Comments (4)
twitchy-jsonp
commented on August 15, 2024
ReadPCRs will return whatever the TPM gave you back:
Lines 151 to 180 in d331077
At a guess, it looks like your TPM responded to the command with a success response containing none of the PCRs.
This sounds like a hardware/firmware bug, though I will note that its not unusual to need to call this method multiple times to get a full set of PCRs. For example:
from go-tpm.
josephlr
commented on August 15, 2024
@lihanshang two questions:
- What happens if you only specify PCRs 0-7?
- What happens if you use the
sudo tpm2_pcrreadcommand fromtpm2-tools(Github Link, Centos Package).
from go-tpm.
chrisfenner
commented on August 15, 2024
From TPM Spec, Part 3: 22.4 TPM2_PCR_Read
The returned list may be empty if none of the selected PCR are implemented.
It sounds like only the SHA1 PCRs are currently implemented/enabled on your system. Typically, there is a BIOS option to toggle which banks are enabled. Can you check to see if your BIOS settings have some options for this?
from go-tpm.
lihanshang
commented on August 15, 2024
Hey Guys.
Thanks for your replies and I have some update:
So after I read the PCRs using SHA1, I was able to read using SHA256. To reproduce this I reboot the machine and try using SHA256 and it stopped working. It is like using SHA1 trigger something for SHA256.
Any idea about this behaviour?
Plus: I am using centos 7 with only tpm2-tools 3.x version on it. This is a remote host that I may not be able to check the BIOS.
Thank you very much!
from go-tpm.
Related Issues (20)
- reduce repetitive, nested structs by proving a defaults package HOT 1
- support passing []byte as TPM2B HOT 2
- Add a Compare function
- Load TSS2 Private Key generated with tpm2tss-genkey HOT 2
- Inconsistency between written and read values when accessing PCR HOT 3
- reduce unnecessary overhead of Tbsi_Get_TCG_Log HOT 1
- Missing ExtraData in Quote
- Use `crypto/ecdh` for tpmdirect HOT 5
- Darwin ? HOT 1
- EvictControl missing from new tpm2 HOT 10
- Consider an UnmarshalReader API for types
- HMAC Session not working HOT 2
- Support As(TPMRC) for format-1 errors.
- Support serialization of persistent handles HOT 1
- Support for RSAEncrypt and RSADecrypt commands HOT 1
- TPM Simulator reporting unrecognised command over socket
- Implement TPM2_HMAC_Start
- New Releases ?! HOT 7
- missing Name for 'SignHandle' parameter HOT 2
- cmdAuths not respecting auth value HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-tpm.