TiagoRG
/
it2s-itss-facilities
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

TPM verify entry proof sec.req fix

This commit is contained in:
emanuel 2022-07-06 17:50:29 +01:00
parent b1dcc015e8
commit 6ac3ff9b30
1 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/tpm.c
View File

@ -406,7 +406,7 @@ static void rsu_handle_recv(facilities_t* facilities, TPM_t* tpm_rx, void* secur
TollingType_t* type_rx = tpm_rx->tpm->tollingType; TollingType_t* type_rx = tpm_rx->tpm->tollingType;
uint64_t client_id, nonce, info_id; uint64_t client_id, nonce, info_id;
const uint32_t buf_len = 1024; const uint32_t buf_len = 1200;
uint8_t buf[buf_len]; uint8_t buf[buf_len];
uint8_t tpm_uper[buf_len]; uint8_t tpm_uper[buf_len];
@ -587,7 +587,7 @@ static void rsu_handle_recv(facilities_t* facilities, TPM_t* tpm_rx, void* secur
sreq->choice.verify.type = tpm_rx->tpmSignature->type; sreq->choice.verify.type = tpm_rx->tpmSignature->type;
buf[0] = 4; buf[0] = 4;
enc = oer_encode_to_buffer(&asn_DEF_SecurityRequest, NULL, sreq, buf+1, 2047); enc = oer_encode_to_buffer(&asn_DEF_SecurityRequest, NULL, sreq, buf+1, buf_len-1);
syslog_debug("[facilities]->[security] SecurityRequest.verify (%ldB)", enc.encoded+1); syslog_debug("[facilities]->[security] SecurityRequest.verify (%ldB)", enc.encoded+1);
zmq_send(security_socket, buf, enc.encoded+1, 0); zmq_send(security_socket, buf, enc.encoded+1, 0);
int32_t rl = zmq_recv(security_socket, buf, buf_len, 0); int32_t rl = zmq_recv(security_socket, buf, buf_len, 0);
@ -614,6 +614,7 @@ static void rsu_handle_recv(facilities_t* facilities, TPM_t* tpm_rx, void* secur
srep = NULL; srep = NULL;
} }
// TPM // TPM
tpm = calloc(1, sizeof(TPM_t)); tpm = calloc(1, sizeof(TPM_t));
@ -699,7 +700,11 @@ static void rsu_handle_recv(facilities_t* facilities, TPM_t* tpm_rx, void* secur
memcpy(sreq->choice.sign.data.buf, buf, enc.encoded); memcpy(sreq->choice.sign.data.buf, buf, enc.encoded);
buf[0] = 4; buf[0] = 4;
enc = oer_encode_to_buffer(&asn_DEF_SecurityRequest, NULL, sreq, buf+1, 2047); enc = oer_encode_to_buffer(&asn_DEF_SecurityRequest, NULL, sreq, buf+1, buf_len-1);
if (enc.encoded == -1) {
syslog_err("[facilities] [tolling] error encoding SecurityRequest (%s)", enc.failed_type->name);
goto cleanup;
}
syslog_debug("[facilities]->[security] SecurityRequest.sign (%ldB)", enc.encoded+1); syslog_debug("[facilities]->[security] SecurityRequest.sign (%ldB)", enc.encoded+1);
zmq_send(security_socket, buf, enc.encoded+1, 0); zmq_send(security_socket, buf, enc.encoded+1, 0);
int rc = zmq_recv(security_socket, buf, buf_len, 0); int rc = zmq_recv(security_socket, buf, buf_len, 0);
@ -715,6 +720,7 @@ static void rsu_handle_recv(facilities_t* facilities, TPM_t* tpm_rx, void* secur
goto cleanup; goto cleanup;
} }
tpm->tpmSignature = calloc(1, sizeof(TpmSignature_t));
tpm->tpmSignature->r.size = srep->data->choice.sign.r.size; tpm->tpmSignature->r.size = srep->data->choice.sign.r.size;
tpm->tpmSignature->r.buf = malloc(srep->data->choice.sign.r.size); tpm->tpmSignature->r.buf = malloc(srep->data->choice.sign.r.size);
memcpy(tpm->tpmSignature->r.buf, srep->data->choice.sign.r.buf, srep->data->choice.sign.r.size); memcpy(tpm->tpmSignature->r.buf, srep->data->choice.sign.r.buf, srep->data->choice.sign.r.size);
@ -726,6 +732,11 @@ static void rsu_handle_recv(facilities_t* facilities, TPM_t* tpm_rx, void* secur
memcpy(tpm->tpmSignature->signer.buf, srep->data->choice.sign.signer.buf, srep->data->choice.sign.signer.size); memcpy(tpm->tpmSignature->signer.buf, srep->data->choice.sign.signer.buf, srep->data->choice.sign.signer.size);
tpm->tpmSignature->type = srep->data->choice.sign.type; tpm->tpmSignature->type = srep->data->choice.sign.type;
ASN_STRUCT_FREE(asn_DEF_SecurityRequest, sreq);
ASN_STRUCT_FREE(asn_DEF_SecurityReply, srep);
sreq = NULL;
srep = NULL;
// encode TPM // encode TPM
enc = uper_encode_to_buffer(&asn_DEF_TPM, NULL, tpm, tpm_uper, buf_len); enc = uper_encode_to_buffer(&asn_DEF_TPM, NULL, tpm, tpm_uper, buf_len);
if (enc.encoded == -1) { if (enc.encoded == -1) {
@ -802,8 +813,8 @@ static void rsu_handle_recv(facilities_t* facilities, TPM_t* tpm_rx, void* secur
} }
syslog_debug("[facilities] [tolling]<- SecurityReply.tlsSend <-[security] | size:%dB", rc); syslog_debug("[facilities] [tolling]<- SecurityReply.tlsSend <-[security] | size:%dB", rc);
asn_dec_rval_t dec = oer_decode(NULL, &asn_DEF_SecurityReply, (void**) &srep, buf, buf_len); asn_dec_rval_t dec = oer_decode(NULL, &asn_DEF_SecurityReply, (void**) &srep, buf, rc);
if (dec.code || if (dec.code ||
srep->returnCode != SecurityReplyReturnCode_accepted || srep->returnCode != SecurityReplyReturnCode_accepted ||
!srep->data || !srep->data ||