Thanks, that fixed it!

Having to write to the SHA buffer in little endian order was not something that occurred to me at all. I just checked the MLE Developer's Guide and it only talks about endianness in the context of LCP.

Thanks again for all your help.


On Wed, Feb 20, 2013 at 5:58 PM, Wei, Gang <> wrote:
I have to take back what I said, and the Dell PowerEdge T620 platform should
be ok. We were wrong on how to concatenate 4/8-byte integers into the
composite for SHA1. IA arch always use little-endian byte order for
integers, that means even tboot log print:

TBOOT:  proc_scrtm_status: 0x00000001

The script should make:
scrtm_status_ascii = "01 00 00 00" instead of "00 00 00 01".

As well, The script should treat below integers in the same way:

        SinitMleData.MsegValid     8bytes
        SinitMleData.PolicyControl   4bytes
        (OsSinitData.Capabilities, 0)  4bytes
        SinitMleData.ProcessorSCRTMStatus 4bytes

I can replicate PCR17 value after I made above change in my shell script.


Sahil Rihan wrote on 2013-02-19:
> Hi Jimmy,
> Thanks for all your help on this.
> The platform I'm using is a Dell PowerEdge T620 with dual-socket Intel
> E5-2650 (f/m/s: 06-2D-7) and BIOS version 1.2.6.
> Attached is the output from tboot.
> Out of curiosity, did you try with the values I posted earlier?
> Thanks,
> Sahil
> On Mon, Feb 18, 2013 at 12:09 AM, Wei, Gang <> wrote:
>       Hi, Sahil,
>       The version 8 PCR 17 value could be replicated for some platform I
>       access, so the MLE DG should be right. The issue might be with the
> platform      you are using. Can you tell the detailed model number of
> platform and  attach a completed tboot log for further analysis?
>       Jimmy