libstb/tss2/ibmtpm20tss/utils/man/man1/tsscertifyx509.1 - skiboot - Git at Google

 .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.6.
 .TH CERTIFYX509 "1" "March 2020" "certifyx509 1.3" "User Commands"
 .SH NAME
 certifyx509 \- Runs TPM2 certifyx509
 .SH DESCRIPTION
 certifyx509
 .PP
 Runs TPM2_Certifyx509
 .TP
 \fB\-ho\fR
 object handle
 .TP
 [\-pwdo
 password for object (default empty)]
 .TP
 \fB\-hk\fR
 certifying key handle
 .TP
 [\-pwdk
 password for key (default empty)]
 .TP
 [\-halg
 (sha1, sha256, sha384 sha512) (default sha256)]
 .TP
 [\-salg
 signature algorithm (rsa, ecc) (default rsa)]
 .TP
 [\-ku
 X509 key usage \- string \- comma separated, no spaces]
 .TP
 [\-iob
 TPMA_OBJECT \- 4 byte hex]
 e.g. sign: critical,digitalSignature,keyCertSign,cRLSign (default)
 e.g. decrypt: critical,dataEncipherment,keyAgreement,encipherOnly,decipherOnly
 e.g. fixedTPM: critical,nonRepudiation
 e.g. parent (restrict decrypt): critical,keyEncipherment
 .TP
 [\-bit
 bit in partialCertificate to toggle]
 .TP
 [\-sub
 subject same as issuer for self signed (root) certificate]
 .TP
 [\-opc
 partial certificate file name (default do not save)]
 .TP
 [\-oa
 addedToCertificate file name (default do not save)]
 .TP
 [\-otbs
 signed tbsDigest file name (default do not save)]
 .TP
 [\-os
 signature file name (default do not save)]
 .TP
 [\-ocert
 reconstructed certificate file name (default do not save)]
 .HP
 \fB\-se[0\-2]\fR session handle / attributes (default PWAP)
 .TP
 01
 continue
 .TP
 20
 command decrypt
 .TP
 40
 response encrypt
	.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6.
	.TH CERTIFYX509 "1" "March 2020" "certifyx509 1.3" "User Commands"
	.SH NAME
	certifyx509 \- Runs TPM2 certifyx509
	.SH DESCRIPTION
	certifyx509
	.PP
	Runs TPM2_Certifyx509
	.TP
	\fB\-ho\fR
	object handle
	.TP
	[\-pwdo
	password for object (default empty)]
	.TP
	\fB\-hk\fR
	certifying key handle
	.TP
	[\-pwdk
	password for key (default empty)]
	.TP
	[\-halg
	(sha1, sha256, sha384 sha512) (default sha256)]
	.TP
	[\-salg
	signature algorithm (rsa, ecc) (default rsa)]
	.TP
	[\-ku
	X509 key usage \- string \- comma separated, no spaces]
	.TP
	[\-iob
	TPMA_OBJECT \- 4 byte hex]
	e.g. sign: critical,digitalSignature,keyCertSign,cRLSign (default)
	e.g. decrypt: critical,dataEncipherment,keyAgreement,encipherOnly,decipherOnly
	e.g. fixedTPM: critical,nonRepudiation
	e.g. parent (restrict decrypt): critical,keyEncipherment
	.TP
	[\-bit
	bit in partialCertificate to toggle]
	.TP
	[\-sub
	subject same as issuer for self signed (root) certificate]
	.TP
	[\-opc
	partial certificate file name (default do not save)]
	.TP
	[\-oa
	addedToCertificate file name (default do not save)]
	.TP
	[\-otbs
	signed tbsDigest file name (default do not save)]
	.TP
	[\-os
	signature file name (default do not save)]
	.TP
	[\-ocert
	reconstructed certificate file name (default do not save)]
	.HP
	\fB\-se[0\-2]\fR session handle / attributes (default PWAP)
	.TP
	01
	continue
	.TP
	20
	command decrypt
	.TP
	40
	response encrypt