Proof-of-concept implementation of the "Challenge/Response Remote Attestation" interaction model of the IETF RATS Reference Interaction Models for Remote Attestation Procedures using TPM 2.0.
BSD 3-Clause "New" or "Revised" License
27
stars
20
forks
source link
Implemented parsing of multiple sets of reference PCR values from a file and selection of PCRs via CLI #40
PCR indexes are identified by the number at the start of the line. PCR indexes are allowed to be missing if they are not in the PCR selection. PCR indexes are expected to be in order inside their set. Multiple sets of PCR values are expected to be seperated by empty newlines.
The selection of PCRs can be changed by calling the verifier with e.g '--pcr-selection=0,1,2,10'.
Additionally the helper functions for printing hex and string values were extended to use a log level. The log level gets passed as an argument. Internally these functions no longer call printf, instead they call charra_log_log_raw, which behaves the same as charra_log_log but does not append file name, timestamp or newline to the output.
This PR also includes the commit to externalize IMA event log reading from #39.
The reference file is expected to be in the same format as the output of tpm2_pcrread for the SHA256 values, e.g.:
PCR indexes are identified by the number at the start of the line. PCR indexes are allowed to be missing if they are not in the PCR selection. PCR indexes are expected to be in order inside their set. Multiple sets of PCR values are expected to be seperated by empty newlines.
The selection of PCRs can be changed by calling the verifier with e.g '--pcr-selection=0,1,2,10'.
Additionally the helper functions for printing hex and string values were extended to use a log level. The log level gets passed as an argument. Internally these functions no longer call printf, instead they call charra_log_log_raw, which behaves the same as charra_log_log but does not append file name, timestamp or newline to the output. This PR also includes the commit to externalize IMA event log reading from #39.