1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
|
/*
* Copyright (C) 2011 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup pts_database pts_database
* @{ @ingroup pts
*/
#ifndef PTS_DATABASE_H_
#define PTS_DATABASE_H_
typedef struct pts_database_t pts_database_t;
#include "pts_meas_algo.h"
#include "components/pts_comp_func_name.h"
#include <imv/imv_database.h>
#include <library.h>
/**
* Class implementing the PTS File Measurement database
*
*/
struct pts_database_t {
/**
* Get absolute pathname for file or directory measurement
*
* @param is_dir TRUE if dir, FALSE if file
* @param id Primary key into directories or files table
* @return Absolute pathname as a text string
*/
char* (*get_pathname)(pts_database_t *this, bool is_dir, int id);
/**
* Get stored measurement hash for single file or directory entries
*
* @param product Software product (os, vpn client, etc.)
* @param algo Hash algorithm used for measurement
* @param is_dir TRUE if directory was measured
* @param id Primary key of measured file/directory
* @return Enumerator over all matching measurement hashes
*/
enumerator_t* (*create_file_hash_enumerator)(pts_database_t *this,
char *product, pts_meas_algorithms_t algo,
bool is_dir, int id);
/**
* Check if an AIK given by its keyid is registered in the database
*
* @param keyid AIK keyid (SHA-1 hash of the AIK public key info)
* @param kid Primary key of AIK entry in keys table
* @return SUCCESS if AIK is present, FAILED otherwise
*/
status_t (*check_aik_keyid)(pts_database_t *this, chunk_t keyid, int *kid);
/**
* Get functional components to request evidence of
*
* @param kid Primary key of AIK entry in keys table
* @return Enumerator over all matching components
*/
enumerator_t* (*create_comp_evid_enumerator)(pts_database_t *this, int kid);
/**
* Add PTS file measurement reference value
*
* @param product Software product (os, vpn client, etc.)
* @param algo File measurement hash algorithm used
* @param measurement File measurement hash
* @param filename Optional name of the file to be checked
* @param is_dir TRUE if part of directory measurement
* @param id Primary key into direcories/files table
* @return Status
*/
status_t (*add_file_measurement)(pts_database_t *this, char *product,
pts_meas_algorithms_t algo,
chunk_t measurement, char *filename,
bool is_dir, int id);
/**
* Check PTS file measurement against reference stored in database
*
* @param product Software product (os, vpn client, etc.)
* @param algo File measurement hash algorithm used
* @param measurement File measurement hash
* @param filename Optional name of the file to be checked
* @return Status
*/
status_t (*check_file_measurement)(pts_database_t *this, char *product,
pts_meas_algorithms_t algo,
chunk_t measurement, char *filename);
/**
* Check a functional component measurement against value stored in database
*
* @param measurement measurement hash
* @param cid Primary key of Component Functional Name entry
* @param kid Primary key of AIK entry in keys table
* @param seq_no Measurement sequence number
* @param prc Number of the PCR the measurement was extended into
* @param algo Hash algorithm used for measurement
* @return SUCCESS if check was successful
*/
status_t (*check_comp_measurement)(pts_database_t *this, chunk_t measurement,
int cid, int kid, int seq_no, int pcr,
pts_meas_algorithms_t algo);
/**
* Insert a functional component measurement into the database
*
* @param measurement Measurement hash
* @param cid Primary key of Component Functional Name entry
* @param kid Primary key of AIK entry in keys table
* @param seq_no Measurement sequence number
* @param prc Number of the PCR the measurement was extended into
* @param algo Hash algorithm used for measurement
* @return SUCCESS if INSERT was successful
*/
status_t (*insert_comp_measurement)(pts_database_t *this, chunk_t measurement,
int cid, int kid, int seq_no, int pcr,
pts_meas_algorithms_t algo);
/**
* Delete functional component measurements from the database
*
* @param cid Primary key of Component Functional Name entry
* @param kid Primary key of AIK entry in keys table
* @return number of deleted measurement entries
*/
int (*delete_comp_measurements)(pts_database_t *this, int cid, int kid);
/**
* Get the number of measurements for a functional component and AIK
*
* @param comp_name Component Functional Name
* @param keyid SHA-1 hash of AIK public key info
* @param algo Hash algorithm used for measurement
* @param cid Primary key of Component Functional Name entry
* @param kid Primary key of AIK entry in keys table
* @param count measurement count
* @return SUCCESS if COUNT was successful
*/
status_t (*get_comp_measurement_count)(pts_database_t *this,
pts_comp_func_name_t *comp_name, chunk_t keyid,
pts_meas_algorithms_t algo, int *cid, int *kid,
int *count);
/**
* Destroys a pts_database_t object.
*/
void (*destroy)(pts_database_t *this);
};
/**
* Creates an pts_database_t object
*
* @param imv_db Already attached IMV database
*/
pts_database_t* pts_database_create(imv_database_t *imv_db);
#endif /** PTS_DATABASE_H_ @}*/
|