dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-28 06:33:36 +02:00
Code Releases Activity

ima-evm-utils: update README to reflect "--pcrs", "--verify" and "--validate"

Browse Source 
"--pcrs" compares the re-calculate PCRs against a file containing TPM 1.2 pcrs.
"--validate" ignores ToMToU measurement violations.
"--verify" verifies the template data digest based on the template data.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar 2020-07-10 11:06:42 -04:00
parent 4a96edb6e8
commit 1bf51afb46
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README
View File

@ -31,7 +31,7 @@ COMMANDS
ima_sign [--sigfile] [--key key] [--pass password] file ima_sign [--sigfile] [--key key] [--pass password] file
ima_verify file ima_verify file
ima_hash file ima_hash file
ima_measurement [--verify-sig [--key "key1, key2, ..."]] file ima_measurement [--validate] [--verify] [--verify-sig [--key "key1, key2, ..."]] [--pcrs file] file
ima_fix [-t fdsxm] path ima_fix [-t fdsxm] path
sign_hash [--key key] [--pass password] sign_hash [--key key] [--pass password]
hmac [--imahash | --imasig ] file hmac [--imahash | --imasig ] file
@ -59,6 +59,9 @@ OPTIONS
--m32 force EVM hmac/signature for 32 bit target system --m32 force EVM hmac/signature for 32 bit target system
--m64 force EVM hmac/signature for 64 bit target system --m64 force EVM hmac/signature for 64 bit target system
--engine e preload OpenSSL engine e (such as: gost) --engine e preload OpenSSL engine e (such as: gost)
--pcrs file containing TPM 1.2 pcrs
--validate ignore ToMToU measurement violations
--verify verify the template data digest
--verify-sig verify the file signature based on the file hash, both --verify-sig verify the file signature based on the file hash, both
stored in the template data. stored in the template data.
-v increase verbosity level -v increase verbosity level