void debugHex(char *head, BYTE *data, int num, char *tail);
int saveToFile(char * filename, int len, BYTE * msg);
-int getUint32(BYTE *buf);
+UINT32 getUint32(BYTE *buf);
int makeDir(char *dirname);
int checkDir(char *dirname);
int checkFile(char *filename);
#define incVerbosity() (verbosity++)
#define getVerbosity() (verbosity)
-#define OUTPUT(fmt, ...) fprintf(stderr, fmt, ##__VA_ARGS__)
+#define OUTPUT(fmt, ...) fprintf(stdout, fmt, ##__VA_ARGS__)
#define VERBOSE(v, fmt, ...) if (verbosity >= v) fprintf(stderr, fmt, ##__VA_ARGS__)
#define ERROR(fmt, ...) writeLog(LOG_ERR, "%s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__)
#define DEBUG_TPM(fmt, ...) DEBUG_WITH_FLAG(DEBUG_TPM_FLAG, fmt, ##__VA_ARGS__)
#define DEBUG_CAL(fmt, ...) DEBUG_WITH_FLAG(DEBUG_CAL_FLAG, fmt, ##__VA_ARGS__)
-#if 0
-#define ASSERT(cond, fmt, ...)\
-while (!(cond)) { \
- fprintf(stderr, "%s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__);\
- exit(1);\
-}
-#else
-#define ASSERT(cond, fmt) assert(cond)
-#endif
-
void writeLog(int priority, const char *format, ...);
void initCatalog(void);
void setLogLocation(int ll, char *filename);
+char *getLogLocationString();
+void determineLogLocationByEnv(void);
+void setSyslogCommandName(char *name);
#endif // INCLUDE_OPENPTS_LOG_H_
/* check */
if (eventWrapper == NULL) {
// TODO do not care for dummy EW
- DEBUG("addBIOSAction() - eventWrapper is NULL\n"); // TODO is this OK?
+ DEBUG("null input\n"); // TODO is this OK?
// TODO define RC <-> fsm.c >> INFO:(TODO) fsm.c:986 updateFsm() - rc = 58, call updateFsm() again
return PTS_INTERNAL_ERROR;
}
event = eventWrapper->event;
if (event == NULL) {
- ERROR("event is NULL\n");
- return PTS_INTERNAL_ERROR;
+ ERROR("null input\n");
+ return PTS_FATAL;
}
/* value = eventdata */
value = snmalloc((char *)event->rgbEvent, event->ulEventLength);
if (value == NULL) {
- return PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
/* name */
DEBUG_FSM("[FSM] addBIOSAction() - '%s' = '%s'\n", name, value);
- updateProperty(ctx, name, value);
+ setProperty(ctx, name, value);
xfree(value);
}
if (buf_len > BUF_SIZE) {
ERROR("SMBIOS size = %d\n", buf_len); // Thinkpad X200 => 3324
- updateProperty(ctx, "bios.smbios", "too big");
+ setProperty(ctx, "bios.smbios", "too big");
} else {
- updateProperty(ctx, "bios.smbios", buf);
+ setProperty(ctx, "bios.smbios", buf);
}
// rc = 0;
xfree(buf);
TSS_PCR_EVENT *event;
if (eventWrapper == NULL) {
- ERROR("eventWrapper is NULL\n");
+ ERROR("null input");
return PTS_INTERNAL_ERROR; // -1;
}
return PTS_INTERNAL_ERROR; // -1;
}
- updateProperty(ctx, "ipl.eltorito.integrity", "unknown");
+ setProperty(ctx, "ipl.eltorito.integrity", "unknown");
return PTS_SUCCESS; // -1;
}
ERROR("encodeBase64 fail");
return PTS_INTERNAL_ERROR;
}
- updateProperty(ctx, "kernel.initrd.digest", buf);
+ setProperty(ctx, "kernel.initrd.digest", buf);
xfree(buf);
- // updateProperty(ctx, "kernel.initrd.filename", (char*)event->rgbEvent);
+ // setProperty(ctx, "kernel.initrd.filename", (char*)event->rgbEvent);
/* add \n */
buf = xmalloc(event->ulEventLength + 1);
if (buf != NULL) {
memcpy(buf, event->rgbEvent, event->ulEventLength);
buf[event->ulEventLength] = 0;
- updateProperty(ctx, "kernel.initrd.filename", buf);
+ setProperty(ctx, "kernel.initrd.filename", buf);
xfree(buf);
}
*/
int validateKernelCmdline(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
TODO("validateKernelCmdline - NA\n");
- updateProperty(ctx, "kernel.commandline", "TBD");
+ setProperty(ctx, "kernel.commandline", "TBD");
return PTS_SUCCESS;
}
/* check */
if (eventWrapper == NULL) {
- ERROR("eventWrapper is NULL\n");
+ ERROR("null input\n");
return PTS_INTERNAL_ERROR; // -1;
}
if (memcmp(event->rgbEvent, digest, SHA1_DIGEST_SIZE) == 0) {
/* HIT */
// DEBUG("Good IMA aggregete\n");
- updateProperty(ctx, "ima.aggregate", "valid");
+ setProperty(ctx, "ima.aggregate", "valid");
} else {
/* MISS */
- updateProperty(ctx, "ima.aggregate", "invalid");
+ setProperty(ctx, "ima.aggregate", "invalid");
if (isDebugFlagSet(DEBUG_FLAG)) {
int j;
/* check aggregate */
if (memcmp(event->rgbPcrValue, digest, SHA1_DIGEST_SIZE) == 0) {
/* HIT */
- updateProperty(ctx, "ima.aggregate", "valid");
+ setProperty(ctx, "ima.aggregate", "valid");
} else {
/* MISS */
- updateProperty(ctx, "ima.aggregate", "invalids");
+ setProperty(ctx, "ima.aggregate", "invalids");
}
// TODO(munetoh) also check the eventdata string?
/* integrity */
snprintf(prop_name, sizeof(prop_name), "ima.%d.integrty", ctx->ima_count);
- updateProperty(ctx, prop_name, integrity);
+ setProperty(ctx, prop_name, integrity);
/* name */
snprintf(prop_name, sizeof(prop_name), "ima.%d.name", ctx->ima_count);
- updateProperty(ctx, prop_name, name);
+ setProperty(ctx, prop_name, name);
/* digest */
snprintf(prop_name, sizeof(prop_name), "ima.%d.digest", ctx->ima_count);
- updateProperty(ctx, prop_name, b64digest);
+ setProperty(ctx, prop_name, b64digest);
ctx->ima_count++;
return PTS_SUCCESS;
} else if (rc == 2) {
// MISS
// DEBUG("validateImaMeasurement w/ AIDE - MISS name=[%s]\n", name);
- // updateProperty(ctx, buf, "invalid");
+ // setProperty(ctx, buf, "invalid");
ctx->ima_unknown++;
buf = encodeBase64(
(unsigned char *)event->rgbEvent,
int validateImaAggregateNG(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
ERROR("validateImaAggregateNG - NA\n");
- updateProperty(ctx, "ima.aggregate", "TBD");
+ setProperty(ctx, "ima.aggregate", "TBD");
return PTS_INTERNAL_ERROR; // -1;
}
/**
* Collector Start - Verifier
*
- * TODO fill
+ * TODO not validate yet
*/
int startCollector(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
int rc = PTS_SUCCESS;
TSS_PCR_EVENT *event;
OPENPTS_EVENT_COLLECTOR_START *start = NULL;
- ASSERT(NULL != ctx, "startCollector() - ctx is null\n");
-
+ /* check ctx */
+ if (ctx == NULL) {
+ ERROR("startCollector() - ctx is null");
+ return PTS_FATAL;
+ }
if (ctx->target_conf == NULL) {
/* collector */
- /* If this is an ERROR should we be returning SUCCESS?? */
- ERROR("startCollector() - collector side - skip\n");
- return PTS_SUCCESS;
+ DEBUG_IFM("startCollector() - collector side - skip\n");
+ return PTS_FATAL;
}
-
if (ctx->target_conf->uuid == NULL) {
/* collector */
- /* If this is an ERROR should we be returning SUCCESS?? */
ERROR("startCollector() - uuid is NULL\n");
- return PTS_SUCCESS;
+ return PTS_FATAL;
}
- /* check */
+ /* check eventWrapper */
if (eventWrapper == NULL) {
ERROR("startCollector() - eventWrapper is NULL\n");
- rc = PTS_INTERNAL_ERROR;
- goto error;
+ return PTS_FATAL;
}
-
event = eventWrapper->event;
if (event == NULL) {
ERROR("startCollector() - event is NULL\n");
- rc = PTS_INTERNAL_ERROR;
- goto error;
+ return PTS_FATAL;
}
-
if (event->ulEventLength != sizeof(OPENPTS_EVENT_COLLECTOR_START)) {
ERROR("startCollector() - Bad eventData size %d != %d\n",
event->ulEventLength,
sizeof(OPENPTS_EVENT_COLLECTOR_START));
- rc = PTS_INTERNAL_ERROR; // TODO
- goto error;
+ return PTS_FATAL;
}
+
/* Event Data */
start = (OPENPTS_EVENT_COLLECTOR_START *)event->rgbEvent;
/* validation - TSS version */
if (memcmp(&start->pts_version, &ctx->target_conf->pts_version, 4) != 0) {
- DEBUG("startCollector() - Bad PTS version\n");
- // rc = PTS_INTERNAL_ERROR; // TODO
- // goto error;
+ ERROR("startCollector() - Bad PTS version\n");
+ rc = PTS_INVALID_COLLECTOR;
}
/* validation - Collector UUID */
if (memcmp(&start->collector_uuid, ctx->target_conf->uuid->uuid, 16) != 0) {
- DEBUG("startCollector() - Bad Collector UUID (Unit Testing?)\n");
- // TODO test will stop. must be controlable?
- // rc = PTS_INTERNAL_ERROR; // TODO
- // goto error;
+ ERROR("startCollector() - Bad Collector UUID (Unit Testing?)\n");
+ rc = PTS_INVALID_COLLECTOR;
}
/* validation - Manifest UUID */
-
if (memcmp(&start->manifest_uuid, ctx->target_conf->rm_uuid->uuid, 16) != 0) {
- // TODO in the test ptscd generate new RM UUID
- DEBUG("startCollector() - Bad Manifest UUID (Unit Testing?)\n");
- // rc = PTS_INTERNAL_ERROR; // TODO
- // goto error;
+ // TODO in the test ptsc generate new RM UUID
+ ERROR("startCollector() - Bad Manifest UUID (Unit Testing?)\n");
+ rc = PTS_INVALID_COLLECTOR;
}
-
- return PTS_SUCCESS;
-
- error:
- /* Error */
- // printout the example IR data to create the test case
- {
- char *buf;
- int buf_len;
-
- if (start == NULL) {
- start = malloc(sizeof(OPENPTS_EVENT_COLLECTOR_START));
- if (start == NULL) {
- ERROR("no memory");
- return PTS_INTERNAL_ERROR;
- }
- }
- printHex("OPENPTS_EVENT_COLLECTOR_START",
- (unsigned char*)start, sizeof(OPENPTS_EVENT_COLLECTOR_START), "\n");
- buf = encodeBase64(
- (unsigned char *)start,
- sizeof(OPENPTS_EVENT_COLLECTOR_START),
- &buf_len);
- if (buf == NULL) {
- ERROR("encodeBase64 fail");
- rc = PTS_INTERNAL_ERROR;
- goto free;
- }
- ERROR("EventData: %s\n", buf);
- xfree(buf);
-
- memcpy(&start->pts_version, &ctx->target_conf->pts_version, 4);
- memcpy(&start->collector_uuid, ctx->target_conf->uuid->uuid, 16);
- memcpy(&start->manifest_uuid, ctx->target_conf->rm_uuid->uuid, 16);
-
- printHex("OPENPTS_EVENT_COLLECTOR_START",
- (unsigned char*)start, sizeof(OPENPTS_EVENT_COLLECTOR_START), "\n");
- buf = encodeBase64(
- (unsigned char *)start,
- sizeof(OPENPTS_EVENT_COLLECTOR_START),
- &buf_len);
- if (buf == NULL) {
- ERROR("encodeBase64 fail");
- rc = PTS_INTERNAL_ERROR;
- goto free;
- }
- ERROR("EventData: %s\n", buf);
- xfree(buf);
- free:
- xfree(start);
- }
-
- return rc; // TODO
+ return rc;
}
char *buf;
data = (OPENPTS_EVENT_TBOOT_SINIT_V6 *) event->rgbEvent;
buf = getHexString(data->sinit_hash, 20);
- updateProperty(ctx, "intel.txt.tboot.sinit.hash.hex", buf);
+ setProperty(ctx, "intel.txt.tboot.sinit.hash.hex", buf);
xfree(buf);
// TODO add rest
}
char *buf;
data = (OPENPTS_EVENT_TBOOT_SINIT_V7 *) event->rgbEvent;
buf = getHexString(data->sinit_hash, 32);
- updateProperty(ctx, "intel.txt.tboot.sinit.hash.hex", buf);
+ setProperty(ctx, "intel.txt.tboot.sinit.hash.hex", buf);
xfree(buf);
// TODO add rest
}
char *buf;
data = (OPENPTS_EVENT_TBOOT_STM_V6 *) event->rgbEvent;
buf = getHexString(data->bios_acm_id, 20);
- updateProperty(ctx, "intel.txt.tboot.bios.acm.id.hex", buf);
+ setProperty(ctx, "intel.txt.tboot.bios.acm.id.hex", buf);
xfree(buf);
// TODO add rest
}
char *buf;
data = (OPENPTS_EVENT_TBOOT_POLCTL *) event->rgbEvent;
buf = getHexString(data->pol_control, 4);
- updateProperty(ctx, "intel.txt.tboot.pol.control.hex", buf);
+ setProperty(ctx, "intel.txt.tboot.pol.control.hex", buf);
xfree(buf);
buf = getHexString(data->pol_hash, 20);
- updateProperty(ctx, "intel.txt.tboot.pol.hash.hex", buf);
+ setProperty(ctx, "intel.txt.tboot.pol.hash.hex", buf);
xfree(buf);
// TODO add rest
}
{
char *buf;
buf = getHexString(event->rgbPcrValue, 20);
- updateProperty(ctx, "intel.txt.tboot.mle.hash.hex", buf);
+ setProperty(ctx, "intel.txt.tboot.mle.hash.hex", buf);
xfree(buf);
}
break;
"intel.txt.tboot.pcr.%d.module.command.hash.hex",
event->ulPcrIndex);
value = getHexString(data->command_hash, 20);
- updateProperty(ctx, name, value);
+ setProperty(ctx, name, value);
xfree(value);
snprintf(name, sizeof(name),
"intel.txt.tboot.pcr.%d.module.file.hash.hex",
event->ulPcrIndex);
value = getHexString(data->file_hash, 20);
- updateProperty(ctx, name, value);
+ setProperty(ctx, name, value);
xfree(value);
snprintf(name, sizeof(name),
value = xmalloc_assert(size + 1);
memcpy(value, (BYTE *)ptr, size);
value[size] = 0;
- updateProperty(ctx, name, value);
+ setProperty(ctx, name, value);
xfree(value);
snprintf(name, sizeof(name),
value = xmalloc_assert(size + 1);
memcpy(value, (BYTE *)ptr, size);
value[size] = 0;
- updateProperty(ctx, name, value);
+ setProperty(ctx, name, value);
xfree(value);
}
}
// TODO
ctx->drtm = 1;
- // updateProperty(ctx, "kernel.commandline", "TBD");
+ // setProperty(ctx, "kernel.commandline", "TBD");
return PTS_SUCCESS;
}
#endif
int i;
/* check */
- ASSERT(NULL != ctx, "doActivity - ctx is NULL\n");
- ASSERT(NULL != action, "doActivity - action is NULL\n");
-
+ if (ctx == NULL) {
+ ERROR("doActivity - ctx is NULL");
+ return PTS_FATAL;
+ }
+ if (action == NULL) {
+ ERROR("doActivity - action is NULL");
+ return PTS_FATAL;
+ }
if (eventWrapper == NULL) {
/* NULL event, skip evaluation */
- // DEBUG("doActivity - eventWrapper is NULL\n");
+ DEBUG_FSM("doActivity - eventWrapper is NULL, skip evaluation\n");
// return 1; //OPENPTS_FSM_SUCCESS;
}
/* copy */
buf = smalloc(action);
if (buf == NULL) {
- return PTS_FATAL; // -1;
+ return PTS_FATAL;
}
/* no action */
ctx = xmalloc(sizeof(OPENPTS_UPDATE_CONTEXT));
if (ctx == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(ctx, 0, sizeof(OPENPTS_UPDATE_CONTEXT));
uss = xmalloc(sizeof(OPENPTS_UPDATE_SNAPSHOT));
if (uss == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(uss, 0, sizeof(OPENPTS_UPDATE_SNAPSHOT));
* BIN -> Free
*/
int resetFsm(OPENPTS_SNAPSHOT *ss) {
- ASSERT(NULL != ss, "resetFsm() - ss is NULL\n");
+ /* check */
+ if (ss == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* free event wrapper chain */
if (ss->start != NULL) {
DEBUG("startUpdate() - start\n");
+ /* check input */
+ if (ctx == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
- conf->target_newrm_exist = 0;
-
+ if (conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ /* check conf */
if (conf->enable_aru == 0) {
- /* SKIP */
+ /* disabled */
return PTS_SUCCESS;
}
+ /* clear flag */
+ conf->target_newrm_exist = 0;
/* check */
- ASSERT(NULL != eventWrapper, "startUpdate() - eventWrapper is NULL\n");
-
+ if (eventWrapper == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
event = eventWrapper->event;
- ASSERT(NULL != event, "startUpdate() - event is NULL\n");
+ if (event == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (event->ulEventLength <= 20) { // TODO sizeof
ERROR("startUpdate() - bad eventdata\n");
- return PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
if (event->rgbEvent == NULL) {
- ERROR("startUpdate() - bad eventdata\n");
- return PTS_INTERNAL_ERROR;
+ ERROR("null input");
+ return PTS_FATAL;
}
if (conf->update == NULL) {
- ERROR("startUpdate() -- missing update ctx\n");
- return PTS_INTERNAL_ERROR;
+ ERROR("null input");
+ return PTS_FATAL;
}
- update = (OPENPTS_UPDATE_CONTEXT *) conf->update;
-
- /* OPENPTS_EVENT_UPDATE_START */
+ update = (OPENPTS_UPDATE_CONTEXT *) conf->update;
start = (OPENPTS_EVENT_UPDATE_START *) event->rgbEvent;
// DEBUG("StartUpdate\n");
conf->update_exist = 1;
DEBUG("startUpdate() - update exit\n");
- /* new/replace the UUID */
- // 2011-02-18 SM not now, later
- // if (update->uuid != NULL) {
- // freeUuid(update->uuid);
- // xfree(update->str_uuid);
- // }
- // update->uuid = newUuid();
- // update->str_uuid = getStringOfUuid(update->uuid);
-
-
-#if 0
- // TODO this pcr_index must be bigger then target pcr_index, since this evaluation must be the last.
- // TODO We need some config/controll that force the PCR for Update is ealuated at the last
-
- /* reset target snaposhot */
- ss = getSnapshotFromTable(
- ctx->ss_table,
- start->target_pcr_index,
- start->target_snapshot_level);
-
- ss->update_num++;
- ctx->ss_table->update_num[ss->level]++;
- ctx-> update_num++;
-
- // DEBUG("Update by FSM %s\n", ss->fsm_behavior->uml_file);
- // verbose |= DEBUG_FSM_FLAG;
-
- // Step 1. getIml() - IML --> BHV-FSM --> SS->eventWrapper chain
- // Step 2. writeAllCoreValue() in rm.c - SS->eventWrapper chain -> BIN-FSM is generated
- resetFsm(ss); // fsm.c
-
- /* update type */
- if (start->update_type == 0) {
- UINT32 *pnum;
- UINT32 num;
- char buf[BUF_SIZE];
-
- pnum = (UINT32 *)start->data;
- num = *pnum;
- if (ctx->conf->iml_endian != 0) {
- num = b2l(num);
- }
- // DEBUG("UPDATE_IPL_IMAGE iml.ipl.maxcount=%d 0x%x\n",num, num);
- snprintf(buf, BUF_SIZE, "%d", num);
- setProperty(ctx, "iml.ipl.maxcount", buf);
- }
-
- /* Modify BIN-BHV, on the fly? */
- /* Copy BIN-BHV to BIN-BHV-NEXT ? */
- /* Then BIN-BHV-NEXT => new RM */
-#endif
-
return PTS_SUCCESS;
}
DEBUG_CAL("deputyEvent() - start\n");
+ /* check input */
+ if (ctx == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
+ if (conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ /* check conf */
if (ctx->conf->enable_aru == 0) {
/* SKIP */
return PTS_SUCCESS;
}
/* check */
- ASSERT(NULL != eventWrapper, "deputyEvent() - eventWrapper is NULL\n");
-
+ if (eventWrapper == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
event = eventWrapper->event;
- ASSERT(NULL != event, "deputyEvent() - event is NULL\n");
-
- if (conf->update == NULL) {
- /* */
- ERROR("deputyEvent() - startUpdate is missing, BAD eventlog\n");
- return PTS_INTERNAL_ERROR; // TODO
+ if (event == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
}
update = conf->update;
if (update == NULL) {
- rc = PTS_INTERNAL_ERROR;
- goto end;
+ ERROR("null input");
+ return PTS_FATAL;
}
/* OPENPTS_UPDATE_SNAPSHOT */
[update->target_pcr_index]
[update->target_snapshot_level];
if (uss == NULL) {
- rc = PTS_INTERNAL_ERROR;
- goto end;
+ ERROR("null input");
+ return PTS_FATAL;
}
-#if 1
/* copy to update[] */
-
- /* Snapshot */
- // ss = getSnapshotFromTable(
- // ctx->ss_table,
- // update->target_pcr_index,
- // update->target_snapshot_level);
- //
- // ew = newEventWrapper();
- // ew->event = eventWrapper->event;
- // ew->snapshot = ss;
- // ew->index = ss->event_num; // TODO
-
if (uss->event_count == 0) {
/* link to 1st event */
- // ew->next_all = NULL;
- // ew->next_pcr = NULL;
uss->ew_deputy_first = eventWrapper;
uss->ew_deputy_last = eventWrapper;
- // uss->ew_end = ew;
} else {
/* other events */
- // uss->ew_end->next_all = ew;
- // uss->ew_end->next_pcr = ew;
- // uss->ew_end = ew;
uss->ew_deputy_last = eventWrapper;
}
uss->event_count++;
-#else
- // Update now
- // DEBUG("deputyEvent() cnt = 0x%x\n", update->event_count);
-
- /* update target snaposhot */
- ss = getSnapshotFromTable(
- ctx->ss_table,
- update->target_pcr_index,
- update->target_snapshot_level);
-
- // TODO copy from iml.c addEventToSnapshotBhv(), add new func for this part
-
- /* duplidate the eventwrapper (and event too) */
- // OR
- /* remove ss link to update PCR */
- // return OPENPTS_FSM_MIGRATE_EVENT and original updateFsm does not create the chain for this?
-
- /* set sw->ss link */
- eventWrapper->snapshot = ss;
- eventWrapper->index = ss->event_num;
-
- rc = updateFsm(ctx, ss->fsm_behavior, eventWrapper); // TODO ignore the pcr_index
- if (rc == OPENPTS_FSM_ERROR) {
- /* FSM detect invalid IML, or bad FSM for this IML */
- DEBUG("[RM%02d-PCR%02d] updateFsm() => OPENPTS_FSM_ERROR ===> rc=PTS_INVALID_SNAPSHOT, added Reason\n",
- update->start->target_snapshot_level, update->start->target_pcr_index);
- addReason(ctx, update->start->target_pcr_index, NLS(MS_OPENPTS, OPENPTS_ARU_IML_VALIDATION_FAILED,
- "[RM%02d-PCR%02d] IML validation by FSM has failed. State='%s' at the FSM is '%s'"),
- update->start->target_snapshot_level,
- update->start->target_pcr_index,
- ss->fsm_behavior->curr_state->name,
- ss->fsm_behavior->uml_file);
- ctx->ss_table->error[update->start->target_pcr_index] = PTS_INVALID_SNAPSHOT;
- rc = PTS_INVALID_SNAPSHOT;
- } else if (rc == OPENPTS_FSM_FINISH) {
- /* OK, FSM finish successfly */
- ss->fsm_behavior->status = OPENPTS_FSM_FINISH;
- rc = PTS_SUCCESS;
-
- /* Move to next level (0->1) */
- incActiveSnapshotLevel(ctx->ss_table, update->start->target_pcr_index);
- } else if (rc == OPENPTS_FSM_SUCCESS) {
- /* OK */
- rc = PTS_SUCCESS;
- } else if (rc == OPENPTS_FSM_TRANSIT) {
- // TRANSIT, Skip update SS chain
- // TODO set by updateFsm
- ss->fsm_behavior->status = OPENPTS_FSM_FINISH;
-
- /* Move to next level (0->1) */
- incActiveSnapshotLevel(ctx->ss_table, update->start->target_pcr_index);
- goto end;
- } else if (rc == OPENPTS_FSM_FINISH_WO_HIT) {
- // TRANSIT, Skip update SS chain
- // TODO set by updateFsm
- ss->fsm_behavior->status = OPENPTS_FSM_FINISH;
-
- /* Move to next level (0->1) */
- incActiveSnapshotLevel(ctx->ss_table, update->start->target_pcr_index);
- goto end;
- } else {
- ERROR("deputyEvent() - updateFsm rc=%d\n", rc);
- }
-
- /* update SS chain */
- if (ss->event_num == 0) {
- /* First event */
- ss->start = eventWrapper;
- ss->end = eventWrapper;
- } else {
- /* else - last */
- ss->end->next_pcr = eventWrapper;
- ss->end = eventWrapper;
- }
-
- ss->event_num++;
- update->event_count++;
- rc = OPENPTS_FSM_MIGRATE_EVENT;
-#endif // 1/0
-
-
- end:
return rc;
}
DEBUG("endUpdate() - start\n");
+ /* check input */
+ if (ctx == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
+ if (conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ /* check conf */
if (conf->enable_aru == 0) {
/* SKIP */
DEBUG("endUpdate() - done(skip), conf->enable_aru == 0\n");
DEBUG("endUpdate() - update exist\n");
/* check */
- ASSERT(NULL != eventWrapper, "eventWrapper is NULL\n");
-
+ if (eventWrapper == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
event = eventWrapper->event;
- ASSERT(NULL != event, "event is NULL\n");
-
- if (conf->update == NULL) {
- /* */
- ERROR("startUpdate is missing, BAD eventlog\n");
- return PTS_INTERNAL_ERROR; // TODO bad IML
+ if (event == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
}
update = conf->update;
- // TODO CK
+ if (update == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
uss = update->snapshot
[update->target_pcr_index]
[update->target_snapshot_level];
- // TODO CK
-
+ if (uss == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* start structure */
start = uss->start;
+ if (start == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
// Convert the Endian
if (ctx->conf->iml_endian != 0) {
event_num = b2l(start->event_num);
event_num = start->event_num;
}
-
-
uss->ew_end_update = eventWrapper;
-
-
/* check the event num */
if (uss->event_count != event_num) {
/* actual event number is different with the number in start event */
ERROR("number of events (%08x) are not same with definition at start (%08x), BAD eventlog?\n",
uss->event_count, event_num);
-
- // BAD TEST data?
-#if 0
- if (DEBUG_IR) {
- /* Fix IR test data */
- unsigned char b64[128];
-
- if (ctx->conf->iml_endian != 0) {
- start->event_num = b2l(uss->event_count);
- } else {
- start->event_num = uss->event_count;
- }
- printHex("UpdateEvent ", (BYTE*) start, sizeof(OPENPTS_EVENT_UPDATE_START), "\n");
- // 00000004 00000001 00000017 00000000 04000000 00000016
- encodeBase64(b64, (unsigned char *)start, sizeof(OPENPTS_EVENT_UPDATE_START));
- TODO("base64 %s\n", b64);
- }
-#endif
- // return PTS_INTERNAL_ERROR; // TODO bad IML
+ return PTS_INVALID_SNAPSHOT;
}
- // TODO set end flag to last EW?
-
- // DEBUG("endUpdate() \n");
-
return PTS_SUCCESS;
}
* doAction - updateCollector
*/
int updateCollector(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) {
- int rc = PTS_SUCCESS;
+ // int rc = PTS_SUCCESS;
TSS_PCR_EVENT *event;
OPENPTS_EVENT_COLLECTOR_UPDATE *update = NULL;
OPENPTS_CONFIG *conf;
DEBUG("updateCollector() - start\n");
+ /* check input */
+ if (ctx == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
-
-
-
- /* check ARU is on/off */
- // if (conf->enable_aru == 0) {
- // /* SKIP */
- // DEBUG("updateCollector() - skip\n");
- // return PTS_SUCCESS;
- // }
-
- // TODO delete?
- // if (ctx->target_conf != NULL) {
- // // TODO ok?
- // /* verifier - SKIP*/
- // DEBUG("updateCollector() - verifier side - skip, clear update_exist\n");
- // conf->update_exist = 0;
- // return PTS_SUCCESS;
- // }
-
+ if (conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
/* check */
- ASSERT(NULL != eventWrapper, "updateCollector() - eventWrapper is NULL\n");
-
+ if (eventWrapper == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
event = eventWrapper->event;
- ASSERT(NULL != event, "updateCollector() - event is NULL\n");
+ if (event == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (event->ulEventLength != sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE)) {
ERROR("updateCollector() - Bad eventData size %d != %d\n",
event->ulEventLength,
sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE));
- rc = PTS_INTERNAL_ERROR; // TODO
- goto error;
+ return PTS_INVALID_SNAPSHOT;
}
/* Event Data */
if (conf->target_newrm_uuid == NULL) {
conf->target_newrm_uuid = xmalloc(sizeof(PTS_UUID));
if (NULL == conf->target_newrm_uuid) {
- rc = PTS_INTERNAL_ERROR;
- goto error;
+ ERROR("no memory");
+ return PTS_FATAL;
}
}
memcpy(conf->target_newrm_uuid, &update->new_manifest_uuid, sizeof(PTS_UUID));
/* Notification for Verifier side */
conf->target_newrm_exist = 1;
-
/* re-set PCR */
// TODO if TCDS was restart, the eventlog used by PTSCD was gone.
- // TODO
-#if 0
- /* validation - TSS version */
- if (memcmp(&update->pts_version, &ctx->target_conf->pts_version, 4) != 0) {
- ERROR("updateCollector() - Bad PTS version\n");
- rc = PTS_INTERNAL_ERROR; // TODO
- goto error;
- }
-
- /* validation - Collector UUID */
- if (memcmp(&update->collector_uuid, ctx->target_conf->uuid->uuid, 16) != 0) {
- ERROR("updateCollector() - Bad Collector UUID\n");
- rc = PTS_INTERNAL_ERROR; // TODO
- goto error;
- }
-#endif
-
- /* validation - New Manifest UUID */
-#if 0
- // TODO 2011-02-18 Process terminating with default action of signal 11 (SIGSEGV)
- if (ctx->target_conf->newrm_uuid != NULL) {
- if (memcmp(&update->new_manifest_uuid, ctx->target_conf->newrm_uuid->uuid, 16) != 0) {
- // TODO in the test ptscd generate new RM UUID
- // TODO update exist => get new Manifest
- // TODO multiple manifest => we have to check last-one only
- // RODO and we can not know the last or not at here
- TODO("updateCollector() - Bad New Manifest UUID\n");
- // rc = PTS_INTERNAL_ERROR; // TODO
- // goto error;
- }
- }
-#endif
-
-
-
DEBUG("updateCollector() - done, clear update_exist flag\n");
return PTS_SUCCESS;
-
- error:
- /* Error */
-
-#if 0
- // gen IR data to create the test
- if (DEBUG_IR) {
- unsigned char b64[256];
-
- ERROR("Error create base64 eventdata\n");
-
- if (update == NULL) {
- update = xmalloc(sizeof(OPENPTS_EVENT_COLLECTOR_START));
- }
-
- printHex("OPENPTS_EVENT_COLLECTOR_UPDATE", (unsigned char*)update,
- sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE), "\n");
- encodeBase64(b64, (unsigned char *)update,
- sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE));
- ERROR("EventData: %s\n", b64);
-
- memcpy(&update->pts_version, &ctx->target_conf->pts_version, 4);
- memcpy(&update->collector_uuid, ctx->target_conf->uuid->uuid, 16);
- memcpy(&update->new_manifest_uuid, ctx->target_conf->rm_uuid->uuid, 16);
-
- printHex("OPENPTS_EVENT_COLLECTOR_START", (unsigned char*)update,
- sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE), "\n");
- encodeBase64(b64, (unsigned char *)update,
- sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE));
- ERROR("EventData: %s\n", b64);
- }
-#endif
-
- DEBUG_CAL("updateCollector() - done, error, rc=%d\n", rc);
- return rc; // TODO
}
int update_type;
int data_length;
-
DEBUG_CAL("updateSnapshot() - start, pcr=%d level=%d %d events exist!!!\n", i, j, uss->event_count);
+ /* check input */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (uss == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+
/* start structure */
start = uss->start;
// Convert the Endian
/* update target snaposhot */
ss = getSnapshotFromTable(ctx->ss_table, i, j);
if (NULL == ss) {
- ERROR("Got a NULL snapshot\n");
- return PTS_INVALID_SNAPSHOT;
+ ERROR("null snapshot\n");
+ return PTS_FATAL;
}
// TODO remove fillowing counters
/*Change PCR index */
eventWrapper->event->ulPcrIndex = i;
/* set sw->ss link */
- // eventWrapper->snapshot = ss;
- // eventWrapper->index = ss->event_num;
rc = updateFsm(ctx, ss->fsm_behavior, eventWrapper); // TODO ignore the pcr_index
if (rc == OPENPTS_FSM_ERROR) {
/* FSM detect invalid IML, or bad FSM for this IML */
}
/**
- * Ectend Collector Update Event
+ * Extend Collector Update Event
* type 0x85 (133)
*/
int extendEvCollectorUpdate(OPENPTS_CONFIG *conf) {
SHA_CTX sha_ctx;
/*check */
- ASSERT(NULL != conf->newrm_uuid, "conf->newrm_uuid == NULL\n");
- ASSERT(NULL != conf->newrm_uuid->uuid, "conf->newrm_uuid->uuid == NULL\n");
-
+ if (conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ if (conf->newrm_uuid == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ if (conf->newrm_uuid->uuid == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
/* malloc eventlog */
collector_update = xmalloc_assert(sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE));
memcpy(&collector_update->pts_version, &conf->pts_version, 4);
memcpy(&collector_update->collector_uuid, conf->uuid->uuid, 16);
memcpy(&collector_update->new_manifest_uuid, conf->newrm_uuid->uuid, 16);
+
/* get PCR value*/
// memcpy(&collector_start->pcr_value;
// readPcr(conf->openpts_pcr_index, pcr);
/* fill eventlog */
// event->versionInfo // set by TSP?
- event->ulPcrIndex = conf->openpts_pcr_index; // set by TSP?
- event->eventType = EV_COLLECTOR_UPDATE; // openpts_tpm.h
+ event->ulPcrIndex = conf->openpts_pcr_index; // set by TSP?
+ event->eventType = EV_COLLECTOR_UPDATE; // openpts_tpm.h
event->ulPcrValueLength = SHA1_DIGEST_SIZE;
- event->rgbPcrValue = pcr;
- event->ulEventLength = sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE);
- event->rgbEvent = (BYTE *) collector_update;
+ event->rgbPcrValue = pcr;
+ event->ulEventLength = sizeof(OPENPTS_EVENT_COLLECTOR_UPDATE);
+ event->rgbEvent = (BYTE *) collector_update;
/* extend */
extendEvent(event);
OPENPTS_CONFIG *conf;
OPENPTS_UPDATE_CONTEXT *update;
OPENPTS_UPDATE_SNAPSHOT *uss;
- // OPENPTS_EVENT_UPDATE_START *start;
int i, j;
DEBUG_CAL("updateSnapshots() - start\n");
+ /* check input */
+ if (ctx == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
+ if (conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+
+
if (conf->update_exist == 0) {
TODO("updateSnapshots() - done, no update\n");
return PTS_SUCCESS;
}
update = (OPENPTS_UPDATE_CONTEXT *)conf->update;
-
+ if (update == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
for (i = 0; i < MAX_PCRNUM; i++) {
for (j = 0; j < MAX_SSLEVEL; j++) {
} // level
} // pcr
-#if 0 // BAD location moved
- /* Extend Collector Update event */
- rc = extendEvCollectorUpdate(conf);
- if (rc != PTS_SUCCESS) {
- ERROR("updateSnapshots() - extendEvCollectorUpdate fail\n");
- }
-#endif
-
- /* free */
-
return rc;
}
DEBUG_CAL("update() - start\n");
+ /* check */
+ if (conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+
/* ctx for init */
ctx = newPtsContext(conf);
if (ctx == NULL) {
- rc = PTS_INTERNAL_ERROR;
- goto free;
+ ERROR("no memory");
+ return PTS_FATAL;
}
-
/* add property */
if (prop_count > 0) {
+ /* check */
+ if (prop_start == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ if (prop_end == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
ctx->prop_start = prop_start;
- ctx->prop_end = prop_end;
+ ctx->prop_end = prop_end;
ctx->prop_count = prop_count;
}
addPropertiesFromConfig(conf, ctx);
/* UUID of this platform */
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_UPDATE_PLATFORM_UUID, "Platform UUID: %s\n"), conf->uuid->str);
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_UPDATE_RM_UUID, "Reference manifest UUID: %s\n"), conf->rm_uuid->str);
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_UPDATE_PLATFORM_UUID,
+ "Platform UUID: %s\n"), conf->uuid->str);
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_UPDATE_RM_UUID,
+ "Reference manifest UUID: %s\n"), conf->rm_uuid->str);
// OUTPUT("RM UUID (for next boot) : %s\n", conf->newrm_uuid->str); // NULL
/* List RMs */
return rc;
}
-
+/**
+ *
+ */
static int diffFileAgainstCache(char *fileName, int len, BYTE *contents) {
- int rc = -1;
+ int rc = PTS_FATAL;
struct stat statBuf;
int fd = open(fileName, O_RDONLY);
- if ( -1 == fd ) {
+
+ if (fd == -1) {
ERROR("Failed to open '%s', errno %d\n", fileName, errno);
- } else if ( -1 == fstat(fd, &statBuf) ) {
+ } else if (fstat(fd, &statBuf) == -1) {
ERROR("Failed to stat '%s' (fd %d), errno %d\n", fileName, fd, errno);
} else if ( len != statBuf.st_size ) {
DEBUG("File length for pending RM '%s' (%d) does not match cached length (%d) from collector.\n",
if ( -1 == bytesRead ) {
ERROR("Failed to read from fd %d, errno %d\n", fd, errno);
break;
- } else if ( 0 == bytesRead ) {
- ASSERT(totalBytesRead == len,
- "Finished reading from file prematurely, still expecting data.\n");
- rc = 0;
+ } else if ( bytesRead == 0) {
+ if (totalBytesRead != len) {
+ ERROR("Finished reading from file prematurely, still expecting data.");
+ return PTS_FATAL;
+ }
+ rc = PTS_SUCCESS;
break;
} else {
totalBytesRead += bytesRead;
- ASSERT(totalBytesRead <= len, "Read more data from RM file than expected\n");
+ if (totalBytesRead > len) {
+ ERROR("Read more data from RM file than expected.");
+ return PTS_FATAL;
+ }
DEBUG("Read %ld bytes, total = %d out of %d\n", bytesRead, totalBytesRead, len);
if ( 0 != memcmp(page, contents, bytesRead) ) {
}
}
- if ( -1 != fd ) {
+ if ( fd != -1) {
close(fd);
}
return rc;
}
-
+/**
+ *
+ */
int isNewRmStillValid(OPENPTS_CONTEXT *ctx, char *conf_dir) {
- int rc = -1;
+ int rc = PTS_FATAL;
BYTE *newRmSet;
char *str_collector_uuid;
OPENPTS_CONFIG *target_conf = NULL;
/* check */
- ASSERT(NULL != ctx, "isNewRmStillValid() - ctx is null\n");
-
+ if (ctx == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
- ASSERT(NULL != conf, "isNewRmStillValid() - conf is null\n");
+ if (conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+
+
/* version */
// TODO
newRmSet = conf->newRmSet;
-
- ASSERT(0 != newRmSet, "isNewRmStillValid() - newRmSet is null\n");
- ASSERT(0 != ctx->target_conf, "isNewRmStillValid() - target_conf is null\n");
- ASSERT(0 != ctx->target_conf->uuid, "isNewRmStillValid() - target_conf->uuid is null\n");
- ASSERT(0 != ctx->target_conf->rm_uuid, "isNewRmStillValid() - target_conf->rm_uuid is null\n");
-
+ if (newRmSet == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
target_conf = ctx->target_conf;
+ if (target_conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ if (target_conf->uuid == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ if (target_conf->rm_uuid == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
/* UUID strings */
str_collector_uuid = target_conf->uuid->str;
OPENPTS_CONFIG *target_conf = NULL;
/* check */
- ASSERT(NULL != ctx, "updateNewRm() - ctx is null\n");
-
+ if (ctx == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
- ASSERT(NULL != conf, "updateNewRm() - conf is null\n");
+ if (conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+
/* version */
// TODO
newRmSet = conf->newRmSet;
-
- ASSERT(0 != newRmSet, "updateNewRm() - newRmSet is null\n");
- ASSERT(0 != ctx->target_conf, "updateNewRm() - target_conf is null\n");
- ASSERT(0 != ctx->target_conf->uuid, "updateNewRm() - target_conf->uuid is null\n");
- ASSERT(0 != ctx->target_conf->rm_uuid, "updateNewRm() - target_conf->rm_uuid is null\n");
+ if (newRmSet == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ if (ctx->target_conf == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ if (ctx->target_conf->uuid == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+ if (ctx->target_conf->rm_uuid == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
/* UUID strings */
str_collector_uuid = ctx->target_conf->uuid->str;
* \brief Base64 Encode/Decode
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-08-17 SM
+ * cleanup 2011-12-31 SM
*
* http://en.wikipedia.org/wiki/Base64
*
#include <string.h>
#include <openpts.h>
-// #include <log.h>
/**
* calc base64 size
int inCount;
int outCount;
+ /* check */
+ if (in == NULL) {
+ ERROR("null input");
+ return 0;
+ }
+
inCount = inLen / 4;
if (inCount > 0) {
--inCount;
/**
* Encode BYTE[] to Base64 string
+ * Return
+ * count
+ * -1 ERROR
*/
int _encodeBase64(char *out, unsigned char * in, int len) {
int ptr1 = 0;
'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'
};
- if (out ==NULL) {
- ERROR("out is NULL\n");
+ /* check */
+ if (out == NULL) {
+ ERROR("null input\n");
return -1;
}
-
if (len == 0) {
out[0] = 0;
return 0;
}
+ if (in == NULL) {
+ ERROR("null input");
+ return 0;
+ }
/* Trans */
char *out;
int len2;
+ /* check */
+ if (in == NULL) {
+ ERROR("null input\n");
+ return NULL;
+ }
+
*outlen = _sizeofBase64Encode(inlen);
out = (char *) xmalloc_assert(*outlen);
if (out == NULL) {
int skip = 0;
int i;
+ /* check */
+ if (in == NULL) {
+ ERROR("null input\n");
+ return -1;
+ }
+
/* last char */
i = len - 1;
-//<<<<<<< HEAD
-// while (1) {
-//=======
while(i > 0) {
-//>>>>>>> 042e40b0979f3e44e75200271e4d1282ce08f72c
if (in[i] == '\n') {
/* skip */
skip++;
int len1;
int len2;
+ /* check */
+ if (in == NULL) {
+ ERROR("null input\n");
+ return NULL;
+ }
+
len1 = _sizeofBase64Decode(inlen);
out = (unsigned char *) xmalloc_assert(len1);
if (out == NULL) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_INIT_SUCCESS,
"\nptsc has successfully initialized!\n\n"));
+ INFO("ptsc has successfully initialized!\n");
goto free;
error:
OUTPUT(NLS(MS_OPENPTS, OPENPTS_INIT_FAIL,
"ptsc initialization was failed\n\n"));
printReason(ctx, 0);
+ INFO("ptsc initialization was failed\n");
free:
/* free */
int i;
// DEBUG("freePtsConfig()\n");
- ASSERT(NULL != conf, "conf is NULL\n");
+ /* check */
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (conf->config_dir != NULL) {
xfree(conf->config_dir);
xfree(conf->ir_dir);
}
conf->ir_dir = getFullpathName(conf->config_dir, value);
- DEBUG("conf->ir_dir : %s\n", conf->ir_dir);
+ DEBUG("conf->ir_dir : %s\n", conf->ir_dir);
} // BAD else {
// /* set this to some sensible default value so that ptsc.c doesn't seg fault */
// conf->ir_dir = smalloc("/tmp");
}
}
+ /* DEBUG */
+ if (!strncmp(name, "verbose", 7)) {
+ setVerbosity(atoi(value));
+ DEBUG("Verbosity : %d (set by conf)\n", getVerbosity());
+ }
+ if (!strncmp(name, "logging.location", 16)) {
+ if (!strncmp(value, "syslog", 6)) {
+ setLogLocation(OPENPTS_LOG_SYSLOG, NULL);
+ DEBUG("Logging location : syslog\n");
+ } else if (!strncmp(value, "console", 6)) {
+ setLogLocation(OPENPTS_LOG_CONSOLE, NULL);
+ DEBUG("Logging location : syslog\n");
+ } else {
+ ERROR("unknown aik.storage.type %s\n", value); // TODO
+ conf->aik_storage_type = 0;
+ }
+ }
+ if (!strncmp(name, "logging.file", 12)) {
+ char *log_filename;
+ log_filename = getFullpathName(conf->config_dir, value);
+ setLogLocation(OPENPTS_LOG_FILE, log_filename);
+ DEBUG("Logging location : file (%s)\n", log_filename);
+ xfree(log_filename);
+ }
+
cnt++;
} else {
/* accept only blank lines */
DEBUG_CAL("readOpenptsConf %s\n", filename);
+ /* check */
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
rc = readPtsConfig(conf, filename);
if (rc < 0) {
ERROR("readOpenptsConf - fail, rc = %d\n", rc);
*/
int setModelFile(OPENPTS_CONFIG *conf, int index, int level, char *filename) {
/* check */
- ASSERT(NULL != conf, "setModelFile()- conf is NULL\n");
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (level >= MAX_RM_NUM) {
ERROR("setModelFile()- PCR[%d] trying to affect a model file(%s) to a level(%d) greater than MAX_RM_NUM(%d)\n",
}
/* IML - reset & free */
- freeSnapshotTable(ctx->ss_table);
+ if (ctx->ss_table != NULL) {
+ freeSnapshotTable(ctx->ss_table);
+ }
/* Properties - free */
freePropertyChain(ctx->prop_start);
/* Policy - free */
- freePolicyChain(ctx->policy_start);
+ if (ctx->policy_start != NULL) {
+ freePolicyChain(ctx->policy_start);
+ }
/* Reason - free */
- freeReasonChain(ctx->reason_start);
+ if (ctx->reason_start != NULL) {
+ freeReasonChain(ctx->reason_start);
+ }
/* RM - free malloc at rm.c */
- freeRmContext(ctx->rm_ctx);
+ if (ctx->rm_ctx != NULL) {
+ freeRmContext(ctx->rm_ctx);
+ }
/* IR - free, malloc at ir.c */
- freeIrContext(ctx->ir_ctx);
+ if (ctx->ir_ctx != NULL) {
+ freeIrContext(ctx->ir_ctx);
+ }
/* Runtime Validation - free */
/* malloc */
ctx = (OPENPTS_FSM_CONTEXT *) xmalloc(sizeof(OPENPTS_FSM_CONTEXT));
if (ctx == NULL) {
+ ERROR("no memory");
return NULL;
}
/* init */
* Free OPENPTS_FSM_Transition chain
*/
void freeFsmTransitionChain(OPENPTS_FSM_Transition *fsm_trans) {
+ /* check */
+ if (fsm_trans == NULL) {
+ ERROR("null input");
+ return;
+ }
+
+ /* free */
if (fsm_trans->next != NULL) {
freeFsmTransitionChain(fsm_trans->next);
}
* Free OPENPTS_FSM_Subvertex chain
*/
void freeFsmSubvertexChain(OPENPTS_FSM_Subvertex *fsm_sub) {
+
+ /* check */
+ if (fsm_sub == NULL) {
+ ERROR("null input");
+ return;
+ }
+
+ /* chain */
if (fsm_sub->next != NULL) {
freeFsmSubvertexChain(fsm_sub->next);
}
+ /* free */
xfree(fsm_sub);
}
* free FSM context
*/
int freeFsmContext(OPENPTS_FSM_CONTEXT *ctx) {
- ASSERT(NULL != ctx, "ctx is NULL\n");
+
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* Transition */
if (ctx->fsm_trans != NULL) {
ctx->fsm_trans = NULL;
}
-
/* Subvertex */
if (ctx->fsm_sub != NULL) {
freeFsmSubvertexChain(ctx->fsm_sub);
* reset FSM subvertex
*/
void resetFsmSubvertex(OPENPTS_FSM_CONTEXT *ctx) {
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+
// fsm_sub=NULL;
ctx->subvertex_num = 0;
}
* reset FSM transition
*/
void resetFsmTransition(OPENPTS_FSM_CONTEXT *ctx) {
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+
// fsm_trans=NULL;
ctx->transition_num = 0;
}
DEBUG_CAL("addFsmSubvertex - %d \n", ctx->subvertex_num);
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (type == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (id == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (name == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (action == NULL) {
+ ERROR("null input");
+ return;
+ }
+
+ /* add */
ptr = ctx->fsm_sub;
for (i = 0; i <= ctx->subvertex_num; i++) {
if (ptr == NULL) {
ptr_pre->next = ptr; // else
ptr->prev = ptr_pre;
} else {
- ERROR("\n");
+ ERROR("BAD, free last one");
xfree(ptr); // free last one
return;
}
OPENPTS_FSM_Subvertex * getSubvertex(OPENPTS_FSM_CONTEXT *ctx, char * id) {
OPENPTS_FSM_Subvertex *ptr;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ if (id == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
+ /* Final? */
if (!strcmp(id, "Final")) return NULL; // final state
ptr = ctx->fsm_sub;
if (!strcmp(id, ptr->id)) return ptr;
ptr = (OPENPTS_FSM_Subvertex *) ptr->next;
}
+
return NULL;
}
int i;
OPENPTS_FSM_Subvertex *ptr;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ if (id == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
+ /* Final? */
if (!strcmp(id, "Final")) return id;
ptr = ctx->fsm_sub;
int i;
OPENPTS_FSM_Subvertex *ptr;
- // if (!strcmp(id, "Final")) return id;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ if (name == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
ptr = ctx->fsm_sub;
for (i = 0;i <= ctx->subvertex_num; i++) {
/// TRANSITION ///
-static char *skipWhiteSpace(char *str, int *len) {
+static char *skipWhiteSpace(char *str, int *len /* out */) {
char *cur = str, *end = str + *len;
+
+ /* check */
+ if (str == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
/* skip space */
while (cur < end &&
'\0' != *cur &&
}
static int isEndOfString(char *str) {
+ /* check */
+ if (str == NULL) {
+ ERROR("null input");
+ return 0; // TODO
+ }
+
return '\0' == *str;
}
-static char *skipParameter(char *str, int *len) {
+static char *skipParameter(char *str, int *len /* out */) {
char *cur = str, *end = str + *len;
+
+ /* check */
+ if (str == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
/* skip space */
while (cur < end &&
'\0' != *cur &&
* <body>eventtype == 0x01, digest == base64</body>
* -1: error
* 0: don't care
- * 1: ==
- * 2: !=
+ * 1: ==, eq
+ * 2: !=, ne
*
* Unit Test : check_fsm.c / test_getTypeFlag
*
*/
-int getTypeFlag(char * cond, UINT32 *eventtype) {
+int getTypeFlag(char * cond, UINT32 *eventtype /* out */) {
char * loc;
int len;
int rc = 0;
long int val; // TODO uint64_t? but build fail on i386 platform
- len = strlen(cond);
+ /* check */
+ if (cond == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+ len = strlen(cond);
loc = strstr(cond, "eventtype");
if (loc == NULL) { // miss
}
if ((loc[0] == '=') && (loc[1] == '=')) { // ==
rc = 1;
- } else if ((loc[0] == '!') && (loc[1] == '=')) { // ==
+ } else if ((loc[0] == 'e') && (loc[1] == 'q')) { // ==
+ rc = 1;
+ } else if ((loc[0] == '!') && (loc[1] == '=')) { // !=
+ rc = 2;
+ } else if ((loc[0] == 'n') && (loc[1] == 'e')) { // !=
rc = 2;
} else {
ERROR("ERROR 002 %c %c \n", loc[0], loc[1]);
DEBUG_CAL("getDigestFlag -");
+ /* check */
+ if (cond == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+
len = strlen(cond);
loc = strstr(cond, "digest");
return -1;
}
- /* digest == base64 (behavior model) */
-#if 0
- loc2 = strstr(loc, "base64");
- if (loc2 != NULL) { // HIT, temp
- /* Behavior Model */
- return 2;
- } else {
- /* Binary Model */
- /* Base64 str -> BYTE[] */
- buf = decodeBase64(
- (char *)loc,
- SHA1_BASE64_DIGEST_SIZE,
- &buf_len);
- if (buf == NULL) {
- ERROR("decodeBase64 fail");
- *digest = NULL;
- *digest_size = 0;
- return -1;
- }
- *digest = buf;
- // TODO buf_len >= SHA1_DIGEST_SIZE
- *digest_size = SHA1_DIGEST_SIZE;
- return 1;
- }
-#endif
if (NULL != strstr(loc, "base64!")) { // HIT, temp
/* Behavior Model */
return DIGEST_FLAG_IGNORE;
*digest_size = 0;
return -1;
}
-#if 0
- buf = (BYTE *) xmalloc(SHA1_DIGEST_SIZE + 1);
- if (buf == NULL) {
- return -1;
- }
-
- // TODO(munetoh) get len, "<"
- rc = decodeBase64(buf, SHA1_DIGEST_SIZE + 1, (unsigned char *)loc, SHA1_BASE64_DIGEST_SIZE);
- if (rc == SHA1_DIGEST_SIZE) {
- // TODO(munetoh) digest size change by alg
- // this code is SHA1 only
- *digest = buf;
- *digest_size = rc;
- return DIGEST_FLAG_EQUAL;
- } else {
- ERROR("getDigestFlag() - decodeBase64() was failed \n");
- xfree(buf);
- *digest = NULL;
- *digest_size = 0;
- return -1;
- }
-#endif
}
}
}
*
* Unit Test : check_fsm.c / test_getCounterFlag
*/
-int getCounterFlag(char *cond, char *name, char **flag) {
+int getCounterFlag(char *cond, char *name, char **flag /* out */) {
char * loc; // loc at value
char * loc2; // loc at flag
int len;
int len;
int rc = LAST_FLAG_SKIP;
+ /* check */
+ if (cond == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+
len = strlen(cond);
loc = strstr(cond, "last");
return LAST_FLAG_SKIP;
} else {
/* hit */
- // DEBUG("getLastFlag() - %s\n", cond);
-
/* skip count */
- loc += 5;
+ loc += 4; // 2011-12-30 5 => 4
len -= (loc - cond);
loc = skipWhiteSpace(loc, &len);
loc +=2;
len -=2;
} else {
- // ERROR("ERROR 002 [%s] not >= \n", &loc[0];
- return -1; // unknown operand
+ ERROR("Unknown operation [%s], cond=[%s], BAD Validation Model\n", &loc[0], cond);
+ return -1;
}
loc = skipWhiteSpace(loc, &len);
if (isEndOfString(loc)) {
+ ERROR("Unknown operation [%s]\n", &loc[0]);
return -1;
}
/* value */
-
loc2 = loc;
len = strlen(loc2);
- // DEBUG("[%d][%s]\n",len, loc2);
if (!strncmp(loc2, "true", 4)) {
// DEBUG("true\n");
/* == true */
} else {
rc = LAST_FLAG_EQ;
}
- // DEBUG("false %d\n",rc);
} else {
ERROR("unknown value, %s\n", loc2);
}
DEBUG_CAL("addFsmTransition - start\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (source == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (target == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (cond == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* trans */
ptr = ctx->fsm_trans;
for (i = 0; i <= ctx->transition_num; i++) {
if (ptr == NULL) { // new
ptr = (OPENPTS_FSM_Transition *)
xmalloc(sizeof(OPENPTS_FSM_Transition));
if (ptr == NULL) {
+ ERROR("no memory");
return PTS_INTERNAL_ERROR;
}
/* init */
ptr->prev = ptr_pre;
ptr->next = NULL; // last trans
} else {
- ERROR("\n");
+ ERROR("BAD, free last one");
xfree(ptr); // free last one
return PTS_INTERNAL_ERROR;
}
/* check */
if (ctx == NULL) {
- ERROR("ctx == NULL");
+ ERROR("null input");
return -1;
}
if (name == NULL) {
- ERROR("name == NULL");
+ ERROR("null input");
return -1;
}
} else {
/* Miss -> 1 */
// TODO
- DEBUG("getCountFromProperty - prop %s is missing. set count to 1\n", name);
+ DEBUG("getCountFromProperty - prop %s is missing. add property with count=1\n", name);
+ addProperty(ctx, name, "1");
count = 1; // TODO
}
return count;
OPENPTS_PCR_EVENT_WRAPPER *eventWrapper
) {
int rc = OPENPTS_FSM_SUCCESS;
- OPENPTS_FSM_Subvertex *curr_state = fsm->curr_state;
- OPENPTS_FSM_Transition *trans = fsm->fsm_trans;
+ OPENPTS_FSM_Subvertex *curr_state;
+ OPENPTS_FSM_Transition *trans;
TSS_PCR_EVENT *event;
int type_check;
int digest_check;
DEBUG_CAL("updateFsm - start\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (fsm == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ curr_state = fsm->curr_state;
if (curr_state == NULL) {
DEBUG_FSM("[RM%02d-PCR%02d] updateFsm() - curr_state == NULL => set the FSM state to 'Start'\n",
fsm->level, fsm->pcr_index);
curr_state = getSubvertex(fsm, "Start");
}
+ trans = fsm->fsm_trans;
/* Null event -> push FSM until Final state */
// TODO(munetoh) dummy event does not need event. just add flag to the wrapper
DEBUG_FSM("copyFsm - start, PCR[%d]\n", src_fsm->pcrIndex);
+ /* check */
if (src_fsm == NULL) {
DEBUG("src_fsm == NULL, SKIP COPY\n");
return NULL;
OPENPTS_FSM_Transition *fsm_trans;
int count = 0;
+ /* check */
+ if (fsm_ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (old_sub == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (new_sub == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* */
fsm_trans = fsm_ctx->fsm_trans;
/* check all trans to B */
OPENPTS_FSM_Transition *fsm_trans;
int count = 0;
+ /* check */
+ if (fsm_ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (old_sub == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (new_sub == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* */
fsm_trans = fsm_ctx->fsm_trans;
/* check all trans to B */
DEBUG_FSM("insertFsm - start\n");
/* check input */
- ASSERT(NULL != fsm_trans, "ERROR fsm_trans == NULL\n");
+ if (fsm_ctx == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+ if (fsm_trans == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+ if (eventWrapper == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+ event = eventWrapper->event;
+ if (event == NULL) {
+ ERROR("null input");
+ return -1;
+ }
if (fsm_trans->source_subvertex == NULL) {
ERROR("ERROR fsm_trans->source_subvertex == NULL, %s -> %s\n",
return -1;
}
- if (eventWrapper == NULL) {
- return -1;
- }
/* start */
-
- event = eventWrapper->event;
-
if (fsm_trans->source_subvertex == fsm_trans->target_subvertex) {
/* OK, this is LOOP, */
DEBUG_FSM("Loop (%s->%s) has %d events\n",
DEBUG_FSM("\tUpdate Trans BIN(%s -> %s)\n",
fsm_trans->source, fsm_trans->target);
} else {
- ASSERT(0, "BAD LOOP\n");
+ ERROR("BAD LOOP");
+ return PTS_FATAL;
}
} else {
- ASSERT(0, "Not a loop");
+ ERROR("Not a loop");
+ return PTS_FATAL;
}
DEBUG_FSM("insertFsm - done\n");
OPENPTS_FSM_Transition * trans_prev;
OPENPTS_FSM_Transition * trans_next;
+ /* check */
+ if (fsm_ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (trans == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* save */
trans_prev = trans->prev;
trans_next = trans->next;
//
}
- // TODO(munetoh) Free
-
return rc;
}
OPENPTS_FSM_CONTEXT *fsm_ctx,
OPENPTS_FSM_Subvertex * sub) {
int rc =0;
-
OPENPTS_FSM_Subvertex * sub_prev;
OPENPTS_FSM_Subvertex * sub_next;
+ /* check */
+ if (fsm_ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (sub == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* save */
sub_prev = sub->prev;
sub_next = sub->next;
int hit;
OPENPTS_FSM_Transition * trans;
OPENPTS_FSM_Transition * trans_next;
-
OPENPTS_FSM_Subvertex * sub;
OPENPTS_FSM_Subvertex * sub_next;
- ASSERT(NULL != fsm_ctx, "ERROR No FSM TRANS\n");
+ /* check */
+ if (fsm_ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
DEBUG_FSM("cleanupFsm - start, PCR[%d]\n", fsm_ctx->pcrIndex);
return rc;
}
-
-
-
-
-
-
-
-
-
-
/**
* write DOT State Diagram for Graphviz
* dot -Tpng tests/bios_pcr0.dot -o tests/bios_pcr0.png; eog tests/bios_pcr0.png
DEBUG("writeDotModel - start %s\n", filename);
/* check */
- ASSERT(NULL != ctx, "writeDotModel() - OPENPTS_FSM_CONTEXT is NULL\n");
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (filename == NULL) {
fp = stdout;
OPENPTS_FSM_Transition *ptr;
/* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return -1;
+ }
if (filename == NULL) {
ERROR("writeCsvTable - filename is NULL\n");
return -1;
int i, j;
OPENPTS_FSM_Transition *ptr;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
OUTPUT(NLS(MS_OPENPTS, OPENPTS_PRINT_FSM_HEADER,
"ctx->transition_num = %d\n"
"trans\t\tcurrent state\t\t\tcondition\t\t\\ttnext state\n"
for (i = 0; i < ctx->transition_num; i++) {
if (ptr == NULL) {
ERROR("PTR is NULL at %d\n", i);
- return -1;
+ return PTS_FATAL;
}
OUTPUT("%5d ", i);
OUTPUT("%30s ", getSubvertexName(ctx, ptr->source));
return rc;
}
-
-
-
-
-
-
-
-
-
-
-
#define MAX_TLV_MESSAGE_LENGTH 5120000
void htoncl(uint8_t *ptr, uint32_t value) {
+ /* check */
+ if (ptr == NULL) {
+ ERROR("null input");
+ return;
+ }
/* Convert value to network endian */
*ptr++ = (uint8_t)(value >> 24);
*ptr++ = (uint8_t)(value >> 16);
}
uint32_t nctohl(uint8_t *ptr) {
+ /* check */
+ if (ptr == NULL) {
+ ERROR("null input");
+ return 0;
+ }
+
return ((uint32_t)ptr[0] << 24) | ((uint32_t)ptr[1] << 16) |
((uint32_t)ptr[2] << 8) | ptr[3];
}
// http://linux.die.net/man/2/sendfile
// sendfile - transfer data between file descriptors
+// TODO offset?
ssize_t my_sendfile(int out_fd, int in_fd, off_t *offset, size_t count) {
char buf[SENDFILE_BUF_SIZE];
ssize_t read_size;
DEBUG_IFM("my_sendfile(), size=%d ############################\n", count);
- // offset == NULL
do {
/* set read size */
if ((count - sum) > SENDFILE_BUF_SIZE) {
DEBUG_IFM("copyfile(), size=%d ############################\n", count);
- // offset == NULL
+ /* check */
+ if (buf == NULL) {
+ ERROR("null input");
+ return 0;
+ }
+
do {
/* set read size */
if ((count - ptr) > SENDFILE_BUF_SIZE) {
/* malloc TLV for read */
read_tlv = (PTS_IF_M_Attribute *)xmalloc(sizeof(PTS_IF_M_Attribute));
if (read_tlv == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(read_tlv, 0, sizeof(PTS_IF_M_Attribute));
/* read IF-M header */
rc = wrapRead(fdin, head, 12);
if (rc == 0) {
- ERROR("sock read fail. probably end of the handshake\n");
+ DEBUG_IFM("sock read fail. probably end of the handshake\n");
goto error;
}
* free PTS_IF_M_Attribute
*/
void freePtsTlv(PTS_IF_M_Attribute *tlv) {
+ /* check */
if (tlv == NULL) {
+ ERROR("null input");
return;
}
PTS_IF_M_Attribute *write_tlv;
if ((buf = xmalloc(12 + length)) == NULL) {
+ ERROR("no memory");
return NULL;
}
/* setup TLV header */
int ptr;
int rc;
UINT16 nbou16;
-
int fsize[MAX_RM_NUM];
int fd[MAX_RM_NUM];
int count[MAX_RM_NUM];
struct stat st[MAX_RM_NUM];
-
UINT32 num;
DEBUG("writePtsTlvToSock - start\n");
/* check */
- ASSERT(NULL != ctx, "ctx is NULL\n");
-
+ if (ctx == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
conf = ctx->conf;
- ASSERT(NULL != conf, "conf is NULL\n");
+ if (conf == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
/* init fd[] */
for (i = 0; i < MAX_RM_NUM; i++) {
#ifdef CONFIG_AIDE
case REQUEST_AIDE_DATABASE:
#endif
-// {
buf = getTlvBuffer(type, 0);
if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
goto error;
}
break;
-// }
-
/* Collector <-> Verifier */
case OPENPTS_CAPABILITIES:
{
buf = getTlvBuffer(type, length);
if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
goto error;
}
length = ctx->conf->pubkey_length;
buf = getTlvBuffer(type, length);
if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
goto error;
}
/* check */
if (conf->newrm_num == 0) {
/* New RM is missing => send Error massage */
+ DEBUG_IFM("New RM is missing. send Error massage\n");
ctx->ifm_errno = PTS_FATAL;
ctx->ifm_strerror = smalloc_assert("New Manifest not found, check the collector");
goto error;
buf = getTlvBuffer(type, length);
if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
goto error;
}
ptr = 12;
{
length = ctx->nonce->nonce_length;
buf = getTlvBuffer(type, length);
- if (buf == NULL) goto error;
+ if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
+ goto error;
+ }
memcpy(&buf[12], ctx->nonce->nonce, length);
break;
}
buf = getTlvBuffer(type, length);
if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
goto error;
}
ptr = 12;
buf = getTlvBuffer(type, length);
if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
goto error;
}
ptr = 12;
buf = getTlvBuffer(type, length);
if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
goto error;
}
ptr = 12;
buf = getTlvBuffer(type, length);
if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
goto error;
}
ptr = 12;
buf = getTlvBuffer(type, length);
if (buf == NULL) {
+ ERROR("getTlvBuffer() is null");
goto error;
}
ptr = 12;
DEBUG_CAL("writePtsTlvToSock - start\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+
message = getPtsTlvMessage(ctx, type, &length);
if (message != NULL) {
rc = wrapWrite(fdout, message, length);
DEBUG_IFM("writePtsTlv - type=%d, length = %d", type, length);
} else {
+ DEBUG_IFM("getPtsTlvMessage() is null");
goto error;
}
return rc;
error:
- ERROR("writePtsTlvToSock()\n");
+ DEBUG_IFM("writePtsTlvToSock() fail, send error mgs\n");
/* send ERROR */
len = writePtsTlv(ctx, fdout, OPENPTS_ERROR);
* \brief TCG TNC IF-IMC v1.2 R8
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-05-07
- * cleanup 2011-08-22 SM
+ * cleanup 2011-12-31 SM
*
* http://www.trustedcomputinggroup.org/resources/tnc_ifimc_specification
* http://www.trustedcomputinggroup.org/files/resource_files/8CB977E1-1D09-3519-AD48484530EF6639/TNC_IFIMC_v1_2_r8.pdf
imcID, minVersion, maxVersion);
if (initialized) {
+ ERROR("not initialized");
return TNC_RESULT_ALREADY_INITIALIZED;
}
/* check version - Only support version 1 */
if ((minVersion < TNC_IFIMC_VERSION_1) ||
(maxVersion > TNC_IFIMC_VERSION_1)) {
+ ERROR("no common version");
return TNC_RESULT_NO_COMMON_VERSION;
}
/* initialize PTS Collector */
conf = newPtsConfig();
if (conf == NULL) {
- // ERROR("Can not allocate OPENPTS_CONFIG\n");
+ ERROR("no memory");
rc = TNC_RESULT_FATAL;
goto error;
}
ctx = newPtsContext(conf);
if (ctx == NULL) {
- ERROR("Can not allocate OPENPTS_CONTEXT\n");
+ ERROR("no memory\n");
rc = TNC_RESULT_FATAL;
goto error;
}
DEBUG("TNC_IMC_NotifyConnectionChange\n");
/* check internal status */
- if (!initialized)
+ if (!initialized) {
+ ERROR("not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
/* check ID */
- if (imcID != id)
+ if (imcID != id) {
+ ERROR("BAD id");
return TNC_RESULT_INVALID_PARAMETER;
+ }
/* ID */
cid = connectionID;
-
return TNC_RESULT_SUCCESS;
}
(int)imcID, (int)connectionID);
/* check internal status */
- if (!initialized)
+ if (!initialized) {
+ ERROR("not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
/* check ID */
- if (imcID != id)
+ if (imcID != id) {
+ ERROR("bad id");
return TNC_RESULT_INVALID_PARAMETER;
+ }
/* connection ID */
cid = connectionID;
// DEBUG("TNC_IMC_ReceiveMessage msg=%s\n", messageBuffer);
/* check internal status */
- if (!initialized)
+ if (!initialized) {
+ ERROR("not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
/* check ID */
- if (imcID != id)
+ if (imcID != id) {
+ ERROR("bad id");
return TNC_RESULT_INVALID_PARAMETER;
+ }
/* connection ID */
- if (connectionID != cid)
+ if (connectionID != cid) {
+ ERROR("bad cid");
return TNC_RESULT_INVALID_PARAMETER;
+ }
/* */
DEBUG_IFM("[C<-V] imcID=%d, connectionID=%d, type=0x%x, msg[%d]\n",
if (messageType == ((TNC_VENDORID_OPENPTS << 8) | TNC_SUBTYPE_OPENPTS)) {
/* OPENPTS */
read_tlv = (PTS_IF_M_Attribute*)messageBuffer;
+ if (read_tlv == NULL) {
+ // TODO should send error?
+ ERROR("TLV is null");
+ return TNC_RESULT_FATAL;
+ }
/* check VID */
// TODO read_tlv->
(TNC_BufferReference) msg,
len,
((TNC_VENDORID_OPENPTS << 8) | TNC_SUBTYPE_OPENPTS));
- DEBUG_IFM("[C->V] TPM_PUBKEY[%d]\n", len);
+ if (rc != TNC_RESULT_SUCCESS) {
+ ERROR("[C->V] TPM_PUBKEY[%d] fail", len);
+ return TNC_RESULT_FATAL;
+ } else {
+ DEBUG_IFM("[C->V] TPM_PUBKEY[%d]\n", len);
+ }
break;
case REQUEST_RIMM_SET:
(TNC_BufferReference) msg,
len,
((TNC_VENDORID_OPENPTS << 8) | TNC_SUBTYPE_OPENPTS));
- DEBUG_IFM("[C->V] RIMM_SET[%d]\n", len);
+ if (rc != TNC_RESULT_SUCCESS) {
+ ERROR("[C->V] RIMM_SET[%d] fail\n", len);
+ return TNC_RESULT_FATAL;
+ } else {
+ DEBUG_IFM("[C->V] RIMM_SET[%d]\n", len);
+ }
break;
case NONCE:
(TNC_BufferReference) msg,
len,
((TNC_VENDORID_OPENPTS << 8) | TNC_SUBTYPE_OPENPTS));
- DEBUG_IFM("[C->V] INTEGRITY_REPORT[%d]\n", len);
-
+ if (rc != TNC_RESULT_SUCCESS) {
+ ERROR("[C->V] INTEGRITY_REPORT[%d] fail", len);
+ return TNC_RESULT_FATAL;
+ } else {
+ DEBUG_IFM("[C->V] INTEGRITY_REPORT[%d]\n", len);
+ }
break;
default:
DEBUG("TNC_IMC_BatchEnding\n");
/* check internal status */
- if (!initialized)
+ if (!initialized) {
+ ERROR("not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
/* check ID */
- if (imcID != id)
+ if (imcID != id) {
+ ERROR("bad id");
return TNC_RESULT_INVALID_PARAMETER;
+ }
/* connection ID */
- if (connectionID != cid)
+ if (connectionID != cid) {
+ ERROR("bad cid");
return TNC_RESULT_INVALID_PARAMETER;
+ }
DEBUG_IFM("C imcID=%d, connectionID=%d - TNC_IMC_BatchEnding\n", (int)imcID, (int)connectionID);
DEBUG("TNC_IMC_Terminate\n");
/* check internal status */
- if (!initialized)
+ if (!initialized) {
+ ERROR("not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
/* check ID */
- if (imcID != id)
+ if (imcID != id) {
+ ERROR("bad id");
return TNC_RESULT_INVALID_PARAMETER;
+ }
/* connection ID */
// TODO(munetoh)
DEBUG("TNC_TNCC_ReportMessageTypes() - imcID=%d, supportedTypes=0x%X, typeCount=%d\n",
imcID, supportedTypes, typeCount);
- if (!reportMessageTypesPtr)
+ if (!reportMessageTypesPtr) {
+ ERROR("null input");
return TNC_RESULT_FATAL;
+ }
return (*reportMessageTypesPtr)(
imcID,
DEBUG("TNC_TNCC_SendMessage msg='%s' type=0x%x\n",
message, (int)messageType);
- if (!sendMessagePtr)
+ if (!sendMessagePtr) {
+ ERROR("null input");
return TNC_RESULT_FATAL;
+ }
DEBUG_IFM("[C->V] imcID=%d, connectionID=%d, type=0x%x, msg[%d]\n",
(int)imcID, (int)connectionID, (int)messageType, (int)messageLength);
DEBUG("TNC_IMC_ProvideBindFunction() - imcID=%d\n", imcID);
/* check internal status */
- if (!initialized)
+ if (!initialized) {
+ ERROR("not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
/* check ID */
- if (imcID != id)
+ if (imcID != id) {
+ ERROR("bad id");
return TNC_RESULT_INVALID_PARAMETER;
-
+ }
/* Bind */
if (bindFunction) {
int resetSnapshot(OPENPTS_SNAPSHOT * snapshots) {
int i, j;
OPENPTS_SNAPSHOT *ss;
-
TSS_PCR_EVENT *event;
OPENPTS_PCR_EVENT_WRAPPER *eventWrapper;
OPENPTS_PCR_EVENT_WRAPPER *eventWrapper_next;
+ /* check */
+ if (snapshots == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* reset PCRs */
for (i = 0; i < MAX_PCRNUM; i++) {
ss = &snapshots[i];
eventWrapper = ss->start;
ew = (OPENPTS_PCR_EVENT_WRAPPER *)xmalloc(sizeof(OPENPTS_PCR_EVENT_WRAPPER));
if (ew == NULL) {
+ ERROR("no memory");
return NULL;
}
* free
*/
void freeEventWrapper(OPENPTS_PCR_EVENT_WRAPPER * ew) {
- // TODO
+ /* check */
+ if (ew == NULL) {
+ ERROR("null input");
+ return;
+ }
+
xfree(ew);
}
void freeEventWrapperChain(OPENPTS_PCR_EVENT_WRAPPER * ew) {
TSS_PCR_EVENT *event;
- ASSERT(NULL != ew, "OPENPTS_PCR_EVENT_WRAPPER is NULL\n");
+ /* check */
+ if (ew == NULL) {
+ ERROR("null input");
+ return;
+ }
+ /* chain */
if (ew->next_pcr != NULL) {
freeEventWrapperChain(ew->next_pcr);
}
event = ew->event;
if (event != NULL) {
- // {
- // OPENPTS_SNAPSHOT *ss = ew->snapshot;
- // DEBUG("freeEventWrapperChain() - free event index=%3d pcr=%2d level =%d type=0x%04x\n",
- // ew->index, event->ulPcrIndex, ss->level, event->eventType);
- // }
if (event->rgbPcrValue != NULL)
xfree(event->rgbPcrValue);
if (event->rgbEvent != NULL)
DEBUG_CAL("addEventToSnapshot - start\n");
- ASSERT(NULL != eventWrapper, "addEventToSnapshotBhv - eventWrapper is NULL\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (eventWrapper == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (eventWrapper->event == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ /* PCR index */
index = eventWrapper->event->ulPcrIndex;
-
DEBUG_FSM("[PCR%02d] addEventToSnapshotBhv()\n", index);
/* skip Bad Snapshot/PCR[n] */
/* level 0 SS is null => check Level 1 SS */
ss = getSnapshotFromTable(ctx->ss_table, index, 1);
if (ss == NULL) {
+ ERROR("getSnapshotFromTable(%d,1) is null", index);
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_SNAPSHOT_MISSING,
"[PCR%02d] Snapshot(FSM) is missing for PCR%d. "
"Please check the configuration file '%s'"),
DEBUG_FSM("[PCR%02d] RM0 -> RM1 (RM0 is missing)\n", index);
} else {
/* FSM is missing */
+ ERROR("getSnapshotFromTable(), FSM is null");
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_FSM_MISSING,
"[RM01-PCR%02d] FSM is missing for PCR%d, Level 1. "
"Please check the configuration file '%s'"),
ss = getSnapshotFromTable(ctx->ss_table, index, 1);
if (ss == NULL) {
/* SS is missing */
+ ERROR("getSnapshotFromTable(), ss is null");
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_SNAPSHOT_MISSING_2,
"[PCR%02d] Snapshot is missing for PCR%d for Level 0 and 1. "
"Please check the configuration file '%s'"),
active_level = 1;
} else {
/* FSM is missing*/
+ ERROR("getSnapshotFromTable(), FSM is null");
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_FSM_MISSING_2,
"[RM01-PCR%02d] FSM is missing for PCR%d, Level 1. Please check the configuration file '%s'"),
index,
ss = getSnapshotFromTable(ctx->ss_table, index, 1);
if (ss == NULL) {
/* SS is missing */
- DEBUG("ss == NULL => Reason\n");
+ ERROR("getSnapshotFromTable(), ss is null");
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_SNAPSHOT_MISSING_6,
"[RM%02d-PCR%02d] Snapshot is missing for PCR%d, Level %d. Please check the configuration file '%s'"),
active_level,
/* check FSM */
if (ss->fsm_behavior == NULL) {
/* FSm is missing */
- DEBUG("ss->fsm_behavior == NULL => Reason\n");
+ ERROR("getSnapshotFromTable(), FSM is null");
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_FSM_MISSING_3,
"[RM%02d-PCR%02d] FSM is missing for PCR%d, Level %d. Please check the configuration file '%s'"),
active_level,
ERROR("ss->fsm_behavior->uml_file == NULL");
// TODO
} else {
+ ERROR("IML validation by FSM has failed.");
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_VALIDATION_FAILED,
"[RM%02d-PCR%02d] IML validation by FSM has failed. State='%s' at the FSM is '%s'"),
active_level,
int addEventToSnapshotBin(
OPENPTS_CONTEXT * ctx,
OPENPTS_PCR_EVENT_WRAPPER * eventWrapper) {
+ int rc;
int index;
int active_level;
OPENPTS_SNAPSHOT *ss;
- int rc;
DEBUG_CAL("addEventToSnapshotBin - start\n");
/* check */
- ASSERT(NULL != eventWrapper, "null eventWrapper\n");
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (eventWrapper == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (eventWrapper->event == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ /* PCR index */
index = eventWrapper->event->ulPcrIndex;
/* Get active snapshot level of this PCR */
/* check next level (1) */
if (ss == NULL) {
- // ERROR("addEventToSnapshotBin() - pcr=%d Level=%d snapshots is missing\n",index, active_level);
+ ERROR("addEventToSnapshotBin() - pcr=%d Level=%d snapshots is missing\n",index, active_level);
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_SNAPSHOT_MISSING_3, "[PCR%02d] Snapshot(FSM) is missing"),
index);
ctx->ss_table->error[index] = PTS_INTERNAL_ERROR;
active_level,
index);
} else {
+ DEBUG("IR validation by RM has failed");
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_IR_VALIDATION_FAILED_4,
"[RM%02d-PCR%02d-%s] IR validation by RM has failed"),
active_level,
/* check the next level */
ss = getSnapshotFromTable(ctx->ss_table, index, 1);
if (ss == NULL) {
- // ERROR("no BIN-FSM at level 0, no SS at level 1\n");
+ ERROR("no BIN-FSM at level 0, no SS at level 1\n");
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_SNAPSHOT_MISSING_4,
"[PCR%02d] Snapshot(FSM) is missing"),
index);
rc = updateFsm(ctx, ss->fsm_binary, eventWrapper);
if (rc == OPENPTS_FSM_ERROR) {
DEBUG_FSM("No trans, return PTS_INVALID_SNAPSHOT at %s\n", ss->fsm_binary->curr_state->name);
- DEBUG("updateFsm fail\n");
+ ERROR("updateFsm fail\n");
addReason(ctx, index, NLS(MS_OPENPTS, OPENPTS_IML_IR_VALIDATION_FAILED_5,
"[RM%02d-PCR%02d-%s] IR validation by RM has failed"),
active_level + 1,
OPENPTS_CONTEXT * ctx,
int index) {
int active_level;
+ int rc;
OPENPTS_SNAPSHOT *ss;
OPENPTS_SNAPSHOT *ss_lv0 = NULL;
- int rc;
+
DEBUG_CAL("flashSnapshot - start\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/*
Active FSM(LV0) FSM(LV1) new level
----------------------------------------
#else // CONFIG_NO_TSS
int getIml(OPENPTS_CONTEXT * ctx, int option) {
int rc = 0;
+ int i;
+ int error = 0;
TSS_RESULT result;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_PCR_EVENT *pcrEvents;
UINT32 ulEventNumber = 0;
OPENPTS_PCR_EVENT_WRAPPER *ew_new = NULL;
- // OPENPTS_PCR_EVENT_WRAPPER *ew_last = NULL;
- int i;
- int error = 0;
DEBUG_CAL("getIml - start\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* clean up TPM */
resetTpm(&ctx->tpm, 0); // reset TPM DRTM=off
/* check SS table */
- ASSERT(NULL != ctx->ss_table, "getIml - ctx->ss_table is NULL\n");
+ if (ctx->ss_table == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* Connect to TCSD */
result = Tspi_Context_Create(&hContext);
UINT32 in;
UINT32 out;
+ /* check */
+ if (stream == NULL) {
+ ERROR("null input");
+ return 0xFFFFFFFF;
+ }
+
+ /* read */
size = fread(&data, 1, 4, stream);
if (size != 4) {
DEBUG_CAL("getBiosImlFile - start\n");
// DEBUG("read BIOS IML, file %s\n", filename);
- ASSERT(NULL != ctx, "ERROR\n"); // TODO(munetoh)
- ASSERT(NULL != filename, "ERROR\n"); // TODO(munetoh)
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* open file */
if ((fp = fopen(filename, "rb")) == NULL) {
event = (TSS_PCR_EVENT *) xmalloc(sizeof(TSS_PCR_EVENT));
if (event == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
event->ulPcrValueLength = SHA1_DIGEST_SIZE;
event->rgbPcrValue = (BYTE *) xmalloc(SHA1_DIGEST_SIZE); // leaked
if (event->rgbPcrValue == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
}
/* malloc EventData */
if ((event->rgbEvent = xmalloc_assert(eventLength)) == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
goto close;
}
-#if 0
- // DEBUG SMBIOS
- if (eventLength > 2000) {
- TODO("eventLength = %d\n", eventLength);
- printHex("", event->rgbEvent, eventLength, "\n");
- }
-#endif
-
/* create event wrapper */
ew_new = (OPENPTS_PCR_EVENT_WRAPPER *)
xmalloc(sizeof(OPENPTS_PCR_EVENT_WRAPPER));
if (ew_new == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
/* TPM Extend */
result = extendTpm(&ctx->tpm, ew_new->event);
- if (result !=0) {
+ if (result != PTS_SUCCESS) {
ERROR("extend TPM fail\n");
rc = PTS_INTERNAL_ERROR;
goto close;
DEBUG_CAL("readImaImlFile - start\n");
- ASSERT(NULL != ctx, "getImaImlFile - ctx is NULL\n"); // TODO(munetoh)
- ASSERT(NULL != filename, "getImaImlFile - no filename\n"); // TODO(munetoh)
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* open file */
if ((fp = fopen(filename, "rb")) == NULL) {
/* alloc event structure */
event = (TSS_PCR_EVENT *) xmalloc(sizeof(TSS_PCR_EVENT));
if (event == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
event->ulPcrValueLength = SHA1_DIGEST_SIZE;
event->rgbPcrValue = (BYTE *) xmalloc(SHA1_DIGEST_SIZE);
if (event->rgbPcrValue == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
}
/* alloc eventdata */
if ((event->rgbEvent = xmalloc(event->ulEventLength)) == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
event->ulPcrValueLength = SHA1_DIGEST_SIZE;
event->rgbPcrValue = (BYTE *) xmalloc(SHA1_DIGEST_SIZE);
if (event->rgbPcrValue == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
event->ulEventLength = 20 + 256; // TODO(munetoh)
event->rgbEvent = xmalloc(event->ulEventLength);
if (event->rgbEvent == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
/* read Digest (SHA1) */
event->ulPcrValueLength = SHA1_DIGEST_SIZE;
event->rgbPcrValue = (BYTE *) xmalloc_assert(SHA1_DIGEST_SIZE);
+ if (event->rgbPcrValue == NULL) {
+ ERROR("no memory");
+ rc = PTS_FATAL;
+ goto close;
+ }
size = fread(event->rgbPcrValue, 1, SHA1_DIGEST_SIZE, fp);
if (size != SHA1_DIGEST_SIZE) {
event->ulEventLength = 20 + 256; // TODO(munetoh)
event->rgbEvent = xmalloc(event->ulEventLength);
if (event->rgbEvent == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
ew = (OPENPTS_PCR_EVENT_WRAPPER *)
xmalloc(sizeof(OPENPTS_PCR_EVENT_WRAPPER));
if (ew == NULL) {
+ ERROR("no memory");
rc = PTS_FATAL;
goto close;
}
DEBUG_CAL("setPcrsToSnapshot\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (pcrs == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* snapshots */
for (i = 0; i < pcrs->pcr_num; i++) {
int j;
int i;
int pcrNum = 0;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* Connect to TCSD */
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
UINT32 tmp;
char *e;
+ /* check */
+ if (buf == NULL) {
+ ERROR("null input");
+ return 0;
+ }
+
tmp = strtol(&buf[offset], &e, 16);
return (BYTE) (0xFF & tmp);
OPENPTS_SNAPSHOT *ss1;
/* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* open */
if ((fp = fopen(filename, "r")) == NULL) {
OPENPTS_TPM_CONTEXT *tpm;
OPENPTS_SNAPSHOT *ss;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
tpm = &ctx->tpm;
DEBUG("validatePcr - start, Iml->PCR vs TPM\n");
int j;
TSS_PCR_EVENT *event;
- event = eventWrapper->event;
+ /* check */
+ if (eventWrapper == NULL) {
+ ERROR("null input");
+ return;
+ }
+ event = eventWrapper->event;
if (event != NULL) {
OUTPUT("%4d ", (int)event->ulPcrIndex);
OUTPUT("%8x ", event->eventType);
}
}
-#if 0
-// obsolete functions
-/**
- * \brief print event of selected PCR index
- * \return num of event
- */
-int printImlByPcr(
- OPENPTS_CONTEXT * ctx,
- UINT32 index,
- UINT32 offset) {
- int i, j;
- OPENPTS_SNAPSHOT *ss;
- OPENPTS_PCR_EVENT_WRAPPER *eventWrapper;
- char buf[SHA1_BASE64_DIGEST_SIZE + 1];
- // int len;
-
- /* snapshot */
- ss = getSnapshotFromTable(ctx->ss_table, index, 0);
- if (ss == NULL) {
- ERROR("printImlByPcr() - no ss at pcr=%d, level=0\n", index);
- return -1;
- }
-
- eventWrapper = ss->start;
-
- OUTPUT("PCR[%d]\n", index);
-
- for (i = 0; i < ctx->ss_table->event_num; i++) {
- OUTPUT(" %3d %3d %08x ",
- offset + i,
- eventWrapper->event->ulPcrIndex,
- eventWrapper->event->eventType);
- /* hex */
- for (j = 0; j < 20; j++) {
- OUTPUT("%02x", eventWrapper->event->rgbPcrValue[j]);
- }
-
- /* base64 */
- // len = encodeBase64(
- // (unsigned char *)buf,
- // (unsigned char *)eventWrapper->event->rgbPcrValue,
- // 20);
-
- OUTPUT(" (%s) \n", buf);
- eventWrapper = eventWrapper->next_pcr;
- if (eventWrapper == NULL) break;
- }
-
-
- return i;
-}
-
-/**
- * \brief print all events
- */
-int printIml(OPENPTS_CONTEXT * ctx) {
- int i;
- int rc = 0;
-
- for (i = 0; i < MAX_PCRNUM; i++) {
- rc += printImlByPcr(ctx, i, rc);
- }
-
- return rc;
-}
-#endif
-
-#if 0
-// TODO REMOVE
-/**
- * print TSS_PCR_EVENT
- *
- * TODO(munetoh) use fprintEventData in iml2text.c
- */
-void printEvent(TSS_PCR_EVENT *event) {
- int i;
-
- if (event != NULL) {
- int index = (int) event->ulPcrIndex;
- int type = event->eventType;
- int len = event->ulEventLength;
- int pcr4_grub = 0;
- int pcr5_grub = 0;
- char buf[256];
-
- OUTPUT("%4d ", index);
- OUTPUT("%8x ", type);
- for (i = 0; i < (int)event->ulPcrValueLength; i++) {
- OUTPUT("%02x", event->rgbPcrValue[i]);
- }
- OUTPUT(" eventdata[%4d] ", event->ulEventLength);
-
- if (len < 256) {
- memcpy(buf, event->rgbEvent, event->ulEventLength);
- buf[event->ulEventLength] = 0;
- } else {
- memcpy(buf, event->rgbEvent, 255);
- buf[255] = 0;
- }
-
- if (index == 10) { // Linux-IMA
- if (type == 2) {
- OUTPUT("[IMA-LKM:%s] ", buf);
- } else if (type == 1) {
- OUTPUT("[IMA-EXE:%s] ", buf);
- } else if (type == 0) {
- // OUTPUT("[IMA:%s] ", buf);
- OUTPUT("[IMA] ");
- } else if ((type & 0xFFFF) == 4) {
- OUTPUT("[IMA-USR,0x%04x:%s] ", (type >> 16), buf);
- } else {
- OUTPUT("[???:%s] ", buf);
- }
- } else if (index <= 8) { // BIOS + Grub
- switch (type) {
- case 0:
- OUTPUT("[BIOS:EV_PREBOOT_CERT(EV_CODE_CERT)]");
- break;
- case 1:
- OUTPUT("[BIOS:EV_POST_CODE(EV_CODE_NOCERT)]");
- break;
- case 2:
- OUTPUT("[BIOS:EV_UNUSED(EV_XML_CONFIG)]");
- break;
- case 3:
- OUTPUT("[BIOS:EV_NO_ACTION]");
- break;
- case 4:
- if ((pcr4_grub > 1) && (index == 4)) {
- OUTPUT("[GRUB:EV_SEPARATOR, %s]", buf);
- } else if ((pcr5_grub > 0) && (index == 5)) {
- OUTPUT("[GRUB:EV_SEPARATOR, %s]", buf);
- } else if (index == 8) {
- OUTPUT("[GRUB:EV_SEPARATOR, %s]", buf);
- } else if (len == 4) { // V1.2
- OUTPUT("[BIOS:EV_SEPARATOR, %02x%02x%02x%02x]",
- (unsigned char) buf[0],
- (unsigned char) buf[1],
- (unsigned char) buf[2],
- (unsigned char) buf[3]);
- } else {
- OUTPUT("[BIOS:EV_SEPARATOR, %s]", buf);
- }
- break;
- case 5:
- if ((pcr5_grub > 0) && (index == 5)) {
- OUTPUT("[GRUB:EV_ACTION, %s]", buf);
- } else {
- OUTPUT("[BIOS:EV_ACTION, %s]", buf);
- }
- break;
- case 6:
- if ((pcr4_grub > 1) && (index == 4)) {
- OUTPUT("[GRUB: measure MBR again]");
- } else {
- OUTPUT("[BIOS:EV_EVENT_TAG(EV_PLATFORM_SPECIFIC)]");
- }
- break;
- case 7:
- OUTPUT("[BIOS:EV_S_CRTM_CONTENTS]");
- break;
- case 8:
- OUTPUT("[BIOS:EV_S_CRTM_VERSION]");
- break;
- case 9:
- OUTPUT("[BIOS:EV_CPU_MICROCODE]");
- break;
- case 0x0a:
- OUTPUT("[BIOS:EV_PLATFORM_CONFIG_FLAG)]");
- break;
- case 0x0b:
- OUTPUT("[BIOS:EV_TABLE_OF_CONTENTS)]");
- break;
- case 0x0c:
- OUTPUT("[BIOS:EV_COMPACT_HASH]");
- break;
- case 0x0d:
- if (pcr4_grub == 0) {
- // BIOS
- OUTPUT("[BIOS:EV_IPL]");
- pcr4_grub = 1;
- } else if (pcr4_grub == 1) {
- // GRUB
- OUTPUT("[GRUB:EV_IPL, Stage1(MBR)]");
- pcr4_grub = 2;
- } else if (pcr4_grub == 2) {
- // GRUB
- OUTPUT("[GRUB:EV_IPL, Stage1.5]");
- pcr4_grub = 3;
- } else if (pcr4_grub == 3) {
- // GRUB
- OUTPUT("[GRUB:EV_IPL, Stage1.5(filesystem)]");
- pcr4_grub = 4;
- } else {
- // GRUB
- OUTPUT("[GRUB:EV_IPL]");
- }
- break;
- case 0x0e:
- if (pcr5_grub == 0) {
- OUTPUT("[BIOS:EV_IPL_PARTITION_DATA]");
- pcr5_grub = 1;
- } else {
- OUTPUT("[GRUB:grub.conf]");
- }
- break;
- case 0x0f:
- OUTPUT("[BIOS:EV_NOHOST_CODE)]");
- break;
- case 0x10:
- OUTPUT("[BIOS:EV_NOHOST_CONFIG]");
- break;
- case 0x11:
- OUTPUT("[BIOS:EV_NOHOST_INFO]");
- break;
- case 0x12:
- OUTPUT("[BIOS:EV_SPECIFICATION_IDENTIFIER 0x");
- for (i = 0; i < len; i++) {
- OUTPUT("%02x", (unsigned char)buf[i]);
- }
- OUTPUT("]");
- break;
- case 0x80000001: // EFI
- OUTPUT("[BIOS:EV_EFI_VARIABLE_DRIVER_CONFIG len=%d,", len);
- for (i = 0; i < len; i++) {
- OUTPUT("%02x", (unsigned char)buf[i]);
- }
- OUTPUT("]");
- break;
- case 0x80000002: // EFI
- OUTPUT("[BIOS:EV_EFI_VARIABLE_BOOT len=%d,", len);
- for (i = 0; i < len; i++) {
- OUTPUT("%02x", (unsigned char)buf[i]);
- }
- OUTPUT("]");
- break;
- case 0x80000003: // EFI
- OUTPUT("[BIOS:EV_EFI_BOOT_SERVICES_APPLICATION len=%d,", len);
- for (i = 0; i < len; i++) {
- OUTPUT("%02x", (unsigned char)buf[i]);
- }
- OUTPUT("]");
- break;
- case 0x80000004: // EFI
- OUTPUT("[BIOS:EV_EFI_BOOT_SERVICES_DRIVER len=%d,", len);
- for (i = 0; i < len; i++) {
- OUTPUT("%02x", (unsigned char)buf[i]);
- }
- OUTPUT("]");
- break;
- case 0x80000005: // EFI
- OUTPUT("[BIOS:EV_EFI_RUNTIME_SERVICES_DRIVER len=%d,", len);
- for (i = 0; i < len; i++) {
- OUTPUT("%02x", (unsigned char)buf[i]);
- }
- OUTPUT("]");
- break;
- case 0x80000006: // EFI
- OUTPUT("[BIOS:EV_EFI_GPT_EVENT len=%d,", len);
- for (i = 0; i < len; i++) {
- OUTPUT("%02x", (unsigned char)buf[i]);
- }
- OUTPUT("]");
- break;
- case 0x80000007: // EFI
- OUTPUT("[BIOS:EV_EFI_ACTION len=%d,", len);
- for (i = 0; i < len; i++) {
- OUTPUT("%02x", (unsigned char)buf[i]);
- }
- OUTPUT("]");
- break;
- case 0x80000009: // EFI
- OUTPUT("[BIOS:EV_EFI_HANDOFF_TABLES len=%d,", len);
- for (i = 0; i < len; i++) {
- OUTPUT("%02x", (unsigned char)buf[i]);
- }
- OUTPUT("]");
- break;
- // GRUB-IMA
- case 0x1005:
- OUTPUT("[GRUB:ACTION, %s]", buf);
- break;
- case 0x1105:
- OUTPUT("[GRUB:KERNEL_OPT %s]", buf);
- break;
- case 0x1205:
- OUTPUT("[GRUB:KERNEL %s]", buf);
- break;
- case 0x1305:
- OUTPUT("[GRUB:INITRD %s]", buf);
- break;
- case 0x1405:
- OUTPUT("[GRUB:MODULE %s]", buf);
- break;
- default:
- OUTPUT("[Unknown BIOS Event:size=%d]", len);
- break;
- }
- }
-
- encodeBase64((unsigned char *)buf, (unsigned char *)event->rgbPcrValue, event->ulPcrValueLength);
- OUTPUT(" b64(%s)\n", buf);
-
- } else {
- ERROR("NULL event\n"); // TODO(munetoh)
- }
-}
-#endif
-
-#if 0
-/**
- * print OPENPTS_SNAPSHOT
- */
-void printSnapshot(OPENPTS_SNAPSHOT * ss) {
- int i;
- TSS_PCR_EVENT *event;
- OPENPTS_PCR_EVENT_WRAPPER *eventWrapper;
-
- eventWrapper = ss->start;
- // OR while()
- for (i = 0; i < ss->event_num; i++) {
- event = eventWrapper->event;
- printEvent(event);
- eventWrapper = eventWrapper->next_pcr;
- }
-}
-#endif
-
-#if 0
-// TODO REMOVE
-/**
- * print events in each snapshot
- */
-void printSnapshots(OPENPTS_CONTEXT * ctx) {
- int i;
- OPENPTS_SNAPSHOT *ss;
- int level0_num = 0;
- int level1_num = 0;
-
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_IML_EVENTS, "events\n"));
- OUTPUT(" \n");
- for (i = 0; i < MAX_PCRNUM; i++) {
- ss = getSnapshotFromTable(ctx->ss_table, i, 0);
- if (ss != NULL) {
- if (ss->event_num > 0) {
- OUTPUT("PCR[%2d] - ", i);
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_IML_EVENTS_AT_LEVEL0, "%d events at level 0\n"), ss->event_num);
- }
- level0_num += ss->event_num;
- printSnapshot(ss);
- }
-
- // if (ss->next != NULL) {
- // ss = ss->next;
- /* level 1 */
- ss = getSnapshotFromTable(ctx->ss_table, i, 1);
- if (ss != NULL) {
- if (ss->event_num > 0) {
- OUTPUT("PCR[%2d] - ", i);
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_IML_EVENTS_AT_LEVEL1, "%d events at level 1\n"), ss->event_num);
- }
- level1_num += ss->event_num;
- if (ss->level != 1) ERROR("bad level %d\n", ss->level);
- printSnapshot(ss);
- }
- }
- OUTPUT("---------------------------\n");
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_IML_LEVEL_TOTALS,
- "level 0 total = %d\n"
- "level 1 total = %d\n"), level0_num, level1_num);
- OUTPUT("---------------------------\n");
-}
-#endif
/**
* print event number of each snapshot
void printSnapshotsInfo(OPENPTS_CONTEXT * ctx) {
int i;
OPENPTS_SNAPSHOT *ss;
- // TODO support valiable levels
int level0_num = 0;
int level1_num = 0;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+
OUTPUT(NLS(MS_OPENPTS, OPENPTS_IML_SNAPSHOT_HEADER,
"Number of event\n"
"PCR Level0 Level1\n"));
(int)imvID, (int)minVersion, (int)maxVersion);
/* */
- if (initialized)
+ if (initialized) {
+ ERROR("Not initialized");
return TNC_RESULT_ALREADY_INITIALIZED;
+ }
/* Only support version 1 */
if ((minVersion < TNC_IFIMV_VERSION_1 ) ||
/* initialize PTS */
conf = newPtsConfig();
if (conf == NULL) {
- // ERROR("Can not allocate OPENPTS_CONFIG\n");
+ ERROR("Can not allocate OPENPTS_CONFIG\n");
rc = TNC_RESULT_FATAL;
goto error;
}
ctx = newPtsContext(conf);
if (ctx == NULL) {
- // ERROR("Can not allocate OPENPTS_CONTEXT\n");
+ ERROR("Can not allocate OPENPTS_CONTEXT\n");
rc = TNC_RESULT_FATAL;
goto error;
}
/*in*/ TNC_ConnectionState newState) {
DEBUG("TNC_IMV_NotifyConnectionChange\n");
- if (!initialized)
+ if (!initialized) {
+ ERROR("Not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
if (imvID != imv_id)
- ERROR("\n");
+ ERROR("imvID != imv_id");
return TNC_RESULT_INVALID_PARAMETER;
DEBUG_IFM("V imvID=%d, connectionID=%d - TNC_IMV_NotifyConnectionChange\n",
DEBUG("TNC_IMV_ReceiveMessage msg[%d] type=0x%x\n",
messageLength, (int)messageType);
- if (!initialized)
+ if (!initialized) {
+ ERROR("Not initialized");
return TNC_RESULT_NOT_INITIALIZED;
-
+ }
DEBUG_IFM("[C->V] imvID=%d, connectionID=%d, type=0x%x, msg[%d]\n",
(int)imvID, (int)connectionID, (int)messageType, (int)messageLength);
+
/* handshake */
if (messageType == ((TNC_VENDORID_OPENPTS << 8) | TNC_SUBTYPE_OPENPTS)) {
/* OPENPTS */
read_tlv = (PTS_IF_M_Attribute*)messageBuffer; // NBO
+ if (read_tlv == NULL) {
+ ERROR("null input");
+ return TNC_RESULT_FATAL;
+ }
+
/* check VID */
vid = read_tlv->vid[0] << 16;
vid += read_tlv->vid[1] << 8;
DEBUG("TNC_IMV_SolicitRecommendation\n");
- if (!initialized)
+ if (!initialized) {
+ ERROR("Not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
if (imvID != imv_id) {
- ERROR("\n");
+ ERROR("Bad ID");
return TNC_RESULT_INVALID_PARAMETER;
}
/*in*/ TNC_ConnectionID connectionID) {
DEBUG("TNC_IMV_BatchEnding\n");
- if (!initialized)
+ if (!initialized) {
+ ERROR("Not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
if (imvID != imv_id) {
- ERROR("\n");
+ ERROR("imvID != imv_id");
return TNC_RESULT_INVALID_PARAMETER;
}
/*in*/ TNC_IMVID imvID) {
DEBUG("TNC_IMV_Terminate\n");
- if (!initialized)
+ if (!initialized) {
+ ERROR("Not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
- if (imvID != imv_id)
+ if (imvID != imv_id) {
+ ERROR("Bad id");
return TNC_RESULT_INVALID_PARAMETER;
+ }
/* PTS */
freePtsContext(ctx);
/*in*/ TNC_UInt32 typeCount) {
DEBUG("reportMessageTypes %d\n", (int)imvID);
- if (!reportMessageTypesPtr)
+ if (!reportMessageTypesPtr) {
+ ERROR("null input");
return TNC_RESULT_FATAL;
+ }
DEBUG_IFM("[C<-V] imvID=%d - reportMessageTypes\n",
(int)imvID);
DEBUG("sendMessage\n");
if (!sendMessagePtr) {
- ERROR("\n");
+ ERROR("null input");
return TNC_RESULT_FATAL;
}
/*in*/ TNC_IMV_Evaluation_Result evaluation) {
DEBUG("provideRecommendation\n");
- if (!provideRecommendationPtr)
+ if (!provideRecommendationPtr) {
+ ERROR("null input");
return TNC_RESULT_FATAL;
+ }
DEBUG_IFM("[C<-V] imvID=%d, connectionID=%d - provideRecommendation\n",
(int)imvID, (int)connectionID);
DEBUG("setAttribute\n");
if (!setAttributePtr) {
- ERROR("\n");
+ ERROR("null input");
return TNC_RESULT_FATAL;
}
/*in*/ TNC_TNCS_BindFunctionPointer bindFunction) {
DEBUG("TNC_IMV_ProvideBindFunction\n");
- if (!initialized)
+ if (!initialized) {
+ ERROR("Not initialized");
return TNC_RESULT_NOT_INITIALIZED;
+ }
if (imvID != imv_id) {
- ERROR("\n");
+ ERROR("Bad id");
return TNC_RESULT_INVALID_PARAMETER;
}
if ((*bindFunction)(imvID, "TNC_TNCS_ReportMessageTypes",
(void**)&reportMessageTypesPtr) !=
TNC_RESULT_SUCCESS) {
- ERROR("\n");
+ ERROR("TBD");
return TNC_RESULT_FATAL;
}
if ((*bindFunction)(imvID, "TNC_TNCS_RequestHandshakeRetry",
(void**)&requestHandshakeRetryPtr) !=
TNC_RESULT_SUCCESS) {
- ERROR("\n");
+ ERROR("TBD");
return TNC_RESULT_FATAL;
}
if ((*bindFunction)(imvID, "TNC_TNCS_ProvideRecommendation",
(void**)&provideRecommendationPtr) !=
TNC_RESULT_SUCCESS) {
- ERROR("\n");
+ ERROR("TBD");
return TNC_RESULT_FATAL;
}
if ((*bindFunction)(imvID, "TNC_TNCS_SendMessage",
(void**)&sendMessagePtr) !=
TNC_RESULT_SUCCESS) {
- ERROR("\n");
+ ERROR("TBD");
return TNC_RESULT_FATAL;
}
if ((*bindFunction)(imvID, "TNC_TNCS_GetAttribute",
(void**)&getAttributePtr) !=
TNC_RESULT_SUCCESS) {
// TODO(munetoh) optional
- ERROR("\n");
+ ERROR("TBD");
return TNC_RESULT_FATAL;
}
if ((*bindFunction)(imvID, "TNC_TNCS_SetAttribute",
(void**)&setAttributePtr) !=
TNC_RESULT_SUCCESS) {
// TODO(munetoh) optional
- ERROR("\n");
+ ERROR("TBD");
return TNC_RESULT_FATAL;
}
}
TNC_RESULT_SUCCESS) {
return TNC_RESULT_SUCCESS;
} else {
- ERROR("\n");
+ ERROR("TBD");
return TNC_RESULT_FATAL;
}
}
"xmlTextWriterEndDocument",
};
+ /* check */
+ if (errorIndex >= XML_FUNC_END) {
+ ERROR("errorIndex(%d) > XML_FUNC_END(%d)",errorIndex, XML_FUNC_END);
+ return;
+ }
+
+ /* log */
ERROR("XML function '%s' returned '%d'\n", xmlFuncStrings[errorIndex], rc);
}
DEBUG_CAL("resetFsm\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
if (ctx->ss_table == NULL) {
// DEBUG("resetFsm() - no SS table\n");
return PTS_SUCCESS;
ctx = (OPENPTS_IR_CONTEXT *) xmalloc(sizeof(OPENPTS_IR_CONTEXT));
if (ctx == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(ctx, 0, sizeof(OPENPTS_IR_CONTEXT));
ctx->buf = xmalloc(EVENTDATA_BUF_SIZE);
if (ctx->buf == NULL) {
+ ERROR("no memory");
xfree(ctx);
return NULL;
}
*
*/
void freeIrContext(OPENPTS_IR_CONTEXT *ctx) {
+ /* check */
if (ctx == NULL) {
+ ERROR("null input");
return;
}
+ /* free */
if (ctx->buf != NULL) {
xfree(ctx->buf);
}
int rc = PTS_INTERNAL_ERROR;
char id[256];
+ /* check */
+ if (cid == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* get strings */
BYTE *simpleName = snmalloc2(cid->dataBlock.dataBlock,
cid->simpleName.offset,
/* element "core:ComponentID" */
rc = xmlTextWriterStartElement(writer, BAD_CAST "core:ComponentID");
if (rc < 0) {
- displayXmlError(TEXT_WRITER_START_ELEMENT, rc); // TODO(munetoh) SYSLOG
+ displayXmlError(TEXT_WRITER_START_ELEMENT, rc);
goto error;
}
rc = xmlTextWriterWriteAttribute(
writer,
BAD_CAST "Id",
- BAD_CAST id); // TODO(munetoh)
+ BAD_CAST id);
if (rc < 0) {
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
goto error;
rc = xmlTextWriterWriteAttribute(
writer,
BAD_CAST "ModelSystemClass",
- BAD_CAST "745749J"); // TODO(munetoh)
+ BAD_CAST "TBD"); // TODO(munetoh)
if (rc < 0) {
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
goto error;
rc = xmlTextWriterWriteAttribute(
writer,
BAD_CAST "SimpleName",
- BAD_CAST simpleName); // "745749J 6DET58WW (3.08 )");
+ BAD_CAST simpleName);
if (rc < 0) {
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
goto error;
rc = xmlTextWriterWriteAttribute(
writer,
BAD_CAST "VersionBuild",
- BAD_CAST "1250694000000");
+ BAD_CAST "1250694000000"); // TODO(munetoh)
if (rc < 0) {
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
goto error;
rc = xmlTextWriterWriteAttribute(
writer,
BAD_CAST "VersionString",
- BAD_CAST versionString); // "6DET58WW (3.08 )");
+ BAD_CAST versionString);
if (rc < 0) {
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
goto error;
rc = xmlTextWriterWriteAttribute(
writer,
BAD_CAST "Name",
- BAD_CAST vendor); // "LENOVO");
+ BAD_CAST vendor);
if (rc < 0) {
displayXmlError(TEXT_WRITER_WRITE_ATTR, rc);
goto error;
/* element "core:TcgVendorId" */
rc = xmlTextWriterWriteFormatElement(
writer,
- BAD_CAST "core:TcgVendorId", "%s", "DEMO");
+ BAD_CAST "core:TcgVendorId", "%s", "DEMO"); // TODO(munetoh)
if (rc < 0) {
displayXmlError(TEXT_WRITER_WRITE_FORMAT_ELEMENT, rc);
goto error;
char id[256]; // TODO(munetoh)
int rc;
- ASSERT(NULL != event, "writeStuffObjects, event == NULL\n");
+ /* check */
+ if (event == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ /* ID */
snprintf(id, sizeof(id), "PCR_%d_LV%d_%d_%d_EVENT",
event->ulPcrIndex, ss_level, event->eventType, eventindex);
DEBUG_CAL("writePcrHash - PCR[%d] level %d \n", pcrIndex, ss_level);
+ /* check */
+ if (startHash == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (hash == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* ID */
snprintf(id, sizeof(id), "PCR_%d_LV%d_HASH", pcrIndex, ss_level);
/* Start an element named "eventdata" as child of "PcrHash". */
char *str_ir_uuid;
char id[256]; // TODO 3 + UUID = 3 + 36 = 39
int level;
+ OPENPTS_PCR_EVENT_WRAPPER *eventWrapper;
+ /* check */
+ if (tpm == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (cid == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (ss == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
level = ss->level;
- OPENPTS_PCR_EVENT_WRAPPER *eventWrapper;
/* reset PCR */
// FSM resetPCR(n) exist
if (eventWrapper == NULL) {
ERROR("writeSnapshot- eventWrapper is NULL\n");
- rc = PTS_INTERNAL_ERROR;
+ rc = PTS_FATAL;
goto free;
}
/* set curr PCR value */
rc = getTpmPcrValue(tpm, index, ss->curr_pcr);
- // TODO(munetoh) check with TSS/PCR value
+ if (rc != PTS_SUCCESS) {
+ ERROR("getTpmPcrValue() fail");
+ rc = PTS_INTERNAL_ERROR;
+ goto free;
+ }
/* check with TPM value if this is the last snapshot */
- // TODO(munetoh) copt level0 tpm_pcr to level1
+ // TODO(munetoh) copy level0 tpm_pcr to level1
/* add PcrHash element */
rc = writePcrHash(writer, index, level, ss->start_pcr, ss->curr_pcr, ALGTYPE_SHA1);
- // NG rc = writePcrHash(writer, index, level, ss->start_pcr, ss->tpm_pcr, ALGTYPE_SHA1);
+ if (rc != PTS_SUCCESS) {
+ ERROR("writePcrHash() fail");
+ rc = PTS_INTERNAL_ERROR;
+ goto free;
+ }
/* Close the element named "SnapshotCollection". */
rc = xmlTextWriterEndElement(writer);
BYTE select_byte[3]; // TODO TPM1.2, 24PCRs => 3 bytes
char tagbuf[128];
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (ctx->pcrs == NULL) {
TODO("writeQuote - OPENPTS_PCRS is NULL, SKIP QuoteData\n");
- return PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
if (ctx->validation_data == NULL) {
TODO("writeQuote - TSS_VALIDATION is NULL, SKIP QuoteData\n");
- return PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
/* Start an element named "QuoteData" as child of Report. */
BYTE *composite_hash;
char tagbuf[128]; // Quote tag
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (ctx->pcrs == NULL) {
TODO("writeQuote2 - OPENPTS_PCRS is NULL, SKIP QuoteData\n");
- return PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
if (ctx->validation_data == NULL) {
TODO("writeQuote2 - TSS_VALIDATION is NULL, SKIP QuoteData\n");
- return PTS_INTERNAL_ERROR;
+ return PTS_FATAL;
}
/* Quote2 - tag [0:1] */
return PTS_INTERNAL_ERROR;
}
-
-
-
/* QuoteInfo2 - end */
rc = xmlTextWriterEndElement(writer);
if (rc < 0) {
*
*/
// TODO remove file
-int writeIr(OPENPTS_CONTEXT *ctx, const char *filenameDP, int *savedFd) {
-//int writeIr(OPENPTS_CONTEXT *ctx, int *savedFd) {
+int writeIr(
+ OPENPTS_CONTEXT *ctx,
+ const char *filenameDP, // in (set ctx->conf->ir_filename in normal operation)
+ int *savedFd) // out
+{
int rc = PTS_SUCCESS;
int i;
int irFd;
int lengthOfIrFile;
xmlTextWriterPtr writer;
xmlBufferPtr xmlbuf;
- // FILE *fp;
PTS_ComponentId cid;
OPENPTS_TPM_CONTEXT tpm; // to calc snapshot PCR
PTS_UUID *ir_uuid;
char *str_ir_uuid;
char *filename = NULL;
- // char filename[256]; // TODO UUID_UUID.xml
PTS_Byte smbios[12] = { 0x4A, 0x4A, 0x4A, 0x4A, 0x4A,
0x4A, 0x4A, 0x4A, 0x4A, 0x4A,
/* check */
if (ctx == NULL) {
- ERROR("ctx == NULL");
+ ERROR("null input");
return PTS_FATAL;
}
- //if (filename == NULL) {
- // ERROR("filename == NULL");
- // return PTS_FATAL;
- //}
+
// TODO(munetoh) dummy data
cid.vendor.offset = 0;
goto freexml;
}
-
-
DEBUG_CAL("genIr - uuid done\n");
/* Add an attribute of Schemas */
goto free;
}
-#if 0
- /* set IR file */
- if (filename != NULL) {
- /* use given filename */
- ctx->conf->ir_filename = smalloc((char *)file);
- } else {
- /* use default filename */
- if (ctx->conf->ir_filename != NULL) {
- free(ctx->conf->ir_filename);
- }
- if (ctx->conf->ir_dir == NULL) {
- ERROR("Set ir.dir at ptsc.conf. \n");
- ctx->conf->ir_dir = smalloc("/tmp/.ptsc");
- }
- snprintf(filename, sizeof(filename), "%s_%s.xml",
- ctx->str_uuid,
- str_ir_uuid);
- ctx->conf->ir_filename = getFullpathName(ctx->conf->ir_dir, filename);
- }
-#endif
- if (ctx->ir_filename != NULL) {
+
+ /* check filename */
+ if (filenameDP != NULL) {
/* use given filename for the Unit Test*/
- // filename = smalloc(ctx->conf->ir_filename); filename = ctx->conf->ir_filename;
} else {
+ /* create new IR filename, save to ctx->ir_filename */
char buf[1024];
/* use default filename */
if (ctx->conf->ir_dir == NULL) {
str_ir_uuid);
ctx->ir_filename = getFullpathName(ctx->conf->ir_dir, buf);
+ filenameDP = ctx->ir_filename;
}
- filename = ctx->ir_filename;
- DEBUG("Write Integrity Report (IR) : %s\n", filename);
+ //filename = ctx->ir_filename;
+ DEBUG("Write Integrity Report (IR) : %s\n", filenameDP); //filename);
/* write to file */
xmlFreeTextWriter(writer);
-#if 0
- fp = fopen(ctx->conf->ir_filename, "w");
- if (fp == NULL) {
- ERROR("testXmlwriterMemory: Error at fopen, %s\n", ctx->conf->ir_filename);
- rc = PTS_INTERNAL_ERROR;
- goto free;
- }
-
- fprintf(fp, "%s", (const char *) xmlbuf->content);
-
- rc = PTS_SUCCESS; // 0
-
- fclose(fp);
-#endif
-
- irFd = open(filename, O_CREAT | O_EXCL | O_RDWR, S_IRUSR | S_IWUSR);
+ irFd = open(filenameDP, O_CREAT | O_EXCL | O_RDWR, S_IRUSR | S_IWUSR);
if (-1 == irFd) {
ERROR("Failed to open ir file '%s' for writing, errno = %d\n", filename, errno);
rc = PTS_INTERNAL_ERROR;
This is most useful during verification when running "ptsc -m". Anyway,
serious hackers probably wouldn't be deterred by this ... */
if (NULL != savedFd &&
- -1 == unlink(filename)) {
+ -1 == unlink(filenameDP)) {
ERROR("Failed to unlink file '%s', errno = %d\n", filename, errno);
}
free:
xfree(ir_uuid);
xfree(str_ir_uuid);
- //if (filename != NULL) xfree(filename);
freexml:
xmlBufferFree(xmlbuf);
error:
-
-
DEBUG_CAL("writeIr - done\n");
return rc;
OPENPTS_CONTEXT * pctx = (OPENPTS_CONTEXT *)ctx;
OPENPTS_IR_CONTEXT * ir_ctx = pctx->ir_ctx;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+
ir_ctx->sax_error = 0;
ir_ctx->event_index = 0;
* SAX parser
*/
void irEndDocument(void * ctx) {
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+
// printf("END DOC \n");
}
wrongly into presenting a valid attestation of a compromised system. */
static int getPcrIndexFromIR(char *value) {
unsigned int index = atoi(value);
+
+ /* check */
+ if (value == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+
+ index = atoi(value);
if ( index > MAX_PCRNUM ) {
return -1;
} else {
* SAX parser - Start of Element
*/
void irStartElement(void* ctx, const xmlChar* name, const xmlChar** atts) {
- OPENPTS_CONTEXT * pctx = (OPENPTS_CONTEXT *)ctx;
- OPENPTS_IR_CONTEXT * ir_ctx = pctx->ir_ctx;
- TSS_VALIDATION *validation_data = pctx->validation_data;
- OPENPTS_PCRS *pcrs = pctx->pcrs;
+ OPENPTS_CONTEXT * pctx;
+ OPENPTS_IR_CONTEXT * ir_ctx;
+ TSS_VALIDATION *validation_data;
+ OPENPTS_PCRS *pcrs;
BYTE *b64buf = NULL;
int b64buf_len;
int i;
char *type;
char *value;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ pctx = (OPENPTS_CONTEXT *)ctx;
+ ir_ctx = pctx->ir_ctx;
+ if (ir_ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ pcrs = pctx->pcrs;
+ if (pcrs == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (name == NULL) {
+ ERROR("null input");
+ return;
+ }
+ validation_data = pctx->validation_data; // ckeck later
+
+ /* IR */
ir_ctx->char_size = 0;
if (!strcmp((char *)name, "Report")) {
for (i = 0;(atts[i] != NULL);i++) {
type = (char *)atts[i++];
+ if (validation_data == NULL) {
+ ERROR("validation_data == NULL");
+ return;
+ }
if (validation_data->rgbData == NULL) {
// TODO 1.2 only
validation_data->ulDataLength = 48;
for (i = 0;(atts[i] != NULL);i++) {
type = (char *)atts[i++];
+ if (validation_data == NULL) {
+ ERROR("validation_data == NULL");
+ return;
+ }
if (validation_data->rgbData == NULL) {
// TODO 1.2 only
validation_data->ulDataLength = 52;
* SAX parser - End of Element
*/
void irEndElement(void * ctx, const xmlChar * name) {
- OPENPTS_CONTEXT * pctx = (OPENPTS_CONTEXT *)ctx;
- OPENPTS_IR_CONTEXT * ir_ctx = pctx->ir_ctx;
- TSS_VALIDATION *validation_data = pctx->validation_data;
- OPENPTS_PCRS *pcrs = pctx->pcrs;
+ OPENPTS_CONTEXT * pctx;
+ OPENPTS_IR_CONTEXT * ir_ctx;
+ TSS_VALIDATION *validation_data;
+ OPENPTS_PCRS *pcrs;
int rc;
BYTE *b64buf = NULL;
int b64buf_len;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ pctx = (OPENPTS_CONTEXT *)ctx;
+ ir_ctx = pctx->ir_ctx;
+ if (ir_ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ pcrs = pctx->pcrs;
+ if (pcrs == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (name == NULL) {
+ ERROR("null input");
+ return;
+ }
+ validation_data = pctx->validation_data; // ckeck later
+
+ /* END ELEMENT */
if (!strcmp((char *)name, "stuff:Objects")) {
int extend = 0;
int pcr_index = -1;
free(b64buf);
/* Check with PCR in TPM */
rc = checkTpmPcr2(&pctx->tpm, ir_ctx->pcr_index, ir_ctx->pcr);
- if (rc != 0) {
+ if (rc != PTS_SUCCESS) {
ERROR("ERROR PCR[%d] != IML\n", ir_ctx->pcr_index);
ir_ctx->sax_error = 1;
// verbose = DEBUG_FLAG | DEBUG_TPM_FLAG; // switch DEBUG MODE
}
} else if (!strcmp((char *)name, "LocalityAtRelease")) {
// TODO
+ if (validation_data == NULL) {
+ ERROR("validation_data == NULL");
+ return;
+ }
validation_data->rgbData[31] = atoi(ir_ctx->buf);
} else if (!strcmp((char *)name, "CompositeHash")) {
// DEBUG("CompositeHash %s", ir_ctx->buf);
+ if (validation_data == NULL) {
+ ERROR("validation_data == NULL");
+ return;
+ }
b64buf = decodeBase64(
(char *)ir_ctx->buf,
ir_ctx->char_size,
if (pcrs->pcr_select_byte == NULL) {
ERROR("pcrs->pcr_select_byte is null");
} else {
+ if (validation_data == NULL) {
+ ERROR("validation_data == NULL");
+ return;
+ }
validation_data->rgbData[26] = 0;
validation_data->rgbData[27] = pcrs->pcr_select_size;
validation_data->rgbData[28] = pcrs->pcr_select_byte[0];
ERROR("buf is small %d \n", ir_ctx->char_size);
ir_ctx->sax_error++;
} else {
+ if (validation_data == NULL) {
+ ERROR("validation_data == NULL");
+ return;
+ }
if (validation_data->rgbValidationData != NULL) {
xfree(validation_data->rgbValidationData);
}
*
*/
void irCharacters(void* ctx, const xmlChar * ch, int len) {
- OPENPTS_CONTEXT * pctx = (OPENPTS_CONTEXT *)ctx;
- OPENPTS_IR_CONTEXT * ir_ctx = pctx->ir_ctx;
+ OPENPTS_CONTEXT * pctx;
+ OPENPTS_IR_CONTEXT * ir_ctx;
+
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ pctx = (OPENPTS_CONTEXT *)ctx;
+ ir_ctx = pctx->ir_ctx;
+ if (ir_ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ //if (ch == NULL) {
+ // ERROR("null input");
+ // return;
+ //}
+
/* copy to buf at ir_ctx, but check length first, ensuring additional space
for NULL terminator */
DEBUG("validateIr - start\n");
/* check */
- ASSERT(NULL != ctx, "ctx == NULL\n");
- ASSERT(NULL != ctx->target_conf, "ctx->target_conf == NULL\n");
- ASSERT(NULL != ctx->ir_filename, "ctx->ir_filename == NULL\n");
-
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (ctx->target_conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (ctx->ir_filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
conf = ctx->target_conf;
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* new */
if (ctx->pcrs == NULL) {
* @retval PTS_SUCCESS
* @retval PTS_INTERNAL_ERROR
*/
-int genIrFromSecurityfs(OPENPTS_CONTEXT *ctx, int *savedFd) {
+int genIrFromSecurityfs(
+ OPENPTS_CONTEXT *ctx,
+ int *savedFd /* out*/ ) {
int rc;
/* get IML via securityfs */
DEBUG("TPM Quote not work with config option iml.mode=securityfs\n");
#endif
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* reset TPM emu */
resetTpm(&ctx->tpm, ctx->drtm);
// }
// ctx->conf->ir_filename = tempnam(NULL, "ir_");
- /* save IR */
- rc = writeIr(ctx, ctx->conf->ir_filename, savedFd);
+ /* save IR (new file in tmp dir) */
+ rc = writeIr(ctx, NULL, savedFd);
+ // rc = writeIr(ctx, ctx->ir_filename, savedFd);
if (rc != 0) {
ERROR("fail to write IR, rc = %d\n", rc);
return PTS_INTERNAL_ERROR;
* @retval PTS_SUCCESS
* @retval PTS_INTERNAL_ERROR
*/
-int genIrFromTss(OPENPTS_CONTEXT *ctx, int *savedFd) {
+int genIrFromTss(
+ OPENPTS_CONTEXT *ctx,
+ int *savedFd /* out */ ) {
int rc;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* get IML via securityfs */
/* reset TPM emu */
//ctx->conf->ir_filename = tempnam(NULL, "ir_");
//DEBUG("ctx->conf->ir_filename : %s\n", ctx->conf->ir_filename);
- /* save IR */
- rc = writeIr(ctx, ctx->conf->ir_filename, savedFd); // ir.c
+ /* save IR (new file in tmp dir) */
+ rc = writeIr(ctx, NULL, savedFd);
+ // rc = writeIr(ctx, ctx->ir_filename, savedFd); // ir.c
if (rc != 0) {
ERROR("fail to write IR, rc = %d\n", rc);
return PTS_INTERNAL_ERROR;
* @retval PTS_SUCCESS
* @retval PTS_INTERNAL_ERROR
*/
-int genIr(OPENPTS_CONTEXT *ctx, int *savedFd) {
+int genIr(
+ OPENPTS_CONTEXT *ctx,
+ int *savedFd /* out */) {
int rc = PTS_INTERNAL_ERROR;
+
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+
+ /* gen */
if (ctx->conf->iml_mode == 1) {
rc = genIrFromSecurityfs(ctx, savedFd);
if (rc != PTS_SUCCESS) {
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-05-07
* cleanup 2011-01-22 SM
+ * cleanup 2011-12-28 SM
*
- * syslog wrapper
+ * Verbose OUTPUT VERBOSE LOGGING
+ * Level (stdout) (stderr) (console/syslog/file)
+ * --------------------------------------------------
+ * 0 ON ERROR msg. ERROR/INFO
+ * 1 ON +verbose msg. ERROR/INFO
+ * 2 ON ERROR/INFO+DEBUG
+ * --------------------------------------------------
*
+ * LOG
+ * off
+ * error
+ * on/debug
+ *
+ * Config
+ * verbose=0
+ * logging.location=console|syslog|file
+ * logging.file=./ptsc.log
+ * debug.mode=0x01
+ *
+ * Priority
+ * 1. Commandline option (location/file must be given by conf)
+ * 2. ENV
+ * 3. Conf file
*
* LOG("msg",format)
*
#include <openpts_log.h>
-
#define SYSLOG_BUF_SIZE 1024
-
-
#ifdef AIX
#ifndef DEFAULT_LOG_LOCATION
#define DEFAULT_LOG_LOCATION OPENPTS_LOG_FILE
#endif
-
#ifndef DEFAULT_LOG_FILE
#define DEFAULT_LOG_FILE "/var/adm/ras/openpts/log"
#endif
-
#define DEFAULT_LOG_FILE_PERM (S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH)
#define DEFAULT_LOG_FILE_SIZE 0x100000
-#else // AIX
+
+#else // !AIX
+
#define DEFAULT_LOG_LOCATION OPENPTS_LOG_FILE
-#define DEFAULT_LOG_FILE "~/.openpts/log"
+#define DEFAULT_LOG_FILE "~/.openpts/openpts.log"
#define DEFAULT_LOG_FILE_PERM (S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH)
#define DEFAULT_LOG_FILE_SIZE 0x100000
-#endif
+
+#endif // AIX
#ifdef ENABLE_NLS
#ifdef HAVE_CATGETS
static int openLogFile(void);
static void addToLog(char* log_entry);
+static char * command_name = NULL;
+
/**
*
*/
}
/**
+ * set LogLocation by ENV
*
+ * export OPENPTS_LOG_FILE=/tmp/openpts.log
+ * export OPENPTS_LOG_CONSOLE=1
+ * export OPENPTS_LOG_SYSLOG=1
+ * export OPENPTS_DEBUG_MODE=0x01
*/
-static void determineLogLocation(void) {
+void determineLogLocationByEnv(void) {
char *tempLogFileName = NULL;
+ char *tempDebugMode = NULL;
+
+
+ /* Location */
if (getenv("OPENPTS_LOG_SYSLOG") != NULL) {
logLocation = OPENPTS_LOG_SYSLOG;
} else if (getenv("OPENPTS_LOG_CONSOLE") != NULL) {
if (logLocation == OPENPTS_LOG_FILE) {
expandLogFilePath(tempLogFileName);
}
+
+ /* debug mode => debugBits */
+ if ((tempDebugMode = getenv("OPENPTS_DEBUG_MODE")) != NULL) {
+ debugBits = (int) strtol(tempDebugMode,NULL,16);
+ DEBUG("DEBUG FLAG(0x%x) set by ENV\n", debugBits);
+ }
}
/**
}
}
+void setSyslogCommandName(char *name) {
+ command_name = name;
+}
+
+/**
+ * return loglocation in String (char*)
+ */
+char *getLogLocationString() {
+ if (logLocation == OPENPTS_LOG_SYSLOG) {
+ return "syslog";
+ } else if (logLocation == OPENPTS_LOG_CONSOLE) {
+ return "console(stderr)";
+ } else if (logLocation == OPENPTS_LOG_NULL) {
+ return "n/a";
+ } else if (logLocation == OPENPTS_LOG_FILE) {
+ return logFileName;
+ } else {
+ ERROR("logLocation %d\n", logLocation);
+ return "TBD";
+ }
+}
+
/**
*
*/
"[ERROR] ",
"[WARNING] ",
"[NOTICE] ",
- "[INFO] ",
+ "[INFO] ",
"[DEBUG] "
};
/* number of chars written (not including '\0') */
if (logLocation == OPENPTS_LOG_UNDEFINED) {
- determineLogLocation();
+ determineLogLocationByEnv();
+ // fprintf(stderr, "logLocation == OPENPTS_LOG_UNDEFINED\n");
+ return;
}
if (logLocation == OPENPTS_LOG_NULL) {
{
char buf[SYSLOG_BUF_SIZE];
- /* daemon -> syslog */
- openlog("ptsc", LOG_NDELAY|LOG_PID, LOG_LOCAL5);
+ /* ptsc -m (IF-M) -> syslog */
+ if (command_name == NULL) {
+ openlog("ptsc", LOG_NDELAY|LOG_PID, LOG_LOCAL5);
+ } else {
+ openlog(command_name, LOG_NDELAY|LOG_PID, LOG_LOCAL5);
+ }
/* vsyslog is not supported by some unix */
vsnprintf(buf, SYSLOG_BUF_SIZE, format, list);
- if (priority >= LOG_DEBUG) priority = LOG_INFO;
+
+ /* priority is controlled by syslog conf */
+ /* for DEBUG, use OPENPTS_LOG_FILE */
syslog(priority, "%s", buf);
closelog();
}
case OPENPTS_LOG_FILE:
{
- if ( -1 == openLogFile() ) {
+ if (openLogFile() == -1) {
if ( !alreadyWarnedAboutLogFile ) {
fprintf(stderr, NLS(MS_OPENPTS, OPENPTS_CANNOT_OPEN_LOGFILE,
"Unable to open logfile '%s'\n"), logFileName);
return logFileFd;
}
- logFileFd = open(logFileName, O_RDWR|O_CREAT|O_TRUNC, DEFAULT_LOG_FILE_PERM);
+ //logFileFd = open(logFileName, O_RDWR|O_CREAT|O_TRUNC, DEFAULT_LOG_FILE_PERM);
+ logFileFd = open(logFileName, O_WRONLY|O_CREAT|O_APPEND, DEFAULT_LOG_FILE_PERM);
return logFileFd;
}
#include <fcntl.h>
#include <openpts.h>
-// #include <log.h>
/**
Due to the frequent use of malloc/free in the code base (as opposed to
char *result = malloc(size);
if (NULL == result) {
ERROR("Failed to allocate %d bytes of memory\n", size);
- ASSERT(0, "About to return NULL pointer - cannot continue\n");
+ OUTPUT("About to return NULL pointer - cannot continue\n");
+ exit(1);
}
return result;
}
void xfree(void *buf) {
- ASSERT(NULL != buf, "Freeing a NULL pointer is bad\n");
+ if (buf == NULL) {
+ ERROR("Freeing a NULL pointer is bad");
+ return;
+ }
#ifndef NEVER_FREE_MEMORY
free(buf);
#endif
char *out;
if (str == NULL) {
- DEBUG("smalloc - string is NULL\n");
+ DEBUG("null input\n");
return NULL;
}
ERROR("Failed to duplicate string '%s'\n", str);
}
-#if 0
- len = (int)strlen(str);
-
- /* malloc */
- out = (char *) malloc(len + 1);
- if (out == NULL) {
- ERROR("smalloc - no memory\n");
- return NULL;
- }
-
- /* copy */
- memcpy(out, str, len);
- out[len] = 0; // \n
-
- /* remove bad chars :-P */
- // TODO 20101118 SM added for the safe print
- for (i = 0; i < len; i++) {
- if ((out[i] < 0x20) || (0x7e < out[i])) {
- out[i] = '_';
- }
- }
-#endif
-
return out;
}
#endif
out = strdup(str);
if (NULL == out) {
ERROR("Failed to duplicate string '%s'\n", str);
- ASSERT(0, "About to return NULL pointer - cannot continue\n");
+ OUTPUT("About to return NULL pointer - cannot continue\n");
+ exit(1);
}
return out;
/* check */
if (str == NULL) {
- DEBUG("smalloc - string is NULL\n");
+ ERROR("smalloc - string is NULL\n");
return NULL;
}
* @param len
*/
BYTE *snmalloc2(BYTE *buf, int offset, int len) {
+
+ /* check */
+ if (buf == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ if (offset < 0) {
+ ERROR("offset < 0");
+ return NULL;
+ }
+ if (len < 0) {
+ ERROR("len < 0");
+ return NULL;
+ }
+
+ /* alloc */
BYTE *output = (BYTE *) xmalloc(len + 1);
if (output == NULL) {
return NULL;
int slash = 0;
/* check */
- ASSERT(filename != NULL, "getFullpathName - filename is NULL\n");
- ASSERT(basepath != NULL, "getFullpathName - basepath is NULL\n");
+ if (basepath == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
/* start from root */
if (filename[0] == '/') {
*/
char *getFullpathDir(char *filename) {
char *fullpath = NULL;
- // char *slash;
int filename_len;
int i;
- ASSERT(filename != NULL, "getFullpathDir - filename is NULL\n");
+ /* check */
+ if (filename == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
filename_len = strlen(filename);
if (b == NULL) {
ERROR("byte2uint32 - NULL");
- exit(-1);
+ OUTPUT("About to return NULL pointer - cannot continue\n"); // TODO
+ exit(1);
}
-#if 0 // BE
- a = b[0];
- a = a << 8;
- a += b[1];
- a = a << 8;
- a += b[2];
- a = a << 8;
- a += b[3];
-#else
a = b[3];
a = a << 8;
a += b[2];
a += b[1];
a = a << 8;
a += b[0];
-#endif
return a;
}
size_t strLen;
char *start, *end;
- ASSERT(str != NULL, "trim - str is NULL\n");
+ /* check */
+ if (str == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ /* check len */
strLen = strlen(str);
if (0 == strLen) {
return str;
int len;
/* check */
- // if (bin == NULL) {
- // ERROR("getHexString() buf is null\n");
- // return NULL;
- // }
- ASSERT(bin != NULL, "getHexString - bin is NULL\n");
-
+ if (bin == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
buf = xmalloc_assert(size * 2 + 1);
ptr = buf;
int outSoFar = 0;
int i;
- ASSERT(outBuf != NULL, "snprintHex - outBuf is NULL\n");
- ASSERT(head != NULL, "snprintHex - head is NULL\n");
- ASSERT(data != NULL, "snprintHex - data is NULL\n");
- ASSERT(tail != NULL, "snprintHex - tail is NULL\n");
+ /* check */
+ if (outBuf == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (head == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (data == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (tail == NULL) {
+ ERROR("null input");
+ return;
+ }
+ /* */
outSoFar += snprintf(outBuf, outBufLen, "%s[%d]=", head, num);
for (i = 0; i < num; i++) {
void printHex(char *head, BYTE *data, int num, char *tail) {
char outBuf[1024];
+
snprintHex(outBuf, 1023, head, data, num, tail);
/* I could just use OUTPUT(outBuf), but since warnings are errors
I have to use this less efficient form */
void fprintHex(FILE *fp, BYTE *data, int num) {
int i;
+
+ /* check */
+ if (fp == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (data == NULL) {
+ ERROR("null input");
+ return;
+ }
+
+ /* fprintf */
for (i = 0; i < num; i++) {
fprintf(fp, "%02X", data[i]);
}
int n_tries = 0;
int ptr = 0;
+ /* check */
if (len < 0) {
ERROR("len <0 \n");
return PTS_FATAL;
}
/**
+ * byte[4] => UINT32
*/
-int getUint32(BYTE *buf) {
- int data;
+UINT32 getUint32(BYTE *buf) {
+ UINT32 data;
+
+ /* check */
+ if (buf == NULL) {
+ ERROR("null input");
+ return 0; // TODO
+ }
+ // TODO check the size?
+
data = (buf[0] << 24) |
(buf[1] << 16) |
(buf[2] << 8) |
int rc = PTS_SUCCESS;
struct stat st;
+ /* check */
+ if (dirname == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* create anyway */
rc = mkdir(dirname, S_IRUSR | S_IWUSR | S_IXUSR |
S_IRGRP | S_IWGRP | S_IXGRP);
int checkDir(char *dirname) {
struct stat st;
+ /* check */
if (dirname == NULL) {
+ ERROR("null input");
return PTS_FATAL;
}
int checkFile(char *filename) {
struct stat st;
+ /* check */
if (filename == NULL) {
+ ERROR("null input");
return PTS_FATAL;
}
*/
ssize_t wrapRead(int fd, void *buf, size_t count) {
ssize_t len;
+
+ /* check */
+ if (buf == NULL) {
+ ERROR("null input");
+ return 0; // TODO
+ }
+
while (1) {
len = read(fd, buf, count);
if ((len < 0) && (errno == EAGAIN || errno == EINTR)) {
*/
ssize_t wrapWrite(int fd, const void *buf, size_t count) {
ssize_t len;
+
+ /* check */
+ if (buf == NULL) {
+ ERROR("null input");
+ return 0; // TODO
+ }
+
while (1) {
len = write(fd, buf, count);
if ((len < 0) && (errno == EAGAIN || errno == EINTR)) {
static int unlinkDir_(char *dirPath) {
DIR *dirHandle;
struct dirent *entry;
- // int retVal;
char path[PATH_MAX + 1];
struct dirent dr;
int rc;
+ /* check */
+ if (dirPath == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
dirHandle = opendir(dirPath);
if (dirHandle == NULL) {
int unlinkDir(const char *dirPath) {
char path[PATH_MAX + 1];
- if (dirPath == NULL || dirPath[0] == '\0' || strlen(dirPath) >= PATH_MAX) {
- return -1;
+ /* check */
+ if (dirPath == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (dirPath[0] == '\0' || strlen(dirPath) >= PATH_MAX) {
+ ERROR("bad dirPath, %s", dirPath);
+ return PTS_FATAL;
}
strncpy(path, dirPath, sizeof(path));
/* malloc */
ctx = xmalloc(sizeof(OPENPTS_NONCE));
if (ctx == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(ctx, 0, sizeof(OPENPTS_NONCE));
/* malloc req */
ctx->req = (PTS_IF_M_DH_Nonce_Parameters_Request *)xmalloc(sizeof(PTS_IF_M_DH_Nonce_Parameters_Request));
if (ctx->req == NULL) {
+ ERROR("no memory");
xfree(ctx);
return NULL;
}
/* malloc res */
ctx->res = xmalloc(sizeof(PTS_IF_M_DH_Nonce_Parameters_Responce));
if (ctx->res == NULL) {
+ ERROR("no memory");
xfree(ctx->req);
xfree(ctx);
return NULL;
/* malloc fin */
ctx->fin = xmalloc(sizeof(PTS_IF_M_DH_Nonce_Finish));
if (ctx->fin == NULL) {
+ ERROR("no memory");
xfree(ctx->req);
xfree(ctx->res);
xfree(ctx);
int freeNonceContext(OPENPTS_NONCE *ctx) {
DEBUG_CAL("freeNonceContext\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* free req */
if (ctx->req != NULL) {
xfree(ctx->req);
char c = '1';
// DEBUG("calcExternalDataValue\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
ctx->nonce_length = SHA1_DIGEST_SIZE;
ctx->nonce = xmalloc_assert(SHA1_DIGEST_SIZE);
+ if (ctx->nonce == NULL) {
+ ERROR("no memory");
+ return PTS_FATAL;
+ }
SHA1_Init(&sha_ctx);
SHA1_Update(&sha_ctx, &c, 1);
int getDhResponce(OPENPTS_NONCE *ctx) {
int rc = 0;
BIGNUM *p, *g;
- PTS_IF_M_DH_Nonce_Parameters_Request *req = ctx->req;
- PTS_IF_M_DH_Nonce_Parameters_Responce *res = ctx->res;
+ PTS_IF_M_DH_Nonce_Parameters_Request *req;
+ PTS_IF_M_DH_Nonce_Parameters_Responce *res;
// DEBUG("getDhResponce at Respondor\n");
/* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ req = ctx->req;
+ if (req == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ res = ctx->res;
+ if (res == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (req->reserved != 0) {
ERROR("reserved must be 0\n");
- return -1;
+ return PTS_INTERNAL_ERROR;
}
/* select nonce size */
BN_hex2bn(&p, group14);
} else {
res->selected_dh_group = 0;
- ERROR("");
- return -1;
+ ERROR("Unknown DH group set 0x%x", req->dh_group_set);
+ return PTS_DENIED;
}
BN_set_word(g, 2);
/* malloc */
res->dh_respondor_nonce = xmalloc(res->nonce_length);
if (res->dh_respondor_nonce == NULL) {
+ ERROR("dh_respondor_nonce is null");
return PTS_INTERNAL_ERROR;
}
/* malloc */
res->dh_respondor_public = xmalloc(DH_size(ctx->dh));
if (res->dh_respondor_public == NULL) {
- return PTS_INTERNAL_ERROR;
+ ERROR("no memory");
+ return PTS_FATAL;
}
/* set */
int setDhPubkeylength(OPENPTS_NONCE *ctx) {
PTS_IF_M_DH_Nonce_Parameters_Responce *res = ctx->res;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* select DH group */
if (res->selected_dh_group == DH_GROUP_2) {
ctx->pubkey_length = DH_GROUP_2_SIZE;
} else if (res->selected_dh_group == DH_GROUP_14) {
ctx->pubkey_length = DH_GROUP_14_SIZE;
} else {
- ERROR("Bad DH group\n");
- return -1;
+ ERROR("Bad DH group 0x%x\n", res->selected_dh_group);
+ return PTS_DENIED; // TODO
}
return PTS_SUCCESS;
int rc = 0;
BIGNUM *p, *g;
BIGNUM *pub_key;
- PTS_IF_M_DH_Nonce_Parameters_Responce *res = ctx->res;
- PTS_IF_M_DH_Nonce_Finish *fin = ctx->fin;
+ PTS_IF_M_DH_Nonce_Parameters_Responce *res;
+ PTS_IF_M_DH_Nonce_Finish *fin;
/* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ res = ctx->res;
+ if (res == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ fin = ctx->fin;
+ if (fin == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
if (res->reserved[0] != 0) {
// TODO check 1,2 too
ERROR("reserved must be 0\n");
- return -1;
+ return PTS_INTERNAL_ERROR;
}
/* set DH Hash Alg */
fin->selected_hash_alg = DH_HASH_SHA1;
ctx->selected_hash_alg = DH_HASH_SHA1;
} else {
- ERROR("Bad DH hash\n");
- return -1;
+ ERROR("Bad DH hash set 0x%x\n", res->hash_alg_set);
+ return PTS_DENIED;
}
/* store respondor nonce */
BN_hex2bn(&p, group14);
ctx->pubkey_length = DH_GROUP_14_SIZE;
} else {
- ERROR("Bad DH group\n");
- return -1;
+ ERROR("Bad DH group 0x%x\n", res->selected_dh_group);
+ return PTS_DENIED;
}
BN_set_word(g, 2);
/* malloc */
ctx->secret = xmalloc(ctx->secret_length);
if (ctx->secret == NULL) {
- return PTS_INTERNAL_ERROR;
+ ERROR("no memory");
+ return PTS_FATAL;
}
/* calc key */
/* initiator nonce */
fin->dh_initiator_nonce = xmalloc(fin->nonce_length);
if (fin->dh_initiator_nonce == NULL) {
- return PTS_INTERNAL_ERROR;
+ ERROR("no memory");
+ return PTS_FATAL;
}
/* set random */
*/
int calcDhFin(OPENPTS_NONCE *ctx) {
BIGNUM *pub_key;
- PTS_IF_M_DH_Nonce_Finish *fin = ctx->fin;
+ PTS_IF_M_DH_Nonce_Finish *fin;
// DEBUG("calcDhFin at Respondor\n");
// printHex("fin->dh_initiator_nonce :",fin->dh_initiator_nonce,fin->nonce_length,"\n");
// printHex("fin->dh_initiator_public:",fin->dh_initiator_public,ctx->pubkey_length,"\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ fin = ctx->fin;
+ if (fin == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* initiator nonce */
ctx->initiator_nonce_length = fin->nonce_length;
ctx->initiator_nonce = fin->dh_initiator_nonce;
// verifier.c
void global_lock(int type);
int getDefaultConfigfile(OPENPTS_CONFIG *conf);
+// log.c
/* Well defined return values that can be interpreted by the GUI */
#define RETVAL_OK_TRUSTED 0
char *ptsc_conf = NULL;
initCatalog();
+ setSyslogCommandName("openpts");
/* args */
+ /* verbose level */
while ((opt = getopt(argc, argv, "givruDVc:dfuyl:p:P:C:h")) != -1) {
switch (opt) {
case 'i':
cmdline_hostname = argv[0];
+
/* check */
if ((ptsc_path != NULL) && (ptsc_conf != NULL)) {
int len;
/* default command is to verify */
if (command == NONE) command = VERIFY;
-
+#if 0 // 2011-12-28 controlled by conf
/* Log */
setLogLocation(OPENPTS_LOG_CONSOLE, NULL);
#ifdef OPENPTS_DEBUG
DEBUG("verbose mode : 1");
}
#endif
+#endif // 0
+ /* Set logging (location,filename) by ENV */
+ determineLogLocationByEnv();
+
+ // TODO lock and config management should be integrated
/* global locks solve concurrency issues */
if (command == VERIFY || command == DISPLAY) {
global_lock(F_RDLCK);
}
/* check/create config file - HOME./openpts/openpts.conf */
+ /* Also load logging setting */
if (config_filename == NULL) {
/* use default config file, HOME./openpts/openpts.conf */
- DEBUG("Config file : HOME./openpts/openpts.conf (system default config file)\n");
rc = getDefaultConfigfile(conf);
} else {
/* use given config file */
- DEBUG("read conf file : %s\n", config_filename);
rc = readOpenptsConf(conf, config_filename);
}
if (rc != PTS_SUCCESS) {
goto out_free;
}
- DEBUG("VERBOSITY (%d), DEBUG mode (0x%x)\n", getVerbosity(), getDebugFlags());
+ // setLogLocation(OPENPTS_LOG_CONSOLE, NULL);
+
+ VERBOSE(1, NLS(MS_OPENPTS, OPENPTS_VERIFIER_CONFIG_FILE,
+ "Config file : %s\n"), conf->config_file);
+ VERBOSE(1, NLS(MS_OPENPTS, OPENPTS_VERIFIER_VERBOSITY,
+ "Verbosity : %d\n"), getVerbosity());
+ VERBOSE(1, NLS(MS_OPENPTS, OPENPTS_VERIFIER_DEBUG_OUT,
+ "Logging location : %s\n"), getLogLocationString());
+ VERBOSE(1, NLS(MS_OPENPTS, OPENPTS_VERIFIER_DEBUG_MODE,
+ "Logging(debig) mode : 0x%x\n"), getDebugFlags());
/* we always need the target list */
rc = getTargetList(conf, conf->config_dir);
* Free policy chain
*/
int freePolicyChain(OPENPTS_POLICY *pol) {
+ /* check */
if (pol == NULL) {
- return PTS_INTERNAL_ERROR;
+ ERROR("null input");
+ return PTS_FATAL;
}
+ /* chain */
if (pol->next != NULL) {
freePolicyChain(pol->next);
}
OPENPTS_POLICY *pol;
int line = 0;
- /* open */
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ /* open */
if ((fp = fopen(filename, "r")) == NULL) {
- fprintf(stderr, NLS(MS_OPENPTS, OPENPTS_POLICY_FILE_OPEN_FAILED,
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_POLICY_FILE_OPEN_FAILED,
"Failed to open policy file '%s'\n"), filename);
return -1;
}
/* new */
pol = xmalloc(sizeof(OPENPTS_POLICY));
if (pol == NULL) {
- ERROR("no mem");
+ ERROR("no memory");
cnt = -1; // return -1;
goto error;
}
int unknown = 0;
int invalid = 0;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
pol = ctx->policy_start;
if (pol == NULL) {
/* no policy to check */
+ DEBUG("There is no policy to check with. => Unknown");
return OPENPTS_RESULT_UNKNOWN;
}
/* if any invalid exist */
if (invalid > 0) {
+ DEBUG("Check policy => Invalid");
return OPENPTS_RESULT_INVALID;
}
/* if any unknown exist */
if (unknown > 0) {
+ DEBUG("Check policy => Unknown");
return OPENPTS_RESULT_UNKNOWN;
}
+ DEBUG("Check policy => Valid");
return OPENPTS_RESULT_VALID;
}
char *proc_value;
char *status;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
pol = ctx->policy_start;
+ if (pol == NULL) {
+ /* no policy to print */
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_PRINT_POLICY_NULL,
+ "There is no policy to print."));
+ return PTS_SUCCESS;
+ }
OUTPUT(NLS(MS_OPENPTS, OPENPTS_PRINT_POLICY,
" id "
}
/* print */
-#if 0
- OUTPUT("%5d %-25s %-13s\n",
- pol->num,
- pol->name, pol->value);
-#else
OUTPUT("%5d %-35s %-28s %-28s %-10s\n",
pol->num,
pol->name, pol->value,
proc_value, status);
-#endif
pol = pol->next;
}
OPENPTS_PROPERTY * newProperty(char *name, char *value) {
OPENPTS_PROPERTY *prop;
+ /* check */
+ if (name == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ if (value == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
prop = (OPENPTS_PROPERTY *) xmalloc(sizeof(OPENPTS_PROPERTY));
if (prop == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(prop, 0, sizeof(OPENPTS_PROPERTY));
prop->name = smalloc_assert(name);
+ if (prop->name == NULL) {
+ ERROR("no memory");
+ return NULL;
+ }
prop->value = smalloc_assert(value);
+ if (prop->value == NULL) {
+ ERROR("no memory");
+ return NULL;
+ }
return prop;
}
void freeProperty(OPENPTS_PROPERTY *prop) {
/* check */
if (prop == NULL) {
+ ERROR("null input");
return;
}
- // DEBUG("freeProperty() - free - name=%s, value=%s\n",prop->name, prop->value);
-
xfree(prop->name);
xfree(prop->value);
xfree(prop);
* Free Property Chain
*/
int freePropertyChain(OPENPTS_PROPERTY *prop) {
- // int rc;
-
- // DEBUG("freePropertyChain() - \n");
if (prop == NULL) {
/* end of chain */
- // DEBUG("freePropertyChain() - end \n");
- return PTS_INTERNAL_ERROR; // TODO
+ return PTS_SUCCESS;
}
if (prop->next != NULL) {
- // DEBUG("freePropertyChain() - goto next \n");
freePropertyChain(prop->next);
}
- // DEBUG("freePropertyChain() - free \n");
+ /* free one */
freeProperty(prop);
return PTS_SUCCESS;
/* check */
if (name == NULL) {
- ERROR("getProperty(NULL), bad call");
+ ERROR("null input");
return NULL;
}
/* look for the prop with name */
prop = ctx->prop_start;
while (prop != NULL) {
- // ERROR("getProperty - [%s] 1\n", prop->name);
if (prop->name == NULL) {
ERROR("getProperty(%s) fail, bad property entry exist", name);
return NULL;
prop = (OPENPTS_PROPERTY *) prop->next;
}
+ // MISS
return NULL;
}
OPENPTS_PROPERTY *end;
OPENPTS_PROPERTY *prop;
- // DEBUG("addProperty - [%s] [%s]\n", name, value);
-
start = ctx->prop_start;
end = ctx->prop_end;
/* malloc new prop */
prop = newProperty(name, value);
if (prop == NULL) {
- return PTS_INTERNAL_ERROR;
+ ERROR("newProperty() fail");
+ return PTS_FATAL;
}
/* update the chain */
/* 1st prop */
/* update the link */
ctx->prop_start = prop;
- ctx->prop_end = prop;
- prop->next = NULL;
+ ctx->prop_end = prop;
+ prop->next = NULL;
ctx->prop_count = 0;
} else {
/* update the link */
end->next = prop;
ctx->prop_end = prop;
- prop->next = NULL;
+ prop->next = NULL;
}
+ /* inc count */
ctx->prop_count++;
- // DEBUG("addProperty - done %d [%s] [%s]\n", ctx->prop_count, prop->name, prop->value);
-
return PTS_SUCCESS;
}
/**
- * set property
+ * set/update property
*/
int setProperty(OPENPTS_CONTEXT *ctx, char *name, char *value) {
OPENPTS_PROPERTY *hit;
- // DEBUG("updateProperty - [%s] [%s]\n", name, value);
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (name == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (value == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* check existing prop */
hit = getProperty(ctx, name);
if (hit == NULL) {
- /* name miss? create new prop */
- // DEBUG("updateProperty() - miss name=%s, value=%s\n", name, value);
+ /* missing name, create new prop */
addProperty(ctx, name, value);
} else {
- /* name hit? update the value */
- // DEBUG("updateProperty() - TBD\n");
+ /* hit, update the value */
xfree(hit->value);
hit->value = smalloc_assert(value);
- // memcpy(hit->value, value, strlen(value) + 1); // TODO size
}
- return 0;
-}
-
-/**
- * TODO depricated - remove
- */
-int updateProperty(OPENPTS_CONTEXT *ctx, char *name, char *value) {
- return setProperty(ctx, name, value);
+ return PTS_SUCCESS;
}
/**
int rc = PTS_SUCCESS;
/* check */
- ASSERT(NULL != ctx, "setEventProperty - ctx is NULL\n");
- ASSERT(NULL != name, "setEventProperty - name is NULL\n");
- ASSERT(NULL != value, "setEventProperty - value is NULL\n");
-
-
- // DEBUG("setEventProperty - [%s] [%s]\n", name, value);
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (name == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (value == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
-#if 1
+ /* X = valid */
if (!strcmp(value, "valid")) {
setProperty(ctx, name, value);
return rc;
}
-
-
-
+ /* X = digest = base64(digest) */
if (!strcmp(value, "digest")) {
/* if value = digest, base64 -> set digest as value */
char *buf;
int buf_len;
- /* check */
+ /* check, missing event */
if (eventWrapper == NULL) {
- DEBUG("setEventProperty() - eventWrapper is NULL\n");
- return 0; // PTS_INTERNAL_ERROR;
+ ERROR("setEventProperty() - eventWrapper is NULL\n");
+ return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ }
+ if (eventWrapper->event == NULL) {
+ ERROR("setEventProperty() - event is NULL\n");
+ return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ }
+ if (eventWrapper->event->rgbPcrValue == NULL) {
+ ERROR("setEventProperty() - rgbPcrValue is NULL\n");
+ return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
}
buf = encodeBase64(
ERROR("encodeBase64 fail");
return PTS_FATAL;
}
- setProperty(ctx, name, buf); // TODO
+ rc = setProperty(ctx, name, buf);
free(buf);
- } else if (!strcmp(value, "eventdata")) {
+
+ if (rc != PTS_SUCCESS) {
+ ERROR("setProperty() fail");
+ return PTS_FATAL;
+ }
+ return rc;
+ }
+
+ /* X = eventdata = base64(eventdata) */
+ if (!strcmp(value, "eventdata")) {
+ /* */
TSS_PCR_EVENT *event;
- char * str;
- /* check */
+
+ /* check, missing event */
if (eventWrapper == NULL) {
- TODO("setEventProperty() - eventWrapper is NULL\n");
- return 0; // PTS_INTERNAL_ERROR;
+ ERROR("setEventProperty() - eventWrapper is NULL\n");
+ return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
}
-
- /* get String */
event = eventWrapper->event;
- str = snmalloc((char*)event->rgbEvent, event->ulEventLength);
- if (str == NULL) {
+ if (event == NULL) {
+ ERROR("setEventProperty() - event is NULL\n");
+ return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ }
+ if (event->ulEventLength > 0) {
+ char * str;
+ if (event->rgbEvent == NULL) {
+ ERROR("setEventProperty() - rgbEvent is NULL\n");
+ return PTS_FATAL; // 0; // PTS_INTERNAL_ERROR;
+ }
+ /* get String */
+
+ str = snmalloc((char*)event->rgbEvent, event->ulEventLength);
+ if (str == NULL) {
+ ERROR("no memory");
+ return PTS_INTERNAL_ERROR;
+ }
+ xfree(str);
+ rc = setProperty(ctx, name, str); // TODO 2011-02-03 SM implement
+ if (rc != PTS_SUCCESS) {
+ ERROR("setProperty() fail");
+ return PTS_FATAL;
+ }
+ return rc;
+ } else {
+ ERROR("missing rgbEvent");
return PTS_INTERNAL_ERROR;
}
- setProperty(ctx, name, str); // TODO 2011-02-03 SM implement
- xfree(str);
// NULL
- } else if (!strcmp(value, "notexist")) {
- setProperty(ctx, name, value); // TODO
- // NULL
- } else {
- setProperty(ctx, name, value);
- // ERROR("unknown value [%s] [%s]\n",name, value);
- // return -1;
}
-#endif
+ if (!strcmp(value, "notexist")) {
+ rc = setProperty(ctx, name, value); // TODO
+ if (rc != PTS_SUCCESS) {
+ ERROR("setProperty() fail");
+ return PTS_FATAL;
+ }
+ return rc;
+ }
+ /* others */
+ rc = setProperty(ctx, name, value);
+ if (rc != PTS_SUCCESS) {
+ ERROR("setProperty() fail");
+ return PTS_FATAL;
+ }
return rc;
}
int rc = OPENPTS_FSM_ERROR;
OPENPTS_PROPERTY* prop;
- ASSERT(NULL != ctx, "validateProperty - ctx is NULL\n");
- ASSERT(NULL != name, "validateProperty - name is NULL\n");
- ASSERT(NULL != value, "validateProperty - value is NULL\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (name == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (value == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* trim */
// trim(value);
rc = OPENPTS_FSM_SUCCESS;
} else {
/* Miss */
-
/* if value = base64 -> BHV model => value -> BIN model */
if (!strcmp(value, "base64")) {
// DEBUG("Update BIN-FSM %s=%s\n", name, prop->value);
int i = 0;
prop = ctx->prop_start;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+
+ /* print out */
OUTPUT(NLS(MS_OPENPTS, OPENPTS_PRINT_PROPS, "Properties name-value\n"));
while (prop != NULL) {
OUTPUT("%5d %s=%s\n", i, prop->name, prop->value);
OPENPTS_PROPERTY *prop;
int i = 0;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* open */
if ((fp = fopen(filename, "w")) == NULL) {
ERROR("File %s open was failed\n", filename);
return PTS_INTERNAL_ERROR;
}
int addPropertiesFromConfig(OPENPTS_CONFIG *conf, OPENPTS_CONTEXT *ctx) {
+
+ /* check */
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* additional properties from the pts config file */
if (conf->iml_maxcount > 0) {
char buf[32];
OPENPTS_PROPERTY *end = NULL;
/**
- * collector daemon
+ * collector
*
* TODO support single connection.
* TODO for multiple conenction, multiple ctxs are required.
break;
}
- INFO("IF-M read type = 0x%X, len %d\n",
+ DEBUG_IFM("IF-M read type = 0x%X, len %d\n",
read_tlv->type,
read_tlv->length);
rc = writePtsTlv(
ctx, STDOUT_FILENO, NEW_RIMM_SET);
if (rc < 0) {
- ERROR("Send NEW_RIMM_SET answer failed - quit");
+ /* this will fail if NEW RM is missing */
+ DEBUG_IFM("Send NEW_RIMM_SET answer failed - quit");
terminate = 1;
}
}
break;
case VERIFICATION_RESULT:
/* no responce */
- INFO("IF-M VERIFICATION_RESULT => terminate\n");
+ DEBUG_IFM("IF-M VERIFICATION_RESULT => terminate\n");
DEBUG_IFM("finish\n");
terminate = 1; // TODO add TERMINATE MSG
break;
#endif
#define LOCK_FILE LOCK_DIR "ptsc.lock"
+/**
+ * lock ptsc
+ */
void ptsc_lock(void) {
int fd, oldmask, oldgrp = 0;
struct group *grpent = NULL;
oldmask = umask(0);
if (mkdir(LOCK_DIR, 0775) < 0 && errno != EEXIST) {
- perror(LOCK_DIR);
+ ERROR("mkdir(%s) fail", LOCK_DIR);
exit(1);
}
if (grpent) {
}
fd = open(LOCK_FILE, O_RDWR | O_CREAT | O_TRUNC, 0660);
if (fd < 0) {
- perror(LOCK_FILE);
+ ERROR("open(%s) fail", LOCK_DIR);
exit(1);
}
umask(oldmask);
if (lockf(fd, F_LOCK, 0) < 0) {
- perror(LOCK_FILE);
+ ERROR("lockf(%s) fail", LOCK_DIR);
exit(1);
}
if (buf != NULL) xfree(buf);
}
+/**
+ * Prepare privileges
+ */
static int preparePriv() {
int rc = PTS_SUCCESS;
struct group *ptsc_grp = NULL;
rc = getgrnam_r(PTSC_GROUP_NAME, &grp, buf, buf_len, &ptsc_grp);
if (rc != 0) {
- ERROR("getgrnam_r");
+ ERROR("getgrnam_r(%s) fail", PTSC_GROUP_NAME);
rc = PTS_FATAL;
goto free;
}
}
/* set GID */
- // rc = setgid(ptsc_grp->gr_gid);
rc = setgid(grp.gr_gid);
if (rc < 0) {
// TODO do not need for IF-M access (read only)
- ERROR("Switching group (gid=%d) fail. %s\n", grp.gr_gid, strerror(errno));
+ INFO("Switching group (gid=%d) fail. %s\n", grp.gr_gid, strerror(errno));
// TODO 20110927 FAIL
rc = PTS_FATAL;
goto free;
}
#endif
+ initCatalog();
+ setSyslogCommandName("ptsc");
+
/* command option */
while ((c = getopt(argc, argv, "ic:uUefDtsmvP:Rzh")) != EOF) {
switch (c) {
argc -= optind;
argv += optind;
+ /* Verbose & Logging */
if (command == COMMAND_IFM) {
+ /* Set IF-M log location, syslog or file(for DEBUG) */
setLogLocation(OPENPTS_LOG_SYSLOG, NULL);
+ // setVerbosity(0); // no console out
} else {
- setLogLocation(OPENPTS_LOG_CONSOLE, NULL);
- }
-
- initCatalog();
-
- // TODO chgrp
- rc = preparePriv();
- if (rc != PTS_SUCCESS) {
- ERROR("preparePriv fail\n");
+ /* Set logging (location,filename) by ENV */
+ determineLogLocationByEnv();
+ //setLogLocation(OPENPTS_LOG_CONSOLE, NULL);
+ // TODO chgrp
+ rc = preparePriv();
+ if (rc != PTS_SUCCESS) {
+ INFO("preparePriv fail\n");
+ }
}
conf = newPtsConfig();
return -1;
}
-
- /* DEBUG level, 1,2,3 */
-#ifdef OPENPTS_DEBUG
- setDebugFlags(DEBUG_FLAG | DEBUG_FSM_FLAG | DEBUG_IFM_FLAG);
-#else
+//#if 0 // TODO Renew in v0.2.6
+// /* DEBUG level, 1,2,3 */
+//#ifdef OPENPTS_DEBUG
+// setDebugFlags(DEBUG_FLAG | DEBUG_FSM_FLAG | DEBUG_IFM_FLAG);
+//#else
/* set the DEBUG level, 1,2,3 */
if (getVerbosity() > 2) {
setDebugFlags(DEBUG_FLAG | DEBUG_IFM_FLAG | DEBUG_FSM_FLAG | DEBUG_CAL_FLAG );
} else if (getVerbosity() > 0) {
setDebugFlags(DEBUG_FLAG);
}
-#endif
+//#endif
+//#endif
DEBUG("VERBOSITY (%d), DEBUG mode (0x%x)\n", getVerbosity(), getDebugFlags());
+ /* lock */
ptsc_lock();
-
-
/* load config, /etc/ptsc.conf */
if (config_filename == NULL) {
// this goto stdout and bad with "-m"
}
}
+ /* PTSC IF-M DEBUG MODE */
+ // TODO SET BY CONF
+
/* Check initialization */
if (command != COMMAND_INIT) {
/* initilized? */
rc = selftest(conf, prop_num, start, end);
if (rc == OPENPTS_SELFTEST_SUCCESS) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_SUCCESS, "selftest - OK\n"));
+ INFO("selftest - OK\n");
} else if (rc == OPENPTS_SELFTEST_RENEWED) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_RENEWED, "selftest - Renewed\n"));
+ INFO("selftest - Renewed\n");
} else if (rc == OPENPTS_SELFTEST_FALLBACK) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_FALLBACK, "selftest - fallback\n"));
+ INFO("selftest - fallback\n");
} else if (rc == OPENPTS_SELFTEST_FAILED) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_FAIL, "selftest - fail\n"));
+ INFO("selftest - fail\n");
} else {
ERROR("TBD\n");
}
rc = selftest(conf, prop_num, start, end);
if (rc == OPENPTS_SELFTEST_SUCCESS) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_SUCCESS, "selftest - OK\n"));
+ INFO("selftest - OK\n");
/* timestamp */
extendEvCollectorStart(conf); // collector.c
} else if (rc == OPENPTS_SELFTEST_RENEWED) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_RENEWED, "selftest - Renewed\n"));
+ INFO("selftest - Renewed\n");
/* timestamp */
extendEvCollectorStart(conf);
} else if (rc == OPENPTS_SELFTEST_FALLBACK) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_FALLBACK, "selftest - fallback\n"));
+ INFO("selftest - fallback\n");
/* timestamp */
extendEvCollectorStart(conf);
} else if (rc == OPENPTS_SELFTEST_FAILED) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_FAIL, "selftest - fail\n"));
+ INFO("selftest - fail\n");
if (conf->autoupdate == 1) {
ERROR("selftest failed, trying to generate a new manifest\n");
/* del RM_UUID */
if (rc != PTS_SUCCESS) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_UPDATE_RM_FAIL,
"Failed to generated a reference manifest\n"));
+ INFO("Failed to generated a reference manifest\n");
goto free;
}
rc = selftest(conf, prop_num, start, end);
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_SUCCESS, "selftest - OK\n"));
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_UPDATE_RM_SUCCESS,
"Successfully generated the reference manifest\n"));
+ INFO("selftest - OK\n");
+ INFO("Successfully generated the reference manifest\n");
} else if (rc == OPENPTS_SELFTEST_RENEWED) {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_RENEWED, "selftest - Renewed\n"));
+ INFO("selftest - Renewed\n");
} else {
ERROR("TBD\n");
}
} else {
OUTPUT(NLS(MS_OPENPTS, OPENPTS_COLLECTOR_UPDATE_RM_WONT,
"selftest failed, keeping existing manifests as requested by configuration\n"));
+ INFO("selftest failed, keeping existing manifests as requested by configuration\n");
}
} else {
ERROR("TBD\n");
void freeReason(OPENPTS_REASON *reason) {
/* check */
if (reason == NULL) {
+ ERROR("null input");
return;
}
+ /* free */
xfree(reason->message);
xfree(reason);
* Free Reason Chain
*/
int freeReasonChain(OPENPTS_REASON *reason) {
+ /* check */
if (reason == NULL) {
- return PTS_INTERNAL_ERROR;
+ ERROR("null input");
+ return PTS_FATAL;
}
+ /* chain */
if (reason->next != NULL) {
freeReasonChain(reason->next);
}
// DEBUG("addReason - [%s]\n", message);
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
len = strlen(message);
start = ctx->reason_start;
reason = (OPENPTS_REASON *) xmalloc(sizeof(OPENPTS_REASON));
if (reason == NULL) {
- ERROR("");
- return -1;
+ ERROR("no memory");
+ return PTS_FATAL;
}
memset(reason, 0, sizeof(OPENPTS_REASON));
}
reason->pcr = pcr;
reason->message = xmalloc(len +1);
+ if (reason->message == NULL) {
+ ERROR("no memory");
+ xfree(reason);
+ return PTS_FATAL;
+ }
memcpy(reason->message, message, len);
reason->message[len] = 0;
ctx->reason_count++;
// DEBUG("addReason - done %d [%s]\n", ctx->reason_count, reason->message);
- return 0;
+ return PTS_SUCCESS;
}
/**
va_list list;
va_start(list, format);
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
vsnprintf(buf, MAX_REASON_SIZE, format, list);
rc = addReason_old(ctx, pcr, (char *)buf);
return rc;
}
+/**
+ * PCR Usage HINT for each platform.
+ * TODO supply them by Conf.
+ */
#ifdef AIX_TARGET
char *reason_pcr_hints[] = {
"IBM Partition Firmware Images",
NULL, /* PCR9 Unused */
"Trusted Execution Database"
};
-#else
+#else // TPM v1.2, PC Linux, TODO add other type of platform?
char *reason_pcr_hints[] = {
- NULL
+ "CRTM, BIOS and Platform Extensions",
+ "Platform Configuration",
+ "Option ROM Code",
+ "Option ROM Configuration and Data",
+ "IPL Code (usually the MBR)",
+ "IPL Code Configuration and Data (for use by the IPL code)",
+ "State Transition and Wake Events",
+ "Host Platform Manufacturer Control", // v1.1"Reserved for future usage. Do not use.",
+ "OS Kernels (GRUB-IMA)",
+ NULL, /* PCR9 Unused */
+ "Applications (LINUX-IMA)", /* PCR10 */
+ "OpenPTS", /* PCR11 */
+ NULL, /* PCR12 Unused */
+ NULL, /* PCR13 Unused */
+ NULL, /* PCR14 Unused */
+ NULL, /* PCR15 Unused */
+ "Debug", /* PCR16 */
+ "Associated with the D-CRTM (Locality 4)", /* PCR17 */
+ "Host Platform defined (locality 3)", /* PCR18 */
+ "Trusted Operating System (locality 2)", /* PCR19 */
+ "Used by Trusted Operating System (locality 1)", /* PCR20 */
+ "Used by Trusted Operating System", /* PCR21 */
+ "Used by Trusted Operating System", /* PCR22 */
+ "Application Support", /* PCR23 */
};
#endif
void printReason(OPENPTS_CONTEXT *ctx, int print_pcr_hints) {
OPENPTS_REASON *reason;
unsigned int i = 0, pcrmask = 0;
+
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
reason = ctx->reason_start;
while (reason != NULL) {
i++;
}
if (print_pcr_hints) {
- for (i = 0; i < sizeof(reason_pcr_hints) / sizeof(char *); i++) {
- if (!(pcrmask & (1 << i)) || reason_pcr_hints[i] == NULL)
- continue;
- OUTPUT("PCR%02d corresponds to: %s\n", i, reason_pcr_hints[i]);
- }
+ for (i = 0; i < sizeof(reason_pcr_hints) / sizeof(char *); i++) {
+ if (!(pcrmask & (1 << i)) || reason_pcr_hints[i] == NULL) continue;
+ OUTPUT("PCR%02d corresponds to: %s\n", i, reason_pcr_hints[i]);
+ }
}
}
* \brief Reference Manifest (RM)
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-07-20 SM
+ * cleanup 2011-12-31 SM
*
* IML + Model -> RM
*
#include <libxml/parser.h>
#include <openpts.h>
-// #include <log.h>
-
/**
* New RM context
ctx = (OPENPTS_RM_CONTEXT *) xmalloc(sizeof(OPENPTS_RM_CONTEXT));
if (ctx == NULL) {
+ ERROR("no memory");
return NULL;
}
* Free RM Context
*/
void freeRmContext(OPENPTS_RM_CONTEXT *ctx) {
+ /* check */
if (ctx == NULL) {
+ ERROR("null input");
return;
}
int level) {
OPENPTS_CONFIG *conf = ctx->conf;
+ /* check */
+ if (writer == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (id == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* XMl */
if (xmlTextWriterStartElement(writer, BAD_CAST "core:ComponentID") < 0)
goto error;
if (xmlTextWriterEndElement(writer) < 0) // ComponentID
goto error;
- return 0;
+ DEBUG_FSM("writeCoreComponentID - done\n");
+ return PTS_SUCCESS;
error:
- return -1;
+ ERROR("writeCoreComponentID - internal error\n");
+ return PTS_INTERNAL_ERROR;
}
/**
int algtype,
char *id,
TSS_PCR_EVENT * event) {
- int rc = 0;
+ /* check */
+ if (writer == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (id == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (event == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* XML */
if (xmlTextWriterStartElement(writer,
BAD_CAST "core:Values") < 0)
goto error;
if (xmlTextWriterEndElement(writer) < 0) // core:Values
goto error;
- return 0;
+ DEBUG_FSM("writeCoreValues - done\n");
+ return PTS_SUCCESS;
+
error:
- return rc;
+ ERROR("writeCoreValues() internal error");
+ return PTS_INTERNAL_ERROR;
}
/**
int rc = 0;
int j;
char id[BUF_SIZE];
- int algtype = 0; // SHA1;
+ int algtype = 0; // TODO SHA1;
OPENPTS_FSM_CONTEXT *fsm_binary;
OPENPTS_PCR_EVENT_WRAPPER *eventWrapper;
DEBUG_FSM("writeCoreValues - start, PCR[%d]\n", ss->pcrIndex);
- /* Events at PCR[index] & Snapshot */
+ /* check */
+ if (writer == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (ss == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ /* Events at PCR[index] & Snapshot */
eventWrapper = ss->start;
- fsm_binary = ss->fsm_binary;
-
if (eventWrapper == NULL) {
ERROR("writeAllCoreValues() - ERROR: eventWrapper is NULL\n");
- return -1; // TODO(munetoh)
+ return PTS_FATAL;
}
+ fsm_binary = ss->fsm_binary;
- //////////////////////////////////////////////////////////////////////
- // verbose = DEBUG_FLAG | DEBUG_FSM_FLAG;
- // DEBUG("SM DEBUG FORCE START\n");
- // Why link was broken?
- // printFsmModel(fsm_binary);
-
+ /* write */
for (j = 0; j < ss->event_num; j++) {
DEBUG_FSM("writeAllCoreValues - PCR[%d] event %d/%d\n", ss->pcrIndex, j + 1, ss->event_num);
if (eventWrapper == NULL) {
ERROR("writeAllCoreValues() - eventWrapper is NULL, pcr[%d], event_num = %d count = %d\n",
ss->pcrIndex, ss->event_num, j);
- return -1;
+ return PTS_FATAL;
}
event = eventWrapper->event;
if (event == NULL) {
ERROR("writeAllCoreValues() - Event is missing\n");
- return -1;
+ return PTS_FATAL;
}
// link was set by getIml, BHV-FSM
DEBUG("%02x", event->rgbPcrValue[i]);
DEBUG("\n");
}
- return -1;
+ return PTS_FATAL;
}
bin_trans = bhv_trans->link; // BHV keeps the link to BIN
- if (bin_trans == NULL) {
+ if (bin_trans == NULL) { // TODO old
UINT32 i;
- ERROR("writeAllCoreValues() - BIN Trans is missing\n");
+ ERROR("writeAllCoreValues() - BIN Trans is missing");
ERROR("\tat the event: pcrindex=%d, eventype=%d, digest=",
event->ulPcrIndex, event->eventType);
for (i = 0;i < event->ulPcrValueLength; i++)
ERROR("%02x", event->rgbPcrValue[i]);
- ERROR("\n");
- return -1;
+ return PTS_FATAL;
}
-/*
-ERROR Missing BIN Trans link why?
-
-ctx->transition_num = 4
- current state condition type(hex) condition digest next state
- 0 Start , ,PCR3_START
- 1 EV_SEPARATOR_3 , ,BIOS_Verified
- 2 BIOS_Verified , ,Final
- 3 PCR3_START type==0x00000004, ,EV_SEPARATOR_3
-DEBUG rm.c:169 writeAllCoreValues - PCR[3] event 1/1
-ERROR rm.c:188 BIN Trans is missing
- pcrindex=3, eventype=4, digest=d9be6524a5f5047db5866813acf3277892a7a30a
-ERROR rm.c:838 writeRm failed, bad IML or FSM
-
-*/
-
if (isDebugFlagSet(DEBUG_FSM_FLAG)) {
DEBUG_FSM("writeAllCoreValues\n");
DEBUG("\teventype=%d", event->eventType);
if (bin_trans->source_subvertex == bin_trans->target_subvertex) {
DEBUG_FSM("LOOP, base64->real digest\n");
rc = insertFsmNew(fsm_binary, bin_trans, eventWrapper);
+ if (rc != PTS_SUCCESS) {
+ ERROR("insertFsmNew() fail");
+ goto error;
+ }
} else {
DEBUG_FSM("Single, base64->real digest\n");
/* change the flag */
}
rc = writeCoreValues(writer, algtype, id, event);
+ if (rc != PTS_SUCCESS) {
+ ERROR("writeCoreValues() fail");
+ goto error;
+ }
}
} else { // NULL?
ERROR("ERROR no trans\n");
+ rc = PTS_INTERNAL_ERROR;
goto error;
}
eventWrapper = eventWrapper->next_pcr;
}
- // Why link was broken?
- // printFsmModel(fsm_binary);
-
- // DEBUG("SM DEBUG FORCE END\n");
- // verbose = 0;
-
- goto done;
-
+ DEBUG_FSM("writeCoreValues - done\n");
+ return PTS_SUCCESS;
error:
- ERROR("ERROR\n");
-
- done:
- DEBUG_FSM("writeCoreValues - done, rc=%d\n", rc);
+ ERROR("writeCoreValues ERROR\n");
- return rc;
+ return PTS_INTERNAL_ERROR;
}
/**
*/
int writeFsmSubvertex(xmlTextWriterPtr writer,
OPENPTS_FSM_Subvertex * sub) {
- int rc = 0;
DEBUG_CAL("writeFsmSubvertex - start\n");
+ /* check */
+ if (writer == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (sub == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* subvertex - start */
if (xmlTextWriterStartElement(writer,
BAD_CAST "subvertex") < 0) goto error;
/* subvertex - end */
if (xmlTextWriterEndElement(writer) < 0) goto error;
+ DEBUG_FSM("writeFsmSubvertex - done\n");
+ return PTS_SUCCESS;
+
error:
- return rc;
+ ERROR("writeFsmSubvertex() internal error");
+ return PTS_INTERNAL_ERROR;
}
*/
int writeFsmTransition(xmlTextWriterPtr writer,
OPENPTS_FSM_Transition * trans) {
- int rc = 0;
char buf[BUF_SIZE];
DEBUG_CAL("writeFsmTransition - start\n");
+ /* check */
+ if (writer == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (trans == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* XML */
if (xmlTextWriterStartElement(writer,
BAD_CAST "transition") < 0) goto error;
- // 2011-02-14 SM remove
- // if (xmlTextWriterWriteAttribute(writer,
- // BAD_CAST "xmi:type", BAD_CAST "uml:State") < 0) goto error;
-
- // TODO(munetoh) get from original UML
- // if (xmlTextWriterWriteAttribute(writer,
- // BAD_CAST "xmi:id", BAD_CAST trans->id ) < 0) goto error;
-
if (xmlTextWriterWriteAttribute(writer,
BAD_CAST "source", BAD_CAST trans->source) < 0) goto error;
goto error;
}
-
if (xmlTextWriterEndElement(writer) < 0) goto error; // body
if (xmlTextWriterEndElement(writer) < 0) goto error; // specification
if (xmlTextWriterEndElement(writer) < 0) goto error; // ownedRule
if (xmlTextWriterEndElement(writer) < 0) goto error; // transition
+ DEBUG_FSM("writeFsmTransition - done\n");
+ return PTS_SUCCESS;
+
error:
- return rc;
+ ERROR("writeFsmTransition() internal error");
+ return PTS_INTERNAL_ERROR;
}
/**
</packagedElement>
</uml:Model>
*/
-
-
-
int writeFsmModel(xmlTextWriterPtr writer, OPENPTS_FSM_CONTEXT * fsm) {
- int rc =0;
+ //int rc =0;
char id[BUF_SIZE];
OPENPTS_FSM_Subvertex *sub;
OPENPTS_FSM_Transition *trans;
DEBUG_FSM("writeFsmModel - start\n");
+ /* check */
+ if (writer == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (fsm == NULL) {
- ERROR("writeFsmModel - FSM is NULL\n");
- return -1;
+ ERROR("writeFsmModel - FSM is NULL");
+ return PTS_FATAL;
}
+ /* XML */
snprintf(id, sizeof(id), "TBD");
if (xmlTextWriterStartElement(writer,
BAD_CAST "uml:Model") < 0)
if (xmlTextWriterEndElement(writer) < 0) goto error; // uml:Model
DEBUG_FSM("writeFsmModel - done\n");
+ return PTS_SUCCESS;
error:
- return rc;
+ ERROR("writeFsmModel() internal error");
+ return PTS_INTERNAL_ERROR;
}
/**
DEBUG_FSM("writeValidationModel - start\n");
+ /* check */
+ if (writer == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (ss == NULL) {
ERROR("writeValidationModel - OPENPTS_SNAPSHOT is NULL\n");
- return -1; // TODO(munetoh)
+ return PTS_FATAL;
}
+ /* XML */
if (xmlTextWriterStartElement(writer, BAD_CAST "ValidationModel") < 0) {
- rc = -1;
goto error;
}
snprintf(buf, sizeof(buf), "%d", ss->pcrIndex);
if (xmlTextWriterWriteAttribute(writer,
BAD_CAST "pcrindex", BAD_CAST buf) < 0) {
- rc = -1;
goto error;
}
snprintf(buf, sizeof(buf), "%d", ss->level);
if (xmlTextWriterWriteAttribute(writer,
BAD_CAST "snapshot_level", BAD_CAST buf) < 0) {
- rc = -1;
goto error;
}
rc = writeFsmModel(writer, ss->fsm_binary);
if (rc < 0) {
ERROR("writeValidationModel() pcr=%d BIN-FSM is NULL\n", ss->pcrIndex);
- return -1; // TODO(munetoh)
+ goto error;
}
/* Close the element named "ValidationModel". */
if (xmlTextWriterEndElement(writer) < 0) // ValidationModel
goto error;
+ DEBUG_FSM("writeValidationModel - done\n");
+ return PTS_SUCCESS;
+
error:
- return rc;
+ ERROR("writeValidationModel() internal error");
+ return PTS_INTERNAL_ERROR;
}
/**
DEBUG_FSM("writeCoreAssertionInfo - start\n");
+ /* check */
+ if (writer == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+ /* XML */
if (xmlTextWriterStartElement(writer, BAD_CAST "core:AssertionInfo") < 0)
goto error;
rc = writeValidationModel(writer, ss);
if (rc < 0) {
ERROR("writeCoreAssertionInfo() - pcr=%d, level=%d\n", i, level);
- rc = -1;
goto error;
}
}
goto error;
DEBUG_FSM("writeCoreAssertionInfo - done\n");
+ return PTS_SUCCESS;
error:
- return rc;
+ ERROR("writeCoreAssertionInfo() internal error");
+ return PTS_INTERNAL_ERROR;
}
int writeRm(OPENPTS_CONTEXT * ctx, const char *file, int level) {
int rc = 0;
int i;
- // int j;
xmlTextWriterPtr writer;
xmlBufferPtr buf;
PTS_UUID *ir_uuid = NULL;
char *str_ir_uuid = NULL;
char id[BUF_SIZE];
OPENPTS_SNAPSHOT *ss = NULL;
-
FILE *fp;
DEBUG("writeRm - start, snapshot level = %d\n", level);
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (file == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+
/* Create a new XML buffer */
buf = xmlBufferCreate();
if (buf == NULL) {
}
#ifdef INDENT_XML
- /* indent the XML :-) */
- rc = xmlTextWriterSetIndent(writer, 1);
+ /* indent the XML :-) */
+ rc = xmlTextWriterSetIndent(writer, 1); // libxml2
+ if (rc < 0) {
+ ERROR("Error at xmlTextWriterSetIndent\n");
+ rc = PTS_INTERNAL_ERROR;
+ goto free;
+ }
#endif
/* Start the document */
/* update Binary FSM using IML */
rc = writeAllCoreValues(writer, ss);
- if (rc < 0) {
+ if (rc != PTS_SUCCESS) {
// WORK NEEDED: Please use NLS for i18n
+ ERROR("writeAllCoreValues() fail");
addReason(ctx, i,
"[RM] The manifest generation was failed at pcr=%d, level=%d", i, level);
addReason(ctx, i,
// BHV-FSM is general FSM.
// single FSM supports various (BIOS) implementations.
rc = cleanupFsm(ss->fsm_binary);
- if (rc < 0) {
+ if (rc != PTS_SUCCESS) {
ERROR("writeRm() - bad IML or FSM at pcr=%d, level=%d\n", i, level);
rc = PTS_INTERNAL_ERROR;
goto free;
/* add FSMs */
rc = writeCoreAssertionInfo(writer, ctx, level);
- if (rc < 0) {
+ if (rc != PTS_SUCCESS) {
ERROR("writeRm - ERROR file %s\n", file);
rc = PTS_INTERNAL_ERROR;
goto free;
snprintf(id, sizeof(id), "COMPID_%s", str_ir_uuid);
rc = writeCoreComponentID(writer, id, ctx, level);
- if (rc < 0) {
+ if (rc != PTS_SUCCESS) {
ERROR("writeRm - ERROR file %s\n", file);
rc = PTS_INTERNAL_ERROR;
goto free;
}
/* Close all elements */
- rc = xmlTextWriterEndDocument(writer);
+ rc = xmlTextWriterEndDocument(writer); // libxml2
if (rc < 0) {
ERROR("testXmlwriterMemory: Error at xmlTextWriterEndDocument\n");
rc = PTS_INTERNAL_ERROR;
goto free;
}
- rc = xmlTextWriterFlush(writer);
+ rc = xmlTextWriterFlush(writer); // libxml2
if (rc < 0) {
ERROR("writeRm: Error at xmlTextWriterFlush\n");
rc = PTS_INTERNAL_ERROR;
if (fprintf(fp, "%s", (const char *) buf->content) <= 0) {
ERROR("Failed to write to file %s\n", file);
- rc = PTS_INTERNAL_ERROR; // 0
+ rc = PTS_INTERNAL_ERROR;
} else {
- rc = PTS_SUCCESS; // 0
+ rc = PTS_SUCCESS;
}
fclose(fp);
- rc = PTS_SUCCESS; // 0
+ rc = PTS_SUCCESS;
free:
xfree(ir_uuid);
error:
xmlBufferFree(buf);
- DEBUG("writeRm - done\n");
-
+ if (rc != PTS_SUCCESS) {
+ ERROR("writeRm - fail");
+ } else {
+ DEBUG_FSM("writeRm - done\n");
+ }
return rc;
}
* SAX parser
*/
void rmStartDocument(void * ctx) {
- OPENPTS_CONTEXT * pctx = (OPENPTS_CONTEXT *)ctx;
- OPENPTS_RM_CONTEXT *rm_ctx = pctx->rm_ctx;
+ OPENPTS_CONTEXT * pctx;
+ OPENPTS_RM_CONTEXT *rm_ctx;
DEBUG_SAX("rmStartDocument\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ pctx = (OPENPTS_CONTEXT *)ctx;
+ if (pctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ rm_ctx = pctx->rm_ctx;
+ if (rm_ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+
+ /* */
rm_ctx->sax_error = 0;
rm_ctx->sax_state = RM_SAX_STATE_IDLE;
}
char *type;
char *value;
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (name == NULL) {
+ ERROR("null input");
+ return;
+ }
+
+ /* XML */
if (!strcmp((char *)name, "Rimm")) {
// TODO(munetoh)
} else if (!strcmp((char *)name, "core:Values")) {
* SAX parser
*/
void rmEndElement(void * ctx, const xmlChar * name) {
- OPENPTS_CONTEXT * pctx = (OPENPTS_CONTEXT *)ctx;
- OPENPTS_RM_CONTEXT * rm_ctx = pctx->rm_ctx;
+ OPENPTS_CONTEXT * pctx;
+ OPENPTS_RM_CONTEXT * rm_ctx;
+ /* check*/
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (name == NULL) {
+ ERROR("null input");
+ return;
+ }
+ pctx = (OPENPTS_CONTEXT *)ctx;
+ if (pctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ rm_ctx = pctx->rm_ctx;
+ if (rm_ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ /* XML */
if (!strcmp((char *)name, "stuff:Objects")) {
// ir_ctx->sax_eventIndex++;
} else if (!strcmp((char *)name, "subvertex")) {
* SAX parser
*/
void rmCharacters(void* ctx, const xmlChar * ch, int len) {
- OPENPTS_CONTEXT * pctx = (OPENPTS_CONTEXT *)ctx;
- OPENPTS_RM_CONTEXT * rm_ctx = pctx->rm_ctx;
-
- // int rc;
+ OPENPTS_CONTEXT * pctx;
+ OPENPTS_RM_CONTEXT * rm_ctx;
char buf[RM_SAX_BUF_SIZE];
+
+ /* check*/
+ if (ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (ch == NULL) {
+ ERROR("null input");
+ return;
+ }
+ pctx = (OPENPTS_CONTEXT *)ctx;
+ if (pctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+ rm_ctx = pctx->rm_ctx;
+ if (rm_ctx == NULL) {
+ ERROR("null input");
+ return;
+ }
+
+ /* XML */
if (len < RM_SAX_BUF_SIZE) {
memcpy(buf, ch, len);
buf[len] = 0;
DEBUG_CAL("readRmFile - start\n");
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* new snapshot table */
if (ctx->ss_table == NULL) {
/* missing, create new table */
int rc = PTS_SUCCESS;
int i;
+ /* check*/
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
if (conf->rm_basedir != NULL) {
struct stat st;
char buf[BUF_SIZE];
int rc = PTS_SUCCESS;
int i;
+ /* check*/
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
if (conf->rm_basedir != NULL) {
struct stat st;
// int i;
int rc = PTS_SUCCESS;
int i;
+ /* check*/
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
if (conf->rm_basedir != NULL) {
// struct stat st;
char buf[BUF_SIZE];
int rc = PTS_SUCCESS;
int i;
+ /* check*/
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
if (conf->rm_basedir != NULL) {
char buf[BUF_SIZE];
ss = (OPENPTS_SNAPSHOT*) xmalloc(sizeof(OPENPTS_SNAPSHOT)); // leaked
if (ss == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(ss, 0, sizeof(OPENPTS_SNAPSHOT));
* return 0:success, -1:error
*/
int freeSnapshot(OPENPTS_SNAPSHOT * ss) {
- ASSERT(NULL != ss, "freeSnapshot - ss is NULL\n");
+
+ /* check */
+ if (ss == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* Event Wrapper Chain - free */
if (ss->start != NULL) {
sst = (OPENPTS_SNAPSHOT_TABLE *) xmalloc(sizeof(OPENPTS_SNAPSHOT_TABLE)); // leaked
if (sst == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(sst, 0, sizeof(OPENPTS_SNAPSHOT_TABLE));
int freeSnapshotTable(OPENPTS_SNAPSHOT_TABLE * sst) {
int i, j;
+ /* check */
if (sst == NULL) {
- /* ignore */
- DEBUG(" OPENPTS_SNAPSHOT_TABLE was NULL\n");
- return PTS_INTERNAL_ERROR;
+ ERROR(" OPENPTS_SNAPSHOT_TABLE was NULL\n");
+ return PTS_FATAL;
}
for (i = 0; i < MAX_PCRNUM; i++) {
*/
int addSnapshotToTable(OPENPTS_SNAPSHOT_TABLE * sst, OPENPTS_SNAPSHOT * ss, int pcr_index, int level) {
/* check 1 */
- ASSERT(NULL != sst, "addSnapshotToTable - sst is NULL\n");
- ASSERT(NULL != ss, "addSnapshotToTable - ss is NULL\n");
+ if (sst == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (ss == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if ((pcr_index < 0) || (MAX_PCRNUM <= pcr_index )) {
ERROR("bad PCR index, %d\n", pcr_index);
/* check 2 */
if (sst->snapshot[pcr_index][level] != NULL) {
- ERROR("snapshot[%d][%d]\n", pcr_index, level);
+ ERROR("snapshot[%d][%d] already exist", pcr_index, level);
return PTS_INTERNAL_ERROR;
}
/**
* Get snapshot from the table
- *
+ * Return
+ * *SNAPSHOT - Hit
+ * NULL - missing
*/
OPENPTS_SNAPSHOT *getSnapshotFromTable(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index, int level) {
/* check 1 */
- ASSERT(NULL != sst, "getSnapshotFromTable - sst is NULL\n");
+ if (sst == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
if ((pcr_index < 0) || (MAX_PCRNUM <= pcr_index)) {
ERROR("getSnapshotFromTable() - bad PCR index, %d\n", pcr_index);
/* check 2 */
if (sst->snapshot[pcr_index][level] == NULL) {
- // DEBUG("getSnapshotFromTable() - snapshot[%d][%d] is missing\n",pcr_index, level);
+ // DEBUG("sst->snapshot[%d][%d] is null", pcr_index, level);
return NULL;
}
- // DEBUG("getSnapshotFromTable() - pcr=%d level=%d\n",pcr_index, level);
-
return sst->snapshot[pcr_index][level];
}
*/
OPENPTS_SNAPSHOT *getNewSnapshotFromTable(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index, int level) {
/* check 1 */
- ASSERT(NULL != sst, "getNewSnapshotFromTable - sst is NULL\n");
+ if (sst == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
if ((pcr_index < 0) || (MAX_PCRNUM <= pcr_index)) {
ERROR("getSnapshotFromTable() - bad PCR index, %d\n", pcr_index);
sst->snapshot[pcr_index][level]->pcrIndex = pcr_index;
sst->snapshot[pcr_index][level]->level = level;
} else {
- TODO("getNewSnapshotFromTable() - SS pcr=%d,level=%d already exist\n", pcr_index, level);
+ ERROR("getNewSnapshotFromTable() - SS pcr=%d,level=%d already exist\n", pcr_index, level);
return NULL;
}
OPENPTS_SNAPSHOT *getActiveSnapshotFromTable(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index) {
int level;
/* check 1 */
- ASSERT(NULL != sst, "getActiveSnapshotFromTable - sst is NULL\n");
+ if (sst == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
if ((pcr_index < 0) || (MAX_PCRNUM <= pcr_index)) {
ERROR("getSnapshotFromTable() - bad PCR index, %d\n", pcr_index);
*/
int setActiveSnapshotLevel(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index, int level) {
/* check */
- ASSERT(NULL != sst, "setActiveSnapshotLevel - sst is NULL\n");
+ if (sst == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if ((pcr_index < 0) || (MAX_PCRNUM <= pcr_index)) {
ERROR("setActiveSnapshotLevel() - bad PCR index, %d\n", pcr_index);
*/
int incActiveSnapshotLevel(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index) {
/* check */
- ASSERT(NULL != sst, "incActiveSnapshotLevel - sst is NULL\n");
+ if (sst == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if ((pcr_index < 0) || (MAX_PCRNUM <= pcr_index)) {
ERROR("bad PCR index, %d\n", pcr_index);
/**
* Get active level at snapshot[pcr_index]
+ * Error -1
*/
int getActiveSnapshotLevel(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index) {
/* check */
- ASSERT(NULL != sst, "incActiveSnapshotLevel - sst is NULL\n");
+ if (sst == NULL) {
+ ERROR("null input");
+ return -1;
+ }
if ((pcr_index < 0) || (MAX_PCRNUM <= pcr_index)) {
ERROR("bad PCR index, %d\n", pcr_index);
* @author Olivier Valentin <olivier.valentin@us.ibm.com>
* @author Alexandre Ratchov <alexandre.ratchov@bull.net>
* @date 2010-03-31
- * cleanup 2011-04-26 SM
+ * cleanup 2011-12-31 SM
*
*/
#include <sys/socket.h>
#include <openpts.h>
-// #include <log.h>
/* chanegd by unit test */
char *ptsc_command = "/usr/sbin/ptsc -m";
pid_t pid;
int socket_pair[2]; // socket[1] is the SSH side
+ /* check */
+ if (host == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+
+ /* socket */
if (socketpair(AF_UNIX, SOCK_STREAM, 0, socket_pair) == -1) {
- ERROR("socketpair()");
+ ERROR("socketpair() fail");
goto err;
}
if ((pid = fork()) == -1) {
- ERROR("fork()");
+ ERROR("fork() fail");
goto err_close;
}
}
arguments[arg_idx++] = host;
arguments[arg_idx++] = ptsc_command;
- // arguments[arg_idx++] = "ptsc";
- // arguments[arg_idx++] = "-m";
#if 0
/* Sync verbose level between verifier and collector? */
// {
#endif
arguments[arg_idx++] = NULL;
-DEBUG("ptsc_command %s\n", ptsc_command);
+ DEBUG("ptsc_command %s\n", ptsc_command);
execvp("ssh", arguments);
ERROR("execvp(ssh)");
uint64_t t1 = 0;
uint64_t t2 = 0;
+ /* check */
+ if (time1 == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+ if (time2 == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+
t1 += time1->year;
t1 = t1 << 16;
t1 += time1->mon;
struct stat buffer;
#endif
+ /* check */
+ if (entry == NULL) {
+ ERROR("null input");
+ return 0;
+ }
+
/* skip . .. dirs */
if (0 == strcmp(".", entry->d_name)) return 0;
if (0 == strcmp("..", entry->d_name)) return 0;
// printf("Show RMs by UUID\n");
// printf("config dir : %s\n", config_dir);
+ /* check */
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (config_dir == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
/* move to config dir */
if ((chdir(conf->config_dir)) != 0) {
fprintf(stderr, "Accessing config directory %s\n", conf->config_dir);
int rc;
char buf[BUF_SIZE];
+ /* check */
+ if (dir == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
+
// DEBUG("rm -r %s\n", dir);
snprintf(buf, BUF_SIZE, "rm -r %s\n", dir);
rc = system(buf);
int rc;
int rc2 = PTS_SUCCESS;
+ /* check */
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (conf->rmsets == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
num = conf->rmsets->rmset_num;
/* scan */
int num = 0;
/* check */
- ASSERT(NULL != conf, " conf is NULL");
- ASSERT(NULL != conf->rmsets, " conf->rmsets is NULL");
+ if (conf == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (conf->rmsets == NULL) {
+ ERROR("null input");
+ return;
+ }
num = conf->rmsets->rmset_num;
OUTPUT(NLS(MS_OPENPTS, OPENPTS_PRINT_RM_LIST_HEADER, "%s ID UUID date(UTC) status\n"), indent);
OUTPUT("%s %s\n", indent, SEP_LINE);
-
/* Print */
for (cnt = 0; cnt < num; cnt++) {
rmset = &conf->rmsets->rmset[cnt];
DEBUG("getTargetList() : %s\n", config_dir);
/* check */
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (config_dir == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (conf->target_list != NULL) {
- ERROR("conf->target_list exist\n");
+ DEBUG("conf->target_list exist\n");
}
/* move to config dir */
int num = 0;
/* check */
- ASSERT(NULL != conf, "getTargetConfDir() - conf is NULL\n");
-
+ if (conf == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
if (conf->hostname == NULL) {
- ERROR("getTargetConfDir() - conf->hostname is NULL\n");
+ ERROR("null input");
return NULL;
}
if (conf->target_list == NULL) {
- ERROR("getTargetConfDir() - conf->target_list is NULL\n");
+ ERROR("null input");
return NULL;
}
/* check */
if (conf == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ if (conf->hostname == NULL) {
+ ERROR("null hostname");
return NULL;
}
if (conf->target_list == NULL) {
+ DEBUG("null target_list");
return NULL;
}
OPENPTS_TARGET *target;
int num = 0;
+ /* check */
+ if (conf == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ if (conf->target_list == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+ if (uuid == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
num = conf->target_list->target_num;
/* loop */
char * str_uuid = "N/A";
int num = 0;
+ /* check */
+ if (conf == NULL) {
+ ERROR("null input");
+ return;
+ }
+ if (conf->target_list == NULL) {
+ ERROR("null input");
+ return;
+ }
+
num = conf->target_list->target_num;
if (num == 0) {
* \brief emulate TPM
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-04-01
- * cleanup 2011-01-21 SM
+ * cleanup 2011-12-31 SM
*
* Emulate TPM to validate IML and PCR
*/
#include <openssl/sha.h>
#include <openpts.h>
-// #include <log.h>
/* TPM functions */
DEBUG_TPM("tpm.c - RESET (POR)\n");
+ /* check */
if (tctx == NULL) {
ERROR("ERROR TPM_CONTEXT is NULL");
return -1;
DEBUG_TPM("tpm.c - RESET (POR)\n");
- // iml = (IML *) xmalloc(sizeof(IML) * MAX_PCRNUM);
return 0;
}
DEBUG_TPM("resetTpmPcr - RESET just one PCR %d\n", index);
+ /* check */
if (tctx == NULL) {
ERROR("ERROR TPM_CONTEXT is NULL");
return -1;
*/
int isZero(BYTE * digest) {
int i;
+
+ /* check */
+ if (digest == NULL) {
+ ERROR("null input");
+ return -1;
+ }
+
+ /* is zero? */
for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
if (digest[i] != 0 ) return 0;
}
*/
void setFF(BYTE * digest) {
int i;
+
+ /* check */
+ if (digest == NULL) {
+ ERROR("null input");
+ return;
+ }
+
+ /* set FF... */
for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
digest[i] = 0xff;
}
int index;
BYTE * digest;
+ /* check */
if (tctx == NULL) {
ERROR("TPM_CONTEXT is NULL\n");
- return -1;
+ return PTS_FATAL;
}
-
if (event == NULL) {
ERROR("TSS_PCR_EVENT is NULL\n");
- return -1;
+ return PTS_FATAL;
}
- index = event->ulPcrIndex;
digest = event->rgbPcrValue;
-
if (digest == NULL) {
ERROR("event->rgbPcrValue is NULL\n");
- return -1;
+ return PTS_FATAL;
}
+ index = event->ulPcrIndex;
if (index >= MAX_PCRNUM) {
- ERROR("BAD PCR INDEX %d\n", index);
- return -1;
+ ERROR("BAD PCR INDEX %d >= %d\n", index, MAX_PCRNUM);
+ return PTS_INTERNAL_ERROR;
}
if (index < 0) {
- ERROR("ERROR BAD PCR INDEX %d\n", index);
- return -1;
+ ERROR("ERROR BAD PCR INDEX %d < 0\n", index);
+ return PTS_INTERNAL_ERROR;
}
if (index == 10) { // Linux-IML, 0000... -> FFFF...
OUTPUT("\n");
}
- // if (verbose>0) printf("extendTpm - done \n");
-
- return 0; // TODO(munetoh)
+ return PTS_SUCCESS;
}
/**
int extendTpm2(OPENPTS_TPM_CONTEXT *tctx, int index, BYTE * digest) {
SHA_CTX ctx;
- if (index >= MAX_PCRNUM)
- return -1;
+ /* check */
+ if (tctx == NULL) {
+ ERROR("TPM_CONTEXT is NULL\n");
+ return PTS_FATAL;
+ }
+ if (digest == NULL) {
+ ERROR("null input\n");
+ return PTS_FATAL;
+ }
+
+ if (index >= MAX_PCRNUM) {
+ ERROR("BAD pcr index, %d >= %d", index, MAX_PCRNUM);
+ return PTS_INTERNAL_ERROR;
+ }
// TODO(munetoh)
if (index == 10) { // Linux-IML, 0000... -> FFFF...
OUTPUT("\n");
}
- return 0; // TODO(munetoh)
+ return PTS_SUCCESS;
}
/**
*/
int checkTpmPcr2(OPENPTS_TPM_CONTEXT *tctx, int index, BYTE * digest) {
int i;
+
+ /* check */
+ if (tctx == NULL) {
+ ERROR("TPM_CONTEXT is NULL\n");
+ return PTS_FATAL;
+ }
+
for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
- if (tctx->pcr[index][i] != digest[i]) return -1;
+ if (tctx->pcr[index][i] != digest[i]) return PTS_INTERNAL_ERROR; // TODO
}
- return 0;
+ return PTS_SUCCESS;
}
/**
DEBUG_FSM("tpm.c - pprint pcrs\n");
+ /* check */
if (tctx == NULL) {
- ERROR("TPM_CONTEXT is NULL");
- return -1;
+ ERROR("TPM_CONTEXT is NULL\n");
+ return PTS_FATAL;
}
for (i = 0; i < MAX_PCRNUM; i++) {
OUTPUT("\n");
}
- // iml = (IML *) xmalloc(sizeof(IML) * MAX_PCRNUM);
- return 0;
+ return PTS_SUCCESS;
}
/**
* get TPM PCR value
*/
int getTpmPcrValue(OPENPTS_TPM_CONTEXT *tpm, int index, BYTE *digest) {
- int rc =0;
int j;
DEBUG_CAL("getTpmPcrValue - pcr[%d]\n", index);
+ /* check */
+ if (tpm == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
if (digest == NULL) {
- ERROR("null \n");
- return -1;
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (index >= MAX_PCRNUM) {
+ ERROR("BAD PCR INDEX %d >= %d\n", index, MAX_PCRNUM);
+ return PTS_INTERNAL_ERROR;
+ }
+ if (index < 0) {
+ ERROR("ERROR BAD PCR INDEX %d < 0\n", index);
+ return PTS_INTERNAL_ERROR;
}
+ /* copy */
for (j = 0; j < SHA1_DIGEST_SIZE; j++) {
digest[j]=tpm->pcr[index][j];
}
DEBUG_CAL("getTpmPcrValue - done\n");
- return rc;
+ return PTS_SUCCESS;
}
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-08-18
* refactoring 2011-02-15 SM
- * cleanup 2011-10-07 SM
+ * cleanup 2011-12-31 SM
*
* Create Sign Key
* Create AIK
/**
* List Keys
+ *
+ * TODO Somehow TSS display SRK only TSS_PS_TYPE_SYSTEM
*/
int printTssKeyList(int ps_type) {
TSS_RESULT result = 0;
TSS_HCONTEXT hContext;
UINT32 ulKeyHierarchySize;
- // BYTE *buf;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
int i;
TSS_KM_KEYINFO *info = NULL;
&SRK_UUID,
&ulKeyHierarchySize,
&info);
- if (result != TSS_SUCCESS) {
+ if (result == 0x3020) { // TSS_E_PS_KEY_NOTFOUND
+ OUTPUT(NLS(MS_OPENPTS, OPENPTS_TPM_TSS_KEY_NOTFOUND,
+ "The key cannot be found in the persistent storage database.\n"));
+ goto close;
+ } else if (result != TSS_SUCCESS) {
ERROR("Tspi_Context_GetRegisteredKeysByUUID failed rc=0x%x\n",
result);
goto close;
OUTPUT(NLS(MS_OPENPTS, OPENPTS_TPM_TSS_KEY_NUM, "Key number: %d\n"), ulKeyHierarchySize);
for (i = 0; i < (int)ulKeyHierarchySize; i++) {
- OUTPUT(NLS(MS_OPENPTS, OPENPTS_TPM_TSS_KEY, "Key %d\n"), i);
+ //OUTPUT(NLS(MS_OPENPTS, OPENPTS_TPM_TSS_KEY, "Key %d\n"), i);
+ OUTPUT("id : %d\n", i);
+ OUTPUT("version : %d %d %d %d\n",
+ info->versionInfo.bMajor,
+ info->versionInfo.bMinor,
+ info->versionInfo.bRevMajor,
+ info->versionInfo.bRevMinor); // TSS_VERSION
+ OUTPUT("UUID : %08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x\n",
+ info->keyUUID.ulTimeLow,
+ info->keyUUID.usTimeMid,
+ info->keyUUID.usTimeHigh,
+ info->keyUUID.bClockSeqHigh,
+ info->keyUUID.bClockSeqLow,
+ info->keyUUID.rgbNode[0],
+ info->keyUUID.rgbNode[1],
+ info->keyUUID.rgbNode[2],
+ info->keyUUID.rgbNode[3],
+ info->keyUUID.rgbNode[4],
+ info->keyUUID.rgbNode[5]); // TSS_UUID
info = info + 1;
}
int i;
TSS_UUID tss_uuid;
+ /* check */
+ if ((key_storage_type == OPENPTS_AIK_STORAGE_TYPE_TSS) && (uuid == NULL)) {
+ ERROR("null input");
+ return TSS_E_BAD_PARAMETER; // TSS ERROR_CODE
+ }
+ if ((key_storage_type == OPENPTS_AIK_STORAGE_TYPE_BLOB) && (filename == NULL)) {
+ ERROR("null input");
+ return TSS_E_BAD_PARAMETER; // TSS ERROR_CODE
+ }
+
/* Open TSS */
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
/* UUID */
memcpy(&tss_uuid, uuid, sizeof(TSS_UUID));
-
-
if (auth_type == OPENPTS_AIK_AUTH_TYPE_COMMON) {
-TODO("auth_type == OPENPTS_AIK_AUTH_TYPE_COMMON");
+ DEBUG("auth_type == OPENPTS_AIK_AUTH_TYPE_COMMON");
/* Create New Key object */
result = Tspi_Context_CreateObject(
hContext,
}
} else {
/* Create New Key object */
-TODO("auth_type != OPENPTS_AIK_AUTH_TYPE_COMMON");
+ DEBUG("auth_type != OPENPTS_AIK_AUTH_TYPE_COMMON");
result = Tspi_Context_CreateObject(
hContext,
TSS_OBJECT_TYPE_RSAKEY,
return result;
}
+
+
/**
* Create AIK
*/
int createAIK() {
TODO("createAIK - TBD\n");
- return -1;
+ return TSS_E_FAIL;
}
/**
- * delete TSS key
+ * delete TSS key (UUID)
+ * BLOB => just delete the file
*/
int deleteTssKey(PTS_UUID *uuid, int ps_type) {
TSS_RESULT result = 0;
TSS_HKEY hKey;
TSS_UUID tss_uuid;
+ /* check */
+ if (uuid == NULL) {
+ ERROR("null input");
+ return TSS_E_BAD_PARAMETER; // TSS ERROR_CODE
+ }
+
/* Open TSS */
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
*/
int getTssPubKey(
PTS_UUID *uuid,
- int ps_type,
+ int key_storage_type, // int ps_type,
int srk_password_mode,
int resetdalock,
char *filename,
int auth_type,
- int *pubkey_length, BYTE **pubkey) {
+ int *pubkey_length, BYTE **pubkey)
+{
TSS_RESULT result = 0;
TSS_HCONTEXT hContext;
TSS_HKEY hKey;
int srk_auth_len = 0;
TSS_HPOLICY hKeyPolicy;
+ /* check */
+ if ((key_storage_type == OPENPTS_AIK_STORAGE_TYPE_TSS) && (uuid == NULL)) {
+ ERROR("null input");
+ return TSS_E_BAD_PARAMETER; // TSS ERROR_CODE
+ }
+ if ((key_storage_type == OPENPTS_AIK_STORAGE_TYPE_BLOB) && (filename == NULL)) {
+ ERROR("null input");
+ return TSS_E_BAD_PARAMETER; // TSS ERROR_CODE
+ }
+
if (resetdalock == 1) {
// 2011-03-03 SM WEC TPM locks well.
// TSS_TPMSTATUS_RESETLOCK is read only. no way to get this FLAG before 0x803 Error? :-(
// TODO resetDaLock
/* Load AIK or Sign key */
- if (ps_type == OPENPTS_AIK_STORAGE_TYPE_BLOB) {
+ if (key_storage_type == OPENPTS_AIK_STORAGE_TYPE_BLOB) {
/* Blob file */
FILE *fp;
BYTE blob[KEY_BLOB_SIZE];
/* TSS PS*/
result = Tspi_Context_LoadKeyByUUID(
hContext,
- (UINT32) ps_type, // TSS_PS_TYPE_SYSTEM,
+ TSS_PS_TYPE_SYSTEM, //(UINT32) ps_type, // ,
tss_uuid,
&hKey);
if (result == 0x803) {
goto close;
}
-//<<<<<<< HEAD
-//
-// /* Set Policy */
-// result = Tspi_Policy_SetSecret(
-// hKeyPolicy,
-// TSS_SECRET_MODE_PLAIN,
-// 0, // ""
-// key_auth);
-// if (result != TSS_SUCCESS) {
-// ERROR("Tspi_Policy_SetSecret failed rc=0x%x\n",
-// result);
-// goto close;
-//=======
if (auth_type == OPENPTS_AIK_AUTH_TYPE_COMMON) {
/* Set Policy - Dummy Secret */
// 2011-11-26 Munetoh - This fail with Infineon TPM(v1.2)
result);
goto close;
}
-//>>>>>>> 042e40b0979f3e44e75200271e4d1282ce08f72c
}
/* get pubkey */
UINT32 data_len;
BYTE *data;
+ /* check */
+ if (version == NULL) {
+ ERROR("null input");
+ return TSS_E_BAD_PARAMETER; // TSS ERROR_CODE
+ }
+
/* Connect to TCSD */
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
int quoteTss(
/* Key */
PTS_UUID *uuid,
- int ps_type,
+ int key_storage_type,
int srk_password_mode,
char *filename,
int auth_type,
/* Load AIK or Sign key */
- if (ps_type == OPENPTS_AIK_STORAGE_TYPE_BLOB) {
+ if (key_storage_type == OPENPTS_AIK_STORAGE_TYPE_BLOB) {
/* Blob file */
FILE *fp;
BYTE blob[KEY_BLOB_SIZE];
}
} else {
/* load from TSS's PS */
- result = Tspi_Context_LoadKeyByUUID(hContext,
- (UINT32) ps_type, // TSS_PS_TYPE_SYSTEM,
- tss_uuid,
- &hKey);
+ result = Tspi_Context_LoadKeyByUUID(
+ hContext,
+ TSS_PS_TYPE_SYSTEM, //(UINT32) ps_type, // TSS_PS_TYPE_SYSTEM,
+ tss_uuid,
+ &hKey);
if (result != TSS_SUCCESS) {
ERROR("Tspi_Context_LoadKeyByUUID (Key) failed rc=0x%x\n", result);
debugHex("\t\tUUID", (BYTE*)&tss_uuid, 16, "\n");
goto close;
}
-//<<<<<<< HEAD
-// /* Set Policy */
-// result = Tspi_Policy_SetSecret(
-// hKeyPolicy,
-// TSS_SECRET_MODE_PLAIN,
-// 0, // ""
-// key_auth);
-// if (result != TSS_SUCCESS) {
-// ERROR("Tspi_Policy_SetSecret failed rc=0x%x\n",
-// result);
-// goto close;
-//=======
if (auth_type == OPENPTS_AIK_AUTH_TYPE_COMMON) {
/* Set Policy - Dummy Secret */
// 2011-11-26 Munetoh - This fail with Infineon TPM(v1.2)
result);
goto close;
}
-//>>>>>>> 042e40b0979f3e44e75200271e4d1282ce08f72c
}
/* Setup (copy) Validation Data Structure */
int quote2Tss(
/* Key */
PTS_UUID *uuid,
- int ps_type,
+ int key_storage_type,
int srk_password_mode,
char *filename,
int auth_type,
/* PCR selection */
OPENPTS_PCRS *pcrs,
/* Output */
- TSS_VALIDATION *validationData) {
+ TSS_VALIDATION *validationData)
+{
TSS_RESULT result;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
/* Load AIK or Sign key */
- if (ps_type == OPENPTS_AIK_STORAGE_TYPE_BLOB) {
+ if (key_storage_type == OPENPTS_AIK_STORAGE_TYPE_BLOB) {
/* Blob file */
FILE *fp;
BYTE blob[KEY_BLOB_SIZE];
}
} else {
/* load from TSS's PS */
- result = Tspi_Context_LoadKeyByUUID(hContext,
- (UINT32) ps_type, // TSS_PS_TYPE_SYSTEM,
- tss_uuid,
- &hKey);
+ result = Tspi_Context_LoadKeyByUUID(
+ hContext,
+ TSS_PS_TYPE_SYSTEM, //(UINT32) ps_type, // TSS_PS_TYPE_SYSTEM,
+ tss_uuid,
+ &hKey);
if (result != TSS_SUCCESS) {
ERROR("Tspi_Context_LoadKeyByUUID (Key) failed rc=0x%x\n", result);
debugHex("\t\tUUID", (BYTE*)&tss_uuid, 16, "\n");
goto close;
}
-//<<<<<<< HEAD
-// /* Set Policy */
-// result = Tspi_Policy_SetSecret(
-// hKeyPolicy,
-// TSS_SECRET_MODE_PLAIN,
-// 0,
-// key_auth);
-// if (result != TSS_SUCCESS) {
-// ERROR("Tspi_Policy_SetSecret failed rc=0x%x\n",
-// result);
-// goto close;
-//=======
if (auth_type == OPENPTS_AIK_AUTH_TYPE_COMMON) {
/* Set Policy - Dummy Secret */
// 2011-11-26 Munetoh - This fail with Infineon TPM(v1.2)
result);
goto close;
}
-//>>>>>>> 042e40b0979f3e44e75200271e4d1282ce08f72c
}
/* Nonce -> rgbExternalData */
TSS_HTPM hTPM;
BYTE *buf;
+ /* check */
+ if (size <= 0) {
+ ERROR("bad size. %d", size);
+ return TSS_E_FAIL;
+ }
+ if (out == NULL) {
+ ERROR("null input");
+ return TSS_E_FAIL;
+ }
+
/* Connect to TCSD */
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
*
* OLD return 1: OK
*/
-int validateQuoteData(OPENPTS_PCRS *pcrs, TSS_VALIDATION *validationData) {
+int validateQuoteData(
+ OPENPTS_PCRS *pcrs,
+ TSS_VALIDATION *validationData)
+{
int rc = PTS_VERIFY_FAILED;
int message_length;
BYTE *message;
* PTS_VERIFY_FAILED
* PTS_INTERNAL_ERROR
*/
-int validatePcrCompositeV11(OPENPTS_PCRS *pcrs, TSS_VALIDATION *validationData) {
+int validatePcrCompositeV11(
+ OPENPTS_PCRS *pcrs,
+ TSS_VALIDATION *validationData)
+{
int rc = PTS_VERIFY_FAILED;
int i;
int buf_len;
* PTS_VERIFY_FAILED
* PTS_INTERNAL_ERROR
*/
-int validatePcrCompositeV12(OPENPTS_PCRS *pcrs, TSS_VALIDATION *validationData) {
+int validatePcrCompositeV12(
+ OPENPTS_PCRS *pcrs,
+ TSS_VALIDATION *validationData)
+{
int rc = PTS_VERIFY_FAILED;
int i;
int buf_len;
/**
* endElement of SAX parser
*/
-void uml2sax_endElement(void * fctx, const xmlChar * name) {
+void uml2sax_endElement(void * fctx, const xmlChar * name) {
OPENPTS_FSM_CONTEXT *ctx;
ctx = (OPENPTS_FSM_CONTEXT *)fctx;
* 20100928
* Eclipse MDT ">" => <, but stoped at <
* LinbML &lt;
+ * 20111228
+ * <body>eventtype==0x0d,digest==base64!,digest_count>=iml.ipl.count</body>
+ * [44] eventtype==0x0d,digest==base64!,digest_count
+ * Libxml stop at ">" :-(
+ * libxml2-2.7.6-1.el6.x86_64
+ * Use text notation (gt/ge/lt/le) instead of <,>
*/
-void uml2sax_characters(void* fctx, const xmlChar * ch, int len) {
+void uml2sax_characters(void* fctx, const xmlChar * ch, int len) {
OPENPTS_FSM_CONTEXT *ctx;
+ char buf[FSM_BUF_SIZE];
ctx = (OPENPTS_FSM_CONTEXT *)fctx;
- char buf[FSM_BUF_SIZE];
if (len < FSM_BUF_SIZE) {
memcpy(buf, ch, len);
buf[len]= 0;
uuid = xmalloc(sizeof(OPENPTS_UUID)); // BYTE[16]
if (uuid == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(uuid, 0, sizeof(OPENPTS_UUID));
OPENPTS_UUID *newOpenptsUuid2(PTS_UUID *pts_uuid) {
OPENPTS_UUID *uuid;
+ /* check */
+ if (pts_uuid == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
uuid = xmalloc(sizeof(OPENPTS_UUID)); // BYTE[16]
if (uuid == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(uuid, 0, sizeof(OPENPTS_UUID));
OPENPTS_UUID *uuid;
int rc;
+ /* check */
+ if (filename == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
uuid = newOpenptsUuid();
if (uuid == NULL) {
+ ERROR("no memory");
return NULL;
}
*/
int genOpenptsUuid(OPENPTS_UUID *uuid) {
/* check */
- ASSERT(NULL != uuid, "uuid is NULL\n");
+ if (uuid == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* check the status */
if (uuid->status == OPENPTS_UUID_EMPTY) {
/* check */
if (uuid == NULL) {
- ERROR("readOpenptsUuidFile() - uuid == NULL");
+ ERROR("null input");
return PTS_FATAL;
}
if (uuid->filename == NULL) {
- ERROR("\n");
+ ERROR("null input");
return PTS_FATAL;
}
/* check */
if (uuid == NULL) {
- ERROR("writeOpenptsUuidFile() - uuid == NULL\n");
- return PTS_INTERNAL_ERROR;
+ ERROR("null input");
+ return PTS_FATAL;
}
if (uuid->filename == NULL) {
- ERROR("writeOpenptsUuidFile() - uuid->filename == NULL\n");
- return PTS_INTERNAL_ERROR;
+ ERROR("null input\n");
+ return PTS_FATAL;
}
if ((uuid->status != OPENPTS_UUID_FILLED) && (uuid->status != OPENPTS_UUID_CHANGED)) {
ERROR("writeOpenptsUuidFile() - uuid->status = %d (!= FILLED or CHANGED)\n", uuid->status);
* \brief UUID wrapper (using libc UUIDs)
* @author Olivier Valentin <olivier.valentin@us.ibm.com>
* @date 2011-02-02
- * cleanup 2011-03-06 SM
+ * cleanup 2011-12-31 SM
*
*/
uuid = xmalloc(sizeof(PTS_UUID));
if (uuid == NULL) {
+ ERROR("no memory");
return NULL;
}
* free UUID
*/
void freeUuid(PTS_UUID *uuid) {
+ /* check */
+ if (uuid == NULL) {
+ ERROR("null input");
+ return;
+ }
+
xfree(uuid);
}
uuid_t uu;
unsigned32 status;
+ /* check */
+ if (str == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
uuid = xmalloc(sizeof(PTS_UUID));
if (uuid == NULL) {
+ ERROR("no memory");
return NULL;
}
memset(uuid, 0, UUIDSIZE);
char *str_uuid_backup;
unsigned32 status;
+ /* check */
+ if (uuid == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
str_uuid = xmalloc(UUID_STRLEN + 1);
if (str_uuid == NULL) {
+ ERROR("no memory");
return NULL;
}
* \brief UUID wrapper (libuuid part)
* @author Seiji Munetoh <munetoh@users.sourceforge.jp>
* @date 2010-11-29
- * cleanup 2011-10-07 SM
+ * cleanup 2011-12-31 SM
*
* Linux uses libuuid
*
uuid = xmalloc(sizeof(PTS_UUID)); // BYTE[16]
if (uuid == NULL) {
+ ERROR("no memory");
return NULL;
}
* free UUID
*/
void freeUuid(PTS_UUID *uuid) {
+ /* check */
+ if (uuid == NULL) {
+ ERROR("null input");
+ return;
+ }
+
xfree(uuid);
}
uuid_t uu;
int rc;
+ /* check */
+ if (str == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
rc = uuid_parse(str, uu);
if (rc != 0) {
- ERROR("getUuidFromString() - uuid_parse fail, rc=%d, UUID='%s'\n",
+ ERROR("getUuidFromString() - uuid_parse fail, rc=%d, UUID='%s'",
rc, str);
return NULL;
}
uuid = xmalloc(sizeof(PTS_UUID));
if (uuid == NULL) {
- ERROR("\n");
+ ERROR("no memory");
return NULL;
}
memcpy(uuid, uu, 16);
char *str_uuid;
uuid_t uu;
+ /* check */
+ if (uuid == NULL) {
+ ERROR("null input");
+ return NULL;
+ }
+
str_uuid = xmalloc(37);
if (str_uuid == NULL) {
+ ERROR("no memory");
return NULL;
}
pdt = xmalloc(sizeof(PTS_DateTime));
if (pdt == NULL) {
+ ERROR("no memory");
return NULL;
}
memcpy(pdt, &time, (9*4));
pdt = xmalloc(sizeof(PTS_DateTime));
if (pdt == NULL) {
+ ERROR("no memory");
return NULL;
}
memcpy(pdt, &ttm, (9*4));
char uuid_file[PATH_MAX];
char *homeDir = getenv("HOME");
+ /* check */
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
snprintf(dirpath, PATH_MAX, "%s/.openpts", homeDir);
snprintf(conf_file, PATH_MAX, "%s/.openpts/openpts.conf", homeDir);
snprintf(uuid_file, PATH_MAX, "%s/.openpts/uuid", homeDir);
*currentRmOutOfDate = 0;
*notifiedOfPendingRm = 0;
- /**/
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
- verifier_uuid = ctx->conf->uuid;
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ verifier_uuid = conf->uuid;
+ if (verifier_uuid == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* collector UUID */
if (ctx->collector_uuid != NULL) {
*/
int verifierHandleRimmSet(
OPENPTS_CONTEXT *ctx,
- BYTE *value) {
+ BYTE *value)
+{
int rc = PTS_SUCCESS;
OPENPTS_CONFIG *target_conf;
int i;
struct stat st;
char buf[BUF_SIZE];
-
-
int num;
int len;
/* check */
- ASSERT(NULL != ctx, "verifierHandleRimmSet() - ctx is NULL\n");
- ASSERT(NULL != ctx->target_conf, "verifierHandleRimmSet() - target_conf is NULL\n");
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
target_conf = ctx->target_conf;
-
- ASSERT(NULL != value, "verifierHandleRimmSet() - value is NULL\n");
+ if (target_conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (value == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* num */
num = getUint32(value);
DEBUG("writePolicyConf : %s\n", filename);
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
if ((fp = fopen(filename, "w")) == NULL) {
fprintf(stderr, NLS(MS_OPENPTS, OPENPTS_VERIFIER_OPEN_FAILED, "Failed to open policy file '%s'\n"), filename);
return -1;
DEBUG("writeAideIgnoreList : %s\n", filename);
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (filename == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+
if ((fp = fopen(filename, "w")) == NULL) {
fprintf(stderr, NLS(MS_OPENPTS, OPENPTS_VERIFIER_OPEN_FAILED_2,
"Failed to open AIDE ignore list '%s'\n"), filename);
int i;
/* check */
- ASSERT(NULL != ctx, "verifierHandleRimmSet() - ctx is NULL\n");
- ASSERT(NULL != ctx->target_conf, "verifierHandleRimmSet() - target_conf is NULL\n");
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
target_conf = ctx->target_conf;
-
- ASSERT(NULL != value, "verifierHandleRimmSet() - value is NULL\n");
+ if (target_conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
+ if (value == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* save IR to file */
if (length > 0) {
OPENPTS_IF_M_Capability *cap;
OPENPTS_TARGET *target;
- /* check */
- // TODO
-
DEBUG("enroll() - start, force = %d (1:overwite) --------------------------------------\n", force);
+ /* check */
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_INTERNAL_ERROR;
+ }
if (ctx->conf == NULL) {
- ERROR("ctx->conf\n");
+ ERROR("null input");
return PTS_INTERNAL_ERROR;
}
char *conf_dir,
int mode) {
const int MINIMUM_NONCE_LENGTH = 16;
- int rc = PTS_VERIFY_FAILED; /* guilty until proven innocent */
+ int rc = PTS_VERIFY_FAILED; /* guilty until proven innocent */
int result = OPENPTS_RESULT_INVALID;
int len;
/* sock */
/* TLV/PTS */
PTS_IF_M_Attribute *read_tlv = NULL;
OPENPTS_CONFIG *conf;
- // char * collector_dir = NULL;
- // char * rm_dir = NULL;
OPENPTS_IF_M_Capability *cap;
int notifiedOfPendingRm = 0;
int currentRmOutOfDate = 0;
DEBUG(" mode : %d (0:just verify, 1:update the policy)\n", mode);
/* check */
- ASSERT(ctx != NULL, "ctx is null\n");
- ASSERT(ctx->conf != NULL, "conf is null\n");
-
+ if (ctx == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
conf = ctx->conf;
+ if (conf == NULL) {
+ ERROR("null input");
+ return PTS_FATAL;
+ }
/* connect to the target collector */
ssh_pid = ssh_connect(host,
rc = PTS_INTERNAL_ERROR;
goto close;
} else if (read_tlv->type != INTEGRITY_REPORT) {
+ ERROR("read_tlv->type != INTEGRITY_REPORT, but 0x%X (0x0F:OPENPTS_ERROR)", read_tlv->type);
rc = PTS_INTERNAL_ERROR;
goto close;
}
/* V->C template RIMM req */
rc = writePtsTlv(ctx, sock, REQUEST_NEW_RIMM_SET);
if (rc < 0) {
+ ERROR("writePtsTlv() fail");
rc = PTS_INTERNAL_ERROR;
goto close;
}
/* V->C VR */
len = writePtsTlv(ctx, sock, VERIFICATION_RESULT);
if (len < 0) {
+ ERROR("writePtsTlv() fail");
rc = PTS_INTERNAL_ERROR;
goto close;
}