Tree - source-git/gnutls - CentOS Git server

source-git / gnutls

Blame src/tpmtool-args.def

Blob History Raw

Packit Service	4684c1	`AutoGen Definitions options;`
Packit Service	4684c1	`prog-name = tpmtool;`
Packit Service	4684c1	`prog-title = "GnuTLS TPM tool";`
Packit Service	4684c1	`prog-desc = "Program to handle TPM as a cryptographic device.\n";`
Packit Service	4684c1	`detail = "Program that allows handling cryptographic data from the TPM chip.";`
Packit Service	4684c1	`short-usage = "tpmtool [options]\ntpmtool --help for usage instructions.\n";`
Packit Service	4684c1	`explain = "";`
Packit Service	4684c1
Packit Service	4684c1	`#define OUTFILE_OPT 1`
Packit Service	4684c1	`#define INFILE_OPT 1`
Packit Service	4684c1	`#include args-std.def`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = generate-rsa;`
Packit Service	4684c1	`descrip = "Generate an RSA private-public key pair";`
Packit Service	4684c1	`doc = "Generates an RSA private-public key pair in the TPM chip.`
Packit Service	4684c1	`The key may be stored in file system and protected by a PIN, or stored (registered)`
Packit Service	4684c1	`in the TPM chip flash.";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = register;`
Packit Service	4684c1	`descrip = "Any generated key will be registered in the TPM";`
Packit Service	4684c1	`flags_must = generate-rsa;`
Packit Service	4684c1	`doc = "";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = signing;`
Packit Service	4684c1	`descrip = "Any generated key will be a signing key";`
Packit Service	4684c1	`flags_must = generate-rsa;`
Packit Service	4684c1	`flags_cant = legacy;`
Packit Service	4684c1	`doc = "";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = legacy;`
Packit Service	4684c1	`descrip = "Any generated key will be a legacy key";`
Packit Service	4684c1	`flags_must = generate-rsa;`
Packit Service	4684c1	`flags_cant = signing;`
Packit Service	4684c1	`doc = "";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = user;`
Packit Service	4684c1	`descrip = "Any registered key will be a user key";`
Packit Service	4684c1	`flags_must = register;`
Packit Service	4684c1	`flags_cant = system;`
Packit Service	4684c1	`doc = "The generated key will be stored in a user specific persistent storage.";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = system;`
Packit Service	4684c1	`descrip = "Any registered key will be a system key";`
Packit Service	4684c1	`flags_must = register;`
Packit Service	4684c1	`flags_cant = user;`
Packit Service	4684c1	`doc = "The generated key will be stored in system persistent storage.";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = pubkey;`
Packit Service	4684c1	`arg-type = string;`
Packit Service	4684c1	`arg-name = "url";`
Packit Service	4684c1	`descrip = "Prints the public key of the provided key";`
Packit Service	4684c1	`doc = "";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = list;`
Packit Service	4684c1	`descrip = "Lists all stored keys in the TPM";`
Packit Service	4684c1	`doc = "";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = delete;`
Packit Service	4684c1	`arg-type = string;`
Packit Service	4684c1	`arg-name = "url";`
Packit Service	4684c1	`descrip = "Delete the key identified by the given URL (UUID).";`
Packit Service	4684c1	`doc = "";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = test-sign;`
Packit Service	4684c1	`arg-type = string;`
Packit Service	4684c1	`arg-name = "url";`
Packit Service	4684c1	`descrip = "Tests the signature operation of the provided object";`
Packit Service	4684c1	`doc = "It can be used to test the correct operation of the signature operation.`
Packit Service	4684c1	`This operation will sign and verify the signed data.";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = sec-param;`
Packit Service	4684c1	`arg-type = string;`
Packit Service	4684c1	`arg-name = "Security parameter";`
Packit Service	4684c1	`descrip = "Specify the security level [low, legacy, medium, high, ultra].";`
Packit Service	4684c1	`doc = "This is alternative to the bits option. Note however that the`
Packit Service	4684c1	`values allowed by the TPM chip are quantized and given values may be rounded up.";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = bits;`
Packit Service	4684c1	`arg-type = number;`
Packit Service	4684c1	`descrip = "Specify the number of bits for key generate";`
Packit Service	4684c1	`doc = "";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = inder;`
Packit Service	4684c1	`descrip = "Use the DER format for keys.";`
Packit Service	4684c1	`disabled;`
Packit Service	4684c1	`disable = "no";`
Packit Service	4684c1	`doc = "The input files will be assumed to be in the portable`
Packit Service	4684c1	`DER format of TPM. The default format is a custom format used by various`
Packit Service	4684c1	`TPM tools";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = outder;`
Packit Service	4684c1	`descrip = "Use DER format for output keys";`
Packit Service	4684c1	`disabled;`
Packit Service	4684c1	`disable = "no";`
Packit Service	4684c1	`doc = "The output will be in the TPM portable DER format.";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`flag = {`
Packit Service	4684c1	`name = srk-well-known;`
Packit Service	4684c1	`descrip = "SRK has well known password (20 bytes of zeros)";`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`doc-section = {`
Packit Service	4684c1	`ds-type = 'SEE ALSO';`
Packit Service	4684c1	`ds-format = 'texi';`
Packit Service	4684c1	`ds-text = <<-_EOT_`
Packit Service	4684c1	`p11tool (1), certtool (1)`
Packit Service	4684c1	`_EOT_;`
Packit Service	4684c1	`};`
Packit Service	4684c1
Packit Service	4684c1	`doc-section = {`
Packit Service	4684c1	`ds-type = 'EXAMPLES';`
Packit Service	4684c1	`ds-format = 'texi';`
Packit Service	4684c1	`ds-text = <<-_EOT_`
Packit Service	4684c1	`To generate a key that is to be stored in file system use:`
Packit Service	4684c1	`@example`
Packit Service	4684c1	`$ tpmtool --generate-rsa --bits 2048 --outfile tpmkey.pem`
Packit Service	4684c1	`@end example`
Packit Service	4684c1
Packit Service	4684c1	`To generate a key that is to be stored in TPM's flash use:`
Packit Service	4684c1	`@example`
Packit Service	4684c1	`$ tpmtool --generate-rsa --bits 2048 --register --user`
Packit Service	4684c1	`@end example`
Packit Service	4684c1
Packit Service	4684c1	`To get the public key of a TPM key use:`
Packit Service	4684c1	`@example`
Packit Service	4684c1	`$ tpmtool --pubkey tpmkey:uuid=58ad734b-bde6-45c7-89d8-756a55ad1891;storage=user \`
Packit Service	4684c1	`--outfile pubkey.pem`
Packit Service	4684c1	`@end example`
Packit Service	4684c1
Packit Service	4684c1	`or if the key is stored in the file system:`
Packit Service	4684c1	`@example`
Packit Service	4684c1	`$ tpmtool --pubkey tpmkey:file=tmpkey.pem --outfile pubkey.pem`
Packit Service	4684c1	`@end example`
Packit Service	4684c1
Packit Service	4684c1	`To list all keys stored in TPM use:`
Packit Service	4684c1	`@example`
Packit Service	4684c1	`$ tpmtool --list`
Packit Service	4684c1	`@end example`
Packit Service	4684c1	`_EOT_;`
Packit Service	4684c1	`};`
Packit Service	4684c1

source-git / gnutls

Source Code

Blame src/tpmtool-args.def