int build_compute_pcrlib(char * dev,char * compute_desc,int trust_level) { char digest[DIGEST_SIZE]; struct tcm_pcr_set * pcrs; struct tcm_pcr_set * boot_pcrs; char desc[512]; int i; int ret; // build this image's MBR policy boot_pcrs=build_MBR_pcrpolicy(dev,compute_desc); if(boot_pcrs!=NULL) { boot_pcrs->trust_level=trust_level; AddPolicy(boot_pcrs,"PCRP"); } for(i=0;compute_pcr_filelist[i].filelist!=NULL;i++) { sprintf(desc,"%s %s",compute_desc,compute_pcr_filelist[i].tail_desc); pcrs=build_filelist_policy(NULL,compute_pcr_filelist[i].filelist, compute_pcr_filelist[i].pcr_index,desc); pcrs->trust_level=trust_level; AddPolicy(pcrs,"PCRP"); } ExportPolicy("PCRP"); return 0; }
int proc_key_storage(void * sub_proc,void * message) { const char * type; int i; int ret; printf("begin proc key storage \n"); struct message_box * msg_box=message; void * record; i=0; ret=message_get_record(message,&record,i++); if(ret<0) return ret; while(record!=NULL) { AddPolicy(record,"NKLD"); ret=message_get_record(message,&record,i++); if(ret<0) return ret; } ExportPolicy("NKLD"); return ret; }
int proc_store_vm(void * sub_proc,void * message) { MESSAGE_HEAD * message_head; struct vm_info * vm; int retval; int count=0; int i; char local_uuid[DIGEST_SIZE*2+1]; char proc_name[DIGEST_SIZE*2+1]; struct platform_info * host; retval=proc_share_data_getvalue("uuid",local_uuid); if(retval<0) return retval; retval=proc_share_data_getvalue("proc_name",proc_name); if(retval<0) return retval; // monitor send a new vm message // memset(vm,0,sizeof(struct vm_info)); vm = NULL; for(i=0;i<MAX_RECORD_NUM;i++) { retval=message_get_record(message,&vm,i); if(retval<0) break; if(vm==NULL) break; void * oldvm; printf("policy server receive vm %s's info from monitor!\n",vm->uuid); FindPolicy(vm->uuid,"VM_I",&oldvm); if(oldvm!=NULL) { printf("this vm already in the VM_I lib!\n"); continue; } GetFirstPolicy(&host,"PLAI"); while(host!=NULL) { if(!strncmp(vm->host,host->name,DIGEST_SIZE*2)) { memcpy(vm->platform_uuid,host->uuid,DIGEST_SIZE*2); AddPolicy(vm,"VM_I"); break; } GetNextPolicy(&host,"PLAI"); } if(host==NULL) { printf("can't find vm %s's host!\n",vm->uuid); continue; } } // send a message to manager_trust retval=ExportPolicyToFile("./lib/VM_I.lib","VM_I"); // send a message to manager_trust return count; }
//int build_glance_image_policy(char * uuid,void ** boot_pcrs, void ** running_pcrs,int devno,void ** policy) int build_glance_image_policy(char * uuid,void ** boot_pcrs, void ** running_pcrs,void ** policy) { char cmd[512]; char desc[512]; char namebuf[512]; char digest[DIGEST_SIZE]; struct policy_file * pfile; struct vm_policy * image_policy; void * struct_template; int ret; void * sec_respool; void * sec_res; struct tcm_pcr_set * image_boot_pcrs; struct tcm_pcr_set * image_running_pcrs; sprintf(namebuf,"/var/lib/glance/images/%s",uuid); char dev[DIGEST_SIZE*2]; char part_dev[DIGEST_SIZE*2]; char mountpoint[DIGEST_SIZE*2]; /* sprintf(dev,"/dev/nbd%d",devno); sprintf(mountpoint,"./mnt%d",devno); */ sec_respool=find_sec_respool("image_mntpoint"); ret=sec_respool_getres(sec_respool,&sec_res); sec_resource_getvalue(sec_res,"dev_name",dev); sec_resource_getvalue(sec_res,"mount_path",mountpoint); sprintf(cmd,"mkdir %s",mountpoint); system(cmd); mount_image(namebuf,dev,mountpoint); ret=build_image_boot_pcrs(dev,mountpoint,uuid,&image_boot_pcrs); ret=build_image_running_pcrs(dev,mountpoint,uuid,&image_running_pcrs); ret=build_entity_policy(uuid,NULL,image_boot_pcrs,image_running_pcrs,uuid,&image_policy); if(image_policy!=NULL) AddPolicy(image_policy,"IMGP"); umount_image(dev,mountpoint); sprintf(cmd,"rmdir %s",mountpoint); system(cmd); ExportPolicy("IMGP"); *boot_pcrs=image_boot_pcrs; *running_pcrs=image_running_pcrs; *policy=image_policy; return 0; }
/** \brief adds new element to queue. * \param e element to be added. */ void push(const value_type &e) { { const AddPolicy ap=AddPolicy(); const Lock lock(mutex_); if( !ap(q_, e) ) // element should not be added? return; q_.push_back(e); // add element to queue } cond_.notify_one(); // signal presence of new entry }
int vtpm_memdb_init() // get the tpm information and init the vtpm database { int retval; int ret; char * record_package; TSS_HKEY hSignKey; TSS_RESULT result; BYTE digest[DIGEST_SIZE]; struct vTPM_info *local_tpm; struct vTPM_wrappedkey *local_signkey; struct vTPM_publickey *local_signpubkey; char * keypass="******"; local_tpm=malloc(sizeof(struct vTPM_info)); if(local_tpm==NULL) return -ENOMEM; local_signkey=malloc(sizeof(struct vTPM_wrappedkey)); if(local_signkey==NULL) return -ENOMEM; local_signpubkey=malloc(sizeof(struct vTPM_publickey)); if(local_signpubkey==NULL) return -ENOMEM; // if it is the first time to exec it, we should create a sign key for controller. result=TESI_Local_Reload(); if ( result != TSS_SUCCESS ) { printf("TESI_Local_Load Err!\n"); return result; } // create this vtpm's info struct char local_uuid[DIGEST_SIZE*2+1]; ret=proc_share_data_getvalue("uuid",local_uuid); ret=create_physical_tpm_struct(local_tpm,local_uuid,"vtpm_manager","ooo","sss",NULL,NULL); AddPolicy(local_tpm,"VM_T"); ExportPolicyToFile("lib/VM_T.lib","VM_T"); printf("create local tpm info success!\n"); TESI_Local_Fin(); return 0; }
int build_image_pcrlib(char * dev,char *mountpoint,char * image_desc,int trust_level) { char digest[DIGEST_SIZE]; struct tcm_pcr_set * pcrs; struct tcm_pcr_set * boot_pcrs; char desc[512]; int i; int ret; // build this image's MBR policy boot_pcrs=build_MBR_pcrpolicy(dev,image_desc); if(boot_pcrs!=NULL) { boot_pcrs->trust_level=trust_level; AddPolicy(boot_pcrs,"PCRP"); ExportPolicy("PCRP"); } build_image_kernelpcr(mountpoint,image_desc,trust_level); for(i=0;vm_pcr_filelist[i].filelist!=NULL;i++) { if(vm_pcr_filelist[i].trust_level!=trust_level) continue; sprintf(desc,"%s %s",image_desc,vm_pcr_filelist[i].tail_desc); pcrs=build_filelist_policy(mountpoint,vm_pcr_filelist[i].filelist, vm_pcr_filelist[i].pcr_index,desc); if(pcrs!=NULL) { pcrs->trust_level=trust_level; AddPolicy(pcrs,"PCRP"); } } ExportPolicy("PCRP"); return 0; }
int proc_store_vm_policy(void * sub_proc,void * message) { MESSAGE_HEAD * message_head; struct vm_policy * vm; int retval; int ret; int count=0; int i; char local_uuid[DIGEST_SIZE*2+1]; char proc_name[DIGEST_SIZE*2+1]; ret=proc_share_data_getvalue("uuid",local_uuid); if(ret<0) return ret; ret=proc_share_data_getvalue("proc_name",proc_name); if(ret<0) return ret; printf("begin vm policy process!\n"); // monitor send a new vm message // memset(vm,0,sizeof(struct vm_policy)); vm = NULL; for(i=0;i<MAX_RECORD_NUM;i++) { retval=message_get_record(message,&vm,i); if(retval<0) break; if(vm==NULL) break; void * oldvm; printf("policy server receive vm %s's info from monitor!\n",vm->uuid); FindPolicy(vm->uuid,"VM_P",&oldvm); if(oldvm!=NULL) { printf("this vm already in the VM_I lib!\n"); continue; } AddPolicy(vm,"VM_P"); } // send a message to manager_trust retval=ExportPolicyToFile("./lib/VM_P.lib","VM_P"); // forward message to verifier return count; }
int build_image_kernelpcr(char * mountpoint,char * image_desc,int trust_level) { char *boot_file_list[]={ "/boot/grub/grub.conf", "/boot/grub/menu.lst", NULL }; FILE * fp; char *file_arg[MAX_ARG_NUM]; char filename[512]; char kernelname[256]; char initrdname[256]; int retval; int i; struct tcm_pcr_set * pcrs; char digest[DIGEST_SIZE]; char desc[512]; for(i=0;boot_file_list[i]!=NULL;i++) { sprintf(filename,"%s/%s",mountpoint,boot_file_list[i]); fp=fopen(filename,"r"); if(fp!=NULL) break; } if(boot_file_list[i]==NULL) { printf("can't find image %s's boot file\n ",image_desc); return -EINVAL; } file_arg[0]=malloc(MAX_LINE_LEN); if(file_arg[0]==NULL) return -ENOMEM; do { retval=read_arg(fp,file_arg); if(retval<0) break; if(retval==0) continue; if(strcmp(file_arg[0],"kernel")!=0) continue; strncpy(kernelname,file_arg[1],256); retval=read_arg(fp,file_arg); if(retval<0) break; if(retval==0) continue; if(strcmp(file_arg[0],"initrd")!=0) continue; strncpy(initrdname,file_arg[1],256); pcrs=build_empty_pcr_set(); sprintf(desc,"image %s 's kernel digest",image_desc); pcrs->policy_describe=dup_str(desc,0); sprintf(filename,"%s/%s",mountpoint,kernelname); calculate_sm3(filename,digest); add_pcr_to_set(pcrs,KERNEL_PCR_INDEX,digest); sprintf(filename,"%s/%s",mountpoint,initrdname); calculate_sm3(filename,digest); add_pcr_to_set(pcrs,KERNEL_PCR_INDEX,digest); pcrs->trust_level=trust_level; AddPolicy(pcrs,"PCRP"); // break; }while(1); ExportPolicy("PCRP"); return 0; }
int main(int argc,char *argv[]) { int i,j,num; int retval; int recordsize,certsize; int templen; void *p; unsigned char *temp; struct stat statbuf; BYTE * buffer, *databuffer; int fd; retval=0; // test the policy function InitPolicyLib(); LoadTxtPolicyFile("../txtpolicy/sublist.txt","SUBL",&buffer); LoadPolicyData(buffer); free(buffer); char * newPolicyString="/etc/rc2.d/s02syslog syslog 0 16 AAAAAAAAAAA 20 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; void * policy; policy=BuildPolicy(newPolicyString,"SUBL"); if(policy==NULL) { printf("Build Policy Struct Error!"); return 0; } OutPutPolicy(policy,"SUBL"); printf("\n"); AddPolicy(policy,"SUBL"); char * newPolicyString1="/etc/rc2.d/s02syslog device 0 12 AAAAAAAAAAA 0"; policy=BuildPolicy(newPolicyString1,"SUBL"); if(policy==NULL) { printf("Build Policy Struct Error!"); return 0; } AddPolicy(policy,"SUBL"); policy=FindPolicy("$auditd","SUBL"); UpdatePolicyFile("SUBL"); LoadPolicy("SUBL"); policy=GetFirstPolicy("SUBL"); i=0; while(policy!=NULL) { OutPutPolicy(policy,"SUBL"); printf("\n"); policy=GetNextPolicy("SUBL"); i++; } // update OBJL policy LoadTxtPolicyFile("../txtpolicy/objlist.txt","OBJL",&buffer); LoadPolicyData(buffer); free(buffer); policy=GetFirstPolicy("OBJL"); i=0; while(policy!=NULL) { OutPutPolicy(policy,"OBJL"); printf("\n"); policy=GetNextPolicy("OBJL"); i++; } UpdatePolicyFile("OBJL"); // update AUUL policy LoadTxtPolicyFile("../txtpolicy/uidfile.txt","AUUL",&buffer); LoadPolicyData(buffer); free(buffer); policy=GetFirstPolicy("AUUL"); i=0; while(policy!=NULL) { OutPutPolicy(policy,"AUUL"); printf("\n"); policy=GetNextPolicy("AUUL"); i++; } UpdatePolicyFile("AUUL"); // update AUDI policy LoadTxtPolicyFile("../txtpolicy/auditlist.txt","AUDI",&buffer); LoadPolicyData(buffer); free(buffer); policy=GetFirstPolicy("AUDI"); i=0; while(policy!=NULL) { OutPutPolicy(policy,"AUDI"); printf("\n"); policy=GetNextPolicy("AUDI"); i++; } UpdatePolicyFile("AUDI"); // test the policy function /* void * filter1, *filter2; void * auditlist; filter1=CreateAuditFilter(); filter2=CreateAuditFilter(); time_t time; time=ConvertTimeString("20111117120000"); SetAuditFilterAttr(filter1,"tm1",&time); unsigned short Bret=0xff; SetAuditFilterAttr(filter1,"Bret",&Bret); auditlist=CreateAuditList(); SetAuditFilterOp(filter1,AUDIT_PROBE_EXEC_FILE,1); SetAuditListFilter(auditlist,filter1); SetAuditListType(auditlist,KEY_AUDIT_RECORD); retval=ReadAuditList(auditlist); printf("read %d audit record!\n",retval); AUDIT_RECORD audit_record; retval=GetLastAuditRecord(&audit_record,auditlist); while(retval>0) { if(IfAuditRecordHasExpand(&audit_record)) { void * currsite; currsite=GetCurrRecordSite(auditlist); OutputAuditRecordWithExpand(&audit_record, currsite,auditlist); } else { OutputAuditRecord(&audit_record); } retval=GetPrevAuditRecord(&audit_record,auditlist); } DelAuditList(auditlist); DelAuditFilter(filter1); DelAuditFilter(filter2); */ return 0; }
int key_manage_start(void * sub_proc,void * para) { int ret; void * recv_msg; int i; const char * type; int fd; enum key_state_type{ NO_KEY, KEY_GENERATE, KEY_SHARED, KEY_ERROR }; enum key_state_type key_state=NO_KEY; struct key_request_cmd * key_req; int count; char local_uuid[DIGEST_SIZE*2+1]; char proc_name[DIGEST_SIZE*2+1]; ret=proc_share_data_getvalue("uuid",local_uuid); ret=proc_share_data_getvalue("proc_name",proc_name); void * sendmsg; ret=local_key_generate(sub_proc); if(ret<0) return ret; key_state=KEY_GENERATE; for(i=0;i<3000*1000;i++) { usleep(time_val.tv_usec); ret=sec_subject_recvmsg(sub_proc,&recv_msg); if(ret<0) continue; if(recv_msg==NULL) continue; type=message_get_recordtype(recv_msg); if(type==NULL) { message_free(recv_msg); continue; } switch(key_state){ case KEY_GENERATE: if(strncmp(type,"ACKI",4)==0) { ret=local_pubkey_share(sub_proc); if(ret<0) return ret; key_state=KEY_SHARED; } break; case KEY_SHARED: if(strncmp(type,"LOGI",4)==0) { struct login_info * user_info; int j=0; ret=message_get_record(recv_msg,&user_info,j++); while(user_info!=NULL) { ret=local_pubkey_request(sub_proc,user_info->user); if(ret<0) break; ret=message_get_record(recv_msg,&user_info,j++); if(ret<0) break; } sec_subject_sendmsg(sub_proc,recv_msg); } else if(strncmp(type,"NKLD",4)==0) { struct node_key_list * pub_keylist; int j=0; ret=message_get_record(recv_msg,&pub_keylist,j++); if(pub_keylist!=NULL) { AddPolicy(pub_keylist,"NKLD"); } ExportPolicy("NKLD"); } break; default: break; } } return 0; }
int local_key_generate(void * sub_proc) { struct node_key_list * local_keylist; struct node_key_list * pub_keylist; struct key_request_cmd * key_req; int ret; int fd; int i; int count; char uuidname[DIGEST_SIZE*2+16]; enum local_key_state{ NO_AIKEY, AIK_REQUEST, AIK_GENERATE, AIK_VERIFY, BINDKEY_GENERATE, BINDKEY_VERIFY, SIGNKEY_GENERATE, SIGNKEY_VERIFY, LOCAL_KEY_ERROR=0xffff }; enum local_key_state key_state=NO_AIKEY; char local_uuid[DIGEST_SIZE*2+1]; char proc_name[DIGEST_SIZE*2+1]; char proc_uuid[DIGEST_SIZE*2+1]; BYTE digest[DIGEST_SIZE]; char temp_uuid[DIGEST_SIZE*2]; void * sendmsg; ret=proc_share_data_getvalue("uuid",local_uuid); ret=proc_share_data_getvalue("proc_name",proc_name); comp_proc_uuid(local_uuid,proc_name,proc_uuid); ret=FindPolicy(proc_uuid,"LKLD",&local_keylist); if((ret<0) || (local_keylist==NULL)) { key_state=NO_AIKEY; local_keylist=malloc(sizeof(struct node_key_list)); if(local_keylist==NULL) return -ENOMEM; memset(local_keylist,0,sizeof(struct node_key_list)); memcpy(local_keylist->nodeuuid,proc_uuid,DIGEST_SIZE*2); memcpy(local_keylist->localuuid,local_uuid,DIGEST_SIZE*2); memcpy(local_keylist->nodename,proc_name,DIGEST_SIZE*2); local_keylist->isnodelocal=1; ret=AddPolicy(local_keylist,"LKLD"); if(ret<0) return -EINVAL; pub_keylist=malloc(sizeof(struct node_key_list)); if(pub_keylist==NULL) return -ENOMEM; memset(pub_keylist,0,sizeof(struct node_key_list)); memcpy(pub_keylist->nodeuuid,proc_uuid,DIGEST_SIZE*2); memcpy(pub_keylist->localuuid,local_uuid,DIGEST_SIZE*2); memcpy(pub_keylist->nodename,proc_name,DIGEST_SIZE*2); pub_keylist->isnodelocal=1; ret=AddPolicy(local_keylist,"NKLD"); if(ret<0) return -EINVAL; } else { ret=FindPolicy(proc_uuid,"NKLD",&pub_keylist); if(ret<0) return -EINVAL; if(local_keylist->nodeAIK[0]==0) key_state=AIK_REQUEST; else if(pub_keylist->nodeAIKSda[0]==0) key_state=AIK_GENERATE; else if(local_keylist->nodeBindKey[0]==0) key_state=AIK_VERIFY; else if(pub_keylist->nodeBindKeyVal[0]==0) key_state=BINDKEY_GENERATE; else if(local_keylist->nodeSignKey[0]==0) key_state=BINDKEY_VERIFY; else if(pub_keylist->nodeSignKeyVal[0]==0) key_state=SIGNKEY_GENERATE; else { key_state=SIGNKEY_VERIFY; return 0; } } for(i=0;i<30*1000;i++) { usleep(time_val.tv_usec); switch(key_state){ case NO_AIKEY: key_req=malloc(sizeof(struct key_request_cmd)); if(key_req==NULL) return -EINVAL; memcpy(key_req->machine_uuid,local_uuid,DIGEST_SIZE*2); memcpy(key_req->proc_name,"local",5); key_req->keyusage=TPM_KEY_IDENTITY; key_req->keyflags=0; count=0; key_state=AIK_REQUEST; sendmsg=message_create("KREC",NULL); if(sendmsg==NULL) return -EINVAL; message_add_record(sendmsg,key_req); sec_subject_sendmsg(sub_proc,sendmsg); break; case AIK_REQUEST: fd=open("pubkey/AIK.pem",O_RDONLY); if(fd>0) { close(fd); key_state=AIK_GENERATE; count=0; fd=open("privkey/AIK.key",O_RDONLY); if(fd<0) return -EINVAL; close(fd); ret=calculate_sm3("privkey/AIK.key",digest); if(ret<0) return ret; digest_to_uuid(digest,local_keylist->nodeAIK); ret=calculate_sm3("pubkey/AIK.pem",digest); if(ret<0) return ret; digest_to_uuid(digest,pub_keylist->nodeAIK); } else { close(fd); count++; if(count>1000) { printf("do not get AIK"); key_state=NO_AIKEY; remove("privkey/AIK.key"); remove("pubkey/AIK.pem"); } } break; case AIK_GENERATE: fd=open("cert/AIK.sda",O_RDONLY); if(fd<0) { count++; if(count>1000) { remove("cert/AIK.sda"); remove("pubkey/AIK.pem"); remove("privkey/AIK.key"); key_state=NO_AIKEY; } break; } else { close(fd); ret=aik_verify(local_keylist->username); if(ret<0) { remove("cert/AIK.sda"); remove("pubkey/AIK.pem"); remove("privkey/AIK.key"); key_state=NO_AIKEY; break; } memcpy(pub_keylist->username,local_keylist->username,DIGEST_SIZE); ret=trustfile_to_uuidname("privkey/AIK.key",local_keylist->nodeAIK); if(ret<0) return ret; ret=trustfile_to_uuidname("pubkey/AIK.pem",pub_keylist->nodeAIK); if(ret<0) return ret; ret=trustfile_to_uuidname("cert/AIK.sda",pub_keylist->nodeAIKSda); if(ret<0) { return ret; } memcpy(local_keylist->nodeAIKSda,pub_keylist->nodeAIKSda,DIGEST_SIZE*2); ret=DelPolicy(local_keylist,"LKLD"); ret=AddPolicy(local_keylist,"LKLD"); ret=ExportPolicy("LKLD"); ret=DelPolicy(pub_keylist,"NKLD"); ret=AddPolicy(pub_keylist,"NKLD"); ret=ExportPolicy("NKLD"); remove("cert/bindkey.val"); remove("pubkey/bindpubkey.pem"); count=0; key_state=AIK_VERIFY; } break; case AIK_VERIFY: fd=open("pubkey/bindpubkey.pem",O_RDONLY); if(fd>0) key_state=BINDKEY_GENERATE; else { close(fd); ret=bind_key_generate(local_keylist->nodeAIK); if(ret<0) return ret; } break; case BINDKEY_GENERATE: fd=open("cert/bindkey.val",O_RDONLY); if(fd<0) { count++; if(count>5000) { printf("do not get Bind key valdata"); key_state=AIK_GENERATE; } break; } else { close(fd); ret=trustfile_to_uuidname("cert/bindkey.val",pub_keylist->nodeBindKeyVal); if(ret<0) return ret; ret=trustfile_to_uuidname("privkey/bindkey.key",local_keylist->nodeBindKey); if(ret<0) return ret; ret=trustfile_to_uuidname("pubkey/bindpubkey.pem",pub_keylist->nodeBindKey); if(ret<0) { remove("pubkey/bindpubkey.pem"); return ret; } if(bindkey_verify(pub_keylist->nodeAIK,pub_keylist->nodeBindKeyVal,pub_keylist->nodeBindKey)!=0) { printf("bindkey verify failed!\n"); return -EINVAL; } else { ret=DelPolicy(local_keylist,"LKLD"); ret=AddPolicy(local_keylist,"LKLD"); ret=ExportPolicy("LKLD"); ret=DelPolicy(pub_keylist,"NKLD"); ret=AddPolicy(pub_keylist,"NKLD"); ret=ExportPolicy("NKLD"); } key_state=BINDKEY_VERIFY; } break; case BINDKEY_VERIFY: // ret=bind_pubkey_memdb_init(); // if(ret<0) // { // printf("load bindpubkey error %d!\n",ret); // } return 0; default: return -EINVAL; } } return 0; }
int main() { char *function = "Tspi_TESI_Init"; /* TSS_RESULT result; TSS_HKEY hCAKey; TSS_HKEY hSignKey; TSS_HKEY hReloadKey; TSS_HKEY hReloadPubKey; */ int retval; /* result=TESI_Local_Reload(); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); } else { print_error_nonapi( function, result ); } } else { print_success( function, result ); } result=TESI_Local_GetPubKeyFromCA(&hCAKey,"CA"); result=TESI_Local_CreateSignKey(&hSignKey,(TSS_HKEY)NULL,"sss","kkk"); if(result == TSS_SUCCESS) printf("Create SignKey SUCCEED!\n"); TESI_Local_WriteKeyBlob(hSignKey,"testsignkey"); TESI_Local_WritePubKey(hSignKey,"testsignkey"); */ static struct vTPM_wrappedkey wrap_key; // wrap_key=malloc(sizeof(struct vTPM_wrappedkey)); strcpy(wrap_key.uuid,"7a867c66eeab4287f221bc8a1477a1015e149695"); strcpy(wrap_key.vtpm_uuid,"a02c5416-37cb-4266-9e17-2e45a3db6e79"); wrap_key.issrkwrapped=1; wrap_key.key_type=1;//hSignKey --ask if it needs which number corresbonds the key wrap_key.key_alg=1;//algorithm wrap_key.key_size=1024; strcpy(wrap_key.key_binding_policy_uuid,"fcbb2ddddd918fd0e0b9c5bc34263a0a070179392"); strcpy(wrap_key.wrapkey_uuid,"048b0ae0a32529ad0b69c539d4cb6282d3d4f86a3"); wrap_key.keypass=(char *)malloc(sizeof(char)*4); strcpy(wrap_key.keypass,"kkk"); wrap_key.key_filename=(char *)malloc(sizeof(char)*16); strcpy(wrap_key.key_filename,"testsignkey.key"); printf("test 1!\n"); int k; void *policy; int i; logic_baselib_init(); register_record_type("BLBK",wrappedkey_desc); register_policy_lib("BLBK",&wrappedkey_lib_ops); retval=LoadPolicyFromFile("wrap_key.lib","BLBK"); printf("test load!\n"); k=AddPolicy(wrap_key,"BLBK"); printf("test add %x!\n",&wrap_key); policy=GetFirstPolicy("BLBK"); printf("test getfirst outside addr %x!\n",policy); i=0; while(policy!=NULL) { printf("test output addr %x!\n",policy); OutPutPolicy(policy,"BLBK"); printf("\n"); policy=GetNextPolicy("BLBK"); i++; } //char *buff; //buff=(char *)malloc(sizeof(wrap_key)); //memcpy(buff,&wrap_key,sizeof(wrap_key)); //printf("%s",buff); //void *policy; //policy=BuildPolicy(buff,"BLBK"); //AddPolicy(policy,"BLBK"); // struct struct_elem_attr * test_desc; // void * struct_template; // POLICY_PROTOCOL Protocol; // char * string; // int bloboffset; // int stroffset; /* int i; int retval; char * policy_package; // void * obj_policy_lib; void * policy; logic_baselib_init(); register_policy_lib("BLBK",wrappedkey_desc,&wrappedkey_lib_ops); retval=LoadTxtPolicyFile("blbklist.txt","BLBK",&policy_package); retval=LoadPolicyData(policy_package); free(policy_package); policy=GetFirstPolicy("BLBK"); i=0; while(policy!=NULL) { OutPutPolicy(policy,"BLBK"); printf("\n"); policy=GetNextPolicy("BLBK"); i++; } ExportPolicyToFile("wrappedkey.lib","BLBK"); */ // ExportPolicyToFile("wrap_key.lib","BLBK"); return 0; }