2:09 a.m.
I was playing around with tpm2_pcrlist and noticed it supports SHA-1, SHA-256, SHA-384,
but SHA-512 is missing:
tumalo ~/tpm/bin$ tpm2_pcrlist -L sha512:22
WARN: Ignore unsupported bank/algorithm: sha512(0x000d)
ERROR: Unable to run tpm2_pcrlist
tumalo ~/tpm/bin$ tpm2_pcrlist -L sha384:22
sha384:
22:
0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Then I look in the man page and see SHA-512 is supported.
Is this a bug or a feature?
There's also bugs in the man page example, but I will fix that separately.
Dan
4:17 a.m.
On 05/10/2018 10:09 AM, Anderson, Daniel wrote:
I was playing around with tpm2_pcrlist and noticed it supports SHA-1,
SHA-256, SHA-384, but SHA-512 is missing:
tumalo ~/tpm/bin$ tpm2_pcrlist -L sha512:22
WARN: Ignore unsupported bank/algorithm: sha512(0x000d)
ERROR: Unable to run tpm2_pcrlist
tumalo ~/tpm/bin$ tpm2_pcrlist -L sha384:22
sha384:
22:
0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Then I look in the man page and see SHA-512 is supported.
Is this a bug or a feature?
It is supported, but it looks like the TPM simulator doesn't support SHA512 by
default:
Implementation.h:
#define ALG_SHA256 ALG_YES
#define ALG_SHA384 ALG_YES
#define ALG_SHA512 ALG_NO
...
5:34 a.m.
OK Thanks!--not a big deal if it's just a simulator issue.
I could see the simulator not supporting SHA-3, since it is relatively new and perhaps
unknown, but it's funny that SHA-384 is supported but not SHA-512, since they are very
similar.
Dan
...
4:04 a.m.
Hey,
Not sure it is the same simulator, but I'm using
https://github.com/stefanberger/libtpms/tree/tpm2-preview.rev146.v2 and after SHA-512 was
enabled (yesterday) tpm2_pcrlist is crashing with this error:
WARNING:marshal:src/tss2-mu/tpml-types.c:197:Tss2_MU_TPML_PCR_SELECTION_Unmarshal() count
too big
ERROR: Tss2_Sys_GetCapability(0x80011) - sys:Response is malformed
ERROR: Unable to run tpm2_pcrlist
Anyone has seen this happening too?
Ricardo
Ricardo Araújo Santos -
www.lsd.ufcg.edu.br/~ricardo
M.Sc in Computer Science at UFCG - www.ufcg.edu.br
Researcher and Developer at Distributed Systems Laboratory - www.lsd.ufcg.edu.br
Paraíba - Brasil
----- Mensagem original -----
De: "Anderson, Daniel" <daniel.anderson(a)intel.com>
Para: tpm2(a)lists.01.org
Enviadas: Quinta-feira, 10 de maio de 2018 17:34:16
Assunto: Re: [tpm2] PCR missing SHA-512 support
OK Thanks!--not a big deal if it's just a simulator issue.
I could see the simulator not supporting SHA-3, since it is relatively new and perhaps
unknown, but it's funny that SHA-384 is supported but not SHA-512, since they are very
similar.
Dan
...
_______________________________________________
tpm2 mailing list
tpm2(a)lists.01.org
https://lists.01.org/mailman/listinfo/tpm2
6:02 a.m.
Ricardo,
No I have not seen that before.
This is just a hunch. But I suspect that the code needs to be recompiled with your
simulator (or real TPM).
Some more information would be useful--does your TPM (real or virtual or simulated) have a
SHA-512 PCR bank?
Did you compile it on the same machine? Or did you compile elsewhere or use a precompiled
package or something like that?
Dan
From: Ricardo Araújo [mailto:ricardo@lsd.ufcg.edu.br]
Not sure it is the same simulator, but I'm using
https://github.com/stefanberger/libtpms/tree/tpm2-preview.rev146.v2 and after SHA-512 was
enabled (yesterday) tpm2_pcrlist is crashing with this error:
WARNING:marshal:src/tss2-mu/tpml-types.c:197:Tss2_MU_TPML_PCR_SELECTION_Unmarshal() count
too big
ERROR: Tss2_Sys_GetCapability(0x80011) - sys:Response is malformed
1013
days inactive
1027
days old
4 comments
3 participants
participants (3)
-
Anderson, Daniel -
Ricardo Araújo -
Tadeusz Struk