* Locking to ensure only one instance of ptsc and openpts will run at the same time.
* Added the doorbell ringer(ptsevt) and the listener (ptsevtd)
* Added clear option. e.g. ptsc -e
- * Improved error handling and messages
+ * Improved error handling and messages (console and logging)
* Renew validation models (models/*uml), default ptsc.conf
* Added UEFI BIOS validation models
+ * Refactoring Infineon v1.2 TPM workaround
+ * Bug fixes
- -- Seiji Munetoh <munetoh@users.sourceforge.jp> Fri, 16 Dec 2011 12:00:00 +0900
+ -- Seiji Munetoh <munetoh@users.sourceforge.jp> Thu, 5 Jan 2012 14:40:00 +0900
openpts (0.2.5.1) unstable; urgency=low
/* collector.c */
-int collector(
- OPENPTS_CONFIG *conf,
- int forground, int debug, const char* dirname);
+//int collector(
+// OPENPTS_CONFIG *conf,
+// int forground, int debug, const char* dirname);
/* verifier.c */
int verifier(
int purgeRenewedRm(OPENPTS_CONFIG *conf);
void printRmList(OPENPTS_CONFIG *conf, char *indent);
int getTargetList(OPENPTS_CONFIG *conf, char * config_dir);
+void printTarget(OPENPTS_TARGET *target_collector, char *indent);
void printTargetList(OPENPTS_CONFIG *conf, char *indent);
char *getTargetConfDir(OPENPTS_CONFIG *conf);
OPENPTS_TARGET *getTargetCollector(OPENPTS_CONFIG *conf);
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @author David Sherwood <davidshe@uk.ibm.com>
* @date 2011-05-05
+ * cleanup 2012-01-04
*
*/
#define getDebugFlags() (debugBits)
#define addDebugFlags(x) (debugBits |= (x))
-
-
-
+/* functions */
void writeLog(int priority, const char *format, ...);
void initCatalog(void);
void setLogLocation(int ll, char *filename);
rm.c,1751,,OPENPTS_RM_CONF_DIR_MISSING
log.c,368,,OPENPTS_CANNOT_OPEN_LOGFILE
action.c,,,OPENPTS_ACTION_UNKNOWN
+action.c,,VERBOSE,OPENPTS_ACTION_PROP_CONFLICT
prop.c,,,OPENPTS_PRINT_PROPS
policy.c,,,OPENPTS_POLICY_FILE_OPEN_FAILED
policy.c,,,OPENPTS_POLICY_MISSING
collector.c,,,OPENPTS_INIT_FAIL
collector.c,,,OPENPTS_COLLECTOR_SELFTEST_FAILED
collector.c,,,OPENPTS_COLLECTOR_SELFTEST_FAILED_2
+collector.c,,ERROR,OPENPTS_COLLECTOR_SELFTEST_FAILED_3
+collector.c,,ERROR,OPENPTS_COLLECTOR_SELFTEST_FAILED_4
collector.c,,,OPENPTS_COLLECTOR_FAILED_READ_FSM
collector.c,,,OPENPTS_COLLECTOR_MKDIR_RM_SET_FAILED
collector.c,,,OPENPTS_NEW_RM_UUID
iml2aide.c,,,OPENPTS_IML2AIDE_IGN_LIST
openpts.c,,,OPENPTS_VERIFY_NEW_UUID_REMOTE
tpm_createkey.c,,,OPENPTS_TPM_CREATEKEY_USAGE
-
-
-
-
-
-
-
+verifier.c,,,OPENPTS_VERIFIER_LOCKED
+openpts.c,,,OPENPTS_TARGET_MISSING
+openpts.c,,,OPENPTS_INIT_ENROLL_FAIL
+openpts.c,,,OPENPTS_INIT_VERIFICATION_FAIL
+target,,,OPENPTS_PRINT_TARGET_LIST_NULL
+target,,,OPENPTS_TARGET_CONFDIR_MISSING
+target,,,OPENPTS_TARGET_NULL
+ptsc.c,,,OPENPTS_COLLECTOR_NOT_INITIALIZED
+ptsc.c,,,OPENPTS_COLLECTOR_CONFIG_FILE
+misc.c,,ERROR,OPENPTS_MALLOC_FAIL
+misc.c,,ERROR,OPENPTS_ABORT
+tboot2iml.c,,OUTPUT,OPENPTS_TBOOT2IML_USAGE
+tboot2iml.c,,ERROR,OPENPTS_TBOOT2IML_GRUBPATH_MISSING
* \brief FSM action
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-06-19
- * cleanup 2011-07-20 SM
+ * cleanup 2012-01-05 SM (remains 5 lint errors)
*
* FSM Action (UML2 doActivity)
*
*/
int resetPCR(OPENPTS_CONTEXT *ctx, char *value) {
int rc;
- int pcr_index = atoi(value);
+ int pcr_index;
- DEBUG_FSM("resetPCR(%d)\n", pcr_index);
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (value == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ pcr_index = atoi(value);
+
+ /* reset */
rc = resetTpmPcr(&ctx->tpm, pcr_index);
if (rc != PTS_SUCCESS) {
LOG(LOG_ERR, "reset PCR[%d] was failed, check the model");
/* Also, reset the action counter */
ctx->bios_action_count = 0;
+ DEBUG_FSM("resetPCR(%d)\n", pcr_index);
+
return PTS_SUCCESS;
}
/* check */
if (eventWrapper == NULL) {
- // TODO do not care for dummy EW
- DEBUG("null input\n"); // TODO is this OK?
- // TODO define RC <-> fsm.c >> INFO:(TODO) fsm.c:986 updateFsm() - rc = 58, call updateFsm() again
+ // do not care for dummy EW, not a error.
+ DEBUG("null input");
return PTS_INTERNAL_ERROR;
}
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
event = eventWrapper->event;
if (event == NULL) {
- LOG(LOG_ERR, "null input\n");
+ LOG(LOG_ERR, "null input");
return PTS_FATAL;
}
/* value = eventdata */
value = snmalloc((char *)event->rgbEvent, event->ulEventLength);
if (value == NULL) {
+ LOG(LOG_ERR, "no memory");
return PTS_FATAL;
}
snprintf(name, BUF_SIZE, "bios.pcr.%d.action.%d", event->ulPcrIndex, ctx->bios_action_count);
ctx->bios_action_count++;
+ setProperty(ctx, name, value);
DEBUG_FSM("[FSM] addBIOSAction() - '%s' = '%s'\n", name, value);
- setProperty(ctx, name, value);
-
+ /* free */
xfree(value);
return PTS_SUCCESS;
UINT32 event_id;
UINT32 event_length;
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
/* event */
if (eventWrapper == NULL) {
LOG(LOG_ERR, "addBIOSSpecificProperty- eventWrapper is NULL\n");
return PTS_INTERNAL_ERROR; // -1
}
event = eventWrapper->event;
-
if (event->eventType != 0x06) {
LOG(LOG_ERR, "addBIOSSpecificProperty - bad event type 0x%x !- 0x06\n", event->eventType);
return PTS_INTERNAL_ERROR; // -1
}
- // DEBUG("event data size = %d\n", event->ulEventLength);
- // printHex("", event->rgbEvent, event->ulEventLength, "\n");
-
/* check EventData */
if (event->ulEventLength == 0) {
LOG(LOG_ERR, "addBIOSSpecificProperty - Bad IML, ulEventLength is 0.");
return PTS_FATAL;
}
-
+ /* event */
event_id = byte2uint32(&event->rgbEvent[0]);
event_length = byte2uint32(&event->rgbEvent[4]);
- // DEBUG("event data size = %d, id = 0x%x, len %d,\n", event->ulEventLength, event_id, event_length);
-
switch (event_id) {
case 0x0001:
{
} else {
setProperty(ctx, "bios.smbios", buf);
}
- // rc = 0;
xfree(buf);
}
break;
break;
}
- return PTS_SUCCESS; // -1;
+ return PTS_SUCCESS;
}
int validateMBR(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
TSS_PCR_EVENT *event;
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
if (eventWrapper == NULL) {
LOG(LOG_ERR, "null input");
- return PTS_INTERNAL_ERROR; // -1;
+ return PTS_FATAL;
}
event = eventWrapper->event;
if (event == NULL) {
LOG(LOG_ERR, "event is NULL\n");
- return PTS_INTERNAL_ERROR; // -1;
+ return PTS_FATAL; // -1;
}
// TODO
int validateEltoritoBootImage(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
TSS_PCR_EVENT *event;
- // DEBUG("validateEltoritoBootImage - NA\n");
-
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
if (eventWrapper == NULL) {
LOG(LOG_ERR, "eventWrapper is NULL\n");
- return PTS_INTERNAL_ERROR; // -1;
+ return PTS_FATAL;
}
-
event = eventWrapper->event;
if (event == NULL) {
LOG(LOG_ERR, "event is NULL\n");
- return PTS_INTERNAL_ERROR; // -1;
+ return PTS_FATAL;
}
+ /* set prop */
setProperty(ctx, "ipl.eltorito.integrity", "unknown");
- return PTS_SUCCESS; // -1;
+ return PTS_SUCCESS;
}
/**
char *buf;
int buf_len;
- // DEBUG("setModuleProperty - NA\n");
-
/* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
if (eventWrapper == NULL) {
LOG(LOG_ERR, "eventWrapper is NULL\n");
- return PTS_INTERNAL_ERROR; // -1;
+ return PTS_FATAL;
}
-
event = eventWrapper->event;
-
if (event == NULL) {
LOG(LOG_ERR, "event is NULL\n");
- return PTS_INTERNAL_ERROR; // -1;
+ return PTS_FATAL;
}
/* kernel.initrd.digest = PCR => B64 digest */
&buf_len);
if (buf == NULL) {
LOG(LOG_ERR, "encodeBase64 fail");
- return PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
setProperty(ctx, "kernel.initrd.digest", buf);
xfree(buf);
buf[event->ulEventLength] = 0;
setProperty(ctx, "kernel.initrd.filename", buf);
xfree(buf);
+ } else {
+ LOG(LOG_ERR, "no memory");
+ return PTS_FATAL;
}
return PTS_SUCCESS; // -1;
DEBUG_CAL("setLinuxKernelCmdlineAssertion - start\n");
- /* input check */
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
if (eventWrapper == NULL) {
LOG(LOG_ERR, "eventWrapper is NULL\n");
return PTS_FATAL;
}
-
event = eventWrapper->event;
-
if (event == NULL) {
LOG(LOG_ERR, "event is NULL\n");
return PTS_FATAL;
}
-
if (event->rgbEvent == NULL) {
LOG(LOG_ERR, "event->rgbEvent is NULL, BAD IML?\n");
return PTS_FATAL;
/* copy(malloc) strings */
cmdline = snmalloc((char *)event->rgbEvent, event->ulEventLength);
+ if (cmdline == NULL) {
+ LOG(LOG_ERR, "snmalloc() fail");
+ return PTS_FATAL;
+ }
/* first string = kernel filename */
tp = strtok_r(cmdline, " ", &saveptr);
"Property %s=%s and %s=%s are conflicted. Drop them from the policy list.",
name, prop->value,
name, value);
- VERBOSE(2, // TODO NLS
- "Property %s=%s and %s=%s are conflicted. Drop them from the policy list.",
+ VERBOSE(2, NLS(MS_OPENPTS, OPENPTS_ACTION_PROP_CONFLICT,
+ "Property %s=%s and %s=%s are conflicted. Drop them from the policy list."),
name, prop->value,
name, value);
prop->ignore = 1;
SHA_CTX sha_ctx;
BYTE digest[SHA1_DIGEST_SIZE];
- // DEBUG("validateImaAggregate - NA\n");
-
/* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
if (eventWrapper == NULL) {
LOG(LOG_ERR, "null input\n");
- return PTS_INTERNAL_ERROR; // -1;
+ return PTS_FATAL;
}
-
event = eventWrapper->event;
-
if (event == NULL) {
LOG(LOG_ERR, "event is NULL\n");
- return PTS_INTERNAL_ERROR; // -1;
+ return PTS_FATAL;
+ }
+ if (event->rgbEvent == NULL) {
+ LOG(LOG_ERR, "null input\n");
+ return PTS_FATAL;
}
/* init SHA1 */
SHA_CTX sha_ctx;
BYTE digest[SHA1_DIGEST_SIZE];
- // DEBUG("validateOldImaAggregate - NA\n");
-
/* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
if (eventWrapper == NULL) {
- LOG(LOG_ERR, "eventWrapper is NULL\n");
- return PTS_INTERNAL_ERROR; // -1;
+ LOG(LOG_ERR, "eventWrapper is NULL");
+ return PTS_FATAL;
}
-
event = eventWrapper->event;
if (event == NULL) {
- LOG(LOG_ERR, "event is NULL\n");
- return PTS_INTERNAL_ERROR; // -1;
+ LOG(LOG_ERR, "event is NULL");
+ return PTS_FATAL;
+ }
+ if (event->rgbPcrValue == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
}
/* init SHA1 */
int updateImaProperty(OPENPTS_CONTEXT *ctx, char* name, char* b64digest, char *integrity) {
char prop_name[256];
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (name == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (b64digest == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (integrity == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
/* integrity */
snprintf(prop_name, sizeof(prop_name), "ima.%d.integrty", ctx->ima_count);
setProperty(ctx, prop_name, integrity);
DEBUG_CAL("validateImaMeasurement - start\n");
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
if (eventWrapper == NULL) {
/* Just ignore the NULL event */
// TODO(munetoh) Detect LOOP
#ifdef CONFIG_AIDE
event = eventWrapper->event;
+ /* check */
+ if (event == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
if (ctx->conf->ima_validation_mode == OPENPTS_VALIDATION_MODE_AIDE) {
int rc = 0;
char *name;
*
*/
int resetCounter(OPENPTS_CONTEXT *ctx) {
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
ctx->count = 0;
// DEBUG("[FSM] resetCounter()");
*
*/
int incrementCounter(OPENPTS_CONTEXT *ctx) {
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
ctx->count += 1;
// DEBUG("[FSM] incrementCounter() %d => %d\n", ctx->count -1, ctx->count);
DEBUG_FSM("addIntelTxtTbootProperty - start\n");
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
/* event */
if (eventWrapper == NULL) {
LOG(LOG_ERR, "addBIOSSpecificProperty- eventWrapper is NULL\n");
return -1;
}
event = eventWrapper->event;
+ if (event == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
switch (event->eventType) {
case EV_TBOOT_SINIT_V6:
// TODO
ctx->drtm = 1;
- // setProperty(ctx, "kernel.commandline", "TBD");
return PTS_SUCCESS;
}
#endif
int saveCounter(OPENPTS_CONTEXT *ctx, char * name) {
char buf[128]; // TODO
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (name == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
snprintf(buf, sizeof(buf), "%d", ctx->count);
addProperty(ctx, name, buf);
- // DEBUG("[FSM] saveCounter() %s = %s\n", name, buf);
return PTS_SUCCESS;
}
if (eventWrapper == NULL) {
/* NULL event, skip evaluation */
DEBUG_FSM("doActivity - eventWrapper is NULL, skip evaluation\n");
- // return 1; //OPENPTS_FSM_SUCCESS;
+ // check again by each func
}
/* copy */
* \brief AIDE I/F APIs
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-06-13
- * cleanup 2011-07-06 SM
+ * cleanup 2012-01-05 SM
*
* 1) Integrity check with AIDE
*
* TODO(munetoh) sep. all and single
*/
void freeAideMetadata(AIDE_METADATA *md) {
- if (md == NULL) return;
+ /* check */
+ if (md == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
if (md->next != NULL) {
freeAideMetadata(md->next);
int addAideMetadata(AIDE_CONTEXT *ctx, AIDE_METADATA *md) {
int rc = 0;
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (md == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
/* update ctx*/
if (ctx->start == NULL) {
/* first metadata */
int rc;
AIDE_CONTEXT *ctx;
- // DEBUG("newAideContext()\n");
-
ctx = xmalloc(sizeof(AIDE_CONTEXT));
if (ctx == NULL) {
+ LOG(LOG_ERR, "no memory");
return NULL;
}
memset(ctx, 0, sizeof(AIDE_CONTEXT));
ctx->aide_md_table_size = 0;
ctx->aide_in_table = xmalloc(sizeof(struct hsearch_data));
- // TODO ck null
+ if (ctx->aide_in_table == NULL) {
+ LOG(LOG_ERR, "no memory");
+ goto error;
+ }
memset(ctx->aide_in_table, 0, sizeof(struct hsearch_data));
// 4096 full
rc = hcreate_r(AIDE_HASH_TABLE_SIZE, ctx->aide_in_table); // hash table for ignore name
*
*/
void freeAideIgnoreList(AIDE_LIST *list) {
+ /* check */
if (list == NULL) {
+ LOG(LOG_ERR, "null input");
return;
}
* load AIDE database from file
*
* filename base64(digest)
+ * Return
+ * num of meatdata
+ * -1 ERROR
*
* caller
* ir.c
int rc;
char *sha1_b64_ptr;
+ DEBUG_CAL("loadAideDatabaseFile - start, filename=[%s]\n", filename);
- DEBUG("loadAideDatabaseFile - start, filename=[%s]\n", filename);
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return -1;
+ }
+ if (filename == NULL) {
+ LOG(LOG_ERR, "null input");
+ return -1;
+ }
fp = gzopen(filename, "r");
if (fp == NULL) {
close:
gzclose(fp);
DEBUG("loadAideDatabaseFile - has %d entries\n", ctx->metadata_num);
- DEBUG("loadAideDatabaseFile - done\n");
+ DEBUG_CAL("loadAideDatabaseFile - done\n");
return ctx->metadata_num;
}
ENTRY e; // htable
ENTRY *ep;
- DEBUG("readAideIgnoreNameFile - start, filename=[%s]\n", filename);
+ DEBUG_CAL("readAideIgnoreNameFile - start, filename=[%s]\n", filename);
+
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
/* Open file for read */
fp = fopen(filename, "r");
if (fp == NULL) {
DEBUG("%s missing\n", filename);
- return -1;
+ return PTS_FATAL;
}
-
/* parse */
while (fgets(line, BUF_SIZE, fp) != NULL) { // read line
/* ignore comment, null line */
error:
fclose(fp);
- DEBUG("readAideIgnoreNameFile - done, num = %d\n", cnt);
+ DEBUG_CAL("readAideIgnoreNameFile - done, num = %d\n", cnt);
return rc;
}
AIDE_METADATA *md;
int i;
- DEBUG("printAideData - start\n");
+ DEBUG_CAL("printAideData - start\n");
DEBUG("printAideData - num = %d\n", ctx->metadata_num);
+ /* check*/
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
md = ctx->start;
for (i = 0; i < ctx->metadata_num; i++) {
md = md->next;
}
- DEBUG("printAideData - end\n");
+ DEBUG_CAL("printAideData - end\n");
- return 0;
+ return PTS_SUCCESS;
}
#if 1
}
}
+#if 0
/**
* check AIDE MD vs given MD (SHA1)
*
DEBUG_FSM("checkFileByAide - MISS\n");
return -2;
}
-
+#endif
/**
*
* return
* -1: MISS
* 0: HIT
- *
+ * -2: ERROR
*/
int checkIgnoreList(AIDE_CONTEXT *ctx, char *name) {
AIDE_LIST *list;
int len;
/* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return -2;
+ }
if (name == NULL) {
LOG(LOG_ERR, "checkIgnoreList() - name is null\n");
return -2;
AIDE_METADATA *md;
int i;
+ /* check */
if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
return NULL;
}
-
if (name == NULL) {
+ LOG(LOG_ERR, "null input");
return NULL;
}
int len;
int i, j;
+ /* check */
+ if (in == NULL) {
+ LOG(LOG_ERR, "null input");
+ return -1;
+ }
len = strlen(in);
/* rough malloc new buffer */
buf = xmalloc(len*3);
if (buf == NULL) {
+ LOG(LOG_ERR, "no memory");
return -1;
}
char *aide_filename = NULL;
int len;
- DEBUG("convertImlToAideDbFile %s\n", filename);
+ DEBUG_CAL("convertImlToAideDbFile %s\n", filename);
+
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return -1;
+ }
+ if (filename == NULL) {
+ LOG(LOG_ERR, "null input");
+ return -1;
+ }
/* file open for write */
fp = gzopen(filename, "wb");
DEBUG("writeReducedAidbDatabase %s\n", filename);
+ /* check */
if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return -1;
+ }
+ if (filename == NULL) {
+ LOG(LOG_ERR, "null input");
return -1;
}
sql = sqlite3_mprintf("SELECT * from sample where digest = '%s'", key);
sqlite3_get_table(ctx->sqlite_db, sql, &result, &row, &col, &err);
- // DEBUG("%2d %d %s\n",row,col, md->hash_key);
if (row >= 1) {
return OPENPTS_RESULT_VALID;
}
- // LOG(LOG_ERR, "row = %d\n",row);
-
/* free */
sqlite3_free(sql);
sqlite3_free(err);
sqlite3_free_table(result);
-
-
return OPENPTS_RESULT_UNKNOWN;
}
#endif // CONFIG_SQLITE
* \brief FSM action for Auto RM Update (ARU)
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2011-01-11
- * cleanup 2011-01-22 SM
+ * cleanup 2012-01-05 SM
*
* 2011-02-28 SM
* ARU information is stored in conf instead of ctx since this is part of
int update_type;
int data_length;
- DEBUG("startUpdate() - start\n");
+ DEBUG_CAL("startUpdate() - start\n");
/* check input */
if (ctx == NULL) {
update = (OPENPTS_UPDATE_CONTEXT *) conf->update;
start = (OPENPTS_EVENT_UPDATE_START *) event->rgbEvent;
- // DEBUG("StartUpdate\n");
- // printHex("UpdateEvent ", (BYTE*) start, sizeof(OPENPTS_EVENT_UPDATE_START), "\n");
-
// Convert the Endian
if (ctx->conf->iml_endian != 0) {
target_pcr_index = b2l(start->target_pcr_index);
update->target_pcr_index = target_pcr_index;
update->target_snapshot_level = target_snapshot_level;
-
/* setup OPENPTS_UPDATE_SNAPSHOT */
if (update->snapshot
[target_pcr_index]
[target_snapshot_level] == NULL) {
/* 1st update of this PCR/Level */
- // OPENPTS_UPDATE_SNAPSHOT
/* malloc OPENPTS_UPDATE_SNAPSHOT */
- // uss = xmalloc(sizeof(OPENPTS_UPDATE_SNAPSHOT));
uss = newUpdateSnapshot();
if (uss == NULL) {
- return PTS_INTERNAL_ERROR;
+ LOG(LOG_ERR, "newUpdateSnapshot() fail");
+ return PTS_FATAL;
}
- // memset(uss, 0, sizeof(OPENPTS_UPDATE_SNAPSHOT));
} else {
/* already exist => replace */
/* free Old SS */
[target_snapshot_level] = uss;
conf->update_exist = 1;
- DEBUG("startUpdate() - update exit\n");
+ DEBUG_CAL("startUpdate() - update exit\n");
return PTS_SUCCESS;
}
* doAction - deputyEvent
*/
int deputyEvent(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
+ int rc = PTS_SUCCESS;
TSS_PCR_EVENT *event;
OPENPTS_UPDATE_CONTEXT *update;
- int rc = PTS_SUCCESS;
OPENPTS_CONFIG *conf;
OPENPTS_UPDATE_SNAPSHOT *uss;
OPENPTS_EVENT_UPDATE_START *start;
int event_num;
- DEBUG("endUpdate() - start\n");
+ DEBUG_CAL("endUpdate() - start\n");
/* check input */
if (ctx == NULL) {
* doAction - updateCollector
*/
int updateCollector(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
- // int rc = PTS_SUCCESS;
TSS_PCR_EVENT *event;
OPENPTS_EVENT_COLLECTOR_UPDATE *update = NULL;
OPENPTS_CONFIG *conf;
/* Move to next level (0->1) */
incActiveSnapshotLevel(ctx->ss_table, target_pcr_index);
- // goto end;
break;
} else if (rc == OPENPTS_FSM_FINISH_WO_HIT) {
// TRANSIT, Skip update SS chain
/* Move to next level (0->1) */
incActiveSnapshotLevel(ctx->ss_table, target_pcr_index);
- // goto end;
break;
} else {
LOG(LOG_ERR, "updateFsm rc=%d\n", rc);
}
ss->event_num++;
- // update->event_count++;
rc = OPENPTS_FSM_MIGRATE_EVENT;
eventWrapper = eventWrapper->next_pcr;
count++;
- // TODO count
}
// TODO check count
// TODO cut EW <-> event link
/* malloc eventlog */
collector_update = xmalloc_assert(sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE));
+ if (collector_update == NULL) {
+ LOG(LOG_ERR, "no memory\n");
+ return PTS_FATAL;
+ }
event = xmalloc_assert(sizeof(TSS_PCR_EVENT));
+ if (event == NULL) {
+ LOG(LOG_ERR, "no memory\n");
+ xfree(collector_update);
+ return PTS_FATAL;
+ }
/* fill collector_start */
memcpy(&collector_update->pts_version, &conf->pts_version, 4);
if ( -1 == bytesRead ) {
LOG(LOG_ERR, "Failed to read from fd %d, errno %d\n", fd, errno);
break;
- } else if ( bytesRead == 0) {
+ } else if (bytesRead == 0) {
if (totalBytesRead != len) {
LOG(LOG_ERR, "Finished reading from file prematurely, still expecting data.");
return PTS_FATAL;
}
}
- if ( fd != -1) {
+ if (fd != -1) {
close(fd);
}
if (target_conf_filename != NULL) xfree(target_conf_filename);
if (target_conf != NULL) freePtsConfig(target_conf);
- // DEBUG("error at verifier\n");
return rc;
}
* \brief Base64 Encode/Decode
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-12-31 SM
+ * cleanup 2012-01-05 SM
*
* http://en.wikipedia.org/wiki/Base64
*
return (len / 4 * 3) + 1;
}
-
/**
* Encode BYTE[] to Base64 string
* Return
}
/* Trans */
-
while (1) {
if ( len >= 3 ) {
out[ptr2 ] = transTable[ in[ptr1 ] >>2];
return out;
}
-
/**
* trans (do not check the bad input)
*/
/* last char */
i = len - 1;
- while(i > 0) {
+ while (i > 0) {
if (in[i] == '\n') {
/* skip */
skip++;
(_b64trans(inbuf[2]) >> 2);
out[ptr2+2] = ((_b64trans(inbuf[2])&0x03) << 6) |
_b64trans(inbuf[3]);
- len2 -= 4; // skip chars has been removed in len2
+ len2 -= 4; // skip chars has been removed in len2
ptr1 += 4 + skip;
ptr2 += 3;
} else if ( inbuf[1] == '=' ) {
* \brief TCG IF-M collector functions
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2011-01-06
- * cleanup 2011-07-20 SM
+ * cleanup 2012-01-05 SM
*
* move from ptscd.c
*
*/
-
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int i;
OPENPTS_SNAPSHOT *ss;
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
+
OUTPUT(NLS(MS_OPENPTS, OPENPTS_FSM_INFO_HEADER, "%sPCR lv FSM files\n"), indent);
OUTPUT("%s-----------------------------------------------------\n", indent);
BYTE pcr[SHA1_DIGEST_SIZE];
SHA_CTX sha_ctx;
+ /* check */
+ if (conf == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
/* malloc eventlog */
collector_start = xmalloc_assert(sizeof(OPENPTS_EVENT_COLLECTOR_START));
+ if (collector_start == NULL) {
+ LOG(LOG_ERR, "no memory");
+ return PTS_FATAL;
+ }
event = xmalloc_assert(sizeof(TSS_PCR_EVENT));
+ if (event == NULL) {
+ LOG(LOG_ERR, "no memory");
+ xfree(collector_start);
+ return PTS_FATAL;
+ }
/*fill collector_start */
memcpy(&collector_start->pts_version, &conf->pts_version, 4);
memcpy(&collector_start->collector_uuid, conf->uuid->uuid, 16);
memcpy(&collector_start->manifest_uuid, conf->rm_uuid->uuid, 16);
-
/* get PCR value*/
- // memcpy(&collector_start->pcr_value;
readPcr(conf->openpts_pcr_index, pcr);
memcpy(&collector_start->pcr_value, pcr, SHA1_DIGEST_SIZE);
-
/* calc digest */
SHA1_Init(&sha_ctx);
SHA1_Update(
SHA1_Final(pcr, &sha_ctx);
/* fill eventlog */
- // event->versionInfo // set by TSP?
event->ulPcrIndex = conf->openpts_pcr_index; // set by TSP?
event->eventType = EV_COLLECTOR_START; // openpts_tpm.h
event->ulPcrValueLength = SHA1_DIGEST_SIZE;
return PTS_SUCCESS;
}
-
-
/**
* initialize ptsc
*
*
* Return
* PTS_SUCCESS
- * PTS_INTERNAL_ERROR
+ * OPENPTS_IML_MISSING
+ * PTS_FATAL
*/
-
int init(
OPENPTS_CONFIG *conf,
int prop_count,
addReason(ctx, -1,
"[PTSC-INIT] Couldn't read IML file, %s. Check the ptsc configuration, %s.",
conf->runtime_iml_filename, conf->config_file);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
}
}
NLS(MS_OPENPTS, OPENPTS_COLLECTOR_MISSING_CONFIG_DIR,
"[PTSC-INIT] Configuration directory is not defined. Check the ptsc configuration file, %s"),
conf->config_file);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
} else {
/* check */
/* Generate UUID of this platform */
if (conf->uuid == NULL) {
- // TODO UUID filename is missing
+ LOG(LOG_ERR, "conf->uuid == NULL");
addReason(ctx, -1,
NLS(MS_OPENPTS, OPENPTS_COLLECTOR_BAD_CONFIG_FILE,
- "[PTSC-INIT] Bad configuration file, %s"),
+ "[PTSC-INIT] Bad configuration file, %s. Check 'uuid.file' option"),
conf->config_file);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
} else if (conf->uuid->status == OPENPTS_UUID_FILENAME_ONLY) {
/* gen new UUID */
rc = genOpenptsUuid(conf->uuid);
if (rc != PTS_SUCCESS) {
+ LOG(LOG_ERR, "genOpenptsUuid() fail");
addReason(ctx, -1,
"[PTSC-INIT] Generation of UUID was failed");
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
}
} else {
0,
conf->srk_password_mode);
if (rc == 0x0001) { // 0x0001
+ DEBUG("createTssSignKey() failed");
addReason(ctx, -1,
NLS(MS_OPENPTS, OPENPTS_COLLECTOR_SIGN_KEY_FAIL,
"[PTSC-INIT] Failed to create the signed key. "
"If you are using the well known SRK secret key (all zeroes) "
"then please try again with the '-z' option\n"));
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
} else if (rc != PTS_SUCCESS) {
- DEBUG("createTssSignKey() failed\n");
+ DEBUG("createTssSignKey() failed");
addReason(ctx, -1,
"[PTSC-INIT] Could not create the Key (rc = 0x%x).", rc);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
}
OUTPUT(NLS(MS_OPENPTS, OPENPTS_INIT_PTSCD, "Sign key location: SYSTEM\n"));
/* UUID for RM */
if (conf->rm_uuid == NULL) {
// init/set by readPtsConf
- // LOG(LOG_ERR, "conf->rm_uuid == NULL\n");
+ LOG(LOG_ERR, "conf->rm_uuid == NULL\n");
addReason(ctx, -1,
"[PTSC-INIT] RM_UUID file is not defined (rm.uuid.file) in the ptsc configulation, %s",
conf->config_file);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
} else if (conf->rm_uuid->status == OPENPTS_UUID_FILENAME_ONLY) {
rc = genOpenptsUuid(conf->rm_uuid);
if (rc != PTS_SUCCESS) {
addReason(ctx, -1,
"[PTSC-INIT] Generation of RM UUID was failed");
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
}
if (rc != PTS_SUCCESS) {
addReason(ctx, -1,
"[PTSC-INIT] Couldn't create Reference Maniferst directory");
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
}
addReason(ctx, -1,
"[PTSC-INIT] Couldn't create the manifest file, %s",
conf->rm_filename[i]);
- //printReason(ctx, 0);
rc = PTS_FATAL;
goto error;
}
addReason(ctx, -1,
"[PTSC-INIT] Couldn't write the uuid file, '%s'.\n",
conf->uuid->filename);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
}
addReason(ctx, -1,
"[PTSC-INIT] Couldn't write the UUID file, %s",
conf->rm_uuid->filename);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto error;
}
+ LOG(LOG_INFO, "ptsc has successfully initialized!\n");
OUTPUT(NLS(MS_OPENPTS, OPENPTS_INIT_SUCCESS,
"\nptsc has successfully initialized!\n\n"));
- LOG(LOG_INFO, "ptsc has successfully initialized!\n");
goto free;
error:
/* initialization was faild */
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_INIT_FAIL,
+ LOG(LOG_INFO, "ptsc initialization was failed\n");
+ ERROR(NLS(MS_OPENPTS, OPENPTS_INIT_FAIL,
"ptsc initialization was failed\n\n"));
printReason(ctx, 0);
- LOG(LOG_INFO, "ptsc initialization was failed\n");
free:
/* free */
return rc;
}
-
-
/**
*
* Selftest
* OPENPTS_SELFTEST_RENEWED update/reboot -> success
* OPENPTS_SELFTEST_FALLBACK
* OPENPTS_SELFTEST_FAILED
- * PTS_INTERNAL_ERROR something wrong:-(
+ * PTS_FATAL something wrong:-(
*/
int selftest(OPENPTS_CONFIG *conf, int prop_count, OPENPTS_PROPERTY *prop_start, OPENPTS_PROPERTY *prop_end) {
int rc = PTS_INTERNAL_ERROR;
OPENPTS_PROPERTY *prop;
char * ir_filename;
- DEBUG("selftest() start\n");
+ DEBUG_CAL("selftest() start\n");
- /* Step 1 - IR gen */
+ /* Step 1 - Generate IR --------------------------------------------------*/
- /* new */
+ /* new CTX for generation */
ctx = newPtsContext(conf);
if (ctx == NULL) {
- return PTS_INTERNAL_ERROR;
+ LOG(LOG_ERR, "newPtsContext() fail. no memory?");
+ return PTS_FATAL;
}
/* copy properties */
prop = prop_start;
for (i = 0; i < prop_count; i++) {
if (prop == NULL) {
- LOG(LOG_ERR, "prop == NULL\n");
- return PTS_INTERNAL_ERROR; // TODO free
+ LOG(LOG_ERR, "prop == NULL");
+ rc = PTS_FATAL;
+ goto free;
}
addProperty(ctx, prop->name, prop->value);
prop = prop->next;
/* set dummy nonce for IR gen */
ctx->nonce->nonce_length = 20;
ctx->nonce->nonce = xmalloc_assert(20);
+ if (ctx->nonce->nonce == NULL) {
+ LOG(LOG_ERR, "no memory");
+ rc = PTS_FATAL;
+ goto free;
+ }
memset(ctx->nonce->nonce, 0x5A, 20);
- // dummy target uuid
+ /* set dummy target uuid */
ctx->str_uuid = smalloc("SELFTEST");
+ if (ctx->str_uuid == NULL) {
+ LOG(LOG_ERR, "no memory");
+ rc = PTS_FATAL;
+ goto free;
+ }
/* gen IR */
rc = genIr(ctx, NULL);
if (rc != PTS_SUCCESS) {
LOG(LOG_ERR, "selftest() - genIR failed\n");
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto free;
}
ir_filename = ctx->ir_filename;
ctx->ir_filename = NULL;
- /* free */
+ /* free CTX */
freePtsContext(ctx);
+ ctx = NULL;
- // DEBUG("selftest() - generate IR file => %s\n", conf->ir_filename);
- DEBUG("selftest() - generate IR - done\n");
+ DEBUG("selftest() - generate IR - done (ir file = %s)\n", ir_filename);
- /* Step 2 - Validate IR */
+ /* Step 2 - Validate IR --------------------------------------------------*/
/* Keep conf but reset some flags in conf */
- // conf->aru_count = 0;
- // conf->enable_aru;
#ifdef CONFIG_AUTO_RM_UPDATE
+ /* clear ARU */
conf->update_exist = 0;
#endif
- /* new */
+ /* new CTX for validation */
ctx = newPtsContext(conf);
if (ctx == NULL) {
- return PTS_INTERNAL_ERROR;
+ LOG(LOG_ERR, "newPtsContext() fail. no memory?");
+ return PTS_FATAL;
}
+
+ /* set generated IR */
ctx->ir_filename = ir_filename;
/* setup RMs */
LOG(LOG_ERR, "selftest() - getRmSetDir() failed\n");
LOG(LOG_TODO, "conf->rm_uuid->filename %s\n", conf->rm_uuid->filename);
LOG(LOG_TODO, "conf->rm_uuid->str %s\n", conf->rm_uuid->str);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto free;
}
rc = readRmFile(ctx, conf->rm_filename[i], i);
if (rc < 0) {
LOG(LOG_ERR, "readRmFile fail\n");
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto free;
}
}
// ctx->conf->iml_mode = 1;
// ctx->conf->ir_without_quote = 1;
-
-
- //result = validateIr(ctx, conf->ir_filename); /* ir.c */
- // TODO
result = validateIr(ctx); /* ir.c */
-
/* check RM integrity status */
DEBUG("selftest() - validate IR - done (rc = %d)\n", result);
- if ((rc != OPENPTS_RESULT_VALID) && isDebugFlagSet(DEBUG_FLAG)) {
+ if ((result != OPENPTS_RESULT_VALID) && (getVerbosity() > 0)) {
+ ERROR(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_SELFTEST_FAILED_4,
+ "The self test has failed"));
printReason(ctx, 0);
}
if (result != OPENPTS_RESULT_VALID) {
- addReason(ctx, -1, NLS(MS_OPENPTS, OPENPTS_COLLECTOR_SELFTEST_FAILED, "[SELFTEST] The self test failed"));
+ addReason(ctx, -1, NLS(MS_OPENPTS, OPENPTS_COLLECTOR_SELFTEST_FAILED,
+ "[SELFTEST] The self test failed"));
if ((conf->newrm_uuid != NULL) && (conf->newrm_uuid->uuid != NULL)) {
/* New RM exist (for reboot after the update), Try the new RM */
rc = writeOpenptsUuidFile(conf->rm_uuid, 1);
if (rc != PTS_SUCCESS) {
LOG(LOG_ERR, "writeOpenptsUuidFile fail\n");
+ rc = PTS_FATAL;
+ goto free;
}
-
- // TODO check rc
/* delete newrm_uuid */
rc = remove(conf->newrm_uuid->filename);
- // TODO check rc
+ if (rc != 0) {
+ LOG(LOG_ERR, "remove(%s) fail\n", conf->newrm_uuid->filename);
+ rc = PTS_FATAL;
+ goto free;
+ }
rc = OPENPTS_SELFTEST_RENEWED;
} else {
/* fail */
- LOG(LOG_ERR, "sleftest fail\n");
+ LOG(LOG_ERR, "2nd selftest with NEWRM also fail\n");
addReason(ctx, -1, NLS(MS_OPENPTS, OPENPTS_COLLECTOR_SELFTEST_FAILED_2,
"[SELFTEST] The self test using both current and new UUIDs has failed"));
printReason(ctx, 0);
rc = OPENPTS_SELFTEST_FAILED;
}
} else {
+ /* Missing NEWRM */
printReason(ctx, 0);
rc = OPENPTS_SELFTEST_FAILED;
}
/* free */
freePtsContext(ctx);
+ if (rc == PTS_FATAL) {
+ ERROR(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_SELFTEST_FAILED_3,
+ "The self test has failed. See log for details."));
+ }
+
return rc;
}
-
-
/**
* New RM
*
* PTS_SUCCESS
* PTS_INTERNAL_ERROR
*/
-
int newrm(OPENPTS_CONFIG *conf, int prop_count, OPENPTS_PROPERTY *prop_start, OPENPTS_PROPERTY *prop_end) {
int rc = PTS_SUCCESS;
OPENPTS_CONTEXT *ctx;
/* ctx for init */
ctx = newPtsContext(conf);
if (ctx == NULL) {
- return PTS_INTERNAL_ERROR;
+ LOG(LOG_ERR, "newPtsContext() fail. no memory?");
+ return PTS_FATAL;
}
#if 1
prop = prop_start;
for (i = 0; i < prop_count; i++) {
if (prop == NULL) {
- LOG(LOG_ERR, "prop == NULL\n");
- return PTS_INTERNAL_ERROR; // TODO free
+ LOG(LOG_ERR, "prop == NULL");
+ rc = PTS_FATAL;
+ goto free;
}
addProperty(ctx, prop->name, prop->value);
prop = prop->next;
if (rc != PTS_SUCCESS) {
ERROR(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_FAILED_READ_FSM,
"Failed to read the FSM file.\n"));
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto free;
}
LOG(LOG_ERR, "conf->rm_uuid == NULL");
} else if (conf->rm_uuid->status == OPENPTS_UUID_FILENAME_ONLY) {
rc = genOpenptsUuid(conf->rm_uuid);
- // TODO
+ if (rc != PTS_SUCCESS) {
+ LOG(LOG_ERR, "genOpenptsUuid() fail\n");
+ rc = PTS_FATAL;
+ goto free;
+ }
} else {
DEBUG("init() - use given RM UUID %s\n", conf->rm_uuid->str);
}
/* save/update rm_uuid file */
rc = writeOpenptsUuidFile(conf->rm_uuid, 1); // TODO overwite?
if (rc != PTS_SUCCESS) {
- LOG(LOG_ERR, "writeOpenptsUuidFile fail\n");
+ LOG(LOG_ERR, "writeOpenptsUuidFile() fail\n");
+ rc = PTS_FATAL;
+ goto free;
}
/* RM set DIR */
if (rc != PTS_SUCCESS) {
ERROR(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_MKDIR_RM_SET_FAILED,
"Failed to create the reference manifest set directory\n"));
+ rc = PTS_FATAL;
goto free;
}
DEBUG("getBiosImlFile() was failed\n");
LOG(LOG_ERR, "Oops! Something is wrong. Please see the reason below\n");
printReason(ctx, 0);
+ rc = PTS_FATAL;
goto free;
}
conf->runtime_iml_type, 0, &count); // TODO endian?
if (rc != PTS_SUCCESS) {
LOG(LOG_ERR, "read IMA IML, %s was failed\n", conf->runtime_iml_filename);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto free;
}
}
rc = writeRm(ctx, conf->rm_filename[i], i);
if (rc != PTS_SUCCESS) {
LOG(LOG_ERR, "write RM, %s was failed\n", conf->rm_filename[i]);
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto free;
}
OUTPUT(NLS(MS_OPENPTS, OPENPTS_NEW_RM_RM, "level %d Reference Manifest: %s\n"), i, conf->rm_filename[i]);
} else {
LOG(LOG_ERR, "missing RM file for level %d\n", i);
+ // continue
}
}
- // OUTPUT("\nptsc is successfully initialized!\n");
free:
-
- if ( rc == PTS_INTERNAL_ERROR ) {
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_NEW_RM_FAILED, "Failed to generate Reference Manifest\n"));
- }
-
/* free */
freePtsContext(ctx);
+ if ( rc == PTS_FATAL ) {
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_NEW_RM_FAILED,
+ "Failed to generate Reference Manifest. See log for details.\n"));
+ }
+
return rc;
}
-
/**
* Print the configuration of PTS collector
*
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_STATUS_LIST_RM,
"List of RM set: %d RM set in config dir\n"), conf->rmsets->rmset_num);
printRmList(conf, " ");
- // OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_STATUS_IR, "Integrity Report: %s\n"), conf->ir_filename);
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_STATUS_IR, "Integrity Report dir: %s\n"), conf->ir_dir);
/* Manifest */
-
/* Servers */
free:
return PTS_FATAL;
}
+ /* msg */
+ VERBOSE(1, NLS(MS_OPENPTS, OPENPTS_COLLECTOR_CLEAR,
+ "Clear PTS collector\n"));
- VERBOSE(1, NLS(MS_OPENPTS, OPENPTS_COLLECTOR_CLEAR, "Clear PTS collector\n"));
-
- /* clear */
- if (isatty(STDIN_FILENO) && (force == 0) ) {
+ /* Ask */
+ if (isatty(STDIN_FILENO) && (force == 0)) {
char *lineFeed;
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_CLEAR,
"Clear the PTS collector [y/N]:"));
ansIsNo = !force;
}
+ /* Yes/No */
if (ansIsYes) {
-
rc = unlinkDir(conf->config_dir);
if (rc != PTS_SUCCESS) {
LOG(LOG_ERR, "unlinkDir(%s) fail", conf->config_dir);
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_CLEAR_NO_DONE, "keep\n"));
}
-
return PTS_SUCCESS;
}
*
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-08-13
- * cleanup 2011-07-06 SM
- *
+ * cleanup 2012-01-04 SM
*
* grep strncmp src/conf.c | gawk '{print $3}'
* grep strncmp src/conf.c | awk '{print " * " $3}' | sed -e "s/\"//g" -e "s/,//g"
*
- * name default value
- * ----------------------------------------------------
- * config.dir
- * openpts.pcr.index
- * aide
- * aide.database.file
- * aide.ignorelist.file
- * aide.sqlite.file
- * autoupdate
- * bios.iml.file
- * config.dir
- * config.dir
- * hostname
- * ima.validation.mode
- * iml.aligned
- * iml.endian
- * iml.mode
- * ir.dir
- * ir.file
- * ir.quote
- * little
- * model.dir
- * newrm.uuid.file
- * oldrm.uuid.file
- * openpts.pcr.index
- * pcrs.file
- * policy.file
- * port
- * prop.file
- * rm.basedir
- * rm.num
- * rm.uuid.file
- * runtime.iml.file
- * runtime.iml.type
- * securityfs
- * selftest
- * ssh.mode
- * ssh.port
- * ssh.username
- * strncmp
- * strncmp
- * target.pubkey
- * target.uuid
- * uuid.file
- * verifier.logging.dir
- * ------------------------------------------------------------------------
- * srk.password.mode null/known
- * ------------------------------------------------------------------------
- *
+ * Also update man/man5/ptsc.conf.5
+ *
*/
#include <stdio.h>
#include <ctype.h>
#include <openpts.h>
-// #include <log.h>
/**
* new Target list
}
memset(list, 0, size);
- list->target_num = num - 1; // set actual number
+ list->target_num = num - 1; // set actual number
return list;
}
OPENPTS_CONFIG * newPtsConfig() {
OPENPTS_CONFIG * conf;
- // DEBUG("newPtsConfig()\n");
-
/* config */
conf = (OPENPTS_CONFIG *) xmalloc(sizeof(OPENPTS_CONFIG));
if (conf == NULL) {
*/
int freePtsConfig(OPENPTS_CONFIG * conf) {
int i;
- // DEBUG("freePtsConfig()\n");
/* check */
if (conf == NULL) {
conf->config_file = NULL;
}
-//<<<<<<< HEAD
#ifdef CONFIG_AUTO_RM_UPDATE
if (conf->newRmSet != NULL) {
xfree(conf->newRmSet);
if (conf->compIDs[i].VendorID_Value != NULL) xfree(conf->compIDs[i].VendorID_Value);
}
-// xfree(conf);
-//=======
if (conf->aik_storage_filename != NULL) {
free(conf->aik_storage_filename);
}
free(conf);
-//>>>>>>> 042e40b0979f3e44e75200271e4d1282ce08f72c
return PTS_SUCCESS;
}
/******************/
if (level >= MAX_RM_NUM) {
- LOG(LOG_ERR, "readPtsConfig_CompID()- trying to affect a CompID(%s) to a level(%d) greater than MAX_RM_NUM(%d)\n",
+ LOG(LOG_ERR,
+ "readPtsConfig_CompID()- trying to affect a CompID(%s) to a level(%d) greater than MAX_RM_NUM(%d)\n",
attributeName, level, MAX_RM_NUM);
return PTS_FATAL;
}
/* dir where config file -> config_dir */
if (conf->config_dir != NULL) {
- // free old one
+ /* free old one */
xfree(conf->config_dir);
}
conf->config_dir = getFullpathDir(filename2);
-
/* open */
if ((fp = fopen(filename2, "r")) == NULL) {
DEBUG("readPtsConfig - File %s open was failed\n", filename2);
if (line[0] == '#') {
// comment -> skip
- } else if ((eq = strstr(line, "=")) != NULL) { /* name=value line*/
+ } else if ((eq = strstr(line, "=")) != NULL) { /* name=value line */
char *name;
char *value;
name = line;
value = eq + 1;
-
*eq = 0;
- // DEBUG("%4d [%s]=[%s]\n",cnt, name, value);
-
/* config dir
replace the curent setting based on the location of config file
to path set by config file.
conf->iml_endian = 0;
#else
conf->iml_endian = 2;
- // DEBUG("convert endian mode\n");
DEBUG("endian mode : convert\n");
#endif
} else {
// RM config - from 0.2.3
if (!strncmp(name, "rm.basedir", 10)) {
if (conf->rm_basedir != NULL) {
- // DEBUG("realloc conf->rm_basedir"); // TODO realloc happen
xfree(conf->rm_basedir);
}
conf->rm_basedir = getFullpathName(conf->config_dir, value);
if (!strncmp(name, "rm.num", 6)) {
conf->rm_num = atoi(value);
if (conf->rm_num > MAX_RM_NUM) {
- LOG(LOG_ERR, "RM number rm.num=%d is larger than MAX_RM_NUM=%d - truncking\n", conf->rm_num, MAX_RM_NUM);
+ LOG(LOG_ERR,
+ "RM number rm.num=%d is larger than MAX_RM_NUM=%d - truncking\n",
+ conf->rm_num, MAX_RM_NUM);
conf->rm_num = MAX_RM_NUM;
}
DEBUG("conf->rm_num : %d\n", conf->rm_num);
/* Depricated - we use a temporary file in /tmp on collector side */
if (!strncmp(name, "ir.file", 7)) {
if (conf->ir_filename != NULL) {
- // DEBUG("realloc conf->ir_filename"); // TODO realloc happen
xfree(conf->ir_filename);
}
conf->ir_filename = getFullpathName(conf->config_dir, value);
DEBUG("conf->ir_filename : %s\n", conf->ir_filename);
- // LOG(LOG_ERR, "ir.file is obsolute, please use ir.dir"); /// Collectror TODO
}
/* IR dir (collector side) */
if (!strncmp(name, "ir.dir", 6)) {
if (conf->ir_dir != NULL) {
- // DEBUG("realloc conf->ir_filename"); // TODO realloc happen
xfree(conf->ir_dir);
}
conf->ir_dir = getFullpathName(conf->config_dir, value);
DEBUG("conf->ir_dir : %s\n", conf->ir_dir);
- } // BAD else {
- // /* set this to some sensible default value so that ptsc.c doesn't seg fault */
- // conf->ir_dir = smalloc("/tmp");
- //}
-
+ }
if (!strncmp(name, "prop.file", 9)) {
if (conf->prop_filename != NULL) {
- // DEBUG("realloc conf->prop_filename"); // TODO realloc happen
xfree(conf->prop_filename);
}
conf->prop_filename = getFullpathName(conf->config_dir, value);
}
-
- // 20100908 Munetoh -> ifm.c
if (!strncmp(name, "ir.quote", 8)) {
if (!strncmp(value, "WITHOUT_QUOTE", 13)) {
conf->ir_without_quote = 1;
conf->model_dir = getFullpathName(conf->config_dir, value);
}
+ /* prop (AIX) */
if (!strncmp(name, "iml.ipl.maxcount", 16)) {
conf->iml_maxcount = atoi(value);
DEBUG("conf->iml_maxcount : %d\n", conf->iml_maxcount);
conf->verifier_logging_dir = getFullpathName(conf->config_dir, value);
}
-
if (!strncmp(name, "policy.file", 11)) {
if (conf->policy_filename != NULL) {
// DEBUG("realloc conf->policy_filename\n"); // TODO realloc happen
conf->policy_filename = getFullpathName(conf->config_dir, value);
}
-#if 0
- if (!strncmp(name, "config.dir", 10)) {
- if (conf->config_dir != NULL) {
- LOG(LOG_TODO, "conf dir %s ->%s\n", conf->config_dir, value);
- //
- } else {
- conf->config_dir = getFullpathName(config_path, value);
- }
- }
-#endif
-
/* IMA and AIDE */
if (!strncmp(name, "ima.validation.mode", 19)) {
if (!strncmp(value, "aide", 4)) {
#ifdef CONFIG_AIDE
if (!strncmp(name, "aide.database.file", 18)) {
if (conf->aide_database_filename != NULL) {
- // DEBUG("realloc conf->aide_database_filename\n"); // TODO realloc happen
xfree(conf->aide_database_filename);
}
conf->aide_database_filename = getFullpathName(conf->config_dir, value);
#endif
if (!strncmp(name, "aide.ignorelist.file", 20)) {
if (conf->aide_ignorelist_filename != NULL) {
- // DEBUG("realloc conf->aide_ignorelist_filename\n"); // TODO realloc happen
xfree(conf->aide_ignorelist_filename);
}
conf->aide_ignorelist_filename = getFullpathName(conf->config_dir, value);
conf->rm_uuid = newOpenptsUuid();
}
if (conf->rm_uuid->filename != NULL) {
- // DEBUG("realloc conf->rm_uuid->filename"); // TODO realloc happen
xfree(conf->rm_uuid->filename);
}
conf->rm_uuid->filename = getFullpathName(conf->config_dir, value);
rc = readOpenptsUuidFile(conf->rm_uuid);
if (rc != PTS_SUCCESS) {
/* uuid file is missing */
- // TODO gen UUID?
- // DEBUG("no UUID file %s\n", conf->uuid->filename);
conf->rm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
- } else {
- // DEBUG("read UUID from file %s, UUID=%s\n", conf->uuid->filename, conf->uuid->str);
}
DEBUG("conf->rm_uuid->str : %s\n", conf->rm_uuid->str);
}
conf->newrm_uuid = newOpenptsUuid();
}
if (conf->newrm_uuid->filename != NULL) {
- // DEBUG("realloc conf->rm_uuid->filename"); // TODO realloc happen
xfree(conf->newrm_uuid->filename);
}
conf->newrm_uuid->filename = getFullpathName(conf->config_dir, value);
rc = readOpenptsUuidFile(conf->newrm_uuid);
if (rc != PTS_SUCCESS) {
/* uuid file is missing */
- // TODO gen UUID?
- // DEBUG("no UUID file %s\n", conf->uuid->filename);
conf->newrm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
} else {
conf->pts_flag[0] |= OPENPTS_FLAG0_NEWRM_EXIST;
conf->oldrm_uuid = newOpenptsUuid();
}
if (conf->oldrm_uuid->filename != NULL) {
- // DEBUG("realloc conf->oldrm_uuid->filename"); // TODO realloc happen
xfree(conf->oldrm_uuid->filename);
}
conf->oldrm_uuid->filename = getFullpathName(conf->config_dir, value);
rc = readOpenptsUuidFile(conf->oldrm_uuid);
if (rc != PTS_SUCCESS) {
/* uuid file is missing */
- // TODO gen UUID?
- // DEBUG("no UUID file %s\n", conf->uuid->filename);
conf->oldrm_uuid->status = OPENPTS_UUID_FILENAME_ONLY;
- } else {
- // DEBUG("read UUID from file %s, UUID=%s\n", conf->uuid->filename, conf->uuid->str);
}
DEBUG("conf->oldrm_uuid->str : %s\n", conf->oldrm_uuid->str);
}
/* */
if (!strncmp(name, "target.uuid", 11)) {
if (conf->target_uuid != NULL) {
- // DEBUG("realloc conf->target_uuid\n"); // TODO realloc happen
xfree(conf->target_uuid);
}
conf->target_uuid = getUuidFromString(value);
} else {
// add string too
if (conf->str_target_uuid != NULL) {
- // DEBUG("realloc conf->str_target_uuid\n"); // TODO realloc happen
xfree(conf->str_target_uuid);
}
conf->str_target_uuid = getStringOfUuid(conf->target_uuid);
/* hostname */
if (!strncmp(name, "hostname", 8)) {
if (conf->hostname != NULL) {
- // DEBUG("realloc conf->hostname\n"); // TODO realloc happen
xfree(conf->hostname);
}
conf->hostname = smalloc_assert(value);
* \brief PTS context
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-07-06 SM
+ * cleanup 2012-01-05 SM
*
* OpenPTS main context
*
ctx = (OPENPTS_CONTEXT *) xmalloc(sizeof(OPENPTS_CONTEXT));
if (ctx == NULL) {
+ LOG(LOG_ERR, "no memory");
return NULL;
}
memset(ctx, 0, sizeof(OPENPTS_CONTEXT));
/* IF-M nonce */
ctx->nonce = newNonceContext();
if (ctx->nonce == NULL) {
+ LOG(LOG_ERR, "newNonceContext() fail. no memory");
goto error;
}
int i;
DEBUG_CAL("freePtsContext - start\n");
+ /* check */
if (ctx == NULL) {
- DEBUG("freePtsContext - NULL\n");
- return -1;
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
}
/* TPM emu - reset */
*/
int readFsmFromPropFile(OPENPTS_CONTEXT *ctx, char * filename) {
int rc = PTS_SUCCESS;
- OPENPTS_CONFIG *conf;
FILE *fp;
-
char buf[FSM_BUF_SIZE];
char buf2[FSM_BUF_SIZE];
char *eqp = NULL;
int level;
char *model_filename = NULL;
int len;
-
+ OPENPTS_CONFIG *conf;
OPENPTS_FSM_CONTEXT *fsm = NULL;
OPENPTS_SNAPSHOT *ss = NULL;
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
+ if (conf == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
/* new snapshot table */
if (ctx->ss_table == NULL) {
ctx->ss_table = newSnapshotTable();
}
-
/* Open prop file */
if ((fp = fopen(filename, "r")) == NULL) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_CONFIG_MISSING, "Cannot open config file '%s'\n"), filename);
if (strstr(buf, "platform.model.") != NULL) {
LOG(LOG_ERR, "ptsc.conf has old format <=v0.2.3 %s\n", filename);
LOG(LOG_ERR, "change platform.model to rm.model.0\n");
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_BAD_CONFIG_FILE, "Bad configuration file\n"));
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_BAD_CONFIG_FILE, "Bad configuration file (v0.2.3)\n"));
rc = PTS_FATAL;
goto error;
}
if (strstr(buf, "runtime.model.") != NULL) {
LOG(LOG_ERR, "ptsc.conf has old format <=v0.2.3 %s\n", filename);
LOG(LOG_ERR, "change runtime.model to rm.model.1\n");
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_BAD_CONFIG_FILE, "Bad configuration file\n"));
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_BAD_CONFIG_FILE, "Bad configuration file (v0.2.3)\n"));
rc = PTS_FATAL;
goto error;
}
"%s/%s",
conf->model_dir, model_filename);
rc = readUmlModel(fsm, buf2);
- // TODO(munetoh) cehck rc
if (rc != PTS_SUCCESS) {
LOG(LOG_ERR, "addFsmByPropFile - [%s] / [%s] -> [%s] fail rc=%d, pwd = %s\n",
conf->model_dir, model_filename, buf2, rc,
* \brief Finite State Machine
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-01-21 SM
- * refactoring 2011-07-20 SM
- *
+ * cleanup 2012-01-05 SM (remains one lint error)
+ * src/fsm.c:416: Use int16/int64/etc, rather than the C type long [runtime/int] [4]
+ *
* Input
* FSM Model
* IML
* Free OPENPTS_FSM_Subvertex chain
*/
void freeFsmSubvertexChain(OPENPTS_FSM_Subvertex *fsm_sub) {
-
/* check */
if (fsm_sub == NULL) {
LOG(LOG_ERR, "null input");
* free FSM context
*/
int freeFsmContext(OPENPTS_FSM_CONTEXT *ctx) {
-
/* check */
if (ctx == NULL) {
LOG(LOG_ERR, "null input");
return;
}
- // fsm_sub=NULL;
+ /* free subvertex chain */
+ if (ctx->fsm_sub != NULL) {
+ freeFsmSubvertexChain(ctx->fsm_sub);
+ ctx->fsm_sub = NULL;
+ }
+
ctx->subvertex_num = 0;
}
return;
}
- // fsm_trans=NULL;
+ /* free transition chain */
+ if (ctx->fsm_trans != NULL) {
+ freeFsmTransitionChain(ctx->fsm_trans);
+ ctx->fsm_trans = NULL;
+ }
+
ctx->transition_num = 0;
}
if ((loc[0] == '0') && (loc[1] == 'x')) { // 0x HEX
val = strtoll(loc, NULL, 16);
*eventtype = (UINT32)val;
- // DEBUG("strtol [%s] => %X => %X\n", loc,val,*eventtype);
return rc;
}
}
val = strtoll(loc, NULL, 10);
*eventtype = (UINT32)val;
- // DEBUG("strtol [%s] => %X => %X\n", loc,val, *eventtype);
return rc;
}
loc = skipWhiteSpace(loc, &len);
if (isEndOfString(loc)) {
- goto error; //return -1;
+ goto error;
}
/* operation, "<" ">=" only */
len -=2;
} else {
LOG(LOG_ERR, "unknown operand [%s]", &loc[0]);
- goto error; //return -1;
+ goto error;
}
loc = skipWhiteSpace(loc, &len);
if (isEndOfString(loc)) {
- goto error; //return -1;
+ goto error;
}
// TODO check the end, this code only support if counter is the last
param_len = loc2 - loc;
if (0 == param_len) {
/* we haven't moved along the string - no valid parameter found */
- goto error; //return -1;
+ goto error;
}
/* DEBUG_FSM("[%d][%s][%s]\n",len, loc, loc2); */
*flag = xmalloc(param_len + 1);
if (*flag == NULL) {
- goto error; //return -1;
+ goto error;
}
memset(*flag, 0, param_len + 1);
memcpy(*flag, loc, param_len);
}
}
- // DEBUG("getLastFlag %s #=> %d\n",cond, rc);
-
return rc;
}
-
-
-
/**
* add FSM transition
*
OPENPTS_PCR_EVENT_WRAPPER *eventWrapper
) {
int rc = OPENPTS_FSM_SUCCESS;
- OPENPTS_FSM_Subvertex *curr_state;
- OPENPTS_FSM_Transition *trans;
- TSS_PCR_EVENT *event;
int type_check;
int digest_check;
int fatal_counter_check;
int dont_care;
int hit = 0;
char *hex;
+ OPENPTS_FSM_Subvertex *curr_state;
+ OPENPTS_FSM_Transition *trans;
OPENPTS_FSM_Transition *hit_trans = NULL;
+ TSS_PCR_EVENT *event;
DEBUG_CAL("updateFsm - start\n");
* called from rm.c
*/
OPENPTS_FSM_CONTEXT *copyFsm(OPENPTS_FSM_CONTEXT *src_fsm) {
- OPENPTS_FSM_CONTEXT * dst_fsm = NULL;
-
+ OPENPTS_FSM_CONTEXT *dst_fsm = NULL;
OPENPTS_FSM_Subvertex *src_fsm_sub;
OPENPTS_FSM_Subvertex *dst_fsm_sub = NULL;
OPENPTS_FSM_Subvertex *dst_fsm_sub_prev = NULL;
-
OPENPTS_FSM_Transition *src_fsm_trans;
OPENPTS_FSM_Transition *dst_fsm_trans = NULL;
OPENPTS_FSM_Transition *dst_fsm_trans_prev = NULL;
OPENPTS_FSM_Subvertex *old_sub, // B
OPENPTS_FSM_Subvertex *new_sub) { // BN
int rc = 0;
- OPENPTS_FSM_Transition *fsm_trans;
int count = 0;
+ OPENPTS_FSM_Transition *fsm_trans;
/* check */
if (fsm_ctx == NULL) {
OPENPTS_FSM_Subvertex *old_sub, // B
OPENPTS_FSM_Subvertex *new_sub) { // BN
int rc = 0;
- OPENPTS_FSM_Transition *fsm_trans;
int count = 0;
+ OPENPTS_FSM_Transition *fsm_trans;
/* check */
if (fsm_ctx == NULL) {
OPENPTS_FSM_Transition *fsm_trans, // target Trans
OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
int rc =0;
- OPENPTS_FSM_Subvertex *prev_sub; // STRUCT LINK
- OPENPTS_FSM_Subvertex *new_sub;
- OPENPTS_FSM_Subvertex *dst_sub;
+ OPENPTS_FSM_Subvertex *prev_sub; // STRUCT LINK
+ OPENPTS_FSM_Subvertex *new_sub;
+ OPENPTS_FSM_Subvertex *dst_sub;
OPENPTS_FSM_Transition *prev_trans; // STRUCT LINK
OPENPTS_FSM_Transition *new_trans;
TSS_PCR_EVENT *event;
return -1;
}
-
/* start */
if (fsm_trans->source_subvertex == fsm_trans->target_subvertex) {
/* OK, this is LOOP, */
dst_sub = fsm_trans->target_subvertex;
/* Add new subvertex, BN (->B) */
-
new_sub = (OPENPTS_FSM_Subvertex *)
xmalloc(sizeof(OPENPTS_FSM_Subvertex));
if (new_sub == NULL) {
return PTS_FATAL;
}
+ /* check filename, open */
if (filename == NULL) {
fp = stdout;
} else {
* \brief TCG IF-M protocol
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-04-26 SM
+ * cleanup 2012-01-05 SM
*
* 2011-06-20 SM - do not use sendfile()
* IF-M did not work with endfile.
#endif
#include <openpts.h>
-// #include <log.h>
// TODO
#define MAX_TLV_MESSAGE_LENGTH 5120000
goto error;
}
- // copy buf to PTS_IF_M_Attribute (NBO)
+ /* copy buf to PTS_IF_M_Attribute (NBO) */
memcpy(read_tlv, head, 12);
- // Convert NBO to Host byte order
+ /* Convert NBO to Host byte order */
read_tlv->type = ntohl(read_tlv->type);
read_tlv->length = ntohl(read_tlv->length);
-#if 0
- TODO("IF-M type : 0x%02x%02x%02x%02x (NBO)",
- head[4], head[5], head[6], head[7]);
- TODO("IF-M length: 0x%02x%02x%02x%02x (NBO) %d",
- head[8], head[9], head[10], head[11], read_tlv->length);
-#endif
-
/* check the length */
if (read_tlv->length > MAX_TLV_MESSAGE_LENGTH) {
LOG(LOG_ERR, "read_tlv->length = %d (0x%X)> %d\n",
return read_tlv;
error:
- // if (read_msg != NULL) free(read_msg);
if (read_tlv != NULL) {
freePtsTlv(read_tlv);
}
}
-
-
-
-/* TNC, libtnc */
+/* TNC, libtnc ---------------------------------------------------------------*/
/**
* malloc TLV buffer and fill the header
break;
}
-
-
/* Collector --> Verifier */
case TPM_PUBKEY:
{
return -1;
}
-
-
-
* \brief TCG TNC IF-IMC v1.2 R8
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-05-07
- * cleanup 2011-12-31 SM
+ * cleanup 2012-01-05 SM
*
* http://www.trustedcomputinggroup.org/resources/tnc_ifimc_specification
* http://www.trustedcomputinggroup.org/files/resource_files/8CB977E1-1D09-3519-AD48484530EF6639/TNC_IFIMC_v1_2_r8.pdf
static OPENPTS_CONFIG *conf = NULL;
static OPENPTS_CONTEXT *ctx = NULL;
-// int verbose = 0;
-// int verbose = DEBUG_IFM_FLAG;
-// int verbose = DEBUG_FLAG | DEBUG_IFM_FLAG;
-
-
static TNC_Result sendMessage(
/*in*/ TNC_IMCID imcID,
/*in*/ TNC_ConnectionID connectionID,
* \brief Load TCG Integrity Measurement Log (IML)
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-07-06 SM
+ * cleanup 2012-01-05 SM
*
* get IML/PCRS from filesystem
* get IML/PCRS vis TSS
*
* TODO use ctx,
* TODO reset level1 too
+ * TODO move to snapshot?
*/
-// TODO move to snapshot?
int resetSnapshot(OPENPTS_SNAPSHOT * snapshots) {
int i, j;
OPENPTS_SNAPSHOT *ss;
xfree(eventWrapper);
eventWrapper = eventWrapper_next;
}
- // if (iml[i].eventList != NULL) xfree(iml[i].eventList);
ss->pcrIndex = i;
ss->event_num = 0;
ss->level = 0;
}
-
- return 0; // TODO(munetoh)
+ return PTS_SUCCESS;
}
ss = getSnapshotFromTable(ctx->ss_table, index, 1);
if (ss == NULL) {
LOG(LOG_ERR, "getSnapshotFromTable(%d,1) is null", index);
+ // ctx->conf->config_file != NULL
+ LOG(LOG_ERR, "index %d\n", index);
+ LOG(LOG_ERR, "ctx->conf->config_file %s\n", ctx->conf->config_file);
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_SNAPSHOT_MISSING,
"[PCR%02d] Snapshot(FSM) is missing for PCR%d. "
"Please check the configuration file '%s'"),
index,
- index, ctx->conf->config_file);
+ index,
+ ctx->conf->config_file);
ctx->ss_table->error[index] = PTS_INTERNAL_ERROR;
return PTS_INTERNAL_ERROR;
}
} else {
/* FSM is missing */
LOG(LOG_ERR, "getSnapshotFromTable(), FSM is null");
+ LOG(LOG_ERR, "index %d\n", index);
+ LOG(LOG_ERR, "ctx->conf->config_file %s\n", ctx->conf->config_file);
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_FSM_MISSING,
"[RM01-PCR%02d] FSM is missing for PCR%d, Level 1. "
"Please check the configuration file '%s'"),
* PTS_INVALID_SNAPSHOT bad event (FSM fail)
* PTS_INTERNAL_ERROR else
*
- *
*/
int addEventToSnapshotBin(
OPENPTS_CONTEXT * ctx,
/* check next level (1) */
if (ss == NULL) {
- LOG(LOG_ERR, "addEventToSnapshotBin() - pcr=%d Level=%d snapshots is missing\n",index, active_level);
+ LOG(LOG_ERR, "addEventToSnapshotBin() - pcr=%d Level=%d snapshots is missing\n", index, active_level);
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_SNAPSHOT_MISSING_3, "[PCR%02d] Snapshot(FSM) is missing"),
index);
ctx->ss_table->error[index] = PTS_INTERNAL_ERROR;
OPENPTS_SNAPSHOT *ss;
OPENPTS_SNAPSHOT *ss_lv0 = NULL;
-
DEBUG_CAL("flashSnapshot - start\n");
/* check */
int rc = PTS_SUCCESS;
int result;
int i = 0;
+ int endian = 0;
+ int aligned = 0;
+ int error = 0;
size_t size;
FILE *fp = NULL;
UINT32 pcrIndex;
UINT32 eventType;
UINT32 eventLength;
- int endian = 0;
- int aligned = 0;
-
TSS_PCR_EVENT *event = NULL;
OPENPTS_PCR_EVENT_WRAPPER *ew_new = NULL;
- // OPENPTS_PCR_EVENT_WRAPPER *ew_last = NULL;
- int error = 0;
DEBUG_CAL("getBiosImlFile - start\n");
- // DEBUG("read BIOS IML, file %s\n", filename);
/* check */
if (ctx == NULL) {
* \brief convert IML to AIDE DB
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-08-24
- * cleanup 2011-07-06 SM
+ * cleanup 2012-01-05 SM
*
* create AIDE DB from IML (via securityfs)
*
* \brief Convert binary IML file to plaintext
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-08-25
- * cleanup 2011-08-17 SM
+ * cleanup 2012-01-05 SM
*
* show eventlog (get though TSS)
*
#include <openssl/sha.h>
#include <openpts.h>
-// #include <log.h>
#ifdef CONFIG_TBOOT
#include <openpts_tboot.h>
// Local TCSD
#define SERVER NULL
-
// PCR
BYTE pcr[24][20];
-// Verbose Counter
-// 0 no
-// -v 1 show event data contents
-// -v -v 2 DEBUG
-
char *indent = " ";
// Check the consistence of IML and PCRs
" -V Verify\n"
" -D DRTM\n"
" -E Enable endian conversion (BE->LE or LE->BE)\n"
- " -P Show pcrs calculated from the IML"
+ " -P Show pcrs calculated from the IML"
" -h Show this help message\n"
"\n"));
}
}
}
/* pcrs */
- // PCR-00: 8F BF F3 EC EA 9C 54 C8 D1 C4 2C FE A9 3D 6B F0 1B F3 40 5B
+ // PCR-00: 8F BF F3 EC EA 9C 54 C8 D1 C4 2C FE A9 3D 6B F0 1B F3 40 5B
if (pcrs == 1) {
for (i = 0; i < 24; i++) {
fprintf(fp, "PCR-%02d: ", i);
* \brief TCG TNC IF-IMV v1.2 R8
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-05-07
- * cleanup 2011-08-22 SM
+ * cleanup 2012-01-05 SM
*
* http://www.trustedcomputinggroup.org/resources/tnc_ifimv_specification
* http://www.trustedcomputinggroup.org/files/static_page_files/646808C3-1D09-3519-AD2E60765779A42A/TNC_IFIMV_v1_2_r8.pdf
#include <tncifimv.h>
#include <openpts.h>
-// #include <log.h>
// ifm.c
BYTE* getPtsTlvMessage(OPENPTS_CONTEXT *ctx, int type, int *len);
static OPENPTS_CONTEXT *ctx = NULL;
static int result = OPENPTS_RESULT_UNKNOWN;
-// int verbose = 0;
-// int verbose = DEBUG_IFM_FLAG;
-// int verbose = DEBUG_FLAG | DEBUG_IFM_FLAG;
-
static TNC_Result sendMessage(
/*in*/ TNC_IMVID imvID,
/*in*/ TNC_ConnectionID connectionID,
static TNC_TNCS_SendMessagePointer sendMessagePtr;
-/* List of receive message types */
-// static TNC_MessageType messageTypes[] = {
-// TNCMESSAGENUM(TNC_VENDORID_TCG, TNC_SUBTYPE_ANY), // generic
-// TNCMESSAGENUM(VENDORID, 0),
-// TNCMESSAGENUM(VENDORID, 2),
-// TNCMESSAGENUM(VENDORID, 4),
-// TNCMESSAGENUM(VENDORID, 6),
-// TNCMESSAGENUM(VENDORID, 8),
-// TNCMESSAGENUM(VENDORID, 10),
-// };
static TNC_MessageType messageTypes[] = {
((TNC_VENDORID_PA_TNC << 8) | TNC_VENDORID_PA_TNC), // TNC generic (Error)
// ((TNC_VENDORID_TCG_PEN << 8) | TNC_SUBTYPE_TCG_PTS), // PTS generic
};
-/* IMV Functions */
+/* IMV Functions -------------------------------------------------------------*/
/**
* from IMV spec.
* \brief Generate Integrity Report from IML
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-07-06 SM
+ * cleanup 2012-01-05 SM
*
* TSS Event Struct -> IR
* IML and PCR may not match, since the read them is not an atmic operation
*
* TOCTOU?
*
- *
+ * TODO refine XML error log
*/
#include <sys/stat.h>
#include <libxml/parser.h>
#include <openpts.h>
-// #include <log.h>
+/* XML */
enum {
TEXT_WRITER_START_ELEMENT,
TEXT_WRITER_WRITE_ATTR,
/* check */
if (errorIndex >= XML_FUNC_END) {
- LOG(LOG_ERR, "errorIndex(%d) > XML_FUNC_END(%d)",errorIndex, XML_FUNC_END);
+ LOG(LOG_ERR, "errorIndex(%d) > XML_FUNC_END(%d)", errorIndex, XML_FUNC_END);
return;
}
}
if (ctx->ss_table == NULL) {
- // DEBUG("resetFsm() - no SS table\n");
+ /* no SS table, skip */
return PTS_SUCCESS;
}
rc = xmlTextWriterWriteAttribute(
writer,
BAD_CAST "VersionBuild",
- BAD_CAST "1250694000000"); // TODO(munetoh)
+ BAD_CAST "1250694000000"); // TODO(munetoh)
if (rc < 0) {
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
goto error;
* @retval PTS_INTERNAL_ERROR
*
*/
-
int writePcrHash(
xmlTextWriterPtr writer,
int pcrIndex,
BYTE * startHash,
BYTE * hash,
int algtype) {
- // int rc = PTS_SUCCESS;
char id[256]; // TODO(munetoh) 11+1+1 = 12?
int rc;
/* Start an element named "QuoteData" as child of Report. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "QuoteData");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Add an attribute with name "ID" */
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "ID", BAD_CAST "TBD");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "Quote" as child of QuoteData. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "Quote");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "PcrComposit" as child of Quote. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "PcrComposit");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "PcrSelection" as child of PcrComposit. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "PcrSelection");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
snprintf(tagbuf, sizeof(tagbuf), "%d", size_of_select);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "SizeOfSelect", BAD_CAST tagbuf);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
}
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrSelect", BAD_CAST b64buf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
/* Close the element named "PcrSelection". */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterEndElement\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Write an element named "ValueSize" as child of PcrComposit */
rc = xmlTextWriterWriteFormatElement(writer, BAD_CAST "ValueSize", "%d", ctx->pcrs->value_size);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_FORMAT_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "PcrValue" as child of PcrComposit. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "PcrValue");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlTextWriterStartElement() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrNumber", BAD_CAST tagbuf);
// rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrNumber", BAD_CAST "0");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlTextWriterWriteAttribute() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
0,
20); // TODO add length to OPENPTS_PCRS
if (rc < 0) {
+ LOG(LOG_ERR, "xmlTextWriterWriteBase64() fail");
displayXmlError(TEXT_WRITER_WRITE_BASE64, rc);
return PTS_INTERNAL_ERROR;
}
/* Close the element named "PcrValue" */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlTextWriterEndElement() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Close the element named "PcrComposit". */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlTextWriterEndElement() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "QuoteInfo" as child of Quote. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "QuoteInfo");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlTextWriterStartElement() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
snprintf(tagbuf, sizeof(tagbuf), "%d", ctx->validation_data->versionInfo.bMajor);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionMajor", BAD_CAST tagbuf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlTextWriterWriteAttribute() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
snprintf(tagbuf, sizeof(tagbuf), "%d", ctx->validation_data->versionInfo.bMinor);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionMinor", BAD_CAST tagbuf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
snprintf(tagbuf, sizeof(tagbuf), "%d", ctx->validation_data->versionInfo.bRevMajor);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionRevMajor", BAD_CAST tagbuf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
snprintf(tagbuf, sizeof(tagbuf), "%d", ctx->validation_data->versionInfo.bRevMinor);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionRevMinor", BAD_CAST tagbuf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
/* Add an attribute with name "Fixed", int */
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "Fixed", BAD_CAST "QUOT");
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return -1;
}
}
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "DigestValue", BAD_CAST b64buf);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
}
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "ExternalData", BAD_CAST b64buf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
/* Close the element named "QuoteInfo". */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterEndElement\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Close the element named "Quote". */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterEndElement\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "TpmSignature" as child of QuoteData. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "TpmSignature");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "SignatureMethod" as child of TpmSignature. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "SignatureMethod");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
BAD_CAST "Algorithm",
BAD_CAST "http://www.w3.org/2000/09/xmldsig#rsa-sha1"); // TODO
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
snprintf(tagbuf, sizeof(tagbuf), "%d", tag);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "Tag", BAD_CAST tagbuf);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
DEBUG("fixed : %s", fixed);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "Fixed", BAD_CAST fixed);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "ExternalData", BAD_CAST b64buf);
free(b64buf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrInfoShort - start */
rc = xmlTextWriterStartElement(writer, BAD_CAST "PcrInfoShort");
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterStartElement\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrSelection - start */
rc = xmlTextWriterStartElement(writer, BAD_CAST "PcrSelection");
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterStartElement\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
snprintf(tagbuf, sizeof(tagbuf), "%d", size_of_select);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "SizeOfSelect", BAD_CAST tagbuf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrSelect", BAD_CAST b64buf);
free(b64buf);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrSelection - end */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* LocalityAtRelease - element */
rc = xmlTextWriterWriteFormatElement(writer, BAD_CAST "LocalityAtRelease", "%d", locality);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_FORMAT_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
rc = xmlTextWriterWriteFormatElement(writer, BAD_CAST "CompositeHash", "%s", b64buf);
free(b64buf);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_FORMAT_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrComposite - start */
rc = xmlTextWriterStartElement(writer, BAD_CAST "PcrComposit");
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterStartElement\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrSelection - start */
rc = xmlTextWriterStartElement(writer, BAD_CAST "PcrSelection");
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterStartElement\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
snprintf(tagbuf, sizeof(tagbuf), "%d", size_of_select);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "SizeOfSelect", BAD_CAST tagbuf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrSelect", BAD_CAST b64buf);
free(b64buf);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrSelection - end */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* ValueSize - element */
rc = xmlTextWriterWriteFormatElement(writer, BAD_CAST "ValueSize", "%d", ctx->pcrs->value_size);
if (rc < 0) {
- displayXmlError(TEXT_WRITER_WRITE_FORMAT_ELEMENT, rc);
+ LOG(LOG_ERR, "xmlX() fail");
+ displayXmlError(TEXT_WRITER_WRITE_FORMAT_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrValue, loop */
/* PcrValue - start */
rc = xmlTextWriterStartElement(writer, BAD_CAST "PcrValue");
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterStartElement\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
snprintf(tagbuf, sizeof(tagbuf), "%d", i);
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrNumber", BAD_CAST tagbuf);
if (rc < 0) {
- // LOG(LOG_ERR, "Error at xmlTextWriterWriteAttribute\n");
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
0,
20); // TODO add length to OPENPTS_PCRS
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_BASE64, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrValue - end */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrComposite - end */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* PcrInfoShort - end */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* QuoteInfo2 - end */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Quote2 - end */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "TpmSignature" as child of QuoteData. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "TpmSignature");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "SignatureMethod" as child of TpmSignature. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "SignatureMethod");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
BAD_CAST "Algorithm",
BAD_CAST "http://www.w3.org/2000/09/xmldsig#rsa-sha1"); // TODO
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
return PTS_INTERNAL_ERROR;
}
/* Close the element named "SignatureMethod". */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Start an element named "SignatureValue" as child of TpmSignature. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "SignatureValue");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
0,
ctx->validation_data->ulValidationDataLength);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_BASE64, rc);
return PTS_INTERNAL_ERROR;
}
/* Close the element named "SignatureValue". */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Close the element named "TpmSignature". */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
/* Close the element named "QuoteData". */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_END_ELEMENT, rc);
return PTS_INTERNAL_ERROR;
}
int writeIr(
OPENPTS_CONTEXT *ctx,
const char *filenameDP, // in (set ctx->conf->ir_filename in normal operation)
- int *savedFd) // out
-{
+ int *savedFd) { // out
+
int rc = PTS_SUCCESS;
int i;
int irFd;
/* Start the document */
rc = xmlTextWriterStartDocument(writer, "1.0", XML_ENCODING, "no");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_DOC, rc);
rc = PTS_INTERNAL_ERROR;
goto freexml;
/* Start an element named "Report", the root element of the document. */
rc = xmlTextWriterStartElement(writer, BAD_CAST "Report");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
rc = PTS_INTERNAL_ERROR;
goto freexml;
BAD_CAST "xmlns:core",
BAD_CAST XMLNS_CORE);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
rc = PTS_INTERNAL_ERROR;
goto freexml;
BAD_CAST "xmlns:stuff",
BAD_CAST XMLNS_STUFF);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
rc = PTS_INTERNAL_ERROR;
goto freexml;
BAD_CAST "xmlns:xsi",
BAD_CAST "http://www.w3.org/2001/XMLSchema-instance");
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
rc = PTS_INTERNAL_ERROR;
goto freexml;
BAD_CAST "xmlns",
BAD_CAST XMLNS_IR);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
rc = PTS_INTERNAL_ERROR;
goto freexml;
rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "ID", BAD_CAST id);
if (rc < 0) {
+ LOG(LOG_ERR, "xmlX() fail");
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
rc = PTS_INTERNAL_ERROR;
goto free;
filenameDP = ctx->ir_filename;
}
- //filename = ctx->ir_filename;
- DEBUG("Write Integrity Report (IR) : %s\n", filenameDP); //filename);
+ DEBUG("Write Integrity Report (IR) : %s\n", filenameDP);
/* write to file */
xmlFreeTextWriter(writer);
LOG(LOG_ERR, "null input");
return;
}
- //if (ch == NULL) {
- // LOG(LOG_ERR, "null input");
- // return;
- //}
+ if ((len > 0) && (ch == NULL)) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
/* copy to buf at ir_ctx, but check length first, ensuring additional space
if (ctx->conf->ir_filename != NULL) {
LOG(LOG_ERR, "Redefining the IR file location %s", ctx->conf->ir_filename);
}
- //ctx->conf->ir_filename = tempnam(NULL, "ir_");
- //DEBUG("ctx->conf->ir_filename : %s\n", ctx->conf->ir_filename);
/* save IR (new file in tmp dir) */
rc = writeIr(ctx, NULL, savedFd);
- // rc = writeIr(ctx, ctx->ir_filename, savedFd); // ir.c
if (rc != 0) {
LOG(LOG_ERR, "fail to write IR, rc = %d\n", rc);
return PTS_INTERNAL_ERROR;
* \brief Convert IR file to plaintext (or binary)
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-12-01
- * cleanup 2011-01-22 SM
+ * cleanup 2012-01-05 SM
*
* IR(XML) -> SAX -> ctx->snapshot -> print
*
#define SHA1_DIGEST_SIZE 20
BYTE pcr[MAX_PCRNUM][SHA1_DIGEST_SIZE];
-
/* Element tag */
#define IR_SAX_STATE_IDOL 0
#define IR_SAX_STATE_PCR_INDEX 1
int sax_state;
int sax_error;
int char_size;
- // char buf[EVENTDATA_BUF_SIZE]; // TODO(munetoh) fixed buffer
char *buf; /**< buffer for the text element */
/* IML -> FSM */
int event_index;
DEBUG("ignore QuoteData\n");
} else {
/* Else? */
- DEBUG("END ELEMENT [%s] ",name);
+ DEBUG("END ELEMENT [%s] ", name);
}
ctx->sax_state = IR_SAX_STATE_IDOL;
}
return rc;
}
-
-
-
-
* \brief misc functions
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-09-08
- * cleanup 2011-07-06 SM
- *
+ * cleanup 2012-01-05 SM (remains one lint error)
+ * src/misc.c:448: If you can, use sizeof(ptr) instead of 3 as the 2nd arg to snprintf. [runtime/printf] [3]
*/
#include <stdio.h>
char *result = malloc(size);
if (NULL == result) {
LOG(LOG_ERR, "Failed to allocate %d bytes of memory\n", size);
- // if ( size > 0 ) {
- // LOG(LOG_ERR, "malloc");
- // }
+ ERROR(NLS(MS_OPENPTS, OPENPTS_MALLOC_FAIL,
+ "No memory\n"));
}
return result;
}
char *result = malloc(size);
if (NULL == result) {
LOG(LOG_ERR, "Failed to allocate %d bytes of memory\n", size);
- OUTPUT("About to return NULL pointer - cannot continue\n");
+ ERROR(NLS(MS_OPENPTS, OPENPTS_ABORT,
+ "Abort to return NULL pointer - cannot continue\n"));
exit(1);
}
return result;
out = strdup(str);
if (NULL == out) {
LOG(LOG_ERR, "Failed to duplicate string '%s'\n", str);
- OUTPUT("About to return NULL pointer - cannot continue\n");
+ ERROR(NLS(MS_OPENPTS, OPENPTS_ABORT,
+ "Abort to return NULL pointer - cannot continue\n"));
exit(1);
}
* @param len
*/
BYTE *snmalloc2(BYTE *buf, int offset, int len) {
-
/* check */
if (buf == NULL) {
LOG(LOG_ERR, "null input");
* free string buffer
*/
void sfree(char *str) {
+ /* check */
+ if (str == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
+
+ /* free*/
xfree(str);
}
}
}
- fullpath = xmalloc_assert(i+2);
+ fullpath = xmalloc_assert(i+2); // check/abort
memcpy(fullpath, filename, i+1);
fullpath[i+1] = 0;
return fullpath;
return NULL;
}
- buf = xmalloc_assert(size * 2 + 1);
+ buf = xmalloc_assert(size * 2 + 1); // check/abort
ptr = buf;
for (i = 0; i < size; i++) {
// len = snprintf(ptr, sizeof(ptr), "%02x", bin[i]);
* \brief calc D-H nonce
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-08-19
- * cleanup 2011-01-22 SM
+ * cleanup 2012-01-05 SM
*
* PTS IF-M DH-Nonce protocol
*
SHA_CTX sha_ctx;
char c = '1';
- // DEBUG("calcExternalDataValue\n");
/* check */
if (ctx == NULL) {
LOG(LOG_ERR, "null input");
PTS_IF_M_DH_Nonce_Parameters_Request *req;
PTS_IF_M_DH_Nonce_Parameters_Responce *res;
- // DEBUG("getDhResponce at Respondor\n");
-
/* check */
if (ctx == NULL) {
LOG(LOG_ERR, "null input");
BIGNUM *pub_key;
PTS_IF_M_DH_Nonce_Finish *fin;
- // DEBUG("calcDhFin at Respondor\n");
- // printHex("fin->dh_initiator_nonce :",fin->dh_initiator_nonce,fin->nonce_length,"\n");
- // printHex("fin->dh_initiator_public:",fin->dh_initiator_public,ctx->pubkey_length,"\n");
-
/* check */
if (ctx == NULL) {
LOG(LOG_ERR, "null input");
* \brief main of openpts command
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-07-25
- * cleanup 2011-07-20 SM
+ * cleanup 2012-01-04 SM
*
* This is verifier and utility to maintain the collector/verifier
*
- *
- *
*/
#include <stdio.h>
// verifier.c
void global_lock(int type);
int getDefaultConfigfile(OPENPTS_CONFIG *conf);
-// log.c
/* Well defined return values that can be interpreted by the GUI */
#define RETVAL_OK_TRUSTED 0
#define RETVAL_OK_PENDINGUPDATE 5
#endif
-
#define LINE "--------------------------------------------------------------------"
// TODO
#define OPENPTS_LOG_FILENAME "~/.openpts/openpts.log"
-
-
/**
* main of "openpts" command
*
int rc = 0; // temporary return code
int retVal = -1; // main() actual return value
int opt;
-
OPENPTS_CONFIG *conf = NULL; // conf for openpts
OPENPTS_CONTEXT *ctx = NULL;
char * config_filename = NULL;
char *ptsc_path = NULL;
char *ptsc_conf = NULL;
+ /* Logging/NLS */
initCatalog();
setSyslogCommandName("openpts");
/* args */
- /* verbose level */
while ((opt = getopt(argc, argv, "givruDVc:dfuyl:p:P:C:h")) != -1) {
switch (opt) {
case 'i':
command = DISPLAY;
break;
}
-
OUTPUT(NLS(MS_OPENPTS, OPENPTS_ONE_COMMAND_ONLY, "Only one command may be given at a time."));
usage();
return -1;
-
case 'V':
incVerbosity();
break;
/* check */
if ((ptsc_path != NULL) && (ptsc_conf != NULL)) {
int len;
- // char ptsc_command[PATH_MAX];
- LOG(LOG_INFO, "ptsc debug mode\n");
- // len = strlen(ptsc_path) + strlen(ptsc_conf) + 13;
- // snprintf(ptsc_command, PATH_MAX - 1, "%s -m -v -c %s", ptsc_path, ptsc_conf);
+ LOG(LOG_INFO, "ptsc debug mode\n");
len = strlen(ptsc_path) + strlen(ptsc_conf) + 13;
ptsc_command = xmalloc(len);
snprintf(ptsc_command, len, "%s -m -v -c %s", ptsc_path, ptsc_conf);
goto out_free;
}
- // setLogLocation(OPENPTS_LOG_CONSOLE, NULL);
-
+ /* verbose msg */
VERBOSE(2, NLS(MS_OPENPTS, OPENPTS_VERIFIER_CONFIG_FILE,
"Config file : %s\n"), conf->config_file);
VERBOSE(2, NLS(MS_OPENPTS, OPENPTS_VERIFIER_VERBOSITY,
/* given target (by hostname) */
/* look up */
if (target_collector != NULL) {
- // WORK NEEDED: Please use NLS for i18n output
- OUTPUT("hostname : %s\n", target_hostname);
- OUTPUT("UUID : %s\n", target_collector->str_uuid);
- OUTPUT("State : %d\n", target_collector->state);
- OUTPUT("Dir : %s\n", target_collector->dir);
- OUTPUT("Manifests :\n");
-
- getRmList(target_conf, target_conf->config_dir);
- printRmList(target_conf, "");
+ printTarget(target_collector, "");
} else {
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_TARGET_NOT_INITIALIZED,
+ ERROR(NLS(MS_OPENPTS, OPENPTS_TARGET_NOT_INITIALIZED,
"The target %s is not initialized yet. Please enroll with '%s' first\n\n"),
target_hostname, target_hostname);
retVal = RETVAL_NOTENROLLED;
} else {
/* all target (simple) */
printTargetList(conf, ""); // target.c
- goto out_free; // exit
+ goto out_free;
}
- } else if ( NULL == target_hostname ) {
+ } else if (target_hostname == NULL) {
/* Other commands use Remote Access (SSH) */
+ ERROR(NLS(MS_OPENPTS, OPENPTS_TARGET_MISSING,
+ "Requires the target hostname\n\n")),
usage();
goto out_free;
}
DEBUG("conf->config_dir %s\n", conf->config_dir);
rc = enroll(ctx, target_hostname, ssh_username, ssh_port, conf->config_dir, force); // verifier.c
if (rc != 0) {
- ERROR( // TODO NLS
- "enroll was failed, rc = %d\n", rc);
+ ERROR(NLS(MS_OPENPTS, OPENPTS_INIT_ENROLL_FAIL,
+ "enroll was failed, rc = %d\n"), rc);
printReason(ctx, print_pcr_hints);
retVal = RETVAL_NOTENROLLED;
goto out_free;
rc = verifier(ctx, target_hostname, ssh_username, ssh_port, conf->config_dir, 1); // init
if (rc != OPENPTS_RESULT_VALID) {
LOG(LOG_ERR, "initial verification was failed, rc = %d\n", rc);
- ERROR( // TODO NLS
- "initial verification was failed, rc = %d\n", rc);
+ ERROR(NLS(MS_OPENPTS, OPENPTS_INIT_VERIFICATION_FAIL,
+ "initial verification was failed, rc = %d\n"), rc);
printReason(ctx, print_pcr_hints);
retVal = RETVAL_NOTTRUSTED;
goto out_free;
* \brief policy
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-06-19
- * cleanup 2011-01-22 SM
+ * cleanup 2012-01-05 SM
*
* Security Policy
* - load
* - verify
* - print
*
- *
*/
#include <string.h>
#include <openpts.h>
-// #include <log.h>
/**
* Free policy chain
* policy number
*/
int loadPolicyFile(OPENPTS_CONTEXT *ctx, char * filename) {
- FILE *fp;
char buf[BUF_SIZE]; // SMBIOS
char *eq;
char *name;
char *value;
int cnt = 1;
int len;
- OPENPTS_POLICY *pol;
int line = 0;
+ FILE *fp;
+ OPENPTS_POLICY *pol;
/* check */
if (ctx == NULL) {
}
/* parse */
-
while (fgets(buf, BUF_SIZE, fp) != NULL) { // read line
/* ignore comment, null line */
if (buf[0] == '#') {
}
cnt++;
} else {
- //
+ // unknown eq
}
line++;
}
/**
* print policy and properties
*
- *
*/
int printPolicy(OPENPTS_CONTEXT *ctx) {
OPENPTS_POLICY *pol;
return 0;
}
-
-
* \brief properties
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-06-19
- * cleanup 2011-01-22 SM
+ * cleanup 2012-01-05 SM
*
* Security Properties
*
* Free Property Chain
*/
int freePropertyChain(OPENPTS_PROPERTY *prop) {
-
+ /* check */
if (prop == NULL) {
/* end of chain */
return PTS_SUCCESS;
OPENPTS_PROPERTY *end;
OPENPTS_PROPERTY *prop;
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (name == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (value == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
start = ctx->prop_start;
end = ctx->prop_end;
/* check, missing event */
if (eventWrapper == NULL) {
LOG(LOG_ERR, "setEventProperty() - eventWrapper is NULL\n");
- return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
if (eventWrapper->event == NULL) {
LOG(LOG_ERR, "setEventProperty() - event is NULL\n");
- return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
if (eventWrapper->event->rgbPcrValue == NULL) {
LOG(LOG_ERR, "setEventProperty() - rgbPcrValue is NULL\n");
- return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
buf = encodeBase64(
/* check, missing event */
if (eventWrapper == NULL) {
LOG(LOG_ERR, "setEventProperty() - eventWrapper is NULL\n");
- return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
event = eventWrapper->event;
if (event == NULL) {
LOG(LOG_ERR, "setEventProperty() - event is NULL\n");
- return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
if (event->ulEventLength > 0) {
char * str;
if (event->rgbEvent == NULL) {
LOG(LOG_ERR, "setEventProperty() - rgbEvent is NULL\n");
- return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
/* get String */
}
int addPropertiesFromConfig(OPENPTS_CONFIG *conf, OPENPTS_CONTEXT *ctx) {
-
/* check */
if (conf == NULL) {
LOG(LOG_ERR, "null input");
* @author Olivier Valentin <olivier.valentin@us.ibm.com>
* @author Alexandre Ratchov <alexandre.ratchov@bull.net>
* @date 2010-04-04
- * cleanup 2011-07-06 SM
+ * cleanup 2012-01-04 SM
*
*/
#include <sys/stat.h> // chmod
#include <openpts.h>
-// #include <log.h>
-
int prop_num = 0;
OPENPTS_PROPERTY *start = NULL;
* TODO for multiple conenction, multiple ctxs are required.
* TODO disable remote connection
*/
-int collector2(OPENPTS_CONFIG *conf) {
+int collector(OPENPTS_CONFIG *conf) {
int rc;
int terminate = 0;
OPENPTS_CONTEXT *ctx = NULL;
DEBUG("collector() - getNewRmSetDir() was failed - never mind\n");
}
-
LOG(LOG_INFO, "start collector (System UUID=%s, RM UUID = %s)\n",
conf->uuid->str, conf->rm_uuid->str);
/* Collector <-> Verifier - handshake loop */
-
ctx = newPtsContext(conf);
addPropertiesFromConfig(conf, ctx);
/* C->V responces */
switch (read_tlv->type) {
case OPENPTS_CAPABILITIES:
- // TODO define CAPABILITIES structure
DEBUG("IF-M OPENPTS_CAPABILITIES\n");
/* check the UUID */
if (read_tlv->length != sizeof(OPENPTS_IF_M_Capability)) { // TODO use defined name
/**
* lock ptsc
+ *
+ * check the log msg
*/
void ptsc_lock(void) {
int fd, oldmask, oldgrp = 0;
rc = getgrnam_r(PTSC_GROUP_NAME, &grp, buf, buf_len, &grpent);
if (rc != 0) {
- // TODO
+ LOG(LOG_ERR, "getgrnam_r() fail");
exit(1);
}
if (grpent == NULL) {
- // TODO
+ LOG(LOG_ERR, "grpent is null");
exit(1);
}
oldgrp = getegid();
#endif
/* check GID */
- // ptsc_grp = getgrnam(PTSC_GROUP_NAME); // TODO use getgrnam_r
- // if (ptsc_grp == NULL) {
- // LOG(LOG_ERR, "Looking up for group (name=%s) fail", PTSC_GROUP_NAME);
- // return PTS_FATAL;
- // }
buf_len = sysconf(_SC_GETGR_R_SIZE_MAX);
if (buf_len < 0) {
buf_len = 4096;
if (rc < 0) {
// TODO do not need for IF-M access (read only)
LOG(LOG_INFO, "Switching group (gid=%d) fail. %s\n", grp.gr_gid, strerror(errno));
- // TODO 20110927 FAIL
rc = PTS_FATAL;
goto free;
}
}
#endif
- /* */
+ /* free */
free:
if (buf != NULL) xfree(buf);
/* check GID */
- // ptsc_grp = getgrnam(PTSC_GROUP_NAME); // TODO use getgrnam_r
- // if (ptsc_grp == NULL) {
- // LOG(LOG_ERR, "Looking up for group %s", PTSC_GROUP_NAME);
- // return PTS_FATAL;
- // }
buf_len = sysconf(_SC_GETGR_R_SIZE_MAX);
if (buf_len < 0) {
buf_len = 4096;
#ifdef CONFIG_AUTO_RM_UPDATE
int remove = 0;
#endif
- // extern int logLocation;
- // void setLogLocation(int ll);
/* properties by cmdline */
OPENPTS_PROPERTY *prop;
-#if 0
- initCatalog();
-
- // TODO chgrp
- rc = preparePriv();
- if (rc != PTS_SUCCESS) {
- LOG(LOG_ERR, "preparePriv fail\n");
- }
-
- conf = newPtsConfig();
- if (conf == NULL) {
- LOG(LOG_ERR, "internal error\n"); // TODO(munetoh)
- return -1;
- }
-#endif
-
+ /* Logging/NLS */
initCatalog();
setSyslogCommandName("ptsc");
/* not everything should go to syslog - on some systems
this could go to a log file - let default behaviour
in log.c decide this */
- // setLogLocation(OPENPTS_LOG_SYSLOG, NULL);
- // OK setLogLocation(OPENPTS_LOG_CONSOLE, NULL); // OK
- // setLogLocation(OPENPTS_LOG_FILE, "/var/log/ptsc.log"); // OK call this before any out
break;
case 'c':
config_filename = optarg;
if (command == COMMAND_IFM) {
/* Set IF-M log location, syslog or file(for DEBUG) */
setLogLocation(OPENPTS_LOG_SYSLOG, NULL);
- // setVerbosity(0); // no console out
} else {
/* Set logging (location,filename) by ENV */
determineLogLocationByEnv();
- //setLogLocation(OPENPTS_LOG_CONSOLE, NULL);
+
// TODO chgrp
rc = preparePriv();
if (rc != PTS_SUCCESS) {
/* set the DEBUG level, 1,2,3 */
if (getVerbosity() > 2) {
- setDebugFlags(DEBUG_FLAG | DEBUG_IFM_FLAG | DEBUG_FSM_FLAG | DEBUG_CAL_FLAG );
+ setDebugFlags(DEBUG_FLAG | DEBUG_IFM_FLAG | DEBUG_FSM_FLAG | DEBUG_CAL_FLAG);
} else if (getVerbosity() > 1) {
setDebugFlags(DEBUG_FLAG | DEBUG_IFM_FLAG);
} else if (getVerbosity() > 0) {
/* load config, /etc/ptsc.conf */
if (config_filename == NULL) {
// this goto stdout and bad with "-m"
- // VERBOSE(1, NLS(MS_OPENPTS, OPENPTS_COLLECTOR_CONFIG_FILE, "Config file: %s\n"), PTSC_CONFIG_FILE);
+ VERBOSE(2, NLS(MS_OPENPTS, OPENPTS_COLLECTOR_CONFIG_FILE,
+ "Config file: %s\n"), PTSC_CONFIG_FILE);
rc = readPtsConfig(conf, PTSC_CONFIG_FILE);
if (rc != PTS_SUCCESS) {
DEBUG("readPtsConfig() failed\n");
goto free;
}
} else {
- // VERBOSE(1, NLS(MS_OPENPTS, OPENPTS_COLLECTOR_CONFIG_FILE, "Config file: %s\n"), config_filename);
+ VERBOSE(2, NLS(MS_OPENPTS, OPENPTS_COLLECTOR_CONFIG_FILE,
+ "Config file: %s\n"), config_filename);
rc = readPtsConfig(conf, config_filename);
if (rc != PTS_SUCCESS) {
DEBUG("readPtsConfig() failed\n");
if (checkFile(conf->uuid->filename) != OPENPTS_FILE_EXISTS) {
// missing
LOG(LOG_ERR, "ptsc is not initialized yet");
- ERROR( // TODO NLS
- "ptsc is not initialized yet.\n\n");
+ ERROR(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_NOT_INITIALIZED,
+ "ptsc is not initialized yet.\n\n"));
goto free;
}
}
} else {
rc = readOpenptsUuidFile(conf->rm_uuid);
if (rc != PTS_SUCCESS) {
- DEBUG("readOpenptsUuidFile(%s) failed\n",conf->rm_uuid->filename);
+ DEBUG("readOpenptsUuidFile(%s) failed\n", conf->rm_uuid->filename);
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_FAILED_READ_RM_UUID,
"Failed to read the Reference Manifest UUID file '%s':\n"
"Please ensure on the target that:\n"
case COMMAND_AUTO_UPDATE:
/* update by command, but HUP is better */
VERBOSE(1, "Updating Reference Manifest\n");
- //addDebugFlags(DEBUG_CAL_FLAG);
/* update RMs */
rc = update(conf, prop_num, start, end, remove);
if (rc != PTS_SUCCESS) {
break;
case COMMAND_IFM:
/* run colelctor IF-M */
- rc = collector2(conf);
+ rc = collector(conf);
break;
default:
LOG(LOG_ERR, "bad command\n");
free:
freePtsConfig(conf);
+ if (rc != PTS_SUCCESS) {
+ LOG(LOG_ERR, "ptsc exit. rc = %d", rc);
+ }
return rc;
}
* \brief properties
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-11-26
- * cleanup 2011-01-22 SM
+ * cleanup 2012-01-05 SM
*
* Reason (Remidiation) of validation fail
*
xfree(reason->message);
xfree(reason);
- return; // PTS_SUCCESS;
+ return;
}
/**
OPENPTS_REASON *reason;
int len;
- // DEBUG("addReason - [%s]\n", message);
-
/* check */
if (ctx == NULL) {
LOG(LOG_ERR, "null input");
return PTS_FATAL;
}
- len = strlen(message);
-
+ len = strlen(message);
start = ctx->reason_start;
end = ctx->reason_end;
reason->message[len] = 0;
ctx->reason_count++;
- // DEBUG("addReason - done %d [%s]\n", ctx->reason_count, reason->message);
-
return PTS_SUCCESS;
}
*/
#define MAX_REASON_SIZE 2048
int addReason(OPENPTS_CONTEXT *ctx, int pcr, const char *format, ...) {
- char buf[MAX_REASON_SIZE +1]; // TODO size
int rc;
+ char buf[MAX_REASON_SIZE +1]; // TODO size
va_list list;
- va_start(list, format);
/* check */
if (ctx == NULL) {
return PTS_FATAL;
}
+ va_start(list, format);
vsnprintf(buf, MAX_REASON_SIZE, format, list);
rc = addReason_old(ctx, pcr, (char *)buf);
NULL, /* PCR9 Unused */
"Trusted Execution Database"
};
-#else // TPM v1.2, PC Linux, TODO add other type of platform?
+#else // TPM v1.2, PC Linux, TODO add other type of platform?
char *reason_pcr_hints[] = {
"CRTM, BIOS and Platform Extensions",
"Platform Configuration",
"IPL Code (usually the MBR)",
"IPL Code Configuration and Data (for use by the IPL code)",
"State Transition and Wake Events",
- "Host Platform Manufacturer Control", // v1.1"Reserved for future usage. Do not use.",
+ "Host Platform Manufacturer Control", // v1.1"Reserved for future usage. Do not use.",
"OS Kernels (GRUB-IMA)",
NULL, /* PCR9 Unused */
"Applications (LINUX-IMA)", /* PCR10 */
}
}
}
-
-
-// TODO add freeReason()
* \brief Reference Manifest (RM)
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-12-31 SM
+ * cleanup 2012-01-05 SM
*
* IML + Model -> RM
*
int algtype,
char *id,
TSS_PCR_EVENT * event) {
-
/* check */
if (writer == NULL) {
LOG(LOG_ERR, "null input");
*/
int writeFsmSubvertex(xmlTextWriterPtr writer,
OPENPTS_FSM_Subvertex * sub) {
-
DEBUG_CAL("writeFsmSubvertex - start\n");
/* check */
</uml:Model>
*/
int writeFsmModel(xmlTextWriterPtr writer, OPENPTS_FSM_CONTEXT * fsm) {
- //int rc =0;
char id[BUF_SIZE];
OPENPTS_FSM_Subvertex *sub;
OPENPTS_FSM_Transition *trans;
* \brief parse SMBIOS info
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-08-29
- * cleanup 2012-01-03 SM
+ * cleanup 2012-01-05 SM
*
* SMBIOS Info in BIOS IML -> platform properties
*
#include <dirent.h>
#include <openpts.h>
-// #include <log.h>
#define SMBIOS_MAX_SIZE 4096
#define SMBIOS_MAX_HANDLE 0x50
/* must be a root user */
uid = getuid();
- // DEBUG("UID %d\n",uid);
if (uid != 0) {
DEBUG("must be a root user to run dmidecode\n");
- return -2;
+ return PTS_FATAL;
}
/* exec dmidecode */
pid = fork();
if (pid < 0) {
- LOG(LOG_ERR, "\n");
- return -1;
+ LOG(LOG_ERR, "fork() fail");
+ return PTS_FATAL;
}
if (pid == 0) {
/* child */
if (WIFEXITED(status)) {
/* 1 : OK */
LOG(LOG_TODO, "Exit status %d\n", WEXITSTATUS(status));
- return 1;
+ return PTS_SUCCESS; // 1
} else if (WIFSIGNALED(status)) {
LOG(LOG_ERR, "Signal status %d\n", WIFSIGNALED(status));
- return -1;
+ return PTS_FATAL;
} else {
LOG(LOG_ERR, "Bad exit");
- return -1;
+ return PTS_FATAL;
}
}
- return 0;
+ return PTS_SUCCESS;
}
BYTE *buf;
int rc = PTS_SUCCESS;
- buf = xmalloc(SMBIOS_MAX_SIZE); // TODO check the filesize
+ /* check */
+ if (filename == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
+ // TODO(munetoh) check the file size
+ buf = xmalloc(SMBIOS_MAX_SIZE);
if (buf == NULL) {
+ LOG(LOG_ERR, "no memory");
return PTS_FATAL;
}
goto error;
}
- size = fread(buf, 1, SMBIOS_MAX_SIZE, fp); // TODO(munetoh) check the file size
+ size = fread(buf, 1, SMBIOS_MAX_SIZE, fp);
fclose(fp);
* \brief Functions for snapshot
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-11-02
- * cleanup 2011-01-20 SM
+ * cleanup 2012-01-05 SM
*
* divided from IML.c
*
#include <openssl/sha.h>
#include <openpts.h>
-// #include <log.h>
/**
* New Snapshot
OPENPTS_SNAPSHOT * newSnapshot() {
OPENPTS_SNAPSHOT *ss = NULL;
- ss = (OPENPTS_SNAPSHOT*) xmalloc(sizeof(OPENPTS_SNAPSHOT)); // leaked
+ ss = (OPENPTS_SNAPSHOT*) xmalloc(sizeof(OPENPTS_SNAPSHOT));
if (ss == NULL) {
LOG(LOG_ERR, "no memory");
return NULL;
return ss;
}
-
/**
* Free Snapshot
*
* return 0:success, -1:error
*/
int freeSnapshot(OPENPTS_SNAPSHOT * ss) {
-
/* check */
if (ss == NULL) {
LOG(LOG_ERR, "null input");
OPENPTS_SNAPSHOT_TABLE * newSnapshotTable() {
OPENPTS_SNAPSHOT_TABLE *sst = NULL;
- sst = (OPENPTS_SNAPSHOT_TABLE *) xmalloc(sizeof(OPENPTS_SNAPSHOT_TABLE)); // leaked
+ sst = (OPENPTS_SNAPSHOT_TABLE *) xmalloc(sizeof(OPENPTS_SNAPSHOT_TABLE));
if (sst == NULL) {
LOG(LOG_ERR, "no memory");
return NULL;
/* check 2 */
if (sst->snapshot[pcr_index][level] == NULL) {
- // DEBUG("sst->snapshot[%d][%d] is null", pcr_index, level);
+ /* Missing SS */
return NULL;
}
* @author Olivier Valentin <olivier.valentin@us.ibm.com>
* @author Alexandre Ratchov <alexandre.ratchov@bull.net>
* @date 2010-03-31
- * cleanup 2011-12-31 SM
+ * cleanup 2012-01-05 SM
*
*/
return -1;
}
-
/* socket */
if (socketpair(AF_UNIX, SOCK_STREAM, 0, socket_pair) == -1) {
LOG(LOG_ERR, "socketpair() fail");
goto err;
}
+ /* fork */
if ((pid = fork()) == -1) {
LOG(LOG_ERR, "fork() fail");
goto err_close;
}
-
if (pid == 0) {
- // child process
+ /* child process */
char *arguments[16];
int arg_idx = 0;
char identity_string[PATH_MAX + /* "IdentityFile " */ 13];
arguments[arg_idx++] = host;
arguments[arg_idx++] = ptsc_command;
#if 0
+ // TODO
/* Sync verbose level between verifier and collector? */
- // {
+ if (verbose_sync) {
int verboseLevel;
for ( verboseLevel = 0; (verboseLevel < getVerbosity()) && (arg_idx < 15); verboseLevel++ ) {
arguments[arg_idx++] = "-v";
}
- // }
+ }
#endif
arguments[arg_idx++] = NULL;
* \brief target(collector)
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2011-06-22
- * cleanup 2011-10-07 SM
+ * cleanup 2012-01-04 SM
*
* branch from uuid.c
*
/* skip bad dir name - by length */
len = strlen(entry->d_name);
- // TODO ("UUID dirname len = %d, %s\n",len, entry->d_name);
if (len != 36) return 0;
- // TODO not enough?, add test cases for the bad dir name
-
/* Dir HIT */
// TODO check the format
#ifndef __linux__
/* move to config dir */
if ((chdir(conf->config_dir)) != 0) {
- ERROR( // TODO NLS
- "Accessing config directory %s\n", conf->config_dir);
+ ERROR(NLS(MS_OPENPTS, OPENPTS_TARGET_CONFDIR_MISSING,
+ "Accessing config directory %s fail\n"), conf->config_dir);
return PTS_INTERNAL_ERROR;
}
/* scan dirs */
dir_num = scandir(".", &dir_list, &selectUuidDir, NULL);
if ( dir_num == -1 ) {
- ERROR( // TODO NLS
- "No target data.\n");
+ ERROR(NLS(MS_OPENPTS, OPENPTS_TARGET_NULL,
+ "No target data.\n"));
return PTS_INTERNAL_ERROR;
}
rmset1->dir = tmp_dir;
}
}
- // printRmList(conf);
}
/* set current_id */
return PTS_FATAL;
}
-
- // DEBUG("rm -r %s\n", dir);
snprintf(buf, BUF_SIZE, "rm -r %s\n", dir);
rc = system(buf);
if (rc < 0) {
state = rmset->state;
if (state == OPENPTS_RM_STATE_TRASH) {
- // INFO(NLS(MS_OPENPTS, OPENPTS_PURGE_RENEWED_RM, " purge %s\n"), rmset->str_uuid);
LOG(LOG_INFO, " purge %s\n", rmset->str_uuid);
rc = rmRmsetDir(rmset->dir);
if (rc != PTS_SUCCESS) {
}
#endif
+/**
+ * print one target
+ */
+void printTarget(
+ OPENPTS_TARGET *target_collector,
+ char *indent) {
+
+ OPENPTS_CONFIG *target_conf;
+
+ /* check */
+ if (target_collector == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
+ target_conf = (OPENPTS_CONFIG*)target_collector->target_conf;
+ if (target_conf == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
+
+ // WORK NEEDED: Please use NLS for i18n output
+ OUTPUT("%shostname : %s\n", indent, target_conf->hostname);
+ OUTPUT("%sssh username : %s\n", indent, target_conf->ssh_username);
+ OUTPUT("%ssh port : %s\n", indent, target_conf->ssh_port);
+ OUTPUT("%sUUID : %s\n", indent, target_collector->str_uuid);
+ OUTPUT("%sState : %d\n", indent, target_collector->state);
+ OUTPUT("%sDir : %s\n", indent, target_collector->dir);
+ OUTPUT("%sManifests :\n", indent);
+
+ getRmList(target_conf, target_conf->config_dir);
+ printRmList(target_conf, indent);
+}
/**
* print target list, target par line
num = conf->target_list->target_num;
if (num == 0) {
- OUTPUT( // TODO NLS
- "There is no enrolled target platform.\n");
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_PRINT_TARGET_LIST_NULL,
+ "There is no enrolled target platform.\n"));
return;
}
* \brief create pseudo IML of tboot, standalone tool
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2011-03-28
- * cleanup 2011-07-06 SM
- * refactoring
- *
+ * cleanup 2012-01-05 SM (remains 33 lint errors, ignore)
+ * src/tboot2iml.c:184: Tab found; better to use spaces [whitespace/tab] [1]
*
* Test
*
void usage(void) {
- OUTPUT( // TODO NLS
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_TBOOT2IML_USAGE,
"OpenPTS command\n\n"
"Usage: tboot2iml [options]\n\n"
"Options:\n"
" -o filename Output to file (default is STDOUT)\n"
" -v Verbose message\n"
" -h Help\n"
- "\n");
+ "\n"));
}
int main(int argc, char *argv[]) {
/* check */
if ((grub_conf_filename != NULL) && (grub_path == NULL)) {
- ERROR( // TODO NLS
- "set the root path used by crub.conf\n");
+ ERROR(NLS(MS_OPENPTS, OPENPTS_TBOOT2IML_GRUBPATH_MISSING,
+ "set the root path used by grub.conf\n"));
usage();
goto close;
}
* \brief emulate TPM
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-12-31 SM
+ * cleanup 2012-01-05 SM
*
* Emulate TPM to validate IML and PCR
*/
#include <openpts.h>
-
-/* TPM functions */
+/* TPM functions -------------------------------------------------------------*/
/**
* reset TPM
return PTS_SUCCESS;
}
-
-
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-08-18
* refactoring 2011-02-15 SM
- * cleanup 2012-01-02 SM
+ * cleanup 2012-01-05 SM
*
* Create Sign Key
* Create AIK
char *filename,
int auth_type,
int force,
- int srk_password_mode)
-{
+ int srk_password_mode) {
/* dummy */
return TSS_SUCCESS;
}
int deleteTssKey(
PTS_UUID *uuid,
int key_storage_type,
- char *filename)
-{
+ char *filename) {
/* dummy */
return TSS_SUCCESS;
}
int resetdalock,
char *filename,
int auth_type,
- int *pubkey_length, BYTE **pubkey)
-{
+ int *pubkey_length, BYTE **pubkey) {
/* dummy */
return TSS_SUCCESS;
}
int auth_type,
BYTE *nonce,
OPENPTS_PCRS *pcrs,
- TSS_VALIDATION *validationData)
-{
+ TSS_VALIDATION *validationData) {
/* dummy */
return TSS_SUCCESS;
}
int auth_type,
BYTE *nonce,
OPENPTS_PCRS *pcrs,
- TSS_VALIDATION *validationData)
-{
+ TSS_VALIDATION *validationData) {
/* dummy */
return TSS_SUCCESS;
}
close:
/* Close TSS/TPM */
+ Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return result;
}
close:
/* Close TSS/TPM */
+ Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return result;
}
UINT32 ulKeyHierarchySize;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
int i;
- TSS_KM_KEYINFO *info = NULL;
+ TSS_KM_KEYINFO *ppKeyHierarchy = NULL;
+ TSS_KM_KEYINFO *info;
/* Open TSS */
result = Tspi_Context_Create(&hContext);
(UINT32) ps_type, // TSS_PS_TYPE_SYSTEM,
&SRK_UUID,
&ulKeyHierarchySize,
- &info);
+ &ppKeyHierarchy);
if (result == 0x3020) { // TSS_E_PS_KEY_NOTFOUND
OUTPUT(NLS(MS_OPENPTS, OPENPTS_TPM_TSS_KEY_NOTFOUND,
"The key cannot be found in the persistent storage database.\n"));
goto close;
}
+ info = ppKeyHierarchy; // save for move
OUTPUT(NLS(MS_OPENPTS, OPENPTS_TPM_TSS_KEY_NUM, "Key number: %d\n"), ulKeyHierarchySize);
for (i = 0; i < (int)ulKeyHierarchySize; i++) {
- //OUTPUT(NLS(MS_OPENPTS, OPENPTS_TPM_TSS_KEY, "Key %d\n"), i);
OUTPUT("id : %d\n", i);
OUTPUT("version : %d %d %d %d\n",
info->versionInfo.bMajor,
info = info + 1;
}
+ /* free key info */
+ result = Tspi_Context_FreeMemory(hContext, (BYTE *)ppKeyHierarchy);
+ if (result != TSS_SUCCESS) {
+ LOG(LOG_ERR, "Tspi_Context_FreeMemory failed rc=0x%x\n",
+ result);
+ // 0x313a TSS_E_INVALID_RESOURCE
+ }
+
close:
/* Close TSS/TPM */
+ Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return result;
char *filename,
int auth_type,
int force,
- int srk_password_mode)
-{
+ int srk_password_mode) {
+ int i;
+ int srk_auth_len = 0;
TSS_RESULT result = 0;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_HPOLICY hSRKPolicy;
UINT32 srk_auth_mode = TSS_SECRET_MODE_PLAIN;
BYTE *srk_auth;
- int srk_auth_len = 0;
TSS_HKEY hKey;
UINT32 keyLength;
BYTE *keyBlob;
TSS_HPOLICY hKeyPolicy;
- int i;
TSS_UUID tss_uuid;
/* check */
FILE *fp;
fp = fopen(filename, "w");
- if (fp==NULL) {
- LOG(LOG_ERR, "file open fail, key blob file is %s",filename);
+ if (fp == NULL) {
+ LOG(LOG_ERR, "file open fail, key blob file is %s", filename);
result = TSS_E_KEY_NOT_LOADED;
goto close;
}
TSS_HKEY hKey;
result = Tspi_Context_UnregisterKey(
hContext,
- (UINT32)key_storage_type, //TSS_PS_TYPE_SYSTEM,
+ (UINT32)key_storage_type, // TSS_PS_TYPE_SYSTEM,
tss_uuid,
&hKey);
if (result != TSS_SUCCESS) {
close:
/* Close TSS/TPM */
+ Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return result;
close:
/* Close TSS/TPM */
+ Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return result;
int resetdalock,
char *filename,
int auth_type,
- int *pubkey_length, BYTE **pubkey)
-{
+ int *pubkey_length, BYTE **pubkey) {
+ int srk_auth_len = 0;
TSS_RESULT result = 0;
TSS_HCONTEXT hContext;
TSS_HKEY hKey;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
UINT32 srk_auth_mode = TSS_SECRET_MODE_PLAIN;
BYTE *srk_auth;
- int srk_auth_len = 0;
TSS_HPOLICY hKeyPolicy;
/* check */
int len;
fp = fopen(filename, "r");
- if (fp==NULL) {
- LOG(LOG_ERR, "file open fail, key blob file is %s",filename);
+ if (fp == NULL) {
+ LOG(LOG_ERR, "file open fail, key blob file is %s", filename);
result = TSS_E_KEY_NOT_LOADED;
goto close;
}
/* TSS PS*/
result = Tspi_Context_LoadKeyByUUID(
hContext,
- (UINT32)key_storage_type, //TSS_PS_TYPE_SYSTEM,
+ (UINT32)key_storage_type, // TSS_PS_TYPE_SYSTEM,
tss_uuid,
&hKey);
if (result == 0x803) {
/* Close TSS/TPM */
close:
+ Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return rc;
OPENPTS_PCRS *pcrs,
/* Output */
TSS_VALIDATION *validationData) {
+ int i;
+ int srk_auth_len = 0;
+ int pcrSelectCount = 0;
TSS_RESULT result;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
UINT32 srk_auth_mode = TSS_SECRET_MODE_PLAIN;
BYTE *srk_auth = NULL;
- int srk_auth_len = 0;
-
TSS_HKEY hKey;
TSS_HPOLICY hKeyPolicy;
TSS_UUID tss_uuid;
TSS_HPCRS hPcrComposite;
TSS_VALIDATION validation_data; // local
- int i;
UINT32 ulSubCapLength;
UINT32 rgbSubCap;
UINT32 pulRespDataLength;
BYTE *prgbRespData;
UINT32 pcrnum;
- int pcrSelectCount = 0;
-
/* UUID */
memcpy(&tss_uuid, uuid, sizeof(TSS_UUID));
int len;
fp = fopen(filename, "r");
- if (fp==NULL) {
- LOG(LOG_ERR, "file open fail, key blob file is %s",filename);
+ if (fp == NULL) {
+ LOG(LOG_ERR, "file open fail, key blob file is %s", filename);
result = TSS_E_KEY_NOT_LOADED;
goto close;
}
/* PCR selection */
OPENPTS_PCRS *pcrs,
/* Output */
- TSS_VALIDATION *validationData)
-{
+ TSS_VALIDATION *validationData) {
+ int i;
+ int srk_auth_len = 0;
+ int pcrSelectCount = 0;
TSS_RESULT result;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_HKEY hSRK;
TSS_HPOLICY hSRKPolicy;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
-
UINT32 srk_auth_mode = TSS_SECRET_MODE_PLAIN;
BYTE *srk_auth;
- int srk_auth_len = 0;
-
TSS_HKEY hKey;
TSS_HPOLICY hKeyPolicy;
TSS_UUID tss_uuid;
TSS_HPCRS hPcrComposite;
TSS_VALIDATION validation_data; // local
- int i;
UINT32 ulSubCapLength;
UINT32 rgbSubCap;
UINT32 pulRespDataLength;
BYTE *prgbRespData;
UINT32 pcrnum;
-
UINT32 versionInfoSize;
BYTE* versionInfo;
- int pcrSelectCount = 0;
-
/* UUID */
// uuit_t -> TSS_UUID
memcpy(&tss_uuid, uuid, sizeof(TSS_UUID));
/* Get SRK handles */
result = Tspi_Context_LoadKeyByUUID(
hContext,
- TSS_PS_TYPE_SYSTEM, // SRK in PS_SYSTEM
+ TSS_PS_TYPE_SYSTEM, // SRK in PS_SYSTEM
SRK_UUID,
&hSRK);
if (result != TSS_SUCCESS) {
int len;
fp = fopen(filename, "r");
- if (fp==NULL) {
- LOG(LOG_ERR, "file open fail, key blob file is %s",filename);
+ if (fp == NULL) {
+ LOG(LOG_ERR, "file open fail, key blob file is %s", filename);
result = TSS_E_KEY_NOT_LOADED;
goto close;
}
/* load from TSS's PS */
result = Tspi_Context_LoadKeyByUUID(
hContext,
- key_storage_type, // TSS_PS_TYPE_SYSTEM,
+ key_storage_type, // TSS_PS_TYPE_SYSTEM,
tss_uuid,
&hKey);
if (result != TSS_SUCCESS) {
close:
/* Close TSS/TPM */
+ Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return result;
}
close:
/* Close TSS/TPM */
+ Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return result;
}
*/
int validateQuoteData(
OPENPTS_PCRS *pcrs,
- TSS_VALIDATION *validationData)
-{
+ TSS_VALIDATION *validationData) {
int rc = PTS_VERIFY_FAILED;
int message_length;
BYTE *message;
*/
int validatePcrCompositeV11(
OPENPTS_PCRS *pcrs,
- TSS_VALIDATION *validationData)
-{
+ TSS_VALIDATION *validationData) {
int rc = PTS_VERIFY_FAILED;
int i;
int buf_len;
+ int count = 0;
+ int value_size;
BYTE *buf;
BYTE *ptr;
SHA_CTX ctx;
BYTE digest[20];
UINT16 mask = 0;
- int count = 0;
- int value_size;
/* check */
if (validationData == NULL) {
*/
int validatePcrCompositeV12(
OPENPTS_PCRS *pcrs,
- TSS_VALIDATION *validationData)
-{
+ TSS_VALIDATION *validationData) {
int rc = PTS_VERIFY_FAILED;
int i;
int buf_len;
+ int count = 0;
+ int value_size;
+ int pcrsel_size;
+ int loc = 0;
BYTE *buf;
BYTE *ptr;
SHA_CTX ctx;
BYTE digest[20];
UINT32 mask = 0;
- int count = 0;
- int value_size;
- int pcrsel_size;
- int loc = 0;
BYTE *composit_hash;
/* check */
return rc;
}
-
-
* \brief UML2 State Diagram
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-01-21 SM
+ * cleanup 2012-01-05 SM
*
* UML State Diagram (XMI2.1, Eclipse MDT) -> DOT (Graphviz) Utility
*/
#include <tss/tspi.h>
#include <openpts.h>
-// #include <log.h>
/*
-
UML
<subvertex xmi:type="uml:State" xmi:id="Kk02PKa3" name="CRTM_START" visibility="public">
<doActivity xmi:type="uml:Activity" xmi:id="_OzCawRyrEd6jytZ7WXwL3w" name="resetPCR(0)"/>
/**
* startDocument of SAX parser
*/
-void uml2sax_startDocument(void * fctx) {
+void uml2sax_startDocument(void * fctx) {
OPENPTS_FSM_CONTEXT *ctx;
DEBUG_CAL("startDocument - start\n");
+ /* check */
+ if (fctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
ctx = (OPENPTS_FSM_CONTEXT *)fctx;
ctx->error = 0;
/**
* endDocument of SAX parser
*/
-void uml2sax_endDocument(void * fctx) {
+void uml2sax_endDocument(void * fctx) {
OPENPTS_FSM_CONTEXT *ctx;
+ /* check */
+ if (fctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
ctx = (OPENPTS_FSM_CONTEXT *)fctx;
/* set start state */
/**
* startElement of SAX parser
*/
-void uml2sax_startElement(void* fctx, const xmlChar* name,
+void uml2sax_startElement(void* fctx, const xmlChar* name,
const xmlChar** atts) {
OPENPTS_FSM_CONTEXT *ctx;
int i;
char *type;
char *value;
+ /* check */
+ if (fctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
ctx = (OPENPTS_FSM_CONTEXT *)fctx;
+ if (name == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
// DEBUG_SAX("startElement - \n");
void uml2sax_endElement(void * fctx, const xmlChar * name) {
OPENPTS_FSM_CONTEXT *ctx;
+ /* check */
+ if (fctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
ctx = (OPENPTS_FSM_CONTEXT *)fctx;
+ if (name == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
if (!strcmp((char *)name, "subvertex")) {
addFsmSubvertex(ctx, subvertexXmiType, subvertexXmiId, subvertexName, doActivityName);
OPENPTS_FSM_CONTEXT *ctx;
char buf[FSM_BUF_SIZE];
+ /* check */
+ if (fctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
ctx = (OPENPTS_FSM_CONTEXT *)fctx;
+ if ((len > 0) && (ch == NULL)) {
+ LOG(LOG_ERR, "null input");
+ return;
+ }
if (len < FSM_BUF_SIZE) {
memcpy(buf, ch, len);
xmlSAXHandler sax_handler;
int rc;
+ /* check */
+ if (ctx == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+ if (umlfile == NULL) {
+ LOG(LOG_ERR, "null input");
+ return PTS_FATAL;
+ }
+
memset(&sax_handler, 0, sizeof(xmlSAXHandler));
sax_handler.startDocument = uml2sax_startDocument;
- sax_handler.endDocument = uml2sax_endDocument;
-
- sax_handler.startElement = uml2sax_startElement;
- sax_handler.endElement = uml2sax_endElement;
-
- sax_handler.characters = uml2sax_characters;
+ sax_handler.endDocument = uml2sax_endDocument;
+ sax_handler.startElement = uml2sax_startElement;
+ sax_handler.endElement = uml2sax_endElement;
+ sax_handler.characters = uml2sax_characters;
/* read UML */
* \brief Utility, generate dot file from UML2 state siagram
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
+ * cleanup 2012-01-05 SM
*
* UML State Diagram -> DOT --(graphviz)--> Graph(PNG,JPG etc)
*
#include <fcntl.h>
#include <openpts.h>
-// #include <log.h>
/**
* usage
*/
void usage(void) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_UML2DOT_USAGE,
- "usage: uml2dot [options] UMLfile \n"
- "\t-o output\tset output file (default is stdout)\n"
- "\t$ dot -Tpng foo.dot -o foo.png; eog foo.png\n"
- "\n"));
+ "usage: uml2dot [options] UMLfile \n"
+ "\t-o output\tset output file (default is stdout)\n"
+ "\t$ dot -Tpng foo.dot -o foo.png; eog foo.png\n"
+ "\n"));
}
/**
char *input_filename = NULL;
char *output_filename = NULL;
+ /* logging/NLS */
initCatalog();
while ((c = getopt(argc, argv, "do:h")) != EOF) {
input_filename = argv[0];
/* Read UML(XML) file */
-
if (input_filename == NULL) {
ERROR(NLS(MS_OPENPTS, OPENPTS_UML2DOT_MISSING_XML_FILE, "ERROR missing XMLfile\n"));
usage();
}
error:
-
freeFsmContext(ctx);
return rc;
* \brief UUID wrapper (Generic part, OPENPTS_UUID)
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-11-29
- * cleanup 2011-10-07 SM
+ * cleanup 2012-01-05 SM
*
* Linux uses libuuid
*
#endif
#include <openpts.h>
-#include <log.h>
-
-
#if UUIDSIZE < 16
#error Insufficient space in PTS_UUID
return pdt;
}
-
-
* \brief TCG IF-M Verifier
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-06
- * cleanup 2011-07-20 SM
+ * cleanup 2012-01-04 SM
*
*/
#include <openpts.h>
-
/**
* Lock (POSIX 1003.1)
* type:
exit(1);
}
- fl.l_start = 0;
- fl.l_len = 0;
+ fl.l_start = 0;
+ fl.l_len = 0;
fl.l_whence = SEEK_SET;
- fl.l_type = type;
- fl.l_pid = getpid();
- //if (fcntl(fd, F_SETLKW, &fl) < 0) {
+ fl.l_type = type;
+ fl.l_pid = getpid();
if (fcntl(fd, F_SETLK, &fl) < 0) {
// get PID of the process holding that lock
fcntl(fd, F_GETLK, &fl);
- ERROR( // TODO NLS
- "Openpts configulation is locked by other(pid=%d)\n", fl.l_pid);
+ ERROR(NLS(MS_OPENPTS, OPENPTS_VERIFIER_LOCKED,
+ "Openpts configulation is locked by other(pid=%d)\n"), fl.l_pid);
exit(1);
}
}
rc = mkdir(dirpath, S_IRUSR | S_IWUSR | S_IXUSR);
if (rc != 0) {
LOG(LOG_ERR, "mkdir on %s failed (errno=%d)", dirpath, errno);
- rc=PTS_FATAL;
+ rc = PTS_FATAL;
goto error;
}
configDirExists = 1;
rc = writeOpenptsUuidFile(conf->uuid, 1);
if (rc != PTS_SUCCESS) {
LOG(LOG_ERR, "Can't create UUID file, %s", uuid_file);
- rc=PTS_FATAL;
+ rc = PTS_FATAL;
goto error;
}
rc = writeOpenptsConf(conf, conf_file);
if (rc != PTS_SUCCESS) {
LOG(LOG_ERR, "Can't create config file, %s", conf_file);
- rc=PTS_FATAL;
+ rc = PTS_FATAL;
goto error;
}
}
*/
int verifierHandleRimmSet(
OPENPTS_CONTEXT *ctx,
- BYTE *value)
-{
+ BYTE *value) {
+
int rc = PTS_SUCCESS;
OPENPTS_CONFIG *target_conf;
int i;
} else if (!strncmp(prop->name, "disable.", 8)) {
/* Indicates a disabled tpm quote - SKIP */
} else if (prop->ignore == 1) {
- ERROR( // TODO NLS
- "The property %s is conflicted and excluded from the policy.\n", prop->name);
+ DEBUG("The property %s is conflicted and excluded from the policy.\n", prop->name);
} else {
fprintf(fp, "%s=%s\n", prop->name, prop->value);
i++;
rc = PTS_INTERNAL_ERROR;
goto close;
}
- // DEBUG("new read_tlv %p\n",read_tlv);
/* res -> fin */
ctx->nonce->res->reserved[0] = read_tlv->value[0];