非root Android 设备用gdbserver进行native 调试的方法

一月 29th, 2016
没有root的设备,要使用gdbserver 调试app 会遇到权限问题。(emulator 没有问题)
1|shell@mako:/data/local/tmp $ ./gdbserver :1234 --attach 16907
Cannot attach to lwp 16907: Operation not permitted (1)
Exiting
Android 系统提供了一个run-as 命令来暂时切换用户,但是这个命令有限制,必须是app 打开了debuggable才行,否则会报 Package xx is not debuggable 的错误。
  1. 可以查看开发这自己应用的数据
  2. 可以使用gdb_server 进行native 的debug
我们的需求是第2个,我们希望可以使用gdb_server 来调试 app
shell@mako:/ $ run-as
Usage: run-as   []

shell@mako:/ $ 
shell@mako:/ $ run-as system_server /data/tmp/gdbserver --attach 596 :1234
run-as: Package 'system_server' is unknown
翻看源码,发现有下面 代码:
/* reject system packages */
if (userAppId < AID_APP) {
    panic("Package '%s' is not an application\n", pkgname);
}
/* reject any non-debuggable package */
if (!info.isDebuggable) {
    panic("Package '%s' is not debuggable\n", pkgname);
}
限制比较严格,调试系统app估计是没什么戏,root了应该就没有问题了。但是调试一般的app 还是没有问题的,用apktool 将 AndroidManifest.xml 的 debuggable 设置为true,重新 打包就可以进行native 的 debug 了。
下面以CVE-2014-7911的POC为例:
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.heen.CVE_2014_7911">

    <application
        android:allowBackup="true"
        android:debuggable="true"
        android:icon="@mipmap/ic_launcher"
        android:label="@string/app_name"
        android:theme="@style/AppTheme" >
        <activity
            android:name=".MainActivity"
            android:label="@string/app_name" >
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />

                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
    </application>

</manifest>
这个app 正好 android:debuggable=”true” 不用修改了,在模拟器上安装这个app。搭建 gdb调试环境, 分下面几个步骤走:
  1. 创建几个目录
mkdir ~/Android
mkidr ~/Android/system_lib
mkidr ~/Android/vendor_lib

  1. 将Android 设置上的lib下载到本地
cd ~/Android/system_lib/
adb pull /system/lib

cd ~/Android/vendor_lib/
adb pull /vendor/lib

cd ~/Android

# 在64位系统 /system/bin/app_process32 和 /system/bin/app_process64
adb pull /system/bin/app_process


cd ~/Android
adb pull /system/bin/linker

  1. 上传gdbserver
adb push $NDK_PATH/prebuilt/android-arm/gdbserver/gdbserver /data/local/tmp/gdbserver

环境基本搭建好了,测试一下 run-as 命令
> adb shell ps

...
u0_a86    16907 174   900568 38564 ffffffff 00000000 S com.heen.CVE_2014_7911
...

> adb shell run-as com.heen.CVE_2014_7911 id
uid=10086(u0_a86) gid=10086(u0_a86) groups=1003(graphics),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats) context=u:r:untrusted_app:s
已经切换过来了,uid 变了,挂上gdbserver
> adb shell run-as com.heen.CVE_2014_7911 /data/local/tmp/gdbserver :123 --attach 16907

Can't open socket: Permission denied.
Exiting
报了另外一个错误,还是不行,google 一翻发现有debug-pipe 参数,尝试了一下
> adb shell run-as com.heen.CVE_2014_7911 /data/local/tmp/gdbserver +debug-pipe --attach 16907
Attached; pid = 16907
Listening on Unix socket debug-pipe

恩,现在没有报错了,执行一下端口转发。
adb forward tcp:5039 localfilesystem:/data/data/com.heen.CVE_2014_7911/debug-pipe
> $NDK_PATH/toolchains/arm-linux-androideabi-4.9/prebuilt/linux-x86_64/bin/arm-linux-androideabi-gdb ~/Android/app_process 
GNU gdb (GDB) 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "--host=x86_64-linux-gnu --target=arm-linux-android".
For bug reporting instructions, please see:
...
Reading symbols from /home/henices/Android/app_process...(no debugging symbols found)...done.
(gdb) target remote :5039
Remote debugging using :5039
warning: Could not load shared library symbols for 100 libraries, e.g. /system/bin/linker.
Use the "info sharedlibrary" command to see the complete listing.
Do you need "set solib-search-path" or "set sysroot"?
warning: Unable to find dynamic linker breakpoint function.
GDB will be unable to debug shared library initializers
and track explicitly loaded dynamic code.
0x4013a73c in ?? ()

(gdb) info proc
process 16907
cmdline = 'com.heen.CVE_2014_7911'
cwd = '/'
exe = '/system/bin/app_process'

(gdb) set solib-search-path ~/Android:~/Android/system_lib/:~/Android/vendor_lib/
(gdb) info sharedlibrary
0x400f3a60  0x400fe79c  Yes (*)     /home/henices/Android/linker
0x40126070  0x401566ec  Yes (*)     /home/henices/Android/system_lib/libc.so
0x40174828  0x401749c8  Yes (*)     /home/henices/Android/system_lib/libstdc++.so
0x401798f0  0x4018c478  Yes (*)     /home/henices/Android/system_lib/libm.so
0x40114f50  0x40116490  Yes (*)     /home/henices/Android/system_lib/liblog.so
0x4010c38c  0x40110988  Yes (*)     /home/henices/Android/system_lib/libcutils.so
0x401acb1c  0x401af20c  Yes (*)     /home/henices/Android/system_lib/libgccdemangle.so
0x401a81d0  0x401a94ac  Yes (*)     /home/henices/Android/system_lib/libcorkscrew.so
0x4019b780  0x401a1f24  Yes (*)     /home/henices/Android/system_lib/libutils.so
0x401cbc50  0x401d5ba4  Yes (*)     /home/henices/Android/system_lib/libbinder.so
0x402955f0  0x4029585c  Yes (*)     /home/henices/Android/system_lib/libhardware.so
0x402925d0  0x40292834  Yes (*)     /home/henices/Android/system_lib/libmemtrack.so
0x402bbbf0  0x402cb80c  Yes (*)     /home/henices/Android/system_lib/libz.so
0x402a4240  0x402b23fc  Yes (*)     /home/henices/Android/system_lib/libandroidfw.so
0x402d6774  0x402e53a0  Yes (*)     /home/henices/Android/system_lib/libexpat.so
0x403083a8  0x4031e684  Yes (*)     /home/henices/Android/system_lib/libstlport.so


OK, 已经可以调试了。

MAC OS 10.10 转发端口的方法

一月 24th, 2016

mac os 10.10以上的开启端口转发-解决mac默认不开启102以上端口权限问题

本人 10.10.2的mac os,tomcat想要在80端口上启动,网上查了N多资料都不行,只有这个方案可行:

老版本的OS X使用的是ipfw设置端口转发,但新的版本特别是在我这个OSX Yosemite (10.10.3)中,已经无法使用ipfw,而是换成了PF。

PF配置端口转发的文章网上也有一大堆,但用下来没能解决问题,反而让我迷惑气愤,下面给出最为正确的配置:

1
首先在 /etc/pf.anchors/ 新建一个 com.pow 文件内容如下:
1
2
rdr pass on lo0 inet proto tcp from any to any port 80 -> 127.0.0.1 port 8080
rdr pass on lo0 inet proto tcp from any to any port 80 -> 127.0.0.1 port 8080

其中lo0为你ifconfig时查询到的网卡的名字  80是tomcat端口,8080为你想转发的端口

注意: 在段落末尾一定要加换行,否则会报syntax error错误。

然后使用 pfctl 命令检测配置文件

1
sudo pfctl -vnf /etc/pf.anchors/com.pow

添加到主配置文件

pf启动时会自动装载/etc/pf.conf文件,因此将anchor文件链接到/etc/pf.conf,转发规则就会自动建立了。

在rdr-anchor “com.apple/*”下面增加:

1
rdr-anchor "pow"

在:load anchor “com.apple” from “/etc/pf.anchors/com.apple”后添加:

1
load anchor "pow" from "/etc/pf.anchors/com.pow"

最终修改后的pf.conf文件如内容如下

1
2
3
4
5
6
7
8
scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
rdr-anchor "pow"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"
load anchor "pow" from "/etc/pf.anchors/com.pow"

导入并运行PF命令(关键)

一定要注意导入并允许运行 pf的命令,一个是所有现在网上教程里写的下面这个:

1
sudo pfctl -f /etc/pf.conf

上面这个在OSX Yosemite (10.10)应该没问题,但在我的OSX Yosemite (10.10.3)里是没有用的,要换成下面这个才能成功:

1
sudo pfctl -evf /etc/pf.anchors/com.pow

设置pf开机自动打开

1
sudo pfctl -e

添加的为-e参数,即enable

如果你想要关闭pf  ,命令是 :

1
sudo pfctl -d

Android学习——查看apk签名 和 keystore 的信息

九月 7th, 2015

1、查看 keystore  

$ keytool -list -keystore debug.keystore

结果

Keystore type: JKS

Keystore provider: SUN

Your keystore contains 1 entry

androiddebugkey, Mar 21, 2013, PrivateKeyEntry,

Certificate fingerprint (MD5): E0:F4:90:EE:CD:77:17:0E:B8:C4:AC:64:B2:F6:FC:83

2、查看三方应用或是系统应用签名
用winrar打开待查看的apk,将其中META-INF文件夹解压出来,得到其中的CERT.RSA文件

$ keytool -printcert -file META-INF/CERT.RSA

Owner: CN=Android Debug, O=Android, C=US

Issuer: CN=Android Debug, O=Android, C=US

Serial number: 514ab2e1

Valid from: Thu Mar 21 15:12:33 CST 2013 until: Sat Mar 14 15:12:33 CST 2043

Certificate fingerprints:

MD5:  E0:F4:90:EE:CD:77:17:0E:B8:C4:AC:64:B2:F6:FC:83

SHA1: 7F:E5:11:D8:37:4F:DA:D7:75:EA:A5:8C:47:06:85:95:6D:1D:3F:2B

Signature algorithm name: SHA1withRSA

Version: 3

3、给空白包签名

jarsigner -verbose -keystore [keystorePath] -signedjar [apkOut] [apkIn] [alias]

jarsigner命令格式:-verbose输出详细信息 -keystore密钥库位置 -signedjar要生成的文件 要签名的文件 密钥库文件

keystorePath参数代表keyStore的绝对路径,如D:\keystore

apkOut参数代表签名后的apk路径,如D:\signed.apk

apkin参数代表在腾讯应用中心下载的未签名apk,默认名称为tap_unsign.apk

alias参数代表签名用的alias名称(创建keyStore时所填写),如timdong

$ jarsigner -verbose -keystore debug.keystore -signedjar test2.apk tap_unsign1.apk timdong

Enter Passphrase for keystore:

   adding: META-INF/MANIFEST.MF

   adding: META-INF/ANDROIDD.SF

   adding: META-INF/ANDROIDD.RSA

  signing: res/drawable/ic_launcher.png

  signing: res/layout/main.xml

  signing: AndroidManifest.xml

  signing: resources.arsc

  signing: classes.dex

各类文件头标志大全

六月 28th, 2015

各类文件的文件头标志

参见  http://www.garykessler.net/library/file_sigs.html

 

扩展名 文件头标识(HEX 文件描述
123 00 00 1A 00 05 10 04 Lotus 1-2-3 spreadsheet (v9) file
3gg; 3gp; 3g2 00 00 00 nn 66 74 79 70 33 67 70 3rd Generation Partnership Project 3GPP (nn=0x14)   and 3GPP2 (nn=0x20) multimedia files
7z 37 7A BC AF 27 1C 7-ZIP compressed file
aba 00 01 42 41 Palm Address Book Archive file
abi 41 4F 4C 49 4E 44 45 58 AOL address book index file
aby; idx 41 4F 4C 44 42 AOL database files: address book (ABY) and user   configuration data (MAIN.IDX)
accdb 00 01 00 00 53 74 61 6E 64 61 72 64 20 41 43 45 20   44 42 Microsoft Access 2007 file
ACM 4D 5A MS audio compression manager driver
ADF 44 4F 53 Amiga disk file
adx 03 00 00 00 41 50 50 52 Lotus Approach ADX file
AIFF 46 4F 52 4D 00 Audio Interchange File
ain 21 12 AIN Compressed Archive File
ami 5B 76 65 72 5D Lotus Ami Pro
amr 23 21 41 4D 52 Adaptive Multi-Rate ACELP (Algebraic Code Excited   Linear Prediction) Codec, commonly audio format with GSM cell phones
ANI 52 49 46 46
API 4D 5A 90 00 03 00 00 00 Acrobat plug-in
arc 1A 0x LH archive file, old version(where x = 0x2, 0x3,   0x4, 0x8 or 0x9 for types 1-5, respectively)
arc 41 72 43 01 FreeArc compressed file
arj 60 EA ARJ Compressed Archive
ARJ 60 EA 27
ART 4A 47 03 0E 00 00 00 AOL ART file
ART 4A 47 04 0E 00 00 00 AOL ART file
asf 30 26 B2 75 8E 66 CF 11 Windows Media
asf; wma; wmv 30 26 B2 75 8E 66 CF 11 A6 D9 00 AA 00 62 CE 6C Microsoft Windows Media Audio/Video File(Advanced   Streaming Format)
asx 3C Advanced Stream redirector file
au 2E 73 6E 64 SoundMachine Audio File

NeXT/Sun Microsystems μ-Law audio file

avi 41 56 49 20 Audio Video Interleave (AVI)
AX 4D 5A Library cache file
AX 4D 5A 90 00 03 00 00 00 DirectShow filter
bag 41 4F 4C 20 46 65 65 64 62 61 67 AOL and AIM buddy list file
BAS 20 20 20
bin 42 4C 49 32 32 33 51 Thomson Speedtouch series WLAN router firmware
bmp 42 4D Windows Bitmap
BMP 42 4D 3E
bz; bz2 42 5A 68 BZIP Archive
BZ2; TAR.BZ2; TBZ2; TB2 42 5A 68 bzip2 compressed archive
CAB 49 53 63
CAB; HDR 49 53 63 28 Install Shield v5.x or 6.x compressed file
CAB 4D 53 43 46 Microsoft CAB File Format
cat 30 Microsoft security catalog file
CBD 43 42 46 49 4C 45 WordPerfect dictionary file (unconfirmed)
CCD 5B 43 6C
cdr CDR Corel Draw
CDR 45 4C 49 54 45 20 43 6F 6D 6D 61 6E 64 65 72 20 Elite Plus Commander saved game file
CDR, DVF 4D 53 5F 56 4F 49 43 45 Sony Compressed Voice File
CHI; CHM 49 54 53 46 Microsoft Compiled HTML Help File
CHM 49 54 53
CLB 43 4D 58 31 Corel Binary metafile
CLB 43 4F 4D 2B COM+ Catalog file
cnt 3A 42 61 73 65
COM, DLL, DRV, EXE, PIF, QTS, QTX, SYS 4D 5A Windows/DOS executable file
COM 4D 5A EE
COM E9 3B 03
CPE 46 41 58 43 4F 56 45 52 2D 56 45 52 Microsoft Fax Cover Sheet
CPL 4D 5A Control panel application
CPT 43 50 54 37 46 49 4C 45 Corel Photopaint file
CPT 43 50 54 46 49 4C 45 Corel Photopaint file
CPX 5B 57 69
cru; crush 43 52 55 53 48 CRUSH Archive File
CRU 43 52 55 53 48 20 76 Crush compressed archive
CRW 49 49 1A 00 00 00 48 45 41 50 43 43 44 52 02 00 Canon digital camera RAW file
CTF 43 61 74 61 6C 6F 67 20 33 2E 30 30 00 WhereIsIt Catalog file
CUR 00 00 02 00 01 00 20 20 Windows cursor file
dat 03 MapInfo Native Data Format
dat 1A 52 54 53 20 43 4F 4D 50 52 45 53 53 45 44 20 49   4D 41 47 45 20 56 31 2E 30 1A Runtime Software disk image
dat 41 56 47 36 5F 49 6E 74 65 67 72 69 74 79 5F 44 61   74 61 62 61 73 65 AVG6 Integrity database file
DAT 43 52 45 47 Windows 9x registry hive
DAT 43 6C 69 65 6E 74 20 55 72 6C 43 61 63 68 65 20 4D   4D 46 20 56 65 72 20 IE History DAT file
DAT 45 52 46 53 53 41 56 45 44 41 54 41 46 49 4C 45 Kroll EasyRecovery Saved Recovery State file
DAT 49 6E 6E 6F 20 53 65 74 75 70 20 55 6E 69 6E 73 74   61 6C 6C 20 4C 6F 67 20 28 62 29 Inno Setup Uninstall Log file
db 00 06 15 61 00 00 00 02 00 00 04 D2 00 00 10 00 Netscape Navigator (v4) database file
DB 44 42 46 48 Palm Zire photo database
db 08 dBASE IV or dBFast configuration file
db3 03 dBASE III file
db4 04 dBASE IV data file
dba 00 01 42 44 Palm DateBook Archive file
dbx CF AD 12 FE
dbx CF AD 12 FE C5 FD 74 6F Outlook Express
dci 3C 21 64 6F 63 74 79 70 AOL HTML mail file
dcx 3A DE 68 B1 DCX Graphic File
DDB 00 01 00
dib 42 4D device-independent bitmap image
DLL 4D 5A 90
DMP 4D 44 4D 50 93 A7 Windows minidump file
DMS 44 4D 53 21 Amiga DiskMasher compressed archive
doc 0D 44 4F 43 DeskMate Document file
doc 12 34 56 78 90 FF MS Word 6.0
doc 31 BE 00 00 00 AB 00 00 MS Word for DOS 6.0
doc 7F FE 34 0A MS Word
dot; ppt; xla; ppa; pps; pot; msi; sdw; db D0 CF 11 E0 MS Office/OLE2
doc; dot; xls; xlt; xla; ppt; apr ;ppa; pps; pot; msi;   sdw; db D0 CF 11 E0 A1 B1 1A E1 MS Compound Document v1 or Lotus Approach APR file
DPL 4D 5A 50
DRV 4D 5A 16
drw 07 A common signature and file extension for many   drawing programs.
drw 01 FF 02 04 03 02 Micrografx vector graphic file
ds4 4D 47 58 20 69 74 70 64 Micrografix Designer 4
DSN 4D 56 CD Stomper Pro label file
dsp 23 20 4D 69 63 72 6F 73 6F 66 74 20 44 65 76 6 56C   6F 70 65 72 20 53 74 75 64 69 6F Microsoft Developer Studio project file
dss 02 64 73 73 Digital Speech Standard (Olympus, Grundig, &   Phillips)
dtd 07 64 74 32 64 64 74 64 DesignTools 2D Design file
dtd 3C 21 45 4E 54 49 54 59 XML DTD
DVR 44 56 44 DVR-Studio stream file
dwg 41 43 31
dwg 41 43 31 30 Generic AutoCAD drawing

NOTES on AutoCAD file headers: The 0x41-43-31-30   (AC10) is a generic header, occupying the first four bytes in the file. The   next two bytes give further indication about the version or subtype:

0x30-32 (02) — AutoCAD R2.5

0x30-33 (03) — AutoCAD R2.6

0x30-34 (04) — AutoCAD R9

0x30-36 (06) — AutoCAD R10

0x30-39 (09) — AutoCAD R11/R12

0x31-30 (10) — AutoCAD R13 (subtype 10)

0x31-31 (11) — AutoCAD R13 (subtype 11)

0x31-32 (12) — AutoCAD R13 (subtype 12)

0x31-33 (13) — AutoCAD R14 (subtype 13)

0x31-34 (14) — AutoCAD R14 (subtype 14)

0x31-35 (15) — AutoCAD R2000

0x31-38 (18) — AutoCAD R2004

0x32-31 (21) — AutoCAD R2007

Enn (where nn are numbers) 45 56 46 EnCase evidence file
ECO 2A 50 52
elf 7F 45 4C 46 01 01 01 00 ELF Executable
emf 01 00 00 00 58 00 00 00 Extended (Enhanced) Windows Metafile Format, printer   spool file
eml 44 65 6C 69 76 65 72 79 2D 64 61 74 65 3A Email
EML 46 72 6F 6D 20 20 20 A commmon file extension for e-mail files.   Signatures shown here are for Netscape, Eudora, and a generic signature,   respectively. EML is also used by Outlook Express and QuickMail.
EML 46 72 6F 6D 20 3F 3F 3F A commmon file extension for e-mail files.   Signatures shown here are for Netscape, Eudora, and a generic signature,   respectively. EML is also used by Outlook Express and QuickMail.
EML 46 72 6F 6D 3A 20 A commmon file extension for e-mail files.   Signatures shown here are for Netscape, Eudora, and a generic signature,   respectively. EML is also used by Outlook Express and QuickMail.
EML 52 65 63
enc 00 5C 41 B1 FF Mujahideen Secrets 2 encrypted file
enl [32 byte offset] 40 40 40 20 00 00 40 40 40 40 EndNote Library File
eps 25 21 50 53 Adobe EPS File
eps 25 21 50 53 2D 41 64 6F 62 65 Postscript
eps 25 21 50 53 2D 41 64 6F 62 65 2D 33 2E 30 20 45 50   53 46 2D 33 20 30 Adobe encapsulated PostScript file (If this   signature is not at the immediate beginning of the file, it will occur early in   the file, commonly at byte offset 30)
EPS C5 D0 D3
eth 1A 35 01 00 GN Nettest WinPharoah capture file
evt 30 00 00 00 4C 66 4C 65 Windows Event Viewer file
evt 03 00 00 00 C4 66 C4 56
EVTX 45 6C 66 46 69 6C 65 00 Windows Vista event log file
exe; dll; drv; vxd; sys; ocx; vbx 4D 5A Win32 Executable
exe; dll; drv; vxd; sys; ocx; vbx 4D 5A Win16 Executable
exe; com; 386; ax; acm; sys; dll; drv; flt; fon; ocx;   scr; lrc; vxd; cpl; x32 4D 5A Executable File
EXE, DLL, OCX, OLB, IMM, IME 4D 5A 90
fli 00 11 AF FLIC Animation file
flt 00 01 01 OpenFlight 3D file
FLT 4D 5A 90 00 03 00 00 00 Audition graphic filter file (Adobe)
FLV 46 4C 56 01 Flash video file
fm 3C 4D 61 6B 65 72 46 69 6C 65 20 Adobe FrameMaker file
fm3 00 00 1A 00 07 80 01 00 Lotus 123 v3 FMT file
fmt 20 00 68 00 20 0 Lotus 123 v4 FMT file
FNT 43 48 41
FON 4D 5A Font file
GBC 87 F5 3E
gid 3F 5F 03 00 Windows Help Index File
GID 4C 4E 02 00 Windows Help index file
GIF 47 49 46 38
gif 47 49 46 38 37 61 Graphics interchange format file (GIF 87A)
gif 47 49 46 38 39 61 Graphics interchange format file (GIF89A)
GTD 7B 50 72
GX2 47 58 32 Show Partner graphics file (not confirmed)
gz; tar; tgz 1F 8B Gzip Archive File
gz; tgz 1F 8B 08 GZ Compressed File
hap 91 33 48 46 HAP Archive File
HDMP 4D 44 4D 50 93 A7 Windows heap dump file
hdr 23 3F 52 41 44 49 41 4E 43 45 0A adiance High Dynamic Range image file
HLP 3F 5F 03
hlp 3F 5F 03 00 Windows Help file
HLP 4C 4E 02 00 Windows Help file
hlp [7 byte offset] 00 00 FF FF FF FF Windows Help file
hqx 28 54 68 69 73 20 66 69 6C 65 Macintosh BinHex 4 Compressed Archive
hqx 28 54 68 69 73 20 66 69 6C 65 20 6D 75 73 74 20 62   65 20 63 6F 6E 76 65 72 74 65 64 20 77 69 74 68 20 42 69 6E 48 65 78 20 Macintosh BinHex 4 Compressed Archive
HTM 3C 21 44
htm; html 3C 21 44 4F 43 54 HyperText Markup Language 3
htm; html 3C 48 54 4D 4C 3E HyperText Markup Language 2
htm; html 3C 68 74 6D 6C 3E HyperText Markup Language 1
html 68 74 6D 6C 3E HTML
ico 00 00 01 00 00 Icon File
ico 00 00 01 00 01 00 20 20 Icon File
IFF 46 4F 52 4D
IFO 44 56 44 DVD info file
IME 4D 5A 90
img 00 01 00 08 00 01 00 01 01 Ventura Publisher/GEM VDI Image Format Bitmap file
IMG 00 FF FF
IMM 4D 5A 90
ind 41 4F 4C 49 44 58 AOL client preferences/settings file (MAIN.IND)
ISO 43 44 30 30 31 ISO-9660 CD Disc Image (This signature usually   occurs at byte 8001, 8801, or 9001.)
ivr 2E 52 45 43 RealPlayer video file (V11 and later)
JAR 4A 41 52 43 53 00 JARCS compressed archive
jar 5F 27 A8 89 JAR Archive File
jpg; jpeg FF D8 FF
jpg; jpe; jpeg FF D8 FF E0 00 JPG Graphic File
jpg; jpe; jpeg FF D8 FF FE 00 JPG Graphic File
KGB 4B 47 42 5F 61 72 63 68 20 2D KGB archive
KOZ 49 44 33 03 00 00 00 Sprint Music Store audio file (for mobile devices)
LDB 42 49 4C
lha 2D 6C 68 35 2D LHA Compressed
lha; lzh [2 byte offset] 2D 6C 68 Compressed archive file
LHP 3F 5F 03
lhp 3F 5F 03 00 Windows Help File
lib 21 3C 61 72 63 68 3E 0A Unix archiver (ar) files and Microsoft Program   Library Common Object File Format (COFF)
LIB 2A 24 20
LIT 49 54 4F 4C 49 54 4C 53 Microsoft Reader eBook file
LNK 4C 00 00
lnk 4C 00 00 00 Windows Shortcut (Link File)
lnk 4C 00 00 00 01 14 02 Windows Link File
LNK 4C 00 00 00 01 14 02 00 Windows shortcut file
log 2A 2A 2A 20 20 49 6E 73 74 61 6C 6C 61 74 69 6F 6E   20 53 74 61 72 74 65 64 20 Symantec Wise Installer log file
lzh lh Lz compression file
lwp 57 6F 72 64 50 72 6F Lotus WordPro v9
m3u 23 45 58
m4a 00 00 00 20 66 74 79 70 4D 34 41 20 00 00 00 00 Apple Lossless Audio Codec file
m4a; m4v 00 00 00 20 66 74 79 70 4D 34 41 20 00 00 00 00 QuickTime M4A/M4V file
manifest 3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D Windows Visual Stylesheet XML file
MAR 4D 41 52 31 00 Mozilla archive
MAR 4D 41 52 43 Microsoft/MSN MARC archive
MAR 4D 41 72 30 00 MAr compressed archive
max D0 CF 11
mdb 00 01 00 00 53 74 61 6E 64 61 72 64 20 4A 65 74 20   44 42 Microsoft Access file
mdb; mda; mde; mdt 53 74 61 6E 64 61 72 64 20 4A MS Access
MDF 00 FF FF
mdf 00 FF FF FF FF FF FF FF FF FF FF 00 00 02 00 01 Alcohol 120% CD image
mdf 01 0F 00 00 Microsoft SQL Server 2000 database
MDI 45 50 Microsoft Document Imaging file
MDS 4D 45 44
MID; MIDI 4D 54 68 64 Musical Instrument Digital Interface (MIDI) sound   file
mkv 1A 45 DF A3 93 42 82 88 6D 61 74 72 6F 73 6B 61 Matroska stream file
MLS 4D 49 4C 45 53 Milestones v1.0 project management and scheduling   software (Also see “MV2C” and “MV214” signatures)
MLS 4D 4C 53 57 Skype localization data file
MLS 4D 56 32 31 34 Milestones v2.1b project management and scheduling   software (Also see “MILES” and “MV2C” signatures)
MLS 4D 56 32 43 Milestones v2.1a project management and scheduling   software (Also see “MILES” and “MV214” signatures)
MMF 4D 4D 4D 44 00 00 Yamaha Corp. Synthetic music Mobile Application   Format (SMAF) for multimedia files that can be played on hand-held devices.
mny 00 01 00 00 4D 53 49 53 41 4D 20 44 61 74 61 62 61   73 65 Microsoft Money file
MOV 00 00 0F
MOV 00 00 77
mov 6D 6F 6F 76 Quicktime
mov 6D 64 61 74 QuickTime Movie
mp 0C ED Monochrome Picture TIFF bitmap file (unconfirmed)
MP3 49 44 33 MPEG-1 Audio Layer 3 (MP3) audio file
MP3 FF FB 50
mp4 00 00 00 18 66 74 79 70 33 67 70 35 MPEG-4 video files
MPA 00 00 01
mpg; mpeg 00 00 01 B3 MPEG Movie
mpg 00 00 01 BA MPEG
MSC 3C 3F 78
msc 3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 22 31 2E   30 22 3F 3E 0D 0A 3C 4D 4D 43 5F 43 6F 6E 73 6F 6C 65 46 69 6C 65 20 43 6F 6E   73 6F 6C 65 56 65 72 73 69 6F 6E 3D 22 Microsoft Management Console Snap-in Control file
msi 23 20 Cerius2 file
MSV 4D 53 5F 56 4F 49 43 45 Sony Memory Stick Compressed Voice file
NES 4E 45 53
NLS C2 20 20
nri 0E 4E 65 72 6F 49 53 4F Nero CD Compilation
ntf 1A 00 00 Lotus Notes database template
nsf; ntf 1A 00 00 03 00 00 Lotus Notes Database/Template
nsf 1A 00 00 03 00 00 11 00 Notes Database
nsf 1A 00 00 04 00 00 Lotus Notes database
ntf 30 31 4F 52 44 4E 41 4E 43 45 20 53 55 52 56 45 59   20 20 20 20 20 20 20 National Transfer Format Map File
obj 4C 01 Microsoft Common Object File Format (COFF)   relocatable object code file for an Intel 386 or later/compatible processors
OCX 4D 5A ActiveX or OLE Custom Control
OCX 4D 5A 90
OLB 4D 5A OLE object library
OLB 4D 5A 90
org; pfc 41 4F 4C 56 4D 31 30 30 AOL personal file cabinet (PFC) file
pak 1A 0B Compressed archive file
PAT 47 46 31 50 41 54 43 48 Advanced Gravis Ultrasound patch file
PAT 47 50 41 54 GIMP (GNU Image Manipulation Program) pattern file
PBK 5B 41 44
PCB 17 A1 50
PCS 0A 05 01
pcx 0A nn 01 01 ZSOFT Paintbrush file(where nn = 0x02, 0x03, or   0x05)
pcx 0A 05 01 08 PC Paintbrush(often associated with Quake Engine   games)
pdb [11 byte offset] 00 00 00 00 00 00 00 00 00 00 00 00   00 00 00 00 00 00 00 00 00 00 00 00 Palmpilot Database/Document File
PDF 25 50 44
pdf; fdf 25 50 44 46 Adobe Portable Document Format and Forms Document   file
pdf 25 50 44 46 2D 31 2E Adobe Acrobat
PDG 48 48 02
pf 11 00 00 00 53 43 43 41 Windows prefetch file
pic 01 00 00 00 01 Unknown type picture file
PJT 00 00 07
PLL 24 53 6F
PNG 89 50 4E
PNG 89 50 4E 47
png 89 50 4E 47 0D 0A PNG Image File
png 89 50 4E 47 0D 0A 1A 0A PNG Image File
PPC 52 65 63
PPT D0 CF 11
ppt [512 byte offset] 00 6E 1E F0 PowerPoint presentation subheader (MS Office)
ppt [512 byte offset] 0F 00 E8 03 PowerPoint presentation subheader (MS Office)
PPZ 4D 53 43 46 Powerpoint Packaged Presentation
prc 42 4F 4F 4B 4D 4F 42 49 Palmpilot resource file
PRG 23 44 45
ps 25 21 50 53 2D 41 64 6F 62 65 Postscript
PSD 38 42 50
psd 38 42 50 53 Adobe Photoshop image file
psp 7E 42 4B 00 PaintShop Pro Image File
pst 21 42 44 4E Microsoft Outlook Personal Folder file
pwl E3 82 85 96 Windows Password
qbb 45 86 00 00 06 00 Intuit QuickBooks Backup file
qdf AC 9E BD 8F Quicken
qph 03 00 00 00 Quicken price history file
qt 6D 64 61 74 Quicktime Movie File
qxd 00 00 49 49 58 50 52 Quark Express document (Intel & Motorola,   respectively)
qxd 00 00 4D 4D 58 50 52
ra 2E 52 4D 46 00 00 00 12 00 Real Audio file
ra; ram 2E 72 61 FD Real Audio File
ra 2E 72 61 FD 00 RealAudio streaming media file
RAR 52 61 72
rar 52 61 72 21 RAR Archive File
RAW 06 05 00
reg 52 45 47 45 44 49 54 34
rgb 01 DA 01 01 00 03 Silicon Graphics RGB Bitmap
RM 2E 52 4D
rm; rmvb 2E 52 4D 46 Real Media streaming media file
rpm ED AB EE DB RPM Archive File
RTD 43 23 2B 44 A4 43 4D A5 48 64 72 RagTime document file
RTF 7B 5C 72
rtf 7B 5C 72 74 66 Rich Text Format File
sav 24 46 4C 32 40 28 23 29 20 53 50 53 53 20 44 41 54   41 20 46 49 4C 45 SPSS Data file
SBV 46 45 44 46 (Unknown file type)
SCH 2A 76 65
scm 80 53 43
SH3 48 48 47 42 31 Harvard Graphics presentation file
SHD 4B 49 00 00 Windows 9x printer spool file
sit 53 49 54 21 Stuffit v1 Archive File
sit 53 74 75 66 66 49 74 Stuffit v5 Archive File
sle 3A 56 45 52 53 49 4F 4E Surfplan kite project file
sle 41 43 76 teganos Security Suite virtual secure drive
sly; srt; slt 53 52 01 00 Sage sly.or.srt.or.slt
SMD 00 FF FF
snm 00 1E 84 90 00 00 00 00 Netscape Communicator (v4) mail folder
SNP 4D 53 43 46 Microsoft Access Snapshot Viewer file
sol 00 BF Adobe Flash shared object file (e.g., Flash cookies)
spl 00 00 01 00 Windows NT/2000/XP printer spool file
SCR 4D 5A Screen saver
SUB FF FF FF
SWF 43 57 53 Shockwave Flash file (v5+)
SWF 46 57 53 Macromedia Shockwave Flash player file
sxc calc OpenOffice Calc
sxd draw OpenOffice Draw
sxi impress OpenOffice Impress
sxm math OpenOffice Math
sxw writer OpenOffice Writer
syw 41 4D 59 4F Harvard Graphics symbol graphic
TAG 00 00 02
tar; cpio 30 37 30 37 30 37 CPIO Archive File
tar.z 1F 9D 90 Compressed tape archive file
tga 00 00 10 00 00 RLE压缩的前5字节
TGA 00 00 02
tga 00 00 02 00 00 未压缩的前5字节
TIF; TIFF 49 20 49 Tagged Image File Format file
tif; tiff 49 49 2A TIFF (Intel)
tif; tiff 49 49 2A 00 Tagged Image File Format file (little endian, i.e.,   LSB first in the byte; Intel)
TIF; TIFF 4D 4D 00 2A Tagged Image File Format file (big endian, i.e., LSB   last in the byte; Motorola)
tif; tiff 4D 4D 2A TIFF (Motorola)
TIF; TIFF 4D 4D 00 2B BigTIFF files; Tagged Image File Format files >4   GB
TLB 4D 53 46 54 02 00 01 00 OLE, SPSS, or Visual C++ type library file
tr1 01 10 Novell LANalyzer capture file
TST 00 01 00
TTF 00 01 00
ufa 55 46 41 UFA Archive File
VBX 4D 5A VisualBASIC application
VCD 45 4E 54 52 59 56 43 44 02 00 00 01 02 00 18 58 VideoVCD (GNU VCDImager) file
vcf 42 45 47 49 4E 3A 56 43 41 52 44 0D 0A vCard file
vob 00 00 01 BA DVD Video Movie File (video/dvd, video/mpeg)
VXD, 386 4D 5A Windows virtual device drivers
WAV 52 49 46
wav 57 41 56 45 Wave
wav 57 41 56 45 66 6D 74 Wave Files
wb2 00 00 02 00 QuattroPro for Windows Spreadsheet file
wb3 [24 byte offset] 3E 00 03 00 FE FF 09 00 06 Quatro Pro for Windows 7.0 Notebook file
wk1; wks 20 00 60 40 60 Lotus 123 v1 Worksheet
wk1 00 00 02 00 06 04 06 00 08 00 00 00 00 00 Lotus 1-2-3 spreadsheet (v1) file
wk3 00 00 1A 00 00 10 04 00 Lotus 123 spreadsheet (v3) file
wk4; wk5 00 00 1A 00 02 10 04 00 Lotus 1-2-3 spreadsheet (v4, v5) file
wks 0E 57 4B 53 DeskMate Worksheet
WMA 30 26 B2
wmf 01 00 09 00 Graphics Metafile
wmf 01 00 09 00 00 03 Windows Metadata file (Win 3.x format)
wmf 02 00 09 00 Graphics Metafile
wmf D7 CD C6 9A Windows Meta File
WMV 30 26 B2
wp FF 57 50 43 WordPerfect v5 or v6
wpd FF 57 50 43 WordPerfect
wpg FF 57 50 47 WordPerfect Graphics
wri 31 BE Microsoft Write file
WRI 31 BE 00
wri 32 BE Microsoft Write file
ws 1D 7D WordStar Version 5.0/6.0 document
XBE 58 42 45
xdr 3C BizTalk XML-Data Reduced Schema file
xls 09 02 06 00 00 00 10 00 B9 04 5C 00 MS Excel v2
xls 09 04 06 00 00 00 10 00 F6 05 5C 00 MS Excel v4
XLS D0 CF 11
xls D0 CF 11 E0 MS Excel
xls [512 byte offset]  09 08 10 00 00 06 05 00 Excel spreadsheet subheader (MS Office)
XML 3C 3F 78
xml 3C 3F 78 6D 6C XML Document
xml FF FE 3C 00 52 00 4F 00 4F 00 54 00 53 00 54 00 55 00   42 00 XML Document (ROOTSTUB)
XMV 00 50 01
XSL FF FE 3C
xul 72 73 69 6F 6E 3D 22 31 3C 3F 78 6D 6C 20 76 65 2E   30 22 3F 3E XML User Interface Language file
z 1F 9D TAR Compressed Archive File
Z 1F 9D 8C
ZIP 50 4B 03
zip; jar; zipx 50 4B 03 04 ZIP Archive
zip 50 4B 30 30 ZIP Archive (outdated)
Zip 50 4B 30 30 50 4B 03 04 WINZIP Compressed
zoo 5A 4F 4F 20 ZOO Archive File

Sage Backup 1 SAGEBACKUP

(“303730373037”, “CPIO Archive File”),

(“100”, “ICON File”),

(“1F9D”, “TAR Compressed Archive File”),

FFD8FFFE00,.JPEG;.JPE;.JPG,”JPG Graphic File”

FFD8FFE000,.JPEG;.JPE;.JPG,”JPG Graphic File”

474946383961,.gif,”GIF 89A”

474946383761,.gif,”GIF 87A”

424D,.bmp,”Windows Bitmap”

4D5A,.exe;.com;.386;.ax;.acm;.sys;.dll;.drv;.flt;.fon;.ocx;.scr;.lrc;.vxd;

.cpl;.x32,”Executable File”

504B0304,.zip,”Zip Compressed”

3A42617365,.cnt,””

D0CF11E0A1B11AE1,.doc;.xls;.xlt;.ppt;.apr,”MS Compound Document v1 or Lotus Approach APR file”

0100000058000000,.emf,””

03000000C466C456,.evt,””

3F5F0300,.gid;.hlp;.lhp,”Windows Help File”

1F8B08,.gz,”GZ Compressed File”

28546869732066696C65,.hqx,””

0000010000,.ico,”Icon File”

4C000000011402,.lnk,”Windows Link File”

25504446,.pdf,”Adobe PDF File”

5245474544495434,.reg,””

7B5C727466,.rtf,”Rich Text Format File”

lh,.lzh,”Lz compression file”

MThd,.mid,””

0A050108,.pcx,””

25215053,.eps,”Adobe EPS File”

2112,.ain,”AIN Archive File”

1A02,.arc,”ARC/PKPAK Compressed 1″

1A03,.arc,”ARC/PKPAK Compressed 2″

1A04,.arc,”ARC/PKPAK Compressed 3″

1A08,.arc,”ARC/PKPAK Compressed 4″

1A09,.arc,”ARC/PKPAK Compressed 5″

60EA,.arj,”ARJ Compressed”

41564920,.avi,”Audio Video Interleave(AVI)”

425A68,.bz;.bz2,”Bzip Archive”

49536328,.cab,”Cabinet File”

4C01,.obj,”Compiled Object Module”

303730373037,.tar;.cpio,”CPIO Archive File”

4352555348,.cru;.crush,”CRUSH Archive File”

3ADE68B1,.dcx,”DCX Graphic File”

1F8B,.gz;.tar;.tgz,”Gzip Archive File”

91334846,.hap,”HAP Archive File”

3C68746D6C3E,.htm;.html,”HyperText Markup Language 1″

3C48544D4C3E,.htm;.html,”HyperText Markup Language 2″

3C21444F4354,.htm;.html,”HyperText Markup Language 3″

100,.ico,”ICON File”

5F27A889,.jar,”JAR Archive File”

2D6C68352D,.lha,”LHA Compressed”

20006040600,.wk1;.wks,”Lotus 123 v1 Worksheet”

00001A0007800100,.fm3,”Lotus 123 v3 FMT file”

00001A0000100400,.wk3,”Lotus 123 v3 Worksheet”

20006800200,.fmt,”Lotus 123 v4 FMT file”

00001A0002100400,.wk4,”Lotus 123 v5″

5B7665725D,.ami,”Lotus Ami Pro”

300000041505052,.adx,”Lotus Approach ADX file”

1A0000030000,.nsf;.ntf,”Lotus Notes Database/Template”

4D47582069747064,.ds4,”Micrografix Designer 4″

4D534346,.cab,”Microsoft CAB File Format”

4D546864,.mid,”Midi Audio File”

000001B3,.mpg;.mpeg,”MPEG Movie”

0902060000001000B9045C00,.xls,”MS Excel v2″

0904060000001000F6055C00,.xls,”MS Excel v4″

7FFE340A,.doc,”MS Word”

1234567890FF,.doc,”MS Word 6.0″

31BE000000AB0000,.doc,”MS Word for DOS 6.0″

1A00000300001100,.nsf,”Notes Database”

7E424B00,.psp,”PaintShop Pro Image File”

504B0304,.zip,”PKZIP Compressed”

89504E470D0A,.png,”PNG Image File”

6D646174,.mov,”QuickTime Movie”

6D646174,.qt,”Quicktime Movie File”

52617221,.rar,”RAR Archive File”

2E7261FD,.ra;.ram,”Real Audio File”

EDABEEDB,.rpm,”RPM Archive File”

2E736E64,.au,”SoundMachine Audio File”

53495421,.sit,”Stuffit v1 Archive File”

53747566664974,.sit,”Stuffit v5 Archive File”

1F9D,.z,”TAR Compressed Archive File”

49492A,.tif;.tiff,”TIFF(Intel)”

4D4D2A,.tif;.tiff,”TIFF(Motorola)”

554641,.ufa,”UFA Archive File”

57415645666D74,.wav,”Wave Files”

D7CDC69A,.wmf,”Windows Meta File”

4C000000,.lnk,”Windows Shortcut(Link File)”

504B3030504B0304,.zip,”WINZIP Compressed”

FF575047,.wpg,”WordPerfect Graphics”

FF575043,.wp,”WordPerfect v5 or v6″

3C3F786D6C,.xml,”XML Document”

FFFE3C0052004F004F0054005300540055004200,.xml,”XML Document(ROOTSTUB)”

3C21454E54495459,.dtd,”XML DTD”

5A4F4F20,.zoo,”ZOO Archive File”

更多.. »

可信计算学习研究资源整理

五月 25th, 2015

想要学习和理解可信计算技术的入门者,经常不知道从哪里下手,下面根据个人经验总结一些资源供参考(不一定全,欢迎补充):

规范

通过规范的研究可以理解可信计算的基本概念和思想,方便阅读更多的书籍和论文。

早期可信计算的研究主要以TCG(国际可信计算工作组http://www.trustedcomputinggroup.org/resources/tpm_main_specification )组织为主,国内开展可信计算研究的思路基本也是跟着TCG的步伐。可信计算最核心的就是TPM硬件芯片,其TPM 1.2规范是比较经典的,大多数厂家的芯片都以TPM 1.2为标准。不过,现在该规范已经升级到TPM 2.0,也称为“Trusted Platform Module Library Specification”,而且遵循该规范的新芯片也已经面世。

国内对应的是TCM芯片,可以参考“可信计算密码支撑平台功能与接口规范”,而且已经成为国家标准,即GB/T 29829-2013。

而随着可信计算的发展,可信平台模块不一定再是硬件芯片的形式,特别是在资源比较受限的移动和嵌入式环境中,可信执行环境(TEE,Trusted Execution Environment)的研究比较热,如基于ARM TrustZone、智能卡等可以实现可信计算环境。另一个热点是物理不可克隆函数PUF(Physical Unclonable Functions),其可以为可信计算提供物理安全特征,实现密钥安全存储、认证、信任根等功能,而且对应用到物联网、可穿戴设备、BYOD等场景中具有很好的优势。关于这方面的标准可以参考“GlobalPlatform”,一个开放式联盟,定义了关于卡、设备、系统等各个方面的规范,其中包含与可信计算联系比较紧密的GP-TEE规范

 

书籍与论文

中文书籍推荐冯登国教授的“可信计算理论与实践”,其对可信计算的研究历史、现状和技术有比较全面和深入的理解。还有张焕国教授的“可信计算”一书。另外推荐综述论文“可信计算技术研究”(发表在计算机研究与发展期刊上)和“The Theory and Practice in the Evolution of Trusted Computing”(发表在科学通报CSB上)。

如果想对可信计算有比较原汁原味的深入理解,推荐阅读一些经典的英文原版书籍:

ü  S.W. Smith. Trusted Computing Platforms: Design and Applications. 2005 关于设计和使用安全协处理器的早期工作的总结

ü  D. Grawrock. Dynamics of a Trusted Platform. 2008 包含TPM的动机与设计,以及Intel的Latelaunch和虚拟化支持技术的描述

ü  D. Challener, K. Yoder, R. Catherman, D. Safford, and L. Van Doorn. A Practical Guide to Trusted Computing. IBM Press 2008. 从一个开发者的角度介绍了可信计算平台的各个方面,包含设备驱动的撰写,以及可信软件栈的应用接口,值得一读(这本书有中文翻译的版本,不过还是推荐最好读英文原版)

另外推荐阅读CMU学者的综述论文“Bootstrapping Trust in Commodity Computers”,发表在信息安全顶会IEEE S&P 2010上面,对可信计算的理解比较到位。

最后推荐Mark Ryan在访问TCG后综述了一篇关于TPM 1.2的论文“Introduction to the TPM 1.2”,适合初学者阅读,能比较快速准确的抓住TPM的本质。

 

会议与研究机构

如果四大顶级安全会议(CCS、IEEE S&P、USENIX Security、NDSS)等有关于可信计算的文章,自然值得一读。

另外推荐可信计算领域比较专业的会议Trust(International Conference on Trust & Trustworthy Computing),由欧洲研究可信计算的几个主流机构举办,每年上半年在欧洲开会,每年只录用十篇左右文章,如Trust 2014年的网址为http://www.ics.forth.gr/trust2014/

另外推荐CCS会议的WorkShop,TrustEDInternational Workshop on Trustworthy Embedded Devices),其前身为CCS-STC,每年与顶会CCS一起举办,只收录几篇文章,也比较专业,主要关注可信计算在嵌入式和移动等方面的新型成果。

如果做学术研究的话,跟踪国际上前沿组织与机构的研究成果是很好的选择,可信计算方面的机构有:CMU Cylab实验室ETH Zurich系统安全实验室,Intel&HP实验室(代表人物Ernie Brickell, Liqun Chen, Jiangtao Li,代表成果DAA),TU Darmstadt CASEDIAIK of Graz等。

 

开源项目

了解了可信计算的思想和原理,如果不从实际上体验一把可信计算的功能也是很痛苦的。而现在在国内使用TPM的芯片很困难,TCM芯片在很多方面可能与国际主流用法不一致。因此,为了实际使用可信计算功能,这里推荐一些开源项目。

(1)TPM Emulator

开源地址:https://github.com/PeterHuewe/tpm-emulator

不需要实际TPM芯片就可以通过软件提供可信平台模块的功能,可以在Windows和Linux上进行编译后使用,建议和可信软件栈TROUSERS一起使用。

(2)可信软件栈TROUSERS

开源地址:http://sourceforge.net/projects/trousers

IBM实现的一套开源软件栈,是Linux下进行可信计算应用开发的主要接口。

(3)IBM Software TPM

开源地址:http://ibmswtpm.sourceforge.net/

提供了一全套实践可信计算的软件工具:包含软件TPM模拟器、libtpm库(类似可信软件栈TSS)、实例命令(用C语言写,可以直接访问TPM命令接口,测试可信计算的功能),而且通过提供的TPM Proxy代理可以去实际TPM芯片、以及其他软件模拟的TPM Emulator进行通信。

(4)OpenTC项目

开源网址:www.opentc.net

是欧盟赞助的一个可信计算项目,目标是开发一套完整的可信操作系统,出了很多成果,包含Trusted XEN Virtualisation OS,Trusted Linux以及Trusted Microkernel for small and embedded systems等。

(5)Trusted JAVA项目

开源网址:http://trustedjava.sourceforge.net/

是OpenTC项目的一部分,显示了如何使用Java来使用TPM和TSS的功能,由IAIK开发,可以支持跨平台的使用可信计算功能。

(6)TPM4JAVA

开源网址:http://tpm4java.datenzone.de/trac

另一个可信Java工程,不过主要由Technical University of Darmstadt大学主持。

(7)内核完整性度量IMA

开源网址:http://sourceforge.net/p/linux-ima/wiki/Home/

结合TPM安全芯片,在Linux内核实现了可信计算的完整性度量体系,对所有可执行程序进行了度量。

(8)EMSCB项目

开源网址:http://www.emscb.com/content/pages/49241.htm

由德国政府赞助,基于对TPM的使用开发一些典型的安全应用(如加密等)。可以基于它们的代码理解可信应用开发的思路,以及嵌入到其它应用开发中。

 

 

 

 

原文地址:http://www.vonwei.com/post/trustedcomputingresources.html