4 files changed, 38 insertions, 2 deletions

diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation.c b/src/libimcv/plugins/imc_attestation/imc_attestation.c
index 46e4b7384..99fbdc1cf 100644
--- a/src/libimcv/plugins/imc_attestation/imc_attestation.c
+++ b/src/libimcv/plugins/imc_attestation/imc_attestation.c
@@ -63,6 +63,11 @@ static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE;
 static linked_list_t *evidences = NULL;
 
 /**
+ * Supported PTS Diffie Hellman Groups
+ */
+static pts_dh_group_t supported_dh_groups = 0;
+
+/**
  * see section 3.7.1 of TCG TNC IF-IMC Specification 1.2
  */
 TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id,
@@ -80,6 +85,10 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id,
 	{
 		return TNC_RESULT_FATAL;
 	}
+	if (!pts_probe_dh_groups(&supported_dh_groups))
+	{
+		return TNC_RESULT_FATAL;
+	}
 	imc_attestation = imc_agent_create(imc_name, IMC_VENDOR_ID, IMC_SUBTYPE,
 									   imc_id, actual_version);
 	if (!imc_attestation)
diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation.c b/src/libimcv/plugins/imv_attestation/imv_attestation.c
index 10ee35ef0..87832a730 100644
--- a/src/libimcv/plugins/imv_attestation/imv_attestation.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation.c
@@ -58,6 +58,11 @@ static pts_meas_algorithms_t supported_algorithms = PTS_MEAS_ALGO_NONE;
 static pts_dh_group_t supported_dh_groups = PTS_DH_GROUP_NONE;
 
 /**
+ * Supported PTS Diffie Hellman Groups
+ */
+static pts_dh_group_t supported_dh_groups = 0;
+
+/**
  * PTS file measurement database
  */
 static pts_database_t *pts_db;
@@ -92,6 +97,10 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
 	{
 		return TNC_RESULT_FATAL;
 	}
+	if (!pts_probe_dh_groups(&supported_dh_groups))
+	{
+		return TNC_RESULT_FATAL;
+	}
 	imv_attestation = imv_agent_create(imv_name, IMV_VENDOR_ID, IMV_SUBTYPE,
 									   imv_id, actual_version);
 	if (!imv_attestation)
@@ -118,6 +127,24 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
 		return TNC_RESULT_FATAL;
 	}
 
+	/**
+	 * Specify supported PTS Diffie Hellman Groups
+	 *
+	 * ike2: PTS_DH_GROUP_IKE2
+	 * ike5: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5
+	 * ike14: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14
+	 * ike19: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 | PTS_DH_GROUP_IKE19
+	 * ike20: PTS_DH_GROUP_IKE2 | PTS_DH_GROUP_IKE5 | PTS_DH_GROUP_IKE14 | PTS_DH_GROUP_IKE19 | PTS_DH_GROUP_IKE20
+	 *
+	 * we expect the PTS-IMC to select the strongest supported group
+	 */
+	dh_group = lib->settings->get_str(lib->settings,
+				"libimcv.plugins.imv-attestation.dh_group", "ike19");
+	if (!pts_update_supported_dh_groups(dh_group, &supported_dh_groups))
+	{
+		return TNC_RESULT_FATAL;
+	}
+
 	/* create a PTS credential manager */
 	pts_credmgr = credential_manager_create();
 
diff --git a/src/libpts/Makefile.am b/src/libpts/Makefile.am
index bf0cbf920..4f8d483f4 100644
--- a/src/libpts/Makefile.am
+++ b/src/libpts/Makefile.am
@@ -17,6 +17,7 @@ libpts_la_SOURCES = \
 	pts/pts_file_meta.h pts/pts_file_meta.c \
 	pts/pts_file_type.h pts/pts_file_type.c \
 	pts/pts_meas_algo.h pts/pts_meas_algo.c \
+	pts/pts_dh_group.h pts/pts_dh_group.c \
 	tcg/tcg_attr.h tcg/tcg_attr.c \
 	tcg/tcg_pts_attr_proto_caps.h tcg/tcg_pts_attr_proto_caps.c \
 	tcg/tcg_pts_attr_dh_nonce_params_req.h tcg/tcg_pts_attr_dh_nonce_params_req.c \
diff --git a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h
index 170077156..bc9cb3fd9 100644
--- a/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h
+++ b/src/libpts/tcg/tcg_pts_attr_dh_nonce_params_req.h
@@ -21,8 +21,7 @@
 #ifndef TCG_PTS_ATTR_DH_NONCE_PARAMS_REQ_H_
 #define TCG_PTS_ATTR_DH_NONCE_PARAMS_REQ_H_
 
-typedef struct tcg_pts_attr_dh_nonce_params_req_t
-					tcg_pts_attr_dh_nonce_params_req_t;
+typedef struct tcg_pts_attr_dh_nonce_params_req_t tcg_pts_attr_dh_nonce_params_req_t;
 
 #include "tcg_attr.h"
 #include "pa_tnc/pa_tnc_attr.h"