refactored simple_evid_final attribute

7 files changed, 192 insertions, 253 deletions

diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation_process.c b/src/libimcv/plugins/imc_attestation/imc_attestation_process.c
index f65f6faee..94773afe7 100644
--- a/src/libimcv/plugins/imc_attestation/imc_attestation_process.c
+++ b/src/libimcv/plugins/imc_attestation/imc_attestation_process.c
@@ -405,9 +405,9 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
 		case TCG_PTS_GEN_ATTEST_EVID:
 		{
 			pts_simple_evid_final_flag_t flags;
-			pts_meas_algorithms_t composite_algorithm = 0;
+			pts_meas_algorithms_t comp_hash_algorithm;
 			pts_comp_evidence_t *evid;
-			chunk_t pcr_composite, quote_signature;
+			chunk_t pcr_composite, quote_sig;
 			bool use_quote2;
 
 			/* Send buffered Simple Component Evidences */
@@ -424,20 +424,19 @@ bool imc_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
 							"libimcv.plugins.imc-attestation.use_quote2", TRUE);
 
 			/* Quote */
-			if (!pts->quote_tpm(pts, use_quote2, &pcr_composite, &quote_signature))
+			if (!pts->quote_tpm(pts, use_quote2, &pcr_composite, &quote_sig))
 			{
 				DBG1(DBG_IMC, "error occured during TPM quote operation");
 				return FALSE;
 			}
 
 			/* Send Simple Evidence Final attribute */
-			flags = use_quote2 ? PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2:
-								 PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO;
-			composite_algorithm |= PTS_MEAS_ALGO_SHA1;
+			flags = use_quote2 ? PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2 :
+								 PTS_SIMPLE_EVID_FINAL_QUOTE_INFO;
+			comp_hash_algorithm == PTS_MEAS_ALGO_SHA1;
 
-			attr = tcg_pts_attr_simple_evid_final_create(FALSE, flags,
-								composite_algorithm, pcr_composite,
-								quote_signature, chunk_empty);
+			attr = tcg_pts_attr_simple_evid_final_create(flags,
+								comp_hash_algorithm, pcr_composite, quote_sig);
 			attr_list->insert_last(attr_list, attr);
 			break;
 		}
diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c
index c0f30abca..194bb8b4d 100644
--- a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c
@@ -298,86 +298,55 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, linked_list_t *attr_list,
 		case TCG_PTS_SIMPLE_EVID_FINAL:
 		{
 			tcg_pts_attr_simple_evid_final_t *attr_cast;
-			pts_simple_evid_final_flag_t flags;
-			pts_meas_algorithms_t composite_algorithm;
-			chunk_t pcr_comp;
-			chunk_t tpm_quote_sign;
-			chunk_t evid_sign;
-			bool evid_signature_included = FALSE, use_quote2 = FALSE,
-				 ver_info_included = FALSE;
+			u_int8_t flags;
+			pts_meas_algorithms_t comp_hash_algorithm;
+			chunk_t pcr_comp, tpm_quote_sig, evid_sig;
 			chunk_t pcr_composite, quote_info;
+			bool use_quote2, use_ver_info;
 
 			attr_cast = (tcg_pts_attr_simple_evid_final_t*)attr;
-			evid_signature_included = attr_cast->is_evid_sign_included(attr_cast);
-			flags = attr_cast->get_flags(attr_cast);
-
-			/** Optional Composite Hash Algorithm field is always present
-			 * Field has value of all zeroes if not used.
-			 * Implemented adhering the suggestion of Paul Sangster 28.Oct.2011
-			 */
-			composite_algorithm = attr_cast->get_comp_hash_algorithm(attr_cast);
+			flags = attr_cast->get_quote_info(attr_cast, &comp_hash_algorithm,
+											  &pcr_comp, &tpm_quote_sig);
 
-			if (flags != PTS_SIMPLE_EVID_FINAL_FLAG_NO)
+			if (flags != PTS_SIMPLE_EVID_FINAL_NO)
 			{
-				if ((flags == PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2) ||
-					(flags == PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER))
-				{
-					use_quote2 = TRUE;
-				}
-				if (flags == PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER)
-				{
-					ver_info_included = TRUE;
-				}
-
-				pcr_comp = attr_cast->get_pcr_comp(attr_cast);
-				tpm_quote_sign = attr_cast->get_tpm_quote_sign(attr_cast);
-
-				if (!pcr_comp.ptr || !tpm_quote_sign.ptr)
-				{
-					DBG1(DBG_IMV, "PCR composite: %B", &pcr_comp);
-					DBG1(DBG_IMV, "TPM Quote Signature: %B", &tpm_quote_sign);
-					DBG1(DBG_IMV, "Either PCR Composite or Quote Signature missing");
-					return FALSE;
-				}
+				use_quote2   = (flags == PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2 ||
+							    flags == PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2_CAP_VER);
+				use_ver_info = (flags == PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2_CAP_VER);
 
 				/* Construct PCR Composite and TPM Quote Info structures */
-				if (!pts->get_quote_info(pts, use_quote2, ver_info_included,
-					composite_algorithm, &pcr_composite, &quote_info))
+				if (!pts->get_quote_info(pts, use_quote2, use_ver_info,
+						comp_hash_algorithm, &pcr_composite, &quote_info))
 				{
-					DBG1(DBG_IMV, "unable to contruct TPM Quote Info");
+					DBG1(DBG_IMV, "unable to compute TPM Quote Info");
 					return FALSE;
 				}
 
 				if (!chunk_equals(pcr_comp, pcr_composite))
 				{
-					DBG1(DBG_IMV, "received PCR Composite didn't match "
-								  "with constructed");
-					chunk_clear(&pcr_composite);
-					chunk_clear(&quote_info);
+					DBG1(DBG_IMV, "received and computed PCR Composite match");
+					free(pcr_composite.ptr);
+					free(quote_info.ptr);
 					return FALSE;
 				}
-				DBG2(DBG_IMV, "received PCR Composite matches with constructed");
-				chunk_clear(&pcr_composite);
+				DBG2(DBG_IMV, "received and computed PCR Composite do not match");
+				free(pcr_composite.ptr);
 
-				if (!pts->verify_quote_signature(pts, quote_info, tpm_quote_sign))
+				if (!pts->verify_quote_signature(pts, quote_info, tpm_quote_sig))
 				{
-					chunk_clear(&quote_info);
+					free(quote_info.ptr);
 					return FALSE;
 				}
-
-				DBG2(DBG_IMV, "signature verification succeeded for "
-							  "TPM Quote Info");
-				chunk_clear(&quote_info);
+				DBG2(DBG_IMV, "TPM Quote Info signature verification successful");
+				free(quote_info.ptr);
 			}
 
-			if (evid_signature_included)
+			if (attr_cast->get_evid_sig(attr_cast, &evid_sig))
 			{
 				/** TODO: What to do with Evidence Signature */
-				evid_sign = attr_cast->get_evid_sign(attr_cast);
-				DBG1(DBG_IMV, "This version of Attestation IMV can not handle"
-					 " Optional Evidence Signature field");
+				DBG1(DBG_IMV, "This version of the Attestation IMV can not "
+							  "handle Evidence Signatures");
 			}
-
 			break;
 		}
 
diff --git a/src/libpts/Makefile.am b/src/libpts/Makefile.am
index 7bed466cd..707d920b0 100644
--- a/src/libpts/Makefile.am
+++ b/src/libpts/Makefile.am
@@ -11,6 +11,7 @@ libpts_la_SOURCES = \
 	pts/pts_error.h pts/pts_error.c \
 	pts/pts_proto_caps.h \
 	pts/pts_req_func_comp_evid.h \
+	pts/pts_simple_evid_final.h \
 	pts/pts_creds.h pts/pts_creds.c \
 	pts/pts_database.h pts/pts_database.c \
 	pts/pts_dh_group.h pts/pts_dh_group.c \
diff --git a/src/libpts/pts/pts.h b/src/libpts/pts/pts.h
index 73065ec20..c6a5ffbb4 100644
--- a/src/libpts/pts/pts.h
+++ b/src/libpts/pts/pts.h
@@ -30,6 +30,7 @@ typedef struct pts_t pts_t;
 #include "pts_file_meta.h"
 #include "pts_dh_group.h"
 #include "pts_req_func_comp_evid.h"
+#include "pts_simple_evid_final.h"
 #include "components/pts_comp_func_name.h"
 #include "components/tcg/tcg_comp_func_name.h"
 #include "components/ita/ita_comp_func_name.h"
diff --git a/src/libpts/pts/pts_simple_evid_final.h b/src/libpts/pts/pts_simple_evid_final.h
new file mode 100644
index 000000000..0c8dea0cc
--- /dev/null
+++ b/src/libpts/pts/pts_simple_evid_final.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2011 Sansar Choinyambuu
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup pts_simple_evid_final pts_rsimple_evid_final
+ * @{ @ingroup pts
+ */
+
+#ifndef PTS_SIMPLE_EVID_FINAL_H_
+#define PTS_SIMPLE_EVID_FINAL_H_
+
+typedef enum pts_simple_evid_final_flag_t pts_simple_evid_final_flag_t;
+
+#include <library.h>
+
+/**
+ * PTS Simple Evidence Final Flags
+ */
+enum pts_simple_evid_final_flag_t {
+	/** TPM PCR Composite and TPM Quote Signature not included   */
+	PTS_SIMPLE_EVID_FINAL_NO =						0x00,
+	/** TPM PCR Composite and TPM Quote Signature included
+	  * using TPM_QUOTE_INFO                                     */
+	PTS_SIMPLE_EVID_FINAL_QUOTE_INFO =			 	0x40,
+	/** TPM PCR Composite and TPM Quote Signature included
+	  * using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO not appended */
+	PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2 =				0x80,
+	/** TPM PCR Composite and TPM Quote Signature included
+	  * using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO appended     */
+	PTS_SIMPLE_EVID_FINAL_QUOTE_INFO2_CAP_VER =	 	0xC0,
+    /** Evidence Signature included                              */
+	PTS_SIMPLE_EVID_FINAL_EVID_SIG =				0x20,
+};
+
+#endif /** PTS_SIMPLE_EVID_FINAL_H_ @}*/
diff --git a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c
index 58a3e3a0f..a621164bf 100644
--- a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c
+++ b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c
@@ -14,6 +14,7 @@
  */
 
 #include "tcg_pts_attr_simple_evid_final.h"
+#include "pts/pts_simple_evid_final.h"
 
 #include <pa_tnc/pa_tnc_msg.h>
 #include <bio/bio_writer.h>
@@ -29,23 +30,23 @@ typedef struct private_tcg_pts_attr_simple_evid_final_t private_tcg_pts_attr_sim
  *					   1				   2				   3
  *   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
  *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *  |	 Flags		|	Reserved	| Optional Composite Hash Alg 	|
+ *  |    Flags      |   Reserved    | Optional Composite Hash Alg   |
  *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *  |				Optional TPM PCR Composite Length				|
+ *  |               Optional TPM PCR Composite Length               |
  *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *  ~		   Optional TPM PCR Composite (Variable Length)			~
+ *  ~          Optional TPM PCR Composite (Variable Length)         ~
  *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *  |				Optional TPM Quote Signature Length				|
+ *  |              Optional TPM Quote Signature Length              |
  *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *  ~		 Optional TPM Quote Signature (Variable Length)			~
+ *  ~        Optional TPM Quote Signature (Variable Length)         ~
  *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *  ~		 Optional Evidence Signature (Variable Length)			~
+ *  ~        Optional Evidence Signature (Variable Length)          ~
  *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  */
 
 #define PTS_SIMPLE_EVID_FINAL_SIZE			2
 #define PTS_SIMPLE_EVID_FINAL_RESERVED		0x00
-
+#define PTS_SIMPLE_EVID_FINAL_FLAG_MASK		0xC0
 /**
  * Private data of an tcg_pts_attr_simple_evid_final_t object.
  */
@@ -77,14 +78,9 @@ struct private_tcg_pts_attr_simple_evid_final_t {
 	bool noskip_flag;
 
 	/**
-	 * Is Evidence Signature included
-	 */
-	bool evid_sign_included;
-	
-	/**
 	 * Set of flags for Simple Evidence Final
 	 */
-	pts_simple_evid_final_flag_t flags;
+	u_int8_t flags;
 
 	/**
 	 * Optional Composite Hash Algorithm
@@ -99,12 +95,17 @@ struct private_tcg_pts_attr_simple_evid_final_t {
 	/**
 	 * Optional TPM Quote Signature
 	 */
-	chunk_t tpm_quote_sign;
+	chunk_t tpm_quote_sig;
+	
+	/**
+	 * Is Evidence Signature included?
+	 */
+	bool has_evid_sig;
 	
 	/**
 	 * Optional Evidence Signature
 	 */
-	chunk_t evid_sign;
+	chunk_t evid_sig;
 
 };
 
@@ -138,32 +139,30 @@ METHOD(pa_tnc_attr_t, set_noskip_flag,void,
 	this->noskip_flag = noskip;
 }
 
+METHOD(pa_tnc_attr_t, destroy, void,
+	private_tcg_pts_attr_simple_evid_final_t *this)
+{
+	free(this->value.ptr);
+	free(this->pcr_comp.ptr);
+	free(this->tpm_quote_sig.ptr);
+	free(this->evid_sig.ptr);
+	free(this);
+}
+
 METHOD(pa_tnc_attr_t, build, void,
 	private_tcg_pts_attr_simple_evid_final_t *this)
 {
 	bio_writer_t *writer;
-	u_int8_t flags = 0;
+	u_int8_t flags;
 	
-	writer = bio_writer_create(PTS_SIMPLE_EVID_FINAL_SIZE);
+	flags = this->flags & PTS_SIMPLE_EVID_FINAL_FLAG_MASK;
 
-	/* Determine the flags to set*/
-	if (this->flags == PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO)
-	{
-		flags += 64;
-	}
-	else if (this->flags == PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2)
+	if (this->has_evid_sig)
 	{
-		flags += 128;
+		flags |= PTS_SIMPLE_EVID_FINAL_EVID_SIG;
 	}
-	else if (this->flags == PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER)
-	{
-		flags += 192;
-	}
-	if (this->evid_sign_included)
-	{
-		flags += 32;
-	}
-	
+
+	writer = bio_writer_create(PTS_SIMPLE_EVID_FINAL_SIZE);
 	writer->write_uint8 (writer, flags);
 	writer->write_uint8 (writer, PTS_SIMPLE_EVID_FINAL_RESERVED);
 	
@@ -174,19 +173,18 @@ METHOD(pa_tnc_attr_t, build, void,
 	writer->write_uint16(writer, this->comp_hash_algorithm);
 
 	/* Optional fields */
-	if (this->pcr_comp.ptr && this->pcr_comp.len > 0)
+	if (this->flags != PTS_SIMPLE_EVID_FINAL_NO)
 	{
 		writer->write_uint32 (writer, this->pcr_comp.len);
 		writer->write_data (writer, this->pcr_comp);
+
+		writer->write_uint32 (writer, this->tpm_quote_sig.len);
+		writer->write_data (writer, this->tpm_quote_sig);
 	}
-	if (this->tpm_quote_sign.ptr && this->tpm_quote_sign.len > 0)
-	{
-		writer->write_uint32 (writer, this->tpm_quote_sign.len);
-		writer->write_data (writer, this->tpm_quote_sign);
-	}
-	if (this->evid_sign.ptr && this->evid_sign.len > 0)
+
+	if (this->has_evid_sig)
 	{
-		writer->write_data (writer, this->evid_sign);
+		writer->write_data (writer, this->evid_sig);
 	}
 	
 	this->value = chunk_clone(writer->get_buf(writer));
@@ -197,9 +195,10 @@ METHOD(pa_tnc_attr_t, process, status_t,
 	private_tcg_pts_attr_simple_evid_final_t *this, u_int32_t *offset)
 {
 	bio_reader_t *reader;
-	u_int8_t flags;
-	u_int8_t reserved;
+	u_int8_t flags, reserved;
 	u_int16_t algorithm;
+	u_int32_t pcr_comp_len, tpm_quote_sig_len, evid_sig_len;
+		
 	
 	if (this->value.len < PTS_SIMPLE_EVID_FINAL_SIZE)
 	{
@@ -210,31 +209,12 @@ METHOD(pa_tnc_attr_t, process, status_t,
 	reader = bio_reader_create(this->value);
 	
 	reader->read_uint8(reader, &flags);
-	
-	/* Determine the flags to set*/
-	if (!((flags >> 7) & 1) && !((flags >> 6) & 1))
-	{
-		this->flags = PTS_SIMPLE_EVID_FINAL_FLAG_NO;
-	}
-	else if (!((flags >> 7) & 1) && ((flags >> 6) & 1))
-	{
-		this->flags = PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO;
-	}
-	else if (((flags >> 7) & 1) && !((flags >> 6) & 1))
-	{
-		this->flags = PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2;
-	}
-	else if (((flags >> 7) & 1) && ((flags >> 6) & 1))
-	{
-		this->flags = PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER;
-	}
-	if ((flags >> 5) & 1)
-	{
-		this->evid_sign_included = TRUE;
-	}
-	
 	reader->read_uint8(reader, &reserved);
 
+	this->flags = flags & PTS_SIMPLE_EVID_FINAL_FLAG_MASK;
+
+	this->has_evid_sig = (flags & PTS_SIMPLE_EVID_FINAL_EVID_SIG) != 0;
+
 	/** Optional Composite Hash Algorithm field is always present
 	 * Field has value of all zeroes if not used.
 	 * Implemented adhering the suggestion of Paul Sangster 28.Oct.2011
@@ -243,8 +223,8 @@ METHOD(pa_tnc_attr_t, process, status_t,
 	reader->read_uint16(reader, &algorithm);
 	this->comp_hash_algorithm = algorithm;
 	
-	/*  Optional Composite Hash Algorithm and TPM PCR Composite field is included */
-	if (this->flags != PTS_SIMPLE_EVID_FINAL_FLAG_NO)
+	/*  Optional Composite Hash Algorithm and TPM PCR Composite fields */
+	if (this->flags != PTS_SIMPLE_EVID_FINAL_NO)
 	{
 		u_int32_t pcr_comp_len, tpm_quote_sign_len;
 		
@@ -257,79 +237,66 @@ METHOD(pa_tnc_attr_t, process, status_t,
 		reader->read_data(reader, pcr_comp_len, &this->pcr_comp);
 		this->pcr_comp = chunk_clone(this->pcr_comp);
 		
-		reader->read_uint32(reader, &tpm_quote_sign_len);
-		reader->read_data(reader, tpm_quote_sign_len, &this->tpm_quote_sign);
-		this->tpm_quote_sign = chunk_clone(this->tpm_quote_sign);
+		/* TODO check if enough message data is available */
+		reader->read_uint32(reader, &tpm_quote_sig_len);
+		reader->read_data(reader, tpm_quote_sig_len, &this->tpm_quote_sig);
+		this->tpm_quote_sig = chunk_clone(this->tpm_quote_sig);
 	}
 	
-	/*  Optional Evidence Signature field is included */
-	if (this->evid_sign_included)
+	/*  Optional Evidence Signature field */
+	if (this->has_evid_sig)
 	{
-		u_int32_t evid_sign_len = reader->remaining(reader);
-		reader->read_data(reader, evid_sign_len, &this->evid_sign);
-		this->evid_sign = chunk_clone(this->evid_sign);
+		evid_sig_len = reader->remaining(reader);
+		reader->read_data(reader, evid_sig_len, &this->evid_sig);
+		this->evid_sig = chunk_clone(this->evid_sig);
 	}
 	
 	reader->destroy(reader);
 	return SUCCESS;
 }
 
-METHOD(pa_tnc_attr_t, destroy, void,
-	private_tcg_pts_attr_simple_evid_final_t *this)
-{
-	free(this->value.ptr);
-	free(this->pcr_comp.ptr);
-	free(this->tpm_quote_sign.ptr);
-	free(this->evid_sign.ptr);
-	free(this);
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, is_evid_sign_included, bool,
-	private_tcg_pts_attr_simple_evid_final_t *this)
-{
-	return this->evid_sign_included;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_flags, pts_simple_evid_final_flag_t,
-	private_tcg_pts_attr_simple_evid_final_t *this)
+METHOD(tcg_pts_attr_simple_evid_final_t, get_quote_info, u_int8_t,
+	private_tcg_pts_attr_simple_evid_final_t *this,
+	pts_meas_algorithms_t *comp_hash_algo, chunk_t *pcr_comp, chunk_t *tpm_quote_sig)
 {
+	if (comp_hash_algo)
+	{
+		*comp_hash_algo = this->comp_hash_algorithm;
+	}
+	if (pcr_comp)
+	{
+		*pcr_comp = this->pcr_comp;
+	}
+	if (tpm_quote_sig)
+	{
+		*tpm_quote_sig = this->tpm_quote_sig;
+	}
 	return this->flags;
 }
 
-METHOD(tcg_pts_attr_simple_evid_final_t, get_comp_hash_algorithm, pts_meas_algorithms_t,
-	private_tcg_pts_attr_simple_evid_final_t *this)
+METHOD(tcg_pts_attr_simple_evid_final_t, get_evid_sig, bool,
+	private_tcg_pts_attr_simple_evid_final_t *this, chunk_t *evid_sig)
 {
-	return this->comp_hash_algorithm;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_pcr_comp, chunk_t,
-	private_tcg_pts_attr_simple_evid_final_t *this)
-{
-	return this->pcr_comp;
-}
-
-METHOD(tcg_pts_attr_simple_evid_final_t, get_tpm_quote_sign, chunk_t,
-	private_tcg_pts_attr_simple_evid_final_t *this)
-{
-	return this->tpm_quote_sign;
+	if (evid_sig)
+	{
+		*evid_sig = this->evid_sig;
+	}
+	return this->has_evid_sig;
 }
 
-METHOD(tcg_pts_attr_simple_evid_final_t, get_evid_sign, chunk_t,
-	private_tcg_pts_attr_simple_evid_final_t *this)
+METHOD(tcg_pts_attr_simple_evid_final_t, set_evid_sig, void,
+	private_tcg_pts_attr_simple_evid_final_t *this, chunk_t evid_sig)
 {
-	return this->evid_sign;
+	this->evid_sig = chunk_clone(evid_sig);
+	this->has_evid_sig = TRUE;
 }
 
 /**
  * Described in header.
  */
-pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create(
-					   bool evid_sign_included,
-					   pts_simple_evid_final_flag_t flags,
-					   pts_meas_algorithms_t comp_hash_algorithm,
-					   chunk_t pcr_comp,
-					   chunk_t tpm_quote_sign,
-					   chunk_t evid_sign)
+pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create(u_int8_t flags,
+							pts_meas_algorithms_t comp_hash_algorithm,
+							chunk_t pcr_comp, chunk_t tpm_quote_sig)
 {
 	private_tcg_pts_attr_simple_evid_final_t *this;
 
@@ -345,21 +312,16 @@ pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create(
 				.process = _process,
 				.destroy = _destroy,
 			},
-			.is_evid_sign_included = _is_evid_sign_included,
-			.get_flags = _get_flags,
-			.get_comp_hash_algorithm = _get_comp_hash_algorithm,
-			.get_pcr_comp = _get_pcr_comp,
-			.get_tpm_quote_sign = _get_tpm_quote_sign,
-			.get_evid_sign = _get_evid_sign,
+			.get_quote_info = _get_quote_info,
+			.get_evid_sig = _get_evid_sig,
+			.set_evid_sig = _set_evid_sig,
 		},
 		.vendor_id = PEN_TCG,
 		.type = TCG_PTS_SIMPLE_EVID_FINAL,
-		.evid_sign_included = evid_sign_included,
 		.flags = flags,
 		.comp_hash_algorithm = comp_hash_algorithm,
 		.pcr_comp = chunk_clone(pcr_comp),
-		.tpm_quote_sign = chunk_clone(tpm_quote_sign),
-		.evid_sign = chunk_clone(evid_sign),
+		.tpm_quote_sig = chunk_clone(tpm_quote_sig),
 	);
 
 	return &this->public.pa_tnc_attribute;
@@ -385,12 +347,9 @@ pa_tnc_attr_t *tcg_pts_attr_simple_evid_final_create_from_data(chunk_t data)
 				.process = _process,
 				.destroy = _destroy,
 			},
-			.is_evid_sign_included = _is_evid_sign_included,
-			.get_flags= _get_flags,
-			.get_comp_hash_algorithm = _get_comp_hash_algorithm,
-			.get_pcr_comp = _get_pcr_comp,
-			.get_tpm_quote_sign = _get_tpm_quote_sign,
-			.get_evid_sign = _get_evid_sign,
+			.get_quote_info = _get_quote_info,
+			.get_evid_sig = _get_evid_sig,
+			.set_evid_sig = _set_evid_sig,
 		},
 		.vendor_id = PEN_TCG,
 		.type = TCG_PTS_SIMPLE_EVID_FINAL,
diff --git a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.h b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.h
index 4957cbcb8..3d98bfce7 100644
--- a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.h
+++ b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.h
@@ -22,30 +22,12 @@
 #define TCG_PTS_ATTR_SIMPLE_EVID_FINAL_H_
 
 typedef struct tcg_pts_attr_simple_evid_final_t tcg_pts_attr_simple_evid_final_t;
-typedef enum pts_simple_evid_final_flag_t pts_simple_evid_final_flag_t;
 
 #include "tcg_attr.h"
 #include "tcg_pts_attr_meas_algo.h"
 #include "pa_tnc/pa_tnc_attr.h"
 
 /**
- * PTS Simple Evidence Final Flags
- */
-enum pts_simple_evid_final_flag_t {
-	/** No Optional TPM PCR Composite nor Optional TPM Quote Signature fields included */
-	PTS_SIMPLE_EVID_FINAL_FLAG_NO =							1,
-	/** Optional TPM PCR Composite and Optional TPM Quote Signature fields included */
-	/** using TPM_QUOTE_INFO */
-	PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO =			 	2,
-	/** Optional TPM PCR Composite and Optional TPM Quote Signature fields included */
-	/** using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO was not appended */
-	PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2 =			 3,
-	/** Optional TPM PCR Composite and Optional TPM Quote Signature fields included */
-	/** using TPM_QUOTE_INFO2, TPM_CAP_VERSION_INFO was appended */
-	PTS_SIMPLE_EVID_FINAL_FLAG_TPM_QUOTE_INFO2_CAP_VER =	 4,
-};
-
-/**
  * Class implementing the TCG PTS Simple Evidence Final attribute
  *
  */
@@ -57,66 +39,47 @@ struct tcg_pts_attr_simple_evid_final_t {
 	pa_tnc_attr_t pa_tnc_attribute;
 
 	/**
-	 * Is Optional Evidence Signature Included
+	 * Get Optional PCR Composite and TPM Quote Signature
 	 *
-	 * @return				TRUE if included, FALSE otherwise
+	 * @param comp_hash_algo	Optional Composite Hash Algorithm
+	 * @param pcr_comp			Optional PCR Composite
+	 * @param tpm_quote sig		Optional TPM Quote Signature
+	 * @return					PTS_SIMPLE_EVID_FINAL flags		
 	 */
-	bool (*is_evid_sign_included)(tcg_pts_attr_simple_evid_final_t *this);
+	u_int8_t (*get_quote_info)(tcg_pts_attr_simple_evid_final_t *this,
+							   pts_meas_algorithms_t *comp_hash_algo,
+							   chunk_t *pcr_comp, chunk_t *tpm_quote_sig);
 	
 	/**
-	 * Get flags for PTS Simple Evidence Final
+	 * Get Optional Evidence Signature
 	 *
-	 * @return				Set of flags
+	 * @evid_sig				Optional Evidence Signature
+	 * @return					TRUE if Evidence Signature is available
 	 */
-	pts_simple_evid_final_flag_t (*get_flags)(tcg_pts_attr_simple_evid_final_t *this);
+	bool (*get_evid_sig)(tcg_pts_attr_simple_evid_final_t *this, chunk_t *evid_sig);
 
 	/**
-	 * Get Optional Composite Hash Algorithm
-	 *
-	 * @return				Composite Hash Algorithm
-	 */
-	pts_meas_algorithms_t (*get_comp_hash_algorithm)(tcg_pts_attr_simple_evid_final_t *this);
-	
-	/**
-	 * Get Optional TPM PCR Composite
-	 *
-	 * @return				PCR Composite
-	 */
-	chunk_t (*get_pcr_comp)(tcg_pts_attr_simple_evid_final_t *this);
-	
-	/**
-	 * Get Optional TPM Quote Signature
-	 *
-	 * @return				TPM Quote Signature
-	 */
-	chunk_t (*get_tpm_quote_sign)(tcg_pts_attr_simple_evid_final_t *this);
-	
-	/**
-	 * Get Optional Evidence Signature
+	 * Set Optional Evidence Signature
 	 *
-	 * @return				Optional Evidence Signature
+	 * @evid_sig				Optional Evidence Signature
 	 */
-	chunk_t (*get_evid_sign)(tcg_pts_attr_simple_evid_final_t *this);
+	void (*set_evid_sig)(tcg_pts_attr_simple_evid_final_t *this, chunk_t evid_sig);
 	
 };
 
 /**
  * Creates an tcg_pts_attr_simple_evid_final_t object
  *
- * @param evid_sign_included	Evidence Signature included
  * @param flags					Set of flags
  * @param comp_hash_algorithm	Composite Hash Algorithm
  * @param pcr_comp				Optional TPM PCR Composite
  * @param tpm_quote_sign		Optional TPM Quote Signature
- * @param evid_sign				Optional Evidence Signature
  */
 pa_tnc_attr_t* tcg_pts_attr_simple_evid_final_create(
-							bool evid_sign_included,
-							pts_simple_evid_final_flag_t flags,
+							u_int8_t flags,
 							pts_meas_algorithms_t comp_hash_algorithm,
 							chunk_t pcr_comp,
-							chunk_t tpm_quote_sign,
-							chunk_t evid_sign);
+							chunk_t tpm_quote_sign);
 
 /**
  * Creates an tcg_pts_attr_simple_evid_final_t object from received data