本文介绍如何使用TPM模拟器代替TPM硬件,并通过编程修改PCR寄存器的值。通过示例代码展示了启动TPM模拟器、获取TPM和SRK句柄、设置SRK策略、读取和修改PCR寄存器的过程。
实验使用TPM_Emulator代替TPM硬件,原理是一样的。(学习网站:http://blog.youkuaiyun.com/buaa_shang/article/details/26157253)
1.登录系统后通过命令启动TPM模拟器:
sudo modprobe tpmd_dev
sudo tpmd -f -d clear
2.启动TrouSerS软件栈
sudo tcsd -e -f
//另外可创建一个文件夹,里面新建一个.c文件,可用vim编辑器编写,保存后,用gcc工具对.c文件进行编译,然后执行即可。
shm@shm-Junyi-M580:~$ mkdir myFiles
shm@shm-Junyi-M580:~$ cd myFiles/
shm@shm-Junyi-M580:~/myFiles$ vim tpm1.c
1 #include <stdio.h> 2 #include <string.h> 3 #include <stdlib.h> 4 #include <sys/stat.h> 5 #include <sys/types.h> 6 7 #include <tss/tss_error.h> 8 #include <tss/platform.h> 9 #include <tss/tss_defines.h> 10 #include <tss/tss_typedef.h> 11 #include <tss/tss_structs.h> 12 #include <tss/tspi.h> 13 #include <trousers/trousers.h> 14 15 #define Debug(message, tResult) printf("%s : %s\n", message, (char *)Trspi_Error_String(result)) 16 void printMenu(); 17 18 int main(int argc, char **argv) 19 { 20 TSS_HCONTEXT hContext; 21 TSS_HTPM hTPM; 22 TSS_HPCRS hPcrs; 23 TSS_HENCDATA hEncData; 24 TSS_HENCDATA hRetrieveData; 25 TSS_RESULT result; 26 TSS_HKEY hSRK = 0; 27 TSS_HPOLICY hSRKPolicy = 0; 28 TSS_UUID SRK_UUID = TSS_UUID_SRK; 29 30 BYTE wks[20]; 31 BYTE *pubKey; 32 UINT32 pubKeySize; 33 BYTE *rgbPcrValue; 34 UINT32 ulPcrLen; 35 BYTE *encData; 36 UINT32 encDataSize; 37 BYTE *outstring; 38 UINT32 outlength; 39 FILE *fout, *fin; 40 int i; 41 UINT32 j; 42 BYTE valueToExtend[250]; 43 int count = 0; 44 int pcrToExtend = 0; 45 46 47 memset(wks, 0, 20); 48 memset(valueToExtend, 0, 250); 49 50 //Pick the TPM you are talking to. 51 //In this case, it is the system TPM(indicated with NULL) 52 result = Tspi_Context_Create(&hContext); 53 Debug("Create Context", result); 54 55 result = Tspi_Context_Connect(hContext, NULL); 56 Debug("Context Connect", result); 57 58 //Get the TPM handle 59 result = Tspi_Context_GetTpmObject(hContext, &hTPM); 60 Debug("Get TPM Handle", result); 61 62 //Get the SRK handle 63 result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); 64 Debug("Get the SRK handle", result); 65 66 //Get the SRK policy 67 result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSRKPolicy); 68 Debug("Get the SRK policy", result); 69 70 //Then set the SRK policy to be the well known secret 71 result = Tspi_Policy_SetSecret(hSRKPolicy, TSS_SECRET_MODE_SHA1, 20, wks); 72 73 74 //输出所有PCR寄存器内的值 75 /*********************/ 76 for (j = 0; j < 24; j++) 77 { 78 result = Tspi_TPM_PcrRead(hTPM, j, &ulPcrLen, &rgbPcrValue); 79 printf("PCR %02d ", j); 80 for (i = 0; i < 19; i++) 81 printf("%02x", *(rgbPcrValue + i)); 82 printf("\n"); 83 } 84 /*********************/ 85 86 //Display each command line argument. 87 printf("\n Command line arguments:\n"); 88 for (count = 0; count <argc; count++) 89 printf("argv[%d] : %s\n", count, argv[count]); 90 91 //Examine command line arguments. 92 if (argc >= 3) 93 { 94 if (strcmp(argv[1],"-p") == 0) 95 { 96 pcrToExtend = atoi(argv[2]); 97 if (pcrToExtend < 0 || pcrToExtend > 23) 98 { 99 printMenu(); 100 return 0; 101 } 102 } 103 104 if (argc == 5) 105 { 106 if (strcmp(argv[3], "-v") == 0) 107 memcpy(valueToExtend, argv[4], strlen(argv[4])); 108 } 109 else //Use default value. 110 { 111 memcpy(valueToExtend, "abcdefghijklmnopqrst", 20); 112 } 113 } 114 else 115 { 116 printMenu(); 117 return 0; 118 } 119 120 //Extend the value 121 result = Tspi_TPM_PcrExtend(hTPM, pcrToExtend, 20, (BYTE *)valueToExtend, NULL, &ulPcrLen, &rgbPcrValue); 122 Debug("Extended the PCR", result); 123 124 //输出所有PCR寄存器内的值 125 /*********************/ 126 for (j = 0; j < 24; j++) 127 { 128 result = Tspi_TPM_PcrRead(hTPM, j, &ulPcrLen, &rgbPcrValue); 129 printf("PCR %02d ", j); 130 for (i = 0; i < 19; i++) 131 printf("%02x", *(rgbPcrValue + i)); 132 printf("\n"); 133 } 134 /*********************/ 135 136 137 //Clean up 138 Tspi_Context_FreeMemory(hContext, NULL); 139 Tspi_Context_Close(hContext); 140 141 return 0; 142 } 143 144 void printMenu() 145 { 146 printf("\nChangePCRn Help Menu:\n"); 147 printf("\t -p PCR regiter to extend(0-23)\n"); 148 printf("\t -v Value to be extended into PCR(abc...)\n"); 149 printf("\t Note: -v argument is optional and a default value will be used if no value is provided\n"); 150 printf("\t Example: ChangePCRn -p 10 -v abcdef\n"); 151 }
shm@shm-Junyi-M580:~/myFiles$ ls -al
总用量 12
drwxrwxr-x 2 shm shm 4096 10月 23 20:43 .
drwxr-xr-x 40 shm shm 4096 10月 23 20:43 ..
-rw-rw-r-- 1 shm shm 3608 10月 23 20:43 tpm1.c
shm@shm-Junyi-M580:~/myFiles$ gcc tpm1.c -o tpm1 -ltspi
shm@shm-Junyi-M580:~/myFiles$ ./tpm1 -p 0
//注:通过-p选项指定要修改的PCR寄存器的序号(此处为PCR0,只是为了演示,PCR0用来存放可信启动过程中的度量值)
//下图为程序输出的没有修改前PCR寄存器内值的情况:
Create Context : Success
Context Connect : Success
Get TPM Handle : Success
Get the SRK handle : Success
Get the SRK policy : Success
PCR 00 00000000000000000000000000000000000000
PCR 01 00000000000000000000000000000000000000
PCR 02 00000000000000000000000000000000000000
PCR 03 00000000000000000000000000000000000000
PCR 04 00000000000000000000000000000000000000
PCR 05 00000000000000000000000000000000000000
PCR 06 00000000000000000000000000000000000000
PCR 07 00000000000000000000000000000000000000
PCR 08 00000000000000000000000000000000000000
PCR 09 00000000000000000000000000000000000000
PCR 10 00000000000000000000000000000000000000
PCR 11 00000000000000000000000000000000000000
PCR 12 00000000000000000000000000000000000000
PCR 13 00000000000000000000000000000000000000
PCR 14 00000000000000000000000000000000000000
PCR 15 00000000000000000000000000000000000000
PCR 16 ffffffffffffffffffffffffffffffffffffff
PCR 17 ffffffffffffffffffffffffffffffffffffff
PCR 18 ffffffffffffffffffffffffffffffffffffff
PCR 19 ffffffffffffffffffffffffffffffffffffff
PCR 20 ffffffffffffffffffffffffffffffffffffff
PCR 21 ffffffffffffffffffffffffffffffffffffff
PCR 22 ffffffffffffffffffffffffffffffffffffff
PCR 23 ffffffffffffffffffffffffffffffffffffff
//修改成功后的PCR值输出: 可见PCR0中160bit值被修改了。(通过PCR_Extend操作后所有PCR寄存器内值的情况:
Command line arguments:
argv[0] : ./tpm1
argv[1] : -p
argv[2] : 0
Extended the PCR : Success
PCR 00 30b94d3d773fe9349dba938c5ced5981b95220
PCR 01 00000000000000000000000000000000000000
PCR 02 00000000000000000000000000000000000000
PCR 03 00000000000000000000000000000000000000
PCR 04 00000000000000000000000000000000000000
PCR 05 00000000000000000000000000000000000000
PCR 06 00000000000000000000000000000000000000
PCR 07 00000000000000000000000000000000000000
PCR 08 00000000000000000000000000000000000000
PCR 09 00000000000000000000000000000000000000
PCR 10 00000000000000000000000000000000000000
PCR 11 00000000000000000000000000000000000000
PCR 12 00000000000000000000000000000000000000
PCR 13 00000000000000000000000000000000000000
PCR 14 00000000000000000000000000000000000000
PCR 15 00000000000000000000000000000000000000
PCR 16 ffffffffffffffffffffffffffffffffffffff
PCR 17 ffffffffffffffffffffffffffffffffffffff
PCR 18 ffffffffffffffffffffffffffffffffffffff
PCR 19 ffffffffffffffffffffffffffffffffffffff
PCR 20 ffffffffffffffffffffffffffffffffffffff
PCR 21 ffffffffffffffffffffffffffffffffffffff
PCR 22 ffffffffffffffffffffffffffffffffffffff
PCR 23 ffffffffffffffffffffffffffffffffffffff
shm@shm-Junyi-M580:~/myFiles$
扫一扫
500
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
