/*
* see section 3.8.1 of TCG TNC IF-IMV Specification 1.3
*/
TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
TNC_Version min_version,
TNC_Version max_version,
TNC_Version *actual_version)
{
char *uri;
if (imv_os)
{
DBG1(DBG_IMV, "IMV \"%s\" has already been initialized", imv_name);
return TNC_RESULT_ALREADY_INITIALIZED;
}
imv_os = imv_agent_create(imv_name, msg_types, countof(msg_types),
imv_id, actual_version);
if (!imv_os)
{
return TNC_RESULT_FATAL;
}
if (min_version > TNC_IFIMV_VERSION_1 || max_version < TNC_IFIMV_VERSION_1)
{
DBG1(DBG_IMV, "no common IF-IMV version");
return TNC_RESULT_NO_COMMON_VERSION;
}
/* attach OS database */
uri = lib->settings->get_str(lib->settings,
"libimcv.plugins.imv-os.database", NULL);
if (uri)
{
os_db = imv_os_database_create(uri);
}
return TNC_RESULT_SUCCESS;
}
/*
* see section 3.8.1 of TCG TNC IF-IMV Specification 1.3
*/
TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
TNC_Version min_version,
TNC_Version max_version,
TNC_Version *actual_version)
{
if (imv_scanner)
{
DBG1(DBG_IMV, "IMV \"%s\" has already been initialized", imv_name);
return TNC_RESULT_ALREADY_INITIALIZED;
}
imv_scanner = imv_agent_create(imv_name, msg_types, 1, imv_id, actual_version);
if (!imv_scanner)
{
return TNC_RESULT_FATAL;
}
if (min_version > TNC_IFIMV_VERSION_1 || max_version < TNC_IFIMV_VERSION_1)
{
DBG1(DBG_IMV, "no common IF-IMV version");
return TNC_RESULT_NO_COMMON_VERSION;
}
/* set the default port policy to closed (TRUE) or open (FALSE) */
closed_port_policy = lib->settings->get_bool(lib->settings,
"libimcv.plugins.imv-scanner.closed_port_policy", TRUE);
DBG2(DBG_IMV, "default port policy is %s ports",
closed_port_policy ? "closed" : "open");
/* get the list of open|closed ports */
tcp_ports = get_port_list("tcp");
udp_ports = get_port_list("udp");
return TNC_RESULT_SUCCESS;
}
/**
* see section 3.8.1 of TCG TNC IF-IMV Specification 1.3
*/
TNC_Result TNC_IMV_Initialize(TNC_IMVID imv_id,
TNC_Version min_version,
TNC_Version max_version,
TNC_Version *actual_version)
{
char *hash_alg, *dh_group, *uri, *cadir;
if (imv_attestation)
{
DBG1(DBG_IMV, "IMV \"%s\" has already been initialized", imv_name);
return TNC_RESULT_ALREADY_INITIALIZED;
}
if (!pts_meas_algo_probe(&supported_algorithms) ||
!pts_dh_group_probe(&supported_dh_groups))
{
return TNC_RESULT_FATAL;
}
imv_attestation = imv_agent_create(imv_name, msg_types, countof(msg_types),
imv_id, actual_version);
if (!imv_attestation)
{
return TNC_RESULT_FATAL;
}
libpts_init();
if (min_version > TNC_IFIMV_VERSION_1 || max_version < TNC_IFIMV_VERSION_1)
{
DBG1(DBG_IMV, "no common IF-IMV version");
return TNC_RESULT_NO_COMMON_VERSION;
}
hash_alg = lib->settings->get_str(lib->settings,
"libimcv.plugins.imv-attestation.hash_algorithm", "sha256");
dh_group = lib->settings->get_str(lib->settings,
"libimcv.plugins.imv-attestation.dh_group", "ecp256");
if (!pts_meas_algo_update(hash_alg, &supported_algorithms) ||
!pts_dh_group_update(dh_group, &supported_dh_groups))
{
return TNC_RESULT_FATAL;
}
/* create a PTS credential manager */
pts_credmgr = credential_manager_create();
/* create PTS credential set */
cadir = lib->settings->get_str(lib->settings,
"libimcv.plugins.imv-attestation.cadir", NULL);
pts_creds = pts_creds_create(cadir);
if (pts_creds)
{
pts_credmgr->add_set(pts_credmgr, pts_creds->get_set(pts_creds));
}
/* attach file measurement database */
uri = lib->settings->get_str(lib->settings,
"libimcv.plugins.imv-attestation.database", NULL);
pts_db = pts_database_create(uri);
return TNC_RESULT_SUCCESS;
}
