Fixed bug in construction of PCR_SELECT structure

2 files changed, 37 insertions, 29 deletions

diff --git a/src/libpts/pts/pts.c b/src/libpts/pts/pts.c
index 9b490cde0..0f850f292 100644
--- a/src/libpts/pts/pts.c
+++ b/src/libpts/pts/pts.c
@@ -958,6 +958,33 @@ METHOD(pts_t, add_pcr_entry, void,
 }
 
 /**
+ * Get the maximum PCR index received in pcr_after_value field
+ */
+static u_int32_t get_max_pcr_index(private_pts_t *this)
+{
+	enumerator_t *e;
+	pcr_entry_t *pcr_entry;
+	u_int32_t ret = 0;
+
+	if (this->pcrs->get_count(this->pcrs) == 0)
+	{
+		return -1;
+	}
+	
+	e = this->pcrs->create_enumerator(this->pcrs);
+	while (e->enumerate(e, &pcr_entry))
+	{
+		if (pcr_entry->pcr_number > ret)
+		{
+			ret = pcr_entry->pcr_number;
+		}
+	}
+	e->destroy(e);
+
+	return ret;
+}
+
+/**
  * 1. build a TCPA_PCR_COMPOSITE structure which contains (pcrCompositeBuf)
  * TCPA_PCR_SELECTION structure (bitmask length + bitmask)
  * UINT32 (network order) gives the number of bytes following (pcr entries * 20)
@@ -990,24 +1017,27 @@ METHOD(pts_t, get_quote_info, bool,
 	enumerator_t *e;
 	pcr_entry_t *pcr_entry;
 	chunk_t pcr_composite, hash_pcr_composite;
-	u_int32_t pcr_composite_len;
+	u_int32_t pcr_composite_len, i, maximum_pcr_index, bitmask_len;
 	bio_writer_t *writer;
-	u_int8_t mask_bytes[PCR_MASK_LEN] = {0,0,0}, i;
 	hasher_t *hasher;
 
-	if (this->pcrs->get_count(this->pcrs) == 0)
+	maximum_pcr_index = get_max_pcr_index(this);
+	if (maximum_pcr_index == -1)
 	{
 		DBG1(DBG_PTS, "PCR entries unavailable, unable to construct "
 					  "TPM Quote Info");
 		return FALSE;
 	}
-
-	pcr_composite_len = 2 + PCR_MASK_LEN + 4 +
+	
+	bitmask_len = maximum_pcr_index/8 +1;
+	u_int8_t mask_bytes[MAX_NUM_PCR/8] = {0};
+	
+	pcr_composite_len = 2 + bitmask_len + 4 +
 						this->pcrs->get_count(this->pcrs) * PCR_LEN;
 	
 	writer = bio_writer_create(pcr_composite_len);
 	/* Lenght of the bist mask field */
-	writer->write_uint16(writer, PCR_MASK_LEN);
+	writer->write_uint16(writer, bitmask_len);
 	/* Bit mask indicating selected PCRs */
 	e = this->pcrs->create_enumerator(this->pcrs);
 	while (e->enumerate(e, &pcr_entry))
@@ -1017,7 +1047,7 @@ METHOD(pts_t, get_quote_info, bool,
 	}
 	e->destroy(e);
 
-	for (i = 0; i< PCR_MASK_LEN ; i++)
+	for (i = 0; i< bitmask_len ; i++)
 	{
 		writer->write_uint8(writer, mask_bytes[i]);
 	}
diff --git a/src/libpts/pts/pts.h b/src/libpts/pts/pts.h
index 79e33016e..a4d6eda20 100644
--- a/src/libpts/pts/pts.h
+++ b/src/libpts/pts/pts.h
@@ -43,7 +43,6 @@ typedef struct pcr_entry_t pcr_entry_t;
 /**
  * PCR indices used for measurements of various functional components
  */
-/** Commented the real PCR indices out, use just PCR16 for debugging
 #define PCR_BIOS						0
 #define PCR_PLATFORM_EXT				1
 #define PCR_MOTHERBOARD					1
@@ -59,23 +58,7 @@ typedef struct pcr_entry_t pcr_entry_t;
 #define PCR_TGRUB_CMD_LINE_ARGS			12
 #define PCR_TGRUB_CHECKFILE				13
 #define PCR_TGRUB_LOADED_FILES			14
-*/
 
-#define PCR_BIOS						16
-#define PCR_PLATFORM_EXT				16
-#define PCR_MOTHERBOARD					16
-#define PCR_OPTION_ROMS					16
-#define PCR_IPL							16
-
-#define PCR_TBOOT_POLICY				16
-#define PCR_TBOOT_MLE					16
-
-#define PCR_TGRUB_MBR_STAGE1			16
-#define PCR_TGRUB_STAGE2_PART1			16
-#define PCR_TGRUB_STAGE2_PART2			16
-#define PCR_TGRUB_CMD_LINE_ARGS			16
-#define PCR_TGRUB_CHECKFILE				16
-#define PCR_TGRUB_LOADED_FILES			16
 
 /**
  * Length of the generated nonce used for calculation of shared secret
@@ -98,11 +81,6 @@ typedef struct pcr_entry_t pcr_entry_t;
 #define TPM_QUOTE_INFO_LEN		48
 
 /**
- * Bitmask Lenght for PCR Composite structure
- */
-#define PCR_MASK_LEN			MAX_NUM_PCR/8
-
-/**
  * Hashing algorithm used by tboot and trustedGRUB
  */
 #define TRUSTED_HASH_ALGO		PTS_MEAS_ALGO_SHA1