Hi Roberto, On Thu, 2021-05-20 at 10:57 +0200, Roberto Sassu wrote: > This patch introduces the new template field evmxattrs, which contains the > number of EVM protected xattrs (u32 in little endian), the xattr names > separated by \0, the xattr lengths (u32 in little endian) and the xattr > values. Xattrs can be used to verify the EVM portable signature, if it was > included with the template fields sig or evmsig. Verifying the file data hash and the template data hash, the value extended into the TPM, are straight forward. In the first case all that is needed is the public key, and in the other case the length of the template data. Verifying the template data hash doesn't require any knowledge of the template data format. All that is needed is the length of the template data. This patch set provides all the necessary information for verifying the EVM portable signature, but it is so much more difficult. For example, the security xattrs are listed in whatever order listxattr returns, not the order in which the hash is calculated. Does the attestation server really need to know which xattrs are included or their length? If that information is important for the attestation server, then perhaps provide it separately from the xattrs data. I'm thinking the attestation server just needs the ability of verifying the EVM portable signature. As each field is prefixed with the field data length, the attestation server should be able to re-calculate the expected hash - xattrs, followed by the individual "misc" data fields. thanks, Mimi
