Comments (2)
ElMostafaIdrassi
commented on May 19, 2024
From the spec, a TPM2_PCR_Read command only returns 1 single TPML_DIGEST. Knowing that a TPML_DIGEST can contain at most 8 digests, I think it is safe to say that the TPM can at most return 8 PCRs Digests per TPM2_PCR_Read command.
Lines 180 to 191 in ac5b427
As you can see, the current implementation only runs the command once and expects the TPM to return all the selected PCRs. This works fine when you select up to 8 PCRs, but will return only the first 8 PCRs digests if you select more, as explained above.
In order to fix this, a similar approach to what tpm2-tools does is needed, that is, in the first call, send the whole TPML_PCR_SELECTION with all the wanted PCR bits set. After getting and parsing the first response, null out the bits of the PCRs we just retrieved in the TPML_PCR_SELECTION, check that it is not all zeroed out, then call TPM2_PCR_READ once more on the new TPML_PCR_SELECTION, etc...
from go-tpm.
twitchy-jsonp
commented on May 19, 2024
As @ElMostafaIdrassi explained, a single call to read PCRs can only read a few PCRs at a time. In go-attestation, we read all the PCRs using a loop, like this:
from go-tpm.
Related Issues (20)
- Policy sessions need to know authValue for parameter encryption HOT 3
- Windows TPM Base Services (TBS) - Missing Functionality
- Add remaining TPM commands to TPMDirect API HOT 4
- Supporting Apple Secure Enclave (T2 Chip) HOT 4
- Implement TPM2_Commit HOT 12
- Possible issue with response code decoding HOT 1
- Possible Issue with Reflection Helper HOT 1
- Make a marshallable interface/type constraint HOT 2
- Add helper for tpmDirect ObjectAttributes
- tpmDirect Design Feedback HOT 2
- delete the struct aliases & consider merging all of structures and commands into one 'tpm2' package HOT 4
- reduce repetitive, nested structs by proving a defaults package HOT 1
- support passing []byte as TPM2B HOT 2
- Add a Compare function
- Load TSS2 Private Key generated with tpm2tss-genkey HOT 2
- Inconsistency between written and read values when accessing PCR HOT 3
- reduce unnecessary overhead of Tbsi_Get_TCG_Log HOT 1
- Missing ExtraData in Quote
- Use `crypto/ecdh` for tpmdirect HOT 5
- Darwin ? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-tpm.