![]() ![]() When BIOS is performing measurements it will do so into all active PCR banks, depending on its capability to make these measurements. This option is available when the TPM Device option is set to PTT. In addition to that we know that a PCR can only be reset or extended. ![]() although with the IMA implementation does not support SHA-256 PCR banks yet, so the SHA-256 file hashes are extended into SHA-1 PCR registers. The measurement follows the equation below. 0 devices: Provides background about what happens when you switch PCR banks on TPM 2. If a bit is set, and the indicated PCR is present, then the TPM will add the digest of the PCR to the list of values to be written to pcrValues. SHA1 has been deprecated and will no longer be used. 0, PCR values extended with the same algorithm are stored in a location called bank. swtpm_setup has a -pcr-banks config switch to create a different configuration instead. 0 on ESXi (and yes, I ran in to this specifically!) My Servers. + * TCG EFI Protocol Specification defines the procedure to parse + * the event log. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |