tss2_authorizepolicy(1)

1tss2_authorizepolicy(1)     General Commands Manual    tss2_authorizepolicy(1)
2
3
4

6       tss2_authorizepolicy(1) -
7

9       tss2_authorizepolicy [OPTIONS]
10

12       fapi-config(5)  to  adjust  Fapi parameters like the used cryptographic
13       profile and TCTI or directories for the Fapi metadata storages.
14
15       fapi-profile(5) to determine the cryptographic algorithms  and  parame‐
16       ters for all keys and operations of a specific TPM interaction like the
17       name hash algorithm, the asymmetric signature algorithm, scheme and pa‐
18       rameters and PCR bank selection.
19

21       tss2_authorizepolicy(1) - This command signs a given policy with a giv‐
22       en key such that the policy can be referenced from other policies  that
23       contain  a  corresponding  PolicyAuthorize  elements.  The signature is
24       done using the TPM signing schemes as specified  in  the  cryptographic
25       profile (cf., fapi-profile(5)).
26

28       These are the available options:
29
30       • -P, --policyPath=STRING: Path of the new policy.
31
32         A  policyPath is composed of two elements, separated by “/”.  A poli‐
33         cyPath starts with “/policy”.  The second path element identifies the
34         policy or policy template using a meaningful name.
35
36       • -p, --keyPath=STRING: Path of the signing key.
37
38       • -r,  --policyRef=FILENAME  or  - (for stdin): A byte buffer to be in‐
39         cluded in the signature.  Optional parameter.
40

42       This collection of options are common to all tss2 programs and  provide
43       information that many users may expect.
44
45       • -h,  --help  [man|no-man]: Display the tools manpage.  By default, it
46         attempts to invoke the manpager for the  tool,  however,  on  failure
47         will  output  a short tool summary.  This is the same behavior if the
48         “man” option argument is specified, however if explicit “man” is  re‐
49         quested,  the  tool  will  provide errors from man on stderr.  If the
50         “no-man” option if specified, or the manpager fails,  the  short  op‐
51         tions will be output to stdout.
52
53         To  successfully use the manpages feature requires the manpages to be
54         installed or on MANPATH, See man(1) for more details.
55
56       • -v, --version: Display version information for this  tool,  supported
57         tctis and exit.
58

60              tss2_authorizepolicy --keyPath=HS/SRK/myPolicySignKey --policyPath=/policy/pcr-policy --policyRef=policyRef.file
61

63       0 on success or 1 on failure.
64

66       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
67

69       See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
70
71
72
73tpm2-tools                        APRIL 2019           tss2_authorizepolicy(1)

NAME

SYNOPSIS

SEE ALSO

DESCRIPTION

OPTIONS

COMMON OPTIONS

EXAMPLE

RETURNS

BUGS

HELP