->max_msg_size);
writer->write_uint32(writer, this->max_seg_size);
this->value = writer->extract_buf(writer);
}
METHOD(pa_tnc_attr_t, process, status_t,
- private_tcg_seg_attr_max_size_t *this, uint32_t *offset)
+ private_tcg_seg_attr_seg_contract_t *this, uint32_t *offset)
{
bio_reader_t *reader;
{
return NEED_MORE;
}
- if (this->value.len < TCG_SEG_ATTR_MAX_SIZE_SIZE)
+ if (this->value.len < TCG_SEG_ATTR_SEG_CONTRACT_SIZE)
{
DBG1(DBG_TNC, "insufficient data for %N", tcg_attr_names,
this->type.type);
return FAILED;
}
reader = bio_reader_create(this->value);
- reader->read_uint32(reader, &this->max_attr_size);
+ reader->read_uint32(reader, &this->max_msg_size);
reader->read_uint32(reader, &this->max_seg_size);
reader->destroy(reader);
}
METHOD(pa_tnc_attr_t, add_segment, void,
- private_tcg_seg_attr_max_size_t *this, chunk_t segment)
+ private_tcg_seg_attr_seg_contract_t *this, chunk_t segment)
{
this->value = chunk_cat("mc", this->value, segment);
}
METHOD(pa_tnc_attr_t, get_ref, pa_tnc_attr_t*,
- private_tcg_seg_attr_max_size_t *this)
+ private_tcg_seg_attr_seg_contract_t *this)
{
ref_get(&this->ref);
return &this->public.pa_tnc_attribute;
}
METHOD(pa_tnc_attr_t, destroy, void,
- private_tcg_seg_attr_max_size_t *this)
+ private_tcg_seg_attr_seg_contract_t *this)
{
if (ref_put(&this->ref))
{
}
}
-METHOD(tcg_seg_attr_max_size_t, get_attr_size, void,
- private_tcg_seg_attr_max_size_t *this, uint32_t *max_attr_size,
- uint32_t *max_seg_size)
+METHOD(tcg_seg_attr_seg_contract_t, get_max_size, void,
+ private_tcg_seg_attr_seg_contract_t *this, uint32_t *max_msg_size,
+ uint32_t *max_seg_size)
{
- if (max_attr_size)
+ if (max_msg_size)
{
- *max_attr_size = this->max_attr_size;
+ *max_msg_size = this->max_msg_size;
}
if (max_seg_size)
{
/**
* Described in header.
*/
-pa_tnc_attr_t* tcg_seg_attr_max_size_create(uint32_t max_attr_size,
- uint32_t max_seg_size,
- bool request)
+pa_tnc_attr_t* tcg_seg_attr_seg_contract_create(uint32_t max_msg_size,
+ uint32_t max_seg_size,
+ bool request)
{
- private_tcg_seg_attr_max_size_t *this;
+ private_tcg_seg_attr_seg_contract_t *this;
INIT(this,
.public = {
.get_ref = _get_ref,
.destroy = _destroy,
},
- .get_attr_size = _get_attr_size,
+ .get_max_size = _get_max_size,
},
- .type = { PEN_TCG, request ? TCG_SEG_MAX_ATTR_SIZE_REQ :
- TCG_SEG_MAX_ATTR_SIZE_RESP },
- .max_attr_size = max_attr_size,
+ .type = { PEN_TCG, request ? TCG_SEG_CONTRACT_REQ :
+ TCG_SEG_CONTRACT_RESP },
+ .max_msg_size = max_msg_size,
.max_seg_size = max_seg_size,
.ref = 1,
);
/**
* Described in header.
*/
-pa_tnc_attr_t *tcg_seg_attr_max_size_create_from_data(size_t length,
- chunk_t data,
- bool request)
+pa_tnc_attr_t *tcg_seg_attr_seg_contract_create_from_data(size_t length,
+ chunk_t data,
+ bool request)
{
- private_tcg_seg_attr_max_size_t *this;
+ private_tcg_seg_attr_seg_contract_t *this;
INIT(this,
.public = {
.get_ref = _get_ref,
.destroy = _destroy,
},
- .get_attr_size = _get_attr_size,
+ .get_max_size = _get_max_size,
},
- .type = { PEN_TCG, request ? TCG_SEG_MAX_ATTR_SIZE_REQ :
- TCG_SEG_MAX_ATTR_SIZE_RESP },
+ .type = { PEN_TCG, request ? TCG_SEG_CONTRACT_REQ :
+ TCG_SEG_CONTRACT_RESP },
.length = length,
.value = chunk_clone(data),
.ref = 1,
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
- * This program is free software; you can redistribute it and/or modify it
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
+ This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*/
/**
- * @defgroup tcg_seg_attr_max_size tcg_seg_attr_max_size
+ * @defgroup tcg_seg_attr_seg_contract tcg_seg_attr_seg_contract
* @{ @ingroup tcg_attr
*/
#ifndef TCG_SEG_ATTR_MAX_SIZE_H_
#define TCG_SEG_ATTR_MAX_SIZE_H_
-typedef struct tcg_seg_attr_max_size_t tcg_seg_attr_max_size_t;
+typedef struct tcg_seg_attr_seg_contract_t tcg_seg_attr_seg_contract_t;
#include "tcg/tcg_attr.h"
-#define TCG_SEG_ATTR_MAX_SIZE_SIZE 8
+#define TCG_SEG_ATTR_SEG_CONTRACT_SIZE 8
/**
* Class implementing the TCG Segmentation Maximum Attribute Size Attribute
*/
-struct tcg_seg_attr_max_size_t {
+struct tcg_seg_attr_seg_contract_t {
/**
* Public PA-TNC attribute interface
pa_tnc_attr_t pa_tnc_attribute;
/**
- * Get maximum IF-M attribute and segment size in octets
+ * Get maximum IF-M message and segment size in octets
*
* @param max_attr_size Maximum IF-M attribute size in octets
* @param max_seg_size Maximum IF-M attribute segment size in octets
*/
- void (*get_attr_size)(tcg_seg_attr_max_size_t *this,
- uint32_t *max_attr_size, uint32_t *max_seg_size);
+ void (*get_max_size)(tcg_seg_attr_seg_contract_t *this,
+ uint32_t *max_attr_size, uint32_t *max_seg_size);
};
/**
- * Creates an tcg_seg_attr_max_size_t object
+ * Creates an tcg_seg_attr_seg_contract_t object
*
* @param max_attr_size Maximum IF-M attribute size in octets
* @param max_seg_size Maximum IF-M attribute segment size in octets
* @param request TRUE for a request, FALSE for a response
*/
-pa_tnc_attr_t* tcg_seg_attr_max_size_create(uint32_t max_attr_size,
- uint32_t max_seg_size,
- bool request);
+pa_tnc_attr_t* tcg_seg_attr_seg_contract_create(uint32_t max_attr_size,
+ uint32_t max_seg_size,
+ bool request);
/**
- * Creates an tcg_seg_attr_max_size_t object from received data
+ * Creates an tcg_seg_attr_seg_contract_t object from received data
*
* @param length Total length of attribute value
* @param value Unparsed attribute value (might be a segment)
* @param request TRUE for a request, FALSE for a response
*/
-pa_tnc_attr_t* tcg_seg_attr_max_size_create_from_data(size_t length,
- chunk_t value,
- bool request);
+pa_tnc_attr_t* tcg_seg_attr_seg_contract_create_from_data(size_t length,
+ chunk_t value,
+ bool request);
#endif /** TCG_SEG_ATTR_MAX_SIZE_H_ @}*/
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
typedef struct private_tcg_seg_attr_seg_env_t private_tcg_seg_attr_seg_env_t;
/**
- * Attribute Segment Envelope
- * see TCG IF-M Segmentation Specification
+ * Segment Envelope
+ * see TCG IF-M Segmentation Specification Version 1.0 Rev. 5, 4 April 2016
*
* 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * |M|S| Reserved | Base Attribute ID |
+ * |M|S| Reserved | Base Message ID |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Segment Value (Variable Length) |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
uint8_t flags;
/**
- * Base Attribute ID
+ * Base Message ID
*/
- uint32_t base_attr_id;
+ uint32_t base_msg_id;
/**
* Attribute value
}
reader = bio_reader_create(this->value);
reader->read_uint8 (reader, &this->flags);
- reader->read_uint24(reader, &this->base_attr_id);
+ reader->read_uint24(reader, &this->base_msg_id);
reader->destroy(reader);
return SUCCESS;
return chunk_skip(this->value, TCG_SEG_ATTR_SEG_ENV_HEADER);
}
-METHOD(tcg_seg_attr_seg_env_t, get_base_attr_id, uint32_t,
+METHOD(tcg_seg_attr_seg_env_t, get_base_msg_id, uint32_t,
private_tcg_seg_attr_seg_env_t *this)
{
- return this->base_attr_id;
+ return this->base_msg_id;
}
/**
* Described in header.
*/
pa_tnc_attr_t* tcg_seg_attr_seg_env_create(chunk_t segment, uint8_t flags,
- uint32_t base_attr_id)
+ uint32_t base_msg_id)
{
private_tcg_seg_attr_seg_env_t *this;
.get_ref = _get_ref,
.destroy = _destroy,
},
- .get_base_attr_id = _get_base_attr_id,
+ .get_base_msg_id = _get_base_msg_id,
.get_segment = _get_segment,
},
- .type = { PEN_TCG, TCG_SEG_ATTR_SEG_ENV },
+ .type = { PEN_TCG, TCG_SEG_ENVELOPE },
.flags = flags,
- .base_attr_id = base_attr_id,
+ .base_msg_id = base_msg_id,
.value = chunk_alloc(TCG_SEG_ATTR_SEG_ENV_HEADER + segment.len),
.ref = 1,
);
- htoun32(this->value.ptr, base_attr_id);
+ htoun32(this->value.ptr, base_msg_id);
*this->value.ptr = flags;
memcpy(this->value.ptr + TCG_SEG_ATTR_SEG_ENV_HEADER,
segment.ptr, segment.len);
/**
* Described in header.
*/
-pa_tnc_attr_t *tcg_seg_attr_seg_env_create_from_data(size_t length,
- chunk_t data)
+pa_tnc_attr_t *tcg_seg_attr_seg_env_create_from_data(size_t length, chunk_t data)
{
private_tcg_seg_attr_seg_env_t *this;
.get_ref = _get_ref,
.destroy = _destroy,
},
- .get_base_attr_id = _get_base_attr_id,
+ .get_base_msg_id = _get_base_msg_id,
.get_segment = _get_segment,
},
- .type = { PEN_TCG, TCG_SEG_ATTR_SEG_ENV },
+ .type = { PEN_TCG, TCG_SEG_ENVELOPE },
.length = length,
.value = chunk_clone(data),
.ref = 1,
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#define TCG_SEG_ATTR_SEG_ENV_HEADER 4
/**
- * Class implementing the TCG Segmentation Envelope Attribute
+ * Class implementing the TCG Segment Envelope Attribute
*/
struct tcg_seg_attr_seg_env_t {
chunk_t (*get_segment)(tcg_seg_attr_seg_env_t *this, uint8_t *flags);
/**
- * Get Base Attribute ID
+ * Get Base Message ID
*
- * @return Base Attribute ID
+ * @return Base Message ID
*/
- uint32_t (*get_base_attr_id)(tcg_seg_attr_seg_env_t *this);
+ uint32_t (*get_base_msg_id)(tcg_seg_attr_seg_env_t *this);
};
/**
* Creates an tcg_seg_attr_seg_env_t object
*
- * @param segment Attribute segment
+ * @param segment Segment
* @param flags Segmentation flags
- * @param base_attr_id Base Attribute ID
+ * @param base_msg_id Base Message ID
*/
pa_tnc_attr_t* tcg_seg_attr_seg_env_create(chunk_t segment, uint8_t flags,
- uint32_t base_attr_id);
+ uint32_t base_msg_id);
/**
* Creates an tcg_seg_attr_seg_env_t object from received data
* @param value Unparsed attribute value (might be a segment)
*/
pa_tnc_attr_t* tcg_seg_attr_seg_env_create_from_data(size_t length,
- chunk_t value);
+ chunk_t value);
#endif /** TCG_SEG_ATTR_SEG_ENV_H_ @}*/
* Copyright (C) 2011-2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#include "tcg/pts/tcg_pts_attr_file_meas.h"
#include "tcg/pts/tcg_pts_attr_req_file_meta.h"
#include "tcg/pts/tcg_pts_attr_unix_file_meta.h"
-#include "tcg/seg/tcg_seg_attr_max_size.h"
+#include "tcg/seg/tcg_seg_attr_seg_contract.h"
#include "tcg/seg/tcg_seg_attr_seg_env.h"
#include "tcg/seg/tcg_seg_attr_next_seg.h"
"SWID Tag Events",
"SWID Subscription Status Request",
"SWID Subscription Status Response");
-ENUM_NEXT(tcg_attr_names, TCG_SEG_MAX_ATTR_SIZE_REQ,
- TCG_SEG_CANCEL_SEG_EXCH,
+ENUM_NEXT(tcg_attr_names, TCG_SEG_CONTRACT_REQ,
+ TCG_SEG_CONTRACT_EXEMPTION,
TCG_SWID_SUBSCRIPTION_STATUS_RESP,
- "Max Attribute Size Request",
- "Max Attribute Size Response",
- "Attribute Segment Envelope",
- "Next Segment Request",
- "Cancel Segment Exchange");
+ "Segmentation Contract Request",
+ "Segmentation Contract Response",
+ "Segment Envelope",
+ "Next Segment",
+ "Cancel",
+ "Oversized Message",
+ "Contract Exemption");
ENUM_NEXT(tcg_attr_names, TCG_PTS_REQ_FUNC_COMP_EVID,
TCG_PTS_REQ_FUNC_COMP_EVID,
- TCG_SEG_CANCEL_SEG_EXCH,
+ TCG_SEG_CONTRACT_EXEMPTION,
"Request Functional Component Evidence");
ENUM_NEXT(tcg_attr_names, TCG_PTS_GEN_ATTEST_EVID,
TCG_PTS_GEN_ATTEST_EVID,
{
switch (type)
{
- case TCG_SEG_MAX_ATTR_SIZE_REQ:
- return tcg_seg_attr_max_size_create_from_data(length, value, TRUE);
- case TCG_SEG_MAX_ATTR_SIZE_RESP:
- return tcg_seg_attr_max_size_create_from_data(length, value, FALSE);
- case TCG_SEG_ATTR_SEG_ENV:
+ case TCG_SEG_CONTRACT_REQ:
+ return tcg_seg_attr_seg_contract_create_from_data(length, value, TRUE);
+ case TCG_SEG_CONTRACT_RESP:
+ return tcg_seg_attr_seg_contract_create_from_data(length, value, FALSE);
+ case TCG_SEG_ENVELOPE:
return tcg_seg_attr_seg_env_create_from_data(length, value);
- case TCG_SEG_NEXT_SEG_REQ:
+ case TCG_SEG_NEXT_SEGMENT:
return tcg_seg_attr_next_seg_create_from_data(length, value);
case TCG_PTS_REQ_PROTO_CAPS:
return tcg_pts_attr_proto_caps_create_from_data(length, value,
* Copyright (C) 2011-2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2022 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
TCG_SWID_SUBSCRIPTION_STATUS_REQ = 0x00000016,
TCG_SWID_SUBSCRIPTION_STATUS_RESP = 0x00000017,
- /* IF-M Attribute Segmentation */
- TCG_SEG_MAX_ATTR_SIZE_REQ = 0x00000021,
- TCG_SEG_MAX_ATTR_SIZE_RESP = 0x00000022,
- TCG_SEG_ATTR_SEG_ENV = 0x00000023,
- TCG_SEG_NEXT_SEG_REQ = 0x00000024,
- TCG_SEG_CANCEL_SEG_EXCH = 0x00000025,
+ /* IF-M Segmentation */
+ TCG_SEG_CONTRACT_REQ = 0x00000021,
+ TCG_SEG_CONTRACT_RESP = 0x00000022,
+ TCG_SEG_ENVELOPE = 0x00000023,
+ TCG_SEG_NEXT_SEGMENT = 0x00000024,
+ TCG_SEG_CANCEL = 0x00000025,
+ TCG_SEG_OVERSIZED_MSG = 0x00000026,
+ TCG_SEG_CONTRACT_EXEMPTION = 0x00000027,
/* PTS Protocol Negotiations */
TCG_PTS_REQ_PROTO_CAPS = 0x01000000,
projects / thirdparty / strongswan.git / commitdiff
