INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, '/lib/i386-linux-gnu/libdl.so.2', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, '/lib/x86_64-linux-gnu/libdl.so.2', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, '/lib/libdl.so.2', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, '/sbin/iptables', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, '/lib/libxtables.so.5', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, '/lib/libxtables.so.2', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
1, '/lib/xtables/', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libxt_udp.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libxt_tcp.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libxt_esp.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libxt_policy.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libxt_conntrack.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libipt_SNAT.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libipt_DNAT.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libipt_MASQUERADE.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libipt_LOG.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, '/sbin/ip6tables', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libip6t_LOG.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libxt_mark.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
0, 'libxt_MARK.so', 1
);
INSERT INTO files (
type, path, measurement
- ) VALUES (
+) VALUES (
1, '/lib/iptables', 1
);
INSERT INTO files (
type, path, metadata
- ) VALUES (
+) VALUES (
0, '/etc/tnc_config', 1
);
INSERT INTO files (
- type, path, component
- ) VALUES (
- 0, 'tboot_pcr17', 1
+ type, path
+) VALUES (
+ 0, 'tboot_pcr17'
);
INSERT INTO files (
- type, path, component
- ) VALUES (
- 0, 'tboot_pcr18', 1
+ type, path
+) VALUES (
+ 0, 'tboot_pcr18'
+);
+
+/* Components */
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 1, 33 /* ITA TGRUB */
+);
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 2, 33 /* ITA TBOOT */
);
/* Product-File */
7, 24
);
+INSERT INTO product_component (
+ product, component, sequence
+) VALUES (
+ 7, 1, 1
+);
+
+INSERT INTO product_component (
+ product, component, sequence
+) VALUES (
+ 7, 2, 2
+);
+
/* File Hashes */
INSERT INTO file_hashes (
#include "imv_attestation_build.h"
#include "imv_attestation_state.h"
+#include <libpts.h>
#include <tcg/tcg_pts_attr_proto_caps.h>
#include <tcg/tcg_pts_attr_meas_algo.h>
#include <tcg/tcg_pts_attr_dh_nonce_params_req.h>
case IMV_ATTESTATION_STATE_COMP_EVID:
{
enumerator_t *enumerator;
- char *platform_info, *pathname;
+ char flags[8];
+ char *platform_info;
pts_funct_comp_evid_req_t *requests = NULL;
funct_comp_evid_req_entry_t *entry;
+ int vid, name, qualifier, type;
bool first_req = TRUE;
attestation_state->set_handshake_state(attestation_state,
DBG1(DBG_IMV, "platform is '%s'", platform_info);
- enumerator = pts_db->create_comp_evid_enumerator(pts_db,
- platform_info);
+ enumerator = pts_db->create_comp_evid_enumerator(pts_db, platform_info);
if (!enumerator)
{
break;
}
- while (enumerator->enumerate(enumerator, &pathname))
+ while (enumerator->enumerate(enumerator, &vid, &name, &qualifier))
{
entry = malloc_thing(funct_comp_evid_req_entry_t);
-
entry->flags = PTS_REQ_FUNC_COMP_FLAG_PCR;
entry->sub_comp_depth = 0;
- entry->vendor_id = PEN_ITA;
- entry->family = PTS_REQ_FUNCT_COMP_FAM_BIN_ENUM;
- entry->qualifier.kernel = FALSE;
- entry->qualifier.sub_component = FALSE;
- entry->qualifier.type = PTS_ITA_FUNC_COMP_TYPE_TRUSTED;
-
- if (strcmp(pathname, TBOOT_POLICY_STR) == 0)
- {
- entry->name = PTS_ITA_FUNC_COMP_NAME_TBOOT_POLICY;
- }
- else if (strcmp(pathname, TBOOT_MLE_STR) == 0)
- {
- entry->name = PTS_ITA_FUNC_COMP_NAME_TBOOT_MLE;
- }
- else
- {
- DBG1(DBG_IMV, "Unknown functional component name: \"%s\"",
- pathname);
- enumerator->destroy(enumerator);
- return FALSE;
- }
+ entry->name = pts_comp_func_name_create(vid, name, qualifier);
+
+ type = pts_components->get_qualifier(pts_components,
+ entry->name, &flags);
+
+ DBG2(DBG_TNC, "%N functional component '%N' with qualifier %s '%N'",
+ pen_names, vid,
+ pts_components->get_comp_func_names(pts_components, vid),
+ name, flags,
+ pts_components->get_qualifier_type_names(pts_components, vid),
+ type);
-
if (first_req)
{
/* Create a requests object */
type INTEGER NOT NULL,
path TEXT NOT NULL,
measurement INTEGER DEFAULT 0,
- metadata INTEGER DEFAULT 0,
- component INTEGER DEFAULT 0
+ metadata INTEGER DEFAULT 0
+);
+
+DROP TABLE IF EXISTS components;
+CREATE TABLE components (
+ id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+ vendor_id INTEGER NOT NULL,
+ name INTEGER NOT NULL,
+ qualifier INTEGER DEFAULT 0
);
DROP TABLE IF EXISTS products;
PRIMARY KEY (product, file)
);
+DROP TABLE IF EXISTS product_component;
+CREATE TABLE product_component (
+ product INTEGER NOT NULL,
+ component INTEGER NOT NULL,
+ sequence INTEGER DEFAULT 0,
+ PRIMARY KEY (product, component)
+);
+
DROP TABLE IF EXISTS file_hashes;
CREATE TABLE file_hashes (
file INTEGER NOT NULL,
{
enumerator_t *e;
- /* look for all entries belonging to a product in the files table */
+ /* look for all entries belonging to a product in the components table */
e = this->db->query(this->db,
- "SELECT f.path FROM files AS f "
- "JOIN product_file AS pf ON f.id = pf.file "
- "JOIN products AS p ON p.id = pf.product "
- "WHERE p.name = ? AND f.component = 1",
- DB_TEXT, product, DB_TEXT);
+ "SELECT c.vendor_id, c.name, c.qualifier FROM components AS c "
+ "JOIN product_component AS pc ON c.id = pc.component "
+ "JOIN products AS p ON p.id = pc.product "
+ "WHERE p.name = ? ORDER BY pf.order",
+ DB_TEXT, product, DB_INT, DB_INT, DB_INT);
return e;
}
projects / thirdparty / strongswan.git / commitdiff
