TCG BIOS DOS Test Tool

  • Article

Overview

This test validates the functions of the Trusted Computing Group (TCG) Int 1Ah, sub-function BBh, the interface that the BitLocker Drive Encryption (BDE) feature of Microsoft Windows Vista and later operating systems depends on.

 

Note  This is a test tool intended to speed up TCG BIOS development and does not have to be run to meet a Windows Logo requirement.

Note  This test applies to client only.

Details

This TCG BIOS development test tool is shipped with the WDK as a precompiled, 16-bit DOS application that must be copied to a removable media system boot device before the test can be run. The system under test is then booted from this removable media to run the test. For more information, see "Test Tool Procedure Details."

Run Time: 
Log File: 
System Restart Required: 
Test Category: 
Supported operating systems for Logo or Signature testing:

  • MS-DOS
  • Windows 7

Program: 

Requirements

Software Requirements

The test tool requires the following software:

  • Supported operating system (see list above).

Hardware Requirements

The test tool requires the following hardware:

  • Device to be tested

  • Computer that meets the minimum software requirements

  • Windows keyboard

  • Two-button pointing device

  • Color display monitor capable of at least 1024 by 768 resolution, 32-bits per pixel, 60 Hz

  • BIOS that implements the TCG-specified INT 1Ah, sub-function BBh, interface

  • TPM 1.2

  • Removable Boot Device

Processor

  • x86
  • X64

Running TCG BIOS DOS Test Tool

Hardware state preconditions for running the test:

  • The TPM_ACCESS_0.activeLocality must equal 1. (This test tool assumes the active locality is locality zero and it does not attempt to make locality zero active before sending a locality zero command to the TPM. Fortunately, this is the default state for the TPM when initial program loader code begins running.)

 

Part 1 -- How to install and run the test:

=========================

Step 1: Copy the tcgbios.exe binary to a removable boot device. The removable boot device options are to copy the tcgbios.exe file to an MS-DOS disk, a CD-ROM or a DVD that emulates an MS-DOS floppy, or a USB removable storage device that starts the system to an MS-DOS prompt.

 

Step 2: Start the system under test from the removable start device that you created in Step 1 and that contains the tcgbios.exe file.

 

Step 3: Run the test to make sure BIOS does not hang. At the MS-DOS prompt, enter tcgbios.exe; if the test returns with an MS-DOS prompt, go to step 4.

 

Step 4: Run the test to get a test results log.

 

Step 4a: Reboot the system from the removable start device that contains the tcgbios.exe file.

 

Step 4b: At the MS-DOS prompt, enter tcgbios.exe > tcgbios.log. (NOTE: If you used a read-only optical media for the removable start device that contains the tcgbios.exe file, you will have to redirect the output log to a writable media.)

 

Step 5: Interpret the test results log. Look at the last page of the test results log. If all tests passed, the last entry will read:

 

****       Tests complete      ****

All tests passed!

 

IMPORTANT: You have to restart the system in order to re-run the test.

 

Part 2 -- Interpreting the test results log

==============================================

To fully interpret the test results log, you will need the TCG PC Client Implementation for Conventional BIOS Spec, particularly section 12; Application Level Interface; and the TCG TPM Main Specification, particularly Part 3, in front of you. These specifications can be downloaded from the TCG public website Dd424551.internet_link_sm(en-us,MSDN.10).gifTrusted Computing Group.

 

The test results log is subdivided into the following parts, in sequence, from top to bottom:

 

 ****            StatusCheck              ****

 

 ****              Read PCR                ****

 

 ****             Extend PCR               ****

 

 ****                Hash All                 ****

 

 **** CompactHashLogExtendEvent ****

 

 ****   ShutdownPreBootInterface   ****

 

The rest of this readme file gives more details about each of these major parts of the test.

 

****        StatusCheck        ****

---------------------------------------------------------

This part of the test is the first call to the BIOS TCG INT 1Ah, sub-function BBh, application interface. This test verifies general information about the BIOS implementation of the interface by calling the TCG_StatusCheck function (see section 12.5 of the TCG BIOS specification):

 

  1. (a) The BIOS implements the v1.2 INT 1Ah, sub-function BBh, application interface; if EAX = 0 upon return from this call, the system supports the TCG BIOS calls required by BitLocker.

  4. (b) The BIOS implements v1.2 of the interface that is required by BitLocker; if CH = 01 and CL = 02, then this BIOS implements v1.2.

  5.  

  6. This part of the test also validates:

    (c) The BIOS implements, specifically, the TCG_StatusCheck function; if CF = 0, this BIOS implements that function.

    (d) An indication that the BIOS implements event logging; if EDI <> 0 and EDI <> ESI, this indicates the BIOS implements event logging.

 

If this test passes, the results in the log will be as shown below (NOTE: The values shown for ESI and EDI are examples only; the important fact is that EDI <> 0 and EDI <> ESI).

PASS: EAX = 0 Call succeeded!

PASS: Carry flag not set

PASS: TCG BIOS Version in CX is 01.02

PASS: Event Log (ESI) = 0x1f582f9a (NOTE: this is just an example value for ESI)

PASS: Last Log entry (EDI) is at 0x1f5842f0 (NOTE: this is just an example value for EDI)

PASS: Feature flag is 0x00000000

 

****          Read PCR         ****

---------------------------------------------------------

This part of the test is a sequence of calls to the TCG_PassTroughToTPM function (see section 12.7 of the TCG BIOS Spec) that reads the values of PCR 0 through 5 and the values of PCR 8 through 16 from the TPM; each call to TCG_PassThroughToTPM returns the value of one PCR.

 

This test executes at a step in the startup process that a TCG compliant BIOS should have measured pre-OS code and data components into PCRs 0, 1, 2, 3, 4, and 5 and kept PCRs 8, 9, 10, 11, 12, 13, 14, 15, and 16 cleared; so this test checks for non-zero values in PCR 0 through 5 and zero values in PCR 8 through 16. For more information, see sections 3.2.3, 3.2.3.1, 3.2.3.2, 3.2.3.3, 3.2.3.4, 3.2.3.5, 3.2.3.6, and 3.2.3.9 of the TCG BIOS Spec.

 

If this test passes, the test results are shown below. (NOTE: The values shown for the 20-byte values read from each PCR are examples only and just show the first two bytes and last two bytes of the 20 byte value.)

 

PASS: ReadPCR call succeeded

PASS: BIOS is extended in PCR[00]=42f6 ... 310f

 

PASS: ReadPCR call succeeded

PASS: NVRAM is extended in PCR[01]=e7dd ... d2f0

 

PASS: ReadPCR call succeeded

PASS: OptionROM is extended in PCR[02]=39d5 ... 1922

 

PASS: ReadPCR call succeeded

PASS: OptionROM data is extended in PCR[03]=3a3f ... 2275

 

PASS: ReadPCR call succeeded

PASS: IPL is extended in PCR[04]=ef92 ... 4dff

 

PASS: ReadPCR call succeeded

PASS: IPL data is extended into PCR[05]=3a3f ... 2275

 

PASS: ReadPCR call succeeded

PASS: Static OS PCR[08] is clear

 

PASS: ReadPCR call succeeded

PASS: Static OS PCR[08] is clear

 

PASS: ReadPCR call succeeded

PASS: Static OS PCR[09] is clear

 

PASS: ReadPCR call succeeded

PASS: Static OS PCR[10] is clear

 

PASS: ReadPCR call succeeded

PASS: Static OS PCR[11] is clear

 

PASS: ReadPCR call succeeded

PASS: Static OS PCR[12] is clear

 

PASS: ReadPCR call succeeded

PASS: Static OS PCR[13] is clear

 

PASS: ReadPCR call succeeded

PASS: Static OS PCR[14] is clear

 

PASS: ReadPCR call succeeded

PASS: Static OS PCR[15] is clear

 

PASS: ReadPCR call succeeded

PASS: Debug PCR[16] is clear

 

****        Extend PCR         ****

---------------------------------------------------------

This test uses the TCG_PassThroughToTPM function and the TCG_HashAll function (see section 12.10 of the TCG BIOS Specification) to validate that the extension of a PCR with the hash value of a buffer full of data works correctly. PCR[16] is used for this test.

 

This test has 4 sequential steps:

  1. 1. Call TCG_PassThroughToTPM to read initial value of PCR 16; this step passes if PCR 16 is clear.

  4. 2. Call TCG_PassThroughToTPM to extend PCR 16 with the hash of the contents of a data buffer; the extended value is returned.

  7. 3. Call TCG_HashAll to hash the contents of the same data buffer and then compare the result with the extended value returned in step 2.

  10. 4. Call TCG_PassThroughToTPM to clear PCR 16.

 

If this test passes, the test results are shown below. (NOTE: The values shown for 20-byte hash values are examples only and just show the first two bytes and last two bytes of the 20 byte value).

 

PASS: Read initial value of PCR[16], it is cleared

 

PASS: Extended PCR[16]=ccd5 ... 5acf

 

PASS: Expected PCR[16]=ccd5 ... 5acf

PASS: PCR[16] extended correctly

 

PASS: PCR[16] cleared

 

****         HashAll           ****

---------------------------------------------------------

This test calls the TCG_HashAll function three times. For each call, the contents and length of the data buffer to be hashed are different, but known, values. This enables the test code to compare the hash value returned by each TCG_HashAll function call with an expected correct result.

 

If this test passes, the test results are:

 

PASS: Test vector correct

PASS: Test vector correct

PASS: Test vector correct

 

**** CompactHashLogExtendEvent ****

---------------------------------------------------------

This test validates the TCG_CompactHashLogExtendEvent function is implemented correctly by the BIOS.

 

This test has 5 sequential steps:

  1. 1. Call TCG_PassThroughToTPM to read the initial value of PCR 16; this step passes if PCR 16 is clear.

  4. 2. Call TCG_HashLogExtendEvent to extend the hash value of known data buffer into PCR 16; this step passes if the function returns a non-zero event log entry number in edx, which indicates that the function created the required EV_COMPACT_HASH event type event log entry.

  7. 3. Call TCG_HashAll to hash the data buffer used in step 2; this is the value that the TCG_HashLogExtendEvent function should have extended into PCR 16 in step 2.

  10. 4. Call TCG_PassThroughToTPM to read the current value of PCR 16; this step passes if this value is equal to the hash value calculated in step 3.

  13. 5. Call TCG_PassThroughToTPM to clear PCR 16.

 

If this test passes, the test results are shown below. (NOTE: The values shown for 20-byte hash values are examples only and just show the first two bytes and last two bytes of the 20 byte value.)

 

PASS: Read initial value of PCR[16], it is cleared

 

PASS: Event has ID 1 (NOTE: '1' is just an example, this may be any non-zero value)

 

PASS: Expected PCR[16]=ccd5 ... 5acf

 

PASS: Read PCR[16]=ccd5 ... 5acf

PASS: PCR[16] extended correctly

 

PASS: PCR[16] cleared

 

**** ShutdownPreBootInterface ****

---------------------------------------------------------

This test validates that the TCG_ShutdownPreBootInterface function (see section 12.8 of the TCG BIOS Specification).

 

This test has three sequential steps:

  1. 1. Call TCG_StatusCheck to ensure that the INT 1Ah, sub-function BBh interface has not been shutdown before this test is run.

  4. 2. Call TCG_ShutdownPreBootInterface and check its return parameters for success.

  7. 3. Call TCG_StatusCheck to ensure the INT 1Ah, sub-function BBh interface, is no longer callable.

 

If this test passes, the test results are:

 

PASS: TCG API Present

 

PASS: Shutdown successful

 

PASS: TCG API no longer present

 

Code Tour

File Manifest

File Location
tcgbios.exe [WTT\TestBinRoot]\nttest\basetest\ngscb\tools

Test Assertions

Windows Logo Program: SYSFUND-0031 Systems implementing TPM support secure startup by using system firmware security enhancements

Send feedback on this topic
Built on December 10, 2009