From: Tom L. <to...@us...> - 2005-10-20 17:03:42
|
You didn't mention how you obtained the event list (which API) and for which PCR you are verifying. Is your event list for one single PCR or is it multiple PCRs that you need to filter/differentiate in your loop? Tom to...@us... tro...@li... wrote on 10/20/2005 11:15:52 AM: > Hi Felix, your code looks ok to me. Perhaps there's a difference in > the PCR values that are returned from the GetPcrEvents calls and the > values that the TPM actually got? That's the only thing that's coming > to mind for me right now... > > Kent > > On 10/19/05, Felix Dorner <fel...@we...> wrote: > > Kent Yoder wrote: > > > > >Sorry Felix, I am not sure I can follow your code well enough to say > > >much about it.... > > > > > >Kent > > > > > > > > Ok. I rewrote the snip without using my custom data structures and added > > some comments. > > I assume that a PCR Register is 20 Bytes (SHA_DIGEST_LENGTH). > > I suppose you understand what I mean with "software extend"? > > > > > > int verify(BYTE *initial_pcr_digest, > > BYTE *final_pcr_digest, > > BYTE **event_list, int length) > > { > > BYTE tmp_digest[SHA_DIGEST_LENGTH]; //stores a > temporary iteration hash > > BYTE cat_buffer[2 * SHA_DIGEST_LENGTH]; //stores > oldpcrvalue || extension hash > > memset(cat_buffer, 0, 2 * SHA_DIGEST_LENGTH); //reset > mem. might be redundant... > > BYTE *tmp_node; > > memcpy(cat_buffer, initial_pcr_digest, SHA_DIGEST_LENGTH); > //copy the initial pcr value to the concatenation > > > //buffer (first 20 Bytes) > > > > int i = 0; > > for (; i < length; i++){ > > tmp_node = event_list[i]; > > memcpy(cat_buffer + SHA_DIGEST_LENGTH, tmp_node, > SHA_DIGEST_LENGTH); // copy the extension value to > > > // concatenation > > > // buffer (last 20 Bytes) > > > > // now cat_buffer is (oldpcr_value || extension hash) > > SHA1(cat_buffer, 2 * SHA_DIGEST_LENGTH, > tmp_digest); // hash the concatenation buffer (openssl) > > > // and store result in tmp_digest > > memcpy(cat_buffer, tmp_digest, SHA_DIGEST_LENGTH); > // copy tmp_digest to the concatenation buffer > > > // (first 20 bytes) > > > > // do this with all elements in the list > > } > > } > > > > > > > > > -- > Kent Yoder > IBM LTC Security Dev. > > > ------------------------------------------------------- > This SF.Net email is sponsored by: > Power Architecture Resource Center: Free content, downloads, discussions, > and more. http://solutions.newsforge.com/ibmarch.tmpl > _______________________________________________ > TrouSerS-users mailing list > Tro...@li... > https://lists.sourceforge.net/lists/listinfo/trousers-users |