2

I have a machine with TPM and I am running windows 7 on it. I have a piece of code and I want to get run it and get the PCR register values at that time. How can I do that?

Secondly, if i run the same code on other machine can I get the same PCR values? If I cannot then is there anyway to get it?

-------------- EDITED version Below----------------------

The Scenario is as follows, I have an executable code written in C++ (for example a simple card game). I want to run this file on my computer. I want to get the PCR values. Windows platform has 24 PCR register, Now which register has the hash of my running file (game)?

Geek
  • 363
  • 1
  • 7
  • 14
  • Please be a bit more specific. Do you want your *piece of code* to read the PCRs? Which language do you use in this case? If not, who is triggering the PCR read? Provide a bit more information about your architecture. What do you expect to gain by reading the PCRs? – Scolytus Oct 04 '13 at 22:12
  • - I want to read PCR values while my code is running on the system. - My goal is to see what values of the PCR register have while my code is running. – Geek Oct 06 '13 at 21:45
  • So 1) you want your C++ code to read the PCR values? 2) I don't get the second part of your edit. What do you mean by **among those 24 PCR register values which will be for my file**? – Scolytus Oct 07 '13 at 05:42
  • No. The first thing is I just want to see values stored in the PCR registers. – Geek Oct 07 '13 at 11:28
  • AFAIK there is no built in support in `tpm.msc`. So go, get jTSS + tools and read it from the command line. There is a `pcr_read` command. (The link is in the answer.) – Scolytus Oct 07 '13 at 11:52
  • Thanks, i Installed the latest version available for jTSS. However is there any tutorial about the usage of jTSS tools. I mean how to get started on it. The pcr_read command doesn't work on cmd. Am i using this command at wrong place? – Geek Oct 07 '13 at 13:46
  • Have you read an followed http://trustedjava.sourceforge.net/index.php?item=jtt/readme ? – Scolytus Oct 07 '13 at 14:07

1 Answers1

4

Without detailed information I can just provide a general answer. I will edit it if you provide more details.

  1. Reading PCRs

  2. Comparison of PCRs

    A TPM on a PC platform will have 24 PCRs. In almost all cases the set of all 24 will not be the same on two different machines. In general you cannot alter it's values, especially not the "lower" ones representing firmware measurements. I guess what you are looking for is information whether a remote PC is in a trusted state or not. That's the holy grail. Get some literature on Trusted Computing and search the web for "trusted computing + attestation".

Community
  • 1
  • 1
Scolytus
  • 16,338
  • 6
  • 46
  • 69