From: Sansar Choinyambuu Date: Mon, 31 Oct 2011 10:26:00 +0000 (+0100) Subject: Implemented matching of Optional PCR Composite field value when Hashing was done... X-Git-Tag: 4.6.2~218 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=379f7a7533b36162ae9cc6373e25c9b16f9746dc;p=thirdparty%2Fstrongswan.git Implemented matching of Optional PCR Composite field value when Hashing was done to reduce the size of it Optional Composite Hash Algorithm field is always present, has value of all zeroes if was not used --- diff --git a/src/libpts/pts/pts.c b/src/libpts/pts/pts.c index 1c349d7c21..3d5e23301a 100644 --- a/src/libpts/pts/pts.c +++ b/src/libpts/pts/pts.c @@ -1158,9 +1158,25 @@ METHOD(pts_t, get_quote_info, bool, chunk_clear(&pcr_composite); chunk_clear(&hash_pcr_composite); - chunk_clear(&pcr_composite); + /* Hash the PCR Composite Structure */ + hasher->allocate_hash(hasher, pcr_composite, out_pcr_composite); + DBG4(DBG_PTS, "Hash of calculated PCR Composite: %B", out_pcr_composite); + hasher->destroy(hasher); + } + else + { + *out_pcr_composite = chunk_clone(pcr_composite); + DBG4(DBG_PTS, "calculated PCR Composite: %B", out_pcr_composite); + } + + /* SHA1 hash of PCR Composite to construct TPM_QUOTE_INFO */ + hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); + hasher->allocate_hash(hasher, pcr_composite, &hash_pcr_composite); hasher->destroy(hasher); - writer->write_data(writer, *out_pcr_composite); + + writer->write_data(writer, hash_pcr_composite); + chunk_clear(&pcr_composite); + chunk_clear(&hash_pcr_composite); if (!this->secret.ptr) { diff --git a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c index 5f2137e92e..58a3e3a0f6 100644 --- a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c +++ b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c @@ -167,11 +167,13 @@ METHOD(pa_tnc_attr_t, build, void, writer->write_uint8 (writer, flags); writer->write_uint8 (writer, PTS_SIMPLE_EVID_FINAL_RESERVED); + /** Optional Composite Hash Algorithm field is always present + * Field has value of all zeroes if not used. + * Implemented adhering the suggestion of Paul Sangster 28.Oct.2011 + */ + writer->write_uint16(writer, this->comp_hash_algorithm); + /* Optional fields */ - if (this->comp_hash_algorithm) - { - writer->write_uint16(writer, this->comp_hash_algorithm); - } if (this->pcr_comp.ptr && this->pcr_comp.len > 0) { writer->write_uint32 (writer, this->pcr_comp.len); @@ -197,7 +199,7 @@ METHOD(pa_tnc_attr_t, process, status_t, bio_reader_t *reader; u_int8_t flags; u_int8_t reserved; - /** u_int16_t algorithm;*/ + u_int16_t algorithm; if (this->value.len < PTS_SIMPLE_EVID_FINAL_SIZE) { @@ -232,6 +234,14 @@ METHOD(pa_tnc_attr_t, process, status_t, } reader->read_uint8(reader, &reserved); + + /** Optional Composite Hash Algorithm field is always present + * Field has value of all zeroes if not used. + * Implemented adhering the suggestion of Paul Sangster 28.Oct.2011 + */ + + reader->read_uint16(reader, &algorithm); + this->comp_hash_algorithm = algorithm; /* Optional Composite Hash Algorithm and TPM PCR Composite field is included */ if (this->flags != PTS_SIMPLE_EVID_FINAL_FLAG_NO)