Showing with 34 additions and 8 deletions.
  1. +4 −1 Makefile.am
  2. +1 −1 man/alg-common.troff
  3. +9 −0 man/alg-notes-common.troff
  4. +2 −0 man/tpm2_akparse.8.in
  5. +6 −2 man/tpm2_getpubak.8.in
  6. +5 −1 man/tpm2_getpubek.8.in
  7. +7 −3 man/tpm2_quote.8.in
5 changes: 4 additions & 1 deletion Makefile.am
View file
Expand Up @@ -264,7 +264,8 @@ man8_MANS = \
MAN_DEPS := man/common-options.troff man/tcti-options.troff \
man/tcti-environment.troff man/alg-common.troff \
man/hash-alg-common.troff man/object-alg-common.troff \
man/sign-alg-common.troff man/password-fmt-common.troff
man/sign-alg-common.troff man/password-fmt-common.troff \
man/alg-notes-common.troff

man/man8/%.8 : man/%.8.in $(MAN_DEPS)
rm -f $@
Expand All @@ -291,6 +292,8 @@ endif
-e '/@SIGN_ALG_COMMON_INCLUDE@/d' \
-e '/@PASSWORD_FORMAT_COMMON_INCLUDE@/r man/password-fmt-common.troff' \
-e '/@PASSWORD_FORMAT_COMMON_INCLUDE@/d' \
-e '/@ALG_NOTES_COMMON_INCLUDE@/r man/alg-notes-common.troff' \
-e '/@ALG_NOTES_COMMON_INCLUDE@/d' \
< $< >> $@

CLEANFILES = $(man8_MANS)
2 changes: 1 addition & 1 deletion man/alg-common.troff
View file
@@ -1,4 +1,4 @@
Options tha take algorithms support "nice-names". Nice names, like sha1 can be
Options that take algorithms support "nice-names". Nice names, like sha1 can be
used in place of the raw hex for sha1: 0x4. The nice names are converted by
stripping the leading TPM_ALG_ from the Algorithm Name field and converting
it to lower case. For instance TPM_ALG_SHA3_256 becomes sha3_256.
Expand Down
9 changes: 9 additions & 0 deletions man/alg-notes-common.troff
View file
@@ -0,0 +1,9 @@
The properties of the generated keys are currently fixed to the following values:
.PP
For TPM_ALG_RSA the key length is 2048 bit. The public key exponent is 2^16 +1.
.PP
For TPM_ALG_SYMCIPHER the symmetric key is AES 128 bit.
.PP
For TPM_ALG_ECC the curve parameters are TPM_ECC_NIST_P256.
.PP
For TPM_ALG_KEYEDHASH the algorithm is SHA256.
2 changes: 2 additions & 0 deletions man/tpm2_akparse.8.in
View file
Expand Up @@ -39,6 +39,8 @@ file inputFile, and output the key into file akKeyFile.
.B tpm2_akparse
parse the algorithm and key values in TPM2B_PUBLIC struct which input via
file inputFile, and output the key into file akKeyFile.
.PP
The output file will be in an opaque implementation defined format.
.SH OPTIONS
.TP
\fB\-f\fR
Expand Down
8 changes: 6 additions & 2 deletions man/tpm2_getpubak.8.in
View file
Expand Up @@ -69,7 +69,7 @@ specifies the handle of EK (hex).
specifies the handle used to make AK persistent (hex).
.TP
-\fB\-g ,\-\-alg\fR
-specifies the algorithm type of AK.
specifies the algorithm type of AK.
@ALG_COMMON_INCLUDE@
@OBJECT_ALG_COMMON_INCLUDE@
.TP
Expand All @@ -82,13 +82,17 @@ Like -g, but specifies the algorithm of sign.
@SIGN_ALG_COMMON_INCLUDE@
.TP
\fB\-f ,\-\-file\fR
specifies the file used to save the public portion of AK.
specifies the file used to save the public portion of AK. This will be a
binary data structure corresponding to the TPM2B_PUBLIC struct in the
specification.
.TP
\fB\-n ,\-\-akName\fR
specifies the file used to save the ak name.
@COMMON_OPTIONS_INCLUDE@
@TCTI_OPTIONS_INCLUDE@
.SH ENVIRONMENT\@TCTI_ENVIRONMENT_INCLUDE@
.SH NOTES
@ALG_NOTES_COMMON_INCLUDE@
.SH EXAMPLES
.B tpm2_getpubak
.PP
Expand Down
6 changes: 5 additions & 1 deletion man/tpm2_getpubek.8.in
View file
Expand Up @@ -71,13 +71,17 @@ specifies the algorithm type of EK.
@OBJECT_ALG_COMMON_INCLUDE@
.TP
\fB\-f ,\-\-file\fR
specifies the file used to save the public portion of EK.
specifies the file used to save the public portion of EK. This will be a
binary data structure corresponding to the TPM2B_PUBLIC struct in the
specification.
.TP
\fB\-S ,\-\-input-session-handle\fR
Optional Input session handle from a policy session for authorization.
@COMMON_OPTIONS_INCLUDE@
@TCTI_OPTIONS_INCLUDE@
.SH ENVIRONMENT\@TCTI_ENVIRONMENT_INCLUDE@
.SH NOTES
@ALG_NOTES_COMMON_INCLUDE@
.SH EXAMPLES
.B tpm2_getpubek
.PP
Expand Down
10 changes: 7 additions & 3 deletions man/tpm2_quote.8.in
View file
Expand Up @@ -49,15 +49,18 @@ AK handle's Password.
@PASSWORD_FORMAT_COMMON_INCLUDE@
.TP
\fB\-l ,\-\-idList\fR
The list of selected PCRs' ids, 0~23
The comma separated list of selected PCRs' ids, 0~23 e.g. "4,5,6"
.TP
\fB\-g ,\-\-algorithm\fR
The algorithm id.
@@ALG_COMMON_INCLUDE@
@OBJECT_ALG_COMMON_INCLUDE@
.TP
\fB\-L ,\-\-selList\fR
The list of pcr banks and selected PCRs' ids (0~23) for each bank
The list of pcr banks and selected PCRs' ids (0~23) for each bank. Format is
<BANK>:<PCR>[,<PCR>]; multiple banks may be separated by '+'. For example
sha:3,4+sha256:5,6 will select PCRs 3 and 4 from the SHA bank and PCRs 5 and 6
from the SHA256 bank.
.TP
\fB\-o ,\-\-outFile\fR
output file path, recording the two structures output by tpm2_quote function
Expand All @@ -66,7 +69,8 @@ output file path, recording the two structures output by tpm2_quote function
passwords given by any options are hex format.
.TP
\fB\-q ,\-\-qualifyData\fR
Data given as a Hex string to qualify the quote, optional.
Data given as a Hex string to qualify the quote, optional. This is typically
used to add a nonce against replay attacks.
.TP
\fB\-S ,\-\-input-session-handle\fR
Optional Input session handle from a policy session for authorization.
Expand Down