eventlog parser: `EV_EVENT_TAG` information missing

[mythi]

I'm printing out the eventlog JSON and noticing the following:

      {
		"rtmr": {
			"index": 3,
			"bank": "SHA384"
		},
		"rtmr_events": [
			{
				"type_id": "0x6",
				"type_name": "EV_EVENT_TAG",
				"measurement": "cd8de72012411c79023c3de95b04a995b185d34678ac53832d3e8b623520b8444c572116006e641c0d55556c63214f40"
			}
		]
	}

For the verifier to distinguish between different tagged events, the JSON log should include the "tagged event ID" and preferably the event description too.

The above entry is for the kernel commandline measured by the efistub: ID: 0x8F3B22ED and description LOADED_IMAGE::LoadOptions

[kwtj43]

Hi Mikko,
There are some upcoming changes to the ITA go-client targeted for end of January...

• The ITA CLI will include RTMR event log when the "ccel" option is provided. The --no-eventlog option will be removed. This is to make evidence collection more consistent across TPM's "ima" and "evl" arguments.

• The ITA client will no longer parse and/or produce json event-logs locally. The raw data will be sent to the ITA cluster and the ITA token will include the verified event-log claims.

• Like the TPM UFEI event-log parsing, TDX token claims will contain "uefi_event_logs" element. When selct event types are encountered, the token's event will contain a "details" element specific to that event type...

  {
    "details": {
      "tagged_event_data": "Linux initrd",
      "tagged_event_data_size": 13,
      "tagged_event_id": 2403017452
    },
    "digest_matches_event": false,
    "digests": [
      {
        "alg": "SHA-256",
        "digest": "1d1d47d2d50e4e6b4f6bda570122b5e7d8da74dface277370f03cda0376e7297"
      }
    ],
    "event": "7CI7jw0AAABMaW51eCBpbml0cmQA",
    "index": 9,
    "type": 6,
    "type_name": "EV_EVENT_TAG"
  },  
  

[pawelpros]

Hi Kent, have you got already branch which provides updated API for sending CCEL base64 encoded data to ITA which will replace currently available ones ?