Repo for OpenPTS version 0.2.X
修订版 | e8e5d21da5e7993fab22b5046459abcda2df5c97 (tree) |
---|---|
时间 | 2011-08-19 16:31:39 |
作者 | Seiji Munetoh <munetoh@jp.i...> |
Commiter | Seiji Munetoh |
fixed issue reported by SAT, base64 functions are updated
@@ -761,11 +761,8 @@ UINT32 freadUint32(FILE * stream, int endian); | ||
761 | 761 | OPENPTS_PCR_EVENT_WRAPPER * newEventWrapper(); |
762 | 762 | |
763 | 763 | /* base64.c */ |
764 | -int base64size(int len); | |
765 | -int encodeBase64(unsigned char *out, unsigned char * in, int len); | |
766 | -int decodeBase64(unsigned char *out, unsigned char * in, int len); | |
767 | -int decodeBase64core(unsigned char *out, unsigned char * in, int len); | |
768 | - | |
764 | +char *encodeBase64(unsigned char * in, int inlen, int *outlen); | |
765 | +unsigned char *decodeBase64(char * in, int inlen, int *outlen); | |
769 | 766 | |
770 | 767 | /* fsm.c */ |
771 | 768 | // TODO refectoring |
@@ -198,29 +198,32 @@ int addBIOSSpecificProperty(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eve | ||
198 | 198 | switch (event_id) { |
199 | 199 | case 0x0001: |
200 | 200 | { |
201 | - char *b64; | |
202 | - int len; | |
201 | + char *buf; | |
202 | + int buf_len; | |
203 | + | |
203 | 204 | /* SMBIOS */ |
204 | 205 | // bios.smbios=base64() |
205 | 206 | ctx->conf->smbios_length = event_length; |
206 | 207 | ctx->conf->smbios = &event->rgbEvent[8]; |
207 | 208 | |
208 | 209 | /* base64 */ |
209 | - b64 = malloc(base64size(ctx->conf->smbios_length)); | |
210 | - // TODO check null | |
211 | - len = encodeBase64( | |
212 | - (unsigned char *)b64, | |
210 | + buf = encodeBase64( | |
211 | + //(unsigned char *)b64, | |
213 | 212 | (unsigned char *)ctx->conf->smbios, |
214 | - ctx->conf->smbios_length); | |
215 | - | |
216 | - if (len > BUF_SIZE) { | |
217 | - ERROR("SMBIOS size = %d\n", len); // Thinkpad X200 => 3324 | |
213 | + ctx->conf->smbios_length, | |
214 | + &buf_len); | |
215 | + if (buf == NULL) { | |
216 | + ERROR("encodeBase64 fail"); | |
217 | + return PTS_FATAL; | |
218 | + } | |
219 | + if (buf_len > BUF_SIZE) { | |
220 | + ERROR("SMBIOS size = %d\n", buf_len); // Thinkpad X200 => 3324 | |
218 | 221 | updateProperty(ctx, "bios.smbios", "too big"); |
219 | 222 | } else { |
220 | - updateProperty(ctx, "bios.smbios", b64); | |
223 | + updateProperty(ctx, "bios.smbios", buf); | |
221 | 224 | } |
222 | 225 | // rc = 0; |
223 | - free(b64); | |
226 | + free(buf); | |
224 | 227 | } |
225 | 228 | break; |
226 | 229 | default: |
@@ -306,8 +309,8 @@ int validateEltoritoBootImage(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *e | ||
306 | 309 | */ |
307 | 310 | int setModuleProperty(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) { |
308 | 311 | TSS_PCR_EVENT *event; |
309 | - char b64digest[SHA1_BASE64_DIGEST_SIZE + 1]; | |
310 | 312 | char *buf; |
313 | + int buf_len; | |
311 | 314 | |
312 | 315 | // DEBUG("setModuleProperty - NA\n"); |
313 | 316 |
@@ -325,10 +328,16 @@ int setModuleProperty(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrap | ||
325 | 328 | } |
326 | 329 | |
327 | 330 | /* kernel.initrd.digest = PCR => B64 digest */ |
328 | - encodeBase64((unsigned char *)b64digest, (unsigned char *)event->rgbPcrValue, SHA1_DIGEST_SIZE); | |
329 | - b64digest[SHA1_BASE64_DIGEST_SIZE] = 0; | |
330 | - | |
331 | - updateProperty(ctx, "kernel.initrd.digest", b64digest); | |
331 | + buf = encodeBase64( | |
332 | + (unsigned char *)event->rgbPcrValue, | |
333 | + SHA1_DIGEST_SIZE, | |
334 | + &buf_len); | |
335 | + if (buf == NULL) { | |
336 | + ERROR("encodeBase64 fail"); | |
337 | + return PTS_INTERNAL_ERROR; | |
338 | + } | |
339 | + updateProperty(ctx, "kernel.initrd.digest", buf); | |
340 | + free(buf); | |
332 | 341 | |
333 | 342 | // updateProperty(ctx, "kernel.initrd.filename", (char*)event->rgbEvent); |
334 | 343 | /* add \n */ |
@@ -625,7 +634,6 @@ int validateImaMeasurement(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *even | ||
625 | 634 | #ifdef CONFIG_AIDE |
626 | 635 | TSS_PCR_EVENT *event; |
627 | 636 | #endif |
628 | - // char b64digest[SHA1_BASE64_DIGEST_SIZE+1]; | |
629 | 637 | |
630 | 638 | DEBUG_CAL("validateImaMeasurement - start\n"); |
631 | 639 |
@@ -646,7 +654,8 @@ int validateImaMeasurement(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *even | ||
646 | 654 | if (ctx->conf->ima_validation_mode == OPENPTS_VALIDATION_MODE_AIDE) { |
647 | 655 | int rc = 0; |
648 | 656 | char *name; |
649 | - char b64digest[SHA1_BASE64_DIGEST_SIZE+1]; | |
657 | + char *buf; | |
658 | + int buf_len; | |
650 | 659 | |
651 | 660 | rc = checkEventByAide(ctx->aide_ctx, eventWrapper); |
652 | 661 |
@@ -665,9 +674,16 @@ int validateImaMeasurement(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *even | ||
665 | 674 | #ifdef CONFIG_SQLITE |
666 | 675 | // TODO no md, |
667 | 676 | #else |
668 | - encodeBase64((unsigned char *)b64digest, (unsigned char *)md->sha1, SHA1_DIGEST_SIZE); | |
669 | - b64digest[SHA1_BASE64_DIGEST_SIZE] = 0; | |
670 | - updateImaProperty(ctx, md->name, b64digest, "valid"); | |
677 | + buf = encodeBase64( | |
678 | + (unsigned char *)md->sha1, | |
679 | + SHA1_DIGEST_SIZE, | |
680 | + &buf_len); | |
681 | + if (buf == NULL) { | |
682 | + ERROR("encodeBase64 fail"); | |
683 | + return PTS_INTERNAL_ERROR; | |
684 | + } | |
685 | + updateImaProperty(ctx, md->name, buf, "valid"); | |
686 | + free(buf); | |
671 | 687 | #endif |
672 | 688 | eventWrapper->status = OPENPTS_RESULT_VALID; |
673 | 689 | free(name); |
@@ -682,10 +698,18 @@ int validateImaMeasurement(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *even | ||
682 | 698 | // DEBUG("validateImaMeasurement w/ AIDE - MISS name=[%s]\n", name); |
683 | 699 | // updateProperty(ctx, buf, "invalid"); |
684 | 700 | ctx->ima_unknown++; |
685 | - encodeBase64((unsigned char *)b64digest, (unsigned char *)event->rgbEvent, SHA1_DIGEST_SIZE); | |
686 | - b64digest[SHA1_BASE64_DIGEST_SIZE] = 0; | |
687 | - updateImaProperty(ctx, name, b64digest, "unknown"); // action.c | |
701 | + buf = encodeBase64( | |
702 | + (unsigned char *)event->rgbEvent, | |
703 | + SHA1_DIGEST_SIZE, | |
704 | + &buf_len); | |
705 | + if (buf == NULL) { | |
706 | + ERROR("encodeBase64 fail"); | |
707 | + return PTS_INTERNAL_ERROR; | |
708 | + } | |
709 | + updateImaProperty(ctx, name, buf, "unknown"); // action.c | |
688 | 710 | eventWrapper->status = OPENPTS_RESULT_UNKNOWN; |
711 | + free(buf); | |
712 | + | |
689 | 713 | /* add to */ |
690 | 714 | { |
691 | 715 | char *hex; |
@@ -846,15 +870,29 @@ int startCollector(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper | ||
846 | 870 | /* Error */ |
847 | 871 | // printout the example IR data to create the test case |
848 | 872 | { |
849 | - unsigned char b64[256]; | |
873 | + char *buf; | |
874 | + int buf_len; | |
850 | 875 | |
851 | 876 | if (start == NULL) { |
852 | 877 | start = malloc(sizeof(OPENPTS_EVENT_COLLECTOR_START)); |
878 | + if (start == NULL) { | |
879 | + ERROR("no memory"); | |
880 | + return PTS_INTERNAL_ERROR; | |
881 | + } | |
853 | 882 | } |
854 | 883 | printHex("OPENPTS_EVENT_COLLECTOR_START", |
855 | 884 | (unsigned char*)start, sizeof(OPENPTS_EVENT_COLLECTOR_START), "\n"); |
856 | - encodeBase64(b64, (unsigned char *)start, sizeof(OPENPTS_EVENT_COLLECTOR_START)); | |
857 | - ERROR("EventData: %s\n", b64); | |
885 | + buf = encodeBase64( | |
886 | + (unsigned char *)start, | |
887 | + sizeof(OPENPTS_EVENT_COLLECTOR_START), | |
888 | + &buf_len); | |
889 | + if (buf == NULL) { | |
890 | + ERROR("encodeBase64 fail"); | |
891 | + rc = PTS_INTERNAL_ERROR; | |
892 | + goto free; | |
893 | + } | |
894 | + ERROR("EventData: %s\n", buf); | |
895 | + free(buf); | |
858 | 896 | |
859 | 897 | memcpy(&start->pts_version, &ctx->target_conf->pts_version, 4); |
860 | 898 | memcpy(&start->collector_uuid, ctx->target_conf->uuid->uuid, 16); |
@@ -862,8 +900,18 @@ int startCollector(OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper | ||
862 | 900 | |
863 | 901 | printHex("OPENPTS_EVENT_COLLECTOR_START", |
864 | 902 | (unsigned char*)start, sizeof(OPENPTS_EVENT_COLLECTOR_START), "\n"); |
865 | - encodeBase64(b64, (unsigned char *)start, sizeof(OPENPTS_EVENT_COLLECTOR_START)); | |
866 | - ERROR("EventData: %s\n", b64); | |
903 | + buf = encodeBase64( | |
904 | + (unsigned char *)start, | |
905 | + sizeof(OPENPTS_EVENT_COLLECTOR_START), | |
906 | + &buf_len); | |
907 | + if (buf == NULL) { | |
908 | + ERROR("encodeBase64 fail"); | |
909 | + rc = PTS_INTERNAL_ERROR; | |
910 | + goto free; | |
911 | + } | |
912 | + ERROR("EventData: %s\n", buf); | |
913 | + free(buf); | |
914 | + free: | |
867 | 915 | free(start); |
868 | 916 | } |
869 | 917 |
@@ -459,11 +459,14 @@ int loadAideDatabaseFile(AIDE_CONTEXT *ctx, char *filename) { | ||
459 | 459 | case AIDE_ITEM_SHA1: // base64 |
460 | 460 | if (!is_null) { |
461 | 461 | sha1_b64_ptr = ptr; |
462 | - md->sha1 = malloc(SHA1_DIGEST_SIZE + 8); | |
463 | - len = decodeBase64( | |
464 | - md->sha1, | |
465 | - (unsigned char *)ptr, | |
466 | - SHA1_BASE64_DIGEST_SIZE); | |
462 | + md->sha1 = decodeBase64( | |
463 | + (char *)ptr, | |
464 | + SHA1_BASE64_DIGEST_SIZE, | |
465 | + &len); | |
466 | + if (md->sha1 == NULL) { | |
467 | + ERROR("decodeBase64 fail"); | |
468 | + goto close; | |
469 | + } | |
467 | 470 | if (len != SHA1_DIGEST_SIZE) { |
468 | 471 | ERROR("bad SHA1 size %d %s\n", len, ptr); |
469 | 472 | // printf("base64 [%s] => [", ptr); |
@@ -474,11 +477,14 @@ int loadAideDatabaseFile(AIDE_CONTEXT *ctx, char *filename) { | ||
474 | 477 | break; |
475 | 478 | case AIDE_ITEM_SHA256: // base64 |
476 | 479 | if (!is_null) { |
477 | - md->sha256 = malloc(SHA256_DIGEST_SIZE); | |
478 | - len = decodeBase64( | |
479 | - md->sha256, | |
480 | - (unsigned char *)ptr, | |
481 | - SHA256_BASE64_DIGEST_SIZE); | |
480 | + md->sha256 = decodeBase64( | |
481 | + (char *)ptr, | |
482 | + SHA256_BASE64_DIGEST_SIZE, | |
483 | + &len); | |
484 | + if (md->sha256 == NULL) { | |
485 | + ERROR("decodeBase64 fail"); | |
486 | + goto close; | |
487 | + } | |
482 | 488 | if (len != SHA256_DIGEST_SIZE) { |
483 | 489 | ERROR("bad SHA256 size %d\n", len); |
484 | 490 | printf("base64 [%s] => [", ptr); |
@@ -491,11 +497,14 @@ int loadAideDatabaseFile(AIDE_CONTEXT *ctx, char *filename) { | ||
491 | 497 | break; |
492 | 498 | case AIDE_ITEM_SHA512: // base64 |
493 | 499 | if (!is_null) { |
494 | - md->sha512 = malloc(SHA512_DIGEST_SIZE); | |
495 | - len = decodeBase64( | |
496 | - md->sha512, | |
497 | - (unsigned char *)ptr, | |
498 | - SHA512_BASE64_DIGEST_SIZE); | |
500 | + md->sha512 = decodeBase64( | |
501 | + (char *)ptr, | |
502 | + SHA512_BASE64_DIGEST_SIZE, | |
503 | + &len); | |
504 | + if (md->sha512 == NULL) { | |
505 | + ERROR("decodeBase64 fail"); | |
506 | + goto close; | |
507 | + } | |
499 | 508 | if (len != SHA512_DIGEST_SIZE) { |
500 | 509 | ERROR("bad SHA512 size %d\n", len); |
501 | 510 | printf("base64 [%s] => [", ptr); |
@@ -561,7 +570,7 @@ int loadAideDatabaseFile(AIDE_CONTEXT *ctx, char *filename) { | ||
561 | 570 | // ignore printf("??? [%s]\n", buf); |
562 | 571 | } // if |
563 | 572 | } // while |
564 | - | |
573 | + close: | |
565 | 574 | gzclose(fp); |
566 | 575 | DEBUG("loadAideDatabaseFile - has %d entries\n", ctx->metadata_num); |
567 | 576 | DEBUG("loadAideDatabaseFile - done\n"); |
@@ -816,8 +825,9 @@ int checkEventByAide(AIDE_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) | ||
816 | 825 | TSS_PCR_EVENT *event; |
817 | 826 | char *name; |
818 | 827 | int rc = 0; |
828 | + char *buf; | |
829 | + int buf_len; | |
819 | 830 | #ifdef CONFIG_SQLITE |
820 | - BYTE b64[SHA1_BASE64_DIGEST_SIZE+1]; | |
821 | 831 | #else |
822 | 832 | AIDE_METADATA *md; |
823 | 833 | #if AIDE_CHBY_LIST |
@@ -825,8 +835,7 @@ int checkEventByAide(AIDE_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) | ||
825 | 835 | #else |
826 | 836 | ENTRY e; |
827 | 837 | ENTRY *ep; |
828 | - BYTE b64[SHA1_BASE64_DIGEST_SIZE+1]; | |
829 | -#endif | |
838 | +#endif // AIDE_CHBY_LIST | |
830 | 839 | #endif // CONFIG_SQLITE |
831 | 840 | |
832 | 841 | // DEBUG("checkEventByAide - start\n"); |
@@ -862,10 +871,16 @@ int checkEventByAide(AIDE_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) | ||
862 | 871 | /* OK, let's find the HIT */ |
863 | 872 | #ifdef CONFIG_SQLITE |
864 | 873 | /* base64 */ |
865 | - encodeBase64(b64, event->rgbEvent, 20); | |
866 | - b64[SHA1_BASE64_DIGEST_SIZE] = 0; | |
867 | - | |
868 | - rc = verifyBySQLite(ctx, (char*)b64); | |
874 | + buf = encodeBase64( | |
875 | + event->rgbEvent, | |
876 | + 20 | |
877 | + &buf_len); | |
878 | + if (buf == NULL) { | |
879 | + ERROR("encodeBase64 fail"); | |
880 | + return -1; | |
881 | + } | |
882 | + rc = verifyBySQLite(ctx, (char*)buf); | |
883 | + free(buf); | |
869 | 884 | |
870 | 885 | if (rc == OPENPTS_RESULT_VALID) { |
871 | 886 | /* hit */ |
@@ -904,10 +919,15 @@ int checkEventByAide(AIDE_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper) | ||
904 | 919 | DEBUG_FSM("checkFileByAide - MISS\n"); |
905 | 920 | #else // hashtable |
906 | 921 | |
907 | - encodeBase64(b64, event->rgbEvent, 20); | |
908 | - b64[SHA1_BASE64_DIGEST_SIZE] = 0; | |
909 | - | |
910 | - e.key = (char *) b64; // size? | |
922 | + buf = encodeBase64( | |
923 | + event->rgbEvent, | |
924 | + 20, | |
925 | + &buf_len); | |
926 | + if (buf == NULL) { | |
927 | + ERROR("encodeBase64 fail"); | |
928 | + return -1; | |
929 | + } | |
930 | + e.key = (char *) buf; // size? | |
911 | 931 | e.data = NULL; // just initialized for static analysys |
912 | 932 | |
913 | 933 | // before (list) |
@@ -1112,7 +1132,8 @@ int convertImlToAideDbFile(OPENPTS_CONTEXT *ctx, char *filename) { | ||
1112 | 1132 | OPENPTS_SNAPSHOT *ss; |
1113 | 1133 | OPENPTS_PCR_EVENT_WRAPPER *eventWrapper; |
1114 | 1134 | TSS_PCR_EVENT *event; |
1115 | - unsigned char buf[128]; // TODO(munetoh) | |
1135 | + char *buf; | |
1136 | + int buf_len; | |
1116 | 1137 | char *aide_filename = NULL; |
1117 | 1138 | int len; |
1118 | 1139 |
@@ -1149,7 +1170,6 @@ int convertImlToAideDbFile(OPENPTS_CONTEXT *ctx, char *filename) { | ||
1149 | 1170 | |
1150 | 1171 | // for (i = 0; i < ctx->eventNum; i++) { |
1151 | 1172 | for (i = 0; i < ctx->ss_table->event_num; i++) { // TODO ss->event_num? |
1152 | - memset(buf, 0, sizeof(buf)); | |
1153 | 1173 | // DEBUG("SM DEBUG event %p\n",event); |
1154 | 1174 | |
1155 | 1175 | if (event == NULL) { |
@@ -1188,8 +1208,16 @@ int convertImlToAideDbFile(OPENPTS_CONTEXT *ctx, char *filename) { | ||
1188 | 1208 | } |
1189 | 1209 | |
1190 | 1210 | /* digest */ |
1191 | - encodeBase64(buf, (unsigned char *)event->rgbEvent, SHA1_DIGEST_SIZE); | |
1211 | + buf = encodeBase64( | |
1212 | + (unsigned char *)event->rgbEvent, | |
1213 | + SHA1_DIGEST_SIZE, | |
1214 | + &buf_len); | |
1215 | + if (buf == NULL) { | |
1216 | + ERROR("encodeBase64 fail"); | |
1217 | + goto close; | |
1218 | + } | |
1192 | 1219 | gzprintf(fp, "%s \n", buf); |
1220 | + free(buf); | |
1193 | 1221 | |
1194 | 1222 | // printf("%d %s\n", i, buf); |
1195 | 1223 |
@@ -1233,7 +1261,8 @@ int writeReducedAidbDatabase(AIDE_CONTEXT *ctx, char *filename) { | ||
1233 | 1261 | AIDE_METADATA *md; |
1234 | 1262 | int i; |
1235 | 1263 | int cnt = 0; |
1236 | - unsigned char buf[128]; // TODO(munetoh) | |
1264 | + char *buf; | |
1265 | + int buf_len; | |
1237 | 1266 | |
1238 | 1267 | DEBUG("writeReducedAidbDatabase %s\n", filename); |
1239 | 1268 |
@@ -1263,10 +1292,17 @@ int writeReducedAidbDatabase(AIDE_CONTEXT *ctx, char *filename) { | ||
1263 | 1292 | |
1264 | 1293 | if (md->status == OPENPTS_AIDE_MD_STATUS_HIT) { |
1265 | 1294 | // printf("+"); |
1266 | - memset(buf, 0, sizeof(buf)); | |
1267 | - encodeBase64(buf, (unsigned char *)md->sha1, SHA1_DIGEST_SIZE); | |
1295 | + buf = encodeBase64( | |
1296 | + (unsigned char *)md->sha1, | |
1297 | + SHA1_DIGEST_SIZE, | |
1298 | + &buf_len); | |
1299 | + if (buf == NULL) { | |
1300 | + ERROR("encodeBase64 fail"); | |
1301 | + return -1; | |
1302 | + } | |
1268 | 1303 | gzprintf(fp, "%s ", md->name); |
1269 | 1304 | gzprintf(fp, "%s \n", buf); |
1305 | + free(buf); | |
1270 | 1306 | cnt++; |
1271 | 1307 | } |
1272 | 1308 |
@@ -26,9 +26,11 @@ | ||
26 | 26 | * \brief Base64 Encode/Decode |
27 | 27 | * @author Seiji Munetoh <munetoh@users.sourceforge.jp> |
28 | 28 | * @date 2010-04-01 |
29 | - * cleanup 2011-01-22 SM | |
29 | + * cleanup 2011-08-17 SM | |
30 | 30 | * |
31 | 31 | * http://en.wikipedia.org/wiki/Base64 |
32 | + * | |
33 | + * 2011-08-17 SM - encodebase64 & decodeBase64 - alloc output buffer | |
32 | 34 | */ |
33 | 35 | |
34 | 36 | #include <stdio.h> |
@@ -38,9 +40,12 @@ | ||
38 | 40 | #include <openpts.h> |
39 | 41 | |
40 | 42 | /** |
41 | - * calc base64 size | |
42 | - */ | |
43 | -int base64size(int len) { | |
43 | + * calc base64 size | |
44 | + * | |
45 | + * string(or binary data) => base64 string + 1 | |
46 | + * Output is actual string size + 1 (for \0) | |
47 | + */ | |
48 | +int _sizeofBase64Encode(int len) { | |
44 | 49 | /* check */ |
45 | 50 | if (len < 0) return 0; |
46 | 51 | if (len == 0) return 1; |
@@ -49,9 +54,26 @@ int base64size(int len) { | ||
49 | 54 | } |
50 | 55 | |
51 | 56 | /** |
52 | - * Encode BYTE[] to Base64 string | |
53 | - */ | |
54 | -int encodeBase64(unsigned char *out, unsigned char * in, int len) { | |
57 | + * calc original data size from base64 string size | |
58 | + * | |
59 | + * This is rough estimation. | |
60 | + * Output is actual string size (+1 or +2) + 1 (for \0) | |
61 | + * | |
62 | + */ | |
63 | +int _sizeofBase64Decode(int len) { | |
64 | + /* check */ | |
65 | + if (len < 0) return 0; | |
66 | + if (len == 0) return 1; | |
67 | + | |
68 | + return (len / 4 * 3) + 1; | |
69 | +} | |
70 | + | |
71 | + | |
72 | + | |
73 | +/** | |
74 | + * Encode BYTE[] to Base64 string | |
75 | + */ | |
76 | +int _encodeBase64(char *out, unsigned char * in, int len) { | |
55 | 77 | int ptr1 = 0; |
56 | 78 | int ptr2 = 0; |
57 | 79 |
@@ -112,10 +134,42 @@ int encodeBase64(unsigned char *out, unsigned char * in, int len) { | ||
112 | 134 | } |
113 | 135 | } |
114 | 136 | |
137 | + /* add \0 at the end of buffer */ | |
115 | 138 | out[ptr2] = 0; |
139 | + | |
116 | 140 | return ptr2; |
117 | 141 | } |
142 | +/** | |
143 | + * Encode BYTE[] to Base64 string | |
144 | + * | |
145 | + * @param *in buffer of input data | |
146 | + * @param inlen length | |
147 | + * @raram *outlen size of output | |
148 | + * @return *out Base64 string, malloc new buffer | |
149 | + */ | |
150 | +char *encodeBase64(unsigned char * in, int inlen, int *outlen) { | |
151 | + char *out; | |
152 | + int len2; | |
153 | + | |
154 | + *outlen = _sizeofBase64Encode(inlen); | |
155 | + out = (char *) malloc(*outlen); | |
156 | + if (out == NULL) { | |
157 | + ERROR("no memory"); | |
158 | + *outlen = 0; | |
159 | + return NULL; | |
160 | + } | |
161 | + memset(out,0,*outlen); | |
162 | + | |
163 | + len2 = _encodeBase64(out, in, inlen); | |
164 | + if (len2 > *outlen) { | |
165 | + ERROR("fatal error"); | |
166 | + free(out); | |
167 | + *outlen = 0; | |
168 | + return NULL; | |
169 | + } | |
118 | 170 | |
171 | + return out; | |
172 | +} | |
119 | 173 | |
120 | 174 | /** |
121 | 175 | * return length - TBD |
@@ -141,13 +195,15 @@ unsigned char trans(unsigned char in) { | ||
141 | 195 | /** |
142 | 196 | * Decode Base64 string to BYTE[] |
143 | 197 | * |
198 | + * caller must provide the buffer | |
199 | + * | |
144 | 200 | * return size of BYTE[] array |
145 | 201 | */ |
146 | -int decodeBase64core(unsigned char *out, unsigned char * in, int len) { | |
147 | - int ptr1 = 0; | |
148 | - int ptr2 = 0; | |
202 | +int _decodeBase64core(unsigned char *out, char * in, int len) { | |
203 | + int ptr1 = 0; // in | |
204 | + int ptr2 = 0; // out | |
149 | 205 | int len2; |
150 | - unsigned char * in2; | |
206 | + char * in2; | |
151 | 207 | |
152 | 208 | /* check */ |
153 | 209 | if (out ==NULL) { |
@@ -206,17 +262,24 @@ int decodeBase64core(unsigned char *out, unsigned char * in, int len) { | ||
206 | 262 | } |
207 | 263 | } |
208 | 264 | |
209 | - // DEBUG("base64 [%s] > [%s]\n",in, out); | |
210 | - // not here, binnary data is also decoded out[ptr2]=0; // put \0 | |
265 | + | |
266 | + /* Anyway, add \0 at the end of buffer */ | |
267 | + // TODO("out[%d] = 0\n", ptr2); | |
268 | + out[ptr2] = 0; | |
269 | + | |
211 | 270 | return ptr2; |
212 | 271 | } |
213 | 272 | |
214 | 273 | |
215 | 274 | /** |
216 | - * remove space CR | |
275 | + * remove space & CR in Base64 string | |
276 | + * | |
277 | + * @param *in Base64 string buffer | |
278 | + * @param *len size of buffer, before and after | |
279 | + * @return new Base64 string buffer (malloced) | |
217 | 280 | */ |
218 | -unsigned char * removeCR(unsigned char *in, int *len) { | |
219 | - unsigned char *out; | |
281 | +char * _removeCR(char *in, int *len) { | |
282 | + char *out; | |
220 | 283 | int i; |
221 | 284 | int j = 0; |
222 | 285 |
@@ -231,31 +294,74 @@ unsigned char * removeCR(unsigned char *in, int *len) { | ||
231 | 294 | /* skip */ |
232 | 295 | // DEBUG("SP\n"); |
233 | 296 | } else { |
297 | + /* valid data */ | |
234 | 298 | out[j]=in[i]; |
235 | 299 | j++; |
236 | 300 | } |
237 | 301 | } |
238 | 302 | |
239 | 303 | *len = j; |
304 | + // note) | |
305 | + // if there are no skip, it return same buffer | |
306 | + // if there are skip, out[j] is 0, since memset(0) before | |
240 | 307 | |
241 | 308 | return out; |
242 | 309 | } |
243 | 310 | |
244 | 311 | /** |
245 | - * Decode Base64(with CRLF) string to BYTE[] | |
312 | + * Decode Base64(with CRLF) string to BYTE[] | |
246 | 313 | * |
247 | - * return size of BYTE[] array | |
314 | + * @param *out | |
315 | + * @param *in | |
316 | + * @param *len | |
317 | + * @return size of BYTE[] array | |
248 | 318 | */ |
249 | -int decodeBase64(unsigned char *out, unsigned char * in, int len) { | |
319 | +int _decodeBase64(unsigned char *out, char * in, int len) { | |
250 | 320 | int rc; |
251 | - unsigned char * in2; | |
321 | + char * in2; | |
252 | 322 | int len2 = len; |
253 | 323 | |
254 | - in2 = removeCR(in, &len2); | |
324 | + in2 = _removeCR(in, &len2); | |
255 | 325 | |
256 | - rc = decodeBase64core(out, in2, len2); | |
326 | + rc = _decodeBase64core(out, in2, len2); | |
257 | 327 | |
258 | 328 | free(in2); |
259 | 329 | |
260 | 330 | return rc; |
261 | 331 | } |
332 | + | |
333 | +/** | |
334 | + * Decode Base64(with CRLF) string to BYTE[] | |
335 | + * | |
336 | + * @param *in buffer of base64 string | |
337 | + * @param inlen length | |
338 | + * @raram *outlen size of BYTE[] array from base64 string, malloced size is bigger then this | |
339 | + * @return *out malloc new buffer | |
340 | + */ | |
341 | +unsigned char *decodeBase64(char * in, int inlen, int *outlen) { | |
342 | + unsigned char *out; | |
343 | + int len1; | |
344 | + int len2; | |
345 | + | |
346 | + len1 = _sizeofBase64Decode(inlen); | |
347 | + out = (unsigned char *) malloc(len1); | |
348 | + if (out == NULL) { | |
349 | + ERROR("no memory"); | |
350 | + *outlen = 0; | |
351 | + return NULL; | |
352 | + } | |
353 | + memset(out,0,len1); | |
354 | + | |
355 | + len2 = _decodeBase64(out, in, inlen); | |
356 | + if (len2 > len1) { | |
357 | + ERROR("fatal error"); | |
358 | + free(out); | |
359 | + *outlen = 0; | |
360 | + return NULL; | |
361 | + } | |
362 | + | |
363 | + /* return actial data size created from base64 */ | |
364 | + *outlen = len2; | |
365 | + | |
366 | + return out; | |
367 | +} |
@@ -351,6 +351,7 @@ int readPtsConfig(OPENPTS_CONFIG *conf, char *filename) { | ||
351 | 351 | int len; |
352 | 352 | char *path; |
353 | 353 | char *filename2 = NULL; // fullpath |
354 | + int buf_len; | |
354 | 355 | |
355 | 356 | DEBUG("readPtsConfig() : %s\n", filename); |
356 | 357 |
@@ -798,19 +799,18 @@ int readPtsConfig(OPENPTS_CONFIG *conf, char *filename) { | ||
798 | 799 | } |
799 | 800 | /* PUBKEY */ |
800 | 801 | if (!strncmp(name, "target.pubkey", 13)) { |
801 | - // TODO used by two | |
802 | 802 | if (conf->pubkey != NULL) { |
803 | - // DEBUG("realloc conf->pubkey\n"); // TODO realloc happen | |
804 | 803 | free(conf->pubkey); |
805 | 804 | } |
806 | - | |
807 | - conf->pubkey = malloc(strlen(value)); // TODO too big:-P | |
808 | - rc = decodeBase64(conf->pubkey, (BYTE *)value, strlen(value)); | |
809 | - if (rc < 0) { | |
810 | - ERROR("read PUBKEY fail rc=%d\n", rc); | |
805 | + conf->pubkey = decodeBase64( | |
806 | + (char *)value, | |
807 | + strlen(value), | |
808 | + &buf_len); | |
809 | + if (conf->pubkey == NULL) { | |
810 | + ERROR("decodeBase64"); | |
811 | 811 | conf->pubkey_length = 0; |
812 | 812 | } else { |
813 | - conf->pubkey_length = rc; | |
813 | + conf->pubkey_length = buf_len; | |
814 | 814 | DEBUG("pubkey length : %d\n", conf->pubkey_length); |
815 | 815 | } |
816 | 816 | } |
@@ -958,8 +958,12 @@ int writeTargetConf(OPENPTS_CONFIG *conf, PTS_UUID *uuid, char *filename) { | ||
958 | 958 | |
959 | 959 | if (conf->pubkey_length > 0) { |
960 | 960 | char *buf; // TODO |
961 | - buf = malloc(1000); | |
962 | - encodeBase64((unsigned char *)buf, (unsigned char *)conf->pubkey, conf->pubkey_length); | |
961 | + int buf_len; | |
962 | + | |
963 | + buf = encodeBase64( | |
964 | + (unsigned char *)conf->pubkey, | |
965 | + conf->pubkey_length, | |
966 | + &buf_len); | |
963 | 967 | fprintf(fp, "target.pubkey=%s\n", buf); // base64 |
964 | 968 | free(buf); |
965 | 969 | } |
@@ -373,6 +373,7 @@ int getDigestFlag(char * cond, BYTE **digest, int *digest_size) { | ||
373 | 373 | int len; |
374 | 374 | int rc = 0; |
375 | 375 | BYTE *buf; |
376 | + int buf_len; | |
376 | 377 | |
377 | 378 | DEBUG_CAL("getDigestFlag -"); |
378 | 379 |
@@ -431,27 +432,20 @@ int getDigestFlag(char * cond, BYTE **digest, int *digest_size) { | ||
431 | 432 | } else { |
432 | 433 | /* Binary Model */ |
433 | 434 | /* Base64 str -> BYTE[] */ |
434 | - buf = (BYTE *) malloc(SHA1_DIGEST_SIZE + 1); | |
435 | + buf = decodeBase64( | |
436 | + (char *)loc, | |
437 | + SHA1_BASE64_DIGEST_SIZE, | |
438 | + &buf_len); | |
435 | 439 | if (buf == NULL) { |
436 | - ERROR("no memory"); | |
437 | - return -1; | |
438 | - } | |
439 | - | |
440 | - // TODO(munetoh) get len, "<" | |
441 | - rc = decodeBase64(buf, (unsigned char *)loc, SHA1_BASE64_DIGEST_SIZE); | |
442 | - if (rc == SHA1_DIGEST_SIZE) { | |
443 | - // TODO(munetoh) digest size change by alg | |
444 | - // this code is SHA1 only | |
445 | - *digest = buf; | |
446 | - *digest_size = rc; | |
447 | - return 1; | |
448 | - } else { | |
449 | - ERROR("getDigestFlag() - decodeBase64() was failed \n"); | |
450 | - free(buf); | |
440 | + ERROR("decodeBase64 fail"); | |
451 | 441 | *digest = NULL; |
452 | 442 | *digest_size = 0; |
453 | 443 | return -1; |
454 | 444 | } |
445 | + *digest = buf; | |
446 | + // TODO buf_len >= SHA1_DIGEST_SIZE | |
447 | + *digest_size = SHA1_DIGEST_SIZE; | |
448 | + return 1; | |
455 | 449 | } |
456 | 450 | } |
457 | 451 | } |
@@ -239,7 +239,7 @@ PTS_IF_M_Attribute *readPtsTlv(int fdin) { | ||
239 | 239 | return read_tlv; |
240 | 240 | |
241 | 241 | error: |
242 | - if (read_msg != NULL) free(read_msg); | |
242 | + // if (read_msg != NULL) free(read_msg); | |
243 | 243 | if (read_tlv != NULL) freePtsTlv(read_tlv); |
244 | 244 | return NULL; |
245 | 245 | } |
@@ -24,7 +24,7 @@ | ||
24 | 24 | * \brief Convert binary IML file to plaintext |
25 | 25 | * @author Seiji Munetoh <munetoh@users.sourceforge.jp> |
26 | 26 | * @date 2010-08-25 |
27 | - * cleanup 2011-05-31 SM | |
27 | + * cleanup 2011-08-17 SM | |
28 | 28 | * |
29 | 29 | * show eventlog (get though TSS) |
30 | 30 | * |
@@ -260,7 +260,8 @@ void fprintEventData( | ||
260 | 260 | UINT32 type, |
261 | 261 | BYTE* digest) { |
262 | 262 | char buf[BUFSIZE]; |
263 | - char b64buf[BUFSIZE]; | |
263 | + char *b64buf; //[BUFSIZE]; | |
264 | + int b64buf_len; | |
264 | 265 | int i; |
265 | 266 | |
266 | 267 | if (len < BUFSIZE) { |
@@ -717,11 +718,18 @@ EventData | ||
717 | 718 | for (i = 0; i < (int)len; i++) { |
718 | 719 | fprintf(fp, "%02x", (BYTE)buf[i]); |
719 | 720 | } |
720 | - encodeBase64( | |
721 | - (unsigned char *)b64buf, | |
722 | - (unsigned char *)buf, len); | |
723 | - fprintf(fp, ", base64(%s)", b64buf); | |
724 | - fprintf(fp, "]"); | |
721 | + b64buf = encodeBase64( | |
722 | + //(unsigned char *)b64buf, | |
723 | + (unsigned char *)buf, | |
724 | + len, | |
725 | + &b64buf_len); | |
726 | + if (b64buf == NULL) { | |
727 | + ERROR("encodeBase64 fail"); | |
728 | + } else { | |
729 | + fprintf(fp, ", base64(%s)", b64buf); | |
730 | + fprintf(fp, "]"); | |
731 | + free(b64buf); | |
732 | + } | |
725 | 733 | } else { |
726 | 734 | fprintf(fp, "[Unknown Event:size=%d] ", len); |
727 | 735 | } |
@@ -847,7 +847,7 @@ TNC_IMV_API TNC_Result TNC_IMV_SolicitRecommendation( | ||
847 | 847 | |
848 | 848 | |
849 | 849 | if (result == OPENPTS_RESULT_VALID) { |
850 | - TODO("verifier() result : VALID"); | |
850 | + DEBUG("verifier() result : VALID"); | |
851 | 851 | str = (TNC_BufferReference)"valid"; |
852 | 852 | recommendation = TNC_IMV_ACTION_RECOMMENDATION_ALLOW; |
853 | 853 | evaluation = TNC_IMV_EVALUATION_RESULT_COMPLIANT; |
@@ -219,7 +219,6 @@ int writeComponentID( | ||
219 | 219 | } |
220 | 220 | |
221 | 221 | /* Add an attribute with name "SimpleName" */ |
222 | - | |
223 | 222 | rc = xmlTextWriterWriteAttribute( |
224 | 223 | writer, |
225 | 224 | BAD_CAST "SimpleName", |
@@ -230,7 +229,6 @@ int writeComponentID( | ||
230 | 229 | } |
231 | 230 | |
232 | 231 | /* Add an attribute with name "VersionBuild" */ |
233 | - | |
234 | 232 | rc = xmlTextWriterWriteAttribute( |
235 | 233 | writer, |
236 | 234 | BAD_CAST "VersionBuild", |
@@ -516,7 +514,7 @@ int writePcrHash( | ||
516 | 514 | BYTE * hash, |
517 | 515 | int algtype) { |
518 | 516 | // int rc = PTS_SUCCESS; |
519 | - char id[256]; // TODO(munetoh) | |
517 | + char id[256]; // TODO(munetoh) 11+1+1 = 12? | |
520 | 518 | |
521 | 519 | DEBUG_CAL("writePcrHash - PCR[%d] level %d \n", pcrIndex, ss_level); |
522 | 520 |
@@ -591,7 +589,7 @@ int writeSnapshot( | ||
591 | 589 | int j; |
592 | 590 | PTS_UUID *ir_uuid; |
593 | 591 | char *str_ir_uuid; |
594 | - char id[256]; | |
592 | + char id[256]; // TODO 3 + UUID = 3 + 36 = 39 | |
595 | 593 | int level; |
596 | 594 | |
597 | 595 | level = ss->level; |
@@ -786,10 +784,12 @@ int writeQuote( | ||
786 | 784 | OPENPTS_CONTEXT *ctx) { |
787 | 785 | int rc; |
788 | 786 | int i; |
789 | - char buf[BUF_SIZE]; | |
787 | + char *b64buf = NULL; | |
788 | + int b64buf_len; | |
790 | 789 | int size_of_select = 0; |
791 | 790 | int select_int = 0; |
792 | - BYTE select_byte[3]; | |
791 | + BYTE select_byte[3]; // TODO TPM1.2, 24PCRs => 3 bytes | |
792 | + char tagbuf[128]; | |
793 | 793 | |
794 | 794 | if (ctx->pcrs == NULL) { |
795 | 795 | TODO("writeQuote - OPENPTS_PCRS is NULL, SKIP QuoteData\n"); |
@@ -861,23 +861,29 @@ int writeQuote( | ||
861 | 861 | } |
862 | 862 | |
863 | 863 | /* Add an attribute with name "SizeOfSelect", int */ |
864 | - snprintf(buf, sizeof(buf), "%d", size_of_select); | |
865 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "SizeOfSelect", BAD_CAST buf); | |
864 | + snprintf(tagbuf, sizeof(tagbuf), "%d", size_of_select); | |
865 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "SizeOfSelect", BAD_CAST tagbuf); | |
866 | 866 | if (rc < 0) { |
867 | 867 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
868 | 868 | return PTS_INTERNAL_ERROR; |
869 | 869 | } |
870 | 870 | |
871 | 871 | /* Add an attribute with name "PcrSelect", base64 */ |
872 | - encodeBase64( | |
873 | - (unsigned char *)buf, | |
872 | + b64buf = (char *)encodeBase64( | |
874 | 873 | (unsigned char *)select_byte, |
875 | - size_of_select); | |
876 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrSelect", BAD_CAST buf); | |
874 | + size_of_select, | |
875 | + &b64buf_len); | |
876 | + if (b64buf == NULL) { | |
877 | + ERROR("encodeBase64 fail"); | |
878 | + return PTS_INTERNAL_ERROR; | |
879 | + } | |
880 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrSelect", BAD_CAST b64buf); | |
877 | 881 | if (rc < 0) { |
878 | 882 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
879 | 883 | return PTS_INTERNAL_ERROR; |
880 | 884 | } |
885 | + free(b64buf); | |
886 | + b64buf = NULL; | |
881 | 887 | |
882 | 888 | /* Close the element named "PcrSelection". */ |
883 | 889 | rc = xmlTextWriterEndElement(writer); |
@@ -906,8 +912,8 @@ int writeQuote( | ||
906 | 912 | return PTS_INTERNAL_ERROR; |
907 | 913 | } |
908 | 914 | /* Add an attribute with name "PcrNumber", int */ |
909 | - snprintf(buf, sizeof(buf), "%d", i); | |
910 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrNumber", BAD_CAST buf); | |
915 | + snprintf(tagbuf, sizeof(tagbuf), "%d", i); | |
916 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrNumber", BAD_CAST tagbuf); | |
911 | 917 | // rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrNumber", BAD_CAST "0"); |
912 | 918 | if (rc < 0) { |
913 | 919 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
@@ -950,69 +956,77 @@ int writeQuote( | ||
950 | 956 | } |
951 | 957 | |
952 | 958 | /* Add an attribute with name "VersionMajor", int */ |
953 | - snprintf(buf, sizeof(buf), "%d", ctx->validation_data->versionInfo.bMajor); | |
954 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionMajor", BAD_CAST buf); | |
959 | + snprintf(tagbuf, sizeof(tagbuf), "%d", ctx->validation_data->versionInfo.bMajor); | |
960 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionMajor", BAD_CAST tagbuf); | |
955 | 961 | if (rc < 0) { |
956 | 962 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
957 | 963 | return PTS_INTERNAL_ERROR; |
958 | 964 | } |
959 | 965 | /* Add an attribute with name "VersionMinor", int */ |
960 | - snprintf(buf, sizeof(buf), "%d", ctx->validation_data->versionInfo.bMinor); | |
961 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionMinor", BAD_CAST buf); | |
966 | + snprintf(tagbuf, sizeof(tagbuf), "%d", ctx->validation_data->versionInfo.bMinor); | |
967 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionMinor", BAD_CAST tagbuf); | |
962 | 968 | if (rc < 0) { |
963 | 969 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
964 | 970 | return PTS_INTERNAL_ERROR; |
965 | 971 | } |
966 | 972 | /* Add an attribute with name "VersionRevMajor", int */ |
967 | - snprintf(buf, sizeof(buf), "%d", ctx->validation_data->versionInfo.bRevMajor); | |
968 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionRevMajor", BAD_CAST buf); | |
973 | + snprintf(tagbuf, sizeof(tagbuf), "%d", ctx->validation_data->versionInfo.bRevMajor); | |
974 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionRevMajor", BAD_CAST tagbuf); | |
969 | 975 | if (rc < 0) { |
970 | 976 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
971 | 977 | return PTS_INTERNAL_ERROR; |
972 | 978 | } |
979 | + | |
973 | 980 | /* Add an attribute with name "VersionRevMinor", int */ |
974 | - snprintf(buf, sizeof(buf), "%d", ctx->validation_data->versionInfo.bRevMinor); | |
975 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionRevMinor", BAD_CAST buf); | |
981 | + snprintf(tagbuf, sizeof(tagbuf), "%d", ctx->validation_data->versionInfo.bRevMinor); | |
982 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "VersionRevMinor", BAD_CAST tagbuf); | |
976 | 983 | if (rc < 0) { |
977 | 984 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
978 | 985 | return PTS_INTERNAL_ERROR; |
979 | 986 | } |
987 | + | |
980 | 988 | /* Add an attribute with name "Fixed", int */ |
981 | 989 | rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "Fixed", BAD_CAST "QUOT"); |
982 | 990 | if (rc < 0) { |
983 | 991 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
984 | 992 | return -1; |
985 | 993 | } |
994 | + | |
986 | 995 | /* Add an attribute with name "DigestValue", base64 */ |
987 | - // 2011-02-07 bad DigestValue | |
988 | - // encodeBase64( | |
989 | - // (unsigned char *)buf, | |
990 | - // (unsigned char *)ctx->validation_data->rgbData, | |
991 | - // ctx->validation_data->ulDataLength); | |
992 | - encodeBase64( | |
993 | - (unsigned char *)buf, | |
996 | + b64buf = encodeBase64( | |
994 | 997 | (unsigned char *)&ctx->validation_data->rgbData[8], // skip 01010000 51554f54 |
995 | - 20); // ctx->validation_data->ulDataLength); | |
996 | - // DEBUG("rgbData b64=%s\n", buf); | |
997 | - // printHex("\t\trgbData",ctx->validation_data->rgbData, ctx->validation_data->ulDataLength,"\n"); | |
998 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "DigestValue", BAD_CAST buf); | |
998 | + 20, | |
999 | + &b64buf_len); // ctx->validation_data->ulDataLength); | |
1000 | + if (b64buf == NULL) { | |
1001 | + ERROR("encodeBase64() fail"); | |
1002 | + return PTS_INTERNAL_ERROR; | |
1003 | + } | |
1004 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "DigestValue", BAD_CAST b64buf); | |
999 | 1005 | if (rc < 0) { |
1000 | 1006 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
1001 | 1007 | return PTS_INTERNAL_ERROR; |
1002 | 1008 | } |
1009 | + free(b64buf); | |
1010 | + b64buf=NULL; | |
1003 | 1011 | |
1004 | 1012 | // TODO we used DH-nonce exchange but here, we put plain nonce:-P |
1005 | 1013 | // TODO is this option attribute? can we suppress? |
1006 | 1014 | /* Add an attribute with name "ExternalData", base64 */ |
1007 | - encodeBase64( | |
1008 | - (unsigned char *)buf, | |
1015 | + b64buf = encodeBase64( | |
1009 | 1016 | (unsigned char *)ctx->validation_data->rgbExternalData, |
1010 | - ctx->validation_data->ulExternalDataLength); | |
1011 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "ExternalData", BAD_CAST buf); | |
1017 | + ctx->validation_data->ulExternalDataLength, | |
1018 | + &b64buf_len); | |
1019 | + if (b64buf == NULL) { | |
1020 | + ERROR("encodeBase64() fail"); | |
1021 | + return PTS_INTERNAL_ERROR; | |
1022 | + } | |
1023 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "ExternalData", BAD_CAST b64buf); | |
1012 | 1024 | if (rc < 0) { |
1013 | 1025 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
1014 | 1026 | return PTS_INTERNAL_ERROR; |
1015 | 1027 | } |
1028 | + free(b64buf); | |
1029 | + b64buf=NULL; | |
1016 | 1030 | |
1017 | 1031 | /* Close the element named "QuoteInfo". */ |
1018 | 1032 | rc = xmlTextWriterEndElement(writer); |
@@ -1123,14 +1137,15 @@ int writeQuote2( | ||
1123 | 1137 | OPENPTS_CONTEXT *ctx) { |
1124 | 1138 | int rc; |
1125 | 1139 | int i; |
1126 | - char buf[BUF_SIZE]; | |
1140 | + char *b64buf = NULL; | |
1141 | + int b64buf_len; | |
1127 | 1142 | int size_of_select = 0; |
1128 | 1143 | BYTE select_byte[3]; |
1129 | 1144 | int tag; |
1130 | 1145 | char fixed[5]; |
1131 | 1146 | int locality; |
1132 | - // BYTE *external_data; | |
1133 | 1147 | BYTE *composite_hash; |
1148 | + char tagbuf[128]; // Quote tag | |
1134 | 1149 | |
1135 | 1150 | if (ctx->pcrs == NULL) { |
1136 | 1151 | TODO("writeQuote2 - OPENPTS_PCRS is NULL, SKIP QuoteData\n"); |
@@ -1198,8 +1213,8 @@ int writeQuote2( | ||
1198 | 1213 | } |
1199 | 1214 | |
1200 | 1215 | /* QuoteInfo2 - attribute - Tag */ |
1201 | - snprintf(buf, sizeof(buf), "%d", tag); | |
1202 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "Tag", BAD_CAST buf); | |
1216 | + snprintf(tagbuf, sizeof(tagbuf), "%d", tag); | |
1217 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "Tag", BAD_CAST tagbuf); | |
1203 | 1218 | if (rc < 0) { |
1204 | 1219 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
1205 | 1220 | return PTS_INTERNAL_ERROR; |
@@ -1212,11 +1227,16 @@ int writeQuote2( | ||
1212 | 1227 | return -1; |
1213 | 1228 | } |
1214 | 1229 | /* QuoteInfo2 - attribute - ExternalData - base64 */ |
1215 | - encodeBase64( | |
1216 | - (unsigned char *)buf, | |
1230 | + b64buf = encodeBase64( | |
1217 | 1231 | (unsigned char *)ctx->validation_data->rgbExternalData, |
1218 | - ctx->validation_data->ulExternalDataLength); | |
1219 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "ExternalData", BAD_CAST buf); | |
1232 | + ctx->validation_data->ulExternalDataLength, | |
1233 | + &b64buf_len); | |
1234 | + if (b64buf == NULL) { | |
1235 | + ERROR("encodeBase64 fail"); | |
1236 | + return PTS_INTERNAL_ERROR; | |
1237 | + } | |
1238 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "ExternalData", BAD_CAST b64buf); | |
1239 | + free(b64buf); | |
1220 | 1240 | if (rc < 0) { |
1221 | 1241 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
1222 | 1242 | return PTS_INTERNAL_ERROR; |
@@ -1236,18 +1256,23 @@ int writeQuote2( | ||
1236 | 1256 | return PTS_INTERNAL_ERROR; |
1237 | 1257 | } |
1238 | 1258 | /* Add an attribute with name "SizeOfSelect", int */ |
1239 | - snprintf(buf, sizeof(buf), "%d", size_of_select); | |
1240 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "SizeOfSelect", BAD_CAST buf); | |
1259 | + snprintf(tagbuf, sizeof(tagbuf), "%d", size_of_select); | |
1260 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "SizeOfSelect", BAD_CAST tagbuf); | |
1241 | 1261 | if (rc < 0) { |
1242 | 1262 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
1243 | 1263 | return PTS_INTERNAL_ERROR; |
1244 | 1264 | } |
1245 | 1265 | /* Add an attribute with name "PcrSelect", base64 */ |
1246 | - encodeBase64( | |
1247 | - (unsigned char *)buf, | |
1266 | + b64buf = encodeBase64( | |
1248 | 1267 | (unsigned char *)select_byte, |
1249 | - size_of_select); | |
1250 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrSelect", BAD_CAST buf); | |
1268 | + size_of_select, | |
1269 | + &b64buf_len); | |
1270 | + if (b64buf == NULL) { | |
1271 | + ERROR("encodeBase64 fail"); | |
1272 | + return PTS_INTERNAL_ERROR; | |
1273 | + } | |
1274 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrSelect", BAD_CAST b64buf); | |
1275 | + free(b64buf); | |
1251 | 1276 | if (rc < 0) { |
1252 | 1277 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
1253 | 1278 | return PTS_INTERNAL_ERROR; |
@@ -1268,11 +1293,16 @@ int writeQuote2( | ||
1268 | 1293 | } |
1269 | 1294 | |
1270 | 1295 | /* CompositeHash - element */ |
1271 | - encodeBase64( | |
1272 | - (unsigned char *)buf, | |
1296 | + b64buf = encodeBase64( | |
1273 | 1297 | (unsigned char *)composite_hash, |
1274 | - 20); | |
1275 | - rc = xmlTextWriterWriteFormatElement(writer, BAD_CAST "CompositeHash", "%s", buf); | |
1298 | + 20, | |
1299 | + &b64buf_len); | |
1300 | + if (b64buf == NULL) { | |
1301 | + ERROR("encodeBase64 fail"); | |
1302 | + return PTS_INTERNAL_ERROR; | |
1303 | + } | |
1304 | + rc = xmlTextWriterWriteFormatElement(writer, BAD_CAST "CompositeHash", "%s", b64buf); | |
1305 | + free(b64buf); | |
1276 | 1306 | if (rc < 0) { |
1277 | 1307 | ERROR("Error at xmlTextWriterWriteFormatElement\n"); |
1278 | 1308 | return PTS_INTERNAL_ERROR; |
@@ -1293,18 +1323,23 @@ int writeQuote2( | ||
1293 | 1323 | return PTS_INTERNAL_ERROR; |
1294 | 1324 | } |
1295 | 1325 | /* Add an attribute with name "SizeOfSelect", int */ |
1296 | - snprintf(buf, sizeof(buf), "%d", size_of_select); | |
1297 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "SizeOfSelect", BAD_CAST buf); | |
1326 | + snprintf(tagbuf, sizeof(tagbuf), "%d", size_of_select); | |
1327 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "SizeOfSelect", BAD_CAST tagbuf); | |
1298 | 1328 | if (rc < 0) { |
1299 | 1329 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
1300 | 1330 | return PTS_INTERNAL_ERROR; |
1301 | 1331 | } |
1302 | 1332 | /* Add an attribute with name "PcrSelect", base64 */ |
1303 | - encodeBase64( | |
1304 | - (unsigned char *)buf, | |
1333 | + b64buf = encodeBase64( | |
1305 | 1334 | (unsigned char *)select_byte, |
1306 | - size_of_select); | |
1307 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrSelect", BAD_CAST buf); | |
1335 | + size_of_select, | |
1336 | + &b64buf_len); | |
1337 | + if (b64buf == NULL) { | |
1338 | + ERROR("encodeBase64 fail"); | |
1339 | + return PTS_INTERNAL_ERROR; | |
1340 | + } | |
1341 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrSelect", BAD_CAST b64buf); | |
1342 | + free(b64buf); | |
1308 | 1343 | if (rc < 0) { |
1309 | 1344 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
1310 | 1345 | return PTS_INTERNAL_ERROR; |
@@ -1331,8 +1366,8 @@ int writeQuote2( | ||
1331 | 1366 | return PTS_INTERNAL_ERROR; |
1332 | 1367 | } |
1333 | 1368 | /* Add an attribute - PcrNumber - int */ |
1334 | - snprintf(buf, sizeof(buf), "%d", i); | |
1335 | - rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrNumber", BAD_CAST buf); | |
1369 | + snprintf(tagbuf, sizeof(tagbuf), "%d", i); | |
1370 | + rc = xmlTextWriterWriteAttribute(writer, BAD_CAST "PcrNumber", BAD_CAST tagbuf); | |
1336 | 1371 | if (rc < 0) { |
1337 | 1372 | ERROR("Error at xmlTextWriterWriteAttribute\n"); |
1338 | 1373 | return PTS_INTERNAL_ERROR; |
@@ -1481,11 +1516,10 @@ int writeQuote2( | ||
1481 | 1516 | */ |
1482 | 1517 | // TODO remove file |
1483 | 1518 | int writeIr(OPENPTS_CONTEXT *ctx, const char *file) { |
1484 | -// int writeIr(OPENPTS_CONTEXT *ctx) { | |
1485 | 1519 | int rc = PTS_SUCCESS; |
1486 | 1520 | int i; |
1487 | 1521 | xmlTextWriterPtr writer; |
1488 | - xmlBufferPtr buf; | |
1522 | + xmlBufferPtr xmlbuf; | |
1489 | 1523 | FILE *fp; |
1490 | 1524 | PTS_ComponentId cid; |
1491 | 1525 | OPENPTS_TPM_CONTEXT tpm; // to calc snapshot PCR |
@@ -1543,15 +1577,15 @@ int writeIr(OPENPTS_CONTEXT *ctx, const char *file) { | ||
1543 | 1577 | resetTpm(&tpm, ctx->drtm); |
1544 | 1578 | |
1545 | 1579 | /* Create a new XML buffer */ |
1546 | - buf = xmlBufferCreate(); | |
1547 | - if (buf == NULL) { | |
1580 | + xmlbuf = xmlBufferCreate(); | |
1581 | + if (xmlbuf == NULL) { | |
1548 | 1582 | ERROR("creating the xml buffer fail\n"); |
1549 | 1583 | rc = PTS_INTERNAL_ERROR; |
1550 | 1584 | goto error; |
1551 | 1585 | } |
1552 | 1586 | |
1553 | 1587 | /* Create a new XmlWriter for memory */ |
1554 | - writer = xmlNewTextWriterMemory(buf, 0); | |
1588 | + writer = xmlNewTextWriterMemory(xmlbuf, 0); | |
1555 | 1589 | if (writer == NULL) { |
1556 | 1590 | ERROR("creating the xml writer fail\n"); |
1557 | 1591 | rc = PTS_INTERNAL_ERROR; |
@@ -1754,7 +1788,7 @@ int writeIr(OPENPTS_CONTEXT *ctx, const char *file) { | ||
1754 | 1788 | goto free; |
1755 | 1789 | } |
1756 | 1790 | |
1757 | - fprintf(fp, "%s", (const char *) buf->content); | |
1791 | + fprintf(fp, "%s", (const char *) xmlbuf->content); | |
1758 | 1792 | |
1759 | 1793 | rc = PTS_SUCCESS; // 0 |
1760 | 1794 |
@@ -1765,7 +1799,7 @@ int writeIr(OPENPTS_CONTEXT *ctx, const char *file) { | ||
1765 | 1799 | free(str_ir_uuid); |
1766 | 1800 | |
1767 | 1801 | freexml: |
1768 | - xmlBufferFree(buf); | |
1802 | + xmlBufferFree(xmlbuf); | |
1769 | 1803 | |
1770 | 1804 | error: |
1771 | 1805 |
@@ -1834,14 +1868,13 @@ void irStartElement(void* ctx, const xmlChar* name, const xmlChar** atts) { | ||
1834 | 1868 | OPENPTS_IR_CONTEXT * ir_ctx = pctx->ir_ctx; |
1835 | 1869 | TSS_VALIDATION *validation_data = pctx->validation_data; |
1836 | 1870 | OPENPTS_PCRS *pcrs = pctx->pcrs; |
1837 | - BYTE buf[IR_SAX_BUFFER_SIZE]; // TODO | |
1871 | + BYTE *b64buf = NULL; | |
1872 | + int b64buf_len; | |
1838 | 1873 | int i; |
1839 | 1874 | char *type; |
1840 | 1875 | char *value; |
1841 | - int rc = 0; | |
1842 | 1876 | |
1843 | 1877 | ir_ctx->char_size = 0; |
1844 | - // memset(buf, 0, IR_SAX_BUFFER_SIZE); // UNINIT | |
1845 | 1878 | |
1846 | 1879 | if (!strcmp((char *)name, "Report")) { |
1847 | 1880 | // |
@@ -1950,10 +1983,15 @@ void irStartElement(void* ctx, const xmlChar* name, const xmlChar** atts) { | ||
1950 | 1983 | // DEBUG("SizeOfSelect = %d\n", ir_ctx->pcr_select_size); |
1951 | 1984 | } |
1952 | 1985 | if (!strcmp(type, "PcrSelect")) { |
1953 | - rc = decodeBase64( | |
1954 | - buf, // ir_ctx->pcr_select, | |
1955 | - (unsigned char *)value, | |
1956 | - strlen(value)); | |
1986 | + /* used later */ | |
1987 | + if (b64buf != NULL) { | |
1988 | + ERROR("bad memory management"); | |
1989 | + free(b64buf); | |
1990 | + } | |
1991 | + b64buf = (BYTE *) decodeBase64( | |
1992 | + (char *)value, | |
1993 | + strlen(value), | |
1994 | + &b64buf_len); | |
1957 | 1995 | attr_cnt++; |
1958 | 1996 | // DEBUG("PcrSelect = 0x%02x %02x %02x \n", buf[0],buf[1],buf[2]); |
1959 | 1997 | } |
@@ -1971,12 +2009,21 @@ void irStartElement(void* ctx, const xmlChar* name, const xmlChar** atts) { | ||
1971 | 2009 | if (pcrs->pcr_select_byte == NULL) { |
1972 | 2010 | ERROR("no memory\n"); |
1973 | 2011 | } else { |
1974 | - memcpy(pcrs->pcr_select_byte, buf, pcrs->pcr_select_size); | |
2012 | + if (b64buf != NULL) { | |
2013 | + memcpy(pcrs->pcr_select_byte, b64buf, pcrs->pcr_select_size); | |
2014 | + } else { | |
2015 | + ERROR("pcr_select_byte is missing"); | |
2016 | + } | |
1975 | 2017 | } |
1976 | 2018 | } else { |
1977 | 2019 | /* BAD IR */ |
1978 | 2020 | ERROR("BAD IR SizeOfSelect or PcrSelect are missing\n"); |
1979 | 2021 | } |
2022 | + /* free Base64 buffer */ | |
2023 | + if (b64buf != NULL) { | |
2024 | + free(b64buf); | |
2025 | + b64buf=NULL; | |
2026 | + } | |
1980 | 2027 | } else if (!strcmp((char *)name, "ValueSize")) { |
1981 | 2028 | // <ValueSize>200</ValueSize> |
1982 | 2029 | // Text => ctx->pcrs->value_size - irEndElement() |
@@ -2044,32 +2091,40 @@ void irStartElement(void* ctx, const xmlChar* name, const xmlChar** atts) { | ||
2044 | 2091 | } |
2045 | 2092 | if (!strcmp(type, "DigestValue")) { |
2046 | 2093 | // TODO check buf len |
2047 | - rc = decodeBase64( | |
2048 | - buf, | |
2049 | - (unsigned char *)value, | |
2050 | - strlen(value)); | |
2051 | - // TODO check rc must be 20 (SHA1) | |
2052 | - // validation_data->ulDataLength = 48; | |
2053 | - // validation_data->rgbData = malloc(48); | |
2054 | - // memcpy(validation_data->rgbData, buf, rc); | |
2055 | - memcpy(&validation_data->rgbData[8], buf, 20); | |
2056 | - | |
2057 | - // DEBUG("validation_data->ulDataLength %d < %s\n",validation_data->ulDataLength,value); | |
2094 | + b64buf = decodeBase64( | |
2095 | + (char *)value, | |
2096 | + strlen(value), | |
2097 | + &b64buf_len); | |
2098 | + if (b64buf == NULL) { | |
2099 | + ERROR("decodeBase64 fail"); | |
2100 | + ir_ctx->sax_error++; | |
2101 | + return; | |
2102 | + } | |
2103 | + if (b64buf_len < 20) { | |
2104 | + ERROR("decodeBase64 out is too small, %d < 20", b64buf_len); | |
2105 | + ir_ctx->sax_error++; | |
2106 | + return; | |
2107 | + } | |
2108 | + memcpy(&validation_data->rgbData[8], b64buf, 20); | |
2109 | + free(b64buf); | |
2058 | 2110 | } |
2059 | 2111 | if (!strcmp(type, "ExternalData")) { |
2060 | - // TODO check buf len | |
2061 | - rc = decodeBase64( | |
2062 | - buf, | |
2063 | - (unsigned char *)value, | |
2064 | - strlen(value)); | |
2065 | - // TODO check rc | |
2066 | - validation_data->ulExternalDataLength = rc; | |
2112 | + b64buf = decodeBase64( | |
2113 | + (char *)value, | |
2114 | + strlen(value), | |
2115 | + &b64buf_len); | |
2116 | + if (b64buf == NULL) { | |
2117 | + ERROR("decodeBase64 fail"); | |
2118 | + ir_ctx->sax_error++; | |
2119 | + return; | |
2120 | + } | |
2121 | + validation_data->ulExternalDataLength = b64buf_len; | |
2067 | 2122 | if (validation_data->rgbExternalData != NULL) { |
2068 | 2123 | free(validation_data->rgbExternalData); |
2069 | 2124 | } |
2070 | - validation_data->rgbExternalData = malloc(rc); | |
2071 | - memcpy(validation_data->rgbExternalData, buf, rc); | |
2072 | - memcpy(&validation_data->rgbData[28], buf, 20); | |
2125 | + validation_data->rgbExternalData = b64buf; | |
2126 | + //memcpy(validation_data->rgbExternalData, buf, rc); | |
2127 | + memcpy(&validation_data->rgbData[28], b64buf, 20); | |
2073 | 2128 | } |
2074 | 2129 | } |
2075 | 2130 | } |
@@ -2103,16 +2158,19 @@ void irStartElement(void* ctx, const xmlChar* name, const xmlChar** atts) { | ||
2103 | 2158 | validation_data->rgbData[5] = value[3]; |
2104 | 2159 | } |
2105 | 2160 | if (!strcmp(type, "ExternalData")) { |
2106 | - // TODO check buf len | |
2107 | - rc = decodeBase64( | |
2108 | - buf, | |
2109 | - (unsigned char *)value, | |
2110 | - strlen(value)); | |
2111 | - // TODO check rc | |
2112 | - validation_data->ulExternalDataLength = rc; | |
2113 | - validation_data->rgbExternalData = malloc(rc); | |
2114 | - memcpy(validation_data->rgbExternalData, buf, rc); | |
2115 | - memcpy(&validation_data->rgbData[6], buf, 20); | |
2161 | + b64buf = decodeBase64( | |
2162 | + (char *)value, | |
2163 | + strlen(value), | |
2164 | + &b64buf_len); | |
2165 | + if (b64buf == NULL) { | |
2166 | + ERROR("decodeBase64 fail"); | |
2167 | + ir_ctx->sax_error++; | |
2168 | + return; | |
2169 | + } | |
2170 | + validation_data->ulExternalDataLength = b64buf_len; | |
2171 | + validation_data->rgbExternalData = b64buf; | |
2172 | + //memcpy(validation_data->rgbExternalData, b64buf, rc); | |
2173 | + memcpy(&validation_data->rgbData[6], b64buf, 20); | |
2116 | 2174 | } |
2117 | 2175 | } |
2118 | 2176 | } |
@@ -2148,14 +2206,15 @@ void irEndElement(void * ctx, const xmlChar * name) { | ||
2148 | 2206 | TSS_VALIDATION *validation_data = pctx->validation_data; |
2149 | 2207 | OPENPTS_PCRS *pcrs = pctx->pcrs; |
2150 | 2208 | int rc; |
2151 | - BYTE buf[IR_SAX_BUFFER_SIZE]; | |
2209 | + BYTE *b64buf = NULL; | |
2210 | + int b64buf_len; | |
2152 | 2211 | |
2153 | 2212 | if (!strcmp((char *)name, "stuff:Objects")) { |
2154 | 2213 | int extend = 0; |
2155 | 2214 | int pcr_index = -1; |
2156 | 2215 | BYTE* digest = NULL; |
2157 | - /* Event finish, let's get into our structure */ | |
2158 | 2216 | |
2217 | + /* Event finish, let's get into our structure */ | |
2159 | 2218 | ir_ctx->event_index++; |
2160 | 2219 | |
2161 | 2220 | /* Add new event wrapper and update the chain */ |
@@ -2220,28 +2279,54 @@ void irEndElement(void * ctx, const xmlChar * name) { | ||
2220 | 2279 | ir_ctx->event->ulPcrIndex = atoi(ir_ctx->buf); |
2221 | 2280 | } else if (!strcmp((char *)name, "stuff:Hash")) { |
2222 | 2281 | ir_ctx->buf[ir_ctx->char_size] = 0; |
2223 | - ir_ctx->event->rgbPcrValue = malloc(MAX_DIGEST_SIZE); // TODO(munetoh) alg -> size | |
2224 | - rc = decodeBase64(ir_ctx->event->rgbPcrValue, (unsigned char *)ir_ctx->buf, ir_ctx->char_size); | |
2225 | - ir_ctx->event->ulPcrValueLength = rc; | |
2282 | + /* base64 -> plain */ | |
2283 | + ir_ctx->event->rgbPcrValue = decodeBase64( | |
2284 | + (char *)ir_ctx->buf, | |
2285 | + ir_ctx->char_size, | |
2286 | + &b64buf_len); | |
2287 | + if (ir_ctx->event->rgbPcrValue == NULL) { | |
2288 | + ERROR("decodeBase64 fail"); | |
2289 | + ir_ctx->sax_error++; | |
2290 | + return; | |
2291 | + } | |
2292 | + ir_ctx->event->ulPcrValueLength = b64buf_len; | |
2226 | 2293 | } else if (!strcmp((char *)name, "eventtype")) { |
2227 | 2294 | ir_ctx->buf[ir_ctx->char_size] = 0; |
2228 | 2295 | ir_ctx->event->eventType = atoi(ir_ctx->buf); |
2229 | 2296 | } else if (!strcmp((char *)name, "eventdata")) { |
2230 | 2297 | ir_ctx->buf[ir_ctx->char_size] = 0; // null terminate |
2231 | - /* malloc */ | |
2232 | - ir_ctx->event->rgbEvent = malloc(ir_ctx->char_size + 1); | |
2298 | + /* base64 -> plain */ | |
2299 | + ir_ctx->event->rgbEvent = decodeBase64( | |
2300 | + (char *)ir_ctx->buf, | |
2301 | + ir_ctx->char_size, | |
2302 | + &b64buf_len); | |
2233 | 2303 | if (ir_ctx->event->rgbEvent == NULL) { |
2234 | - ERROR("no memory\n"); | |
2304 | + ERROR("decodeBase64 fail"); | |
2235 | 2305 | ir_ctx->sax_error++; |
2236 | 2306 | return; |
2237 | 2307 | } |
2238 | - /* base64 -> plain */ | |
2239 | - rc = decodeBase64(ir_ctx->event->rgbEvent, (unsigned char *)ir_ctx->buf, ir_ctx->char_size); | |
2240 | - ir_ctx->event->ulEventLength = rc; | |
2308 | + ir_ctx->event->ulEventLength = b64buf_len; | |
2241 | 2309 | } else if (!strcmp((char *)name, "PcrHash")) { |
2242 | 2310 | /* PCR value */ |
2243 | 2311 | ir_ctx->buf[ir_ctx->char_size] = 0; // null terminate |
2244 | - decodeBase64(ir_ctx->pcr, (unsigned char *)ir_ctx->buf, ir_ctx->char_size); | |
2312 | + /* base64 -> plain */ | |
2313 | + b64buf = decodeBase64( | |
2314 | + (char *)ir_ctx->buf, | |
2315 | + ir_ctx->char_size, | |
2316 | + &b64buf_len); | |
2317 | + if (b64buf == NULL) { | |
2318 | + ERROR("decodeBase64 fail"); | |
2319 | + ir_ctx->sax_error++; | |
2320 | + return; | |
2321 | + } | |
2322 | + if (b64buf_len > MAX_DIGEST_SIZE) { | |
2323 | + ERROR("decodeBase64 out is too latge, %d > %d", | |
2324 | + b64buf_len, MAX_DIGEST_SIZE); | |
2325 | + ir_ctx->sax_error++; | |
2326 | + return; | |
2327 | + } | |
2328 | + memcpy(ir_ctx->pcr, b64buf, b64buf_len); | |
2329 | + free(b64buf); | |
2245 | 2330 | |
2246 | 2331 | /* Check with PCR in TPM */ |
2247 | 2332 | rc = checkTpmPcr2(&pctx->tpm, ir_ctx->pcr_index, ir_ctx->pcr); |
@@ -2286,14 +2371,18 @@ void irEndElement(void * ctx, const xmlChar * name) { | ||
2286 | 2371 | // TODO |
2287 | 2372 | validation_data->rgbData[31] = atoi(ir_ctx->buf); |
2288 | 2373 | } else if (!strcmp((char *)name, "CompositeHash")) { |
2289 | - // TODO | |
2290 | - rc = decodeBase64( | |
2291 | - buf, | |
2292 | - (unsigned char *)ir_ctx->buf, | |
2293 | - ir_ctx->char_size); | |
2294 | - // TODO check rc | |
2295 | 2374 | // DEBUG("CompositeHash %s", ir_ctx->buf); |
2296 | - memcpy(&validation_data->rgbData[32], buf, 20); | |
2375 | + b64buf = decodeBase64( | |
2376 | + (char *)ir_ctx->buf, | |
2377 | + ir_ctx->char_size, | |
2378 | + &b64buf_len); | |
2379 | + if (b64buf == NULL) { | |
2380 | + ERROR("decodeBase64 fail"); | |
2381 | + ir_ctx->sax_error++; | |
2382 | + return; | |
2383 | + } | |
2384 | + memcpy(&validation_data->rgbData[32], b64buf, 20); | |
2385 | + free(b64buf); | |
2297 | 2386 | } else if (!strcmp((char *)name, "ValueSize")) { |
2298 | 2387 | // <ValueSize>200</ValueSize> |
2299 | 2388 | // Text => ctx->pcrs->value_size |
@@ -2303,10 +2392,29 @@ void irEndElement(void * ctx, const xmlChar * name) { | ||
2303 | 2392 | // <PcrValue PcrNumber="0">j7/z7OqcVMjRxCz+qT1r8BvzQFs=</PcrValue> |
2304 | 2393 | // Text => ctx->pcrs->pcr[0] |
2305 | 2394 | ir_ctx->buf[ir_ctx->char_size] = 0; |
2306 | - rc = decodeBase64( | |
2307 | - pcrs->pcr[ir_ctx->pcr_index], | |
2308 | - (unsigned char *)ir_ctx->buf, | |
2309 | - ir_ctx->char_size); | |
2395 | + b64buf = decodeBase64( | |
2396 | + (char *)ir_ctx->buf, | |
2397 | + ir_ctx->char_size, | |
2398 | + &b64buf_len); | |
2399 | + if (b64buf == NULL) { | |
2400 | + ERROR("decodeBase64 fail"); | |
2401 | + ir_ctx->sax_error++; | |
2402 | + return; | |
2403 | + } | |
2404 | + if (b64buf_len < SHA1_DIGEST_SIZE) { | |
2405 | + ERROR("decodeBase64 outout is too small, %d < %d", b64buf_len, SHA1_DIGEST_SIZE); | |
2406 | + ir_ctx->sax_error++; | |
2407 | + return; | |
2408 | + } | |
2409 | + if (b64buf_len > MAX_DIGEST_SIZE) { | |
2410 | + ERROR("decodeBase64 outout is too large, %d < %d", b64buf_len, MAX_DIGEST_SIZE); | |
2411 | + ir_ctx->sax_error++; | |
2412 | + return; | |
2413 | + } | |
2414 | + | |
2415 | + memcpy(pcrs->pcr[ir_ctx->pcr_index], b64buf, b64buf_len); | |
2416 | + free(b64buf); | |
2417 | + | |
2310 | 2418 | pcrs->pcr_select[ir_ctx->pcr_index] = 1; |
2311 | 2419 | |
2312 | 2420 | // DEBUG("PCR[%d] base64=%s\n", ir_ctx->pcr_index,ir_ctx->buf); |
@@ -2321,46 +2429,52 @@ void irEndElement(void * ctx, const xmlChar * name) { | ||
2321 | 2429 | addProperty(ctx, buf2, ir_ctx->buf); |
2322 | 2430 | } |
2323 | 2431 | } else if (!strcmp((char *)name, "QuoteInfo2")) { |
2324 | - // set pcr select | |
2325 | - // TODO | |
2326 | - validation_data->rgbData[26] = 0; | |
2327 | - validation_data->rgbData[27] = pcrs->pcr_select_size; | |
2328 | - validation_data->rgbData[28] = pcrs->pcr_select_byte[0]; | |
2329 | - validation_data->rgbData[29] = pcrs->pcr_select_byte[1]; | |
2330 | - validation_data->rgbData[30] = pcrs->pcr_select_byte[2]; | |
2432 | + /* pcr select => validation_data */ | |
2433 | + if (pcrs->pcr_select_byte == NULL) { | |
2434 | + ERROR("pcrs->pcr_select_byte is null"); | |
2435 | + } else { | |
2436 | + validation_data->rgbData[26] = 0; | |
2437 | + validation_data->rgbData[27] = pcrs->pcr_select_size; | |
2438 | + validation_data->rgbData[28] = pcrs->pcr_select_byte[0]; | |
2439 | + validation_data->rgbData[29] = pcrs->pcr_select_byte[1]; | |
2440 | + validation_data->rgbData[30] = pcrs->pcr_select_byte[2]; | |
2441 | + } | |
2331 | 2442 | } else if (!strcmp((char *)name, "SignatureValue")) { |
2332 | 2443 | ir_ctx->buf[ir_ctx->char_size] = 0; |
2333 | 2444 | if (ir_ctx->char_size > IR_SAX_BUFFER_SIZE) { // TODO check buf size |
2334 | 2445 | ERROR("buf is small %d \n", ir_ctx->char_size); |
2335 | 2446 | ir_ctx->sax_error++; |
2336 | 2447 | } else { |
2337 | - rc = decodeBase64( | |
2338 | - buf, | |
2339 | - (unsigned char *)ir_ctx->buf, | |
2340 | - ir_ctx->char_size); | |
2341 | - // TODO check rc | |
2342 | - validation_data->ulValidationDataLength = rc; | |
2343 | 2448 | if (validation_data->rgbValidationData != NULL) { |
2344 | 2449 | free(validation_data->rgbValidationData); |
2345 | 2450 | } |
2346 | - validation_data->rgbValidationData = malloc(rc); | |
2347 | - memcpy(validation_data->rgbValidationData, buf, rc); | |
2348 | - // DEBUG("rgbValidationData =%s\n",ir_ctx->buf); | |
2451 | + /* base64 -> plain */ | |
2452 | + validation_data->rgbValidationData = decodeBase64( | |
2453 | + (char *)ir_ctx->buf, | |
2454 | + ir_ctx->char_size, | |
2455 | + &b64buf_len); | |
2456 | + if (validation_data->rgbValidationData == NULL) { | |
2457 | + ERROR("decodeBase64 fail"); | |
2458 | + ir_ctx->sax_error++; | |
2459 | + return; | |
2460 | + } | |
2461 | + validation_data->ulValidationDataLength = b64buf_len; | |
2349 | 2462 | } |
2350 | 2463 | } else if (!strcmp((char *)name, "KeyValue")) { |
2351 | 2464 | ir_ctx->buf[ir_ctx->char_size] = 0; |
2352 | 2465 | if (ir_ctx->char_size > IR_SAX_BUFFER_SIZE) { // TODO check buf size |
2353 | 2466 | ERROR("buf is small %d \n", ir_ctx->char_size); |
2354 | 2467 | } else { |
2355 | - rc = decodeBase64( | |
2356 | - buf, | |
2357 | - (unsigned char *)ir_ctx->buf, | |
2358 | - ir_ctx->char_size); | |
2359 | - // TODO check rc | |
2360 | - pcrs->pubkey_length = rc; | |
2361 | - pcrs->pubkey = malloc(rc); | |
2362 | - memcpy(pcrs->pubkey, buf, rc); | |
2363 | - // DEBUG("KeyValue %s\n", ir_ctx->buf); | |
2468 | + pcrs->pubkey = decodeBase64( | |
2469 | + (char *)ir_ctx->buf, | |
2470 | + ir_ctx->char_size, | |
2471 | + &b64buf_len); | |
2472 | + if (pcrs->pubkey == NULL) { | |
2473 | + ERROR("decodeBase64 fail"); | |
2474 | + ir_ctx->sax_error++; | |
2475 | + return; | |
2476 | + } | |
2477 | + pcrs->pubkey_length = b64buf_len; | |
2364 | 2478 | } |
2365 | 2479 | } else if (!strcmp((char *)name, "QuoteData")) { |
2366 | 2480 | /* check Nonce */ |
@@ -126,7 +126,10 @@ char * snmalloc(char *str, int len) { | ||
126 | 126 | } |
127 | 127 | |
128 | 128 | /** |
129 | - * get string | |
129 | + * get NEW string buffer | |
130 | + * | |
131 | + * snmalloc2("ABCDEF", 2,3) => "CDE" | |
132 | + * | |
130 | 133 | * |
131 | 134 | * @param buf input |
132 | 135 | * @param offset |
@@ -375,8 +378,14 @@ char *getHexString(BYTE *bin, int size) { | ||
375 | 378 | buf = malloc(size * 2 + 1); |
376 | 379 | ptr = buf; |
377 | 380 | for (i = 0; i < size; i++) { |
378 | - len = snprintf(ptr, sizeof(ptr), "%02x", bin[i]); | |
379 | - ptr += len; | |
381 | + //len = snprintf(ptr, sizeof(ptr), "%02x", bin[i]); | |
382 | + len = snprintf(ptr, 3, "%02x", bin[i]); | |
383 | + if (len != 2) { | |
384 | + ERROR("FATAL"); | |
385 | + free(buf); | |
386 | + return NULL; | |
387 | + } | |
388 | + ptr += 2; //len; | |
380 | 389 | } |
381 | 390 | |
382 | 391 | return buf; |
@@ -406,7 +406,7 @@ int main(int argc, char *argv[]) { | ||
406 | 406 | if (checkDir(target_conf_dir) == PTS_SUCCESS) { |
407 | 407 | initialized++; // 1->2 |
408 | 408 | } else { |
409 | - ERROR("%s is missing", target_conf_dir); | |
409 | + ERROR("target_conf_dir, %s is missing", target_conf_dir); | |
410 | 410 | } |
411 | 411 | } |
412 | 412 |
@@ -249,7 +249,8 @@ int setEventProperty(OPENPTS_CONTEXT *ctx, char *name, char *value, OPENPTS_PCR_ | ||
249 | 249 | |
250 | 250 | if (!strcmp(value, "digest")) { |
251 | 251 | /* if value = digest, base64 -> set digest as value */ |
252 | - char b64digest[SHA1_BASE64_DIGEST_SIZE+1]; | |
252 | + char *buf; | |
253 | + int buf_len; | |
253 | 254 | |
254 | 255 | /* check */ |
255 | 256 | if (eventWrapper == NULL) { |
@@ -257,12 +258,16 @@ int setEventProperty(OPENPTS_CONTEXT *ctx, char *name, char *value, OPENPTS_PCR_ | ||
257 | 258 | return 0; // PTS_INTERNAL_ERROR; |
258 | 259 | } |
259 | 260 | |
260 | - encodeBase64((unsigned char *)b64digest, (unsigned char *)eventWrapper->event->rgbPcrValue, SHA1_DIGEST_SIZE); | |
261 | - b64digest[SHA1_BASE64_DIGEST_SIZE] = 0; | |
262 | - | |
263 | - value = b64digest; | |
264 | - | |
265 | - setProperty(ctx, name, value); // TODO | |
261 | + buf = encodeBase64( | |
262 | + (unsigned char *)eventWrapper->event->rgbPcrValue, | |
263 | + SHA1_DIGEST_SIZE, | |
264 | + &buf_len); | |
265 | + if (buf == NULL) { | |
266 | + ERROR("encodeBase64 fail"); | |
267 | + return PTS_FATAL; | |
268 | + } | |
269 | + setProperty(ctx, name, buf); // TODO | |
270 | + free(buf); | |
266 | 271 | } else if (!strcmp(value, "eventdata")) { |
267 | 272 | TSS_PCR_EVENT *event; |
268 | 273 | char * str; |
@@ -86,10 +86,12 @@ int verifierHandleCapability( | ||
86 | 86 | OPENPTS_UUID *verifier_uuid = NULL; |
87 | 87 | int rc = 0; |
88 | 88 | int i; |
89 | - char * collector_dir = NULL; | |
90 | - char * rm_dir = NULL; | |
91 | 89 | OPENPTS_CONFIG *target_conf = NULL; |
92 | 90 | OPENPTS_CONFIG *conf = NULL; |
91 | + // local buffer | |
92 | + char * collector_dir = NULL; | |
93 | + char * rm_dir = NULL; | |
94 | + | |
93 | 95 | |
94 | 96 | /**/ |
95 | 97 | conf = ctx->conf; |
@@ -349,9 +351,11 @@ int verifierHandleCapability( | ||
349 | 351 | } |
350 | 352 | } |
351 | 353 | |
352 | - return PTS_SUCCESS; | |
354 | + rc = PTS_SUCCESS; | |
353 | 355 | |
354 | 356 | close: |
357 | + if (rm_dir != NULL) free(rm_dir); | |
358 | + if (collector_dir != NULL) free(collector_dir); | |
355 | 359 | |
356 | 360 | return rc; |
357 | 361 | } |
@@ -1045,7 +1049,10 @@ int enroll( | ||
1045 | 1049 | } |
1046 | 1050 | |
1047 | 1051 | /* save target conf */ |
1048 | - writeTargetConf(target_conf, target_conf->uuid->uuid, target_conf->config_file); // ctx.c | |
1052 | + writeTargetConf( | |
1053 | + target_conf, | |
1054 | + target_conf->uuid->uuid, | |
1055 | + target_conf->config_file); // conf.c | |
1049 | 1056 | |
1050 | 1057 | /* OK */ |
1051 | 1058 | rc = PTS_SUCCESS; |
@@ -1088,8 +1095,8 @@ int verifier( | ||
1088 | 1095 | /* TLV/PTS */ |
1089 | 1096 | PTS_IF_M_Attribute *read_tlv = NULL; |
1090 | 1097 | OPENPTS_CONFIG *conf; |
1091 | - char * collector_dir = NULL; | |
1092 | - char * rm_dir = NULL; | |
1098 | + // char * collector_dir = NULL; | |
1099 | + // char * rm_dir = NULL; | |
1093 | 1100 | OPENPTS_IF_M_Capability *cap; |
1094 | 1101 | |
1095 | 1102 | DEBUG("verifier() - start\n"); |
@@ -1276,8 +1283,8 @@ int verifier( | ||
1276 | 1283 | out: |
1277 | 1284 | /* free */ |
1278 | 1285 | if (read_tlv != NULL) freePtsTlv(read_tlv); |
1279 | - if (collector_dir != NULL) free(collector_dir); | |
1280 | - if (rm_dir != NULL) free(rm_dir); | |
1286 | + // if (collector_dir != NULL) free(collector_dir); | |
1287 | + // if (rm_dir != NULL) free(rm_dir); | |
1281 | 1288 | if ((rc == PTS_VERIFY_FAILED) && (mode == 1)) { |
1282 | 1289 | DEBUG("verifier() - update the policy"); |
1283 | 1290 | rc = PTS_SUCCESS; |