From d83bcc310d72efdf0f77258f30bb21fb52e9bda7 Mon Sep 17 00:00:00 2001 From: Sansar Choinyambuu Date: Wed, 21 Sep 2011 16:32:25 +0200 Subject: [PATCH] Started implementing handling of DH Nonce attributes --- .../plugins/imc_attestation/imc_attestation.c | 9 +++++++ .../plugins/imv_attestation/imv_attestation.c | 27 +++++++++++++++++++ src/libpts/Makefile.am | 1 + .../tcg/tcg_pts_attr_dh_nonce_params_req.h | 3 +-- 4 files changed, 38 insertions(+), 2 deletions(-) diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation.c b/src/libimcv/plugins/imc_attestation/imc_attestation.c index 46e4b73844..99fbdc1cf8 100644 --- a/src/libimcv/plugins/imc_attestation/imc_attestation.c +++ b/src/libimcv/plugins/imc_attestation/imc_attestation.c @@ -62,6 +62,11 @@ static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE; */ static linked_list_t *evidences = NULL; +/** + * Supported PTS Diffie Hellman Groups + */ +static pts_dh_group_t supported_dh_groups = 0; + /** * see section 3.7.1 of TCG TNC IF-IMC Specification 1.2 */ @@ -80,6 +85,10 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id, { return TNC_RESULT_FATAL; } + if (!pts_probe_dh_groups(&supported_dh_groups)) + { + return TNC_RESULT_FATAL; + } imc_attestation = imc_agent_create(imc_name, IMC_VENDOR_ID, IMC_SUBTYPE, imc_id, actual_version); if (!imc_attestation) diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation.c b/src/libimcv/plugins/imv_attestation/imv_attestation.c index 10ee35ef0e..87832a730b 100644 --- a/src/libimcv/plugins/imv_attestation/imv_attestation.c +++ b/src/libimcv/plugins/imv_attestation/imv_attestation.c @@ -57,6 +57,11 @@ static pts_meas_algorithms_t supported_algorithms = PTS_MEAS_ALGO_NONE; */ static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE; +/** + * Supported PTS Diffie Hellman Groups + */ +static pts_dh_group_t supported_dh_groups = 0; + /** * PTS file measurement database */ @@ -92,6 +97,10 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id, { return TNC_RESULT_FATAL; } + if (!pts_probe_dh_groups(&supported_dh_groups)) + { + return TNC_RESULT_FATAL; + } imv_attestation = imv_agent_create(imv_name, IMV_VENDOR_ID, IMV_SUBTYPE, imv_id, actual_version); if (!imv_attestation) @@ -118,6 +127,24 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id, return TNC_RESULT_FATAL; } + /** + * Specify supported PTS Diffie Hellman Groups + * + * ike2: PTS_DH_GROUP_IKE2 + * ike5: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 + * ike14: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 + * ike19: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 | PTS_DH_GROUP_IKE19 + * ike20: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 | PTS_DH_GROUP_IKE19 | PTS_DH_GROUP_IKE20 + * + * we expect the PTS-IMC to select the strongest supported group + */ + dh_group = lib->settings->get_str(lib->settings, + "libimcv.plugins.imv-attestation.dh_group", "ike19"); + if (!pts_update_supported_dh_groups(dh_group, &supported_dh_groups)) + { + return TNC_RESULT_FATAL; + } + /* create a PTS credential manager */ pts_credmgr = credential_manager_create(); diff --git a/src/libpts/Makefile.am b/src/libpts/Makefile.am index bf0cbf920d..4f8d483f41 100644 --- a/src/libpts/Makefile.am +++ b/src/libpts/Makefile.am @@ -17,6 +17,7 @@ libpts_la_SOURCES = \ pts/pts_file_meta.h pts/pts_file_meta.c \ pts/pts_file_type.h pts/pts_file_type.c \ pts/pts_meas_algo.h pts/pts_meas_algo.c \ + pts/pts_dh_group.h pts/pts_dh_group.c \ tcg/tcg_attr.h tcg/tcg_attr.c \ tcg/tcg_pts_attr_proto_caps.h tcg/tcg_pts_attr_proto_caps.c \ tcg/tcg_pts_attr_dh_nonce_params_req.h tcg/tcg_pts_attr_dh_nonce_params_req.c \ diff --git a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h index 1700771564..bc9cb3fd99 100644 --- a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h +++ b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h @@ -21,8 +21,7 @@ #ifndef TCG_PTS_ATTR_DH_NONCE_PARAMS_REQ_H_ #define TCG_PTS_ATTR_DH_NONCE_PARAMS_REQ_H_ -typedef struct tcg_pts_attr_dh_nonce_params_req_t - tcg_pts_attr_dh_nonce_params_req_t; +typedef struct tcg_pts_attr_dh_nonce_params_req_t tcg_pts_attr_dh_nonce_params_req_t; #include "tcg_attr.h" #include "pa_tnc/pa_tnc_attr.h" -- 2.47.3