ANSWER TO BOCH: Table is decrypted and windows reads it. You could use a loader to load an already decrypted table, but secureboot will prevent the loader from running because it's not signed. Non OA3.0 machines don't have the decryption key/mechanism build in. We also can't mod the UEFI to include either - a custom module with decrypted table and loading mechanism - a custom module with encrypted table and decrypting + loading mechanism cause in both the 2 cases the digital cert of UEFI or the modules don't match with the data anymore. SOME THOUGHTS AFTER WRITING ABOVE STUFF: Again I'm only speculating now about something I thought about when writing the above. OA3.0 requires UEFI 2.3.1. So that probably means that any 2.3.1 ALWAYS checks it's own signatures. This prevents us from adding custom tables and modules to it. It's obvious then that windows checks if you are indeed running 2.3.1 cause otherwise you can't have OA3. So If we mod an UEFI lower than 2.3.1 (2.3.0 for example) that doesn't check it's own signatures, we can add stuff to it without any problem. We might even use a loader and stuff to emulate a TPM. When the UEFI is modded in that way that windows thinks it's 2.3.1 and it looks like it has secureboot enabled (while it hasn't), windows has no reason to think the emulated TPM chip and loaded tables aren't valid. Of course this still brings no solution for non OA3 machines that already come with 2.3.1, it works only for UEFI versions that don't include signature checking or where it can be turned off.
Windows could check the certificate that is used by UEFI. If it is revoked then it can go to non-legit.
You are right. The w8 fans should at least get one functional and good looking GUI, all the others can stay at BIOS. Very interesting that the MSDM table was mentioned at April already...need to figure how it's related to TPM.
I had a look. The MSDM table integration is not related to the changelog "Modify TPM compatibility." It has been there already before.(F4)
It also seems that OEM's need to send a list back to Microsoft to pre-activate those systems. Even when we create al those factors in a loader (or something like that), the result might still be an non-activated system. The key question remains what the Digital Product Key is going to be. The same thing as we have seen before like the OEM-SLP keys or totally different keys as stated by DAZ?
Hmm... If they are really requiring a TPM, I wonder how they are gonna handle countries that legally restrict the use of it (including China and Russia, which aren't exactly small markets).
I guess that Microsoft is using the data supplied by the OEM to pre-activate all those OEM-systems. The consumer buys the system. When the system has done it's setup, it goes online and fetch it's activationcode. Microsoft then knows which OEM-system is activated and can supply it to the OEM. They also can verify if it is a real sold OEM-system. After that they can spot "fake" activated OEM-systems and deactivate them. But then again this is just my guess.
Since the MSDM table integration is not related to the changelog "Modify TPM compatibility." at Gigabyte BIOS and nothing else I got about relation of MSDM and TPM I guess you are right. The COA (serial / key) won't be replaced by a TPM, it will be written uniquely into the NVRAM. Since the OEMs have complained about 'extra work' I guess the latter 'when you activate Windows' won't come true. @Jachra : You could be right. The serial stored at the NVRAM then becomes activated online if the hardware hash matches. It's a 'mixture' of classic OEM_SLP and OEM_COA then plus hardware ID hashing.
I have worked out a little more of what is going on in the 16D0A23E-C09C-407D-A14A-AD058FDD0CA1 module a lot of time is devoted to correcting the OEMID, OEMTableId to match the MSDM, also the CreatorID, OEMRevison and CreatorRevision is also updated with hard coded values. CreatorID is changed to "MSFT" or "AMI " RSDT is changed to "MSFT" some other tables are changed to "AMI ". later in the code a "PCMP" table is built and installed in low memory by the EFI_LEGACY_BIOS_PROTOCOL the comment's in LegacyBios.h indicated that this memory region can be ether the 0xE0000->0xEFFFF or 0xF0000->0xFFFFF which is normally write protected. then an empty MP table is built, a pointer to the PCMP is added and then it is also installed in low memory with EFI_LEGACY_BIOS_PROTOCOL I have not worked out what data is added to the PCMP.
nononsence, what if added support for OA3.0 simply means to add the MSDM table and the code you are analyzing has nothing to do with it, but is TPM related? The same GUID is found at Asus P5Q deluxe EFI (which has also a TPM header) and the code that creates the MP tables is probably present at other UEFI revisions of this particular Intel UEFI already. Added support for Microsoft* OEM Activation 3.0. has been added to version 0034, so what you have analyzed (creating MP tables) is missing at previous version 0028? I am not at home and cannot have a look (no tools here).....just to make sure not to analyze stuff which isn't OA3.0 related....the related changes must be made at latest revision only. So to correct table IDs might belong to OA3.0, but creating the MP table(s) is probably TPM related only. I am sure the product key will be written into NVRAM by the OEMs (the NVRAM SLIC branding is already used at OA2.1 Asus Notebooks and Andy's tool supports this method), from there it will be passed to the MSDM table in order to become activated online. Could that probably be all about OA3.0? (Besides some additional matching of OEMIds)??? OA often is 'simpler' than thought first.... So OA3.0 'simply' could be removal of COA licensing sticker-->unique product key written into NVRAM by the OEMs, SLIC data also--> product key passed to MSDM ACPITable + SLIC data to SLIC ACPITable, activation online against M$ server......just brainstorming...
Don't panic too much since at this point its all speculation as to what the final protection is going to be. There good deductive reasoning going on but tell ms makes windows 8 final we wont have a true concrete answer. Also when been down this route before with windows supposedly being uncrackable and its cracked in very short order. I have no doubts its going to be cracked within short order. The other side of this is windows 8 final could bite and no one would want it anyway...lol Interesting reading this though lots of brain power.
Indeed. With Yen, nononsence and others, it appears there is a lot of relevant and very well presented information regarding UEFI and OA3.0. Thanks to all!
if we remember, in win7 time also there were lot of speculation about strong activation method in OA 2.1 but immediate after lenovo leak the activation tool was ready..lets see MDL experts are already on the way of finding the methods to bypass the activation or still in search of finiding what this OA 3.0 is all about and how it works..but finally fact is man made can be break by another man...its just a matter of time..keep your fingers crossed... thanks to all the BIOS mod experts here...keep it going and keep compress and decompress