TPM PCR Generation in Windows

Question

I have a machine with TPM and I am running windows 7 on it. I have a piece of code and I want to get run it and get the PCR register values at that time. How can I do that?

Secondly, if i run the same code on other machine can I get the same PCR values? If I cannot then is there anyway to get it?

-------------- EDITED version Below----------------------

The Scenario is as follows, I have an executable code written in C++ (for example a simple card game). I want to run this file on my computer. I want to get the PCR values. Windows platform has 24 PCR register, Now which register has the hash of my running file (game)?

Answer 1

Without detailed information I can just provide a general answer. I will edit it if you provide more details.

1. Reading PCRs

   • There is a low-level Windows API you can use. Look at this question and its answer: Controlling TPM with C#.

     Basically look at the documentation of TPM Base Services (TBS). You will need to implement the read command on your own.

   • If you have a Java application, use JSR321 or jTSS.

   • There is an experimental port of TrouSerS for Windows.

2. Comparison of PCRs

   A TPM on a PC platform will have 24 PCRs. In almost all cases the set of all 24 will not be the same on two different machines. In general you cannot alter it's values, especially not the "lower" ones representing firmware measurements. I guess what you are looking for is information whether a remote PC is in a trusted state or not. That's the holy grail. Get some literature on Trusted Computing and search the web for "trusted computing + attestation".