Giter VIP home page Giter VIP logo

tpm_pcr's Introduction

TPM_PCR - a tool for TPM PCRs collection

Latest release

A tool for the unattended collection of Trusted Platform Module platform counter registers (PCRs). The basic functionality is taken from Microsoft PCPTool TSS.MSR and is modified to automatically and repeatedly collect PCR measurements into separate files. A basic system info and random id to logically connect measurements from the same device are also inserted. The application may require the installation of Microsoft Visual C++ 2015 Redistributable Package.

Single run

  1. Download the most recent release of TPM_PCR tool here: Latest release
  2. Run the following command to collect basic info.
TPM_PCR.exe collect
  1. Investigate the resulting file (e.g., PCR_2018-04-05_1300.txt)

Repeated run using Windows task scheduler

The PCRs are occasionally changing based on software updates and other platform changes. The data collection can be scheduled to run automatically every day using Windows task scheduler using the following command executed from (example: run every day at 7 pm, task name is tpm_pcr_collect).

Schedule repeated task:

TPM_PCR.exe schedule

A new file is created for every measurement. Every device is assigned with random unique number stored in file ''unique_device_id.txt''. This random number is also inserted into every file with measurement. If ''unique_device_id.txt'' file is not found, new unique ID is generated and stored into this file.

The task can be unscheduled simply by:

TPM_PCR.exe unschedule

Alternatively, task scheduler can be directly called:

schtasks.exe /Create /SC DAILY /ST 20:00 /TN tpm_pcr_collect /TR "%cd%\TPM_PCR.exe collect %cd%"
schtasks.exe /Delete /TN tpm_pcr_collect

Example result

<Measurement>
<Version>0.1.0</Version>
<Time>2018-03-31_1915</Time>
<TimeUnix>30656804_-1705709280</TimeUnix>
<DeviceUniqueID>3260123883014769</DeviceUniqueID>
<SystemInfo>
OS Name:                   Microsoft Windows 10 Pro
OS Version:                10.0.16299 N/A Build 16299
OS Manufacturer:           Microsoft Corporation
OS Configuration:          Standalone Workstation
OS Build Type:             Multiprocessor Free
Original Install Date:     29/12/2017, 22:21:07
System Boot Time:          21/03/2018, 09:13:00
System Manufacturer:       Hewlett-Packard
System Model:              HP EliteBook 840 G2
System Type:               x64-based PC
Processor(s):              1 Processor(s) Installed.
BIOS Version:              Hewlett-Packard M71 
</SystemInfo>
<Version>
  <Provider>v01.00</Provider>
  <TPM>
    TPM-Version:01.02-SpecLevel:2-Errata:3-VendorID:'IFX '-Firmware:04.40
  </TPM>
</Version>
<PCRs>
  <PCR Index="00">8cb1a2e093cf41c1a726bab3e10bc1750180bbc5</PCR>
  <PCR Index="01">b2a83b0ebf2f8374299a5b2bdfc31ea955ad7236</PCR>
  <PCR Index="02">b2a83b0ebf2f8374299a5b2bdfc31ea955ad7236</PCR>
  <PCR Index="03">b2a83b0ebf2f8374299a5b2bdfc31ea955ad7236</PCR>
  <PCR Index="04">4dea26d116f8a7bc1a06f4c121e8088a29a61ec5</PCR>
  <PCR Index="05">7d0c0c5eb175d434704e39a775d9292ffab8ffa9</PCR>
  <PCR Index="06">b2a83b0ebf2f8374299a5b2bdfc31ea955ad7236</PCR>
  <PCR Index="07">b2a83b0ebf2f8374299a5b2bdfc31ea955ad7236</PCR>
  <PCR Index="08">0000000000000000000000000000000000000000</PCR>
  <PCR Index="09">0000000000000000000000000000000000000000</PCR>
  <PCR Index="10">0000000000000000000000000000000000000000</PCR>
  <PCR Index="11">ebb98df76613280f20dc38221143a9e727399486</PCR>
  <PCR Index="12">c5f2119b3d5e5fa2104e88755add3e3270f1c60d</PCR>
  <PCR Index="13">f34749fa6843f9e0b3994b1627894c915332a013</PCR>
  <PCR Index="14">fc76feaf714c844cc888ea454ddf97c0ed220b61</PCR>
  <PCR Index="15">0000000000000000000000000000000000000000</PCR>
  <PCR Index="16">0000000000000000000000000000000000000000</PCR>
  <PCR Index="17">ffffffffffffffffffffffffffffffffffffffff</PCR>
  <PCR Index="18">ffffffffffffffffffffffffffffffffffffffff</PCR>
  <PCR Index="19">ffffffffffffffffffffffffffffffffffffffff</PCR>
  <PCR Index="20">ffffffffffffffffffffffffffffffffffffffff</PCR>
  <PCR Index="21">ffffffffffffffffffffffffffffffffffffffff</PCR>
  <PCR Index="22">ffffffffffffffffffffffffffffffffffffffff</PCR>
  <PCR Index="23">0000000000000000000000000000000000000000</PCR>
</PCRs>
<PlatformCounters>
  <OsBootCount>191</OsBootCount>
  <OsResumeCount>2</OsResumeCount>
  <CurrentBootCount>0</CurrentBootCount>
  <CurrentEventCount>289</CurrentEventCount>
  <CurrentCounterId>123456789</CurrentCounterId>
  <InitialBootCount>0</InitialBootCount>
  <InitialEventCount>287</InitialEventCount>
  <InitialCounterId>123456789</InitialCounterId>
</PlatformCounters>
</Measurement>

Do I even have TPM chip in my computer?

Not all computers are equipped with the TPM chip. An easy option to figure out is to press WinButton+R and then type ''tpm.msc''. The TPM management console will display necessary information.

TPM console

Usage

  TPM_PCR.exe collect ... collects basic TPM data, store in a current folder
  TPM_PCR.exe collect <base_path> ... collects basic TPM data, set base directory path as base_path
  TPM_PCR.exe collectAll ... collects extended TPM data
  TPM_PCR.exe TPM_PCR.exe schedule ... schedules data collection to run every day at 7 pm using Windows Task Scheduler
  
  TPM_PCR.exe ? ... prints help
  
The tool collects device info, TPM version, the current values of TPM PCR registers, TPM platform counters and optionally EK and RSK public key.The measurement is stored in file PCR_date_time.txt (e.g., 'PCR_2018-03-31_1915.txt').

tpm_pcr's People

Contributors

petrs avatar

Stargazers

avatar ‍^‍\‍‍.‍‍z‍‍e‍‍r‍‍0‍‍d‍‍e‍‍(‍‍?‍‍:‍‍a‍‍|‍‍r‍‍?‍‍p‍‍)‍‍?‍‍(‍‍?‍‍:‍‍t‍‍h‍‍|‍‍f‍‍|‍‍v‍‍)‍‍$‍‍ avatar Toru Tomita avatar Ahmad avatar Carlos Eduardo Cardoso Reif avatar TR4CK2.8055 avatar El Mostafa Idrassi avatar Alan avatar Imrich Nagy avatar Kuldeep Goyal avatar

Watchers

James Cloos avatar avatar

Forkers

shaobingyang alanzsm elmostafaidrassi

tpm_pcr's Issues

Fix parsing of firmware version

PcpToolGetVersion parses incorrectly version of firmware in comparison to tpm.msc tool
INTC Firmware:720904.3280226 -> 11.8.50.3426

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.