diff options
Diffstat (limited to 'src/libpts/plugins/imv_attestation/attest_db.c')
| -rw-r--r-- | src/libpts/plugins/imv_attestation/attest_db.c | 672 |
1 files changed, 456 insertions, 216 deletions
diff --git a/src/libpts/plugins/imv_attestation/attest_db.c b/src/libpts/plugins/imv_attestation/attest_db.c index a9f1f710d..10c719bff 100644 --- a/src/libpts/plugins/imv_attestation/attest_db.c +++ b/src/libpts/plugins/imv_attestation/attest_db.c @@ -31,19 +31,34 @@ struct private_attest_db_t { attest_db_t public; /** - * Software product to be queried + * Component Functional Name to be queried */ - char *product; + pts_comp_func_name_t *cfn; /** - * Primary key of software product to be queried + * Primary key of the Component Functional Name to be queried */ - int pid; + int cid; /** - * TRUE if product has been set + * TRUE if Component Functional Name has been set */ - bool product_set; + bool comp_set; + + /** + * Directory containing the Measurement file to be queried + */ + char *dir; + + /** + * Primary key of the directory to be queried + */ + int did; + + /** + * TRUE if directory has been set + */ + bool dir_set; /** * Measurement file to be queried @@ -61,34 +76,34 @@ struct private_attest_db_t { bool file_set; /** - * Directory containing the Measurement file to be queried + * AIK to be queried */ - char *dir; + chunk_t key; /** - * Primary key of the directory to be queried + * Primary key of the AIK to be queried */ - int did; + int kid; /** - * TRUE if directory has been set + * TRUE if AIK has been set */ - bool dir_set; + bool key_set; /** - * Component Functional Name to be queried + * Software product to be queried */ - pts_comp_func_name_t *cfn; + char *product; /** - * Primary key of the Component Functional Name to be queried + * Primary key of software product to be queried */ - int cid; + int pid; /** - * TRUE if Component Functional Name has been set + * TRUE if product has been set */ - bool comp_set; + bool product_set; /** * File measurement hash algorithm @@ -96,6 +111,11 @@ struct private_attest_db_t { pts_meas_algorithms_t algo; /** + * Optional owner (user/host name) + */ + char *owner; + + /** * Attestation database */ database_t *db; @@ -125,79 +145,185 @@ char* print_cfn(pts_comp_func_name_t *cfn) return buf; } -METHOD(attest_db_t, set_product, bool, - private_attest_db_t *this, char *product, bool create) +METHOD(attest_db_t, set_component, bool, + private_attest_db_t *this, char *comp, bool create) { enumerator_t *e; + char *pos1, *pos2; + int vid, name, qualifier; + pts_comp_func_name_t *cfn; - if (this->product_set) + if (this->comp_set) { - printf("product has already been set\n"); + printf("component has already been set\n"); return FALSE; } - this->product = strdup(product); - e = this->db->query(this->db, "SELECT id FROM products WHERE name = ?", - DB_TEXT, product, DB_INT); + /* parse component string */ + pos1 = strchr(comp, '/'); + pos2 = strchr(comp, '-'); + if (!pos1 || !pos2) + { + printf("component string must have the form \"vendor_id/name-qualifier\"\n"); + return FALSE; + } + vid = atoi(comp); + name = atoi(pos1 + 1); + qualifier = atoi(pos2 + 1); + cfn = pts_comp_func_name_create(vid, name, qualifier); + + e = this->db->query(this->db, + "SELECT id FROM components " + "WHERE vendor_id = ? AND name = ? AND qualifier = ?", + DB_INT, vid, DB_INT, name, DB_INT, qualifier, DB_INT); if (e) { - if (e->enumerate(e, &this->pid)) + if (e->enumerate(e, &this->cid)) { - this->product_set = TRUE; + this->comp_set = TRUE; + this->cfn = cfn; } e->destroy(e); } - if (this->product_set) + if (this->comp_set) { return TRUE; } if (!create) { - printf("product '%s' not found in database\n", product); + printf("component '%s' not found in database\n", print_cfn(cfn)); + cfn->destroy(cfn); return FALSE; } /* Add a new database entry */ - this->product_set = this->db->execute(this->db, &this->pid, - "INSERT INTO products (name) VALUES (?)", - DB_TEXT, product) == 1; + this->comp_set = this->db->execute(this->db, &this->cid, + "INSERT INTO components (vendor_id, name, qualifier) " + "VALUES (?, ?, ?)", + DB_INT, vid, DB_INT, name, DB_INT, qualifier) == 1; - printf("product '%s' %sinserted into database\n", product, - this->product_set ? "" : "could not be "); + printf("component '%s' %sinserted into database\n", print_cfn(cfn), + this->comp_set ? "" : "could not be "); + if (this->comp_set) + { + this->cfn = cfn; + } + else + { + cfn->destroy(cfn); + } + return this->comp_set; +} - return this->product_set; +METHOD(attest_db_t, set_cid, bool, + private_attest_db_t *this, int cid) +{ + enumerator_t *e; + int vid, name, qualifier; + + if (this->comp_set) + { + printf("component has already been set\n"); + return FALSE; + } + this->cid = cid; + + e = this->db->query(this->db, "SELECT vendor_id, name, qualifier " + "FROM components WHERE id = ?", + DB_INT, cid, DB_INT, DB_INT, DB_INT); + if (e) + { + if (e->enumerate(e, &vid, &name, &qualifier)) + { + this->cfn = pts_comp_func_name_create(vid, name, qualifier); + this->comp_set = TRUE; + } + else + { + printf("no component found with cid %d\n", cid); + } + e->destroy(e); + } + return this->comp_set; } -METHOD(attest_db_t, set_pid, bool, - private_attest_db_t *this, int pid) +METHOD(attest_db_t, set_directory, bool, + private_attest_db_t *this, char *dir, bool create) { enumerator_t *e; - char *product; - if (this->product_set) + if (this->dir_set) { - printf("product has already been set\n"); + printf("directory has already been set\n"); return FALSE; } - this->pid = pid; + free(this->dir); + this->dir = strdup(dir); - e = this->db->query(this->db, "SELECT name FROM products WHERE id = ?", - DB_INT, pid, DB_TEXT); + e = this->db->query(this->db, + "SELECT id FROM files WHERE type = 1 AND path = ?", + DB_TEXT, dir, DB_INT); if (e) { - if (e->enumerate(e, &product)) + if (e->enumerate(e, &this->did)) { - this->product = strdup(product); - this->product_set = TRUE; + this->dir_set = TRUE; + } + e->destroy(e); + } + if (this->dir_set) + { + return TRUE; + } + + if (!create) + { + printf("directory '%s' not found in database\n", dir); + return FALSE; + } + + /* Add a new database entry */ + this->dir_set = this->db->execute(this->db, &this->did, + "INSERT INTO files (type, path) VALUES (1, ?)", + DB_TEXT, dir) == 1; + + printf("directory '%s' %sinserted into database\n", dir, + this->dir_set ? "" : "could not be "); + + return this->dir_set; +} + +METHOD(attest_db_t, set_did, bool, + private_attest_db_t *this, int did) +{ + enumerator_t *e; + char *dir; + + if (this->dir_set) + { + printf("directory has already been set\n"); + return FALSE; + } + this->did = did; + + e = this->db->query(this->db, "SELECT path FROM files WHERE id = ?", + DB_INT, did, DB_TEXT); + if (e) + { + if (e->enumerate(e, &dir)) + { + free(this->dir); + this->dir = strdup(dir); + this->dir_set = TRUE; } else { - printf("no product found with pid %d in database\n", pid); + printf("no directory found with did %d\n", did); } e->destroy(e); } - return this->product_set; + return this->dir_set; } METHOD(attest_db_t, set_file, bool, @@ -275,185 +401,164 @@ METHOD(attest_db_t, set_fid, bool, return this->file_set; } -METHOD(attest_db_t, set_directory, bool, - private_attest_db_t *this, char *dir, bool create) +METHOD(attest_db_t, set_key, bool, + private_attest_db_t *this, char *key, bool create) { enumerator_t *e; + char *owner; - if (this->dir_set) + if (this->key_set) { - printf("directory has already been set\n"); + printf("key has already been set\n"); return FALSE; } - free(this->dir); - this->dir = strdup(dir); + this->key = chunk_from_hex(chunk_create(key, strlen(key)), NULL); - e = this->db->query(this->db, - "SELECT id FROM files WHERE type = 1 AND path = ?", - DB_TEXT, dir, DB_INT); + e = this->db->query(this->db, "SELECT id, owner FROM keys WHERE keyid= ?", + DB_BLOB, this->key, DB_INT, DB_TEXT); if (e) { - if (e->enumerate(e, &this->did)) + if (e->enumerate(e, &this->kid, &owner)) { - this->dir_set = TRUE; + this->owner = strdup(owner); + this->key_set = TRUE; } e->destroy(e); } - if (this->dir_set) + if (this->key_set) { return TRUE; } if (!create) { - printf("directory '%s' not found in database\n", dir); + printf("key '%#B' not found in database\n", &this->key); return FALSE; } /* Add a new database entry */ - this->dir_set = this->db->execute(this->db, &this->did, - "INSERT INTO files (type, path) VALUES (1, ?)", - DB_TEXT, dir) == 1; + if (!this->owner) + { + this->owner = strdup(""); + } + this->key_set = this->db->execute(this->db, &this->kid, + "INSERT INTO keys (keyid, owner) VALUES (?, ?)", + DB_BLOB, this->key, DB_TEXT, this->owner) == 1; - printf("directory '%s' %sinserted into database\n", dir, - this->dir_set ? "" : "could not be "); + printf("key '%#B' %sinserted into database\n", &this->key, + this->key_set ? "" : "could not be "); - return this->dir_set; -} + return this->key_set; -METHOD(attest_db_t, set_did, bool, - private_attest_db_t *this, int did) +}; + +METHOD(attest_db_t, set_kid, bool, + private_attest_db_t *this, int kid) { enumerator_t *e; - char *dir; + chunk_t key; + char *owner; - if (this->dir_set) + if (this->key_set) { - printf("directory has already been set\n"); + printf("key has already been set\n"); return FALSE; } - this->did = did; + this->kid = kid; - e = this->db->query(this->db, "SELECT path FROM files WHERE id = ?", - DB_INT, did, DB_TEXT); + e = this->db->query(this->db, "SELECT keyid, owner FROM keys WHERE id = ?", + DB_INT, kid, DB_BLOB, DB_TEXT); if (e) { - if (e->enumerate(e, &dir)) + if (e->enumerate(e, &key, &owner)) { - free(this->dir); - this->dir = strdup(dir); - this->dir_set = TRUE; + this->owner = strdup(owner); + this->key = chunk_clone(key); + this->key_set = TRUE; } else { - printf("no directory found with did %d\n", did); + printf("no key found with kid %d\n", kid); } e->destroy(e); } - return this->dir_set; -} + return this->key_set; -METHOD(attest_db_t, set_component, bool, - private_attest_db_t *this, char *comp, bool create) +}; + +METHOD(attest_db_t, set_product, bool, + private_attest_db_t *this, char *product, bool create) { enumerator_t *e; - char *pos1, *pos2; - int vid, name, qualifier; - pts_comp_func_name_t *cfn; - if (this->comp_set) - { - printf("component has already been set\n"); - return FALSE; - } - - /* parse component string */ - pos1 = strchr(comp, '/'); - pos2 = strchr(comp, '-'); - if (!pos1 || !pos2) + if (this->product_set) { - printf("component string must have the form \"vendor_id/name-qualifier\"\n"); + printf("product has already been set\n"); return FALSE; } - vid = atoi(comp); - name = atoi(pos1 + 1); - qualifier = atoi(pos2 + 1); - cfn = pts_comp_func_name_create(vid, name, qualifier); + this->product = strdup(product); - e = this->db->query(this->db, - "SELECT id FROM components " - "WHERE vendor_id = ? AND name = ? AND qualifier = ?", - DB_INT, vid, DB_INT, name, DB_INT, qualifier, DB_INT); + e = this->db->query(this->db, "SELECT id FROM products WHERE name = ?", + DB_TEXT, product, DB_INT); if (e) { - if (e->enumerate(e, &this->cid)) + if (e->enumerate(e, &this->pid)) { - this->comp_set = TRUE; - this->cfn = cfn; + this->product_set = TRUE; } e->destroy(e); } - if (this->comp_set) + if (this->product_set) { return TRUE; } if (!create) { - printf("component '%s' not found in database\n", print_cfn(cfn)); - cfn->destroy(cfn); + printf("product '%s' not found in database\n", product); return FALSE; } /* Add a new database entry */ - this->comp_set = this->db->execute(this->db, &this->cid, - "INSERT INTO components (vendor_id, name, qualifier) " - "VALUES (?, ?, ?)", - DB_INT, vid, DB_INT, name, DB_INT, qualifier) == 1; + this->product_set = this->db->execute(this->db, &this->pid, + "INSERT INTO products (name) VALUES (?)", + DB_TEXT, product) == 1; - printf("component '%s' %sinserted into database\n", print_cfn(cfn), - this->comp_set ? "" : "could not be "); - if (this->comp_set) - { - this->cfn = cfn; - } - else - { - cfn->destroy(cfn); - } - return this->comp_set; + printf("product '%s' %sinserted into database\n", product, + this->product_set ? "" : "could not be "); + + return this->product_set; } -METHOD(attest_db_t, set_cid, bool, - private_attest_db_t *this, int cid) +METHOD(attest_db_t, set_pid, bool, + private_attest_db_t *this, int pid) { enumerator_t *e; - int vid, name, qualifier; + char *product; - if (this->comp_set) + if (this->product_set) { - printf("component has already been set\n"); + printf("product has already been set\n"); return FALSE; } - this->cid = cid; + this->pid = pid; - e = this->db->query(this->db, "SELECT vendor_id, name, qualifier " - "FROM components WHERE id = ?", - DB_INT, cid, DB_INT, DB_INT, DB_INT); + e = this->db->query(this->db, "SELECT name FROM products WHERE id = ?", + DB_INT, pid, DB_TEXT); if (e) { - if (e->enumerate(e, &vid, &name, &qualifier)) + if (e->enumerate(e, &product)) { - this->cfn = pts_comp_func_name_create(vid, name, qualifier); - this->comp_set = TRUE; + this->product = strdup(product); + this->product_set = TRUE; } else { - printf("no component found with cid %d\n", cid); + printf("no product found with pid %d in database\n", pid); } e->destroy(e); } - return this->comp_set; + return this->product_set; } METHOD(attest_db_t, set_algo, void, @@ -462,6 +567,13 @@ METHOD(attest_db_t, set_algo, void, this->algo = algo; } +METHOD(attest_db_t, set_owner, void, + private_attest_db_t *this, char *owner) +{ + free(this->owner); + this->owner = strdup(owner); +} + METHOD(attest_db_t, list_components, void, private_attest_db_t *this) { @@ -469,14 +581,14 @@ METHOD(attest_db_t, list_components, void, pts_comp_func_name_t *cfn; int cid, vid, name, qualifier, count = 0; - if (this->pid) + if (this->kid) { e = this->db->query(this->db, "SELECT c.id, c.vendor_id, c.name, c.qualifier " "FROM components AS c " - "JOIN product_component AS pc ON c.id = pc.component " - "WHERE pc.product = ? ORDER BY c.vendor_id, c.name, c.qualifier", - DB_INT, this->pid, DB_INT, DB_INT, DB_INT, DB_INT); + "JOIN key_component AS kc ON c.id = kc.component " + "WHERE kc.key = ? ORDER BY c.vendor_id, c.name, c.qualifier", + DB_INT, this->kid, DB_INT, DB_INT, DB_INT, DB_INT); } else { @@ -497,14 +609,63 @@ METHOD(attest_db_t, list_components, void, e->destroy(e); printf("%d component%s found", count, (count == 1) ? "" : "s"); - if (this->product_set) + if (this->key_set) { - printf(" for product '%s'", this->product); + printf(" for key %#B", &this->key); } printf("\n"); } } +METHOD(attest_db_t, list_keys, void, + private_attest_db_t *this) +{ + enumerator_t *e; + chunk_t keyid; + char *owner; + int kid, count = 0; + + if (this->cid) + { + e = this->db->query(this->db, + "SELECT k.id, k.keyid, k.owner FROM keys AS k " + "JOIN key_component AS kc ON k.id = kc.key " + "WHERE kc.component = ? ORDER BY k.keyid", + DB_INT, this->cid, DB_INT, DB_BLOB, DB_TEXT); + if (e) + { + while (e->enumerate(e, &kid, &keyid, &owner)) + { + printf("%3d: %#B '%s'\n", kid, &keyid, owner); + count++; + } + e->destroy(e); + } + } + else + { + e = this->db->query(this->db, "SELECT id, keyid, owner FROM keys " + "ORDER BY keyid", + DB_INT, DB_BLOB, DB_TEXT); + if (e) + { + while (e->enumerate(e, &kid, &keyid, &owner)) + { + printf("%3d: %#B '%s'\n", kid, &keyid, owner); + count++; + } + e->destroy(e); + } + } + + printf("%d key%s found", count, (count == 1) ? "" : "s"); + if (this->comp_set) + { + printf(" for component '%s'", print_cfn(this->cfn)); + } + printf("\n"); +} + METHOD(attest_db_t, list_files, void, private_attest_db_t *this) { @@ -584,23 +745,6 @@ METHOD(attest_db_t, list_products, void, e->destroy(e); } } - else if (this->cid) - { - e = this->db->query(this->db, - "SELECT p.id, p.name FROM products AS p " - "JOIN product_component AS pc ON p.id = pc.product " - "WHERE pc.component = ? ORDER BY p.name", - DB_INT, this->cid, DB_INT, DB_TEXT); - if (e) - { - while (e->enumerate(e, &pid, &product, &meas, &meta)) - { - printf("%3d: %s\n", pid, product); - count++; - } - e->destroy(e); - } - } else { e = this->db->query(this->db, "SELECT id, name FROM products " @@ -622,10 +766,6 @@ METHOD(attest_db_t, list_products, void, { printf(" for file '%s'", this->file); } - else if (this->comp_set) - { - printf(" for component '%s'", print_cfn(this->cfn)); - } printf("\n"); } @@ -672,34 +812,7 @@ METHOD(attest_db_t, list_hashes, void, dir = strdup(""); - if (this->pid && this->fid && this->cid) - { - e = this->db->query(this->db, - "SELECT hash FROM file_hashes " - "WHERE algo = ? AND file = ? AND component = ? AND product = ?", - DB_INT, this->algo, DB_INT, this->fid, DB_INT, this->cid, - DB_INT, this->pid, DB_BLOB); - if (e) - { - while (e->enumerate(e, &hash)) - { - if (this->fid != fid_old) - { - printf("%3d: %s%s%s\n", this->fid, this->dir, - slash(this->dir, this->file) ? "/" : "", this->file); - fid_old = this->fid; - } - printf(" %#B '%s'\n", &hash, this->product); - count++; - } - e->destroy(e); - - printf("%d %N value%s found for component '%s'\n", count, - hash_algorithm_names, pts_meas_algo_to_hash(this->algo), - (count == 1) ? "" : "s", print_cfn(this->cfn)); - } - } - else if (this->pid && this->fid) + if (this->pid && this->fid) { e = this->db->query(this->db, "SELECT hash FROM file_hashes " @@ -824,6 +937,110 @@ METHOD(attest_db_t, list_hashes, void, free(dir); } +METHOD(attest_db_t, list_measurements, void, + private_attest_db_t *this) +{ + enumerator_t *e; + chunk_t hash, keyid; + pts_comp_func_name_t *cfn; + char *owner; + int seq_no, pcr, vid, name, qualifier; + int cid, cid_old = 0, kid, kid_old = 0, count = 0; + + if (this->kid && this->cid) + { + e = this->db->query(this->db, + "SELECT ch.seq_no, ch.pcr, ch.hash, k.owner " + "FROM component_hashes AS ch " + "JOIN keys AS k ON k.id = ch.key " + "WHERE ch.algo = ? AND ch.key = ? AND ch.component = ? " + "ORDER BY seq_no", + DB_INT, this->algo, DB_INT, this->kid, DB_INT, this->cid, + DB_INT, DB_INT, DB_BLOB, DB_TEXT); + if (e) + { + while (e->enumerate(e, &seq_no, &pcr, &hash, &owner)) + { + if (this->kid != kid_old) + { + printf("%3d: %#B '%s'\n", this->kid, &this->key, owner); + kid_old = this->kid; + } + printf("%5d %02d %#B\n", seq_no, pcr, &hash); + count++; + } + e->destroy(e); + + printf("%d %N value%s found for component '%s'\n", count, + hash_algorithm_names, pts_meas_algo_to_hash(this->algo), + (count == 1) ? "" : "s", print_cfn(this->cfn)); + } + } + else if (this->cid) + { + e = this->db->query(this->db, + "SELECT ch.seq_no, ch.pcr, ch.hash, k.id, k.keyid, k.owner " + "FROM component_hashes AS ch " + "JOIN keys AS k ON k.id = ch.key " + "WHERE ch.algo = ? AND ch.component = ? " + "ORDER BY keyid, seq_no", + DB_INT, this->algo, DB_INT, this->cid, + DB_INT, DB_INT, DB_BLOB, DB_INT, DB_BLOB, DB_TEXT); + if (e) + { + while (e->enumerate(e, &seq_no, &pcr, &hash, &kid, &keyid, &owner)) + { + if (kid != kid_old) + { + printf("%3d: %#B '%s'\n", kid, &keyid, owner); + kid_old = kid; + } + printf("%5d %02d %#B\n", seq_no, pcr, &hash); + count++; + } + e->destroy(e); + + printf("%d %N value%s found for component '%s'\n", count, + hash_algorithm_names, pts_meas_algo_to_hash(this->algo), + (count == 1) ? "" : "s", print_cfn(this->cfn)); + } + + } + else if (this->kid) + { + e = this->db->query(this->db, + "SELECT ch.seq_no, ch.pcr, ch.hash, " + "c.id, c.vendor_id, c.name, c.qualifier " + "FROM component_hashes AS ch " + "JOIN components AS c ON c.id = ch.component " + "WHERE ch.algo = ? AND ch.key = ? " + "ORDER BY vendor_id, name, qualifier, seq_no", + DB_INT, this->algo, DB_INT, this->kid, DB_INT, DB_INT, DB_BLOB, + DB_TEXT, DB_INT, DB_INT, DB_INT, DB_INT); + if (e) + { + while (e->enumerate(e, &seq_no, &pcr, &hash, &cid, &vid, &name, + &qualifier)) + { + if (cid != cid_old) + { + cfn = pts_comp_func_name_create(vid, name, qualifier); + printf("%3d: %s\n", cid, print_cfn(cfn)); + cfn->destroy(cfn); + cid_old = cid; + } + printf("%5d %02d %#B\n", seq_no, pcr, &hash); + count++; + } + e->destroy(e); + + printf("%d %N value%s found for key %#B '%s'\n", count, + hash_algorithm_names, pts_meas_algo_to_hash(this->algo), + (count == 1) ? "" : "s", &this->key, this->owner); + } + } +} + METHOD(attest_db_t, add, bool, private_attest_db_t *this) { @@ -841,13 +1058,30 @@ METHOD(attest_db_t, delete, bool, return FALSE; } - if (this->pid) + if (this->kid && this->did) + { + printf("deletion of key/component entries not supported yet\n"); + return FALSE; + } + + if (this->cid) { success = this->db->execute(this->db, NULL, - "DELETE FROM products WHERE id = ?", - DB_UINT, this->pid) > 0; + "DELETE FROM components WHERE id = ?", + DB_UINT, this->cid) > 0; - printf("product '%s' %sdeleted from database\n", this->product, + printf("component '%s' %sdeleted from database\n", print_cfn(this->cfn), + success ? "" : "could not be "); + return success; + } + + if (this->did) + { + success = this->db->execute(this->db, NULL, + "DELETE FROM files WHERE type = 1 AND id = ?", + DB_UINT, this->did) > 0; + + printf("directory '%s' %sdeleted from database\n", this->dir, success ? "" : "could not be "); return success; } @@ -863,24 +1097,23 @@ METHOD(attest_db_t, delete, bool, return success; } - if (this->did) + if (this->kid) { success = this->db->execute(this->db, NULL, - "DELETE FROM files WHERE type = 1 AND id = ?", - DB_UINT, this->did) > 0; + "DELETE FROM keys WHERE id = ?", + DB_UINT, this->kid) > 0; - printf("directory '%s' %sdeleted from database\n", this->dir, + printf("key %#B %sdeleted from database\n", &this->key, success ? "" : "could not be "); return success; } - - if (this->cid) + if (this->pid) { success = this->db->execute(this->db, NULL, - "DELETE FROM components WHERE id = ?", - DB_UINT, this->cid) > 0; + "DELETE FROM products WHERE id = ?", + DB_UINT, this->pid) > 0; - printf("component '%s' %sdeleted from database\n", print_cfn(this->cfn), + printf("product '%s' %sdeleted from database\n", this->product, success ? "" : "could not be "); return success; } @@ -897,6 +1130,8 @@ METHOD(attest_db_t, destroy, void, free(this->product); free(this->file); free(this->dir); + free(this->owner); + free(this->key.ptr); free(this); } @@ -909,19 +1144,24 @@ attest_db_t *attest_db_create(char *uri) INIT(this, .public = { - .set_product = _set_product, - .set_pid = _set_pid, - .set_file = _set_file, - .set_fid = _set_fid, - .set_directory = _set_directory, - .set_did = _set_did, .set_component = _set_component, .set_cid = _set_cid, + .set_directory = _set_directory, + .set_did = _set_did, + .set_file = _set_file, + .set_fid = _set_fid, + .set_key = _set_key, + .set_kid = _set_kid, + .set_product = _set_product, + .set_pid = _set_pid, .set_algo = _set_algo, + .set_owner = _set_owner, .list_products = _list_products, .list_files = _list_files, .list_components = _list_components, + .list_keys = _list_keys, .list_hashes = _list_hashes, + .list_measurements = _list_measurements, .add = _add, .delete = _delete, .destroy = _destroy, |