diff options
Diffstat (limited to 'src/libpts/pts')
| -rw-r--r-- | src/libpts/pts/components/ita/ita_comp_ima.c | 91 | ||||
| -rw-r--r-- | src/libpts/pts/components/ita/ita_comp_ima.h | 6 | ||||
| -rw-r--r-- | src/libpts/pts/components/ita/ita_comp_tboot.c | 89 | ||||
| -rw-r--r-- | src/libpts/pts/components/ita/ita_comp_tboot.h | 6 | ||||
| -rw-r--r-- | src/libpts/pts/components/ita/ita_comp_tgrub.c | 20 | ||||
| -rw-r--r-- | src/libpts/pts/components/ita/ita_comp_tgrub.h | 6 | ||||
| -rw-r--r-- | src/libpts/pts/components/pts_component.h | 10 | ||||
| -rw-r--r-- | src/libpts/pts/components/pts_component_manager.c | 5 | ||||
| -rw-r--r-- | src/libpts/pts/components/pts_component_manager.h | 8 | ||||
| -rw-r--r-- | src/libpts/pts/pts.h | 4 | ||||
| -rw-r--r-- | src/libpts/pts/pts_database.c | 56 | ||||
| -rw-r--r-- | src/libpts/pts/pts_database.h | 32 |
12 files changed, 272 insertions, 61 deletions
diff --git a/src/libpts/pts/components/ita/ita_comp_ima.c b/src/libpts/pts/components/ita/ita_comp_ima.c index 808a59580..2c9b66a30 100644 --- a/src/libpts/pts/components/ita/ita_comp_ima.c +++ b/src/libpts/pts/components/ita/ita_comp_ima.c @@ -57,11 +57,21 @@ struct pts_ita_comp_ima_t { u_int32_t depth; /** + * PTS measurement database + */ + pts_database_t *pts_db; + + /** * AIK keyid */ chunk_t keyid; /** + * Component is registering measurements + */ + bool is_registering; + + /** * IMA BIOS measurement time */ time_t bios_measurement_time; @@ -253,8 +263,7 @@ METHOD(pts_component_t, measure, status_t, } METHOD(pts_component_t, verify, status_t, - pts_ita_comp_ima_t *this, pts_t *pts, pts_database_t *pts_db, - pts_comp_evidence_t *evidence) + pts_ita_comp_ima_t *this, pts_t *pts, pts_comp_evidence_t *evidence) { bool has_pcr_info; u_int32_t extended_pcr, vid, name; @@ -265,7 +274,7 @@ METHOD(pts_component_t, verify, status_t, chunk_t measurement, pcr_before, pcr_after; measurement = evidence->get_measurement(evidence, &extended_pcr, - &algo, &transform, &measurement_time); + &algo, &transform, &measurement_time); if (!this->keyid.ptr) { @@ -275,13 +284,13 @@ METHOD(pts_component_t, verify, status_t, } this->keyid = chunk_clone(this->keyid); - if (!pts_db) + if (!this->pts_db) { DBG1(DBG_PTS, "pts database not available"); return FAILED; } - if (!pts_db->get_comp_measurement_count(pts_db, this->name, this->keyid, - algo, &this->count)) + if (this->pts_db->get_comp_measurement_count(this->pts_db, this->name, + this->keyid, algo, &this->count) != SUCCESS) { return FAILED; } @@ -289,20 +298,37 @@ METHOD(pts_component_t, verify, status_t, name = this->name->get_name(this->name); names = pts_components->get_comp_func_names(pts_components, vid); - if (this->count == 0) + if (this->count) { - DBG1(DBG_PTS, "no %N '%N' functional component evidence measurements " - "available", pen_names, vid, names, name); - return FAILED; + DBG1(DBG_PTS, "checking %d %N '%N' functional component evidence " + "measurements", this->count, pen_names, vid, names, name); } - DBG1(DBG_PTS, "checking %d %N '%N' functional component evidence measurements", - this->count, pen_names, vid, names, name); + else + { + DBG1(DBG_PTS, "registering %N '%N' functional component evidence " + "measurements", pen_names, vid, names, name); + this->is_registering = TRUE; } + } - if (pts_db->check_comp_measurement(pts_db, measurement, this->name, - this->keyid, ++this->seq_no, extended_pcr, algo) != SUCCESS) + if (this->is_registering) { - return FAILED; + if (this->pts_db->insert_comp_measurement(this->pts_db, measurement, + this->name, this->keyid, ++this->seq_no, + extended_pcr, algo) != SUCCESS) + { + return FAILED; + } + this->count = this->seq_no + 1; + } + else + { + if (this->pts_db->check_comp_measurement(this->pts_db, measurement, + this->name, this->keyid, ++this->seq_no, + extended_pcr, algo) != SUCCESS) + { + return FAILED; + } } has_pcr_info = evidence->get_pcr_info(evidence, &pcr_before, &pcr_after); @@ -317,15 +343,43 @@ METHOD(pts_component_t, verify, status_t, return (this->seq_no < this->count) ? NEED_MORE : SUCCESS; } +METHOD(pts_component_t, check_off_registrations, bool, + pts_ita_comp_ima_t *this) +{ + u_int32_t vid, name; + enum_name_t *names; + + if (!this->is_registering) + { + return FALSE; + } + + /* Finalize registration */ + this->is_registering = FALSE; + + vid = this->name->get_vendor_id(this->name); + name = this->name->get_name(this->name); + names = pts_components->get_comp_func_names(pts_components, vid); + DBG1(DBG_PTS, "registered %d %N '%N' functional component evidence " + "measurements", this->seq_no, pen_names, vid, names, name); + return TRUE; +} + METHOD(pts_component_t, destroy, void, pts_ita_comp_ima_t *this) { - int i; + int i, count; for (i = 0; i < IMA_PCR_MAX; i++) { free(this->pcrs[i].ptr); } + if (this->is_registering) + { + count = this->pts_db->delete_comp_measurements(this->pts_db, this->name, + this->keyid); + DBG1(DBG_PTS, " deleted %d measurements", count); + } this->list->destroy_function(this->list, (void *)free_entry); this->name->destroy(this->name); free(this->keyid.ptr); @@ -335,7 +389,8 @@ METHOD(pts_component_t, destroy, void, /** * See header */ -pts_component_t *pts_ita_comp_ima_create(u_int8_t qualifier, u_int32_t depth) +pts_component_t *pts_ita_comp_ima_create(u_int8_t qualifier, u_int32_t depth, + pts_database_t *pts_db) { pts_ita_comp_ima_t *this; int i; @@ -347,11 +402,13 @@ pts_component_t *pts_ita_comp_ima_create(u_int8_t qualifier, u_int32_t depth) .get_depth = _get_depth, .measure = _measure, .verify = _verify, + .check_off_registrations = _check_off_registrations, .destroy = _destroy, }, .name = pts_comp_func_name_create(PEN_ITA, PTS_ITA_COMP_FUNC_NAME_IMA, qualifier), .depth = depth, + .pts_db = pts_db, .list = linked_list_create(), ); diff --git a/src/libpts/pts/components/ita/ita_comp_ima.h b/src/libpts/pts/components/ita/ita_comp_ima.h index 429351827..1ca27e6f0 100644 --- a/src/libpts/pts/components/ita/ita_comp_ima.h +++ b/src/libpts/pts/components/ita/ita_comp_ima.h @@ -27,8 +27,10 @@ * Create a PTS ITS Functional Component object * * @param qualifier PTS Component Functional Name Qualifier - * + * @param depth Sub-component depth + * @param pts_db PTS measurement database */ -pts_component_t* pts_ita_comp_ima_create(u_int8_t qualifier, u_int32_t depth); +pts_component_t* pts_ita_comp_ima_create(u_int8_t qualifier, u_int32_t depth, + pts_database_t *pts_db); #endif /** PTS_ITA_COMP_IMA_H_ @}*/ diff --git a/src/libpts/pts/components/ita/ita_comp_tboot.c b/src/libpts/pts/components/ita/ita_comp_tboot.c index 67ad2d432..c61132562 100644 --- a/src/libpts/pts/components/ita/ita_comp_tboot.c +++ b/src/libpts/pts/components/ita/ita_comp_tboot.c @@ -47,11 +47,21 @@ struct pts_ita_comp_tboot_t { u_int32_t depth; /** + * PTS measurement database + */ + pts_database_t *pts_db; + + /** * AIK keyid */ chunk_t keyid; /** + * Component is registering measurements + */ + bool is_registering; + + /** * Time of TBOOT measurement */ time_t measurement_time; @@ -156,8 +166,7 @@ METHOD(pts_component_t, measure, status_t, } METHOD(pts_component_t, verify, status_t, - pts_ita_comp_tboot_t *this, pts_t *pts, pts_database_t *pts_db, - pts_comp_evidence_t *evidence) + pts_ita_comp_tboot_t *this, pts_t *pts, pts_comp_evidence_t *evidence) { bool has_pcr_info; u_int32_t extended_pcr, vid, name; @@ -178,13 +187,13 @@ METHOD(pts_component_t, verify, status_t, } this->keyid = chunk_clone(this->keyid); - if (!pts_db) + if (!this->pts_db) { DBG1(DBG_PTS, "pts database not available"); return FAILED; } - if (!pts_db->get_comp_measurement_count(pts_db, this->name, this->keyid, - algo, &this->count)) + if (this->pts_db->get_comp_measurement_count(this->pts_db, this->name, + this->keyid, algo, &this->count) != SUCCESS) { return FAILED; } @@ -192,20 +201,37 @@ METHOD(pts_component_t, verify, status_t, name = this->name->get_name(this->name); names = pts_components->get_comp_func_names(pts_components, vid); - if (this->count == 0) + if (this->count) { - DBG1(DBG_PTS, "no %N '%N' functional component evidence measurements " - "available", pen_names, vid, names, name); - return FAILED; + DBG1(DBG_PTS, "checking %d %N '%N' functional component evidence " + "measurements", this->count, pen_names, vid, names, name); } - DBG1(DBG_PTS, "checking %d %N '%N' functional component evidence measurements", - this->count, pen_names, vid, names, name); + else + { + DBG1(DBG_PTS, "registering %N '%N' functional component evidence " + "measurements", pen_names, vid, names, name); + this->is_registering = TRUE; } + } - if (pts_db->check_comp_measurement(pts_db, measurement, this->name, - this->keyid, ++this->seq_no, extended_pcr, algo) != SUCCESS) + if (this->is_registering) { - return FAILED; + if (this->pts_db->insert_comp_measurement(this->pts_db, measurement, + this->name, this->keyid, ++this->seq_no, + extended_pcr, algo) != SUCCESS) + { + return FAILED; + } + this->count = this->seq_no + 1; + } + else + { + if (this->pts_db->check_comp_measurement(this->pts_db, measurement, + this->name, this->keyid, ++this->seq_no, + extended_pcr, algo) != SUCCESS) + { + return FAILED; + } } has_pcr_info = evidence->get_pcr_info(evidence, &pcr_before, &pcr_after); @@ -220,9 +246,39 @@ METHOD(pts_component_t, verify, status_t, return (this->seq_no < this->count) ? NEED_MORE : SUCCESS; } +METHOD(pts_component_t, check_off_registrations, bool, + pts_ita_comp_tboot_t *this) +{ + u_int32_t vid, name; + enum_name_t *names; + + if (!this->is_registering) + { + return FALSE; + } + + /* Finalize registration */ + this->is_registering = FALSE; + + vid = this->name->get_vendor_id(this->name); + name = this->name->get_name(this->name); + names = pts_components->get_comp_func_names(pts_components, vid); + DBG1(DBG_PTS, "registered %d %N '%N' functional component evidence " + "measurements", this->seq_no, pen_names, vid, names, name); + return TRUE; +} + METHOD(pts_component_t, destroy, void, pts_ita_comp_tboot_t *this) { + int count; + + if (this->is_registering) + { + count = this->pts_db->delete_comp_measurements(this->pts_db, this->name, + this->keyid); + DBG1(DBG_PTS, " deleted %d measurements", count); + } this->name->destroy(this->name); free(this->keyid.ptr); free(this); @@ -231,7 +287,8 @@ METHOD(pts_component_t, destroy, void, /** * See header */ -pts_component_t *pts_ita_comp_tboot_create(u_int8_t qualifier, u_int32_t depth) +pts_component_t *pts_ita_comp_tboot_create(u_int8_t qualifier, u_int32_t depth, + pts_database_t *pts_db) { pts_ita_comp_tboot_t *this; @@ -242,11 +299,13 @@ pts_component_t *pts_ita_comp_tboot_create(u_int8_t qualifier, u_int32_t depth) .get_depth = _get_depth, .measure = _measure, .verify = _verify, + .check_off_registrations = _check_off_registrations, .destroy = _destroy, }, .name = pts_comp_func_name_create(PEN_ITA, PTS_ITA_COMP_FUNC_NAME_TBOOT, qualifier), .depth = depth, + .pts_db = pts_db, ); return &this->public; diff --git a/src/libpts/pts/components/ita/ita_comp_tboot.h b/src/libpts/pts/components/ita/ita_comp_tboot.h index 8fba1125a..39554fbc7 100644 --- a/src/libpts/pts/components/ita/ita_comp_tboot.h +++ b/src/libpts/pts/components/ita/ita_comp_tboot.h @@ -27,8 +27,10 @@ * Create a PTS ITS Functional Component object * * @param qualifier PTS Component Functional Name Qualifier - * + * @param depth Sub-component depth + * @param pts_db PTS measurement database */ -pts_component_t* pts_ita_comp_tboot_create(u_int8_t qualifier, u_int32_t depth); +pts_component_t* pts_ita_comp_tboot_create(u_int8_t qualifier, u_int32_t depth, + pts_database_t *pts_db); #endif /** PTS_ITA_COMP_TBOOT_H_ @}*/ diff --git a/src/libpts/pts/components/ita/ita_comp_tgrub.c b/src/libpts/pts/components/ita/ita_comp_tgrub.c index 168f116dc..a1b2cd066 100644 --- a/src/libpts/pts/components/ita/ita_comp_tgrub.c +++ b/src/libpts/pts/components/ita/ita_comp_tgrub.c @@ -44,6 +44,12 @@ struct pts_ita_comp_tgrub_t { * Sub-component depth */ u_int32_t depth; + + /** + * PTS measurement database + */ + pts_database_t *pts_db; + }; METHOD(pts_component_t, get_comp_func_name, pts_comp_func_name_t*, @@ -106,8 +112,7 @@ METHOD(pts_component_t, measure, status_t, } METHOD(pts_component_t, verify, status_t, - pts_ita_comp_tgrub_t *this, pts_t *pts, pts_database_t *pts_db, - pts_comp_evidence_t *evidence) + pts_ita_comp_tgrub_t *this, pts_t *pts, pts_comp_evidence_t *evidence) { bool has_pcr_info; u_int32_t extended_pcr; @@ -137,6 +142,12 @@ METHOD(pts_component_t, verify, status_t, return SUCCESS; } +METHOD(pts_component_t, check_off_registrations, bool, + pts_ita_comp_tgrub_t *this) +{ + return FALSE; +} + METHOD(pts_component_t, destroy, void, pts_ita_comp_tgrub_t *this) { @@ -147,7 +158,8 @@ METHOD(pts_component_t, destroy, void, /** * See header */ -pts_component_t *pts_ita_comp_tgrub_create(u_int8_t qualifier, u_int32_t depth) +pts_component_t *pts_ita_comp_tgrub_create(u_int8_t qualifier, u_int32_t depth, + pts_database_t *pts_db) { pts_ita_comp_tgrub_t *this; @@ -158,11 +170,13 @@ pts_component_t *pts_ita_comp_tgrub_create(u_int8_t qualifier, u_int32_t depth) .get_depth = _get_depth, .measure = _measure, .verify = _verify, + .check_off_registrations = _check_off_registrations, .destroy = _destroy, }, .name = pts_comp_func_name_create(PEN_ITA, PTS_ITA_COMP_FUNC_NAME_TGRUB, qualifier), .depth = depth, + .pts_db = pts_db, ); return &this->public; diff --git a/src/libpts/pts/components/ita/ita_comp_tgrub.h b/src/libpts/pts/components/ita/ita_comp_tgrub.h index 3c0ba0203..52ecc325c 100644 --- a/src/libpts/pts/components/ita/ita_comp_tgrub.h +++ b/src/libpts/pts/components/ita/ita_comp_tgrub.h @@ -27,8 +27,10 @@ * Create a PTS ITS Functional Component object * * @param qualifier PTS Component Functional Name Qualifier - * + * @param depth Sub-component depth + * @param pts_db PTS measurement database */ -pts_component_t* pts_ita_comp_tgrub_create(u_int8_t qualifier, u_int32_t depth); +pts_component_t* pts_ita_comp_tgrub_create(u_int8_t qualifier, u_int32_t depth, + pts_database_t *pts_db); #endif /** PTS_ITA_COMP_TGRUB_H_ @}*/ diff --git a/src/libpts/pts/components/pts_component.h b/src/libpts/pts/components/pts_component.h index 42e592f3f..524ff332d 100644 --- a/src/libpts/pts/components/pts_component.h +++ b/src/libpts/pts/components/pts_component.h @@ -70,14 +70,20 @@ struct pts_component_t { * Verify the evidence measurements of the PTS Functional Component * * @param pts PTS interface - * @param pts_db PTS measurement database * @param evidence component evidence measurement to be verified * @return status return code */ status_t (*verify)(pts_component_t *this, pts_t *pts, - pts_database_t *pts_db, pts_comp_evidence_t *evidence); + + /** + * Tell the PTS Functional Component to finalize pending registrations + * + * @return TRUE if there are pending registrations + */ + bool (*check_off_registrations)(pts_component_t *this); + /** * Destroys a pts_component_t object. */ diff --git a/src/libpts/pts/components/pts_component_manager.c b/src/libpts/pts/components/pts_component_manager.c index 5f11e41a7..8ac4767bf 100644 --- a/src/libpts/pts/components/pts_component_manager.c +++ b/src/libpts/pts/components/pts_component_manager.c @@ -253,7 +253,7 @@ METHOD(pts_component_manager_t, get_qualifier, u_int8_t, METHOD(pts_component_manager_t, create, pts_component_t*, private_pts_component_manager_t *this, - pts_comp_func_name_t *name, u_int32_t depth) + pts_comp_func_name_t *name, u_int32_t depth, pts_database_t *pts_db) { enumerator_t *enumerator, *e2; vendor_entry_t *entry; @@ -270,7 +270,8 @@ METHOD(pts_component_manager_t, create, pts_component_t*, { if (entry2->name == name->get_name(name) && entry2->create) { - component = entry2->create(name->get_qualifier(name), depth); + component = entry2->create(name->get_qualifier(name), + depth, pts_db); break; } } diff --git a/src/libpts/pts/components/pts_component_manager.h b/src/libpts/pts/components/pts_component_manager.h index c37794915..0079d0e26 100644 --- a/src/libpts/pts/components/pts_component_manager.h +++ b/src/libpts/pts/components/pts_component_manager.h @@ -23,6 +23,7 @@ typedef struct pts_component_manager_t pts_component_manager_t; +#include "pts/pts_database.h" #include "pts/components/pts_component.h" #include "pts/components/pts_comp_func_name.h" @@ -30,7 +31,8 @@ typedef struct pts_component_manager_t pts_component_manager_t; #include <pen/pen.h> typedef pts_component_t* (*pts_component_create_t)(u_int8_t qualifier, - u_int32_t depth); + u_int32_t depth, + pts_database_t *pts_db); /** * Manages PTS Functional Components @@ -102,10 +104,12 @@ struct pts_component_manager_t { * * @param name Component Functional Name * @param depth Sub-component Depth + * @param pts_db PTS measurement database * @return Component object if supported, NULL else */ pts_component_t* (*create)(pts_component_manager_t *this, - pts_comp_func_name_t *name, u_int32_t depth); + pts_comp_func_name_t *name, u_int32_t depth, + pts_database_t *pts_db); /** * Destroys a pts_component_manager_t object. diff --git a/src/libpts/pts/pts.h b/src/libpts/pts/pts.h index 327b1a13d..e1cba9180 100644 --- a/src/libpts/pts/pts.h +++ b/src/libpts/pts/pts.h @@ -32,10 +32,6 @@ typedef struct pts_t pts_t; #include "pts_req_func_comp_evid.h" #include "pts_simple_evid_final.h" #include "components/pts_comp_func_name.h" -#include "components/tcg/tcg_comp_func_name.h" -#include "components/ita/ita_comp_func_name.h" -#include "components/ita/ita_comp_tboot.h" -#include "components/ita/ita_comp_tgrub.h" #include <library.h> #include <utils/linked_list.h> diff --git a/src/libpts/pts/pts_database.c b/src/libpts/pts/pts_database.c index d91a408cf..c34b12cea 100644 --- a/src/libpts/pts/pts_database.c +++ b/src/libpts/pts/pts_database.c @@ -167,13 +167,53 @@ METHOD(pts_database_t, check_comp_measurement, status_t, return status; } -METHOD(pts_database_t, get_comp_measurement_count, bool, +METHOD(pts_database_t, insert_comp_measurement, status_t, + private_pts_database_t *this, chunk_t measurement, + pts_comp_func_name_t *comp_name, chunk_t keyid, + int seq_no, int pcr, pts_meas_algorithms_t algo) +{ + int id; + + if (this->db->execute(this->db, &id, + "INSERT INTO component_hashes " + "(component, key, seq_no, pcr, algo, hash) VALUES (" + "(SELECT id FROM components" + " WHERE vendor_id = ? AND name = ? AND qualifier = ?), " + "(SELECT id FROM keys WHERE keyid = ?), ?, ?, ?, ?)", + DB_INT, comp_name->get_vendor_id(comp_name), + DB_INT, comp_name->get_name(comp_name), + DB_INT, comp_name->get_qualifier(comp_name), + DB_BLOB, keyid, DB_INT, seq_no, DB_INT, pcr, + DB_INT, algo, DB_BLOB, measurement) == 1) + { + return SUCCESS; + } + + DBG1(DBG_PTS, "could not insert component measurement into database"); + return FAILED; +} + +METHOD(pts_database_t, delete_comp_measurements, int, + private_pts_database_t *this, pts_comp_func_name_t *comp_name, chunk_t keyid) +{ + return this->db->execute(this->db, NULL, + "DELETE FROM component_hashes WHERE " + "component = (SELECT id FROM components" + " WHERE vendor_id = ? AND name = ? AND qualifier = ?) AND " + "key = (SELECT id FROM keys WHERE keyid = ?))", + DB_INT, comp_name->get_vendor_id(comp_name), + DB_INT, comp_name->get_name(comp_name), + DB_INT, comp_name->get_qualifier(comp_name), + DB_BLOB, keyid); +} + +METHOD(pts_database_t, get_comp_measurement_count, status_t, private_pts_database_t *this, pts_comp_func_name_t *comp_name, chunk_t keyid, pts_meas_algorithms_t algo, int *count) { enumerator_t *e; int kid; - bool success = TRUE; + status_t status = SUCCESS; /* Initialize count */ *count = 0; @@ -184,13 +224,13 @@ METHOD(pts_database_t, get_comp_measurement_count, bool, if (!e) { DBG1(DBG_PTS, "no database query enumerator returned"); - return FALSE; + return FAILED; } if (!e->enumerate(e, &kid)) { DBG1(DBG_PTS, "AIK %#B is not registered in database", &keyid); e->destroy(e); - return FALSE; + return FAILED; } e->destroy(e); @@ -207,16 +247,16 @@ METHOD(pts_database_t, get_comp_measurement_count, bool, if (!e) { DBG1(DBG_PTS, "no database query enumerator returned"); - return FALSE; + return FAILED; } if (!e->enumerate(e, count)) { DBG1(DBG_PTS, "no component measurement count returned from database"); - success = FALSE; + status = FAILED; } e->destroy(e); - return success; + return status; } METHOD(pts_database_t, destroy, void, @@ -240,6 +280,8 @@ pts_database_t *pts_database_create(char *uri) .create_comp_evid_enumerator = _create_comp_evid_enumerator, .create_file_hash_enumerator = _create_file_hash_enumerator, .check_comp_measurement = _check_comp_measurement, + .insert_comp_measurement = _insert_comp_measurement, + .delete_comp_measurements = _delete_comp_measurements, .get_comp_measurement_count = _get_comp_measurement_count, .destroy = _destroy, }, diff --git a/src/libpts/pts/pts_database.h b/src/libpts/pts/pts_database.h index 61c00a1e9..dd87a5be3 100644 --- a/src/libpts/pts/pts_database.h +++ b/src/libpts/pts/pts_database.h @@ -82,21 +82,47 @@ struct pts_database_t { * @param seq_no Measurement sequence number * @param prc Number of the PCR the measurement was extended into * @param algo Hash algorithm used for measurement - * @return return code + * @return SUCCESS if check was successful */ status_t (*check_comp_measurement)(pts_database_t *this, chunk_t measurement, pts_comp_func_name_t *comp_name, chunk_t keyid, int seq_no, int pcr, pts_meas_algorithms_t algo); /** + * Insert a functional component measurement into the database + * + * @param measurement measurement hash + * @param comp_name Component Functional Name + * @param keyid SHA-1 hash of AIK public key info + * @param seq_no Measurement sequence number + * @param prc Number of the PCR the measurement was extended into + * @param algo Hash algorithm used for measurement + * @return SUCCESS if INSERT was successful + */ + status_t (*insert_comp_measurement)(pts_database_t *this, chunk_t measurement, + pts_comp_func_name_t *comp_name, chunk_t keyid, + int seq_no, int pcr, pts_meas_algorithms_t algo); + + /** + * Delete functional component measurements from the database + * + * @param comp_name Component Functional Name + * @param keyid SHA-1 hash of AIK public key info + * @return number of deleted measurement entries + */ + int (*delete_comp_measurements)(pts_database_t *this, + pts_comp_func_name_t *comp_name, chunk_t keyid); + + /** * Get the number of measurements for a functional component and AIK * * @param comp_name Component Functional Name * @param keyid SHA-1 hash of AIK public key info * @param algo Hash algorithm used for measurement - * @return measurement count + * @param count measurement count + * @return SUCCESS if COUNT was successful */ - bool (*get_comp_measurement_count)(pts_database_t *this, + status_t (*get_comp_measurement_count)(pts_database_t *this, pts_comp_func_name_t *comp_name, chunk_t keyid, pts_meas_algorithms_t algo, int *count); |