Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wrong byte order for serialized integers in tpm2_quote/tpm2_checkquote PCR output file #3447

Open
fblaese opened this issue Dec 17, 2024 · 1 comment

Comments

@fblaese
Copy link

fblaese commented Dec 17, 2024

The integers in the TPML_PCR_SELECTION struct of the PCR output file (serialized) of tpm2_quote are written in little-endian byte order. On the other hand, the quote message (type TPMS_ATTEST) generated by the TPM with tpm2_quote -m <msg_file> also contains the same TPML_PCR_SELECTION, but in big-endian byte order (data is generated by the TPM).

According to the TPM 2.0 specification [TPM 2.0 Part 1, 7.4.1], integers shall be written in big-endian byte order when marshaling buffers.

The little-endian byte order makes the output format of tpm2_quote and the input format for tpm2_checkquote incompatible with other libraries (i.e. go-tpm).

@fblaese
Copy link
Author

fblaese commented Dec 17, 2024

It looks like this behavior is somewhat intentional to preserve compatibility: #2228

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant