StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>Without detailed information I can just provide a general answer. I will edit it if you provide more details.</p> <ol> <li><p><strong>Reading PCRs</strong></p> <ul> <li><p>There is a low-level Windows API you can use. Look at this question and its answer: <a href="https://stackoverflow.com/questions/3795337/controlling-tpm-with-c-sharp">Controlling TPM with C#</a>.</p> <p>Basically look at the documentation of <a href="http://msdn.microsoft.com/en-us/library/aa446796%28v=vs.85%29.aspx" rel="nofollow noreferrer">TPM Base Services (TBS)</a>. You will need to implement the read command on your own.</p></li> <li><p>If you have a Java application, use <a href="https://jsr321.java.net/" rel="nofollow noreferrer">JSR321</a> or <a href="http://trustedjava.sourceforge.net/" rel="nofollow noreferrer">jTSS</a>.</p></li> <li><p>There is an experimental port of <a href="http://security.polito.it/trusted-computing/trousers-for-windows/" rel="nofollow noreferrer">TrouSerS for Windows</a>.</p></li> </ul></li> <li><p><strong>Comparison of PCRs</strong></p> <p>A TPM on a PC platform will have 24 PCRs. In almost all cases the set of all 24 will not be the same on two different machines. In general you cannot alter it's values, especially not the "<em>lower</em>" ones representing firmware measurements. I guess what you are looking for is information whether a remote PC is in a trusted state or not. That's the holy grail. Get some literature on Trusted Computing and search the web for "<em>trusted computing + attestation</em>".</p></li> </ol>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload