From: Sansar Choinyambuu Date: Fri, 23 Sep 2011 14:06:29 +0000 (+0200) Subject: Implemented handling of DH Parameters Response and Finish attributes X-Git-Tag: 4.6.2~360 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c10867f40bb6da1c3d996b88b24823bd2b557a40;p=thirdparty%2Fstrongswan.git Implemented handling of DH Parameters Response and Finish attributes Implemented calculating session secrets --- diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation.c b/src/libimcv/plugins/imc_attestation/imc_attestation.c index e511ed0568..60a3ee8e9f 100644 --- a/src/libimcv/plugins/imc_attestation/imc_attestation.c +++ b/src/libimcv/plugins/imc_attestation/imc_attestation.c @@ -68,6 +68,12 @@ static pts_meas_algorithms_t supported_algorithms = 0; */ static pts_dh_group_t supported_dh_groups = 0; +/** + * High Entropy Random Data + * used in calculation of shared secret for the assessment session + */ +static chunk_t responder_nonce; + /** * see section 3.7.1 of TCG TNC IF-IMC Specification 1.2 */ @@ -290,9 +296,21 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id, tcg_pts_attr_dh_nonce_params_req_t *attr_cast; u_int8_t min_nonce_len; pts_dh_group_t offered_dh_groups, selected_dh_group; - + rng_t *rng; + chunk_t responder_pub_val; + char buf[NONCE_LEN]; + attr_cast = (tcg_pts_attr_dh_nonce_params_req_t*)attr; min_nonce_len = attr_cast->get_min_nonce_len(attr_cast); + if (NONCE_LEN < min_nonce_len || NONCE_LEN <= 16) + { + attr_info = attr->get_value(attr); + attr = ietf_attr_pa_tnc_error_create(PEN_TCG, + TCG_PTS_BAD_NONCE_LENGTH, attr_info); + attr_list->insert_last(attr_list, attr); + break; + } + offered_dh_groups = attr_cast->get_dh_groups(attr_cast); if ((supported_dh_groups & PTS_DH_GROUP_IKE20) && @@ -331,13 +349,58 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id, /* Send DH Nonce Parameters Response attribute */ selected_dh_group = pts->get_dh_group(pts); - /* TODO: Implement */ + if (!pts->create_dh(pts, selected_dh_group)) + { + return TNC_RESULT_FATAL; + } + responder_pub_val = pts->get_my_pub_val(pts); + /* create a responder nonce */ + rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); + if (rng) + { + rng->get_bytes(rng, sizeof(buf), buf); + rng->destroy(rng); + } + responder_nonce = chunk_create(buf, sizeof(buf)); + + attr = tcg_pts_attr_dh_nonce_params_resp_create(NONCE_LEN, + selected_dh_group, supported_algorithms, + responder_nonce, responder_pub_val); + attr_list->insert_last(attr_list, attr); break; } case TCG_PTS_DH_NONCE_FINISH: { - /* TODO: Implement */ + tcg_pts_attr_dh_nonce_finish_t *attr_cast; + u_int8_t nonce_len; + pts_meas_algorithms_t selected_algorithm; + chunk_t initiator_nonce, initiator_pub_val; + + attr_cast = (tcg_pts_attr_dh_nonce_finish_t*)attr; + nonce_len = attr_cast->get_nonce_len(attr_cast); + if (nonce_len < 0 || nonce_len <= 16) + { + attr_info = attr->get_value(attr); + attr = ietf_attr_pa_tnc_error_create(PEN_TCG, + TCG_PTS_BAD_NONCE_LENGTH, attr_info); + attr_list->insert_last(attr_list, attr); + break; + } + + selected_algorithm = attr_cast->get_hash_algo(attr_cast); + initiator_pub_val = attr_cast->get_initiator_pub_val(attr_cast); + initiator_nonce = attr_cast->get_initiator_nonce(attr_cast); + + DBG3(DBG_IMC, "Initiator nonce: %B", &initiator_nonce); + DBG3(DBG_IMC, "Responder nonce: %B", &responder_nonce); + pts->set_other_pub_val(pts, initiator_pub_val); + if (!pts->calculate_secret(pts, initiator_nonce, + responder_nonce, selected_algorithm)) + { + return TNC_RESULT_FATAL; + } + break; } case TCG_PTS_MEAS_ALGO: @@ -729,6 +792,7 @@ TNC_Result TNC_IMC_Terminate(TNC_IMCID imc_id) return TNC_RESULT_NOT_INITIALIZED; } + free(responder_nonce.ptr); libpts_deinit(); imc_attestation->destroy(imc_attestation); diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation.c b/src/libimcv/plugins/imv_attestation/imv_attestation.c index fca24a803d..730c01a838 100644 --- a/src/libimcv/plugins/imv_attestation/imv_attestation.c +++ b/src/libimcv/plugins/imv_attestation/imv_attestation.c @@ -72,6 +72,12 @@ static pts_meas_algorithms_t supported_algorithms = 0; */ static pts_dh_group_t supported_dh_groups = 0; +/** + * High Entropy Random Data + * used in calculation of shared secret for the assessment session + */ +static chunk_t initiator_nonce; + /** * PTS file measurement database */ @@ -87,6 +93,11 @@ static pts_creds_t *pts_creds; */ static credential_manager_t *pts_credmgr; +/** + * TRUE if DH Nonce Parameters Request attribute is sent + */ +static bool dh_nonce_req_sent = FALSE; + /** * see section 3.7.1 of TCG TNC IF-IMV Specification 1.2 */ @@ -246,7 +257,7 @@ static TNC_Result send_message(TNC_ConnectionID connection_id) msg = pa_tnc_msg_create(); - + switch_state: /* Switch on the attribute type IMV has received */ switch (handshake_state) { @@ -266,40 +277,61 @@ static TNC_Result send_message(TNC_ConnectionID connection_id) msg->add_attribute(msg, attr); attestation_state->set_handshake_state(attestation_state, - IMV_ATTESTATION_STATE_DH_NONCE); + IMV_ATTESTATION_STATE_TPM_INIT); break; } - case IMV_ATTESTATION_STATE_DH_NONCE: + case IMV_ATTESTATION_STATE_TPM_INIT: { - bool request_sent = FALSE; - /* Jump to Measurement state if IMC has no TPM */ if(!(pts->get_proto_caps(pts) & PTS_PROTO_CAPS_T)) { - attestation_state->set_handshake_state(attestation_state, - IMV_ATTESTATION_STATE_MEAS); + handshake_state = IMV_ATTESTATION_STATE_MEAS; + DBG3(DBG_IMV, "TPM is not available on IMC side, ", + "jumping to measurement phase"); + goto switch_state; } - else if (!request_sent) + + if (!dh_nonce_req_sent) { /* Send DH nonce parameters request attribute */ attr = tcg_pts_attr_dh_nonce_params_req_create(0, supported_dh_groups); attr->set_noskip_flag(attr, TRUE); msg->add_attribute(msg, attr); - request_sent = TRUE; + dh_nonce_req_sent = TRUE; } - else if (request_sent) + else { + pts_meas_algorithms_t selected_algorithm; + chunk_t initiator_pub_val; + /* Send DH nonce finish attribute */ + selected_algorithm = pts->get_meas_algorithm(pts); + initiator_pub_val = pts->get_my_pub_val(pts); + attr = tcg_pts_attr_dh_nonce_finish_create(NONCE_LEN, + selected_algorithm, initiator_nonce, + initiator_pub_val); + attr->set_noskip_flag(attr, TRUE); + msg->add_attribute(msg, attr); + + /* Send Get TPM Version attribute */ + attr = tcg_pts_attr_get_tpm_version_info_create(); + attr->set_noskip_flag(attr, TRUE); + msg->add_attribute(msg, attr); + + /* Send Get AIK attribute */ + attr = tcg_pts_attr_get_aik_create(); + attr->set_noskip_flag(attr, TRUE); + msg->add_attribute(msg, attr); + attestation_state->set_handshake_state(attestation_state, IMV_ATTESTATION_STATE_MEAS); } break; - } - case IMV_ATTESTATION_STATE_MEAS: { + enumerator_t *enumerator; u_int32_t delimiter = SOLIDUS_UTF; char *platform_info, *pathname; @@ -310,19 +342,6 @@ static TNC_Result send_message(TNC_ConnectionID connection_id) attestation_state->set_handshake_state(attestation_state, IMV_ATTESTATION_STATE_COMP_EVID); - /* Does the PTS-IMC have TPM support? */ - { - /* Send Get TPM Version attribute */ - attr = tcg_pts_attr_get_tpm_version_info_create(); - attr->set_noskip_flag(attr, TRUE); - msg->add_attribute(msg, attr); - - /* Send Get AIK attribute */ - attr = tcg_pts_attr_get_aik_create(); - attr->set_noskip_flag(attr, TRUE); - msg->add_attribute(msg, attr); - } - /* Get Platform and OS of the PTS-IMC */ platform_info = pts->get_platform_info(pts); @@ -423,6 +442,8 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id, TNC_Result result; bool fatal_error = FALSE; bool measurement_error = FALSE; + linked_list_t *attr_list; + chunk_t attr_info; if (!imv_attestation) { @@ -449,6 +470,7 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id, return result; } + attr_list = linked_list_create(); /* analyze PA-TNC attributes */ enumerator = pa_tnc_msg->create_attribute_enumerator(pa_tnc_msg); while (enumerator->enumerate(enumerator, &attr)) @@ -522,11 +544,6 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id, pts->set_proto_caps(pts, flags); break; } - case TCG_PTS_DH_NONCE_PARAMS_RESP: - { - /* TODO: Implement */ - break; - } case TCG_PTS_MEAS_ALGO_SELECTION: { tcg_pts_attr_meas_algo_t *attr_cast; @@ -537,6 +554,84 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id, pts->set_meas_algorithm(pts, selected_algorithm); break; } + case TCG_PTS_DH_NONCE_PARAMS_RESP: + { + tcg_pts_attr_dh_nonce_params_resp_t *attr_cast; + u_int8_t nonce_len; + pts_dh_group_t dh_group; + pts_meas_algorithms_t offered_algorithms, selected_algorithm; + chunk_t responder_nonce; + chunk_t responder_pub_val; + rng_t *rng; + char buf[NONCE_LEN]; + + attr_cast = (tcg_pts_attr_dh_nonce_params_resp_t*)attr; + + nonce_len = attr_cast->get_nonce_len(attr_cast); + if (nonce_len < 0 || nonce_len <= 16) + { + attr_info = attr->get_value(attr); + attr = ietf_attr_pa_tnc_error_create(PEN_TCG, + TCG_PTS_BAD_NONCE_LENGTH, attr_info); + attr_list->insert_last(attr_list, attr); + break; + } + + dh_group = attr_cast->get_dh_group(attr_cast); + + offered_algorithms = attr_cast->get_hash_algo_set(attr_cast); + if ((supported_algorithms & PTS_MEAS_ALGO_SHA384) && + (offered_algorithms & PTS_MEAS_ALGO_SHA384)) + { + pts->set_meas_algorithm(pts, PTS_MEAS_ALGO_SHA384); + } + else if ((supported_algorithms & PTS_MEAS_ALGO_SHA256) && + (offered_algorithms & PTS_MEAS_ALGO_SHA256)) + { + pts->set_meas_algorithm(pts, PTS_MEAS_ALGO_SHA256); + } + + else if ((supported_algorithms & PTS_MEAS_ALGO_SHA1) && + (offered_algorithms & PTS_MEAS_ALGO_SHA1)) + { + pts->set_meas_algorithm(pts, PTS_MEAS_ALGO_SHA1); + } + else + { + attr = pts_hash_alg_error_create(supported_algorithms); + attr_list->insert_last(attr_list, attr); + break; + } + + selected_algorithm = pts->get_meas_algorithm(pts); + responder_nonce = attr_cast->get_responder_nonce(attr_cast); + responder_pub_val = attr_cast->get_responder_pub_val(attr_cast); + + /* Calculate secret assessment value */ + if (!pts->create_dh(pts, dh_group)) + { + return TNC_RESULT_FATAL; + } + pts->set_other_pub_val(pts, responder_pub_val); + + /* Create a initiator nonce */ + rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); + if (rng) + { + rng->get_bytes(rng, sizeof(buf), buf); + rng->destroy(rng); + } + initiator_nonce = chunk_create(buf, sizeof(buf)); + + DBG3(DBG_IMV, "Initiator nonce: %B", &initiator_nonce); + DBG3(DBG_IMV, "Responder nonce: %B", &responder_nonce); + if (!pts->calculate_secret(pts, initiator_nonce, + responder_nonce, selected_algorithm)) + { + return TNC_RESULT_FATAL; + } + break; + } case TCG_PTS_TPM_VERSION_INFO: { tcg_pts_attr_tpm_version_info_t *attr_cast; @@ -718,6 +813,25 @@ TNC_Result TNC_IMV_ReceiveMessage(TNC_IMVID imv_id, connection_id); } + if (attr_list->get_count(attr_list)) + { + pa_tnc_msg = pa_tnc_msg_create(); + + enumerator = attr_list->create_enumerator(attr_list); + while (enumerator->enumerate(enumerator, &attr)) + { + pa_tnc_msg->add_attribute(pa_tnc_msg, attr); + } + enumerator->destroy(enumerator); + + pa_tnc_msg->build(pa_tnc_msg); + result = imv_attestation->send_message(imv_attestation, connection_id, + pa_tnc_msg->get_encoding(pa_tnc_msg)); + pa_tnc_msg->destroy(pa_tnc_msg); + attr_list->destroy(attr_list); + return result; + } + if (attestation_state->get_handshake_state(attestation_state) & IMV_ATTESTATION_STATE_END) { @@ -807,6 +921,7 @@ TNC_Result TNC_IMV_Terminate(TNC_IMVID imv_id) } DESTROY_IF(pts_db); DESTROY_IF(pts_credmgr); + free(initiator_nonce.ptr); libpts_deinit(); diff --git a/src/libpts/pts/pts.c b/src/libpts/pts/pts.c index 2a8ac090af..d015c78567 100644 --- a/src/libpts/pts/pts.c +++ b/src/libpts/pts/pts.c @@ -56,14 +56,14 @@ struct private_pts_t { pts_dh_group_t dh_group; /** - * Contains a Diffie Hellman Nonce + * Contains a Diffie Hellman object */ - chunk_t dh_nonce; + diffie_hellman_t *dh; /** - * Contains a Diffie Hellman Public Value + * Secret assessment value to be used for TPM Quote as an external data */ - chunk_t dh_public_value; + chunk_t secret; /** * Platform and OS Info @@ -141,10 +141,90 @@ METHOD(pts_t, set_dh_group, void, diffie_hellman_group_names, dh_group); if (dh_group != MODP_NONE) { - this->dh_group = dh_group; + this->dh_group = group; } } +METHOD(pts_t, create_dh, bool, + private_pts_t *this, pts_dh_group_t group) +{ + diffie_hellman_group_t dh_group; + + dh_group = pts_dh_group_to_strongswan_dh_group(group); + if (dh_group != MODP_NONE) + { + this->dh = lib->crypto->create_dh(lib->crypto, dh_group); + return TRUE; + } + DBG1(DBG_PTS, "Unable to create Diffie Hellman object with group %N", + diffie_hellman_group_names, dh_group); + return FALSE; +} + +METHOD(pts_t, get_my_pub_val, chunk_t, + private_pts_t *this) +{ + chunk_t public_value; + + this->dh->get_my_public_value(this->dh, &public_value); + DBG3(DBG_PTS, "My Public value:%B", &public_value); + return public_value; +} + +METHOD(pts_t, set_other_pub_val, void, + private_pts_t *this, chunk_t value) +{ + DBG3(DBG_PTS, "Partner's Public value:%B", &value); + this->dh->set_other_public_value(this->dh, value); +} + +METHOD(pts_t, calculate_secret, bool, + private_pts_t *this, chunk_t initiator_nonce, chunk_t responder_nonce, + pts_meas_algorithms_t algorithm) +{ + hasher_t *hasher; + hash_algorithm_t hash_alg; + u_char output[HASH_SIZE_SHA384]; + chunk_t shared_secret; + + /* Create a hasher */ + hash_alg = pts_meas_to_hash_algorithm(algorithm); + hasher = lib->crypto->create_hasher(lib->crypto, hash_alg); + if (!hasher) + { + DBG1(DBG_PTS, " hasher %N not available", hash_algorithm_names, hash_alg); + return FALSE; + } + + if (this->dh->get_shared_secret(this->dh, &shared_secret) != SUCCESS) + { + DBG1(DBG_PTS, "Shared secret couldn't be calculated"); + hasher->destroy(hasher); + return FALSE; + } + + hasher->get_hash(hasher, chunk_create("1", sizeof("1")), NULL); + hasher->get_hash(hasher, initiator_nonce, NULL); + hasher->get_hash(hasher, responder_nonce, NULL); + hasher->get_hash(hasher, shared_secret, output); + + /** + * Link the hash output to the secret and set the length + * Truncate the output to 20 bytes to fit ExternalDate argument of TPM Quote + */ + this->secret = chunk_create(output, HASH_SIZE_SHA1); + DBG3(DBG_PTS, "Secret assessment value: %B", &this->secret); + + hasher->destroy(hasher); + return TRUE; +} + +METHOD(pts_t, get_secret, chunk_t, + private_pts_t *this) +{ + return this->secret; +} + /** * Print TPM 1.2 Version Info */ @@ -553,8 +633,7 @@ METHOD(pts_t, destroy, void, private_pts_t *this) { DESTROY_IF(this->aik); - free(this->dh_nonce.ptr); - free(this->dh_public_value.ptr); + DESTROY_IF(this->dh); free(this->platform_info); free(this->tpm_version_info.ptr); free(this); @@ -722,6 +801,11 @@ pts_t *pts_create(bool is_imc) .set_meas_algorithm = _set_meas_algorithm, .get_dh_group = _get_dh_group, .set_dh_group = _set_dh_group, + .create_dh = _create_dh, + .get_my_pub_val = _get_my_pub_val, + .set_other_pub_val = _set_other_pub_val, + .calculate_secret = _calculate_secret, + .get_secret = _get_secret, .get_platform_info = _get_platform_info, .set_platform_info = _set_platform_info, .get_tpm_version_info = _get_tpm_version_info, diff --git a/src/libpts/pts/pts.h b/src/libpts/pts/pts.h index ca3ef0cbb8..dea846a8ab 100644 --- a/src/libpts/pts/pts.h +++ b/src/libpts/pts/pts.h @@ -38,6 +38,11 @@ typedef struct pts_t pts_t; #define SOLIDUS_UTF 0x2F #define REVERSE_SOLIDUS_UTF 0x5C +/** + * Lenght of the generated nonce used for calculation of shared secret + */ +#define NONCE_LEN 20 + /** * Class implementing the TCG Platform Trust System (PTS) * @@ -86,6 +91,46 @@ struct pts_t { */ void (*set_dh_group)(pts_t *this, pts_dh_group_t dh_group); + /** + * Set PTS Diffie Hellman Object + * + * @param dh D-H object + */ + bool (*create_dh)(pts_t *this, pts_dh_group_t group); + + /** + * Gets Own Diffie Hellman Public Value + * + * @return D-H Public Value + */ + chunk_t (*get_my_pub_val)(pts_t *this); + + /** + * Sets the public value of partner. + * + * @param value public value of partner + */ + void (*set_other_pub_val) (pts_t *this, chunk_t value); + + /** + * Calculates secret assessment value to be used for TPM Quote as an external data + * + * @param initiator_nonce Initiator nonce (IMV nonce) + * @param responder_nonce Responder nonce (IMC nonce) + * @param algorithm Hashing algorithm + * @return TRUE, FALSE if not both DH public values and + * nonces are set + */ + bool (*calculate_secret) (pts_t *this, chunk_t initiator_nonce, + chunk_t responder_nonce, pts_meas_algorithms_t algorithm); + + /** + * Returns secret assessment value to be used for TPM Quote as an external data + * + * @return Secret assessment value + */ + chunk_t (*get_secret) (pts_t *this); + /** * Get Platform and OS Info *