ptsc.conf man page

Open Platform Trust Services(PTS)

tcsd.conf — configuration file for the PTS collector.

Description

This file, by default /etc/ptsc.conf is read by the ptsc command, (see ptsc(8)). The ptsc.conf file that is installed by openpts contains all the default options, commented out.

OPTIONS(Generic)

config.dir The directory to store the platform/collector data. /var/lib/openpts

ir.dir The directory to store the integrity report. /tmp/.ptsc

uuid.file The file store the UUID of the collector. /var/lib/openpts/uuid

newrm.uuid.file The file store the UUID of the new manifest. /var/lib/openpts/newrm_uuid

ifm.timeout The timeout value [sec].

srk.password.mode The SRK authentication type.
null tpm_takeownership with null password (just enter)
known tpm_takeownership with -z option

tpm.resetdalock Force reset the TPM LOCK FLAG if your TPM returns 0x803 error. "on" or "off"(default)

tpm.quote.type Select TPM_Quote or TPM_Quote2 for an attestation. OpenSSL before version 1.0 can't validate TPM_Quote2 signature. If the platform uses DRTM, use quote2 to cover PCR16-23 quote TPM v1.1b. PCR[0:15]
quote2 TPMv1.2 PCR[0:23]

iml.mode Select the IML access types.
tss via TSS
securityfs direct access to the IML files

bios.iml.file For iml.mode=tss. /sys/kernel/security/tpm0/binary_bios_measurements

runtime.iml.file For iml.mode=tss. /sys/kernel/security/ima/binary_runtime_measurements

pcrs.file For iml.mode=tss. /sys/class/misc/tpm0/device/pcrs

runtime.iml.type Select binary format of Linux-IMA
IMAORIG kernel 2.6.XX - 2.6.29
IMA31 kernel 2.6.30 - 2.6.31
IMA32 kernel 2.6.32 -

aik.storage.type Select storage location of AIK. For Infineon v1.2 TPM use "blob".
tss TSS PS storage
blob file

# BI. aik.storage.filename The filename of key blob file. ./key.blob

BI. aik.auth.type The authentication type of AIK. null null common Common secret

OPTIONS(Validation Models)

model.dir The location of model files. /usr/share/openpts/models

rm.basedir The directory to store the manifests. /var/lib/openpts/

The number/level of manifest.

rm.model.NUM1.pcr.NUM2 The validatiom model for each level(NUM1) and pcr index(NUM2).

OPTIONS (Debug)

logging.file The location of logging file.

logging.location The logging loation: syslog, console

debug.mode The debbug mode. Set 0x01 for debug.

Example (Pc Platform)

model.dir=/usr/share/openpts/models
rm.basedir=/var/lib/openpts/
rm.num=1
rm.model.0.pcr.0=bios_pcr0.uml
rm.model.0.pcr.1=bios_pcr1.uml
rm.model.0.pcr.2=bios_pcr2.uml
rm.model.0.pcr.3=bios_pcr3.uml
rm.model.0.pcr.4=bios_pcr4.uml
rm.model.0.pcr.5=bios_pcr5.uml
rm.model.0.pcr.6=bios_pcr6.uml
rm.model.0.pcr.7=bios_pcr7.uml

See Also

ptsc(8)

Author

Seiji Munetoh

Reporting Bugs

Report bugs to <openpts-users@lists.sourceforge.jp>

Referenced By

ptsc(8).

2012-01-04 OpenPTS