Re: [Trustedjava-support] how to control log

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Thanks!

an another question about this:
when i do
TcTssPcrEvent event=tpm.getEvent(pcrIndex, 0);
TcBlobData pcrValue=event.getPcrValue();

what is extactly the pcrValue?

this is my code:
TcBlobData pcrValue = TcBlobData.newByteArray(contenutoKernel).sha1();
Log.info("PCR value: "+pcrValue.toHexStringNoWrap());
            TcTssPcrEvent pcrEvent = new TcTssPcrEvent();
            pcrEvent.init(TcTssVersion.TPM_V1_1, pcrIndex, TcTssConstants.TSS_EV_ACTION, null,TcBlobData.newString("vmlinuz added"));
            TcBlobData extendData=tpm.pcrExtend(pcrIndex, pcrValue, pcrEvent);
Log.info("Extended data: "+extendData.toHexStringNoWrap());
TcTssPcrEvent event=tpm.getEvent(pcrIndex, 0);
TcBlobData pcrValue2=event.getPcrValue();
Log.info("PCR value in event: "+pcrValue2.toHexStringNoWrap());

The output of the code is:

16:40:25:473 [INFO] ProtocolThread::run (120):	PCR value:  b3 85 c6 54 24 70 60 55 0e e3 19 03 4d d7 5c 41 05 96 9d 79
16:40:25:489 [INFO] ProtocolThread::run (125):	Extended data:  b5 e9 3a 22 cd e5 78 e9 a9 d6 f8 d7 c0 3f fd 2a 42 1c a5 1b
16:40:25:491 [INFO] ProtocolThread::run (139):	PCR value in event:  69 ed aa 82 0c 3c 40 c4 6b 9b 0e e8 c9 b8 44 63 f5 3a c4 22

what is the value that is in the PCRValue field of the event? Why is it different in comparison with the PCR value of the first line of my code?

Regards P.C.

>pat...@in... wrote:
>> i know that the server has to bring the list of measures and has to
>> reproduce the extend operations the client has done and compare with
>> the quote result.
>> i've seen that the log is an array of TcTssPcrEvent, but how is this
>> structure correleted with the TcTssValidation  that is the result of
>> a quote operation?
>> How can i compare them?
>
>a quick rundown:
>
>system state = set of PCR registers with specific value
>
>PCR composite digest = one hash value, calculated from set of PCR register 
>states(hashes)
>
>How to calculate a PCR composite digest (=current system state) from PCR states, 
>see discussion on this mailing list ca. middle of July.
>
>How to calculate single PCR register extend operation, see ExtendPcrs.java 
>example from JTpmTools.
>
>|TcTssValidation quoteResult = context.getTpm().quote(aikKey, pcrSelection, 
>validation);
>
>pcrSelection contains the mask of PCRs to do the quote from
>
>|... = quoteResult.getData();            // plain data |... = 
>quoteResult.getValidationData(); // signature
>
>TcTpmQuoteInfo qInfo = new TcTpmQuoteInfo(....plaindata...); TcTpmCompositeHash 
>compHash = qInfo.getDigestValue();    // get compositeDigest hash
>
>and compare this with you own result on the server side.
>
>> Please, can you tell me the code i have to use to compare the log with the 
>quote result?
>
>There is no standard/protocol (yet) on how to get a client log + quote to the 
>server, you have to invent your own. Further, currently there is no helper
>code for helping you in replaying/recalculating the PCR log.
>
>HTH
>
>--  Martin Pirker
>IAIK, TU Graz
>
>

----------------------------------------------------------------------------
DEXGATEMICRO il centralino VoIP multifunzione per l'azienda.
Prova gratuita per 4 utenti!

Scopri tutte le funzionalita' sul sito Dexgate.com
----------------------------------------------------------------------------