Hi!
Now I'm trying to calculate PCR 17 by hand. I'm making only little progress on
that issue. Here's
what I'm doing, there are some Questions in there, what I haven't understood.
The informations below
are based on "Measured Launched Environment Developer's Guide - June 2008".
1) Set PCR to all 0s
2) Extend ( SHA-1( SinitMleData.SinitHash | SinitMleData.EdxSenterFlags ) )
2a) concatenate SinitMleData.SinitHash and SinitMleData.EdxSenterFlags
*) EdxSenterFlags are reported to be 0x00000000 - is that right?
*) how can I calculate SinitHash on my own? tboot copies hole SINIT
image to memory, but
a hash over the image file isn't the same as SinitMleData.SinitHash
3) MLE Developer's Guide says that all other items are concatenated and
extended at one single
extend. Is that right?
3a) MLE Dev Guid says "SHA-1 hash of BIOS ACM - SinitMleData.BiosAcmID"
*) SinitMleData.BiosAcmID is not a hash, must it be hashed or not before
concatenation?
*) Where can I get the BiosAcmID of a system?
3b) MsegValid is 8 byte data, but has only two possible values, 0x0 and 0x1,
right?
The only purpose is to indicate whether StmHash is a hash or 0s, right?
3c) How is determined whether OsSinitData.Capabilities is extended or not?
4) tboot seems to extend SinitMleData.PolicyControl |
SinitMleData.LcpPolicyHash after ML to PCR 17
too. Why extend a second time?
any help would be appreciated,
greetz Michael
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
