From: Sansar Choinyambuu <schoinya@hsr.ch>
Date: Mon, 14 Nov 2011 15:14:38 +0000 (+0100)
Subject: Added component column in files table
X-Git-Tag: 4.6.2~204
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b4a9274ce117fc2e311d66ab7f1e869a13a31cb6;p=thirdparty%2Fstrongswan.git

Added component column in files table
Implemented enumerator getter for generating functional component evidence requests
Implemented enumerator getter for component hashes
---

diff --git a/src/libimcv/plugins/imv_attestation/data.sql b/src/libimcv/plugins/imv_attestation/data.sql
index e67c6100ac..356ee08050 100644
--- a/src/libimcv/plugins/imv_attestation/data.sql
+++ b/src/libimcv/plugins/imv_attestation/data.sql
@@ -177,15 +177,15 @@ INSERT INTO files (
 );
 
 INSERT INTO files (
-  type, path, measurement
+  type, path, component
  ) VALUES (
-  0, 'pcr17', 1
+  0, 'tboot_pcr17', 1
 );
 
 INSERT INTO files (
-  type, path, measurement
+  type, path, component
  ) VALUES (
-  0, 'pcr18', 1
+  0, 'tboot_pcr18', 1
 );
 
 /* Product-File */
diff --git a/src/libimcv/plugins/imv_attestation/tables.sql b/src/libimcv/plugins/imv_attestation/tables.sql
index f6ef2b81e3..e96c55748d 100644
--- a/src/libimcv/plugins/imv_attestation/tables.sql
+++ b/src/libimcv/plugins/imv_attestation/tables.sql
@@ -6,7 +6,8 @@ CREATE TABLE files (
   type INTEGER NOT NULL,
   path TEXT NOT NULL,
   measurement INTEGER DEFAULT 0,
-  metadata INTEGER DEFAULT 0
+  metadata INTEGER DEFAULT 0,
+  component INTEGER DEFAULT 0
 );
 
 DROP TABLE IF EXISTS products;
diff --git a/src/libpts/pts/pts_database.c b/src/libpts/pts/pts_database.c
index 3881fa7532..1e5602b55f 100644
--- a/src/libpts/pts/pts_database.c
+++ b/src/libpts/pts/pts_database.c
@@ -69,6 +69,22 @@ METHOD(pts_database_t, create_file_meta_enumerator, enumerator_t*,
 	return e;
 }
 
+METHOD(pts_database_t, create_comp_evid_enumerator, enumerator_t*,
+	private_pts_database_t *this, char *product)
+{
+	enumerator_t *e;
+
+	/* look for all entries belonging to a product in the files table */
+	e = this->db->query(this->db,
+				"SELECT f.type, f.path FROM files AS f "
+				"JOIN product_file AS pf ON f.id = pf.file "
+				"JOIN products AS p ON p.id = pf.product "
+				"WHERE p.name = ? AND f.component = 1",
+				DB_TEXT, product, DB_INT, DB_TEXT);
+	return e;
+}
+
+
 METHOD(pts_database_t, create_hash_enumerator, enumerator_t*,
 	private_pts_database_t *this, char *product, pts_meas_algorithms_t algo,
 	int id, bool is_dir)
@@ -97,6 +113,22 @@ METHOD(pts_database_t, create_hash_enumerator, enumerator_t*,
 	return e;
 }
 
+METHOD(pts_database_t, create_comp_hash_enumerator, enumerator_t*,
+	private_pts_database_t *this, char *product,
+	pts_meas_algorithms_t algo, char *comp_name)
+{
+	enumerator_t *e;
+	
+	e = this->db->query(this->db,
+				"SELECT fh.hash FROM file_hashes AS fh "
+				"JOIN files AS f ON fh.file = f.id "
+				"JOIN products AS p ON fh.product = p.id "
+				"WHERE p.name = ? AND f.path = ? AND fh.algo = ? ",
+				DB_TEXT, product, DB_TEXT, comp_name, DB_INT, algo, DB_BLOB);
+
+	return e;
+}
+
 METHOD(pts_database_t, destroy, void,
 	private_pts_database_t *this)
 {
@@ -115,7 +147,9 @@ pts_database_t *pts_database_create(char *uri)
 		.public = {
 			.create_file_meas_enumerator = _create_file_meas_enumerator,
 			.create_file_meta_enumerator = _create_file_meta_enumerator,
+			.create_comp_evid_enumerator = _create_comp_evid_enumerator,
 			.create_hash_enumerator = _create_hash_enumerator,
+			.create_comp_hash_enumerator = _create_comp_hash_enumerator,
 			.destroy = _destroy,
 		},
 		.db = lib->db->create(lib->db, uri),
@@ -123,8 +157,8 @@ pts_database_t *pts_database_create(char *uri)
 
 	if (!this->db)
 	{
-		DBG1(DBG_PTS, "failed to connect to PTS file measurement database '%s'",
-			 uri);
+		DBG1(DBG_PTS,
+			 "failed to connect to PTS file measurement database '%s'", uri);
 		free(this);
 		return NULL;
 	}
diff --git a/src/libpts/pts/pts_database.h b/src/libpts/pts/pts_database.h
index 90747666d3..0279f4e9e8 100644
--- a/src/libpts/pts/pts_database.h
+++ b/src/libpts/pts/pts_database.h
@@ -50,6 +50,15 @@ struct pts_database_t {
 	enumerator_t* (*create_file_meta_enumerator)(pts_database_t *this,
 												 char *product);
 
+	/**
+	* Get functional components to request evidence of
+	*
+	* @param product		software product (os, vpn client, etc.)
+	* @return				enumerator over all matching components
+	*/
+	enumerator_t* (*create_comp_evid_enumerator)(pts_database_t *this,
+												 char *product);
+
 	/**
 	* Get stored measurement hash for single file or directory entries
 	*
@@ -63,6 +72,17 @@ struct pts_database_t {
 											pts_meas_algorithms_t algo,
 											int id, bool is_dir);
 
+	/**
+	* Get stored measurement hash for functional component entries
+	*
+	* @param product		software product (os, vpn client, etc.)
+	* @param algo			hash algorithm used for measurement
+	* @param comp_name		value of path column in files table
+	* @return				enumerator over all matching measurement hashes
+	*/
+	enumerator_t* (*create_comp_hash_enumerator)(pts_database_t *this, char *product,
+									pts_meas_algorithms_t algo, char *comp_name);
+
 	/**
 	* Destroys a pts_database_t object.
 	*/