2020-03-03 04:58:57 +03:00
|
|
|
// Copyright (c) Microsoft Corporation. All rights reserved.
|
|
|
|
|
// Licensed under the MIT license.
|
|
|
|
|
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <stddef.h>
|
|
|
|
|
#include <string.h>
|
2022-11-17 00:48:36 +03:00
|
|
|
#include "platform_api.h"
|
2020-03-03 04:58:57 +03:00
|
|
|
#include "manifest_pcr.h"
|
|
|
|
|
#include "manifest_logging.h"
|
2023-02-01 00:27:55 +03:00
|
|
|
#include "common/unused.h"
|
2020-03-03 04:58:57 +03:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Initialize common manifest PCR management. This is only intended to be initialized as part of
|
|
|
|
|
* a parent module. No null checking will be done on the input parameters.
|
|
|
|
|
*
|
|
|
|
|
* @param pcr The PCR management to initialize.
|
|
|
|
|
* @param hash The hash engine to use for generating PCR measurements.
|
|
|
|
|
* @param store The PCR store to update as the CFM changes.
|
2020-04-25 05:59:16 +03:00
|
|
|
* @param manifest_measurement The identifier for the manifest measurement in the PCR.
|
|
|
|
|
* @param manifest_id_measurement The identifier for the manifest ID measurement in the PCR.
|
|
|
|
|
* @param manifest_platform_id_measurement The identifier for the manifest platform ID measurement
|
|
|
|
|
* in the PCR.
|
|
|
|
|
* @param error The error code to return if measurements are not unique
|
2020-03-03 04:58:57 +03:00
|
|
|
*
|
|
|
|
|
* @return 0 if the PCR manager was successfully initialized or an error code.
|
|
|
|
|
*/
|
|
|
|
|
int manifest_pcr_init (struct manifest_pcr *pcr, struct hash_engine *hash,
|
2020-04-25 05:59:16 +03:00
|
|
|
struct pcr_store *store, uint16_t manifest_measurement, uint16_t manifest_id_measurement,
|
|
|
|
|
uint16_t manifest_platform_id_measurement, int error)
|
2020-03-03 04:58:57 +03:00
|
|
|
{
|
|
|
|
|
int status;
|
|
|
|
|
|
2020-04-25 05:59:16 +03:00
|
|
|
if ((manifest_measurement == manifest_id_measurement) ||
|
|
|
|
|
(manifest_measurement == manifest_platform_id_measurement) ||
|
|
|
|
|
(manifest_id_measurement == manifest_platform_id_measurement)) {
|
|
|
|
|
return error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
status = pcr_store_check_measurement_type (store, manifest_measurement);
|
|
|
|
|
if (status != 0) {
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
status = pcr_store_check_measurement_type (store, manifest_id_measurement);
|
|
|
|
|
if (status != 0) {
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
status = pcr_store_check_measurement_type (store, manifest_platform_id_measurement);
|
2020-03-03 04:58:57 +03:00
|
|
|
if (status != 0) {
|
|
|
|
|
return status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pcr->hash = hash;
|
|
|
|
|
pcr->store = store;
|
2020-04-25 05:59:16 +03:00
|
|
|
pcr->manifest_measurement = manifest_measurement;
|
|
|
|
|
pcr->manifest_id_measurement = manifest_id_measurement;
|
|
|
|
|
pcr->manifest_platform_id_measurement = manifest_platform_id_measurement;
|
2020-03-03 04:58:57 +03:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Release the resources used for manifest PCR management.
|
|
|
|
|
*
|
|
|
|
|
* @param pcr The PCR manager to release.
|
|
|
|
|
*/
|
|
|
|
|
void manifest_pcr_release (struct manifest_pcr *pcr)
|
|
|
|
|
{
|
2023-02-01 00:27:55 +03:00
|
|
|
UNUSED (pcr);
|
2020-03-03 04:58:57 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2020-07-22 22:42:31 +03:00
|
|
|
* Record the measurement for the provided manifest.
|
2020-03-03 04:58:57 +03:00
|
|
|
*
|
|
|
|
|
* @param pcr The PCR manager that will record the measurement.
|
|
|
|
|
* @param active The manifest to measure.
|
|
|
|
|
*/
|
2023-02-01 00:27:55 +03:00
|
|
|
void manifest_pcr_record_manifest_measurement (const struct manifest_pcr *pcr,
|
|
|
|
|
struct manifest *active)
|
2020-03-03 04:58:57 +03:00
|
|
|
{
|
2021-01-12 08:21:09 +03:00
|
|
|
uint8_t manifest_measurement[SHA512_HASH_LENGTH] = {0};
|
|
|
|
|
int measurement_length = SHA256_HASH_LENGTH;
|
2020-06-30 22:22:59 +03:00
|
|
|
uint8_t id[5];
|
2020-04-25 05:59:16 +03:00
|
|
|
char *platform_id = NULL;
|
2020-06-30 22:22:59 +03:00
|
|
|
char empty_string = '\0';
|
2020-03-03 04:58:57 +03:00
|
|
|
int status;
|
|
|
|
|
|
2020-07-29 05:57:30 +03:00
|
|
|
if (active) {
|
2021-01-12 08:21:09 +03:00
|
|
|
measurement_length = active->get_hash (active, pcr->hash, manifest_measurement,
|
2020-06-30 22:22:59 +03:00
|
|
|
sizeof (manifest_measurement));
|
2021-01-12 08:21:09 +03:00
|
|
|
if (ROT_IS_ERROR (measurement_length)) {
|
2020-07-29 05:57:30 +03:00
|
|
|
debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_MANIFEST,
|
2021-01-12 08:21:09 +03:00
|
|
|
MANIFEST_LOGGING_GET_MEASUREMENT_FAIL, pcr->manifest_measurement,
|
|
|
|
|
measurement_length);
|
2020-07-29 05:57:30 +03:00
|
|
|
return;
|
|
|
|
|
}
|
2020-03-03 04:58:57 +03:00
|
|
|
}
|
2020-07-25 22:30:46 +03:00
|
|
|
|
|
|
|
|
status = pcr_store_update_versioned_buffer (pcr->store, pcr->hash, pcr->manifest_measurement,
|
2021-01-12 08:21:09 +03:00
|
|
|
manifest_measurement, measurement_length, true, 0);
|
2020-03-03 04:58:57 +03:00
|
|
|
if (status != 0) {
|
|
|
|
|
debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_MANIFEST,
|
2020-04-25 05:59:16 +03:00
|
|
|
MANIFEST_LOGGING_RECORD_MEASUREMENT_FAIL, pcr->manifest_measurement, status);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-30 22:22:59 +03:00
|
|
|
if (active == NULL) {
|
|
|
|
|
memset (id, 0, sizeof (id));
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
id[0] = 1;
|
|
|
|
|
status = active->get_id (active, (uint32_t*) &id[1]);
|
|
|
|
|
if (status != 0) {
|
|
|
|
|
debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_MANIFEST,
|
|
|
|
|
MANIFEST_LOGGING_GET_ID_FAIL, pcr->manifest_id_measurement, status);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2020-04-25 05:59:16 +03:00
|
|
|
}
|
|
|
|
|
|
2020-07-25 22:30:46 +03:00
|
|
|
status = pcr_store_update_versioned_buffer (pcr->store, pcr->hash, pcr->manifest_id_measurement,
|
|
|
|
|
id, sizeof (id), true, 0);
|
2020-04-25 05:59:16 +03:00
|
|
|
if (status != 0) {
|
|
|
|
|
debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_MANIFEST,
|
|
|
|
|
MANIFEST_LOGGING_RECORD_MEASUREMENT_FAIL, pcr->manifest_id_measurement, status);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-30 22:22:59 +03:00
|
|
|
if (active == NULL) {
|
|
|
|
|
platform_id = &empty_string;
|
|
|
|
|
}
|
|
|
|
|
else {
|
2021-01-12 08:21:09 +03:00
|
|
|
status = active->get_platform_id (active, &platform_id, 0);
|
2020-06-30 22:22:59 +03:00
|
|
|
if (status != 0) {
|
|
|
|
|
debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_MANIFEST,
|
2020-07-29 05:57:30 +03:00
|
|
|
MANIFEST_LOGGING_GET_PLATFORM_ID_FAIL, pcr->manifest_platform_id_measurement,
|
|
|
|
|
status);
|
2020-06-30 22:22:59 +03:00
|
|
|
return;
|
|
|
|
|
}
|
2020-04-25 05:59:16 +03:00
|
|
|
}
|
|
|
|
|
|
2020-07-25 22:30:46 +03:00
|
|
|
status = pcr_store_update_versioned_buffer (pcr->store, pcr->hash,
|
|
|
|
|
pcr->manifest_platform_id_measurement, (uint8_t*) platform_id, strlen (platform_id) + 1,
|
|
|
|
|
true, 0);
|
2020-04-25 05:59:16 +03:00
|
|
|
if (status != 0) {
|
|
|
|
|
debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_MANIFEST,
|
2020-07-29 05:57:30 +03:00
|
|
|
MANIFEST_LOGGING_RECORD_MEASUREMENT_FAIL, pcr->manifest_platform_id_measurement,
|
|
|
|
|
status);
|
2020-03-03 04:58:57 +03:00
|
|
|
}
|
2020-04-25 05:59:16 +03:00
|
|
|
|
2020-06-30 22:22:59 +03:00
|
|
|
if (active != NULL) {
|
2021-01-12 08:21:09 +03:00
|
|
|
active->free_platform_id (active, platform_id);
|
2020-06-30 22:22:59 +03:00
|
|
|
}
|
2020-03-03 04:58:57 +03:00
|
|
|
}
|
