lcp2_crtpollist(8)

1LCP2_CRTPOLLIST(8)               User Manuals               LCP2_CRTPOLLIST(8)
2
3
4

NAME

6       lcp2_crtpollist - create an Intel(R) TXT policy list
7

SYNOPSIS

9       lcp2_crtpollist COMMAND [OPTION]
10

DESCRIPTION

12       lcp2_crtpollist is used to create an Intel(R) TXT policy list.
13

OPTIONS

15       --create
16              Create a TXT policy list. The following options are available:
17
18              --listver ver policy  list  version. Supported values are: 0x100
19                            (legacy  LCP_POLICY_LIST),  0x200,  0x201  (legacy
20                            LCP_POLICY_LIST2)   and  0x300  (current  LCP_POL‐
21                            ICY_LIST2_1).
22
23              --out file output file for policy list
24
25              [file]...  policy element files (created with the  lcp2_crpolelt
26                         command).
27
28       --sign Sign a TXT policy list.
29
30              --sigalg <rsa|rsapss|ecdsa|sm2> Signature  algorithm. Lists ver‐
31                                              sion 0x100 only support rsa (rsa
32                                              pkcs  1.5).  Lists version 0x200
33                                              and 0x201 support rsa (rsa  pkcs
34                                              1.5)  and  ecdsa.  Lists version
35                                              0x300 support rsapss and ecdsa.
36
37              --hashalg <sha1|sha256|sha384|sha512|sm2> Hash  algorightm  used
38                                                        for  signing  a  list.
39                                                        Lists  version   0x100
40                                                        only support SHA1.
41
42              --pub file                                Public   key  to  use,
43                                                        must be in PEM format.
44
45              [--priv file]                             Private  key  to  use,
46                                                        must be in PEM format.
47                                                        This  option  is   re‐
48                                                        quired  unless you use
49                                                        the --nosig option
50
51              [--rev counter]                           Revocation     counter
52                                                        value
53
54              [--nosig]                                 Don't  add a SigBlock.
55                                                        This option is ignored
56                                                        if   list  is  version
57                                                        0x300.
58
59              --out file                                Policy list file  (in‐
60                                                        put and output)
61
62       --addsig
63              Add  a  signature.  This  option  is  ignored if list is version
64              0x300.
65
66              --sig file File containing signature (big-endian)
67
68              --out file Policy list file
69
70       --show file
71              Show contents of a policy file
72
73       --verify file
74              Verify policy version 0x300 file.
75
76       --version
77              Show tool version.
78
79       --help Print out the tool's help message.
80
81       --verbose
82              Enable verbose output; can be specified with any command.
83

EXAMPLES

85       Create unsigned policy list with MLE element:
86       lcp2_crtpollist --create --out list.lst mle.elt
87
88       Sign policy:
89       lcp2_crtpollist --sign --sigalg rsa --pub pubkey.pem --priv privkey.pem --out list.lst
90

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

EXAMPLES

SEE ALSO