tpm_verifyquote [-hv] PUBKEY-FILE HASH-FILE NONCE-FILE [QUOTE-FILE]
The program verifies the signature produced by a TPM quote in the file QUOTE-FILE, or when absent, the quote read from standard input. The file PUBKEY-FILE contains the public key used to validate the signature. The file HASH-FILE contains the signed data generated using the same key and Platform Configuration Registers used to generate the quote. Critically, the signed data includes the PCR composite hash used to validate that the PCRs contain their expected values. The file NONCE-FILE contains the nonce used to generate the quote.
Display command usage info.
Display command version info.
tpm_quote_tools(8), tpm_mkaik(8), tpm_getpcrhash(8), tpm_getquote(8)
tpm_getpcrhash(8), tpm_getquote(8), tpm_quote_tools(8).