From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 16 Oct 2014 05:49:14 +0000 (+0200)
Subject: Request IF-M segmentation contract for TCG/PTS subtype
X-Git-Tag: 5.2.1~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=08385de6e2d84205cd652f7b20bde2ff10477f83;p=thirdparty%2Fstrongswan.git

Request IF-M segmentation contract for TCG/PTS subtype
---

diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c b/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c
index c265e853cb..8e37368573 100644
--- a/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c
@@ -39,6 +39,8 @@
 #include <tcg/pts/tcg_pts_attr_proto_caps.h>
 #include <tcg/pts/tcg_pts_attr_req_file_meas.h>
 #include <tcg/pts/tcg_pts_attr_req_file_meta.h>
+#include "tcg/seg/tcg_seg_attr_max_size.h"
+#include "tcg/seg/tcg_seg_attr_seg_env.h"
 #include <pts/pts.h>
 #include <pts/pts_database.h>
 #include <pts/pts_creds.h>
@@ -51,6 +53,8 @@
 #include <credentials/credential_manager.h>
 #include <collections/linked_list.h>
 
+#define FILE_MEAS_MAX_ATTR_SIZE	100000000
+
 typedef struct private_imv_attestation_agent_t private_imv_attestation_agent_t;
 
 /* Subscribed PA-TNC message subtypes */
@@ -465,12 +469,35 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result,
 
 	if (handshake_state == IMV_ATTESTATION_STATE_INIT)
 	{
+		size_t max_attr_size = FILE_MEAS_MAX_ATTR_SIZE;
+		size_t max_seg_size;
+		seg_contract_t *contract;
+		seg_contract_manager_t *contracts;
 		pa_tnc_attr_t *attr;
 		pts_proto_caps_flag_t flags;
+		char buf[BUF_LEN];
 
 		out_msg = imv_msg_create(this->agent, state, id, imv_id, TNC_IMCID_ANY,
 								 msg_types[0]);
 
+		/* Determine maximum PA-TNC attribute segment size */
+		max_seg_size = state->get_max_msg_len(state)
+								- PA_TNC_HEADER_SIZE
+								- PA_TNC_ATTR_HEADER_SIZE
+								- TCG_SEG_ATTR_SEG_ENV_HEADER
+								- PA_TNC_ATTR_HEADER_SIZE
+								- TCG_SEG_ATTR_MAX_SIZE_SIZE;
+
+		/* Announce support of PA-TNC segmentation to IMC */
+		contract = seg_contract_create(msg_types[0], max_attr_size,
+										max_seg_size, TRUE, imv_id, FALSE);
+		contract->get_info_string(contract, buf, BUF_LEN, TRUE);
+		DBG2(DBG_IMV, "%s", buf);
+		contracts = state->get_contracts(state);
+		contracts->add_contract(contracts, contract);
+		attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE);
+		out_msg->add_attribute(out_msg, attr);
+
 		/* Send Request Protocol Capabilities attribute */
 		flags = pts->get_proto_caps(pts);
 		attr = tcg_pts_attr_proto_caps_create(flags, TRUE);