From: Sansar Choinyambuu Date: Wed, 21 Sep 2011 14:32:25 +0000 (+0200) Subject: Started implementing handling of DH Nonce attributes X-Git-Tag: 4.6.2~366 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0daee96b05a1819c2f519a5f22e9f6e870d8a208;p=thirdparty%2Fstrongswan.git Started implementing handling of DH Nonce attributes --- diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation.c b/src/libimcv/plugins/imc_attestation/imc_attestation.c index 846af5c9fd..e511ed0568 100644 --- a/src/libimcv/plugins/imc_attestation/imc_attestation.c +++ b/src/libimcv/plugins/imc_attestation/imc_attestation.c @@ -63,6 +63,11 @@ static imc_agent_t *imc_attestation; */ static pts_meas_algorithms_t supported_algorithms = 0; +/** + * Supported PTS Diffie Hellman Groups + */ +static pts_dh_group_t supported_dh_groups = 0; + /** * see section 3.7.1 of TCG TNC IF-IMC Specification 1.2 */ @@ -80,6 +85,10 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id, { return TNC_RESULT_FATAL; } + if (!pts_probe_dh_groups(&supported_dh_groups)) + { + return TNC_RESULT_FATAL; + } imc_attestation = imc_agent_create(imc_name, IMC_VENDOR_ID, IMC_SUBTYPE, imc_id, actual_version); if (!imc_attestation) @@ -276,27 +285,82 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id, attr_list->insert_last(attr_list, attr); break; } + case TCG_PTS_DH_NONCE_PARAMS_REQ: + { + tcg_pts_attr_dh_nonce_params_req_t *attr_cast; + u_int8_t min_nonce_len; + pts_dh_group_t offered_dh_groups, selected_dh_group; + + attr_cast = (tcg_pts_attr_dh_nonce_params_req_t*)attr; + min_nonce_len = attr_cast->get_min_nonce_len(attr_cast); + offered_dh_groups = attr_cast->get_dh_groups(attr_cast); + + if ((supported_dh_groups & PTS_DH_GROUP_IKE20) && + (offered_dh_groups & PTS_DH_GROUP_IKE20)) + { + pts->set_dh_group(pts, PTS_DH_GROUP_IKE20); + } + else if ((supported_dh_groups & PTS_DH_GROUP_IKE19) && + (offered_dh_groups & PTS_DH_GROUP_IKE19)) + { + pts->set_dh_group(pts, PTS_DH_GROUP_IKE19); + } + else if ((supported_dh_groups & PTS_DH_GROUP_IKE14) && + (offered_dh_groups & PTS_DH_GROUP_IKE14)) + { + pts->set_dh_group(pts, PTS_DH_GROUP_IKE14); + } + else if ((supported_dh_groups & PTS_DH_GROUP_IKE5) && + (offered_dh_groups & PTS_DH_GROUP_IKE5)) + { + pts->set_dh_group(pts, PTS_DH_GROUP_IKE5); + } + else if ((supported_dh_groups & PTS_DH_GROUP_IKE2) && + (offered_dh_groups & PTS_DH_GROUP_IKE2)) + { + pts->set_dh_group(pts, PTS_DH_GROUP_IKE2); + } + else + { + attr_info = attr->get_value(attr); + attr = ietf_attr_pa_tnc_error_create(PEN_TCG, + TCG_PTS_DH_GRPS_NOT_SUPPORTED, attr_info); + attr_list->insert_last(attr_list, attr); + break; + } + + /* Send DH Nonce Parameters Response attribute */ + selected_dh_group = pts->get_dh_group(pts); + /* TODO: Implement */ + + break; + } + case TCG_PTS_DH_NONCE_FINISH: + { + /* TODO: Implement */ + break; + } case TCG_PTS_MEAS_ALGO: { tcg_pts_attr_meas_algo_t *attr_cast; - pts_meas_algorithms_t selected_algorithm; - + pts_meas_algorithms_t offered_algorithms, selected_algorithm; + attr_cast = (tcg_pts_attr_meas_algo_t*)attr; - selected_algorithm = attr_cast->get_algorithms(attr_cast); + offered_algorithms = attr_cast->get_algorithms(attr_cast); if ((supported_algorithms & PTS_MEAS_ALGO_SHA384) && - (selected_algorithm & PTS_MEAS_ALGO_SHA384)) + (offered_algorithms & PTS_MEAS_ALGO_SHA384)) { pts->set_meas_algorithm(pts, PTS_MEAS_ALGO_SHA384); } else if ((supported_algorithms & PTS_MEAS_ALGO_SHA256) && - (selected_algorithm & PTS_MEAS_ALGO_SHA256)) + (offered_algorithms & PTS_MEAS_ALGO_SHA256)) { pts->set_meas_algorithm(pts, PTS_MEAS_ALGO_SHA256); } else if ((supported_algorithms & PTS_MEAS_ALGO_SHA1) && - (selected_algorithm & PTS_MEAS_ALGO_SHA1)) + (offered_algorithms & PTS_MEAS_ALGO_SHA1)) { pts->set_meas_algorithm(pts, PTS_MEAS_ALGO_SHA1); } @@ -587,8 +651,6 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id, break; } /* TODO: Not implemented yet */ - case TCG_PTS_DH_NONCE_PARAMS_REQ: - case TCG_PTS_DH_NONCE_FINISH: case TCG_PTS_REQ_INTEG_MEAS_LOG: /* Attributes using XML */ case TCG_PTS_REQ_TEMPL_REF_MANI_SET_META: diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation.c b/src/libimcv/plugins/imv_attestation/imv_attestation.c index 4f5ab8afc0..fca24a803d 100644 --- a/src/libimcv/plugins/imv_attestation/imv_attestation.c +++ b/src/libimcv/plugins/imv_attestation/imv_attestation.c @@ -51,6 +51,7 @@ #include #include #include +#include /* IMV definitions */ @@ -66,6 +67,11 @@ static imv_agent_t *imv_attestation; */ static pts_meas_algorithms_t supported_algorithms = 0; +/** + * Supported PTS Diffie Hellman Groups + */ +static pts_dh_group_t supported_dh_groups = 0; + /** * PTS file measurement database */ @@ -89,7 +95,7 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id, TNC_Version max_version, TNC_Version *actual_version) { - char *hash_alg, *uri, *cadir; + char *hash_alg, *dh_group, *uri, *cadir; if (imv_attestation) { @@ -100,6 +106,10 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id, { return TNC_RESULT_FATAL; } + if (!pts_probe_dh_groups(&supported_dh_groups)) + { + return TNC_RESULT_FATAL; + } imv_attestation = imv_agent_create(imv_name, IMV_VENDOR_ID, IMV_SUBTYPE, imv_id, actual_version); if (!imv_attestation) @@ -137,6 +147,24 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id, supported_algorithms &= ~PTS_MEAS_ALGO_SHA256; } + /** + * Specify supported PTS Diffie Hellman Groups + * + * ike2: PTS_DH_GROUP_IKE2 + * ike5: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 + * ike14: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 + * ike19: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 | PTS_DH_GROUP_IKE19 + * ike20: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 | PTS_DH_GROUP_IKE19 | PTS_DH_GROUP_IKE20 + * + * we expect the PTS-IMC to select the strongest supported group + */ + dh_group = lib->settings->get_str(lib->settings, + "libimcv.plugins.imv-attestation.dh_group", "ike19"); + if (!pts_update_supported_dh_groups(dh_group, &supported_dh_groups)) + { + return TNC_RESULT_FATAL; + } + /* create a PTS credential manager */ pts_credmgr = credential_manager_create(); @@ -238,8 +266,36 @@ static TNC_Result send_message(TNC_ConnectionID connection_id) msg->add_attribute(msg, attr); attestation_state->set_handshake_state(attestation_state, + IMV_ATTESTATION_STATE_DH_NONCE); + break; + } + case IMV_ATTESTATION_STATE_DH_NONCE: + { + bool request_sent = FALSE; + + /* Jump to Measurement state if IMC has no TPM */ + if(!(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T)) + { + attestation_state->set_handshake_state(attestation_state, IMV_ATTESTATION_STATE_MEAS); + } + else if (!request_sent) + { + /* Send DH nonce parameters request attribute */ + attr = tcg_pts_attr_dh_nonce_params_req_create(0, supported_dh_groups); + attr->set_noskip_flag(attr, TRUE); + msg->add_attribute(msg, attr); + request_sent = TRUE; + } + else if (request_sent) + { + /* Send DH nonce finish attribute */ + attestation_state->set_handshake_state(attestation_state, + IMV_ATTESTATION_STATE_MEAS); + } + break; + } case IMV_ATTESTATION_STATE_MEAS: @@ -255,7 +311,6 @@ static TNC_Result send_message(TNC_ConnectionID connection_id) IMV_ATTESTATION_STATE_COMP_EVID); /* Does the PTS-IMC have TPM support? */ - if (pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T) { /* Send Get TPM Version attribute */ attr = tcg_pts_attr_get_tpm_version_info_create(); @@ -336,10 +391,6 @@ static TNC_Result send_message(TNC_ConnectionID connection_id) break; } - case IMV_ATTESTATION_STATE_IML: - DBG1(DBG_IMV, "Attestation IMV has nothing to send: \"%s\"", - handshake_state); - return TNC_RESULT_FATAL; default: DBG1(DBG_IMV, "Attestation IMV is in unknown state: \"%s\"", handshake_state); @@ -471,6 +522,11 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id, pts->set_proto_caps(pts, flags); break; } + case TCG_PTS_DH_NONCE_PARAMS_RESP: + { + /* TODO: Implement */ + break; + } case TCG_PTS_MEAS_ALGO_SELECTION: { tcg_pts_attr_meas_algo_t *attr_cast; @@ -620,7 +676,6 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id, } /* TODO: Not implemented yet */ - case TCG_PTS_DH_NONCE_PARAMS_RESP: case TCG_PTS_INTEG_MEAS_LOG: /* Attributes using XML */ case TCG_PTS_TEMPL_REF_MANI_SET_META: diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_state.h b/src/libimcv/plugins/imv_attestation/imv_attestation_state.h index a79fc91cc5..21f896333f 100644 --- a/src/libimcv/plugins/imv_attestation/imv_attestation_state.h +++ b/src/libimcv/plugins/imv_attestation/imv_attestation_state.h @@ -34,9 +34,9 @@ typedef enum imv_attestation_handshake_state_t imv_attestation_handshake_state_t */ enum imv_attestation_handshake_state_t { IMV_ATTESTATION_STATE_INIT, + IMV_ATTESTATION_STATE_DH_NONCE, IMV_ATTESTATION_STATE_MEAS, IMV_ATTESTATION_STATE_COMP_EVID, - IMV_ATTESTATION_STATE_IML, IMV_ATTESTATION_STATE_END, }; diff --git a/src/libpts/Makefile.am b/src/libpts/Makefile.am index cf5494bfa9..33f7e01047 100644 --- a/src/libpts/Makefile.am +++ b/src/libpts/Makefile.am @@ -15,6 +15,7 @@ libpts_la_SOURCES = \ pts/pts_file_meas.h pts/pts_file_meas.c \ pts/pts_file_meta.h pts/pts_file_meta.c \ pts/pts_meas_algo.h pts/pts_meas_algo.c \ + pts/pts_dh_group.h pts/pts_dh_group.c \ tcg/tcg_attr.h tcg/tcg_attr.c \ tcg/tcg_pts_attr_proto_caps.h tcg/tcg_pts_attr_proto_caps.c \ tcg/tcg_pts_attr_dh_nonce_params_req.h tcg/tcg_pts_attr_dh_nonce_params_req.c \ diff --git a/src/libpts/pts/pts.c b/src/libpts/pts/pts.c index d46196974b..2a8ac090af 100644 --- a/src/libpts/pts/pts.c +++ b/src/libpts/pts/pts.c @@ -50,6 +50,21 @@ struct private_pts_t { */ pts_meas_algorithms_t algorithm; + /** + * PTS Diffie Hellman Group + */ + pts_dh_group_t dh_group; + + /** + * Contains a Diffie Hellman Nonce + */ + chunk_t dh_nonce; + + /** + * Contains a Diffie Hellman Public Value + */ + chunk_t dh_public_value; + /** * Platform and OS Info */ @@ -110,6 +125,26 @@ METHOD(pts_t, set_meas_algorithm, void, } } +METHOD(pts_t, get_dh_group, pts_dh_group_t, + private_pts_t *this) +{ + return this->dh_group; +} + +METHOD(pts_t, set_dh_group, void, + private_pts_t *this, pts_dh_group_t group) +{ + diffie_hellman_group_t dh_group; + + dh_group = pts_dh_group_to_strongswan_dh_group(group); + DBG2(DBG_PTS, "selected PTS Diffie Hellman Group is %N", + diffie_hellman_group_names, dh_group); + if (dh_group != MODP_NONE) + { + this->dh_group = dh_group; + } +} + /** * Print TPM 1.2 Version Info */ @@ -518,6 +553,8 @@ METHOD(pts_t, destroy, void, private_pts_t *this) { DESTROY_IF(this->aik); + free(this->dh_nonce.ptr); + free(this->dh_public_value.ptr); free(this->platform_info); free(this->tpm_version_info.ptr); free(this); @@ -683,6 +720,8 @@ pts_t *pts_create(bool is_imc) .set_proto_caps = _set_proto_caps, .get_meas_algorithm = _get_meas_algorithm, .set_meas_algorithm = _set_meas_algorithm, + .get_dh_group = _get_dh_group, + .set_dh_group = _set_dh_group, .get_platform_info = _get_platform_info, .set_platform_info = _set_platform_info, .get_tpm_version_info = _get_tpm_version_info, @@ -696,6 +735,7 @@ pts_t *pts_create(bool is_imc) }, .proto_caps = PTS_PROTO_CAPS_V, .algorithm = PTS_MEAS_ALGO_SHA256, + .dh_group = PTS_DH_GROUP_IKE19, ); if (is_imc) diff --git a/src/libpts/pts/pts.h b/src/libpts/pts/pts.h index a03eea2c66..ca3ef0cbb8 100644 --- a/src/libpts/pts/pts.h +++ b/src/libpts/pts/pts.h @@ -28,6 +28,7 @@ typedef struct pts_t pts_t; #include "pts_meas_algo.h" #include "pts_file_meas.h" #include "pts_file_meta.h" +#include "pts_dh_group.h" #include @@ -71,6 +72,20 @@ struct pts_t { */ void (*set_meas_algorithm)(pts_t *this, pts_meas_algorithms_t algorithm); + /** + * Get PTS Diffie Hellman Group + * + * @return DH Group + */ + pts_dh_group_t (*get_dh_group)(pts_t *this); + + /** + * Set PTS Diffie Hellman Group + * + * @param dh_group DH Group + */ + void (*set_dh_group)(pts_t *this, pts_dh_group_t dh_group); + /** * Get Platform and OS Info * diff --git a/src/libpts/pts/pts_dh_group.c b/src/libpts/pts/pts_dh_group.c new file mode 100644 index 0000000000..4e946b8ba8 --- /dev/null +++ b/src/libpts/pts/pts_dh_group.c @@ -0,0 +1,147 @@ +/* + * Copyright (C) 2011 Sansar Choinyambuu + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "pts_dh_group.h" + +#include + +/** + * Described in header. + */ +bool pts_probe_dh_groups(pts_dh_group_t *groups) +{ + enumerator_t *enumerator; + diffie_hellman_group_t dh_group; + const char *plugin_name; + char format1[] = " %s PTS Diffie Hellman Group %N[%s] available"; + char format2[] = " %s PTS Diffie Hellman Group %N[%s] not available"; + + *groups = 0; + + enumerator = lib->crypto->create_dh_enumerator(lib->crypto); + while (enumerator->enumerate(enumerator, &dh_group, &plugin_name)) + { + DBG2(DBG_PTS, format1, "Following ", diffie_hellman_group_names, dh_group, + plugin_name); + + if (dh_group == MODP_1024_BIT) + { + *groups |= PTS_DH_GROUP_IKE2; + DBG2(DBG_PTS, format1, "optional", diffie_hellman_group_names, dh_group, + plugin_name); + } + else if (dh_group == MODP_1536_BIT) + { + *groups |= PTS_DH_GROUP_IKE5; + DBG2(DBG_PTS, format1, "optional", diffie_hellman_group_names, dh_group, + plugin_name); + } + else if (dh_group == MODP_2048_BIT) + { + *groups |= PTS_DH_GROUP_IKE14; + DBG2(DBG_PTS, format1, "optional", diffie_hellman_group_names, dh_group, + plugin_name); + } + else if (dh_group == ECP_256_BIT) + { + *groups |= PTS_DH_GROUP_IKE19; + DBG2(DBG_PTS, format1, "mandatory", diffie_hellman_group_names, dh_group, + plugin_name); + } + else if (dh_group == ECP_384_BIT) + { + *groups |= PTS_DH_GROUP_IKE20; + DBG2(DBG_PTS, format1, "optional", diffie_hellman_group_names, dh_group, + plugin_name); + } + } + enumerator->destroy(enumerator); + + if (*groups & PTS_DH_GROUP_IKE19) + { + return TRUE; + } + else + { + DBG1(DBG_PTS, format2, "mandatory", diffie_hellman_group_names, ECP_256_BIT, plugin_name); + } + + /* TODO: return FALSE : Elliptic Curves are not available */ + return TRUE; + +} + +/** + * Described in header. + */ +bool pts_update_supported_dh_groups(char *dh_group, pts_dh_group_t *groups) +{ + if (strcaseeq(dh_group, "ike20")) + { + /* nothing to update, all groups are supported */ + return TRUE; + } + else if (strcaseeq(dh_group, "ike19")) + { + /* remove DH Group 20 */ + *groups = ~PTS_DH_GROUP_IKE20; + return TRUE; + } + else if (strcaseeq(dh_group, "ike14")) + { + /* remove DH Group 19 and 20 */ + *groups = ~PTS_DH_GROUP_IKE20 | ~PTS_DH_GROUP_IKE19; + return TRUE; + } + else if (strcaseeq(dh_group, "ike5")) + { + /* remove DH Group 14, 19 and 20 */ + *groups = ~PTS_DH_GROUP_IKE20 | ~PTS_DH_GROUP_IKE19 + | ~PTS_DH_GROUP_IKE14; + return TRUE; + } + else if (strcaseeq(dh_group, "ike2")) + { + /* remove DH Group 5, 14, 19 and 20 */ + *groups = ~PTS_DH_GROUP_IKE20 | ~PTS_DH_GROUP_IKE19 | + ~PTS_DH_GROUP_IKE14 | ~PTS_DH_GROUP_IKE5; + return TRUE; + } + + DBG1(DBG_PTS, "Unknown DH Group: %s configured"); + return FALSE; +} + +/** + * Described in header. + */ +diffie_hellman_group_t pts_dh_group_to_strongswan_dh_group(pts_dh_group_t dh_group) +{ + switch (dh_group) + { + case PTS_DH_GROUP_IKE2: + return MODP_1024_BIT; + case PTS_DH_GROUP_IKE5: + return MODP_1536_BIT; + case PTS_DH_GROUP_IKE14: + return MODP_2048_BIT; + case PTS_DH_GROUP_IKE19: + return ECP_256_BIT; + case PTS_DH_GROUP_IKE20: + return ECP_384_BIT; + default: + return MODP_NONE; + } +} diff --git a/src/libpts/pts/pts_dh_group.h b/src/libpts/pts/pts_dh_group.h new file mode 100644 index 0000000000..2621e0ef5a --- /dev/null +++ b/src/libpts/pts/pts_dh_group.h @@ -0,0 +1,81 @@ +/* + * Copyright (C) 2011 Sansar Choinyambuu + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup pts_dh_group pts_dh_group + * @{ @ingroup pts + */ + +#ifndef PTS_DH_GROUP_H_ +#define PTS_DH_GROUP_H_ + +#include +#include + +typedef enum pts_dh_group_t pts_dh_group_t; + +/** + * PTS Diffie Hellman Group Values + */ +enum pts_dh_group_t { + /** IKE Group 2 */ + PTS_DH_GROUP_IKE2 = (1<<15), + /** IKE Group 5 */ + PTS_DH_GROUP_IKE5 = (1<<14), + /** IKE Group 14 */ + PTS_DH_GROUP_IKE14 = (1<<13), + /** IKE Group 19 */ + PTS_DH_GROUP_IKE19 = (1<<12), + /** IKE Group 20 */ + PTS_DH_GROUP_IKE20 = (1<<11), +}; + +/** + * Diffie-Hellman Group Values + * see section 3.8.6 of PTS Protocol: Binding to TNC IF-M Specification + * + * 1 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |1|2|3|4|5|R|R|R|R|R|R|R|R|R|R|R| + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + */ + +/** + * Probe available PTS measurement algorithms + * + * @param groups set of available groups + * @return TRUE if mandatory group PTS_DH_GROUP_IKE19 is available + */ +bool pts_probe_dh_groups(pts_dh_group_t *groups); + +/** + * Update supported Diffie Hellman Groups according to configuration + * + * @param dh_group configured Diffie Hellman Group + * @param groups set of available groups + */ +bool pts_update_supported_dh_groups(char *dh_group, pts_dh_group_t *groups); + +/** + * Convert pts_dh_group_t to diffie_hellman_group_t + * + * @param dh_group PTS Diffie Hellman Group type + * @return libstrongswan diffie hellman group type + */ +diffie_hellman_group_t pts_dh_group_to_strongswan_dh_group(pts_dh_group_t dh_group); + +#endif /** PTS_DH_GROUP_H_ @}*/ diff --git a/src/libpts/tcg/tcg_attr.c b/src/libpts/tcg/tcg_attr.c index 862ab587ab..880db8e53d 100644 --- a/src/libpts/tcg/tcg_attr.c +++ b/src/libpts/tcg/tcg_attr.c @@ -160,11 +160,11 @@ pa_tnc_attr_t* tcg_attr_create_from_data(u_int32_t type, chunk_t value) case TCG_PTS_PROTO_CAPS: return tcg_pts_attr_proto_caps_create_from_data(value, FALSE); case TCG_PTS_DH_NONCE_PARAMS_REQ: - return tcg_pts_attr_dh_nonce_params_req_create(value); + return tcg_pts_attr_dh_nonce_params_req_create_from_data(value); case TCG_PTS_DH_NONCE_PARAMS_RESP: - return tcg_pts_attr_dh_nonce_params_resp_create(value); + return tcg_pts_attr_dh_nonce_params_resp_create_from_data(value); case TCG_PTS_DH_NONCE_FINISH: - return tcg_pts_attr_dh_nonce_finish_create(value); + return tcg_pts_attr_dh_nonce_finish_create_from_data(value); case TCG_PTS_MEAS_ALGO: return tcg_pts_attr_meas_algo_create_from_data(value, FALSE); case TCG_PTS_MEAS_ALGO_SELECTION: diff --git a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.c b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.c index f6ca2e7220..ddaa41363b 100644 --- a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.c +++ b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.c @@ -115,9 +115,9 @@ METHOD(pa_tnc_attr_t, build, void, bio_writer_t *writer; writer = bio_writer_create(PTS_DH_NONCE_PARAMS_REQ_SIZE); - writer->write_uint8(writer, PTS_DH_NONCE_PARAMS_REQ_RESERVED); - writer->write_uint8(writer, this->min_nonce_len); - writer->write_uint8(writer, this->dh_groups); + writer->write_uint8 (writer, PTS_DH_NONCE_PARAMS_REQ_RESERVED); + writer->write_uint8 (writer, this->min_nonce_len); + writer->write_uint16(writer, this->dh_groups); this->value = chunk_clone(writer->get_buf(writer)); writer->destroy(writer); diff --git a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h index ddd934bdeb..bc9cb3fd99 100644 --- a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h +++ b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h @@ -22,26 +22,10 @@ #define TCG_PTS_ATTR_DH_NONCE_PARAMS_REQ_H_ typedef struct tcg_pts_attr_dh_nonce_params_req_t tcg_pts_attr_dh_nonce_params_req_t; -typedef enum pts_dh_group_t pts_dh_group_t; #include "tcg_attr.h" #include "pa_tnc/pa_tnc_attr.h" - -/** - * PTS Diffie Hellman Group Values - */ -enum pts_dh_group_t { - /** IKE Group 2 */ - PTS_DH_GROUP_IKE2 = (1<<15), - /** IKE Group 5 */ - PTS_DH_GROUP_IKE5 = (1<<14), - /** IKE Group 14 */ - PTS_DH_GROUP_IKE14 = (1<<13), - /** IKE Group 19, Elliptic curves using NIST 256 bit prime modules */ - PTS_DH_GROUP_IKE19 = (1<<12), - /** IKE Group 20, Elliptic curves using NIST 384 bit prime modules */ - PTS_DH_GROUP_IKE20 = (1<<11), -}; +#include "pts/pts_dh_group.h" /** * Class implementing the TCG PTS DH Nonce Parameters Request Attribute diff --git a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_resp.h b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_resp.h index 2dbaa044c5..6b40c22551 100644 --- a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_resp.h +++ b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_resp.h @@ -25,7 +25,7 @@ typedef struct tcg_pts_attr_dh_nonce_params_resp_t tcg_pts_attr_dh_nonce_params_ #include "tcg_attr.h" #include "pa_tnc/pa_tnc_attr.h" -#include "tcg_pts_attr_dh_nonce_params_req.h" +#include "pts/pts_dh_group.h" #include "pts/pts_meas_algo.h" /**