Re: [tboot-devel] Calculation of PCR 17

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Michael, list,

Attached is a script that I threw together to recreate the contents of 
the PCR values on a system I've been using, by looking at some of the 
debug values.  I hope that you find it useful.

-Jon

Michael Gissing wrote:
> Hi!
>
> Now I'm trying to calculate PCR 17 by hand. I'm making only little progress on that issue. Here's 
> what I'm doing, there are some Questions in there, what I haven't understood. The informations below 
> are based on "Measured Launched Environment Developer's Guide - June 2008".
>
> 1) Set PCR to all 0s
>
> 2) Extend ( SHA-1( SinitMleData.SinitHash | SinitMleData.EdxSenterFlags ) )
>    2a) concatenate SinitMleData.SinitHash and SinitMleData.EdxSenterFlags
>        *) EdxSenterFlags are reported to be 0x00000000 - is that right?
>        *) how can I calculate SinitHash on my own? tboot copies hole SINIT image to memory, but
>           a hash over the image file isn't the same as SinitMleData.SinitHash
>
> 3) MLE Developer's Guide says that all other items are concatenated and extended at one single 
> extend. Is that right?
>    3a) MLE Dev Guid says "SHA-1 hash of BIOS ACM - SinitMleData.BiosAcmID"
>        *) SinitMleData.BiosAcmID is not a hash, must it be hashed or not before concatenation?
>        *) Where can I get the BiosAcmID of a system?
>    3b) MsegValid is 8 byte data, but has only two possible values, 0x0 and 0x1, right?
>        The only purpose is to indicate whether StmHash is a hash or 0s, right?
>    3c) How is determined whether OsSinitData.Capabilities is extended or not?
>
> 4) tboot seems to extend SinitMleData.PolicyControl | SinitMleData.LcpPolicyHash after ML to PCR 17
>     too. Why extend a second time?
>
> any help would be appreciated,
> greetz Michael
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
> trial. Simplify your report design, integration and deployment - and focus on 
> what you do best, core application coding. Discover what's new with 
> Crystal Reports now.  http://p.sf.net/sfu/bobj-july
> _______________________________________________
> tboot-devel mailing list
> tbo...@li...
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>
>   