tss2_authorizepolicy - Man Page

tss2_authorizepolicy(1) - This command signs a given policy with a given key such that the policy can be referenced from other policies that contain a corresponding PolicyAuthorize elements. The signature is done using the TPM signing schemes as specified in the cryptographic profile (cf., fapi-profile(5)).

Options

These are the available options:

-P, --policyPath=STRING: Path of the new policy.
A policyPath is composed of two elements, separated by “/”. A policyPath starts with “/policy”. The second path element identifies the policy or policy template using a meaningful name.
-p, --keyPath=STRING: Path of the signing key.
-r, --policyRef=FILENAME or - (for stdin): A byte buffer to be included in the signature. Optional parameter.

Common Options

This collection of options are common to all tss2 programs and provide information that many users may expect.

-h, --help [man|no-man]: Display the tools manpage. By default, it attempts to invoke the manpager for the tool, however, on failure will output a short tool summary. This is the same behavior if the “man” option argument is specified, however if explicit “man” is requested, the tool will provide errors from man on stderr. If the “no-man” option if specified, or the manpager fails, the short options will be output to stdout.
To successfully use the manpages feature requires the manpages to be installed or on MANPATH, See man(1) for more details.
-v, --version: Display version information for this tool, supported tctis and exit.

Example

tss2_authorizepolicy --keyPath=HS/SRK/myPolicySignKey --policyPath=/policy/pcr-policy --policyRef=policyRef.file

Returns

0 on success or 1 on failure.

Bugs

Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)

Help

See the Mailing List (https://lists.linuxfoundation.org/mailman/listinfo/tpm2)

Info

APRIL 2019 tpm2-tools General Commands Manual