• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2 * Copyright (c) International Business Machines  Corp., 2009
3 *
4 * Authors:
5 * Mimi Zohar <zohar@us.ibm.com>
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License as
9 * published by the Free Software Foundation, version 2 of the
10 * License.
11 *
12 * File: ima_boot_aggregate.c
13 *
14 * Calculate a SHA1 boot aggregate value based on the TPM
15 * binary_bios_measurements.
16 */
17 #include <stdio.h>
18 #include <stdlib.h>
19 #include <sys/types.h>
20 #include <sys/stat.h>
21 #include <fcntl.h>
22 #include <string.h>
23 #include <unistd.h>
24 #include <limits.h>
25 
26 #include "config.h"
27 #include "test.h"
28 
29 char *TCID = "ima_boot_aggregate";
30 
31 #if HAVE_LIBCRYPTO
32 #include <openssl/sha.h>
33 
34 #define MAX_EVENT_SIZE (1024*1024)
35 #define EVENT_HEADER_SIZE 32
36 #define MAX_EVENT_DATA_SIZE (MAX_EVENT_SIZE - EVENT_HEADER_SIZE)
37 #define NUM_PCRS 8		/*  PCR registers 0-7 in boot aggregate */
38 
39 int TST_TOTAL = 1;
40 
display_sha1_digest(unsigned char * pcr)41 static void display_sha1_digest(unsigned char *pcr)
42 {
43 	int i;
44 
45 	for (i = 0; i < 20; i++)
46 		printf("%02x", *(pcr + i) & 0xff);
47 	printf("\n");
48 }
49 
main(int argc,char * argv[])50 int main(int argc, char *argv[])
51 {
52 	unsigned char boot_aggregate[SHA_DIGEST_LENGTH];
53 	struct {
54 		struct {
55 			u_int32_t pcr;
56 			int type;
57 			unsigned char digest[SHA_DIGEST_LENGTH];
58 			u_int16_t len;
59 		} header;
60 		char *data;
61 	} event;
62 	struct {
63 		unsigned char digest[SHA_DIGEST_LENGTH];
64 	} pcr[NUM_PCRS];
65 	FILE *fp;
66 	int i;
67 	int debug = 0;
68 	SHA_CTX c;
69 
70 	if (argc != 2) {
71 		printf("format: %s binary_bios_measurement file\n", argv[0]);
72 		return 1;
73 	}
74 	fp = fopen(argv[1], "r");
75 	if (!fp) {
76 		perror("unable to open pcr file\n");
77 		return 1;
78 	}
79 
80 	/* Initialize psuedo PCR registers 0 - 7 */
81 	for (i = 0; i < NUM_PCRS; i++)
82 		memset(&pcr[i].digest, 0, SHA_DIGEST_LENGTH);
83 
84 	event.data = malloc(MAX_EVENT_DATA_SIZE);
85 	if (!event.data) {
86 		printf("Cannot allocate memory\n");
87 		return 1;
88 	}
89 
90 	/* Extend the pseudo PCRs with the event digest */
91 	while (fread(&event, sizeof(event.header), 1, fp)) {
92 		if (debug) {
93 			printf("%03u ", event.header.pcr);
94 			display_sha1_digest(event.header.digest);
95 		}
96 		SHA1_Init(&c);
97 		SHA1_Update(&c, pcr[event.header.pcr].digest, 20);
98 		SHA1_Update(&c, event.header.digest, 20);
99 		SHA1_Final(pcr[event.header.pcr].digest, &c);
100 #if MAX_EVENT_DATA_SIZE < USHRT_MAX
101 		if (event.header.len > MAX_EVENT_DATA_SIZE) {
102 			printf("Error event too long\n");
103 			break;
104 		}
105 #endif
106 		fread(event.data, event.header.len, 1, fp);
107 	}
108 	fclose(fp);
109 	free(event.data);
110 
111 	/* Extend the boot aggregate with the pseudo PCR digest values */
112 	memset(&boot_aggregate, 0, SHA_DIGEST_LENGTH);
113 	SHA1_Init(&c);
114 	for (i = 0; i < NUM_PCRS; i++) {
115 		if (debug) {
116 			printf("PCR-%2.2x: ", i);
117 			display_sha1_digest(pcr[i].digest);
118 		}
119 		SHA1_Update(&c, pcr[i].digest, 20);
120 	}
121 	SHA1_Final(boot_aggregate, &c);
122 
123 	printf("boot_aggregate:");
124 	display_sha1_digest(boot_aggregate);
125 	tst_exit();
126 }
127 
128 #else
main(void)129 int main(void)
130 {
131 	tst_brkm(TCONF, NULL, "test requires libcrypto and openssl development packages");
132 }
133 #endif
134