-
-
Save eduardolfalcao/24ec9c234d53a2b82ba9859168213c41 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <sys/types.h> | |
| #include <sys/stat.h> | |
| #include <fcntl.h> | |
| #include <string.h> | |
| #include <unistd.h> | |
| #include "config.h" | |
| #include "test.h" | |
| #if HAVE_OPENSSL_SHA_H | |
| #include <openssl/sha.h> | |
| #endif | |
| #define MAX_EVENT_SIZE 200000 | |
| #define EVENT_HEADER_SIZE 32 | |
| #define MAX_EVENT_DATA_SIZE (MAX_EVENT_SIZE - EVENT_HEADER_SIZE) | |
| #define NUM_PCRS 8 /* PCR registers 0-7 in boot aggregate */ | |
| char *TCID = "ima_boot_aggregate"; | |
| int TST_TOTAL = 1; | |
| #ifndef DEBUG | |
| int DEBUG = 1; | |
| #endif | |
| static void display_sha1_digest(unsigned char *pcr) | |
| { | |
| int i; | |
| for (i = 0; i < 20; i++) | |
| printf("%02x", *(pcr + i) & 0xff); | |
| printf("\n"); | |
| } | |
| int main(int argc, char *argv[]) | |
| { | |
| #if HAVE_OPENSSL_SHA_H | |
| unsigned char boot_aggregate[SHA_DIGEST_LENGTH]; | |
| struct { | |
| struct { | |
| u_int32_t pcr; | |
| int type; | |
| unsigned char digest[SHA_DIGEST_LENGTH]; | |
| u_int32_t len; | |
| } header; | |
| unsigned char data[MAX_EVENT_DATA_SIZE]; | |
| } event; | |
| struct { | |
| unsigned char digest[SHA_DIGEST_LENGTH]; | |
| } pcr[NUM_PCRS]; | |
| FILE *fp; | |
| int i; | |
| SHA_CTX c; | |
| if (argc != 2) { | |
| printf("format: %s binary_bios_measurement file\n", argv[0]); | |
| return 1; | |
| } | |
| fp = fopen(argv[1], "r"); | |
| if (!fp) { | |
| perror("unable to open pcr file\n"); | |
| return 1; | |
| } | |
| /* Initialize psuedo PCR registers 0 - 7 */ | |
| for (i = 0; i < NUM_PCRS; i++) | |
| memset(&pcr[i].digest, 0, SHA_DIGEST_LENGTH); | |
| /* Extend the pseudo PCRs with the event digest */ | |
| while (fread(&event, sizeof(event.header), 1, fp)) { | |
| if (DEBUG) { | |
| printf("PCR=%03u ", event.header.pcr); | |
| display_sha1_digest(event.header.digest); | |
| } | |
| SHA1_Init(&c); | |
| SHA1_Update(&c, pcr[event.header.pcr].digest, 20); | |
| SHA1_Update(&c, event.header.digest, 20); | |
| SHA1_Final(pcr[event.header.pcr].digest, &c); | |
| if (event.header.len > MAX_EVENT_DATA_SIZE) { | |
| printf("Error event too long %u\n", event.header.len); | |
| // TODO: hack for comparison error between signed and unsigned thing apparently. | |
| // The event that causes it have 21 as it size, so just fseek 21 to continue parsing | |
| fseek(fp, 21, SEEK_CUR); | |
| //break; | |
| } | |
| else { | |
| fseek(fp, event.header.len, SEEK_CUR); | |
| } | |
| } | |
| fclose(fp); | |
| /* Extend the boot aggregate with the pseudo PCR digest values */ | |
| memset(&boot_aggregate, 0, SHA_DIGEST_LENGTH); | |
| SHA1_Init(&c); | |
| for (i = 0; i < NUM_PCRS; i++) { | |
| if (DEBUG) { | |
| printf("PCR-%2.2x: ", i); | |
| display_sha1_digest(pcr[i].digest); | |
| } | |
| SHA1_Update(&c, pcr[i].digest, 20); | |
| } | |
| SHA1_Final(boot_aggregate, &c); | |
| printf("boot_aggregate:"); | |
| display_sha1_digest(boot_aggregate); | |
| #else | |
| tst_resm(TCONF, "System doesn't have openssl/sha.h"); | |
| #endif | |
| tst_exit(); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment