From: Andreas Steffen Date: Tue, 24 May 2022 15:40:06 +0000 (+0200) Subject: TCG TNC attribute name changes X-Git-Tag: 5.9.7dr1~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3f19a951cf6fe1a9e900bd5ff604e77e1cd08124;p=thirdparty%2Fstrongswan.git TCG TNC attribute name changes The TCG TNC IF-M Segmentation standard was implemented based on a draft version. The attribute names are updated to comply with the final TCG IF-M Segmentation Specification Version 1.0 Rev. 5 dated 4 April 2016 --- diff --git a/src/libimcv/Android.mk b/src/libimcv/Android.mk index 8549175aac..9ca238b72e 100644 --- a/src/libimcv/Android.mk +++ b/src/libimcv/Android.mk @@ -104,7 +104,7 @@ libimcv_la_SOURCES := \ tcg/pts/tcg_pts_attr_file_meas.h tcg/pts/tcg_pts_attr_file_meas.c \ tcg/pts/tcg_pts_attr_req_file_meta.h tcg/pts/tcg_pts_attr_req_file_meta.c \ tcg/pts/tcg_pts_attr_unix_file_meta.h tcg/pts/tcg_pts_attr_unix_file_meta.c \ - tcg/seg/tcg_seg_attr_max_size.h tcg/seg/tcg_seg_attr_max_size.c \ + tcg/seg/tcg_seg_attr_seg_contract.h tcg/seg/tcg_seg_attr_seg_contract.c \ tcg/seg/tcg_seg_attr_seg_env.h tcg/seg/tcg_seg_attr_seg_env.c \ tcg/seg/tcg_seg_attr_next_seg.h tcg/seg/tcg_seg_attr_next_seg.c diff --git a/src/libimcv/Makefile.am b/src/libimcv/Makefile.am index f44ab52b81..7be5da1445 100644 --- a/src/libimcv/Makefile.am +++ b/src/libimcv/Makefile.am @@ -125,7 +125,7 @@ libimcv_la_SOURCES = \ tcg/pts/tcg_pts_attr_file_meas.h tcg/pts/tcg_pts_attr_file_meas.c \ tcg/pts/tcg_pts_attr_req_file_meta.h tcg/pts/tcg_pts_attr_req_file_meta.c \ tcg/pts/tcg_pts_attr_unix_file_meta.h tcg/pts/tcg_pts_attr_unix_file_meta.c \ - tcg/seg/tcg_seg_attr_max_size.h tcg/seg/tcg_seg_attr_max_size.c \ + tcg/seg/tcg_seg_attr_seg_contract.h tcg/seg/tcg_seg_attr_seg_contract.c \ tcg/seg/tcg_seg_attr_seg_env.h tcg/seg/tcg_seg_attr_seg_env.c \ tcg/seg/tcg_seg_attr_next_seg.h tcg/seg/tcg_seg_attr_next_seg.c diff --git a/src/libimcv/imc/imc_msg.c b/src/libimcv/imc/imc_msg.c index 9e12e29f11..a929097972 100644 --- a/src/libimcv/imc/imc_msg.c +++ b/src/libimcv/imc/imc_msg.c @@ -2,6 +2,8 @@ * Copyright (C) 2012-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -18,7 +20,7 @@ #include "ietf/ietf_attr.h" #include "ietf/ietf_attr_assess_result.h" #include "ietf/ietf_attr_remediation_instr.h" -#include "tcg/seg/tcg_seg_attr_max_size.h" +#include "tcg/seg/tcg_seg_attr_seg_contract.h" #include "tcg/seg/tcg_seg_attr_seg_env.h" #include "tcg/seg/tcg_seg_attr_next_seg.h" @@ -312,7 +314,7 @@ METHOD(imc_msg_t, receive, TNC_Result, enumerator = this->pa_msg->create_attribute_enumerator(this->pa_msg); while (enumerator->enumerate(enumerator, &attr)) { - uint32_t max_attr_size, max_seg_size, my_max_attr_size, my_max_seg_size; + uint32_t max_msg_size, max_seg_size, my_max_msg_size, my_max_seg_size; seg_contract_t *contract; seg_contract_manager_t *contracts; char buf[BUF_LEN]; @@ -329,23 +331,23 @@ METHOD(imc_msg_t, receive, TNC_Result, switch (type.type) { - case TCG_SEG_MAX_ATTR_SIZE_REQ: + case TCG_SEG_CONTRACT_REQ: { - tcg_seg_attr_max_size_t *attr_cast; + tcg_seg_attr_seg_contract_t *attr_cast; - attr_cast = (tcg_seg_attr_max_size_t*)attr; - attr_cast->get_attr_size(attr_cast, &max_attr_size, - &max_seg_size); + attr_cast = (tcg_seg_attr_seg_contract_t*)attr; + attr_cast->get_max_size(attr_cast, &max_msg_size, + &max_seg_size); contract = contracts->get_contract(contracts, this->msg_type, FALSE, this->src_id); if (contract) { - contract->set_max_size(contract, max_attr_size, + contract->set_max_size(contract, max_msg_size, max_seg_size); } else { - contract = seg_contract_create(this->msg_type, max_attr_size, + contract = seg_contract_create(this->msg_type, max_msg_size, max_seg_size, FALSE, this->src_id, TRUE); contract->set_responder(contract, target_imc_id); contracts->add_contract(contracts, contract); @@ -360,29 +362,29 @@ METHOD(imc_msg_t, receive, TNC_Result, - TCG_SEG_ATTR_SEG_ENV_HEADER; /* If segmentation is possible select lower segment size */ - if (max_seg_size != SEG_CONTRACT_NO_FRAGMENTATION && + if (max_seg_size != SEG_CONTRACT_NO_SEGMENTATION && max_seg_size > my_max_seg_size) { max_seg_size = my_max_seg_size; - contract->set_max_size(contract, max_attr_size, + contract->set_max_size(contract, max_msg_size, max_seg_size); DBG2(DBG_IMC, " lowered maximum segment size to %u bytes", max_seg_size); } - /* Add Maximum Attribute Size Response attribute */ - attr = tcg_seg_attr_max_size_create(max_attr_size, - max_seg_size, FALSE); + /* Add Segmentation Contract Response attribute */ + attr = tcg_seg_attr_seg_contract_create(max_msg_size, + max_seg_size, FALSE); out_msg->add_attribute(out_msg, attr); break; } - case TCG_SEG_MAX_ATTR_SIZE_RESP: + case TCG_SEG_CONTRACT_RESP: { - tcg_seg_attr_max_size_t *attr_cast; + tcg_seg_attr_seg_contract_t *attr_cast; - attr_cast = (tcg_seg_attr_max_size_t*)attr; - attr_cast->get_attr_size(attr_cast, &max_attr_size, - &max_seg_size); + attr_cast = (tcg_seg_attr_seg_contract_t*)attr; + attr_cast->get_max_size(attr_cast, &max_msg_size, + &max_seg_size); contract = contracts->get_contract(contracts, this->msg_type, TRUE, this->src_id); if (!contract) @@ -398,13 +400,13 @@ METHOD(imc_msg_t, receive, TNC_Result, } if (contract) { - contract->get_max_size(contract, &my_max_attr_size, + contract->get_max_size(contract, &my_max_msg_size, &my_max_seg_size); - if (my_max_seg_size != SEG_CONTRACT_NO_FRAGMENTATION && + if (my_max_seg_size != SEG_CONTRACT_NO_SEGMENTATION && my_max_seg_size > max_seg_size) { my_max_seg_size = max_seg_size; - contract->set_max_size(contract, my_max_attr_size, + contract->set_max_size(contract, my_max_msg_size, my_max_seg_size); } contract->get_info_string(contract, buf, BUF_LEN, FALSE); @@ -417,22 +419,22 @@ METHOD(imc_msg_t, receive, TNC_Result, } break; } - case TCG_SEG_ATTR_SEG_ENV: + case TCG_SEG_ENVELOPE: { tcg_seg_attr_seg_env_t *seg_env_attr; pa_tnc_attr_t *error; - uint32_t base_attr_id; + uint32_t base_msg_id; bool more; seg_env_attr = (tcg_seg_attr_seg_env_t*)attr; - base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr); + base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr); contract = contracts->get_contract(contracts, this->msg_type, TRUE, this->src_id); if (!contract) { - DBG2(DBG_IMC, "no contract for received attribute segment " - "with base attribute ID %u", base_attr_id); + DBG2(DBG_IMC, "no contract for received segment with base " + "message ID %u", base_msg_id); continue; } attr = contract->add_segment(contract, attr, &error, &more); @@ -447,18 +449,18 @@ METHOD(imc_msg_t, receive, TNC_Result, if (more) { /* Send Next Segment Request */ - attr = tcg_seg_attr_next_seg_create(base_attr_id, FALSE); + attr = tcg_seg_attr_next_seg_create(base_msg_id, FALSE); out_msg->add_attribute(out_msg, attr); } break; } - case TCG_SEG_NEXT_SEG_REQ: + case TCG_SEG_NEXT_SEGMENT: { tcg_seg_attr_next_seg_t *attr_cast; - uint32_t base_attr_id; + uint32_t base_msg_id; attr_cast = (tcg_seg_attr_next_seg_t*)attr; - base_attr_id = attr_cast->get_base_attr_id(attr_cast); + base_msg_id = attr_cast->get_base_msg_id(attr_cast); contract = contracts->get_contract(contracts, this->msg_type, FALSE, this->src_id); @@ -466,10 +468,10 @@ METHOD(imc_msg_t, receive, TNC_Result, { /* TODO no contract - generate error message */ DBG1(DBG_IMC, "no contract for received next segment " - "request with base attribute ID %u", base_attr_id); + "request with base message ID %u", base_msg_id); continue; } - attr = contract->next_segment(contract, base_attr_id); + attr = contract->next_segment(contract, base_msg_id); if (attr) { out_msg->add_attribute(out_msg, attr); @@ -478,7 +480,7 @@ METHOD(imc_msg_t, receive, TNC_Result, { /* TODO no more segments - generate error message */ DBG1(DBG_IMC, "no more segments found for " - "base attribute ID %u", base_attr_id); + "base message ID %u", base_msg_id); } break; } diff --git a/src/libimcv/imcv.c b/src/libimcv/imcv.c index 0a4ae66a00..186ee96f63 100644 --- a/src/libimcv/imcv.c +++ b/src/libimcv/imcv.c @@ -2,6 +2,8 @@ * Copyright (C) 2011-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -78,6 +80,27 @@ static refcount_t libstrongswan_ref = 0; static int imcv_debug_level; static bool imcv_stderr_quiet; +/** + * Described in header. + */ +void imcv_list_pa_tnc_attribute_type(char *label, pen_t vendor_id, uint32_t type) +{ + enum_name_t *pa_attr_names; + + pa_attr_names = imcv_pa_tnc_attributes->get_names(imcv_pa_tnc_attributes, + vendor_id); + if (pa_attr_names) + { + DBG2(DBG_TNC, "%s PA-TNC attribute type '%N/%N' 0x%06x/0x%08x", + label, pen_names, vendor_id, pa_attr_names, type, vendor_id, type); + } + else + { + DBG2(DBG_TNC, "%s PA-TNC attribute type '%N' 0x%06x/0x%08x", + label, pen_names, vendor_id, vendor_id, type); + } +} + /** * imvc dbg function */ diff --git a/src/libimcv/imcv.h b/src/libimcv/imcv.h index 1906f67f54..514ffd3171 100644 --- a/src/libimcv/imcv.h +++ b/src/libimcv/imcv.h @@ -2,6 +2,8 @@ * Copyright (C) 2011 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -64,6 +66,15 @@ bool libimcv_init(bool is_imv); */ void libimcv_deinit(void); +/** + * List PA-TNC attribute type and namespace (vendor ID) + * + * @param label label to be used (creating/processing) + * @param vendor_id namespace defined by Private Enterprise Number (PEN) + * @param type PA-TNC attribute type + */ +void imcv_list_pa_tnc_attribute_type(char *label, pen_t vendor_id, uint32_t type); + /** * PA-TNC attribute manager */ diff --git a/src/libimcv/imv/imv_msg.c b/src/libimcv/imv/imv_msg.c index 039124c2af..8df5d81ca6 100644 --- a/src/libimcv/imv/imv_msg.c +++ b/src/libimcv/imv/imv_msg.c @@ -2,6 +2,8 @@ * Copyright (C) 2012-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -18,7 +20,7 @@ #include "ietf/ietf_attr.h" #include "ietf/ietf_attr_assess_result.h" #include "ietf/ietf_attr_remediation_instr.h" -#include "tcg/seg/tcg_seg_attr_max_size.h" +#include "tcg/seg/tcg_seg_attr_seg_contract.h" #include "tcg/seg/tcg_seg_attr_seg_env.h" #include "tcg/seg/tcg_seg_attr_next_seg.h" @@ -155,6 +157,7 @@ METHOD(imv_msg_t, send_, TNC_Result, { space_left = pa_tnc_msg->get_space(pa_tnc_msg); + /* Segment PA-TNC messages consisting of a single attribute only */ if (contract && contract->check_size(contract, attr, &oversize)) { if (oversize) @@ -348,7 +351,7 @@ METHOD(imv_msg_t, receive, TNC_Result, enumerator = this->pa_msg->create_attribute_enumerator(this->pa_msg); while (enumerator->enumerate(enumerator, &attr)) { - uint32_t max_attr_size, max_seg_size, my_max_attr_size, my_max_seg_size; + uint32_t max_msg_size, max_seg_size, my_max_msg_size, my_max_seg_size; seg_contract_manager_t *contracts; seg_contract_t *contract; char buf[BUF_LEN]; @@ -365,23 +368,23 @@ METHOD(imv_msg_t, receive, TNC_Result, switch (type.type) { - case TCG_SEG_MAX_ATTR_SIZE_REQ: + case TCG_SEG_CONTRACT_REQ: { - tcg_seg_attr_max_size_t *attr_cast; + tcg_seg_attr_seg_contract_t *attr_cast; - attr_cast = (tcg_seg_attr_max_size_t*)attr; - attr_cast->get_attr_size(attr_cast, &max_attr_size, - &max_seg_size); + attr_cast = (tcg_seg_attr_seg_contract_t*)attr; + attr_cast->get_max_size(attr_cast, &max_msg_size, + &max_seg_size); contract = contracts->get_contract(contracts, this->msg_type, FALSE, this->src_id); if (contract) { - contract->set_max_size(contract, max_attr_size, + contract->set_max_size(contract, max_msg_size, max_seg_size); } else { - contract = seg_contract_create(this->msg_type, max_attr_size, + contract = seg_contract_create(this->msg_type, max_msg_size, max_seg_size, FALSE, this->src_id, FALSE); contract->set_responder(contract, target_imv_id); contracts->add_contract(contracts, contract); @@ -396,29 +399,29 @@ METHOD(imv_msg_t, receive, TNC_Result, - TCG_SEG_ATTR_SEG_ENV_HEADER; /* If segmentation is possible select lower segment size */ - if (max_seg_size != SEG_CONTRACT_NO_FRAGMENTATION && + if (max_seg_size != SEG_CONTRACT_NO_SEGMENTATION && max_seg_size > my_max_seg_size) { max_seg_size = my_max_seg_size; - contract->set_max_size(contract, max_attr_size, + contract->set_max_size(contract, max_msg_size, max_seg_size); DBG2(DBG_IMV, " lowered maximum segment size to %u bytes", max_seg_size); } - /* Add Maximum Attribute Size Response attribute */ - attr = tcg_seg_attr_max_size_create(max_attr_size, - max_seg_size, FALSE); + /* Add Segmentation Contract Response attribute */ + attr = tcg_seg_attr_seg_contract_create(max_msg_size, + max_seg_size, FALSE); out_msg->add_attribute(out_msg, attr); break; } - case TCG_SEG_MAX_ATTR_SIZE_RESP: + case TCG_SEG_CONTRACT_RESP: { - tcg_seg_attr_max_size_t *attr_cast; + tcg_seg_attr_seg_contract_t *attr_cast; - attr_cast = (tcg_seg_attr_max_size_t*)attr; - attr_cast->get_attr_size(attr_cast, &max_attr_size, - &max_seg_size); + attr_cast = (tcg_seg_attr_seg_contract_t*)attr; + attr_cast->get_max_size(attr_cast, &max_msg_size, + &max_seg_size); contract = contracts->get_contract(contracts, this->msg_type, TRUE, this->src_id); if (!contract) @@ -434,13 +437,13 @@ METHOD(imv_msg_t, receive, TNC_Result, } if (contract) { - contract->get_max_size(contract, &my_max_attr_size, + contract->get_max_size(contract, &my_max_msg_size, &my_max_seg_size); - if (my_max_seg_size != SEG_CONTRACT_NO_FRAGMENTATION && + if (my_max_seg_size != SEG_CONTRACT_NO_SEGMENTATION && my_max_seg_size > max_seg_size) { my_max_seg_size = max_seg_size; - contract->set_max_size(contract, my_max_attr_size, + contract->set_max_size(contract, my_max_msg_size, my_max_seg_size); } contract->get_info_string(contract, buf, BUF_LEN, FALSE); @@ -453,22 +456,22 @@ METHOD(imv_msg_t, receive, TNC_Result, } break; } - case TCG_SEG_ATTR_SEG_ENV: + case TCG_SEG_ENVELOPE: { tcg_seg_attr_seg_env_t *seg_env_attr; pa_tnc_attr_t *error; - uint32_t base_attr_id; + uint32_t base_msg_id; bool more; seg_env_attr = (tcg_seg_attr_seg_env_t*)attr; - base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr); + base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr); contract = contracts->get_contract(contracts, this->msg_type, TRUE, this->src_id); if (!contract) { - DBG2(DBG_IMV, "no contract for received attribute segment " - "with base attribute ID %u", base_attr_id); + DBG2(DBG_IMV, "no contract for received segment with base " + "message ID %u", base_msg_id); continue; } attr = contract->add_segment(contract, attr, &error, &more); @@ -483,18 +486,18 @@ METHOD(imv_msg_t, receive, TNC_Result, if (more) { /* Send Next Segment Request */ - attr = tcg_seg_attr_next_seg_create(base_attr_id, FALSE); + attr = tcg_seg_attr_next_seg_create(base_msg_id, FALSE); out_msg->add_attribute(out_msg, attr); } break; } - case TCG_SEG_NEXT_SEG_REQ: + case TCG_SEG_NEXT_SEGMENT: { tcg_seg_attr_next_seg_t *attr_cast; - uint32_t base_attr_id; + uint32_t base_msg_id; attr_cast = (tcg_seg_attr_next_seg_t*)attr; - base_attr_id = attr_cast->get_base_attr_id(attr_cast); + base_msg_id = attr_cast->get_base_msg_id(attr_cast); contract = contracts->get_contract(contracts, this->msg_type, FALSE, this->src_id); @@ -502,10 +505,10 @@ METHOD(imv_msg_t, receive, TNC_Result, { /* TODO no contract - generate error message */ DBG1(DBG_IMV, "no contract for received next segment " - "request with base attribute ID %u", base_attr_id); + "request with base message ID %u", base_msg_id); continue; } - attr = contract->next_segment(contract, base_attr_id); + attr = contract->next_segment(contract, base_msg_id); if (attr) { out_msg->add_attribute(out_msg, attr); @@ -514,7 +517,7 @@ METHOD(imv_msg_t, receive, TNC_Result, { /* TODO no more segments - generate error message */ DBG1(DBG_IMV, "no more segments found for " - "base attribute ID %u", base_attr_id); + "base message ID %u", base_msg_id); } break; } diff --git a/src/libimcv/pa_tnc/pa_tnc_attr_manager.c b/src/libimcv/pa_tnc/pa_tnc_attr_manager.c index 522213bd57..10ac322268 100644 --- a/src/libimcv/pa_tnc/pa_tnc_attr_manager.c +++ b/src/libimcv/pa_tnc/pa_tnc_attr_manager.c @@ -131,7 +131,6 @@ METHOD(pa_tnc_attr_manager_t, create, pa_tnc_attr_t*, pen_t vendor_id; pen_type_t unsupported_type; pen_type_t error_code = { PEN_IETF, PA_ERROR_INVALID_PARAMETER }; - enum_name_t *pa_attr_names; pa_tnc_attr_t *attr = NULL; enumerator_t *enumerator; entry_t *entry; @@ -151,20 +150,7 @@ METHOD(pa_tnc_attr_manager_t, create, pa_tnc_attr_t*, reader->read_uint32(reader, &type); reader->read_uint32(reader, &length); - pa_attr_names = imcv_pa_tnc_attributes->get_names(imcv_pa_tnc_attributes, - vendor_id); - if (pa_attr_names) - { - DBG2(DBG_TNC, "processing PA-TNC attribute type '%N/%N' " - "0x%06x/0x%08x", pen_names, vendor_id, - pa_attr_names, type, vendor_id, type); - } - else - { - DBG2(DBG_TNC, "processing PA-TNC attribute type '%N' " - "0x%06x/0x%08x", pen_names, vendor_id, - vendor_id, type); - } + imcv_list_pa_tnc_attribute_type("processing", vendor_id, type); if (length < PA_TNC_ATTR_HEADER_SIZE) { diff --git a/src/libimcv/pa_tnc/pa_tnc_msg.c b/src/libimcv/pa_tnc/pa_tnc_msg.c index 5f5add704f..6e9d5d659a 100644 --- a/src/libimcv/pa_tnc/pa_tnc_msg.c +++ b/src/libimcv/pa_tnc/pa_tnc_msg.c @@ -127,7 +127,6 @@ METHOD(pa_tnc_msg_t, build, bool, bio_writer_t *writer; enumerator_t *enumerator; pa_tnc_attr_t *attr; - enum_name_t *pa_attr_names; pen_type_t type; uint8_t flags; chunk_t value; @@ -158,21 +157,7 @@ METHOD(pa_tnc_msg_t, build, bool, value = attr->get_value(attr); flags = attr->get_noskip_flag(attr) ? PA_TNC_ATTR_FLAG_NOSKIP : PA_TNC_ATTR_FLAG_NONE; - - pa_attr_names = imcv_pa_tnc_attributes->get_names(imcv_pa_tnc_attributes, - type.vendor_id); - if (pa_attr_names) - { - DBG2(DBG_TNC, "creating PA-TNC attribute type '%N/%N' " - "0x%06x/0x%08x", pen_names, type.vendor_id, - pa_attr_names, type.type, type.vendor_id, type.type); - } - else - { - DBG2(DBG_TNC, "creating PA-TNC attribute type '%N' " - "0x%06x/0x%08x", pen_names, type.vendor_id, - type.vendor_id, type.type); - } + imcv_list_pa_tnc_attribute_type("creating", type.vendor_id, type.type); DBG3(DBG_TNC, "%B", &value); writer->write_uint8 (writer, flags); diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation_process.c b/src/libimcv/plugins/imc_attestation/imc_attestation_process.c index daf5c3b20a..36146f34d9 100644 --- a/src/libimcv/plugins/imc_attestation/imc_attestation_process.c +++ b/src/libimcv/plugins/imc_attestation/imc_attestation_process.c @@ -3,6 +3,8 @@ * Copyright (C) 2011-2016 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -474,8 +476,8 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, imc_msg_t *msg, msg->add_attribute(msg, attr); break; } - case TCG_SEG_MAX_ATTR_SIZE_REQ: - case TCG_SEG_NEXT_SEG_REQ: + case TCG_SEG_CONTRACT_REQ: + case TCG_SEG_NEXT_SEGMENT: break; /* TODO: Not implemented yet */ diff --git a/src/libimcv/plugins/imc_swima/imc_swima.c b/src/libimcv/plugins/imc_swima/imc_swima.c index be258d3358..6bbf8d74cc 100644 --- a/src/libimcv/plugins/imc_swima/imc_swima.c +++ b/src/libimcv/plugins/imc_swima/imc_swima.c @@ -2,6 +2,8 @@ * Copyright (C) 2017 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -23,7 +25,7 @@ #include "swima/swima_inventory.h" #include "swima/swima_collector.h" #include "swima/swima_error.h" -#include "tcg/seg/tcg_seg_attr_max_size.h" +#include "tcg/seg/tcg_seg_attr_seg_contract.h" #include "tcg/seg/tcg_seg_attr_seg_env.h" #include @@ -310,7 +312,7 @@ TNC_Result TNC_IMC_BeginHandshake(TNC_IMCID imc_id, seg_contract_t *contract; seg_contract_manager_t *contracts; imc_swima_subscription_t *subscription; - size_t max_attr_size = SWIMA_MAX_ATTR_SIZE; + size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT; size_t max_seg_size; char buf[BUF_LEN]; TNC_Result result = TNC_RESULT_SUCCESS; @@ -346,13 +348,13 @@ TNC_Result TNC_IMC_BeginHandshake(TNC_IMCID imc_id, - TCG_SEG_ATTR_SEG_ENV_HEADER; /* Announce support of PA-TNC segmentation to IMV */ - contract = seg_contract_create(msg_types[0], max_attr_size, max_seg_size, + contract = seg_contract_create(msg_types[0], max_msg_size, max_seg_size, TRUE, imc_id, TRUE); contract->get_info_string(contract, buf, BUF_LEN, TRUE); DBG2(DBG_IMC, "%s", buf); contracts = state->get_contracts(state); contracts->add_contract(contracts, contract); - attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE); + attr = tcg_seg_attr_seg_contract_create(max_msg_size, max_seg_size, TRUE); /* send PA-TNC message with the excl flag not set */ out_msg = imc_msg_create(imc_swima, state, connection_id, imc_id, diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c b/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c index 4d17f1ee45..2c64457bea 100644 --- a/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c +++ b/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c @@ -3,6 +3,8 @@ * Copyright (C) 2011-2020 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -40,8 +42,8 @@ #include #include #include -#include "tcg/seg/tcg_seg_attr_max_size.h" -#include "tcg/seg/tcg_seg_attr_seg_env.h" +#include +#include #include #include #include @@ -55,8 +57,6 @@ #include #include -#define FILE_MEAS_MAX_ATTR_SIZE 100000000 - typedef struct private_imv_attestation_agent_t private_imv_attestation_agent_t; /* Subscribed PA-TNC message subtypes */ @@ -488,7 +488,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, if (handshake_state == IMV_ATTESTATION_STATE_INIT) { - size_t max_attr_size = FILE_MEAS_MAX_ATTR_SIZE; + size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT; size_t max_seg_size; seg_contract_t *contract; seg_contract_manager_t *contracts; @@ -506,13 +506,13 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, - TCG_SEG_ATTR_SEG_ENV_HEADER; /* Announce support of PA-TNC segmentation to IMC */ - contract = seg_contract_create(msg_types[0], max_attr_size, + contract = seg_contract_create(msg_types[0], max_msg_size, max_seg_size, TRUE, imv_id, FALSE); contract->get_info_string(contract, buf, BUF_LEN, TRUE); DBG2(DBG_IMV, "%s", buf); contracts = state->get_contracts(state); contracts->add_contract(contracts, contract); - attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE); + attr = tcg_seg_attr_seg_contract_create(max_msg_size, max_seg_size, TRUE); out_msg->add_attribute(out_msg, attr); /* Send Request Protocol Capabilities attribute */ diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c index 60a9edc0f2..5112ac711b 100644 --- a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c +++ b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c @@ -3,6 +3,8 @@ * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -524,8 +526,8 @@ quote_error: } break; } - case TCG_SEG_MAX_ATTR_SIZE_RESP: - case TCG_SEG_ATTR_SEG_ENV: + case TCG_SEG_CONTRACT_RESP: + case TCG_SEG_ENVELOPE: break; /* TODO: Not implemented yet */ diff --git a/src/libimcv/plugins/imv_hcd/imv_hcd_agent.c b/src/libimcv/plugins/imv_hcd/imv_hcd_agent.c index bca1958226..291775ddb4 100644 --- a/src/libimcv/plugins/imv_hcd/imv_hcd_agent.c +++ b/src/libimcv/plugins/imv_hcd/imv_hcd_agent.c @@ -2,6 +2,8 @@ * Copyright (C) 2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -30,7 +32,7 @@ #include #include #include -#include "tcg/seg/tcg_seg_attr_max_size.h" +#include "tcg/seg/tcg_seg_attr_seg_contract.h" #include "tcg/seg/tcg_seg_attr_seg_env.h" #include @@ -39,8 +41,6 @@ #include #include -#define HCD_MAX_ATTR_SIZE 10000000 - typedef struct private_imv_hcd_agent_t private_imv_hcd_agent_t; /* Subscribed PA-TNC message subtypes */ @@ -533,7 +533,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, if (handshake_state == IMV_HCD_STATE_INIT) { - size_t max_attr_size = HCD_MAX_ATTR_SIZE; + size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT; size_t max_seg_size; seg_contract_t *contract; seg_contract_manager_t *contracts; @@ -543,11 +543,9 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, /* Determine maximum PA-TNC attribute segment size */ max_seg_size = state->get_max_msg_len(state) - - PA_TNC_HEADER_SIZE - - PA_TNC_ATTR_HEADER_SIZE - - TCG_SEG_ATTR_SEG_ENV_HEADER - - PA_TNC_ATTR_HEADER_SIZE - - TCG_SEG_ATTR_MAX_SIZE_SIZE; + - PA_TNC_HEADER_SIZE + - PA_TNC_ATTR_HEADER_SIZE + - TCG_SEG_ATTR_SEG_ENV_HEADER; contracts = state->get_contracts(state); for (i = 1; i < countof(msg_types); i++) @@ -556,12 +554,12 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, TNC_IMCID_ANY, msg_types[i]); /* Announce support of PA-TNC segmentation to IMC */ - contract = seg_contract_create(msg_types[i], max_attr_size, + contract = seg_contract_create(msg_types[i], max_msg_size, max_seg_size, TRUE, imv_id, FALSE); contract->get_info_string(contract, buf, BUF_LEN, TRUE); DBG2(DBG_IMV, "%s", buf); contracts->add_contract(contracts, contract); - attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, + attr = tcg_seg_attr_seg_contract_create(max_msg_size, max_seg_size, TRUE); out_msg->add_attribute(out_msg, attr); diff --git a/src/libimcv/plugins/imv_os/imv_os_agent.c b/src/libimcv/plugins/imv_os/imv_os_agent.c index bb1e8a806e..435e6db45b 100644 --- a/src/libimcv/plugins/imv_os/imv_os_agent.c +++ b/src/libimcv/plugins/imv_os/imv_os_agent.c @@ -2,6 +2,8 @@ * Copyright (C) 2013-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -37,7 +39,7 @@ #include #include #include -#include "tcg/seg/tcg_seg_attr_max_size.h" +#include "tcg/seg/tcg_seg_attr_seg_contract.h" #include "tcg/seg/tcg_seg_attr_seg_env.h" #include @@ -46,8 +48,6 @@ #include #include -#define INSTALLED_PACKAGES_MAX_ATTR_SIZE 100000000 - typedef struct private_imv_os_agent_t private_imv_os_agent_t; typedef enum imv_os_attr_t imv_os_attr_t; @@ -531,7 +531,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, if (handshake_state == IMV_OS_STATE_INIT) { - size_t max_attr_size = INSTALLED_PACKAGES_MAX_ATTR_SIZE; + size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT; size_t max_seg_size; seg_contract_t *contract; seg_contract_manager_t *contracts; @@ -544,13 +544,13 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, - TCG_SEG_ATTR_SEG_ENV_HEADER; /* Announce support of PA-TNC segmentation to IMC */ - contract = seg_contract_create(msg_types[0], max_attr_size, + contract = seg_contract_create(msg_types[0], max_msg_size, max_seg_size, TRUE, imv_id, FALSE); contract->get_info_string(contract, buf, BUF_LEN, TRUE); DBG2(DBG_IMV, "%s", buf); contracts = state->get_contracts(state); contracts->add_contract(contracts, contract); - attr = tcg_seg_attr_max_size_create(max_attr_size, max_seg_size, TRUE); + attr = tcg_seg_attr_seg_contract_create(max_msg_size, max_seg_size, TRUE); out_msg->add_attribute(out_msg, attr); if ((received & IMV_OS_ATTR_MUST) != IMV_OS_ATTR_MUST) diff --git a/src/libimcv/plugins/imv_swima/imv_swima_agent.c b/src/libimcv/plugins/imv_swima/imv_swima_agent.c index 52f1baf037..016e627718 100644 --- a/src/libimcv/plugins/imv_swima/imv_swima_agent.c +++ b/src/libimcv/plugins/imv_swima/imv_swima_agent.c @@ -2,6 +2,8 @@ * Copyright (C) 2017 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -23,7 +25,7 @@ #include #include #include "rest/rest.h" -#include "tcg/seg/tcg_seg_attr_max_size.h" +#include "tcg/seg/tcg_seg_attr_seg_contract.h" #include "tcg/seg/tcg_seg_attr_seg_env.h" #include "ietf/swima/ietf_swima_attr_req.h" #include "ietf/swima/ietf_swima_attr_sw_inv.h" @@ -153,7 +155,7 @@ static TNC_Result receive_msg(private_imv_swima_agent_t *this, pen_type_t error_code; chunk_t msg_info, description; bio_reader_t *reader; - uint32_t max_attr_size; + uint32_t max_msg_size; bool success; error_attr = (ietf_attr_pa_tnc_error_t*)attr; @@ -177,13 +179,13 @@ static TNC_Result receive_msg(private_imv_swima_agent_t *this, } if (error_code.type == PA_ERROR_SWIMA_RESPONSE_TOO_LARGE) { - if (!reader->read_uint32(reader, &max_attr_size)) + if (!reader->read_uint32(reader, &max_msg_size)) { reader->destroy(reader); continue; } DBG1(DBG_IMV, " maximum PA-TNC attribute size is %u bytes", - max_attr_size); + max_msg_size); } description = reader->peek(reader); if (description.len) @@ -474,7 +476,7 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, if (handshake_state == IMV_SWIMA_STATE_INIT && session->get_policy_started(session)) { - size_t max_attr_size = SWIMA_MAX_ATTR_SIZE; + size_t max_msg_size = SEG_CONTRACT_NO_MSG_SIZE_LIMIT; size_t max_seg_size; ietf_swima_attr_req_t *cast_attr; seg_contract_t *contract; @@ -530,14 +532,14 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result, - TCG_SEG_ATTR_SEG_ENV_HEADER; /* Announce support of PA-TNC segmentation to IMC */ - contract = seg_contract_create(msg_types[0], max_attr_size, + contract = seg_contract_create(msg_types[0], max_msg_size, max_seg_size, TRUE, imv_id, FALSE); contract->get_info_string(contract, buf, BUF_LEN, TRUE); DBG2(DBG_IMV, "%s", buf); contracts = state->get_contracts(state); contracts->add_contract(contracts, contract); - attr = tcg_seg_attr_max_size_create(max_attr_size, - max_seg_size, TRUE); + attr = tcg_seg_attr_seg_contract_create(max_msg_size, + max_seg_size, TRUE); out_msg->add_attribute(out_msg, attr); } @@ -805,7 +807,7 @@ imv_agent_if_t *imv_swima_agent_create(const char *name, TNC_IMVID id, return NULL; } agent->add_non_fatal_attr_type(agent, - pen_type_create(PEN_TCG, TCG_SEG_MAX_ATTR_SIZE_REQ)); + pen_type_create(PEN_TCG, TCG_SEG_CONTRACT_REQ)); INIT(this, .public = { diff --git a/src/libimcv/seg/seg_contract.c b/src/libimcv/seg/seg_contract.c index dfaaacf62c..f946458975 100644 --- a/src/libimcv/seg/seg_contract.c +++ b/src/libimcv/seg/seg_contract.c @@ -2,6 +2,8 @@ * Copyright (C) 2014-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -15,6 +17,7 @@ #include "seg_contract.h" #include "seg_env.h" +#include "imcv.h" #include "ietf/ietf_attr_pa_tnc_error.h" #include "tcg/seg/tcg_seg_attr_seg_env.h" @@ -41,19 +44,19 @@ struct private_seg_contract_t { pen_type_t msg_type; /** - * Maximum PA-TNC attribute size + * Maximum PA-TNC message size */ - uint32_t max_attr_size; + uint32_t max_msg_size; /** - * Maximum PA-TNC attribute segment size + * Maximum PA-TNC segment value size */ uint32_t max_seg_size; /** - * Maximum PA-TNC attribute segment size + * Last base message ID */ - uint32_t last_base_attr_id; + uint32_t last_base_msg_id; /** * List of attribute segment envelopes @@ -95,20 +98,20 @@ METHOD(seg_contract_t, get_msg_type, pen_type_t, } METHOD(seg_contract_t, set_max_size, void, - private_seg_contract_t *this, uint32_t max_attr_size, uint32_t max_seg_size) + private_seg_contract_t *this, uint32_t max_msg_size, uint32_t max_seg_size) { - this->max_attr_size = max_attr_size; + this->max_msg_size = max_msg_size; this->max_seg_size = max_seg_size; - this->is_null = max_attr_size == SEG_CONTRACT_MAX_SIZE_VALUE && - max_seg_size == SEG_CONTRACT_MAX_SIZE_VALUE; + this->is_null = max_msg_size == SEG_CONTRACT_NO_MSG_SIZE_LIMIT && + max_seg_size == SEG_CONTRACT_NO_SEGMENTATION; } METHOD(seg_contract_t, get_max_size, void, - private_seg_contract_t *this, uint32_t *max_attr_size, uint32_t *max_seg_size) + private_seg_contract_t *this, uint32_t *max_msg_size, uint32_t *max_seg_size) { - if (max_attr_size) + if (max_msg_size) { - *max_attr_size = this->max_attr_size; + *max_msg_size = this->max_msg_size; } if (max_seg_size) { @@ -133,15 +136,15 @@ METHOD(seg_contract_t, check_size, bool, attr_value = attr->get_value(attr); attr_len = PA_TNC_ATTR_HEADER_SIZE + attr_value.len; - if (attr_len > this->max_attr_size) + if (attr_len > this->max_msg_size) { /* oversize attribute */ *oversize = TRUE; return FALSE; } - if (this->max_seg_size == SEG_CONTRACT_NO_FRAGMENTATION) + if (this->max_seg_size == SEG_CONTRACT_NO_SEGMENTATION) { - /* no fragmentation wanted */ + /* no segmentation wanted */ return FALSE; } return attr_value.len > this->max_seg_size + TCG_SEG_ATTR_SEG_ENV_HEADER; @@ -151,8 +154,12 @@ METHOD(seg_contract_t, first_segment, pa_tnc_attr_t*, private_seg_contract_t *this, pa_tnc_attr_t *attr, size_t max_attr_len) { seg_env_t *seg_env; + pen_type_t type; + + type = attr->get_type(attr); + imcv_list_pa_tnc_attribute_type("creating", type.vendor_id, type.type); - seg_env = seg_env_create(++this->last_base_attr_id, attr, + seg_env = seg_env_create(++this->last_base_msg_id, attr, this->max_seg_size); if (!seg_env) { @@ -164,7 +171,7 @@ METHOD(seg_contract_t, first_segment, pa_tnc_attr_t*, } METHOD(seg_contract_t, next_segment, pa_tnc_attr_t*, - private_seg_contract_t *this, uint32_t base_attr_id) + private_seg_contract_t *this, uint32_t base_msg_id) { pa_tnc_attr_t *seg_env_attr = NULL; seg_env_t *seg_env; @@ -174,7 +181,7 @@ METHOD(seg_contract_t, next_segment, pa_tnc_attr_t*, enumerator = this->seg_envs->create_enumerator(this->seg_envs); while (enumerator->enumerate(enumerator, &seg_env)) { - if (seg_env->get_base_attr_id(seg_env) == base_attr_id) + if (seg_env->get_base_msg_id(seg_env) == base_msg_id) { seg_env_attr = seg_env->next_segment(seg_env, &last_segment); if (!seg_env_attr) @@ -202,13 +209,13 @@ METHOD(seg_contract_t, add_segment, pa_tnc_attr_t*, seg_env_t *current, *seg_env = NULL; pa_tnc_attr_t *base_attr; pen_type_t error_code; - uint32_t base_attr_id; + uint32_t base_msg_id; uint8_t flags; chunk_t segment_data, msg_info; enumerator_t *enumerator; seg_env_attr = (tcg_seg_attr_seg_env_t*)attr; - base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr); + base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr); segment_data = seg_env_attr->get_segment(seg_env_attr, &flags); *more = flags & SEG_ENV_FLAG_MORE; *error = NULL; @@ -216,7 +223,7 @@ METHOD(seg_contract_t, add_segment, pa_tnc_attr_t*, enumerator = this->seg_envs->create_enumerator(this->seg_envs); while (enumerator->enumerate(enumerator, ¤t)) { - if (current->get_base_attr_id(current) == base_attr_id) + if (current->get_base_msg_id(current) == base_msg_id) { seg_env = current; this->seg_envs->remove_at(this->seg_envs, enumerator); @@ -229,14 +236,13 @@ METHOD(seg_contract_t, add_segment, pa_tnc_attr_t*, { if (seg_env) { - DBG1(DBG_TNC, "base attribute ID %d is already in use", - base_attr_id); + DBG1(DBG_TNC, "base message ID %d is already in use", base_msg_id); this->seg_envs->insert_last(this->seg_envs, seg_env); return NULL; } - DBG2(DBG_TNC, "received first segment for base attribute ID %d " - "(%d bytes)", base_attr_id, segment_data.len); - seg_env = seg_env_create_from_data(base_attr_id, segment_data, + DBG2(DBG_TNC, "received first segment for base message ID %d " + "(%d bytes)", base_msg_id, segment_data.len); + seg_env = seg_env_create_from_data(base_msg_id, segment_data, this->max_seg_size, error); if (!seg_env) { @@ -247,11 +253,11 @@ METHOD(seg_contract_t, add_segment, pa_tnc_attr_t*, { if (!seg_env) { - DBG1(DBG_TNC, "base attribute ID %d not found", base_attr_id); + DBG1(DBG_TNC, "base message ID %d not found", base_msg_id); return NULL; } - DBG2(DBG_TNC, "received %s segment for base attribute ID %d " - "(%d bytes)", (*more) ? "next" : "last", base_attr_id, + DBG2(DBG_TNC, "received %s segment for base message ID %d " + "(%d bytes)", (*more) ? "next" : "last", base_msg_id, segment_data.len); if (!seg_env->add_segment(seg_env, segment_data, error)) { @@ -405,8 +411,15 @@ METHOD(seg_contract_t, get_info_string, void, if (!this->is_null) { - written = snprintf(pos, len, "\n maximum attribute size of %u bytes " - "with ", this->max_attr_size); + if (this->max_msg_size == SEG_CONTRACT_NO_MSG_SIZE_LIMIT) + { + written = snprintf(pos, len, "\n no message size limit, "); + } + else + { + written = snprintf(pos, len, "\n maximum message size of %u bytes, " + "with ", this->max_msg_size); + } if (written < 0 || written > len) { return; @@ -414,14 +427,14 @@ METHOD(seg_contract_t, get_info_string, void, pos += written; len -= written; - if (this->max_seg_size == SEG_CONTRACT_MAX_SIZE_VALUE) + if (this->max_seg_size == SEG_CONTRACT_NO_SEGMENTATION) { written = snprintf(pos, len, "no segmentation"); } else { written = snprintf(pos, len, "maximum segment size of %u bytes", - this->max_seg_size); + this->max_seg_size); } } } @@ -437,7 +450,7 @@ METHOD(seg_contract_t, destroy, void, * See header */ seg_contract_t *seg_contract_create(pen_type_t msg_type, - uint32_t max_attr_size, + uint32_t max_msg_size, uint32_t max_seg_size, bool is_issuer, TNC_UInt32 issuer_id, bool is_imc) @@ -463,15 +476,15 @@ seg_contract_t *seg_contract_create(pen_type_t msg_type, .destroy = _destroy, }, .msg_type = msg_type, - .max_attr_size = max_attr_size, + .max_msg_size = max_msg_size, .max_seg_size = max_seg_size, .seg_envs = linked_list_create(), .is_issuer = is_issuer, .issuer_id = issuer_id, .responder_id = is_imc ? TNC_IMVID_ANY : TNC_IMCID_ANY, .is_imc = is_imc, - .is_null = max_attr_size == SEG_CONTRACT_MAX_SIZE_VALUE && - max_seg_size == SEG_CONTRACT_MAX_SIZE_VALUE, + .is_null = max_msg_size == SEG_CONTRACT_NO_MSG_SIZE_LIMIT && + max_seg_size == SEG_CONTRACT_NO_SEGMENTATION, ); return &this->public; diff --git a/src/libimcv/seg/seg_contract.h b/src/libimcv/seg/seg_contract.h index afbf309340..54f9cd4ecd 100644 --- a/src/libimcv/seg/seg_contract.h +++ b/src/libimcv/seg/seg_contract.h @@ -2,6 +2,8 @@ * Copyright (C) 2014-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -30,11 +32,11 @@ typedef struct seg_contract_t seg_contract_t; #include -#define SEG_CONTRACT_MAX_SIZE_VALUE 0xffffffff -#define SEG_CONTRACT_NO_FRAGMENTATION SEG_CONTRACT_MAX_SIZE_VALUE +#define SEG_CONTRACT_NO_MSG_SIZE_LIMIT 0xffffffff +#define SEG_CONTRACT_NO_SEGMENTATION 0xffffffff /** - * Interface for a PA-TNC attribute segmentation contract + * Interface for a PA-TNC message segmentation contract * */ struct seg_contract_t { @@ -47,21 +49,21 @@ struct seg_contract_t { pen_type_t (*get_msg_type)(seg_contract_t *this); /** - * Set maximum PA-TNC attribute and segment size in octets + * Set maximum PA-TNC message and segment size in octets * - * @param max_attr_size Maximum PA-TNC attribute size in octets - * @param max_seg_size Maximum PA-TNC attribute segment size in octets + * @param max_msg_size Maximum PA-TNC message size in octets + * @param max_seg_size Maximum PA-TNC message segment size in octets */ - void (*set_max_size)(seg_contract_t *this, uint32_t max_attr_size, + void (*set_max_size)(seg_contract_t *this, uint32_t max_msg_size, uint32_t max_seg_size); /** - * Get maximum PA-TNC attribute and segment size in octets + * Get maximum PA-TNC message and segment size in octets * - * @param max_attr_size Maximum PA-TNC attribute size in octets + * @param max_msg_size Maximum PA-TNC attribute size in octets * @param max_seg_size Maximum PA-TNC attribute segment size in octets */ - void (*get_max_size)(seg_contract_t *this, uint32_t *max_attr_size, + void (*get_max_size)(seg_contract_t *this, uint32_t *max_msg_size, uint32_t *max_seg_size); /** @@ -85,15 +87,15 @@ struct seg_contract_t { size_t max_attr_len); /** - * Generate next segment of a PA-TNC attribute according to the contract + * Generate next segment of a PA-TNC message according to the contract * - * @param base_attr_id Base Attribute ID + * @param base_msg_id Base Message ID * @return Next segment envelope attribute */ - pa_tnc_attr_t* (*next_segment)(seg_contract_t *this, uint32_t base_attr_id); + pa_tnc_attr_t* (*next_segment)(seg_contract_t *this, uint32_t base_msg_id); /** - * Add an attribute segments until the PA-TNC attribute is reconstructed + * Add segments until the PA-TNC attribute is reconstructed * * @param attr Segment envelope attribute * @param error Error attribute if an error occurred or NULL @@ -167,14 +169,14 @@ struct seg_contract_t { * Create a PA-TNC attribute segmentation contract * * @param msg_type PA-TNC message type - * @param max_attr_size Maximum PA-TNC attribute size in octets - * @param max_seg_size Maximum PA-TNC attribute segment size in octets + * @param max_msg_size Maximum PA-TNC message size in octets + * @param max_seg_size Maximum PA-TNC message segment size in octets * @param is_issuer TRUE if issuer of the contract * @param issuer_id IMC or IMV ID of issuer * @param is_imc TRUE if IMC, FALSE if IMV */ seg_contract_t* seg_contract_create(pen_type_t msg_type, - uint32_t max_attr_size, + uint32_t max_msg_size, uint32_t max_seg_size, bool is_issuer, TNC_UInt32 issuer_id, bool is_imc); diff --git a/src/libimcv/seg/seg_env.c b/src/libimcv/seg/seg_env.c index 8d0f76007e..ac5e6441ab 100644 --- a/src/libimcv/seg/seg_env.c +++ b/src/libimcv/seg/seg_env.c @@ -2,6 +2,8 @@ * Copyright (C) 2014-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -39,9 +41,9 @@ struct private_seg_env_t { seg_env_t public; /** - * Base Attribute ID + * Base Message ID */ - uint32_t base_attr_id; + uint32_t base_msg_id; /** * Base Attribute @@ -70,10 +72,10 @@ struct private_seg_env_t { }; -METHOD(seg_env_t, get_base_attr_id, uint32_t, +METHOD(seg_env_t, get_base_msg_id, uint32_t, private_seg_env_t *this) { - return this->base_attr_id; + return this->base_msg_id; } METHOD(seg_env_t, get_base_attr, pa_tnc_attr_t*, @@ -124,12 +126,12 @@ METHOD(seg_env_t, first_segment, pa_tnc_attr_t*, writer->destroy(writer); this->data = chunk_skip(this->data, segment_data.len); - DBG2(DBG_TNC, "creating first segment for base attribute ID %d (%d bytes)", - this->base_attr_id, seg_size); + DBG2(DBG_TNC, "creating first segment for base message ID %d (%d bytes)", + this->base_msg_id, seg_size); seg_env_flags = SEG_ENV_FLAG_START | SEG_ENV_FLAG_MORE; seg_env_attr = tcg_seg_attr_seg_env_create(value, seg_env_flags, - this->base_attr_id); + this->base_msg_id); chunk_free(&value); return seg_env_attr; @@ -159,13 +161,13 @@ METHOD(seg_env_t, next_segment, pa_tnc_attr_t*, { *last = is_last_segment; } - DBG2(DBG_TNC, "creating %s segment for base attribute ID %d (%d bytes)", - is_last_segment ? "last" : "next", this->base_attr_id, + DBG2(DBG_TNC, "creating %s segment for base message ID %d (%d bytes)", + is_last_segment ? "last" : "next", this->base_msg_id, segment_data.len); seg_env_flags = is_last_segment ? SEG_ENV_FLAG_NONE : SEG_ENV_FLAG_MORE; seg_env_attr = tcg_seg_attr_seg_env_create(segment_data, seg_env_flags, - this->base_attr_id); + this->base_msg_id); return seg_env_attr; } @@ -210,7 +212,7 @@ METHOD(seg_env_t, destroy, void, /** * See header */ -seg_env_t *seg_env_create(uint32_t base_attr_id, pa_tnc_attr_t *base_attr, +seg_env_t *seg_env_create(uint32_t base_msg_id, pa_tnc_attr_t *base_attr, uint32_t max_seg_size) { private_seg_env_t *this; @@ -232,7 +234,7 @@ seg_env_t *seg_env_create(uint32_t base_attr_id, pa_tnc_attr_t *base_attr, INIT(this, .public = { - .get_base_attr_id = _get_base_attr_id, + .get_base_msg_id = _get_base_msg_id, .get_base_attr = _get_base_attr, .get_base_attr_info = _get_base_attr_info, .first_segment = _first_segment, @@ -240,7 +242,7 @@ seg_env_t *seg_env_create(uint32_t base_attr_id, pa_tnc_attr_t *base_attr, .add_segment = _add_segment, .destroy = _destroy, }, - .base_attr_id = base_attr_id, + .base_msg_id = base_msg_id, .base_attr = base_attr, .max_seg_size = max_seg_size, .data = base_attr->get_value(base_attr), @@ -252,7 +254,7 @@ seg_env_t *seg_env_create(uint32_t base_attr_id, pa_tnc_attr_t *base_attr, /** * See header */ -seg_env_t *seg_env_create_from_data(uint32_t base_attr_id, chunk_t data, +seg_env_t *seg_env_create_from_data(uint32_t base_msg_id, chunk_t data, uint32_t max_seg_size, pa_tnc_attr_t** error) { private_seg_env_t *this; @@ -264,7 +266,7 @@ seg_env_t *seg_env_create_from_data(uint32_t base_attr_id, chunk_t data, INIT(this, .public = { - .get_base_attr_id = _get_base_attr_id, + .get_base_msg_id = _get_base_msg_id, .get_base_attr = _get_base_attr, .get_base_attr_info = _get_base_attr_info, .first_segment = _first_segment, @@ -272,13 +274,13 @@ seg_env_t *seg_env_create_from_data(uint32_t base_attr_id, chunk_t data, .add_segment = _add_segment, .destroy = _destroy, }, - .base_attr_id = base_attr_id, + .base_msg_id = base_msg_id, .max_seg_size = max_seg_size, ); /* create info field to be used by PA-TNC error messages */ memset(this->base_attr_info, 0xff, 4); - htoun32(this->base_attr_info + 4, base_attr_id); + htoun32(this->base_attr_info + 4, base_msg_id); msg_info = get_base_attr_info(this); /* extract from base attribute segment from data */ diff --git a/src/libimcv/seg/seg_env.h b/src/libimcv/seg/seg_env.h index 5f21236f0a..3423a22b68 100644 --- a/src/libimcv/seg/seg_env.h +++ b/src/libimcv/seg/seg_env.h @@ -2,6 +2,8 @@ * Copyright (C) 2014-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -43,11 +45,11 @@ enum seg_env_flags_t { struct seg_env_t { /** - * Get Base Attribute ID + * Get Base Message ID * - * @return Base Attribute ID + * @return Base Message ID */ - uint32_t (*get_base_attr_id)(seg_env_t *this); + uint32_t (*get_base_msg_id)(seg_env_t *this); /** * Get Base Attribute if it contains processed [incremental] data @@ -98,22 +100,22 @@ struct seg_env_t { /** * Create a PA-TNC attribute segment envelope object * - * @param base_attr_id Base Attribute ID - * @param base_attr Base Attribute to be segmented, owned by seg_env_t + * @param base_msg_id Base Message ID + * @param base_attr Base Message to be segmented, owned by seg_env_t * @param max_seg_size Maximum segment size */ -seg_env_t* seg_env_create(uint32_t base_attr_id, pa_tnc_attr_t *base_attr, +seg_env_t* seg_env_create(uint32_t base_msg_id, pa_tnc_attr_t *base_attr, uint32_t max_seg_size); /** * Create a PA-TNC attribute segment envelope object * - * @param base_attr_id Base Attribute ID + * @param base_msg_id Base Message ID * @param data First attribute segment * @param max_seg_size Maximum segment size * @param error Error attribute if a parsing error occurred */ -seg_env_t* seg_env_create_from_data(uint32_t base_attr_id, chunk_t data, +seg_env_t* seg_env_create_from_data(uint32_t base_msg_id, chunk_t data, uint32_t max_seg_size, pa_tnc_attr_t** error); diff --git a/src/libimcv/suites/test_imcv_seg.c b/src/libimcv/suites/test_imcv_seg.c index 2012a4c2b8..44887351a1 100644 --- a/src/libimcv/suites/test_imcv_seg.c +++ b/src/libimcv/suites/test_imcv_seg.c @@ -2,6 +2,8 @@ * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -55,7 +57,7 @@ START_TEST(test_imcv_seg_env) ita_attr_command_t *ita_attr; seg_env_t *seg_env, *seg_env1 = NULL; pen_type_t type; - uint32_t base_attr_id, max_seg_size, last_seg_size, seg_size, offset; + uint32_t base_msg_id, max_seg_size, last_seg_size, seg_size, offset; uint8_t flags; bool last, last_seg; chunk_t value, segment, seg; @@ -75,7 +77,7 @@ START_TEST(test_imcv_seg_env) } else { - ck_assert(seg_env->get_base_attr_id(seg_env) == id); + ck_assert(seg_env->get_base_msg_id(seg_env) == id); base_attr1 = seg_env->get_base_attr(seg_env); ck_assert(base_attr == base_attr1); base_attr1->destroy(base_attr1); @@ -116,7 +118,7 @@ START_TEST(test_imcv_seg_env) value = attr->get_value(attr); ck_assert(value.len == 4 + seg_size); ck_assert(segment.len == seg_size); - ck_assert(seg_env_attr->get_base_attr_id(seg_env_attr) == id); + ck_assert(seg_env_attr->get_base_msg_id(seg_env_attr) == id); /* create parse segment envelope attribute from data */ attr1 = tcg_seg_attr_seg_env_create_from_data(value.len, value); @@ -125,14 +127,14 @@ START_TEST(test_imcv_seg_env) seg_env_attr = (tcg_seg_attr_seg_env_t*)attr1; segment = seg_env_attr->get_segment(seg_env_attr, &flags); - base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr); - ck_assert(base_attr_id == id); + base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr); + ck_assert(base_msg_id == id); /* create and update seg_env object on the receiving side */ if (n == 0) { ck_assert(flags == (SEG_ENV_FLAG_MORE | SEG_ENV_FLAG_START)); - seg_env1 = seg_env_create_from_data(base_attr_id, segment, + seg_env1 = seg_env_create_from_data(base_msg_id, segment, max_seg_size, &error); } else @@ -202,7 +204,7 @@ START_TEST(test_imcv_seg_env_special) /* check some standard methods */ type = attr->get_type(attr); ck_assert(type.vendor_id == PEN_TCG); - ck_assert(type.type == TCG_SEG_ATTR_SEG_ENV); + ck_assert(type.type == TCG_SEG_ENVELOPE); ck_assert(attr->get_noskip_flag(attr) == FALSE); attr->set_noskip_flag(attr, TRUE); ck_assert(attr->get_noskip_flag(attr) == TRUE); @@ -222,7 +224,7 @@ START_TEST(test_imcv_seg_env_special) ck_assert(attr1->process(attr1, &offset) == SUCCESS); type = attr1->get_type(attr1); ck_assert(type.vendor_id == PEN_TCG); - ck_assert(type.type == TCG_SEG_ATTR_SEG_ENV); + ck_assert(type.type == TCG_SEG_ENVELOPE); attr1->destroy(attr1); /* cleanup */ @@ -295,17 +297,17 @@ START_TEST(test_imcv_seg_contract) ita_attr_command_t *ita_attr; pa_tnc_attr_t *attr, *base_attr_i, *base_attr_r, *error; pen_type_t type, msg_type = { PEN_ITA, PA_SUBTYPE_ITA_TEST }; - uint32_t max_seg_size, max_attr_size = 1000, issuer_id = 1; - uint32_t base_attr_id; + uint32_t max_seg_size, max_msg_size = 1000, issuer_id = 1; + uint32_t base_msg_id; bool more; libimcv_init(FALSE); max_seg_size = seg_env_tests[_i].max_seg_size; base_attr_r = ita_attr_command_create(command); base_attr_r->build(base_attr_r); - contract_i = seg_contract_create(msg_type, max_attr_size, max_seg_size, + contract_i = seg_contract_create(msg_type, max_msg_size, max_seg_size, TRUE, issuer_id, FALSE); - contract_r = seg_contract_create(msg_type, max_attr_size, max_seg_size, + contract_r = seg_contract_create(msg_type, max_msg_size, max_seg_size, FALSE, issuer_id, TRUE); attr = contract_r->first_segment(contract_r, base_attr_r->get_ref(base_attr_r), 0); @@ -318,19 +320,19 @@ START_TEST(test_imcv_seg_contract) { ck_assert(attr); seg_env_attr = (tcg_seg_attr_seg_env_t*)attr; - base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr); - ck_assert(base_attr_id == 1); + base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr); + ck_assert(base_msg_id == 1); base_attr_i = contract_i->add_segment(contract_i, attr, &error, &more); ck_assert(base_attr_i == NULL); attr->destroy(attr); ck_assert(more); while (more) { - attr = contract_r->next_segment(contract_r, base_attr_id); + attr = contract_r->next_segment(contract_r, base_msg_id); ck_assert(attr); seg_env_attr = (tcg_seg_attr_seg_env_t*)attr; - base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr); - ck_assert(base_attr_id == 1); + base_msg_id = seg_env_attr->get_base_msg_id(seg_env_attr); + ck_assert(base_msg_id == 1); base_attr_i = contract_i->add_segment(contract_i, attr, &error, &more); attr->destroy(attr); @@ -358,7 +360,7 @@ START_TEST(test_imcv_seg_contract_special) pa_tnc_attr_t *base_attr1_i, *base_attr2_i, *base_attr1_r, *base_attr2_r; pa_tnc_attr_t *attr1_f, *attr2_f, *attr1_n, *attr2_n, *attr3, *error; pen_type_t type, msg_type = { PEN_ITA, PA_SUBTYPE_ITA_TEST }; - uint32_t max_seg_size, max_attr_size, issuer_id = 1; + uint32_t max_seg_size, max_msg_size, issuer_id = 1; uint32_t base_attr1_id, base_attr2_id; char info[512]; bool oversize, more; @@ -379,34 +381,34 @@ START_TEST(test_imcv_seg_contract_special) ck_assert(!contract_i->is_null(contract_i)); /* set null contract */ - contract_i->set_max_size(contract_i, SEG_CONTRACT_MAX_SIZE_VALUE, - SEG_CONTRACT_MAX_SIZE_VALUE); + contract_i->set_max_size(contract_i, SEG_CONTRACT_NO_MSG_SIZE_LIMIT, + SEG_CONTRACT_NO_SEGMENTATION); ck_assert(contract_i->is_null(contract_i)); - /* set and get maximum attribute and segment sizes */ + /* set and get maximum message and segment sizes */ contract_i->set_max_size(contract_i, 1000, 47); contract_i->get_max_size(contract_i, NULL, NULL); - contract_i->get_max_size(contract_i, &max_attr_size, &max_seg_size); + contract_i->get_max_size(contract_i, &max_msg_size, &max_seg_size); contract_i->get_info_string(contract_i, info, sizeof(info), TRUE); - ck_assert(max_attr_size == 1000 && max_seg_size == 47); + ck_assert(max_msg_size == 1000 && max_seg_size == 47); ck_assert(!contract_i->is_null(contract_i)); /* create a null responder contract*/ - contract_r = seg_contract_create(msg_type, SEG_CONTRACT_MAX_SIZE_VALUE, - SEG_CONTRACT_MAX_SIZE_VALUE, + contract_r = seg_contract_create(msg_type, SEG_CONTRACT_NO_MSG_SIZE_LIMIT, + SEG_CONTRACT_NO_SEGMENTATION, FALSE, issuer_id, TRUE); ck_assert(!contract_r->is_issuer(contract_r)); ck_assert(!contract_r->check_size(contract_r, base_attr2_r, &oversize)); ck_assert(!oversize); - /* allow no fragmentation */ - contract_r->set_max_size(contract_r, 1000, SEG_CONTRACT_MAX_SIZE_VALUE); + /* allow no segmentation */ + contract_r->set_max_size(contract_r, 1000, SEG_CONTRACT_NO_SEGMENTATION); ck_assert(!contract_r->is_null(contract_r)); ck_assert(!contract_r->check_size(contract_r, base_attr2_r, &oversize)); ck_assert(!oversize); - /* no maximum size limit and no fragmentation needed */ - contract_r->set_max_size(contract_r, SEG_CONTRACT_MAX_SIZE_VALUE, 141); + /* no maximum size limit and no segmentation needed */ + contract_r->set_max_size(contract_r, SEG_CONTRACT_NO_MSG_SIZE_LIMIT, 141); ck_assert(!contract_r->is_null(contract_r)); ck_assert(!contract_r->check_size(contract_r, base_attr2_r, &oversize)); ck_assert(!oversize); @@ -430,8 +432,8 @@ START_TEST(test_imcv_seg_contract_special) ck_assert(attr2_f); seg_env_attr1 = (tcg_seg_attr_seg_env_t*)attr1_f; seg_env_attr2 = (tcg_seg_attr_seg_env_t*)attr2_f; - base_attr1_id = seg_env_attr1->get_base_attr_id(seg_env_attr1); - base_attr2_id = seg_env_attr2->get_base_attr_id(seg_env_attr2); + base_attr1_id = seg_env_attr1->get_base_msg_id(seg_env_attr1); + base_attr2_id = seg_env_attr2->get_base_msg_id(seg_env_attr2); ck_assert(base_attr1_id == 1); ck_assert(base_attr2_id == 2); @@ -575,7 +577,7 @@ static struct { START_TEST(test_imcv_seg_contract_invalid) { - uint32_t max_seg_size = 12, max_attr_size = 100, issuer_id = 1; + uint32_t max_seg_size = 12, max_msg_size = 100, issuer_id = 1; pen_type_t msg_type = { PEN_ITA, PA_SUBTYPE_ITA_TEST }; pa_tnc_attr_t *attr_f, *attr_n, *base_attr, *error; chunk_t value_f, value_n; @@ -591,7 +593,7 @@ START_TEST(test_imcv_seg_contract_invalid) ck_assert(attr_f->process(attr_f, &offset) == SUCCESS); ck_assert(attr_n->process(attr_n, &offset) == SUCCESS); - contract = seg_contract_create(msg_type, max_attr_size, max_seg_size, + contract = seg_contract_create(msg_type, max_msg_size, max_seg_size, TRUE, issuer_id, FALSE); base_attr = contract->add_segment(contract, attr_f, &error, &more); ck_assert(base_attr == NULL); @@ -633,7 +635,7 @@ END_TEST START_TEST(test_imcv_seg_contract_mgr) { char buf[BUF_LEN]; - uint32_t max_seg_size = 12, max_attr_size = 100; + uint32_t max_seg_size = 12, max_msg_size = 100; pen_type_t msg_type1 = { PEN_ITA, PA_SUBTYPE_ITA_TEST }; pen_type_t msg_type2 = { PEN_IETF, PA_SUBTYPE_IETF_OPERATING_SYSTEM }; seg_contract_manager_t *contracts; @@ -642,7 +644,7 @@ START_TEST(test_imcv_seg_contract_mgr) contracts = seg_contract_manager_create(); /* add contract template as issuer */ - c1 = seg_contract_create(msg_type1, max_attr_size, max_seg_size, + c1 = seg_contract_create(msg_type1, max_msg_size, max_seg_size, TRUE, 1, FALSE); c1->get_info_string(c1, buf, BUF_LEN, TRUE); @@ -653,7 +655,7 @@ START_TEST(test_imcv_seg_contract_mgr) ck_assert(cx == NULL); /* add directed contract as responder */ - c2 = seg_contract_create(msg_type1, max_attr_size, max_seg_size, + c2 = seg_contract_create(msg_type1, max_msg_size, max_seg_size, FALSE, 2, FALSE); c2->set_responder(c2, 1); c2->get_info_string(c2, buf, BUF_LEN, TRUE); @@ -686,7 +688,7 @@ START_TEST(test_imcv_seg_contract_mgr) ck_assert(cx == NULL); /* add directed contract as responder */ - c4 = seg_contract_create(msg_type2, max_attr_size, max_seg_size, + c4 = seg_contract_create(msg_type2, max_msg_size, max_seg_size, FALSE, 2, FALSE); c4->set_responder(c4, 1); contracts->add_contract(contracts, c4); diff --git a/src/libimcv/swima/swima_events.h b/src/libimcv/swima/swima_events.h index 66bbedf7e5..0c0fd55f11 100644 --- a/src/libimcv/swima/swima_events.h +++ b/src/libimcv/swima/swima_events.h @@ -2,6 +2,8 @@ * Copyright (C) 2017 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -21,8 +23,6 @@ #ifndef SWIMA_EVENTS_H_ #define SWIMA_EVENTS_H_ -#define SWIMA_MAX_ATTR_SIZE 10000000 - #include "swima_event.h" #include diff --git a/src/libimcv/swima/swima_inventory.h b/src/libimcv/swima/swima_inventory.h index 21953bbd2b..607e63aaa7 100644 --- a/src/libimcv/swima/swima_inventory.h +++ b/src/libimcv/swima/swima_inventory.h @@ -2,6 +2,8 @@ * Copyright (C) 2017 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -21,8 +23,6 @@ #ifndef SWIMA_INVENTORY_H_ #define SWIMA_INVENTORY_H_ -#define SWIMA_MAX_ATTR_SIZE 10000000 - #include "swima_record.h" #include diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c index 985e57be8f..08ad5b9ff2 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c +++ b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.c @@ -2,6 +2,8 @@ * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -29,12 +31,12 @@ typedef enum { /** * Next Segment - * see TCG IF-M Segmentation Specification + * see TCG IF-M Segmentation Specification Version 1.0 Rev. 5, 4 April 2016 * * 1 2 3 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * |C| Reserved | Base Attribute ID | + * |C| Reserved | Base Message ID | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ @@ -74,9 +76,9 @@ struct private_tcg_seg_attr_next_seg_t { bool cancel_flag; /** - * Base Attribute ID + * Base Message ID */ - uint32_t base_attr_id; + uint32_t base_msg_id; /** * Reference count @@ -120,7 +122,7 @@ METHOD(pa_tnc_attr_t, build, void, writer = bio_writer_create(TCG_SEG_ATTR_NEXT_SEG_SIZE); writer->write_uint8 (writer, this->cancel_flag ? NEXT_SEG_FLAG_CANCEL : NEXT_SEG_FLAG_NONE); - writer->write_uint24(writer, this->base_attr_id); + writer->write_uint24(writer, this->base_msg_id); this->value = writer->extract_buf(writer); this->length = this->value.len; @@ -149,7 +151,7 @@ METHOD(pa_tnc_attr_t, process, status_t, } reader = bio_reader_create(this->value); reader->read_uint8 (reader, &flags); - reader->read_uint24(reader, &this->base_attr_id); + reader->read_uint24(reader, &this->base_msg_id); reader->destroy(reader); this->cancel_flag = (flags & NEXT_SEG_FLAG_CANCEL); @@ -180,10 +182,10 @@ METHOD(pa_tnc_attr_t, destroy, void, } } -METHOD(tcg_seg_attr_next_seg_t, get_base_attr_id, uint32_t, +METHOD(tcg_seg_attr_next_seg_t, get_base_msg_id, uint32_t, private_tcg_seg_attr_next_seg_t *this) { - return this->base_attr_id; + return this->base_msg_id; } METHOD(tcg_seg_attr_next_seg_t, get_cancel_flag, bool, @@ -195,7 +197,7 @@ METHOD(tcg_seg_attr_next_seg_t, get_cancel_flag, bool, /** * Described in header. */ -pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_attr_id, bool cancel) +pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_msg_id, bool cancel) { private_tcg_seg_attr_next_seg_t *this; @@ -212,11 +214,11 @@ pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_attr_id, bool cancel) .get_ref = _get_ref, .destroy = _destroy, }, - .get_base_attr_id = _get_base_attr_id, + .get_base_msg_id = _get_base_msg_id, .get_cancel_flag = _get_cancel_flag, }, - .type = { PEN_TCG, TCG_SEG_NEXT_SEG_REQ }, - .base_attr_id = base_attr_id, + .type = { PEN_TCG, TCG_SEG_NEXT_SEGMENT }, + .base_msg_id = base_msg_id, .cancel_flag = cancel, .ref = 1, ); @@ -245,10 +247,10 @@ pa_tnc_attr_t *tcg_seg_attr_next_seg_create_from_data(size_t length, .get_ref = _get_ref, .destroy = _destroy, }, - .get_base_attr_id = _get_base_attr_id, + .get_base_msg_id = _get_base_msg_id, .get_cancel_flag = _get_cancel_flag, }, - .type = { PEN_TCG, TCG_SEG_NEXT_SEG_REQ }, + .type = { PEN_TCG, TCG_SEG_NEXT_SEGMENT }, .length = length, .value = chunk_clone(data), .ref = 1, diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.h b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.h index 49a4d36667..5eac351df7 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.h +++ b/src/libimcv/tcg/seg/tcg_seg_attr_next_seg.h @@ -2,6 +2,8 @@ * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -38,11 +40,11 @@ struct tcg_seg_attr_next_seg_t { pa_tnc_attr_t pa_tnc_attribute; /** - * Get Base Attribute ID + * Get Base Message ID * - * @return Base Attribute ID + * @return Base Message ID */ - uint32_t (*get_base_attr_id)(tcg_seg_attr_next_seg_t *this); + uint32_t (*get_base_msg_id)(tcg_seg_attr_next_seg_t *this); /** * Get the Cancel flag @@ -56,10 +58,10 @@ struct tcg_seg_attr_next_seg_t { /** * Creates an tcg_seg_attr_next_seg_t object * - * @param base_attr_id Base Attribute ID + * @param base_msg_id Base Message ID * @param cancel If TRUE set Cancel flag */ -pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_attr_id, bool cancel); +pa_tnc_attr_t* tcg_seg_attr_next_seg_create(uint32_t base_msg_id, bool cancel); /** * Creates an tcg_seg_attr_next_seg_t object from received data diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c b/src/libimcv/tcg/seg/tcg_seg_attr_seg_contract.c similarity index 64% rename from src/libimcv/tcg/seg/tcg_seg_attr_max_size.c rename to src/libimcv/tcg/seg/tcg_seg_attr_seg_contract.c index e56a96f94b..1f7dae235b 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.c +++ b/src/libimcv/tcg/seg/tcg_seg_attr_seg_contract.c @@ -2,6 +2,8 @@ * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -13,37 +15,37 @@ * for more details. */ -#include "tcg_seg_attr_max_size.h" +#include "tcg_seg_attr_seg_contract.h" #include #include #include #include -typedef struct private_tcg_seg_attr_max_size_t private_tcg_seg_attr_max_size_t; +typedef struct private_tcg_seg_attr_seg_contract_t private_tcg_seg_attr_seg_contract_t; /** - * Maximum Attribute Size Request/Response - * see TCG IF-M Segmentation Specification + * Segmentation Contract Request/Response + * see TCG IF-M Segmentation Specification Version 1.0 Rev. 5, 4 April 2016 * * 1 2 3 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | Max Attribute Size | + * | Max Message Size | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * | Max Segment Size | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ /** - * Private data of an tcg_seg_attr_max_size_t object. + * Private data of an tcg_seg_attr_seg_contract_t object. */ -struct private_tcg_seg_attr_max_size_t { +struct private_tcg_seg_attr_seg_contract_t { /** - * Public members of tcg_seg_attr_max_size_t + * Public members of tcg_seg_attr_seg_contract_t */ - tcg_seg_attr_max_size_t public; + tcg_seg_attr_seg_contract_t public; /** * Vendor-specific attribute type @@ -66,9 +68,9 @@ struct private_tcg_seg_attr_max_size_t { bool noskip_flag; /** - * Maximum IF-M attribute size in octets + * Maximum IF-M message size in octets */ - uint32_t max_attr_size; + uint32_t max_msg_size; /** * Maximum IF-M attribute segment size in octets @@ -82,31 +84,31 @@ struct private_tcg_seg_attr_max_size_t { }; METHOD(pa_tnc_attr_t, get_type, pen_type_t, - private_tcg_seg_attr_max_size_t *this) + private_tcg_seg_attr_seg_contract_t *this) { return this->type; } METHOD(pa_tnc_attr_t, get_value, chunk_t, - private_tcg_seg_attr_max_size_t *this) + private_tcg_seg_attr_seg_contract_t *this) { return this->value; } METHOD(pa_tnc_attr_t, get_noskip_flag, bool, - private_tcg_seg_attr_max_size_t *this) + private_tcg_seg_attr_seg_contract_t *this) { return this->noskip_flag; } METHOD(pa_tnc_attr_t, set_noskip_flag,void, - private_tcg_seg_attr_max_size_t *this, bool noskip) + private_tcg_seg_attr_seg_contract_t *this, bool noskip) { this->noskip_flag = noskip; } METHOD(pa_tnc_attr_t, build, void, - private_tcg_seg_attr_max_size_t *this) + private_tcg_seg_attr_seg_contract_t *this) { bio_writer_t *writer; @@ -114,8 +116,8 @@ METHOD(pa_tnc_attr_t, build, void, { return; } - writer = bio_writer_create(TCG_SEG_ATTR_MAX_SIZE_SIZE); - writer->write_uint32(writer, this->max_attr_size); + writer = bio_writer_create(TCG_SEG_ATTR_SEG_CONTRACT_SIZE); + writer->write_uint32(writer, this->max_msg_size); writer->write_uint32(writer, this->max_seg_size); this->value = writer->extract_buf(writer); @@ -124,7 +126,7 @@ METHOD(pa_tnc_attr_t, build, void, } METHOD(pa_tnc_attr_t, process, status_t, - private_tcg_seg_attr_max_size_t *this, uint32_t *offset) + private_tcg_seg_attr_seg_contract_t *this, uint32_t *offset) { bio_reader_t *reader; @@ -134,14 +136,14 @@ METHOD(pa_tnc_attr_t, process, status_t, { return NEED_MORE; } - if (this->value.len < TCG_SEG_ATTR_MAX_SIZE_SIZE) + if (this->value.len < TCG_SEG_ATTR_SEG_CONTRACT_SIZE) { DBG1(DBG_TNC, "insufficient data for %N", tcg_attr_names, this->type.type); return FAILED; } reader = bio_reader_create(this->value); - reader->read_uint32(reader, &this->max_attr_size); + reader->read_uint32(reader, &this->max_msg_size); reader->read_uint32(reader, &this->max_seg_size); reader->destroy(reader); @@ -149,20 +151,20 @@ METHOD(pa_tnc_attr_t, process, status_t, } METHOD(pa_tnc_attr_t, add_segment, void, - private_tcg_seg_attr_max_size_t *this, chunk_t segment) + private_tcg_seg_attr_seg_contract_t *this, chunk_t segment) { this->value = chunk_cat("mc", this->value, segment); } METHOD(pa_tnc_attr_t, get_ref, pa_tnc_attr_t*, - private_tcg_seg_attr_max_size_t *this) + private_tcg_seg_attr_seg_contract_t *this) { ref_get(&this->ref); return &this->public.pa_tnc_attribute; } METHOD(pa_tnc_attr_t, destroy, void, - private_tcg_seg_attr_max_size_t *this) + private_tcg_seg_attr_seg_contract_t *this) { if (ref_put(&this->ref)) { @@ -171,13 +173,13 @@ METHOD(pa_tnc_attr_t, destroy, void, } } -METHOD(tcg_seg_attr_max_size_t, get_attr_size, void, - private_tcg_seg_attr_max_size_t *this, uint32_t *max_attr_size, - uint32_t *max_seg_size) +METHOD(tcg_seg_attr_seg_contract_t, get_max_size, void, + private_tcg_seg_attr_seg_contract_t *this, uint32_t *max_msg_size, + uint32_t *max_seg_size) { - if (max_attr_size) + if (max_msg_size) { - *max_attr_size = this->max_attr_size; + *max_msg_size = this->max_msg_size; } if (max_seg_size) { @@ -188,11 +190,11 @@ METHOD(tcg_seg_attr_max_size_t, get_attr_size, void, /** * Described in header. */ -pa_tnc_attr_t* tcg_seg_attr_max_size_create(uint32_t max_attr_size, - uint32_t max_seg_size, - bool request) +pa_tnc_attr_t* tcg_seg_attr_seg_contract_create(uint32_t max_msg_size, + uint32_t max_seg_size, + bool request) { - private_tcg_seg_attr_max_size_t *this; + private_tcg_seg_attr_seg_contract_t *this; INIT(this, .public = { @@ -207,11 +209,11 @@ pa_tnc_attr_t* tcg_seg_attr_max_size_create(uint32_t max_attr_size, .get_ref = _get_ref, .destroy = _destroy, }, - .get_attr_size = _get_attr_size, + .get_max_size = _get_max_size, }, - .type = { PEN_TCG, request ? TCG_SEG_MAX_ATTR_SIZE_REQ : - TCG_SEG_MAX_ATTR_SIZE_RESP }, - .max_attr_size = max_attr_size, + .type = { PEN_TCG, request ? TCG_SEG_CONTRACT_REQ : + TCG_SEG_CONTRACT_RESP }, + .max_msg_size = max_msg_size, .max_seg_size = max_seg_size, .ref = 1, ); @@ -222,11 +224,11 @@ pa_tnc_attr_t* tcg_seg_attr_max_size_create(uint32_t max_attr_size, /** * Described in header. */ -pa_tnc_attr_t *tcg_seg_attr_max_size_create_from_data(size_t length, - chunk_t data, - bool request) +pa_tnc_attr_t *tcg_seg_attr_seg_contract_create_from_data(size_t length, + chunk_t data, + bool request) { - private_tcg_seg_attr_max_size_t *this; + private_tcg_seg_attr_seg_contract_t *this; INIT(this, .public = { @@ -241,10 +243,10 @@ pa_tnc_attr_t *tcg_seg_attr_max_size_create_from_data(size_t length, .get_ref = _get_ref, .destroy = _destroy, }, - .get_attr_size = _get_attr_size, + .get_max_size = _get_max_size, }, - .type = { PEN_TCG, request ? TCG_SEG_MAX_ATTR_SIZE_REQ : - TCG_SEG_MAX_ATTR_SIZE_RESP }, + .type = { PEN_TCG, request ? TCG_SEG_CONTRACT_REQ : + TCG_SEG_CONTRACT_RESP }, .length = length, .value = chunk_clone(data), .ref = 1, diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.h b/src/libimcv/tcg/seg/tcg_seg_attr_seg_contract.h similarity index 61% rename from src/libimcv/tcg/seg/tcg_seg_attr_max_size.h rename to src/libimcv/tcg/seg/tcg_seg_attr_seg_contract.h index 72660acd56..424b1f3ab9 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_max_size.h +++ b/src/libimcv/tcg/seg/tcg_seg_attr_seg_contract.h @@ -2,7 +2,9 @@ * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * - * This program is free software; you can redistribute it and/or modify it + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * + This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your * option) any later version. See . @@ -14,23 +16,23 @@ */ /** - * @defgroup tcg_seg_attr_max_size tcg_seg_attr_max_size + * @defgroup tcg_seg_attr_seg_contract tcg_seg_attr_seg_contract * @{ @ingroup tcg_attr */ #ifndef TCG_SEG_ATTR_MAX_SIZE_H_ #define TCG_SEG_ATTR_MAX_SIZE_H_ -typedef struct tcg_seg_attr_max_size_t tcg_seg_attr_max_size_t; +typedef struct tcg_seg_attr_seg_contract_t tcg_seg_attr_seg_contract_t; #include "tcg/tcg_attr.h" -#define TCG_SEG_ATTR_MAX_SIZE_SIZE 8 +#define TCG_SEG_ATTR_SEG_CONTRACT_SIZE 8 /** * Class implementing the TCG Segmentation Maximum Attribute Size Attribute */ -struct tcg_seg_attr_max_size_t { +struct tcg_seg_attr_seg_contract_t { /** * Public PA-TNC attribute interface @@ -38,36 +40,36 @@ struct tcg_seg_attr_max_size_t { pa_tnc_attr_t pa_tnc_attribute; /** - * Get maximum IF-M attribute and segment size in octets + * Get maximum IF-M message and segment size in octets * * @param max_attr_size Maximum IF-M attribute size in octets * @param max_seg_size Maximum IF-M attribute segment size in octets */ - void (*get_attr_size)(tcg_seg_attr_max_size_t *this, - uint32_t *max_attr_size, uint32_t *max_seg_size); + void (*get_max_size)(tcg_seg_attr_seg_contract_t *this, + uint32_t *max_attr_size, uint32_t *max_seg_size); }; /** - * Creates an tcg_seg_attr_max_size_t object + * Creates an tcg_seg_attr_seg_contract_t object * * @param max_attr_size Maximum IF-M attribute size in octets * @param max_seg_size Maximum IF-M attribute segment size in octets * @param request TRUE for a request, FALSE for a response */ -pa_tnc_attr_t* tcg_seg_attr_max_size_create(uint32_t max_attr_size, - uint32_t max_seg_size, - bool request); +pa_tnc_attr_t* tcg_seg_attr_seg_contract_create(uint32_t max_attr_size, + uint32_t max_seg_size, + bool request); /** - * Creates an tcg_seg_attr_max_size_t object from received data + * Creates an tcg_seg_attr_seg_contract_t object from received data * * @param length Total length of attribute value * @param value Unparsed attribute value (might be a segment) * @param request TRUE for a request, FALSE for a response */ -pa_tnc_attr_t* tcg_seg_attr_max_size_create_from_data(size_t length, - chunk_t value, - bool request); +pa_tnc_attr_t* tcg_seg_attr_seg_contract_create_from_data(size_t length, + chunk_t value, + bool request); #endif /** TCG_SEG_ATTR_MAX_SIZE_H_ @}*/ diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c index 46acf2adf0..50d10993ee 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c +++ b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.c @@ -2,6 +2,8 @@ * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -23,13 +25,13 @@ typedef struct private_tcg_seg_attr_seg_env_t private_tcg_seg_attr_seg_env_t; /** - * Attribute Segment Envelope - * see TCG IF-M Segmentation Specification + * Segment Envelope + * see TCG IF-M Segmentation Specification Version 1.0 Rev. 5, 4 April 2016 * * 1 2 3 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * |M|S| Reserved | Base Attribute ID | + * |M|S| Reserved | Base Message ID | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * | Segment Value (Variable Length) | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ @@ -71,9 +73,9 @@ struct private_tcg_seg_attr_seg_env_t { uint8_t flags; /** - * Base Attribute ID + * Base Message ID */ - uint32_t base_attr_id; + uint32_t base_msg_id; /** * Attribute value @@ -139,7 +141,7 @@ METHOD(pa_tnc_attr_t, process, status_t, } reader = bio_reader_create(this->value); reader->read_uint8 (reader, &this->flags); - reader->read_uint24(reader, &this->base_attr_id); + reader->read_uint24(reader, &this->base_msg_id); reader->destroy(reader); return SUCCESS; @@ -178,17 +180,17 @@ METHOD(tcg_seg_attr_seg_env_t, get_segment, chunk_t, return chunk_skip(this->value, TCG_SEG_ATTR_SEG_ENV_HEADER); } -METHOD(tcg_seg_attr_seg_env_t, get_base_attr_id, uint32_t, +METHOD(tcg_seg_attr_seg_env_t, get_base_msg_id, uint32_t, private_tcg_seg_attr_seg_env_t *this) { - return this->base_attr_id; + return this->base_msg_id; } /** * Described in header. */ pa_tnc_attr_t* tcg_seg_attr_seg_env_create(chunk_t segment, uint8_t flags, - uint32_t base_attr_id) + uint32_t base_msg_id) { private_tcg_seg_attr_seg_env_t *this; @@ -205,17 +207,17 @@ pa_tnc_attr_t* tcg_seg_attr_seg_env_create(chunk_t segment, uint8_t flags, .get_ref = _get_ref, .destroy = _destroy, }, - .get_base_attr_id = _get_base_attr_id, + .get_base_msg_id = _get_base_msg_id, .get_segment = _get_segment, }, - .type = { PEN_TCG, TCG_SEG_ATTR_SEG_ENV }, + .type = { PEN_TCG, TCG_SEG_ENVELOPE }, .flags = flags, - .base_attr_id = base_attr_id, + .base_msg_id = base_msg_id, .value = chunk_alloc(TCG_SEG_ATTR_SEG_ENV_HEADER + segment.len), .ref = 1, ); - htoun32(this->value.ptr, base_attr_id); + htoun32(this->value.ptr, base_msg_id); *this->value.ptr = flags; memcpy(this->value.ptr + TCG_SEG_ATTR_SEG_ENV_HEADER, segment.ptr, segment.len); @@ -226,8 +228,7 @@ pa_tnc_attr_t* tcg_seg_attr_seg_env_create(chunk_t segment, uint8_t flags, /** * Described in header. */ -pa_tnc_attr_t *tcg_seg_attr_seg_env_create_from_data(size_t length, - chunk_t data) +pa_tnc_attr_t *tcg_seg_attr_seg_env_create_from_data(size_t length, chunk_t data) { private_tcg_seg_attr_seg_env_t *this; @@ -244,10 +245,10 @@ pa_tnc_attr_t *tcg_seg_attr_seg_env_create_from_data(size_t length, .get_ref = _get_ref, .destroy = _destroy, }, - .get_base_attr_id = _get_base_attr_id, + .get_base_msg_id = _get_base_msg_id, .get_segment = _get_segment, }, - .type = { PEN_TCG, TCG_SEG_ATTR_SEG_ENV }, + .type = { PEN_TCG, TCG_SEG_ENVELOPE }, .length = length, .value = chunk_clone(data), .ref = 1, diff --git a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.h b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.h index a8b3d7c34b..de75ecc28e 100644 --- a/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.h +++ b/src/libimcv/tcg/seg/tcg_seg_attr_seg_env.h @@ -2,6 +2,8 @@ * Copyright (C) 2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -28,7 +30,7 @@ typedef struct tcg_seg_attr_seg_env_t tcg_seg_attr_seg_env_t; #define TCG_SEG_ATTR_SEG_ENV_HEADER 4 /** - * Class implementing the TCG Segmentation Envelope Attribute + * Class implementing the TCG Segment Envelope Attribute */ struct tcg_seg_attr_seg_env_t { @@ -46,23 +48,23 @@ struct tcg_seg_attr_seg_env_t { chunk_t (*get_segment)(tcg_seg_attr_seg_env_t *this, uint8_t *flags); /** - * Get Base Attribute ID + * Get Base Message ID * - * @return Base Attribute ID + * @return Base Message ID */ - uint32_t (*get_base_attr_id)(tcg_seg_attr_seg_env_t *this); + uint32_t (*get_base_msg_id)(tcg_seg_attr_seg_env_t *this); }; /** * Creates an tcg_seg_attr_seg_env_t object * - * @param segment Attribute segment + * @param segment Segment * @param flags Segmentation flags - * @param base_attr_id Base Attribute ID + * @param base_msg_id Base Message ID */ pa_tnc_attr_t* tcg_seg_attr_seg_env_create(chunk_t segment, uint8_t flags, - uint32_t base_attr_id); + uint32_t base_msg_id); /** * Creates an tcg_seg_attr_seg_env_t object from received data @@ -71,6 +73,6 @@ pa_tnc_attr_t* tcg_seg_attr_seg_env_create(chunk_t segment, uint8_t flags, * @param value Unparsed attribute value (might be a segment) */ pa_tnc_attr_t* tcg_seg_attr_seg_env_create_from_data(size_t length, - chunk_t value); + chunk_t value); #endif /** TCG_SEG_ATTR_SEG_ENV_H_ @}*/ diff --git a/src/libimcv/tcg/tcg_attr.c b/src/libimcv/tcg/tcg_attr.c index f6b1df7ece..201873b542 100644 --- a/src/libimcv/tcg/tcg_attr.c +++ b/src/libimcv/tcg/tcg_attr.c @@ -2,6 +2,8 @@ * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -31,7 +33,7 @@ #include "tcg/pts/tcg_pts_attr_file_meas.h" #include "tcg/pts/tcg_pts_attr_req_file_meta.h" #include "tcg/pts/tcg_pts_attr_unix_file_meta.h" -#include "tcg/seg/tcg_seg_attr_max_size.h" +#include "tcg/seg/tcg_seg_attr_seg_contract.h" #include "tcg/seg/tcg_seg_attr_seg_env.h" #include "tcg/seg/tcg_seg_attr_next_seg.h" @@ -53,17 +55,19 @@ ENUM_NEXT(tcg_attr_names, TCG_SWID_REQUEST, "SWID Tag Events", "SWID Subscription Status Request", "SWID Subscription Status Response"); -ENUM_NEXT(tcg_attr_names, TCG_SEG_MAX_ATTR_SIZE_REQ, - TCG_SEG_CANCEL_SEG_EXCH, +ENUM_NEXT(tcg_attr_names, TCG_SEG_CONTRACT_REQ, + TCG_SEG_CONTRACT_EXEMPTION, TCG_SWID_SUBSCRIPTION_STATUS_RESP, - "Max Attribute Size Request", - "Max Attribute Size Response", - "Attribute Segment Envelope", - "Next Segment Request", - "Cancel Segment Exchange"); + "Segmentation Contract Request", + "Segmentation Contract Response", + "Segment Envelope", + "Next Segment", + "Cancel", + "Oversized Message", + "Contract Exemption"); ENUM_NEXT(tcg_attr_names, TCG_PTS_REQ_FUNC_COMP_EVID, TCG_PTS_REQ_FUNC_COMP_EVID, - TCG_SEG_CANCEL_SEG_EXCH, + TCG_SEG_CONTRACT_EXEMPTION, "Request Functional Component Evidence"); ENUM_NEXT(tcg_attr_names, TCG_PTS_GEN_ATTEST_EVID, TCG_PTS_GEN_ATTEST_EVID, @@ -186,13 +190,13 @@ pa_tnc_attr_t* tcg_attr_create_from_data(uint32_t type, size_t length, chunk_t v { switch (type) { - case TCG_SEG_MAX_ATTR_SIZE_REQ: - return tcg_seg_attr_max_size_create_from_data(length, value, TRUE); - case TCG_SEG_MAX_ATTR_SIZE_RESP: - return tcg_seg_attr_max_size_create_from_data(length, value, FALSE); - case TCG_SEG_ATTR_SEG_ENV: + case TCG_SEG_CONTRACT_REQ: + return tcg_seg_attr_seg_contract_create_from_data(length, value, TRUE); + case TCG_SEG_CONTRACT_RESP: + return tcg_seg_attr_seg_contract_create_from_data(length, value, FALSE); + case TCG_SEG_ENVELOPE: return tcg_seg_attr_seg_env_create_from_data(length, value); - case TCG_SEG_NEXT_SEG_REQ: + case TCG_SEG_NEXT_SEGMENT: return tcg_seg_attr_next_seg_create_from_data(length, value); case TCG_PTS_REQ_PROTO_CAPS: return tcg_pts_attr_proto_caps_create_from_data(length, value, diff --git a/src/libimcv/tcg/tcg_attr.h b/src/libimcv/tcg/tcg_attr.h index d915c785c2..055b1d8a5d 100644 --- a/src/libimcv/tcg/tcg_attr.h +++ b/src/libimcv/tcg/tcg_attr.h @@ -2,6 +2,8 @@ * Copyright (C) 2011-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * + * Copyright (C) 2022 Andreas Steffen, strongSec GmbH + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -48,12 +50,14 @@ enum tcg_attr_t { TCG_SWID_SUBSCRIPTION_STATUS_REQ = 0x00000016, TCG_SWID_SUBSCRIPTION_STATUS_RESP = 0x00000017, - /* IF-M Attribute Segmentation */ - TCG_SEG_MAX_ATTR_SIZE_REQ = 0x00000021, - TCG_SEG_MAX_ATTR_SIZE_RESP = 0x00000022, - TCG_SEG_ATTR_SEG_ENV = 0x00000023, - TCG_SEG_NEXT_SEG_REQ = 0x00000024, - TCG_SEG_CANCEL_SEG_EXCH = 0x00000025, + /* IF-M Segmentation */ + TCG_SEG_CONTRACT_REQ = 0x00000021, + TCG_SEG_CONTRACT_RESP = 0x00000022, + TCG_SEG_ENVELOPE = 0x00000023, + TCG_SEG_NEXT_SEGMENT = 0x00000024, + TCG_SEG_CANCEL = 0x00000025, + TCG_SEG_OVERSIZED_MSG = 0x00000026, + TCG_SEG_CONTRACT_EXEMPTION = 0x00000027, /* PTS Protocol Negotiations */ TCG_PTS_REQ_PROTO_CAPS = 0x01000000,