aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libimcv/plugins/imc_attestation/imc_attestation.c28
-rw-r--r--src/libimcv/plugins/imv_attestation/imv_attestation.c6
-rw-r--r--src/libpts/pts/pts.c32
-rw-r--r--src/libpts/pts/pts.h18
-rw-r--r--src/libpts/pts/pts_error.c2
5 files changed, 78 insertions, 8 deletions
diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation.c b/src/libimcv/plugins/imc_attestation/imc_attestation.c
index a96bc3de0..a2033972d 100644
--- a/src/libimcv/plugins/imc_attestation/imc_attestation.c
+++ b/src/libimcv/plugins/imc_attestation/imc_attestation.c
@@ -345,12 +345,38 @@ TNC_Result TNC_IMC_ReceiveMessage(TNC_IMCID imc_id,
char *pathname;
u_int16_t request_id;
bool is_directory;
+ u_int32_t delimiter;
pts_file_meas_t *measurements;
-
+ pts_error_code_t pts_error;
+ chunk_t attr_info;
+
attr_cast = (tcg_pts_attr_req_file_meas_t*)attr;
is_directory = attr_cast->get_directory_flag(attr_cast);
request_id = attr_cast->get_request_id(attr_cast);
+ delimiter = attr_cast->get_delimiter(attr_cast);
pathname = attr_cast->get_pathname(attr_cast);
+
+ if (pts->is_path_valid(pts, pathname, &pts_error) && pts_error)
+ {
+ attr_info = attr->get_value(attr);
+ attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
+ pts_error, attr_info);
+ attr_list->insert_last(attr_list, attr);
+ break;
+ }
+ else if (!pts->is_path_valid(pts, pathname, &pts_error))
+ {
+ break;
+ }
+
+ if (delimiter != SOLIDUS_UTF && delimiter != REVERSE_SOLIDUS_UTF)
+ {
+ attr_info = attr->get_value(attr);
+ attr = ietf_attr_pa_tnc_error_create(PEN_TCG,
+ TCG_PTS_INVALID_DELIMITER, attr_info);
+ attr_list->insert_last(attr_list, attr);
+ break;
+ }
/* Do PTS File Measurements and send them to PTS-IMV */
DBG2(DBG_IMC, "measurement request %d for %s '%s'",
diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation.c b/src/libimcv/plugins/imv_attestation/imv_attestation.c
index 25684ea1c..f4c53830c 100644
--- a/src/libimcv/plugins/imv_attestation/imv_attestation.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation.c
@@ -52,12 +52,6 @@ static const char imv_name[] = "Attestation";
#define IMV_VENDOR_ID PEN_TCG
#define IMV_SUBTYPE PA_SUBTYPE_TCG_PTS
-/**
- * UTF-8 encoding of the character used to delimiter the filename
- */
-#define SOLIDUS_UTF 0x002F
-#define REVERSE_SOLIDUS_UTF 0x005C
-
static imv_agent_t *imv_attestation;
/**
diff --git a/src/libpts/pts/pts.c b/src/libpts/pts/pts.c
index d1e6b594c..34d228354 100644
--- a/src/libpts/pts/pts.c
+++ b/src/libpts/pts/pts.c
@@ -269,6 +269,37 @@ static char* get_filename(char *pathname)
return filename;
}
+METHOD(pts_t, is_path_valid, bool, private_pts_t *this, char *path,
+ pts_error_code_t *error_code)
+{
+ int error;
+ struct stat sb;
+
+ error_code = NULL;
+ error = stat(path, &sb);
+ if (error == 0)
+ {
+ return TRUE;
+ }
+ else if (error == ENOENT || error == ENOTDIR)
+ {
+ DBG1(DBG_IMC, "file/directory does not exist %s", path);
+ *error_code = TCG_PTS_FILE_NOT_FOUND;
+ }
+ else if (error == EFAULT)
+ {
+ DBG1(DBG_IMC, "bad address %s", path);
+ *error_code = TCG_PTS_INVALID_PATH;
+ }
+ else
+ {
+ DBG1(DBG_IMC, "error: %s occured while validating path: %s", strerror(error), path);
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
METHOD(pts_t, do_measurements, pts_file_meas_t*,
private_pts_t *this, u_int16_t request_id, char *pathname, bool is_directory)
{
@@ -482,6 +513,7 @@ pts_t *pts_create(bool is_imc)
.set_tpm_version_info = _set_tpm_version_info,
.get_aik = _get_aik,
.set_aik = _set_aik,
+ .is_path_valid = _is_path_valid,
.do_measurements = _do_measurements,
.destroy = _destroy,
},
diff --git a/src/libpts/pts/pts.h b/src/libpts/pts/pts.h
index c2de2ac32..4dd7b5e9a 100644
--- a/src/libpts/pts/pts.h
+++ b/src/libpts/pts/pts.h
@@ -23,6 +23,7 @@
typedef struct pts_t pts_t;
+#include "pts_error.h"
#include "pts_proto_caps.h"
#include "pts_meas_algo.h"
#include "pts_file_meas.h"
@@ -30,6 +31,12 @@ typedef struct pts_t pts_t;
#include <library.h>
/**
+ * UTF-8 encoding of the character used to delimiter the filename
+ */
+#define SOLIDUS_UTF 0x002F
+#define REVERSE_SOLIDUS_UTF 0x005C
+
+/**
* Class implementing the TCG Platform Trust System (PTS)
*
*/
@@ -107,6 +114,17 @@ struct pts_t {
void (*set_aik)(pts_t *this, certificate_t *aik);
/**
+ * Check whether path is valid file/directory on filesystem
+ *
+ * @param path Absolute path
+ * @param error_code Output variable for PTS error code
+ * @return TRUE if path is valid or file/directory doesn't exist
+ * or path is invalid
+ * FALSE if local error occured within stat function
+ */
+ bool (*is_path_valid)(pts_t *this, char *path, pts_error_code_t *error_code);
+
+ /**
* Do PTS File Measurements
*
* @param request_id ID of PTS File Measurement Request
diff --git a/src/libpts/pts/pts_error.c b/src/libpts/pts/pts_error.c
index 843a38ac3..ec1e6c014 100644
--- a/src/libpts/pts/pts_error.c
+++ b/src/libpts/pts/pts_error.c
@@ -56,4 +56,4 @@ pa_tnc_attr_t* pts_hash_alg_error_create(pts_meas_algorithms_t algorithms)
writer->destroy(writer);
return attr;
-}
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-19 23:24:10 +0000