From: Sansar Choinyambuu <schoinya@hsr.ch>
Date: Wed, 19 Oct 2011 11:54:29 +0000 (+0200)
Subject: Changed definition of pcr_value in pcr_entry_t structure
X-Git-Tag: 4.6.2~233
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=db15e3a0d9fb9f4a84f08845f7ed1f96c669de3d;p=thirdparty%2Fstrongswan.git

Changed definition of pcr_value in pcr_entry_t structure
Implemented function to check if recevied PCR after value matches with any configured pcr value
---

diff --git a/src/libpts/pts/pts.c b/src/libpts/pts/pts.c
index 0f850f292f..1178a0f903 100644
--- a/src/libpts/pts/pts.c
+++ b/src/libpts/pts/pts.c
@@ -984,6 +984,45 @@ static u_int32_t get_max_pcr_index(private_pts_t *this)
 	return ret;
 }
 
+METHOD(pts_t, does_pcr_value_match, bool,
+	private_pts_t *this, chunk_t pcr_after_value)
+{
+	linked_list_t *entries;
+	enumerator_t *e;
+	pcr_entry_t *pcr_entry;
+	bool match_found = FALSE;
+	
+	if (!load_pcr_entries(&entries))
+	{
+		DBG1(DBG_PTS, "failed to load PCR entries");
+		return FALSE;
+	}
+	
+	e = entries->create_enumerator(entries);
+	while (e->enumerate(e, &pcr_entry))
+	{
+		if (chunk_equals(chunk_create(pcr_entry->pcr_value, PCR_LEN), pcr_after_value))
+		{
+			DBG1(DBG_PTS, "PCR %d value matched with configured value",
+				 pcr_entry->pcr_number);
+			match_found = TRUE;
+			break;
+		}
+	}
+	
+	DESTROY_IF(e);
+	DESTROY_IF(entries);
+	free(pcr_entry);
+
+	if (match_found)
+	{
+		return TRUE;
+	}
+	
+	DBG1(DBG_PTS, "PCR after value didn't match with any of the configured values");
+	return FALSE;
+}
+
 /**
  * 1. build a TCPA_PCR_COMPOSITE structure which contains (pcrCompositeBuf)
  * TCPA_PCR_SELECTION structure (bitmask length + bitmask)
@@ -1045,6 +1084,7 @@ METHOD(pts_t, get_quote_info, bool,
 		u_int32_t index = pcr_entry->pcr_number;
 		mask_bytes[index / 8] |= (1 << (index % 8));
 	}
+	
 	e->destroy(e);
 
 	for (i = 0; i< bitmask_len ; i++)
diff --git a/src/libpts/pts/pts.h b/src/libpts/pts/pts.h
index 5b8d8986f8..41f81e40f7 100644
--- a/src/libpts/pts/pts.h
+++ b/src/libpts/pts/pts.h
@@ -388,6 +388,13 @@ struct pts_t {
 	 bool (*quote_tpm)(pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
 					   chunk_t *pcr_composite, chunk_t *quote_signature);
 
+	 /**
+	 * Check PCR after value in Simple Component Evidence matches configured value
+	 *
+	 * @return					FALSE in case of any error or non-match, TRUE otherwise
+	 */
+	 bool (*does_pcr_value_match)(pts_t *this, chunk_t pcr_after_value);
+
 	 /**
 	 * Constructs and returns PCR Quote Digest structure expected from IMC
 	 *