Hi,
HMAC messages are build in 2 stages:
first: you have to compute a SHA-1 of data
second: you concatenate the previous hash to other data
So, 1S, 2S are concatenated and then hashed (SHA-1) and then you have to
concatenate the result to 2H1, 3H1, ...
to resume:
HMAC msg = SHA-1(1S || 2S || 3S) || 2H1 || 3H1 || 4H1
where || is the concatenation.
This HMAC is used by the TPM to verify the integrity of the command. You
also have to provide a SHA-1 of your password to be able to use the key
which represents the HMAC key.
You have to send it to the TPM else the integrity will not be verified and
the TPM will not authorize you to use this command.
If you have questions,
2009/11/24 adrian golding <[email protected]>
> hi, my question is related to this hash i see in tspi_seal.c and in the TPM
> specifications:
>
> I was looking at the TPM main Part 3 TPM Commands document obtained from
> here:
>
> http://www.trustedcomputinggroup.org/files/resource_files/646B5D4D-1D09-3519-AD21C36DEA87B4B8/tpmwg-mainrev62_Part3_Commands.pdf
>
> page 56-57 or so. the first column (reads PARAM) states what parameters are
> expected to be sent to the TPM, and the second column (reads HMAC) and i
> guess some of the parameters need to be hashed according to the
> specifications. Qn#1: sometimes it states what does the "2H1", "1S", "2S"
> etc in the HMAC column mean?
>
> and then i looked at the code in ~/trousers/src/tspi/tspi_seal.c to see
> what is being done inside:
> i noticed that there was hashing done according to the specs. Qn#2: how is
> this hash used later on? Is this hash going to be sent to the TPM in any
> way?
>
> thank you - adrian
>
>
>
> ------------------------------------------------------------------------------
> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
> trial. Simplify your report design, integration and deployment - and focus
> on
> what you do best, core application coding. Discover what's new with
> Crystal Reports now. http://p.sf.net/sfu/bobj-july
> _______________________________________________
> TrouSerS-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
>
--
Anthony Dessiatnikoff
Researcher in computing security
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
