From: Andreas Steffen Date: Fri, 26 Sep 2014 11:24:33 +0000 (+0200) Subject: Added total length parameter in PA-TNC attribute constructor X-Git-Tag: 5.2.1dr1~15 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e77df5a1f6d81f43b7afd387e390c6d96e734607;p=thirdparty%2Fstrongswan.git Added total length parameter in PA-TNC attribute constructor --- diff --git a/src/libimcv/ietf/ietf_attr.c b/src/libimcv/ietf/ietf_attr.c index 2f38198981..67269af53a 100644 --- a/src/libimcv/ietf/ietf_attr.c +++ b/src/libimcv/ietf/ietf_attr.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -47,34 +47,35 @@ ENUM(ietf_attr_names, IETF_ATTR_TESTING, IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED, /** * See header */ -pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, chunk_t value) +pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, size_t length, + chunk_t value) { switch (type) { case IETF_ATTR_ATTRIBUTE_REQUEST: - return ietf_attr_attr_request_create_from_data(value); + return ietf_attr_attr_request_create_from_data(length, value); case IETF_ATTR_PRODUCT_INFORMATION: - return ietf_attr_product_info_create_from_data(value); + return ietf_attr_product_info_create_from_data(length, value); case IETF_ATTR_NUMERIC_VERSION: - return ietf_attr_numeric_version_create_from_data(value); + return ietf_attr_numeric_version_create_from_data(length, value); case IETF_ATTR_STRING_VERSION: - return ietf_attr_string_version_create_from_data(value); + return ietf_attr_string_version_create_from_data(length, value); case IETF_ATTR_OPERATIONAL_STATUS: - return ietf_attr_op_status_create_from_data(value); + return ietf_attr_op_status_create_from_data(length, value); case IETF_ATTR_PORT_FILTER: - return ietf_attr_port_filter_create_from_data(value); + return ietf_attr_port_filter_create_from_data(length, value); case IETF_ATTR_INSTALLED_PACKAGES: - return ietf_attr_installed_packages_create_from_data(value); + return ietf_attr_installed_packages_create_from_data(length, value); case IETF_ATTR_PA_TNC_ERROR: - return ietf_attr_pa_tnc_error_create_from_data(value); + return ietf_attr_pa_tnc_error_create_from_data(length, value); case IETF_ATTR_ASSESSMENT_RESULT: - return ietf_attr_assess_result_create_from_data(value); + return ietf_attr_assess_result_create_from_data(length, value); case IETF_ATTR_REMEDIATION_INSTRUCTIONS: - return ietf_attr_remediation_instr_create_from_data(value); + return ietf_attr_remediation_instr_create_from_data(length, value); case IETF_ATTR_FORWARDING_ENABLED: - return ietf_attr_fwd_enabled_create_from_data(value); + return ietf_attr_fwd_enabled_create_from_data(length, value); case IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED: - return ietf_attr_default_pwd_enabled_create_from_data(value); + return ietf_attr_default_pwd_enabled_create_from_data(length, value); case IETF_ATTR_TESTING: case IETF_ATTR_RESERVED: default: diff --git a/src/libimcv/ietf/ietf_attr.h b/src/libimcv/ietf/ietf_attr.h index d22175d941..169ed78e8f 100644 --- a/src/libimcv/ietf/ietf_attr.h +++ b/src/libimcv/ietf/ietf_attr.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -56,8 +56,10 @@ extern enum_name_t *ietf_attr_names; * Create an IETF PA-TNC attribute from data * * @param type attribute type - * @param value attribute value + * @param length attribute length + * @param value attribute value or segment */ -pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, chunk_t value); +pa_tnc_attr_t* ietf_attr_create_from_data(u_int32_t type, size_t length, + chunk_t value); #endif /** IETF_ATTR_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_assess_result.c b/src/libimcv/ietf/ietf_attr_assess_result.c index 55226e3bb5..f3b24f37bc 100644 --- a/src/libimcv/ietf/ietf_attr_assess_result.c +++ b/src/libimcv/ietf/ietf_attr_assess_result.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -50,7 +50,12 @@ struct private_ietf_attr_assess_result_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -107,6 +112,7 @@ METHOD(pa_tnc_attr_t, build, void, writer = bio_writer_create(ASSESS_RESULT_SIZE); writer->write_uint32(writer, this->result); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -115,10 +121,15 @@ METHOD(pa_tnc_attr_t, process, status_t, { bio_reader_t *reader; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < ASSESS_RESULT_SIZE) { DBG1(DBG_TNC, "insufficient data for IETF assessment result"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -183,7 +194,8 @@ pa_tnc_attr_t *ietf_attr_assess_result_create(u_int32_t result) /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_assess_result_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_assess_result_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_assess_result_t *this; @@ -202,6 +214,7 @@ pa_tnc_attr_t *ietf_attr_assess_result_create_from_data(chunk_t data) .get_result = _get_result, }, .type = { PEN_IETF, IETF_ATTR_ASSESSMENT_RESULT }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/ietf/ietf_attr_assess_result.h b/src/libimcv/ietf/ietf_attr_assess_result.h index e94b57b88b..b1a5166dc6 100644 --- a/src/libimcv/ietf/ietf_attr_assess_result.h +++ b/src/libimcv/ietf/ietf_attr_assess_result.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -56,8 +56,10 @@ pa_tnc_attr_t* ietf_attr_assess_result_create(u_int32_t result); /** * Creates an ietf_attr_assess_result_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_assess_result_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_assess_result_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_ASSESS_RESULT_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_attr_request.c b/src/libimcv/ietf/ietf_attr_attr_request.c index 3b4fd26cd6..e1047aaa80 100644 --- a/src/libimcv/ietf/ietf_attr_attr_request.c +++ b/src/libimcv/ietf/ietf_attr_attr_request.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -59,7 +59,12 @@ struct private_ietf_attr_attr_request_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -126,6 +131,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -150,11 +156,17 @@ METHOD(pa_tnc_attr_t, process, status_t, u_int8_t reserved; int count; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } + count = this->value.len / ATTR_REQUEST_ENTRY_SIZE; if (this->value.len != ATTR_REQUEST_ENTRY_SIZE * count) { DBG1(DBG_TNC, "incorrect attribute length for IETF attribute request"); - *offset = 0; return FAILED; } @@ -246,7 +258,8 @@ pa_tnc_attr_t *ietf_attr_attr_request_create(pen_t vendor_id, u_int32_t type) /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_attr_request_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_attr_request_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_attr_request_t *this; @@ -266,6 +279,7 @@ pa_tnc_attr_t *ietf_attr_attr_request_create_from_data(chunk_t data) .create_enumerator = _create_enumerator, }, .type = { PEN_IETF, IETF_ATTR_ATTRIBUTE_REQUEST }, + .length = length, .value = chunk_clone(data), .list = linked_list_create(), .ref = 1, diff --git a/src/libimcv/ietf/ietf_attr_attr_request.h b/src/libimcv/ietf/ietf_attr_attr_request.h index fc9e086760..47b038605f 100644 --- a/src/libimcv/ietf/ietf_attr_attr_request.h +++ b/src/libimcv/ietf/ietf_attr_attr_request.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -62,10 +62,10 @@ struct ietf_attr_attr_request_t { pa_tnc_attr_t* ietf_attr_attr_request_create(pen_t vendor_id, u_int32_t type); /** - * Creates an ietf_attr_attr_request_t object from received data - * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_attr_request_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_attr_request_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_ATTR_REQUEST_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_default_pwd_enabled.c b/src/libimcv/ietf/ietf_attr_default_pwd_enabled.c index 2c6b3d5424..11a502a198 100644 --- a/src/libimcv/ietf/ietf_attr_default_pwd_enabled.c +++ b/src/libimcv/ietf/ietf_attr_default_pwd_enabled.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -50,7 +50,12 @@ struct private_ietf_attr_default_pwd_enabled_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -107,6 +112,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint32(writer, this->status); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -118,6 +124,10 @@ METHOD(pa_tnc_attr_t, process, status_t, *offset = 0; + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len != DEFAULT_PWD_ENABLED_SIZE) { DBG1(DBG_TNC, "incorrect size for IETF factory default password " @@ -194,7 +204,8 @@ pa_tnc_attr_t *ietf_attr_default_pwd_enabled_create(bool status) /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_default_pwd_enabled_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_default_pwd_enabled_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_default_pwd_enabled_t *this; @@ -213,6 +224,7 @@ pa_tnc_attr_t *ietf_attr_default_pwd_enabled_create_from_data(chunk_t data) .get_status = _get_status, }, .type = { PEN_IETF, IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/ietf/ietf_attr_default_pwd_enabled.h b/src/libimcv/ietf/ietf_attr_default_pwd_enabled.h index 6fe1a02b1d..3999590d40 100644 --- a/src/libimcv/ietf/ietf_attr_default_pwd_enabled.h +++ b/src/libimcv/ietf/ietf_attr_default_pwd_enabled.h @@ -56,8 +56,10 @@ pa_tnc_attr_t* ietf_attr_default_pwd_enabled_create(bool status); /** * Creates an ietf_attr_default_pwd_enabled_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_default_pwd_enabled_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_default_pwd_enabled_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_PWD_ENABLED_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_fwd_enabled.c b/src/libimcv/ietf/ietf_attr_fwd_enabled.c index a906b2258a..18c19aec0d 100644 --- a/src/libimcv/ietf/ietf_attr_fwd_enabled.c +++ b/src/libimcv/ietf/ietf_attr_fwd_enabled.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -50,7 +50,12 @@ struct private_ietf_attr_fwd_enabled_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -107,6 +112,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint32(writer, this->fwd_status); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -118,6 +124,10 @@ METHOD(pa_tnc_attr_t, process, status_t, *offset = 0; + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len != FORWARDING_ENABLED_SIZE) { DBG1(DBG_TNC, "incorrect size for IETF forwarding enabled attribute"); @@ -193,7 +203,8 @@ pa_tnc_attr_t *ietf_attr_fwd_enabled_create(os_fwd_status_t fwd_status) /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_fwd_enabled_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_fwd_enabled_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_fwd_enabled_t *this; @@ -212,6 +223,7 @@ pa_tnc_attr_t *ietf_attr_fwd_enabled_create_from_data(chunk_t data) .get_status = _get_status, }, .type = { PEN_IETF, IETF_ATTR_FORWARDING_ENABLED }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/ietf/ietf_attr_fwd_enabled.h b/src/libimcv/ietf/ietf_attr_fwd_enabled.h index 41714380e3..c4b6c15470 100644 --- a/src/libimcv/ietf/ietf_attr_fwd_enabled.h +++ b/src/libimcv/ietf/ietf_attr_fwd_enabled.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-14 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -57,8 +57,10 @@ pa_tnc_attr_t* ietf_attr_fwd_enabled_create(os_fwd_status_t fwd_status); /** * Creates an ietf_attr_fwd_enabled_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_fwd_enabled_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_fwd_enabled_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_FWD_ENABLED_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_installed_packages.c b/src/libimcv/ietf/ietf_attr_installed_packages.c index f33f643afc..2f37e4fdae 100644 --- a/src/libimcv/ietf/ietf_attr_installed_packages.c +++ b/src/libimcv/ietf/ietf_attr_installed_packages.c @@ -57,7 +57,12 @@ struct private_ietf_attr_installed_packages_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -143,6 +148,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -158,6 +164,10 @@ METHOD(pa_tnc_attr_t, process, status_t, *offset = 0; + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < IETF_INSTALLED_PACKAGES_MIN_SIZE) { DBG1(DBG_TNC, "insufficient data for IETF installed packages"); @@ -300,9 +310,11 @@ pa_tnc_attr_t *ietf_attr_installed_packages_create(void) } /** - * Described in header. + * Described in header. .length = length, + */ -pa_tnc_attr_t *ietf_attr_installed_packages_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_installed_packages_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_installed_packages_t *this; @@ -322,6 +334,7 @@ pa_tnc_attr_t *ietf_attr_installed_packages_create_from_data(chunk_t data) .create_enumerator = _create_enumerator, }, .type = {PEN_IETF, IETF_ATTR_INSTALLED_PACKAGES }, + .length = length, .value = chunk_clone(data), .packages = linked_list_create(), .ref = 1, diff --git a/src/libimcv/ietf/ietf_attr_installed_packages.h b/src/libimcv/ietf/ietf_attr_installed_packages.h index e19d0f47b0..28fba3868c 100644 --- a/src/libimcv/ietf/ietf_attr_installed_packages.h +++ b/src/libimcv/ietf/ietf_attr_installed_packages.h @@ -67,8 +67,10 @@ pa_tnc_attr_t* ietf_attr_installed_packages_create(void); /** * Creates an ietf_attr_installed_packages_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_installed_packages_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_installed_packages_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_INSTALLED_PACKAGES_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_numeric_version.c b/src/libimcv/ietf/ietf_attr_numeric_version.c index 7392564571..3e87887180 100644 --- a/src/libimcv/ietf/ietf_attr_numeric_version.c +++ b/src/libimcv/ietf/ietf_attr_numeric_version.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -56,7 +56,12 @@ struct private_ietf_attr_numeric_version_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -138,6 +143,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint16(writer, this->service_pack_minor); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -146,10 +152,15 @@ METHOD(pa_tnc_attr_t, process, status_t, { bio_reader_t *reader; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < NUMERIC_VERSION_SIZE) { DBG1(DBG_TNC, "insufficient data for IETF numeric version"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -253,7 +264,8 @@ pa_tnc_attr_t *ietf_attr_numeric_version_create(u_int32_t major, u_int32_t minor /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_numeric_version_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_numeric_version_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_numeric_version_t *this; @@ -274,6 +286,7 @@ pa_tnc_attr_t *ietf_attr_numeric_version_create_from_data(chunk_t data) .get_service_pack = _get_service_pack, }, .type = { PEN_IETF, IETF_ATTR_NUMERIC_VERSION }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/ietf/ietf_attr_numeric_version.h b/src/libimcv/ietf/ietf_attr_numeric_version.h index bbda6b8959..34393c6733 100644 --- a/src/libimcv/ietf/ietf_attr_numeric_version.h +++ b/src/libimcv/ietf/ietf_attr_numeric_version.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-14 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -77,8 +77,10 @@ pa_tnc_attr_t* ietf_attr_numeric_version_create(u_int32_t major, u_int32_t minor /** * Creates an ietf_attr_numeric_version_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_numeric_version_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_numeric_version_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_NUMERIC_VERSION_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_op_status.c b/src/libimcv/ietf/ietf_attr_op_status.c index 23530684a8..e788ff6ff9 100644 --- a/src/libimcv/ietf/ietf_attr_op_status.c +++ b/src/libimcv/ietf/ietf_attr_op_status.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -76,7 +76,12 @@ struct private_ietf_attr_op_status_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -154,6 +159,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_data (writer, chunk_create(last_use, 20)); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -167,6 +173,10 @@ METHOD(pa_tnc_attr_t, process, status_t, *offset = 0; + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len != OP_STATUS_SIZE) { DBG1(DBG_TNC, "incorrect size for IETF operational status"); @@ -284,7 +294,7 @@ pa_tnc_attr_t *ietf_attr_op_status_create(u_int8_t status, u_int8_t result, /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_op_status_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_op_status_create_from_data(size_t length, chunk_t data) { private_ietf_attr_op_status_t *this; diff --git a/src/libimcv/ietf/ietf_attr_op_status.h b/src/libimcv/ietf/ietf_attr_op_status.h index b70fab608b..f19185f0ad 100644 --- a/src/libimcv/ietf/ietf_attr_op_status.h +++ b/src/libimcv/ietf/ietf_attr_op_status.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-14 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -100,8 +100,10 @@ pa_tnc_attr_t* ietf_attr_op_status_create(u_int8_t status, u_int8_t result, /** * Creates an ietf_attr_op_status_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_op_status_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_op_status_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_OP_STATUS_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_pa_tnc_error.c b/src/libimcv/ietf/ietf_attr_pa_tnc_error.c index f299df22a7..9c7ef48b5f 100644 --- a/src/libimcv/ietf/ietf_attr_pa_tnc_error.c +++ b/src/libimcv/ietf/ietf_attr_pa_tnc_error.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -113,7 +113,12 @@ struct private_ietf_attr_pa_tnc_error_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -214,6 +219,7 @@ METHOD(pa_tnc_attr_t, build, void, } } this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -224,10 +230,15 @@ METHOD(pa_tnc_attr_t, process, status_t, uint8_t reserved; uint32_t vendor_id, type; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PA_ERROR_HEADER_SIZE) { DBG1(DBG_TNC, "insufficient data for PA-TNC error header"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -417,11 +428,13 @@ pa_tnc_attr_t *ietf_attr_pa_tnc_error_create_with_offset(pen_type_t error_code, /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_pa_tnc_error_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_pa_tnc_error_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_pa_tnc_error_t *this; this = create_generic(); + this->length = length; this->value = chunk_clone(data); return &this->public.pa_tnc_attribute; diff --git a/src/libimcv/ietf/ietf_attr_pa_tnc_error.h b/src/libimcv/ietf/ietf_attr_pa_tnc_error.h index 47588d55e8..b1df1945ab 100644 --- a/src/libimcv/ietf/ietf_attr_pa_tnc_error.h +++ b/src/libimcv/ietf/ietf_attr_pa_tnc_error.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -120,8 +120,10 @@ pa_tnc_attr_t* ietf_attr_pa_tnc_error_create_with_offset(pen_type_t error_code, /** * Creates an ietf_attr_pa_tnc_error_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_pa_tnc_error_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_pa_tnc_error_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_PA_TNC_ERROR_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_port_filter.c b/src/libimcv/ietf/ietf_attr_port_filter.c index 1d516a51fb..2b026d7afa 100644 --- a/src/libimcv/ietf/ietf_attr_port_filter.c +++ b/src/libimcv/ietf/ietf_attr_port_filter.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2011-2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -63,7 +64,12 @@ struct private_ietf_attr_port_filter_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -131,6 +137,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -141,11 +148,16 @@ METHOD(pa_tnc_attr_t, process, status_t, port_entry_t *entry; u_int8_t blocked; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len % PORT_FILTER_ENTRY_SIZE) { DBG1(DBG_TNC, "ietf port filter attribute value is not a multiple of %d", PORT_FILTER_ENTRY_SIZE); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -248,7 +260,8 @@ pa_tnc_attr_t *ietf_attr_port_filter_create(void) /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_port_filter_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_port_filter_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_port_filter_t *this; @@ -268,6 +281,7 @@ pa_tnc_attr_t *ietf_attr_port_filter_create_from_data(chunk_t data) .create_port_enumerator = _create_port_enumerator, }, .type = {PEN_IETF, IETF_ATTR_PORT_FILTER }, + .length = length, .value = chunk_clone(data), .ports = linked_list_create(), .ref = 1, diff --git a/src/libimcv/ietf/ietf_attr_port_filter.h b/src/libimcv/ietf/ietf_attr_port_filter.h index 93b696e45f..d383b19a29 100644 --- a/src/libimcv/ietf/ietf_attr_port_filter.h +++ b/src/libimcv/ietf/ietf_attr_port_filter.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -67,8 +67,10 @@ pa_tnc_attr_t* ietf_attr_port_filter_create(void); /** * Creates an ietf_attr_port_filter_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_port_filter_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_port_filter_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_PORT_FILTER_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_product_info.c b/src/libimcv/ietf/ietf_attr_product_info.c index a107c27d30..f1ff1c830b 100644 --- a/src/libimcv/ietf/ietf_attr_product_info.c +++ b/src/libimcv/ietf/ietf_attr_product_info.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil + * Copyright (C) 2011-2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -51,7 +52,12 @@ struct private_ietf_attr_product_info_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -120,6 +126,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_data (writer, this->product_name); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -129,10 +136,15 @@ METHOD(pa_tnc_attr_t, process, status_t, bio_reader_t *reader; chunk_t product_name; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PRODUCT_INFO_MIN_SIZE) { DBG1(DBG_TNC, "insufficient data for IETF product information"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -220,7 +232,8 @@ pa_tnc_attr_t *ietf_attr_product_info_create(pen_t vendor_id, u_int16_t id, /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_product_info_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_product_info_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_product_info_t *this; @@ -239,6 +252,7 @@ pa_tnc_attr_t *ietf_attr_product_info_create_from_data(chunk_t data) .get_info = _get_info, }, .type = { PEN_IETF, IETF_ATTR_PRODUCT_INFORMATION }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/ietf/ietf_attr_product_info.h b/src/libimcv/ietf/ietf_attr_product_info.h index d0b2d2a84f..5151b58088 100644 --- a/src/libimcv/ietf/ietf_attr_product_info.h +++ b/src/libimcv/ietf/ietf_attr_product_info.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -60,8 +60,10 @@ pa_tnc_attr_t* ietf_attr_product_info_create(pen_t vendor_id, u_int16_t id, /** * Creates an ietf_attr_product_info_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_product_info_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_product_info_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_PRODUCT_INFO_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_remediation_instr.c b/src/libimcv/ietf/ietf_attr_remediation_instr.c index 5d85e5d897..0f5fba7c16 100644 --- a/src/libimcv/ietf/ietf_attr_remediation_instr.c +++ b/src/libimcv/ietf/ietf_attr_remediation_instr.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -79,7 +79,12 @@ struct private_ietf_attr_remediation_instr_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -155,6 +160,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_data (writer, this->parameters); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -168,6 +174,10 @@ METHOD(pa_tnc_attr_t, process, status_t, *offset = 0; + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < REMEDIATION_INSTR_MIN_SIZE) { DBG1(DBG_TNC, "insufficient data for IETF remediation instructions"); @@ -328,7 +338,8 @@ pa_tnc_attr_t *ietf_attr_remediation_instr_create_from_string(chunk_t string, /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_remediation_instr_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_remediation_instr_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_remediation_instr_t *this; @@ -350,6 +361,7 @@ pa_tnc_attr_t *ietf_attr_remediation_instr_create_from_data(chunk_t data) .get_string = _get_string, }, .type = { PEN_IETF, IETF_ATTR_REMEDIATION_INSTRUCTIONS }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/ietf/ietf_attr_remediation_instr.h b/src/libimcv/ietf/ietf_attr_remediation_instr.h index 5c7c8891b5..bc03e995a3 100644 --- a/src/libimcv/ietf/ietf_attr_remediation_instr.h +++ b/src/libimcv/ietf/ietf_attr_remediation_instr.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -102,8 +102,10 @@ pa_tnc_attr_t* ietf_attr_remediation_instr_create_from_string(chunk_t string, /** * Creates an ietf_attr_remediation_instr_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_remediation_instr_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_remediation_instr_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_REMEDIATION_INSTR_H_ @}*/ diff --git a/src/libimcv/ietf/ietf_attr_string_version.c b/src/libimcv/ietf/ietf_attr_string_version.c index 68adde6123..5bd17c3afe 100644 --- a/src/libimcv/ietf/ietf_attr_string_version.c +++ b/src/libimcv/ietf/ietf_attr_string_version.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -54,7 +54,12 @@ struct private_ietf_attr_string_version_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -124,6 +129,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_data8(writer, this->config); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -137,6 +143,10 @@ METHOD(pa_tnc_attr_t, process, status_t, *offset = 0; + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < STRING_VERSION_MIN_SIZE) { DBG1(DBG_TNC, "insufficient data for IETF string version"); @@ -272,7 +282,8 @@ pa_tnc_attr_t *ietf_attr_string_version_create(chunk_t version, chunk_t build, /** * Described in header. */ -pa_tnc_attr_t *ietf_attr_string_version_create_from_data(chunk_t data) +pa_tnc_attr_t *ietf_attr_string_version_create_from_data(size_t length, + chunk_t data) { private_ietf_attr_string_version_t *this; @@ -291,6 +302,7 @@ pa_tnc_attr_t *ietf_attr_string_version_create_from_data(chunk_t data) .get_version = _get_version, }, .type = { PEN_IETF, IETF_ATTR_STRING_VERSION }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/ietf/ietf_attr_string_version.h b/src/libimcv/ietf/ietf_attr_string_version.h index 9ccc1f0eef..432ed4a0f3 100644 --- a/src/libimcv/ietf/ietf_attr_string_version.h +++ b/src/libimcv/ietf/ietf_attr_string_version.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -60,8 +60,10 @@ pa_tnc_attr_t* ietf_attr_string_version_create(chunk_t version, chunk_t build, /** * Creates an ietf_attr_string_version_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ietf_attr_string_version_create_from_data(chunk_t value); +pa_tnc_attr_t* ietf_attr_string_version_create_from_data(size_t length, + chunk_t value); #endif /** IETF_ATTR_STRING_VERSION_H_ @}*/ diff --git a/src/libimcv/ita/ita_attr.c b/src/libimcv/ita/ita_attr.c index f3956717d9..9d7706dba5 100644 --- a/src/libimcv/ita/ita_attr.c +++ b/src/libimcv/ita/ita_attr.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -35,24 +35,25 @@ ENUM(ita_attr_names, ITA_ATTR_COMMAND, ITA_ATTR_DEVICE_ID, /** * See header */ -pa_tnc_attr_t* ita_attr_create_from_data(u_int32_t type, chunk_t value) +pa_tnc_attr_t* ita_attr_create_from_data(u_int32_t type, size_t length, + chunk_t value) { switch (type) { case ITA_ATTR_COMMAND: - return ita_attr_command_create_from_data(value); + return ita_attr_command_create_from_data(length, value); case ITA_ATTR_DUMMY: - return ita_attr_dummy_create_from_data(value); + return ita_attr_dummy_create_from_data(length, value); case ITA_ATTR_GET_SETTINGS: - return ita_attr_get_settings_create_from_data(value); + return ita_attr_get_settings_create_from_data(length, value); case ITA_ATTR_SETTINGS: - return ita_attr_settings_create_from_data(value); + return ita_attr_settings_create_from_data(length, value); case ITA_ATTR_START_ANGEL: - return ita_attr_angel_create_from_data(TRUE, value); + return ita_attr_angel_create_from_data(TRUE); case ITA_ATTR_STOP_ANGEL: - return ita_attr_angel_create_from_data(FALSE, value); + return ita_attr_angel_create_from_data(FALSE); case ITA_ATTR_DEVICE_ID: - return ita_attr_device_id_create_from_data(value); + return ita_attr_device_id_create_from_data(length, value); default: return NULL; } diff --git a/src/libimcv/ita/ita_attr.h b/src/libimcv/ita/ita_attr.h index ac5d8abaa9..7378a1cbe0 100644 --- a/src/libimcv/ita/ita_attr.h +++ b/src/libimcv/ita/ita_attr.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -50,8 +50,10 @@ extern enum_name_t *ita_attr_names; * Create a ITA PA-TNC attribute from data * * @param type attribute type - * @param value attribute value + * @param length attribute length + * @param value attribute value or segment */ -pa_tnc_attr_t* ita_attr_create_from_data(u_int32_t type, chunk_t value); +pa_tnc_attr_t* ita_attr_create_from_data(u_int32_t type, size_t length, + chunk_t value); #endif /** ITA_ATTR_H_ @}*/ diff --git a/src/libimcv/ita/ita_attr_angel.c b/src/libimcv/ita/ita_attr_angel.c index 0e9cff0a91..ccedc1b70c 100644 --- a/src/libimcv/ita/ita_attr_angel.c +++ b/src/libimcv/ita/ita_attr_angel.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -132,7 +132,7 @@ pa_tnc_attr_t *ita_attr_angel_create(bool start) /** * Described in header. */ -pa_tnc_attr_t *ita_attr_angel_create_from_data(bool start, chunk_t data) +pa_tnc_attr_t *ita_attr_angel_create_from_data(bool start) { private_ita_attr_angel_t *this; diff --git a/src/libimcv/ita/ita_attr_angel.h b/src/libimcv/ita/ita_attr_angel.h index d42e7119aa..8cd979b016 100644 --- a/src/libimcv/ita/ita_attr_angel.h +++ b/src/libimcv/ita/ita_attr_angel.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -49,8 +49,7 @@ pa_tnc_attr_t* ita_attr_angel_create(bool start); * Creates an ita_attr_angel_t object from received data * * @param start TRUE for Start, FALSE for Stop Angel attribute - * @param value binary value blob */ -pa_tnc_attr_t* ita_attr_angel_create_from_data(bool start, chunk_t value); +pa_tnc_attr_t* ita_attr_angel_create_from_data(bool start); #endif /** ITA_ATTR_ANGEL_H_ @}*/ diff --git a/src/libimcv/ita/ita_attr_command.c b/src/libimcv/ita/ita_attr_command.c index 08a9efa027..679f2c3f4f 100644 --- a/src/libimcv/ita/ita_attr_command.c +++ b/src/libimcv/ita/ita_attr_command.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -40,7 +40,12 @@ struct private_ita_attr_command_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -92,11 +97,18 @@ METHOD(pa_tnc_attr_t, build, void, return; } this->value = chunk_clone(chunk_from_str(this->command)); + this->length = this->value.len; } METHOD(pa_tnc_attr_t, process, status_t, private_ita_attr_command_t *this, u_int32_t *offset) { + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } this->command = strndup(this->value.ptr, this->value.len); return SUCCESS; @@ -158,7 +170,7 @@ pa_tnc_attr_t *ita_attr_command_create(char *command) /** * Described in header. */ -pa_tnc_attr_t *ita_attr_command_create_from_data(chunk_t data) +pa_tnc_attr_t *ita_attr_command_create_from_data(size_t length, chunk_t data) { private_ita_attr_command_t *this; @@ -177,6 +189,7 @@ pa_tnc_attr_t *ita_attr_command_create_from_data(chunk_t data) .get_command = _get_command, }, .type = {PEN_ITA, ITA_ATTR_COMMAND }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/ita/ita_attr_command.h b/src/libimcv/ita/ita_attr_command.h index 3926c38876..dd4701e12e 100644 --- a/src/libimcv/ita/ita_attr_command.h +++ b/src/libimcv/ita/ita_attr_command.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011 Andreas Steffen + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -54,8 +54,9 @@ pa_tnc_attr_t* ita_attr_command_create(char *command); /** * Creates an ita_attr_command_t object from received data * - * @param value binary value blob + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ita_attr_command_create_from_data(chunk_t value); +pa_tnc_attr_t* ita_attr_command_create_from_data(size_t length, chunk_t value); #endif /** ITA_ATTR_COMMAND_H_ @}*/ diff --git a/src/libimcv/ita/ita_attr_device_id.c b/src/libimcv/ita/ita_attr_device_id.c index 36907eb34f..885feebd89 100644 --- a/src/libimcv/ita/ita_attr_device_id.c +++ b/src/libimcv/ita/ita_attr_device_id.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Andreas Steffen + * Copyright (C) 2013-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -38,7 +38,12 @@ struct private_ita_attr_device_id_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -86,6 +91,12 @@ METHOD(pa_tnc_attr_t, build, void, METHOD(pa_tnc_attr_t, process, status_t, private_ita_attr_device_id_t *this, u_int32_t *offset) { + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } return SUCCESS; } @@ -109,7 +120,7 @@ METHOD(pa_tnc_attr_t, destroy, void, /** * Described in header. */ -pa_tnc_attr_t *ita_attr_device_id_create_from_data(chunk_t value) +pa_tnc_attr_t *ita_attr_device_id_create_from_data(size_t length, chunk_t value) { private_ita_attr_device_id_t *this; @@ -127,6 +138,7 @@ pa_tnc_attr_t *ita_attr_device_id_create_from_data(chunk_t value) }, }, .type = { PEN_ITA, ITA_ATTR_DEVICE_ID }, + .length = length, .value = chunk_clone(value), .ref = 1, ); @@ -139,6 +151,6 @@ pa_tnc_attr_t *ita_attr_device_id_create_from_data(chunk_t value) */ pa_tnc_attr_t *ita_attr_device_id_create(chunk_t value) { - return ita_attr_device_id_create_from_data(value); + return ita_attr_device_id_create_from_data(value.len, value); } diff --git a/src/libimcv/ita/ita_attr_device_id.h b/src/libimcv/ita/ita_attr_device_id.h index ffacdba1ea..94bb778c0b 100644 --- a/src/libimcv/ita/ita_attr_device_id.h +++ b/src/libimcv/ita/ita_attr_device_id.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Andreas Steffen + * Copyright (C) 2013-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -48,8 +48,9 @@ pa_tnc_attr_t* ita_attr_device_id_create(chunk_t value); /** * Creates an ita_attr_device_id_t object from received data * - * @param value binary value blob + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ita_attr_device_id_create_from_data(chunk_t value); +pa_tnc_attr_t* ita_attr_device_id_create_from_data(size_t length, chunk_t value); #endif /** ITA_ATTR_DEVICE_ID_H_ @}*/ diff --git a/src/libimcv/ita/ita_attr_dummy.c b/src/libimcv/ita/ita_attr_dummy.c index 6497d46453..890dfcb9f9 100644 --- a/src/libimcv/ita/ita_attr_dummy.c +++ b/src/libimcv/ita/ita_attr_dummy.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -38,7 +38,12 @@ struct private_ita_attr_dummy_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -89,15 +94,19 @@ METHOD(pa_tnc_attr_t, build, void, { return; } - this->value = chunk_alloc(this->size); + this->value = chunk_alloc(this->length); memset(this->value.ptr, 0xdd, this->value.len); } METHOD(pa_tnc_attr_t, process, status_t, private_ita_attr_dummy_t *this, u_int32_t *offset) { - this->size = this->value.len; + *offset = 0; + if (this->value.len < this->length) + { + return NEED_MORE; + } return SUCCESS; } @@ -121,13 +130,13 @@ METHOD(pa_tnc_attr_t, destroy, void, METHOD(ita_attr_dummy_t, get_size, int, private_ita_attr_dummy_t *this) { - return this->size; + return this->length; } /** * Described in header. */ -pa_tnc_attr_t *ita_attr_dummy_create(int size) +pa_tnc_attr_t *ita_attr_dummy_create(size_t size) { private_ita_attr_dummy_t *this; @@ -146,7 +155,7 @@ pa_tnc_attr_t *ita_attr_dummy_create(int size) .get_size = _get_size, }, .type = { PEN_ITA, ITA_ATTR_DUMMY }, - .size = size, + .length = size, .ref = 1, ); @@ -156,7 +165,7 @@ pa_tnc_attr_t *ita_attr_dummy_create(int size) /** * Described in header. */ -pa_tnc_attr_t *ita_attr_dummy_create_from_data(chunk_t data) +pa_tnc_attr_t *ita_attr_dummy_create_from_data(size_t length, chunk_t data) { private_ita_attr_dummy_t *this; @@ -175,6 +184,7 @@ pa_tnc_attr_t *ita_attr_dummy_create_from_data(chunk_t data) .get_size = _get_size, }, .type = { PEN_ITA, ITA_ATTR_DUMMY }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/ita/ita_attr_dummy.h b/src/libimcv/ita/ita_attr_dummy.h index 1f85ece54d..717862efe7 100644 --- a/src/libimcv/ita/ita_attr_dummy.h +++ b/src/libimcv/ita/ita_attr_dummy.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -49,13 +49,14 @@ struct ita_attr_dummy_t { * * @param size size of dummy attribute value */ -pa_tnc_attr_t* ita_attr_dummy_create(int size); +pa_tnc_attr_t* ita_attr_dummy_create(size_t size); /** * Creates an ita_attr_dummy_t object from received data * - * @param value binary value blob + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ita_attr_dummy_create_from_data(chunk_t value); +pa_tnc_attr_t* ita_attr_dummy_create_from_data(size_t length, chunk_t value); #endif /** ITA_ATTR_DUMMY_H_ @}*/ diff --git a/src/libimcv/ita/ita_attr_get_settings.c b/src/libimcv/ita/ita_attr_get_settings.c index d0bc31d328..b9a4ab27f5 100644 --- a/src/libimcv/ita/ita_attr_get_settings.c +++ b/src/libimcv/ita/ita_attr_get_settings.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -64,7 +64,12 @@ struct private_ita_attr_get_settings_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -130,6 +135,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -141,10 +147,15 @@ METHOD(pa_tnc_attr_t, process, status_t, chunk_t name; status_t status = FAILED; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < ITA_GET_SETTINGS_MIN_SIZE) { DBG1(DBG_TNC, "insufficient data for ITA Get Settings attribute"); - *offset = 0; return FAILED; } @@ -238,7 +249,8 @@ pa_tnc_attr_t *ita_attr_get_settings_create(char *name) /** * Described in header. */ -pa_tnc_attr_t *ita_attr_get_settings_create_from_data(chunk_t data) +pa_tnc_attr_t *ita_attr_get_settings_create_from_data(size_t length, + chunk_t data) { private_ita_attr_get_settings_t *this; @@ -258,6 +270,7 @@ pa_tnc_attr_t *ita_attr_get_settings_create_from_data(chunk_t data) .create_enumerator = _create_enumerator, }, .type = { PEN_ITA, ITA_ATTR_GET_SETTINGS }, + .length = length, .value = chunk_clone(data), .list = linked_list_create(), .ref = 1, diff --git a/src/libimcv/ita/ita_attr_get_settings.h b/src/libimcv/ita/ita_attr_get_settings.h index 975fd0d9d4..2eb43f5c11 100644 --- a/src/libimcv/ita/ita_attr_get_settings.h +++ b/src/libimcv/ita/ita_attr_get_settings.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -61,8 +61,10 @@ pa_tnc_attr_t* ita_attr_get_settings_create(char *name); /** * Creates an ita_attr_get_settings_t object from received data * - * @param value binary value blob + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ita_attr_get_settings_create_from_data(chunk_t value); +pa_tnc_attr_t* ita_attr_get_settings_create_from_data(size_t length, + chunk_t value); #endif /** ITA_ATTR_GET_SETTINGS_H_ @}*/ diff --git a/src/libimcv/ita/ita_attr_settings.c b/src/libimcv/ita/ita_attr_settings.c index 0d2967e663..8f72056c81 100644 --- a/src/libimcv/ita/ita_attr_settings.c +++ b/src/libimcv/ita/ita_attr_settings.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012 Andreas Steffen + * Copyright (C) 2012-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -91,7 +91,12 @@ struct private_ita_attr_settings_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -159,6 +164,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -171,10 +177,15 @@ METHOD(pa_tnc_attr_t, process, status_t, entry_t *entry; status_t status = FAILED; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < ITA_SETTINGS_MIN_SIZE) { DBG1(DBG_TNC, "insufficient data for ITA Settings attribute"); - *offset = 0; return FAILED; } @@ -296,7 +307,7 @@ pa_tnc_attr_t *ita_attr_settings_create(void) /** * Described in header. */ -pa_tnc_attr_t *ita_attr_settings_create_from_data(chunk_t data) +pa_tnc_attr_t *ita_attr_settings_create_from_data(size_t length, chunk_t data) { private_ita_attr_settings_t *this; @@ -316,6 +327,7 @@ pa_tnc_attr_t *ita_attr_settings_create_from_data(chunk_t data) .create_enumerator = _create_enumerator, }, .type = { PEN_ITA, ITA_ATTR_SETTINGS }, + .length = length, .value = chunk_clone(data), .list = linked_list_create(), .ref = 1, diff --git a/src/libimcv/ita/ita_attr_settings.h b/src/libimcv/ita/ita_attr_settings.h index eb7eedae3a..87eb87f607 100644 --- a/src/libimcv/ita/ita_attr_settings.h +++ b/src/libimcv/ita/ita_attr_settings.h @@ -60,8 +60,9 @@ pa_tnc_attr_t* ita_attr_settings_create(void); /** * Creates an ita_attr_settings_t object from received data * - * @param value binary value blob + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* ita_attr_settings_create_from_data(chunk_t value); +pa_tnc_attr_t* ita_attr_settings_create_from_data(size_t length, chunk_t value); #endif /** ITA_ATTR_SETTINGS_H_ @}*/ diff --git a/src/libimcv/pa_tnc/pa_tnc_attr_manager.c b/src/libimcv/pa_tnc/pa_tnc_attr_manager.c index 7fae9a9dd3..71f294d104 100644 --- a/src/libimcv/pa_tnc/pa_tnc_attr_manager.c +++ b/src/libimcv/pa_tnc/pa_tnc_attr_manager.c @@ -176,8 +176,9 @@ METHOD(pa_tnc_attr_manager_t, create, pa_tnc_attr_t*, msg_info, *offset + PA_TNC_ATTR_INFO_SIZE); return NULL; } + length -= PA_TNC_ATTR_HEADER_SIZE; - if (!reader->read_data(reader, length - PA_TNC_ATTR_HEADER_SIZE, &value)) + if (!reader->read_data(reader, length, &value)) { DBG1(DBG_TNC, "insufficient bytes for PA-TNC attribute value"); *error = ietf_attr_pa_tnc_error_create_with_offset(error_code, @@ -207,7 +208,7 @@ METHOD(pa_tnc_attr_manager_t, create, pa_tnc_attr_t*, { if (entry->attr_create) { - attr = entry->attr_create(type, value); + attr = entry->attr_create(type, length, value); } break; } diff --git a/src/libimcv/pa_tnc/pa_tnc_attr_manager.h b/src/libimcv/pa_tnc/pa_tnc_attr_manager.h index 0709c5b22a..c38face6a9 100644 --- a/src/libimcv/pa_tnc/pa_tnc_attr_manager.h +++ b/src/libimcv/pa_tnc/pa_tnc_attr_manager.h @@ -28,7 +28,8 @@ typedef struct pa_tnc_attr_manager_t pa_tnc_attr_manager_t; #include #include -typedef pa_tnc_attr_t* (*pa_tnc_attr_create_t)(u_int32_t type, chunk_t value); +typedef pa_tnc_attr_t* (*pa_tnc_attr_create_t)(u_int32_t type, size_t length, + chunk_t value); /** * Manages PA-TNC attributes for arbitrary PENs diff --git a/src/libimcv/plugins/imv_attestation/build-database.sh b/src/libimcv/plugins/imv_attestation/build-database.sh index 980de47ff9..080417be84 100755 --- a/src/libimcv/plugins/imv_attestation/build-database.sh +++ b/src/libimcv/plugins/imv_attestation/build-database.sh @@ -2,7 +2,7 @@ p="Ubuntu 14.04 x86_64" a="x86_64-linux-gnu" -k="3.13.0-34-generic" +k="3.13.0-36-generic" for hash in sha1 sha256 do diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_aik.c b/src/libimcv/tcg/pts/tcg_pts_attr_aik.c index 17a8db5d68..ad1ad7e8ad 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_aik.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_aik.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -54,7 +55,12 @@ struct private_tcg_pts_attr_aik_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -124,6 +130,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint8(writer, flags); writer->write_data (writer, aik_blob); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); free(aik_blob.ptr); } @@ -136,10 +143,15 @@ METHOD(pa_tnc_attr_t, process, status_t, certificate_type_t type; chunk_t aik_blob; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_AIK_SIZE) { DBG1(DBG_TNC, "insufficient data for Attestation Identity Key"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -218,7 +230,7 @@ pa_tnc_attr_t *tcg_pts_attr_aik_create(certificate_t *aik) /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_aik_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_aik_create_from_data(size_t length, chunk_t data) { private_tcg_pts_attr_aik_t *this; @@ -237,6 +249,7 @@ pa_tnc_attr_t *tcg_pts_attr_aik_create_from_data(chunk_t data) .get_aik = _get_aik, }, .type = { PEN_TCG, TCG_PTS_AIK }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_aik.h b/src/libimcv/tcg/pts/tcg_pts_attr_aik.h index 0962432e9d..b524ff3214 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_aik.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_aik.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -58,8 +59,9 @@ pa_tnc_attr_t* tcg_pts_attr_aik_create(certificate_t *aik); /** * Creates an tcg_pts_attr_aik_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_aik_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_aik_create_from_data(size_t length, chunk_t value); #endif /** TCG_PTS_ATTR_AIK_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.c b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.c index 6119b4973e..8a09720b70 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -58,7 +59,12 @@ struct private_tcg_pts_attr_dh_nonce_finish_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -129,6 +135,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_data (writer, this->initiator_nonce); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -139,10 +146,15 @@ METHOD(pa_tnc_attr_t, process, status_t, u_int8_t reserved, nonce_len; u_int16_t hash_algo; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_DH_NONCE_FINISH_SIZE) { DBG1(DBG_TNC, "insufficient data for PTS DH Nonce Finish"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -236,7 +248,8 @@ pa_tnc_attr_t *tcg_pts_attr_dh_nonce_finish_create( /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_dh_nonce_finish_create_from_data(chunk_t value) +pa_tnc_attr_t *tcg_pts_attr_dh_nonce_finish_create_from_data(size_t length, + chunk_t value) { private_tcg_pts_attr_dh_nonce_finish_t *this; @@ -257,6 +270,7 @@ pa_tnc_attr_t *tcg_pts_attr_dh_nonce_finish_create_from_data(chunk_t value) .get_initiator_value = _get_initiator_value, }, .type = { PEN_TCG, TCG_PTS_DH_NONCE_FINISH }, + .length = length, .value = chunk_clone(value), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.h b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.h index efe6fd1538..78b5025bc6 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_finish.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -82,8 +83,10 @@ pa_tnc_attr_t* tcg_pts_attr_dh_nonce_finish_create( /** * Creates an tcg_pts_attr_dh_nonce_finish_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_dh_nonce_finish_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_dh_nonce_finish_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_DH_NONCE_FINISH_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.c b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.c index 7761b977df..6ad3157f11 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -54,7 +55,12 @@ struct private_tcg_pts_attr_dh_nonce_params_req_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -118,6 +124,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint16(writer, this->dh_groups); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -128,10 +135,15 @@ METHOD(pa_tnc_attr_t, process, status_t, u_int8_t reserved; u_int16_t dh_groups; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_DH_NONCE_PARAMS_REQ_SIZE) { DBG1(DBG_TNC, "insufficient data for PTS DH Nonce Parameters Request"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -208,7 +220,8 @@ pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_req_create(u_int8_t min_nonce_len, /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_req_create_from_data(chunk_t value) +pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_req_create_from_data(size_t length, + chunk_t value) { private_tcg_pts_attr_dh_nonce_params_req_t *this; @@ -228,6 +241,7 @@ pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_req_create_from_data(chunk_t value) .get_dh_groups = _get_dh_groups, }, .type = { PEN_TCG, TCG_PTS_DH_NONCE_PARAMS_REQ }, + .length = length, .value = chunk_clone(value), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.h b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.h index 024648abba..4396bf6872 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_req.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -65,8 +66,10 @@ pa_tnc_attr_t* tcg_pts_attr_dh_nonce_params_req_create(u_int8_t min_nonce_len, /** * Creates an tcg_pts_attr_dh_nonce_params_req_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_dh_nonce_params_req_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_dh_nonce_params_req_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_DH_NONCE_PARAMS_REQ_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.c b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.c index eb0d0e533b..9dfc81fb48 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -60,7 +61,12 @@ struct private_tcg_pts_attr_dh_nonce_params_resp_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -137,6 +143,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_data (writer, this->responder_value); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -148,10 +155,15 @@ METHOD(pa_tnc_attr_t, process, status_t, u_int8_t nonce_len; u_int16_t dh_group, hash_algo_set; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_DH_NONCE_PARAMS_RESP_SIZE) { DBG1(DBG_TNC, "insufficient data for PTS DH Nonce Parameters Response"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -254,7 +266,8 @@ pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_resp_create(pts_dh_group_t dh_group, /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_resp_create_from_data(chunk_t value) +pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_resp_create_from_data(size_t length, + chunk_t value) { private_tcg_pts_attr_dh_nonce_params_resp_t *this; @@ -276,6 +289,7 @@ pa_tnc_attr_t *tcg_pts_attr_dh_nonce_params_resp_create_from_data(chunk_t value) .get_responder_value = _get_responder_value, }, .type = { PEN_TCG, TCG_PTS_DH_NONCE_PARAMS_RESP }, + .length = length, .value = chunk_clone(value), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.h b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.h index 72046d2ed6..b548a81f01 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_dh_nonce_params_resp.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -86,8 +87,10 @@ pa_tnc_attr_t* tcg_pts_attr_dh_nonce_params_resp_create(pts_dh_group_t dh_group, /** * Creates an tcg_pts_attr_dh_nonce_params_resp_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_dh_nonce_params_resp_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_dh_nonce_params_resp_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_DH_NONCE_PARAMS_RESP_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.c b/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.c index b9095f5be6..723f8f53eb 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -69,7 +70,12 @@ struct private_tcg_pts_attr_file_meas_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -155,6 +161,7 @@ METHOD(pa_tnc_attr_t, build, void, } this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -169,10 +176,15 @@ METHOD(pa_tnc_attr_t, process, status_t, char buf[BUF_LEN]; status_t status = FAILED; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_FILE_MEAS_SIZE) { DBG1(DBG_TNC, "insufficient data for PTS file measurement header"); - *offset = 0; return FAILED; } @@ -268,7 +280,8 @@ pa_tnc_attr_t *tcg_pts_attr_file_meas_create(pts_file_meas_t *measurements) /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_file_meas_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_file_meas_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_file_meas_t *this; @@ -287,6 +300,7 @@ pa_tnc_attr_t *tcg_pts_attr_file_meas_create_from_data(chunk_t data) .get_measurements = _get_measurements, }, .type = { PEN_TCG, TCG_PTS_FILE_MEAS }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.h b/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.h index 4f155f05b7..d399fecbbe 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_file_meas.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -58,8 +59,10 @@ pa_tnc_attr_t* tcg_pts_attr_file_meas_create(pts_file_meas_t *measurements); /** * Creates an tcg_pts_attr_file_meas_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_file_meas_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_file_meas_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_FILE_MEAS_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.c b/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.c index f263747a3e..d724819fa2 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -55,7 +56,12 @@ struct private_tcg_pts_attr_gen_attest_evid_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -107,6 +113,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint32 (writer, PTS_GEN_ATTEST_EVID_RESERVED); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -116,10 +123,15 @@ METHOD(pa_tnc_attr_t, process, status_t, bio_reader_t *reader; u_int32_t reserved; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_GEN_ATTEST_EVID_SIZE) { DBG1(DBG_TNC, "insufficient data for Generate Attestation Evidence"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -177,7 +189,8 @@ pa_tnc_attr_t *tcg_pts_attr_gen_attest_evid_create() /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_gen_attest_evid_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_gen_attest_evid_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_gen_attest_evid_t *this; @@ -195,6 +208,7 @@ pa_tnc_attr_t *tcg_pts_attr_gen_attest_evid_create_from_data(chunk_t data) }, }, .type = { PEN_TCG, TCG_PTS_GEN_ATTEST_EVID }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.h b/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.h index 38909b0251..971abd2a30 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_gen_attest_evid.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -46,8 +47,10 @@ pa_tnc_attr_t* tcg_pts_attr_gen_attest_evid_create(); /** * Creates an tcg_pts_attr_gen_attest_evid_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_gen_attest_evid_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_gen_attest_evid_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_GEN_ATTEST_EVID_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.c b/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.c index cf944d2a9b..ed98197acf 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -52,7 +53,12 @@ struct private_tcg_pts_attr_get_aik_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -104,6 +110,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint32 (writer, PTS_GET_AIK_RESERVED); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -113,10 +120,15 @@ METHOD(pa_tnc_attr_t, process, status_t, bio_reader_t *reader; u_int32_t reserved; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_GET_AIK_SIZE) { DBG1(DBG_TNC, "insufficient data for Get AIK"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -174,7 +186,8 @@ pa_tnc_attr_t *tcg_pts_attr_get_aik_create() /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_get_aik_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_get_aik_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_get_aik_t *this; @@ -192,6 +205,7 @@ pa_tnc_attr_t *tcg_pts_attr_get_aik_create_from_data(chunk_t data) }, }, .type = { PEN_TCG, TCG_PTS_GET_AIK }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.h b/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.h index 120100e590..923fd039ff 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_get_aik.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -46,8 +47,10 @@ pa_tnc_attr_t* tcg_pts_attr_get_aik_create(); /** * Creates an tcg_pts_attr_get_aik_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_get_aik_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_get_aik_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_GET_AIK_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.c b/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.c index 647c426ede..c922f2f235 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -55,7 +56,12 @@ struct private_tcg_pts_attr_get_tpm_version_info_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -107,6 +113,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint32 (writer, PTS_GET_TPM_VER_INFO_RESERVED); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -116,10 +123,15 @@ METHOD(pa_tnc_attr_t, process, status_t, bio_reader_t *reader; u_int32_t reserved; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_GET_TPM_VER_INFO_SIZE) { DBG1(DBG_TNC, "insufficient data for Get TPM Version Information"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -177,7 +189,8 @@ pa_tnc_attr_t *tcg_pts_attr_get_tpm_version_info_create() /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_get_tpm_version_info_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_get_tpm_version_info_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_get_tpm_version_info_t *this; @@ -195,6 +208,7 @@ pa_tnc_attr_t *tcg_pts_attr_get_tpm_version_info_create_from_data(chunk_t data) }, }, .type = { PEN_TCG, TCG_PTS_GET_TPM_VERSION_INFO }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.h b/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.h index 711a1d50c9..19fb5a4e8a 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_get_tpm_version_info.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -47,8 +48,10 @@ pa_tnc_attr_t* tcg_pts_attr_get_tpm_version_info_create(); /** * Creates an tcg_pts_attr_get_tpm_version_info_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_get_tpm_version_info_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_get_tpm_version_info_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_GET_TPM_VERSION_INFO_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.c b/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.c index a4dac90707..4445079b47 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -53,7 +54,12 @@ struct private_tcg_pts_attr_meas_algo_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -110,6 +116,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint16(writer, PTS_MEAS_ALGO_RESERVED); writer->write_uint16(writer, this->algorithms); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -119,10 +126,15 @@ METHOD(pa_tnc_attr_t, process, status_t, bio_reader_t *reader; u_int16_t reserved, algorithms; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_MEAS_ALGO_SIZE) { DBG1(DBG_TNC, "insufficient data for PTS Measurement Algorithm"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -192,7 +204,8 @@ pa_tnc_attr_t *tcg_pts_attr_meas_algo_create(pts_meas_algorithms_t algorithms, /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_meas_algo_create_from_data(chunk_t data, +pa_tnc_attr_t *tcg_pts_attr_meas_algo_create_from_data(size_t length, + chunk_t data, bool selection) { private_tcg_pts_attr_meas_algo_t *this; @@ -213,6 +226,7 @@ pa_tnc_attr_t *tcg_pts_attr_meas_algo_create_from_data(chunk_t data, }, .type = { PEN_TCG, selection ? TCG_PTS_MEAS_ALGO_SELECTION : TCG_PTS_MEAS_ALGO }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.h b/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.h index 88d1be0aa3..bc15a9bb47 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_meas_algo.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -59,10 +60,12 @@ pa_tnc_attr_t* tcg_pts_attr_meas_algo_create(pts_meas_algorithms_t algorithms, /** * Creates an tcg_pts_attr_meas_algo_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) * @param selection TRUE if a selection */ -pa_tnc_attr_t* tcg_pts_attr_meas_algo_create_from_data(chunk_t value, +pa_tnc_attr_t* tcg_pts_attr_meas_algo_create_from_data(size_t length, + chunk_t value, bool selection); #endif /** TCG_PTS_ATTR_MEAS_ALGO_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.c b/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.c index 6473ea808c..501e24dadc 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -52,8 +53,14 @@ struct private_tcg_pts_attr_proto_caps_t { */ pen_type_t type; + + /** + * Length of attribute value + */ + size_t length; + /** - * Attribute value + * Attribute value or segment */ chunk_t value; @@ -111,6 +118,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint16(writer, this->flags); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -120,10 +128,15 @@ METHOD(pa_tnc_attr_t, process, status_t, bio_reader_t *reader; u_int16_t reserved, flags; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_PROTO_CAPS_SIZE) { DBG1(DBG_TNC, "insufficient data for PTS Protocol Capabilities"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -192,7 +205,8 @@ pa_tnc_attr_t *tcg_pts_attr_proto_caps_create(pts_proto_caps_flag_t flags, /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_proto_caps_create_from_data(chunk_t data, +pa_tnc_attr_t *tcg_pts_attr_proto_caps_create_from_data(size_t length, + chunk_t data, bool request) { private_tcg_pts_attr_proto_caps_t *this; @@ -213,6 +227,7 @@ pa_tnc_attr_t *tcg_pts_attr_proto_caps_create_from_data(chunk_t data, }, .type = { PEN_TCG, request ? TCG_PTS_REQ_PROTO_CAPS : TCG_PTS_PROTO_CAPS }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.h b/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.h index c2478da0be..11ed228103 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_proto_caps.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -58,10 +59,12 @@ pa_tnc_attr_t* tcg_pts_attr_proto_caps_create(pts_proto_caps_flag_t flags, /** * Creates an tcg_pts_attr_proto_caps_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) * @param request TRUE for a PTS protocol capabilities request */ -pa_tnc_attr_t* tcg_pts_attr_proto_caps_create_from_data(chunk_t value, +pa_tnc_attr_t* tcg_pts_attr_proto_caps_create_from_data(size_t length, + chunk_t value, bool request); #endif /** TCG_PTS_ATTR_PROTO_CAPS_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.c b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.c index c5a2f4b8a1..c4d192c352 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -62,7 +63,12 @@ struct private_tcg_pts_attr_req_file_meas_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -145,6 +151,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint32(writer, this->delimiter); writer->write_data (writer, pathname); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -156,10 +163,15 @@ METHOD(pa_tnc_attr_t, process, status_t, u_int8_t reserved; chunk_t pathname; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_REQ_FILE_MEAS_SIZE) { DBG1(DBG_TNC, "insufficient data for Request File Measurement"); - *offset = 0; return FAILED; } @@ -262,7 +274,8 @@ pa_tnc_attr_t *tcg_pts_attr_req_file_meas_create(bool directory_flag, /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_req_file_meas_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_req_file_meas_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_req_file_meas_t *this; @@ -284,6 +297,7 @@ pa_tnc_attr_t *tcg_pts_attr_req_file_meas_create_from_data(chunk_t data) .get_pathname = _get_pathname, }, .type = { PEN_TCG, TCG_PTS_REQ_FILE_MEAS }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.h b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.h index 135c088bf0..20a54dfaf5 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meas.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -83,8 +84,10 @@ pa_tnc_attr_t* tcg_pts_attr_req_file_meas_create(bool directory_flag, /** * Creates an tcg_pts_attr_req_file_meas_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_req_file_meas_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_req_file_meas_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_REQ_FILE_MEAS_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.c b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.c index 8d703af654..dffce9abc7 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -60,7 +61,12 @@ struct private_tcg_pts_attr_req_file_meta_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -138,6 +144,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_data (writer, pathname); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -149,11 +156,15 @@ METHOD(pa_tnc_attr_t, process, status_t, u_int16_t reserved; chunk_t pathname; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_REQ_FILE_META_SIZE) { DBG1(DBG_TNC, "insufficient data for Request File Metadata"); - *offset = 0; - return FAILED; } reader = bio_reader_create(this->value); @@ -246,7 +257,8 @@ pa_tnc_attr_t *tcg_pts_attr_req_file_meta_create(bool directory_flag, /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_req_file_meta_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_req_file_meta_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_req_file_meta_t *this; @@ -267,6 +279,7 @@ pa_tnc_attr_t *tcg_pts_attr_req_file_meta_create_from_data(chunk_t data) .get_pathname = _get_pathname, }, .type = { PEN_TCG, TCG_PTS_REQ_FILE_META }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.h b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.h index 9aa1b93d61..c2f1cca740 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_file_meta.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -74,8 +75,10 @@ pa_tnc_attr_t* tcg_pts_attr_req_file_meta_create(bool directory_flag, /** * Creates an tcg_pts_attr_req_file_meta_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_req_file_meta_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_req_file_meta_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_REQ_FILE_META_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c index e10845bbbe..6069488a3a 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -78,7 +79,12 @@ struct private_tcg_pts_attr_req_func_comp_evid_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -184,6 +190,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -196,11 +203,16 @@ METHOD(pa_tnc_attr_t, process, status_t, status_t status = FAILED; entry_t *entry = NULL; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_REQ_FUNC_COMP_EVID_SIZE) { DBG1(DBG_TNC, "insufficient data for Request Functional " "Component Evidence"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -337,7 +349,8 @@ pa_tnc_attr_t *tcg_pts_attr_req_func_comp_evid_create(void) /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_req_func_comp_evid_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_req_func_comp_evid_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_req_func_comp_evid_t *this; @@ -358,6 +371,7 @@ pa_tnc_attr_t *tcg_pts_attr_req_func_comp_evid_create_from_data(chunk_t data) .create_enumerator = _create_enumerator, }, .type = { PEN_TCG, TCG_PTS_REQ_FUNC_COMP_EVID }, + .length = length, .list = linked_list_create(), .value = chunk_clone(data), .ref = 1, diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.h b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.h index 2c0b8a974e..2f8657ed20 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -73,8 +74,10 @@ pa_tnc_attr_t* tcg_pts_attr_req_func_comp_evid_create(void); /** * Creates a tcg_pts_attr_req_func_comp_evid_t object from received data * - * @param value Unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_req_func_comp_evid_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_req_func_comp_evid_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_REQ_FUNC_COMP_EVID_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c b/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c index 40f380ab49..189fb0f3a3 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -105,7 +106,12 @@ struct private_tcg_pts_attr_simple_comp_evid_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -243,6 +249,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_data(writer, measurement); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -307,11 +314,15 @@ METHOD(pa_tnc_attr_t, process, status_t, bool has_pcr_info = FALSE, has_validation = FALSE; status_t status = FAILED; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_SIMPLE_COMP_EVID_SIZE) { DBG1(DBG_TNC, "insufficient data for Simple Component Evidence"); - *offset = 0; - return FAILED; } reader = bio_reader_create(this->value); @@ -484,7 +495,8 @@ pa_tnc_attr_t *tcg_pts_attr_simple_comp_evid_create(pts_comp_evidence_t *evid) /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_simple_comp_evid_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_simple_comp_evid_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_simple_comp_evid_t *this; @@ -503,6 +515,7 @@ pa_tnc_attr_t *tcg_pts_attr_simple_comp_evid_create_from_data(chunk_t data) .get_comp_evidence = _get_comp_evidence, }, .type = { PEN_TCG, TCG_PTS_SIMPLE_COMP_EVID }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.h b/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.h index 628fad6217..c08adb8c9f 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -57,8 +58,10 @@ pa_tnc_attr_t* tcg_pts_attr_simple_comp_evid_create(pts_comp_evidence_t *evid); /** * Creates an tcg_pts_attr_simple_comp_evid_t object from received data * - * @param value Unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_simple_comp_evid_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_simple_comp_evid_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_SIMPLE_COMP_EVID_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.c b/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.c index baadd943f7..119d342e19 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -63,7 +64,12 @@ struct private_tcg_pts_attr_simple_evid_final_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -195,6 +201,7 @@ METHOD(pa_tnc_attr_t, build, void, } this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -207,10 +214,15 @@ METHOD(pa_tnc_attr_t, process, status_t, u_int32_t pcr_comp_len, tpm_quote_sig_len, evid_sig_len; status_t status = FAILED; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_SIMPLE_EVID_FINAL_SIZE) { DBG1(DBG_TNC, "insufficient data for Simple Evidence Final"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -354,7 +366,8 @@ pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create(u_int8_t flags, /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_simple_evid_final_t *this; @@ -375,6 +388,7 @@ pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create_from_data(chunk_t data) .set_evid_sig = _set_evid_sig, }, .type = { PEN_TCG, TCG_PTS_SIMPLE_EVID_FINAL }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.h b/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.h index 1fac2e1ce8..8343b5b30b 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_simple_evid_final.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -86,8 +87,10 @@ pa_tnc_attr_t* tcg_pts_attr_simple_evid_final_create( /** * Creates an tcg_pts_attr_simple_evid_final_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_simple_evid_final_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_simple_evid_final_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_SIMPLE_EVID_FINAL_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.c b/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.c index b776cb6620..5fa4db04bb 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -54,7 +55,12 @@ struct private_tcg_pts_attr_tpm_version_info_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -111,6 +117,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_data(writer, this->tpm_version_info); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -119,10 +126,15 @@ METHOD(pa_tnc_attr_t, process, status_t, { bio_reader_t *reader; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_TPM_VER_INFO_SIZE) { DBG1(DBG_TNC, "insufficient data for TPM Version Information"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -198,7 +210,8 @@ pa_tnc_attr_t *tcg_pts_attr_tpm_version_info_create(chunk_t tpm_version_info) /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_tpm_version_info_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_tpm_version_info_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_tpm_version_info_t *this; @@ -218,6 +231,7 @@ pa_tnc_attr_t *tcg_pts_attr_tpm_version_info_create_from_data(chunk_t data) .set_tpm_version_info = _set_tpm_version_info, }, .type = { PEN_TCG, TCG_PTS_TPM_VERSION_INFO }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.h b/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.h index e03b57f793..d87d72b225 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_tpm_version_info.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -63,8 +64,10 @@ pa_tnc_attr_t* tcg_pts_attr_tpm_version_info_create(chunk_t tpm_version_info); /** * Creates an tcg_pts_attr_tpm_version_info_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_tpm_version_info_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_tpm_version_info_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_TPM_VERSION_INFO_H_ @}*/ diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.c b/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.c index eff64c229f..c8c2708453 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.c +++ b/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.c @@ -1,5 +1,6 @@ /* - * Copyright (C) 2011-2012 Sansar Choinyambuu, Andreas Steffen + * Copyright (C) 2011-2012 Sansar Choinyambuu + * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -88,7 +89,12 @@ struct private_tcg_pts_attr_file_meta_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -168,6 +174,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -183,10 +190,15 @@ METHOD(pa_tnc_attr_t, process, status_t, chunk_t filename; status_t status = FAILED; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < PTS_FILE_META_SIZE) { DBG1(DBG_TNC, "insufficient data for PTS Unix-Style file metadata header"); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -323,7 +335,8 @@ pa_tnc_attr_t *tcg_pts_attr_unix_file_meta_create(pts_file_meta_t *metadata) /** * Described in header. */ -pa_tnc_attr_t *tcg_pts_attr_unix_file_meta_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_pts_attr_unix_file_meta_create_from_data(size_t length, + chunk_t data) { private_tcg_pts_attr_file_meta_t *this; @@ -342,6 +355,7 @@ pa_tnc_attr_t *tcg_pts_attr_unix_file_meta_create_from_data(chunk_t data) .get_metadata = _get_metadata, }, .type = { PEN_TCG, TCG_PTS_UNIX_FILE_META }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.h b/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.h index 2118d39208..d08261cc92 100644 --- a/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.h +++ b/src/libimcv/tcg/pts/tcg_pts_attr_unix_file_meta.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2011 Sansar Choinyambuu + * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -58,8 +59,10 @@ pa_tnc_attr_t* tcg_pts_attr_unix_file_meta_create(pts_file_meta_t *metadata); /** * Creates an tcg_pts_attr_file_meta_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_pts_attr_unix_file_meta_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_pts_attr_unix_file_meta_create_from_data(size_t length, + chunk_t value); #endif /** TCG_PTS_ATTR_UNIX_FILE_META_H_ @}*/ diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c b/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c index 8e82314d12..017bf2c829 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c +++ b/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c @@ -51,7 +51,12 @@ struct private_tcg_seg_attr_max_size_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -114,6 +119,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint32(writer, this->max_seg_size); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -122,11 +128,16 @@ METHOD(pa_tnc_attr_t, process, status_t, { bio_reader_t *reader; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < TCG_SEG_ATTR_MAX_SIZE_SIZE) { DBG1(DBG_TNC, "insufficient data for %N", tcg_attr_names, this->type.type); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -204,7 +215,8 @@ pa_tnc_attr_t* tcg_seg_attr_max_size_create(uint32_t max_attr_size, /** * Described in header. */ -pa_tnc_attr_t *tcg_seg_attr_max_size_create_from_data(chunk_t data, +pa_tnc_attr_t *tcg_seg_attr_max_size_create_from_data(size_t length, + chunk_t data, bool request) { private_tcg_seg_attr_max_size_t *this; @@ -225,6 +237,7 @@ pa_tnc_attr_t *tcg_seg_attr_max_size_create_from_data(chunk_t data, }, .type = { PEN_TCG, request ? TCG_SEG_MAX_ATTR_SIZE_REQ : TCG_SEG_MAX_ATTR_SIZE_RESP }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.h b/src/libimcv/tcg/seg/tcg_seg_attr_max_size.h index 404e85a011..72660acd56 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.h +++ b/src/libimcv/tcg/seg/tcg_seg_attr_max_size.h @@ -62,10 +62,12 @@ pa_tnc_attr_t* tcg_seg_attr_max_size_create(uint32_t max_attr_size, /** * Creates an tcg_seg_attr_max_size_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) * @param request TRUE for a request, FALSE for a response */ -pa_tnc_attr_t* tcg_seg_attr_max_size_create_from_data(chunk_t value, +pa_tnc_attr_t* tcg_seg_attr_max_size_create_from_data(size_t length, + chunk_t value, bool request); #endif /** TCG_SEG_ATTR_MAX_SIZE_H_ @}*/ diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c index 22934cc1fb..c2dcad319e 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c +++ b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c @@ -54,7 +54,12 @@ struct private_tcg_seg_attr_next_seg_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -118,6 +123,7 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint24(writer, this->base_attr_id); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -127,11 +133,18 @@ METHOD(pa_tnc_attr_t, process, status_t, bio_reader_t *reader; uint8_t flags; + *offset = 0; + + if (this->value.len < this->length) + { + DBG1(DBG_TNC, "segmentation not allowed for %N", tcg_attr_names, + this->type.type); + return FAILED; + } if (this->value.len < TCG_SEG_ATTR_NEXT_SEG_SIZE) { DBG1(DBG_TNC, "insufficient data for %N", tcg_attr_names, this->type.type); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -207,7 +220,8 @@ pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_attr_id, bool cancel) /** * Described in header. */ -pa_tnc_attr_t *tcg_seg_attr_next_seg_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_seg_attr_next_seg_create_from_data(size_t length, + chunk_t data) { private_tcg_seg_attr_next_seg_t *this; @@ -227,6 +241,7 @@ pa_tnc_attr_t *tcg_seg_attr_next_seg_create_from_data(chunk_t data) .get_cancel_flag = _get_cancel_flag, }, .type = { PEN_TCG, TCG_SEG_NEXT_SEG_REQ }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.h b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.h index c9f53f853c..49a4d36667 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.h +++ b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.h @@ -64,8 +64,10 @@ pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_attr_id, bool cancel); /** * Creates an tcg_seg_attr_next_seg_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_seg_attr_next_seg_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_seg_attr_next_seg_create_from_data(size_t length, + chunk_t value); #endif /** TCG_SEG_ATTR_NEXT_SEG_H_ @}*/ diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c index 833111f8f8..fb53212e96 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c +++ b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c @@ -51,7 +51,12 @@ struct private_tcg_seg_attr_seg_env_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -109,6 +114,7 @@ METHOD(pa_tnc_attr_t, build, void, private_tcg_seg_attr_seg_env_t *this) { /* constructor already allocated and built value */ + this->length = this->value.len; return; } @@ -117,11 +123,18 @@ METHOD(pa_tnc_attr_t, process, status_t, { bio_reader_t *reader; + *offset = 0; + + if (this->value.len < this->length) + { + DBG1(DBG_TNC, "segmentation not allowed for %N", tcg_attr_names, + this->type.type); + return FAILED; + } if (this->value.len < TCG_SEG_ATTR_SEG_ENV_HEADER) { DBG1(DBG_TNC, "insufficient data for %N", tcg_attr_names, this->type.type); - *offset = 0; return FAILED; } reader = bio_reader_create(this->value); @@ -206,7 +219,8 @@ pa_tnc_attr_t* tcg_seg_attr_seg_env_create(chunk_t segment, uint8_t flags, /** * Described in header. */ -pa_tnc_attr_t *tcg_seg_attr_seg_env_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_seg_attr_seg_env_create_from_data(size_t length, + chunk_t data) { private_tcg_seg_attr_seg_env_t *this; @@ -226,6 +240,7 @@ pa_tnc_attr_t *tcg_seg_attr_seg_env_create_from_data(chunk_t data) .get_segment = _get_segment, }, .type = { PEN_TCG, TCG_SEG_ATTR_SEG_ENV }, + .length = length, .value = chunk_clone(data), .ref = 1, ); diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.h b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.h index 19184392b7..a8b3d7c34b 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.h +++ b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.h @@ -67,8 +67,10 @@ pa_tnc_attr_t* tcg_seg_attr_seg_env_create(chunk_t segment, uint8_t flags, /** * Creates an tcg_seg_attr_seg_env_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_seg_attr_seg_env_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_seg_attr_seg_env_create_from_data(size_t length, + chunk_t value); #endif /** TCG_SEG_ATTR_SEG_ENV_H_ @}*/ diff --git a/src/libimcv/tcg/swid/tcg_swid_attr_req.c b/src/libimcv/tcg/swid/tcg_swid_attr_req.c index 51e39008bd..35254cc327 100644 --- a/src/libimcv/tcg/swid/tcg_swid_attr_req.c +++ b/src/libimcv/tcg/swid/tcg_swid_attr_req.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Andreas Steffen + * Copyright (C) 2013-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -62,7 +62,13 @@ struct private_tcg_swid_attr_req_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + + /** + * Attribute value or segment */ chunk_t value; @@ -151,6 +157,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -162,10 +169,15 @@ METHOD(pa_tnc_attr_t, process, status_t, chunk_t tag_creator, unique_sw_id; swid_tag_id_t *tag_id; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < TCG_SWID_REQ_MIN_SIZE) { DBG1(DBG_TNC, "insufficient data for SWID Request"); - *offset = 0; return FAILED; } @@ -296,7 +308,7 @@ pa_tnc_attr_t *tcg_swid_attr_req_create(u_int8_t flags, u_int32_t request_id, /** * Described in header. */ -pa_tnc_attr_t *tcg_swid_attr_req_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_swid_attr_req_create_from_data(size_t length, chunk_t data) { private_tcg_swid_attr_req_t *this; @@ -319,6 +331,7 @@ pa_tnc_attr_t *tcg_swid_attr_req_create_from_data(chunk_t data) .get_targets = _get_targets, }, .type = { PEN_TCG, TCG_SWID_REQUEST }, + .length = length, .value = chunk_clone(data), .targets = swid_inventory_create(FALSE), .ref = 1, diff --git a/src/libimcv/tcg/swid/tcg_swid_attr_req.h b/src/libimcv/tcg/swid/tcg_swid_attr_req.h index 9655c3c58a..fd2ccdc4f2 100644 --- a/src/libimcv/tcg/swid/tcg_swid_attr_req.h +++ b/src/libimcv/tcg/swid/tcg_swid_attr_req.h @@ -98,8 +98,9 @@ pa_tnc_attr_t* tcg_swid_attr_req_create(u_int8_t flags, u_int32_t request_id, /** * Creates an tcg_swid_attr_req_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_swid_attr_req_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_swid_attr_req_create_from_data(size_t length, chunk_t value); #endif /** TCG_SWID_ATTR_REQ_H_ @}*/ diff --git a/src/libimcv/tcg/swid/tcg_swid_attr_tag_id_inv.c b/src/libimcv/tcg/swid/tcg_swid_attr_tag_id_inv.c index d0b92c88f5..6e9ebd43ce 100644 --- a/src/libimcv/tcg/swid/tcg_swid_attr_tag_id_inv.c +++ b/src/libimcv/tcg/swid/tcg_swid_attr_tag_id_inv.c @@ -64,7 +64,12 @@ struct private_tcg_swid_attr_tag_id_inv_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -155,6 +160,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -167,10 +173,15 @@ METHOD(pa_tnc_attr_t, process, status_t, chunk_t tag_creator, unique_sw_id, instance_id; swid_tag_id_t *tag_id; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < TCG_SWID_TAG_ID_INV_MIN_SIZE) { DBG1(DBG_TNC, "insufficient data for SWID Tag Identifier Inventory"); - *offset = 0; return FAILED; } @@ -300,7 +311,8 @@ pa_tnc_attr_t *tcg_swid_attr_tag_id_inv_create(uint32_t request_id, /** * Described in header. */ -pa_tnc_attr_t *tcg_swid_attr_tag_id_inv_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_swid_attr_tag_id_inv_create_from_data(size_t length, + chunk_t data) { private_tcg_swid_attr_tag_id_inv_t *this; @@ -322,6 +334,7 @@ pa_tnc_attr_t *tcg_swid_attr_tag_id_inv_create_from_data(chunk_t data) .get_inventory = _get_inventory, }, .type = { PEN_TCG, TCG_SWID_TAG_ID_INVENTORY }, + .length = length, .value = chunk_clone(data), .inventory = swid_inventory_create(FALSE), .ref = 1, diff --git a/src/libimcv/tcg/swid/tcg_swid_attr_tag_id_inv.h b/src/libimcv/tcg/swid/tcg_swid_attr_tag_id_inv.h index c4ade904ef..897fd49e1a 100644 --- a/src/libimcv/tcg/swid/tcg_swid_attr_tag_id_inv.h +++ b/src/libimcv/tcg/swid/tcg_swid_attr_tag_id_inv.h @@ -88,8 +88,10 @@ pa_tnc_attr_t* tcg_swid_attr_tag_id_inv_create(uint32_t request_id, /** * Creates an tcg_swid_attr_tag_id_inv_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_swid_attr_tag_id_inv_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_swid_attr_tag_id_inv_create_from_data(size_t length, + chunk_t value); #endif /** TCG_SWID_ATTR_TAG_ID_INV_H_ @}*/ diff --git a/src/libimcv/tcg/swid/tcg_swid_attr_tag_inv.c b/src/libimcv/tcg/swid/tcg_swid_attr_tag_inv.c index 5864e5a918..5923f56196 100644 --- a/src/libimcv/tcg/swid/tcg_swid_attr_tag_inv.c +++ b/src/libimcv/tcg/swid/tcg_swid_attr_tag_inv.c @@ -64,7 +64,12 @@ struct private_tcg_swid_attr_tag_inv_t { pen_type_t type; /** - * Attribute value + * Length of attribute value + */ + size_t length; + + /** + * Attribute value or segment */ chunk_t value; @@ -151,6 +156,7 @@ METHOD(pa_tnc_attr_t, build, void, enumerator->destroy(enumerator); this->value = writer->extract_buf(writer); + this->length = this->value.len; writer->destroy(writer); } @@ -163,10 +169,15 @@ METHOD(pa_tnc_attr_t, process, status_t, chunk_t tag_encoding, instance_id; swid_tag_t *tag; + *offset = 0; + + if (this->value.len < this->length) + { + return NEED_MORE; + } if (this->value.len < TCG_SWID_TAG_INV_MIN_SIZE) { DBG1(DBG_TNC, "insufficient data for SWID Tag Inventory"); - *offset = 0; return FAILED; } @@ -284,11 +295,11 @@ pa_tnc_attr_t *tcg_swid_attr_tag_inv_create(uint32_t request_id, return &this->public.pa_tnc_attribute; } - /** * Described in header. */ -pa_tnc_attr_t *tcg_swid_attr_tag_inv_create_from_data(chunk_t data) +pa_tnc_attr_t *tcg_swid_attr_tag_inv_create_from_data(size_t length, + chunk_t data) { private_tcg_swid_attr_tag_inv_t *this; @@ -310,6 +321,7 @@ pa_tnc_attr_t *tcg_swid_attr_tag_inv_create_from_data(chunk_t data) .get_inventory = _get_inventory, }, .type = { PEN_TCG, TCG_SWID_TAG_INVENTORY }, + .length = length, .value = chunk_clone(data), .inventory = swid_inventory_create(TRUE), .ref = 1, diff --git a/src/libimcv/tcg/swid/tcg_swid_attr_tag_inv.h b/src/libimcv/tcg/swid/tcg_swid_attr_tag_inv.h index 69966c7d64..4795fd0015 100644 --- a/src/libimcv/tcg/swid/tcg_swid_attr_tag_inv.h +++ b/src/libimcv/tcg/swid/tcg_swid_attr_tag_inv.h @@ -87,8 +87,10 @@ pa_tnc_attr_t* tcg_swid_attr_tag_inv_create(uint32_t request_id, /** * Creates an tcg_swid_attr_tag_inv_t object from received data * - * @param value unparsed attribute value + * @param length Total length of attribute value + * @param value Unparsed attribute value (might be a segment) */ -pa_tnc_attr_t* tcg_swid_attr_tag_inv_create_from_data(chunk_t value); +pa_tnc_attr_t* tcg_swid_attr_tag_inv_create_from_data(size_t length, + chunk_t value); #endif /** TCG_SWID_ATTR_TAG_INV_H_ @}*/ diff --git a/src/libimcv/tcg/tcg_attr.c b/src/libimcv/tcg/tcg_attr.c index d4ae1da67c..79492913be 100644 --- a/src/libimcv/tcg/tcg_attr.c +++ b/src/libimcv/tcg/tcg_attr.c @@ -183,62 +183,73 @@ ENUM_END(tcg_attr_names, TCG_PTS_AIK); /** * See header */ -pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, chunk_t value) +pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, size_t length, chunk_t value) { switch (type) { case TCG_SWID_REQUEST: - return tcg_swid_attr_req_create_from_data(value); + return tcg_swid_attr_req_create_from_data(length, value); case TCG_SWID_TAG_ID_INVENTORY: - return tcg_swid_attr_tag_id_inv_create_from_data(value); + return tcg_swid_attr_tag_id_inv_create_from_data(length, value); case TCG_SWID_TAG_INVENTORY: - return tcg_swid_attr_tag_inv_create_from_data(value); + return tcg_swid_attr_tag_inv_create_from_data(length, value); case TCG_SEG_MAX_ATTR_SIZE_REQ: - return tcg_seg_attr_max_size_create_from_data(value, TRUE); + return tcg_seg_attr_max_size_create_from_data(length, value, TRUE); case TCG_SEG_MAX_ATTR_SIZE_RESP: - return tcg_seg_attr_max_size_create_from_data(value, FALSE); + return tcg_seg_attr_max_size_create_from_data(length, value, FALSE); case TCG_SEG_ATTR_SEG_ENV: - return tcg_seg_attr_seg_env_create_from_data(value); + return tcg_seg_attr_seg_env_create_from_data(length, value); case TCG_SEG_NEXT_SEG_REQ: - return tcg_seg_attr_next_seg_create_from_data(value); + return tcg_seg_attr_next_seg_create_from_data(length, value); case TCG_PTS_REQ_PROTO_CAPS: - return tcg_pts_attr_proto_caps_create_from_data(value, TRUE); + return tcg_pts_attr_proto_caps_create_from_data(length, value, + TRUE); case TCG_PTS_PROTO_CAPS: - return tcg_pts_attr_proto_caps_create_from_data(value, FALSE); + return tcg_pts_attr_proto_caps_create_from_data(length, value, + FALSE); case TCG_PTS_DH_NONCE_PARAMS_REQ: - return tcg_pts_attr_dh_nonce_params_req_create_from_data(value); + return tcg_pts_attr_dh_nonce_params_req_create_from_data(length, + value); case TCG_PTS_DH_NONCE_PARAMS_RESP: - return tcg_pts_attr_dh_nonce_params_resp_create_from_data(value); + return tcg_pts_attr_dh_nonce_params_resp_create_from_data(length, + value); case TCG_PTS_DH_NONCE_FINISH: - return tcg_pts_attr_dh_nonce_finish_create_from_data(value); + return tcg_pts_attr_dh_nonce_finish_create_from_data(length, value); case TCG_PTS_MEAS_ALGO: - return tcg_pts_attr_meas_algo_create_from_data(value, FALSE); + return tcg_pts_attr_meas_algo_create_from_data(length, value, + FALSE); case TCG_PTS_MEAS_ALGO_SELECTION: - return tcg_pts_attr_meas_algo_create_from_data(value, TRUE); + return tcg_pts_attr_meas_algo_create_from_data(length, value, + TRUE); case TCG_PTS_GET_TPM_VERSION_INFO: - return tcg_pts_attr_get_tpm_version_info_create_from_data(value); + return tcg_pts_attr_get_tpm_version_info_create_from_data(length, + value); case TCG_PTS_TPM_VERSION_INFO: - return tcg_pts_attr_tpm_version_info_create_from_data(value); + return tcg_pts_attr_tpm_version_info_create_from_data(length, + value); case TCG_PTS_GET_AIK: - return tcg_pts_attr_get_aik_create_from_data(value); + return tcg_pts_attr_get_aik_create_from_data(length, value); case TCG_PTS_AIK: - return tcg_pts_attr_aik_create_from_data(value); + return tcg_pts_attr_aik_create_from_data(length, value); case TCG_PTS_REQ_FUNC_COMP_EVID: - return tcg_pts_attr_req_func_comp_evid_create_from_data(value); + return tcg_pts_attr_req_func_comp_evid_create_from_data(length, + value); case TCG_PTS_GEN_ATTEST_EVID: - return tcg_pts_attr_gen_attest_evid_create_from_data(value); + return tcg_pts_attr_gen_attest_evid_create_from_data(length, value); case TCG_PTS_SIMPLE_COMP_EVID: - return tcg_pts_attr_simple_comp_evid_create_from_data(value); + return tcg_pts_attr_simple_comp_evid_create_from_data(length, + value); case TCG_PTS_SIMPLE_EVID_FINAL: - return tcg_pts_attr_simple_evid_final_create_from_data(value); + return tcg_pts_attr_simple_evid_final_create_from_data(length, + value); case TCG_PTS_REQ_FILE_MEAS: - return tcg_pts_attr_req_file_meas_create_from_data(value); + return tcg_pts_attr_req_file_meas_create_from_data(length, value); case TCG_PTS_FILE_MEAS: - return tcg_pts_attr_file_meas_create_from_data(value); + return tcg_pts_attr_file_meas_create_from_data(length, value); case TCG_PTS_REQ_FILE_META: - return tcg_pts_attr_req_file_meta_create_from_data(value); + return tcg_pts_attr_req_file_meta_create_from_data(length, value); case TCG_PTS_UNIX_FILE_META: - return tcg_pts_attr_unix_file_meta_create_from_data(value); + return tcg_pts_attr_unix_file_meta_create_from_data(length, value); /* unsupported TCG/SWID attributes */ case TCG_SWID_TAG_ID_EVENTS: case TCG_SWID_TAG_EVENTS: diff --git a/src/libimcv/tcg/tcg_attr.h b/src/libimcv/tcg/tcg_attr.h index 3964c8cabf..24ec6e1ea0 100644 --- a/src/libimcv/tcg/tcg_attr.h +++ b/src/libimcv/tcg/tcg_attr.h @@ -96,8 +96,10 @@ extern enum_name_t *tcg_attr_names; * Create a TCG PA-TNC attribute from data * * @param type attribute type - * @param value attribute value + * @param length attribute length + * @param value attribute value or segment */ -pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, chunk_t value); +pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, size_t length, + chunk_t value); #endif /** TCG_ATTR_H_ @}*/