}
METHOD(pts_t, quote_tpm, bool,
- private_pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs, chunk_t *output)
+ private_pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
+ chunk_t *pcr_composite, chunk_t *quote_signature)
{
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
u_int32_t i;
TSS_RESULT result;
chunk_t aik_key_encoding;
+ chunk_t pcr_composite_without_nonce;
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS)
DBG1(DBG_PTS, "Invalid PCR number: %d", pcr);
goto err3;
}
- result = Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, 1);
+ result = Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, pcr);
if (result != TSS_SUCCESS)
{
goto err3;
quoteInfo = (TPM_QUOTE_INFO *)valData.rgbData;
- //display quote info
- printf("version:\n");
- for(i=0;i<4;i++)
- printf("%02x ",valData.rgbData[i]);
- printf("\n");
- printf("fixed value:\n");
- for(i=4;i<8;i++)
- printf("%c",valData.rgbData[i]);
- printf("\n");
- printf("pcr digest:\n");
- for(i=8;i<28;i++)
- printf("%02x ",valData.rgbData[i]);
- printf("\n");
- printf("nonce:\n");
- for(i=28;i<valData.ulDataLength;i++)
- printf("%c",valData.rgbData[i]);
- printf("\n");
+ /* Display quote info */
+ DBG3(DBG_PTS, "version:");
+ for(i = 0 ; i < 4 ; i++)
+ {
+ DBG3(DBG_PTS, "%02x ",valData.rgbData[i]);
+ }
+ DBG3(DBG_PTS, "fixed value:");
+ for(i = 4 ; i < 8 ; i++)
+ {
+ DBG3(DBG_PTS, "%c",valData.rgbData[i]);
+ }
+ DBG3(DBG_PTS, "pcr digest:");
+ for(i = 8 ; i < 28 ; i++)
+ {
+ DBG3(DBG_PTS, "%02x ",valData.rgbData[i]);
+ }
+ DBG3(DBG_PTS, "nonce:");
+ for(i = 28 ; i < valData.ulDataLength ; i++)
+ {
+ DBG3(DBG_PTS, "%c",valData.rgbData[i]);
+ }
+
+ /* Set output chunks */
+ pcr_composite_without_nonce = chunk_alloc(
+ valData.ulDataLength - ASSESSMENT_SECRET_LEN);
+ memcpy(pcr_composite_without_nonce.ptr, valData.rgbData,
+ valData.ulDataLength - ASSESSMENT_SECRET_LEN);
+ *pcr_composite = pcr_composite_without_nonce;
+ *quote_signature = chunk_from_thing(valData.rgbValidationData);
+ *quote_signature = chunk_clone(*quote_signature);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hPcrComposite);
* Quote over PCR's
* Expects owner and SRK secret to be WELL_KNOWN_SECRET and no password set for AIK
*
- * @param pcrs Set of PCR's to make quotation over
- * @param num_of_pcr Number of PCR's
- * @param quote Chunk to save quote operation output
- * @return FALSE in case of TSS error, TRUE otherwise
+ * @param pcrs Set of PCR's to make quotation over
+ * @param num_of_pcr Number of PCR's
+ * @param pcr_composite Chunk to save pcr composite structure
+ * @param quote_signature Chunk to save quote operation output
+ * without external data (anti-replay protection)
+ * @return FALSE in case of TSS error, TRUE otherwise
*/
- bool (*quote_tpm)(pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs, chunk_t *quote);
+ bool (*quote_tpm)(pts_t *this, u_int32_t *pcrs, u_int32_t num_of_pcrs,
+ chunk_t *pcr_composite, chunk_t *quote_signature);
/**
* Destroys a pts_t object.
*/
pts_t* pts_create(bool is_imc);
-#endif /** PTS_H_ @} */
+#endif /** PTS_H_ @}*/
\ No newline at end of file
projects / thirdparty / strongswan.git / commitdiff
