Re: [Linux-ima-user] PCR Extend

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,

lin...@li... wrote on 04/18/2007 02:39:12 
PM:

> [image removed] 
> 
> Re: [Linux-ima-user] PCR Extend
> 
> Saurabh Arora
> 
> to:
> 
> LInuxIMAUser
> 
> 04/18/2007 02:52 PM
> 
> lin...@li...
> 
> Please respond to sau...@ie...
> 
> Hi
> 
> thank you Reiner.
> It worked after simple concat to make it to 320 bit etc etc...  as you 
said.
> 
> which means PCR_Extend operation do not take care of index value or
> PCR Event log under "Linux-IMA". But when i see the
> documentation-source of

The low-level tpm_extend command IMA uses: 1) an index specifying the PCR 
and 2) a 160bit value to be extended.

IMA uses a preconfigured PCR register index (you can reconfigure it as 
part of the kernel configuration). The IMA code really calls tpm_extend of 
the TPM driver with a constant PCR index. Other than that, IMA is supposed 
to use the tpm_extend that the TPM driver offers and the TCG Specification 
describes. 

> a) Trousers TSS
> b) JTSS (trustedjava group)
> 
> i can see they use other information in PCR_extend which is
> conspicuous by the simple operation i did :

I assume you mean Tspi_TPM_PcrExtend for Trousers. There are many 
parameters and they are not really passed to the TPM driver. The 
documentation for Trousers also mentions that the data parameter is 
actually hashed before they are sent via the low-level TPM driver command 
tpm_extend to the chip.

The difference in parameters is therefore explained by the different 
abstractions. The command to the TPM chip will be similar.

> - used PCR_EXTEND to extend two null PCR(say 15, 16) with measurement
> of the same value, and the results varied for both PCR.

ups ... this is not exactly what one should expect. Some cross-checks:

a) I assume you have 24 PCRs (just asking since my old TPM has only 
PCR0..15).
b) Are you sure that you actually send the same TPM command to both 
registers?
   If you use trousers, you actually specify pointers; do they point to 
the same things?

If you can, please submit the code snipplet that does the extends.

Greetings
Reiner

> is IMA pcr_extend operation conformed to specs ?
> 
> 
> 
> On 4/19/07, Reiner Sailer <sa...@us...> wrote:
> >
> > Hi ,
> >
> > the "||" is the bit-wise concatenation (not an xor!). See below my 
comment:
> >
> > lin...@li... wrote on
> > 04/18/2007 09:51:19 AM:
> >
> >  > [image removed]
> > >
> >  > [Linux-ima-user] PCR Extend
> > >
> >  > Saurabh Arora
> > >
> >  > to:
> > >
> >  > LInuxIMAUser
> > >
> >  > 04/18/2007 09:51 AM
> > >
> >  > lin...@li...
> > >
> >  > Please respond to sau...@ie...
> > >
> >  > Hi
> >  >
> >  > I want to verify the IMA list against the PCR Aggregate. And I read
> >  > the documentation as well as the "validation sample code using 
openssl
> >  > libraries", also did some source code dwelling (which involves
> >  > crypto_update functions from crypto.h).
> >  >
> >  > But I am using Java/C# native libraries to verify the IML against
> >  > PCR Aggregate.
> >  >
> >  > Now I am facing problems in understanding in-depth PCR_EXTEND 
operation.
> >  > please guide me where i am going wrong :
> >  >
> >  > ------------------------------
> >  >
> >  > PCR(new) = SHA1( PCR(old) || hashValue(measurement) )
> >  >
> >  > now '||' operator according to documentation is concatenation.. but
> >  > which type of concat (bitwise / string / byte array) ?
> >
> >  bit-arrays (actually they nicely align to 20bytes), just append the 
160bit
> > hash-value to the current 160bit PCR value;
> >
> > this way you arrive at a 320bit value, which you have to hash using 
SHA1
> >
> > This results into a 160bit value that will be the new PCR value.
> >
> >  > Also, while using PCR_EXTEND (thru Trousers) on empty PCRs, i found
> >  > out that the operation uses the PCR Index value to perform EXTEND.
> >  >
> >  > To verify, i made a simple program which uses 2 hashes to produce a
> >  > final hash.
> >  >  - 1st hash : 00000 ( all zeros, to simulate an empty PCR)
> > good (160bits, all zero)
> >
> >  >  - 2nd Hash : sha1 hash over a file
> > another 160bits reflecting sha1 of file
> >
> >  >  - converted both hashes into byte arrays and performed Bitwise OR
> > not so good, you need to concatenate them to a 320bit value:
> > low 160bits are 0, high 160bits are the sha1
> >
> >  >  - computed SHA1 over the resulted byte array.
> >  this would be correct again.
> >
> >
> >  > but this is not the value, which i see when i perform PCR_EXTEND
> >  > operation using Trousers TSS  library.
> >  >
> >  >  - either Bitwise OR is incorrect ( here i tried with byte concat 
(+)
> >  > operation as well )
> >
> > yes, bitwise OR is incorrect
> >
> >  >  - I am not using salt for hashing, which could be PCR Index value.
> >  > please guide me and sorry for naive-ty(silly) seen in my queries
> >
> > This is not a simple thing to understand and I had myself made 
mistakes when
> > first writing verification code.
> >
> >  > Saurabh
> >
> > A very generic PSEUDO algorithm assuming you start with PCR==0 could
> > simulate the PCR extensions:
> >
> > newPCR (measurement-list):
> >   curPCR=0 //assuming we start with reset PCR
> >   for m in ordered measurement-list {
> >       new SHA1 context: s;
> >       s.init()
> >       s.update(curPCR)
> >       s.update(m)
> >       curPCR = s.final()
> >   }
> >   printout curPCR
> >
> > curPCR == real PCR --> verification successful
> > curPCR != real PCR --> verification fails
> >
> > A successful verification means that the measurement list is complete 
and
> > all measurements are included in the order they were recorded. It does 
not
> > say anything about the measured software yet. To go that step, you 
need to
> > relate the measurements to code/configs and then reason about the 
properties
> > of the code/configs in your environment.
> >
> > Let me know if this is helpful.
> >
> > Reiner
> >  >
> > 
-------------------------------------------------------------------------
> >  > This SF.net email is sponsored by DB2 Express
> >  > Download DB2 Express C - the FREE version of DB2 express and take
> >  > control of your XML. No limits. Just data. Click to get it now.
> >  > http://sourceforge.net/powerbar/db2/
> >  > _______________________________________________
> >  > Linux-ima-user mailing list
> >  > Lin...@li...
> >  >
> > https://lists.sourceforge.net/lists/listinfo/linux-ima-user
> >
> 
> 
-------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> Linux-ima-user mailing list
> Lin...@li...
> https://lists.sourceforge.net/lists/listinfo/linux-ima-user