Discussion:
[TrouSerS-users] PcrExtend() explanation
Massimo Gaggiano
2015-06-07 23:26:38 UTC
Permalink
Hi all,
I use IBM Software TPM.

If the param 'pPcrEvent' is NULL I get the error 3003 "Bad parameter"
when extending with data size different than 20.
(No error with "12345678901234567890")

Is there something I'm ignoring?

Thank you very much.
Max

Here is my code in summary:

const char *data = "s";
UINT32 dataLen = strlen(data);
Tspi_TPM_PcrExtend(hTPM, pcrIndex, dataLen, (BYTE *)data, NULL, \
&pcrValueLen, &pcrValue);


------------------------------------------------------------------------------
Massimo Gaggiano
2015-06-10 03:21:14 UTC
Permalink
..no error if pcrEvent != NULL and data size != 20.

Is this regular?

________________________________
Da: Massimo Gaggiano<mailto:***@hotmail.com>
Inviato: ‎08/‎06/‎2015 01:27
A: trousers-***@lists.sourceforge.net<mailto:trousers-***@lists.sourceforge.net>
Oggetto: [TrouSerS-users] PcrExtend() explanation

Hi all,
I use IBM Software TPM.

If the param 'pPcrEvent' is NULL I get the error 3003 "Bad parameter"
when extending with data size different than 20.
(No error with "12345678901234567890")

Is there something I'm ignoring?

Thank you very much.
Max

Here is my code in summary:

const char *data = "s";
UINT32 dataLen = strlen(data);
Tspi_TPM_PcrExtend(hTPM, pcrIndex, dataLen, (BYTE *)data, NULL, \
&pcrValueLen, &pcrValue);


------------------------------------------------------------------------------
Ken Goldman
2015-06-10 13:22:06 UTC
Permalink
At the TPM layer, the value to be extended must be exactly 20 bytes.

I found this in the mailing list. I wonder if the code was fixed but
that the documentation is still wrong. It looks like they removed the
double hash, so you have to send 20 bytes.

~~

Note that trousers-0.2.8's implementation of Tspi_TPM_PcrExtend is
wrong, it has been updated to be correct in CVS, which will become
0.2.9.

~~
If no PCR event structure is passed to Tspi_TPM_PcrExtend, the data
passed to it will be sent directly to the TPM, without modification
(meaning that anything but 20 bytes will get you TSS_E_BAD_PARAMETER).
If there is a PCR event structure passed to Tspi_TPM_PcrExtend, the
TSS will create a hash value using the data passed in and fields of
the PCR event structure, like this: SHA1(ulPcrIndex | pbPcrData |
pPcrEvent->eventType | pPcrEvent->rgbEvent). That hash will then be
sent to the TPM and TCS_LogPcrEvent will be called to add the event to
the log.
~~

True, the trousers 0.2.8 mistakenly re-hashes the input to
Tspi_TPM_PcrExtend. This is fixed in CVS though...

On 6/9/2015 11:21 PM, Massimo Gaggiano wrote:
> ..no error if pcrEvent != NULL and data size != 20.
>
> Is this regular?
>
> ------------------------------------------------------------------------
> Da: Massimo Gaggiano <mailto:***@hotmail.com>
> Inviato: ‎08/‎06/‎2015 01:27
> A: trousers-***@lists.sourceforge.net
> <mailto:trousers-***@lists.sourceforge.net>
> Oggetto: [TrouSerS-users] PcrExtend() explanation
>
> Hi all,
> I use IBM Software TPM.
>
> If the param 'pPcrEvent' is NULL I get the error 3003 "Bad parameter"
> when extending with data size different than 20.
> (No error with "12345678901234567890")
>
> Is there something I'm ignoring?
>
> Thank you very much.
> Max
>
> Here is my code in summary:
>
> const char *data = "s";
> UINT32 dataLen = strlen(data);
> Tspi_TPM_PcrExtend(hTPM, pcrIndex, dataLen, (BYTE *)data, NULL, \
> &pcrValueLen, &pcrValue);




------------------------------------------------------------------------------
Massimo Gaggiano
2015-06-10 23:03:53 UTC
Permalink
Thank you for reply.
..ok, the function produces two digests.

Let's suppose to set pcrEvent in this way:
pcrEvent.eventType = (UINT32) 0;
pcrEvent.rgbEvent = (BYTE *) "Event information";
pcrEvent.ulEventLength = (UINT32) strlen((char *)pcrEvent.rgbEvent);

and extend PCR 16 previously reset:
UINT32 pcrIndex = 16;
char *data = "12345678901234567890";
UINT32 dataLen = strlen(data);
Tspi_TPM_PcrExtend(hTPM, pcrIndex, dataLen, (BYTE *)data, &pcrEvent, \
&pcrValueLen, &pcrValue);

I get this from pcrEvent.rgbPcrValue:
D5 77 EA 60 0E 25 58 83 C3 7A 9B 67 AC 4E C4 7E 72 B1 97 CA
and this from pcrValue:
DD 41 DE 26 27 6A D0 CC AF 1F 7A 7A 0D 35 CA 8F 30 EF BD AC

What should I give in input to Tspi_Hash_UpdateHashValue() to obtain
these two digests?

I did expect to obtain pcrEvent.rgbPcrValue hashing this:
BYTE data[] = {
/* UINT32 pcrIndex 16 */ 0x00, 0x10, \
/* pcrData */ \
'1','2','3','4','5','6','7','8','9','0','1','2','3','4','5','6','7','8','9','0',\
/* UINT32 eventType */ 0, 0, \
/* rgbEvent */ \
'E','v','e','n','t',' ','i','n','f','o','r','m','a','t','i','o','n' };

but I get a different digest:
D0 49 5F 73 19 E8 91 53 5C 59 94 73 1F 76 19 EB 7F F7 1B 5E

(...and I did expect to obtain pcrValue hashing this:
20 0's (empty PCR 16) || pcrEvent.rgbPcrValue ...)


Thank you again,
Max


Il 10/06/2015 15:22, Ken Goldman ha scritto:
> At the TPM layer, the value to be extended must be exactly 20 bytes.
>
> I found this in the mailing list. I wonder if the code was fixed but
> that the documentation is still wrong. It looks like they removed the
> double hash, so you have to send 20 bytes.
>
> ~~
>
> Note that trousers-0.2.8's implementation of Tspi_TPM_PcrExtend is
> wrong, it has been updated to be correct in CVS, which will become
> 0.2.9.
>
> ~~
> If no PCR event structure is passed to Tspi_TPM_PcrExtend, the data
> passed to it will be sent directly to the TPM, without modification
> (meaning that anything but 20 bytes will get you TSS_E_BAD_PARAMETER).
> If there is a PCR event structure passed to Tspi_TPM_PcrExtend, the
> TSS will create a hash value using the data passed in and fields of
> the PCR event structure, like this: SHA1(ulPcrIndex | pbPcrData |
> pPcrEvent->eventType | pPcrEvent->rgbEvent). That hash will then be
> sent to the TPM and TCS_LogPcrEvent will be called to add the event to
> the log.
> ~~
>
> True, the trousers 0.2.8 mistakenly re-hashes the input to
> Tspi_TPM_PcrExtend. This is fixed in CVS though...
>
> On 6/9/2015 11:21 PM, Massimo Gaggiano wrote:
>> ..no error if pcrEvent != NULL and data size != 20.
>>
>> Is this regular?
>>
>> ------------------------------------------------------------------------
>> Da: Massimo Gaggiano <mailto:***@hotmail.com>
>> Inviato: ‎08/‎06/‎2015 01:27
>> A: trousers-***@lists.sourceforge.net
>> <mailto:trousers-***@lists.sourceforge.net>
>> Oggetto: [TrouSerS-users] PcrExtend() explanation
>>
>> Hi all,
>> I use IBM Software TPM.
>>
>> If the param 'pPcrEvent' is NULL I get the error 3003 "Bad parameter"
>> when extending with data size different than 20.
>> (No error with "12345678901234567890")
>>
>> Is there something I'm ignoring?
>>
>> Thank you very much.
>> Max
>>
>> Here is my code in summary:
>>
>> const char *data = "s";
>> UINT32 dataLen = strlen(data);
>> Tspi_TPM_PcrExtend(hTPM, pcrIndex, dataLen, (BYTE *)data, NULL, \
>> &pcrValueLen, &pcrValue);
>
>
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>

------------------------------------------------------------------------------
Massimo Gaggiano
2015-06-11 01:15:46 UTC
Permalink
This thread can be considered closed.



> Date: Thu, 11 Jun 2015 01:03:53 +0200
> From: ***@hotmail.com
> To: ***@us.ibm.com
> CC: trousers-***@lists.sourceforge.net
> Subject: Re: [TrouSerS-users] R: PcrExtend() explanation
>
> Thank you for reply.
> ..ok, the function produces two digests.
>
> Let's suppose to set pcrEvent in this way:
> pcrEvent.eventType = (UINT32) 0;
> pcrEvent.rgbEvent = (BYTE *) "Event information";
> pcrEvent.ulEventLength = (UINT32) strlen((char *)pcrEvent.rgbEvent);
>
> and extend PCR 16 previously reset:
> UINT32 pcrIndex = 16;
> char *data = "12345678901234567890";
> UINT32 dataLen = strlen(data);
> Tspi_TPM_PcrExtend(hTPM, pcrIndex, dataLen, (BYTE *)data, &pcrEvent, \
> &pcrValueLen, &pcrValue);
>
> I get this from pcrEvent.rgbPcrValue:
> D5 77 EA 60 0E 25 58 83 C3 7A 9B 67 AC 4E C4 7E 72 B1 97 CA
> and this from pcrValue:
> DD 41 DE 26 27 6A D0 CC AF 1F 7A 7A 0D 35 CA 8F 30 EF BD AC
>
> What should I give in input to Tspi_Hash_UpdateHashValue() to obtain
> these two digests?
>
> I did expect to obtain pcrEvent.rgbPcrValue hashing this:
> BYTE data[] = {
> /* UINT32 pcrIndex 16 */ 0x00, 0x10, \
> /* pcrData */ \
> '1','2','3','4','5','6','7','8','9','0','1','2','3','4','5','6','7','8','9','0',\
> /* UINT32 eventType */ 0, 0, \
> /* rgbEvent */ \
> 'E','v','e','n','t',' ','i','n','f','o','r','m','a','t','i','o','n' };
>
> but I get a different digest:
> D0 49 5F 73 19 E8 91 53 5C 59 94 73 1F 76 19 EB 7F F7 1B 5E
>
> (...and I did expect to obtain pcrValue hashing this:
> 20 0's (empty PCR 16) || pcrEvent.rgbPcrValue ...)
>
>
> Thank you again,
> Max
>
>
> Il 10/06/2015 15:22, Ken Goldman ha scritto:
>> At the TPM layer, the value to be extended must be exactly 20 bytes.
>>
>> I found this in the mailing list. I wonder if the code was fixed but
>> that the documentation is still wrong. It looks like they removed the
>> double hash, so you have to send 20 bytes.
>>
>> ~~
>>
>> Note that trousers-0.2.8's implementation of Tspi_TPM_PcrExtend is
>> wrong, it has been updated to be correct in CVS, which will become
>> 0.2.9.
>>
>> ~~
>> If no PCR event structure is passed to Tspi_TPM_PcrExtend, the data
>> passed to it will be sent directly to the TPM, without modification
>> (meaning that anything but 20 bytes will get you TSS_E_BAD_PARAMETER).
>> If there is a PCR event structure passed to Tspi_TPM_PcrExtend, the
>> TSS will create a hash value using the data passed in and fields of
>> the PCR event structure, like this: SHA1(ulPcrIndex | pbPcrData |
>> pPcrEvent->eventType | pPcrEvent->rgbEvent). That hash will then be
>> sent to the TPM and TCS_LogPcrEvent will be called to add the event to
>> the log.
>> ~~
>>
>> True, the trousers 0.2.8 mistakenly re-hashes the input to
>> Tspi_TPM_PcrExtend. This is fixed in CVS though...
>>
>> On 6/9/2015 11:21 PM, Massimo Gaggiano wrote:
>>> ..no error if pcrEvent != NULL and data size != 20.
>>>
>>> Is this regular?
>>>
>>> ------------------------------------------------------------------------
>>> Da: Massimo Gaggiano
>>> Inviato: ý08/ý06/ý2015 01:27
>>> A: trousers-***@lists.sourceforge.net
>>>
>>> Oggetto: [TrouSerS-users] PcrExtend() explanation
>>>
>>> Hi all,
>>> I use IBM Software TPM.
>>>
>>> If the param 'pPcrEvent' is NULL I get the error 3003 "Bad parameter"
>>> when extending with data size different than 20.
>>> (No error with "12345678901234567890")
>>>
>>> Is there something I'm ignoring?
>>>
>>> Thank you very much.
>>> Max
>>>
>>> Here is my code in summary:
>>>
>>> const char *data = "s";
>>> UINT32 dataLen = strlen(data);
>>> Tspi_TPM_PcrExtend(hTPM, pcrIndex, dataLen, (BYTE *)data, NULL, \
>>> &pcrValueLen, &pcrValue);
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> TrouSerS-users mailing list
>> TrouSerS-***@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/trousers-users
>>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users
Hon Ching Lo
2015-06-10 19:37:11 UTC
Permalink
Hi Max,


I agree with Ken that the man page/document should be updated to:
The *pbPcrData* parameter is a pointer to data which will be used in the
extend operation.

In the case when pcrEvent != NULL, the function will generate a hash of 20
bytes for you. Therefore,
the data size you passed into (different than 20) was still valid.

In the case when pcrEvent == NULL, you must provide a 20 bytes data,
typically SHA-1 hash. Otherwise, you'll get a
bad parameter error.

Thank you and Ken. I'll update the man page.


Regards,
Vicky


On Tue, Jun 9, 2015 at 11:21 PM, Massimo Gaggiano <***@hotmail.com>
wrote:

> ..no error if pcrEvent != NULL and data size != 20.
>
> Is this regular?
>
> ------------------------------
> Da: Massimo Gaggiano <***@hotmail.com>
> Inviato: ‎08/‎06/‎2015 01:27
> A: trousers-***@lists.sourceforge.net
> Oggetto: [TrouSerS-users] PcrExtend() explanation
>
> Hi all,
> I use IBM Software TPM.
>
> If the param 'pPcrEvent' is NULL I get the error 3003 "Bad parameter"
> when extending with data size different than 20.
> (No error with "12345678901234567890")
>
> Is there something I'm ignoring?
>
> Thank you very much.
> Max
>
> Here is my code in summary:
>
> const char *data = "s";
> UINT32 dataLen = strlen(data);
> Tspi_TPM_PcrExtend(hTPM, pcrIndex, dataLen, (BYTE *)data, NULL, \
> &pcrValueLen, &pcrValue);
>
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> TrouSerS-users mailing list
> TrouSerS-***@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
>
Loading...