tss2_authorizepolicy(1) | General Commands Manual | tss2_authorizepolicy(1) |
tss2_authorizepolicy [OPTIONS]
fapi-config(5) to adjust Fapi parameters like the used cryptographic profile and TCTI or directories for the Fapi metadata storages.
fapi-profile(5) to determine the cryptographic algorithms and parameters for all keys and operations of a specific TPM interaction like the name hash algorithm, the asymmetric signature algorithm, scheme and parameters and PCR bank selection.
tss2_authorizepolicy(1) - This command signs a given policy with a given key such that the policy can be referenced from other policies that contain a corresponding PolicyAuthorize elements. The signature is done using the TPM signing schemes as specified in the cryptographic profile (cf., fapi-profile(5)).
These are the available options:
A policyPath is composed of two elements, separated by “/”. A policyPath starts with “/policy”. The second path element identifies the policy or policy template using a meaningful name.
This collection of options are common to all tss2 programs and provide information that many users may expect.
To successfully use the manpages feature requires the manpages to be installed or on MANPATH, See man(1) for more details.
tss2_authorizepolicy --keyPath=HS/SRK/myPolicySignKey --policyPath=/policy/pcr-policy --policyRef=policyRef.file
0 on success or 1 on failure.
Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
See the Mailing List (https://lists.linuxfoundation.org/mailman/listinfo/tpm2)
APRIL 2019 | tpm2-tools |