Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tpm2.0-tools-4.1-lp152.2.3.1 RPM for aarch64

From OpenSuSE Ports Leap 15.2 updates for aarch64

Name: tpm2.0-tools Distribution: openSUSE Leap 15.2
Version: 4.1 Vendor: openSUSE
Release: lp152.2.3.1 Build date: Fri Jun 18 10:14:02 2021
Group: Productivity/Security Build host: obs-arm-8
Size: 6756769 Source RPM: tpm2.0-tools-4.1-lp152.2.3.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://github.com/tpm2-software/tpm2-tools/releases
Summary: Trusted Platform Module (TPM) 2.0 administration tools
Trusted Computing is a set of specifications published by the Trusted
Computing Group (TCG). The Trusted Platform Module (TPM) is the
hardware component for Trusted Computing. The tpm2.0-tools package
provides tools for enablement and configuration of the TPM 2.0 and
associated interfaces.

Provides

Requires

License

BSD-3-Clause

Changelog

* Fri May 28 2021 Matthias Gerstner <matthias.gerstner@suse.com>
  - add 0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch: no longer use a
    fixed AES key in the context of the tpm2_import command. Fixes CVE-2021-3565
    (bsc#1186490).
* Wed Dec 11 2019 matthias.gerstner@suse.com
  - update to major version 4.1 (jsc#SLE-9515):
    - add fix_bad_bufsize.patch: fixes findings from compile time fread() checks
      that indicate bad buffer size specification.
    - add fix_bogus_warning.patch: fixes `maybe-unitialized` warnings that are
      bogus, since the variables in questions will be initialized in any case
      later on.
    - changes in version 4.1:
    * tpm2_certifycreation: New tool enabling command TPM2_CertifyCreation.
    * tpm2_checkquote:
    - Fix YAML output bug.
    - -g option for specifying hash algorithm is optional and defaults to
      sha256.
    * tpm2_changeeps: A new tool for changing the Endorsement hierarchy
      primary seed.
    * tpm2_changepps: A new tool for changing the Platform hierarchy primary seed.
    * tpm2_clockrateadjust: Add a new tool for modifying the period on the TPM.
    * tpm2_create: Add tool options for specifying output data for use in
      certification
    - --creation-data to save the creation data
    - --creation-ticket or -t to save the creation ticket
    - --creation-hash or -d to save the creation hash
    - --template-data for saving the template data of the key
    - --outside-info or -q for specifying unique data to include in creation data.
    - --pcr-list or -l  Add option to specify pcr list to add to creation data.
    * tpm2_createprimary: Add tool options for specifying output data for use
      in certification
    - --creation-data to save the creation data
    - --creation-ticket or -t to save the creation ticket
    - --creation-hash or -d to save the creation hash
    - --template-data for saving the template data of the key
    - --outside-info or -q for specifying unique data to include in creation data.
    - --pcr-list or -l  Add option to specify pcr list to add to creation data.
    * tpm2_evictcontrol:
    - Fix bug in automatic persistent handle selection when
      hierarchy is platform.
    - Fix bug in YAML key action where action was wrong when using ESYS_TR.
    * tpm2_getcap: clean up remanenats of -c option in manpages and tool output.
    * tpm2_gettime: Add a new tool for retrieving a signed timestamp from a TPM.
    * tpm2_nvcertify: Add a new tool for certifying the contents of an NV index.
    * tpm2_nvdefine:
    - Support default set of attributes so -a is not mandatory.
    - Support searching for free index if an index isn't specified.
    * tpm2_nvextend: Add a new tool for extending an NV index similair to a PCR.
    * tpm2_nvreadpublic:
    - Support specifying nv index to read public data from as argument.
    * tpm2_nvsetbits: Add a new tool for setting the values of PCR with type
      "bits".
    * tpm2_nvundefine: Add support for deleting NV indices with attribute
      `TPMA_NV_POLICY_DELETE` set using NV Undefine Special command.
    * tpm2_nvwritelock: Add a new tool for setting a write lock on an NV index
      or globally locking nv indices with TPMA_NV_GLOBALLOCK.
    * tpm2_policyauthorizenv: New tool enabling signed, revocable policies.
    * tpm2_policyauthvalue: New tool enabling authorization to be bound to the
      authorization of another object.
    * tpm2_policycountertimer: Add a new tool for enabling policy bound to TPM
      clock or timer values.
    * tpm2_policynamehash: Add a new tool for specifying policy based on object
      name.
    * tpm2_policynv: Add a new tool for specifying policy based on NV contents.
    * tpm2_nvwritten: Add a new tool for specifying policy based on whether or not
      an NV index was written to.
    * tpm2_policysecret: Add tool options for specifying
    - --expiration or -t
    - --ticket
    - --timeout
    - --nonce-tpm or -x
    - --qualification or -q
    * tpm2_policysigned: New tool enabling policy command TPM2_PolicySigned.
    * tpm2_policytemplate: New tool enabling policy command TPM2_PolicyTemplate.
    * tpm2_policyticket: New tool enabling policy command TPM2_PolicyTicket.
    * tpm2_readclock: Add a new tool for reading the TPM clock.
    * tpm2_setclock: Add a new tool for setting the TPM clock.
    * tpm2_setprimarypolicy: New tool setting policy on hierarchies.
    * tpm2_shutdown: Add a new tool for issuing a TPM shutdown command.
    * misc:
    - Support "tpmt" as a public key output format that only saves the TPMT
      structure.
    - Qualifying data or extra data in many tools can be hex array string or
      binary file.
    - Add support for specifying NV index type when specifying NV attributes.
    - Support added for tools to run on FreeBSD.
    - Skip and notify of action that man pages will not install if the package
      pandoc is missing.
    - Fix precedence issue with bitwise operator order int tpm2_getcap
    - travis: bump abrmd version 2.3.0
    - tpm2_util.c: Fix an issue int variable size was checked against uint
    - pcr.c: Fix buffer length issue to support all defined hash algorithm
    - changes in version 4.0.1:
    * tpm2_checkquote: Fix YAML output bug.
    - changes in version 4.0:
    * tpm2_activatecredential:
    - --context is now --credentialedkey-context.
    - --key-context is now --credentialkey-context.
    - --Password is now --credentialedkey-auth.
    - --endorse-passwd is now --credentialkey-auth.
    - --in-file is now --credential-secret.
    - --out-file is now --certinfo-data.
    - -f becomes -i.
    - -k becomes -C.
    - -e becomes -E.
    * tpm2_certify:
    - --halg is now --hash-algorithm.
    - --obj-context is now --certifiedkey-context.
    - --key-context is now --signingkey-context.
    - --pwdo is now --certifiedkey-auth.
    - --pwdk is now --signingkey-auth.
    - -a becomes -o.
    - -k becomes -p.
    - -c becomes -C.
    - -k becomes -K.
    * tpm2_changeauth:
    - New tool for changing the authorization values of:
    - Hierarchies
    - NV
    - Objects
    - Replaces tpm2_takeownership with more generic functionality.
    * tpm2_checkquote:
    - --halg is now --hash-algorithm.
    - --pcr-input-file is now --pcr.
    - --pubfile is now --public.
    - --qualify-data is now --qualification.
    - -f becomes -F.
    - -F becomes -f.
    - -G becomes -g.
    * tpm2_clear:
    - --lockout-passwd is now --auth-lockout.
    * tpm2_clearcontrol:
    - New tool for enabling or disabling tpm2_clear commands.
    * tpm2_create
    - --object-attributes is now --attributes.
    - --pwdp is now --parent-auth.
    - --pwdo is now --key-auth.
    - --in-file is now --sealing-input.
    - --policy-file is now --policy.
    - --pubfile is now --public.
    - --privfile is now --private.
    - --out-context is now --key-context.
    - --halg is now --hash-algorithm.
    - --kalg is now --key-algorithm.
    - -o becomes -c.
    - -K becomes -p.
    - -A becomes -b.
    - -I becomes -i.
    - -g becomes an optional option.
    - -G becomes an optional option.
    - Supports TPM command CreateLoaded via -c.
    * tpm2_createak:
    - Renamed from tpm2_getpubak
    * tpm2_createek:
    - renamed from tpm2_getpubek
    * tpm2_createpolicy:
    - --out-policy-file is now --policy.
    - --policy-digest-alg is now --policy-algorithm.
    - --auth-policy-session is now --policy-session.
    - -L becomes -l.
    - -F becomes -f.
    - -f becomes -o.
    - Removed option --set-list with short option -L.
    - Removed option --pcr-input-file with short option -F.
    - Pcr policy options replaced with pcr password mini language.
    - Removed short option a for specifying auth session. Use long option --policy-session.
    - Removed short option -P for specifying pcr policy. Use long option --policy-pcr.
    * tpm2_createprimary:
    - --object-attributes is now --attributes.
    - -o is now -c
    - --pwdp is now --hierarchy-auth.
    - --pwdk is now --key-auth.
    - --halg is now --hash-algorithm.
    - --kalg is now --key-algorithm.
    - --context-object is now --key-context.
    - --policy-file is now --policy.
    - support for unique field when creating objects via -u
    - saves a context file for the generated primary's handle to disk via -c.
    - -A becomes -a.
    - -K becomes -p.
    - -H becomes -C.
    - -g becomes optional.
    - -G becomes optional.
    * tpm2_dictionarylockout:
    - --lockout-passwd is now --auth.
    - -P becomes -p.
    * tpm2_duplicate:
    - New tool for duplicating TPM objects.
    * tpm2_encryptdecrypt:
    - --pwdk is now --auth.
    - --out-file is now --output.
    - -D becomes -d.
    - -I becomes an argument.
    - -P becomes -p.
    - Support IVs via -t or --iv.
    - Support modes via -G.
    - Support padding via -e or --pad.
    - Supports input and output to stdin and stdout respectively.
    * tpm2_evictcontrol:
    - --auth is now --hierarchy.
    - --context is now --object-context.
    - --pwda is now --auth.
    - --persistent with short option -S is now an argument.
    - -A becomes -C.
    - Added option --output -o to serialize handle to disk.
    - Removed option --handle with short option -H.
    - Raw object-handles and object-contexts are commonly handled with object
      handling logic.
    - Removed option --input-session-handle with short option -i.
    - Authorization session is now part of password mini language.
    * tpm2_getcap:
    - -c becomes an argument.
    - Most instances of value replaced with raw in YAML output.
    - TPM2_PT_MANUFACTURER displays string value and raw value.
    - Supports --pcr option for listing hash algorithms and bank numbers.
    * tpm2_getekcertificate:
    - Renamed from tpm2_getmanufec
    * tpm2_getmanufec:
    - Renamed the tool to tpm2_getekcertificate.
    - Removed ek key creation and management logic.
    - Added option for getting ek cert for offline platform via -x.
    - Support for ECC keys.
    - --ec-cert is now --ek-certificate,
    - --untrusted is now --allow-unverified,
    - --output is now --ek-public,
    - -U is now -X.
    - -O is now -x.
    - -f becomes -o.
    - Removed option -P or --endorse-passwd.
    - Removed option -p or --ek-passwd.
    - Removed option -w or --owner-passwd.
    - Removed option -H or --persistent-handle.
    - Removed option -G or --key-algorithm.
    - Removed option -N or --non-persistent.
    - Removed option -O or --offline.
    * tpm2_getpubak:
    - renamed to tpm2_createak.
    - -f becomes -p and -f is used for format of public key output.
    - --auth-endorse is now --eh-auth.
    - --auth-ak is now --ak-auth.
    - --halg is now --hash-algorithm.
    - --kalg is now --key-algorithm.
    - -e becomes -P.
    - -P becomes -p.
    - -D becomes -g.
    - -p becomes -u.
    - --context becomes --ak-context.
    - --algorithm becomes --kalg.
    - --digest-alg becomes --halg.
    - --privfile becomes --private.
    - remove -k persistant option. Use tpm2_evictcontrol.
    - Fix -o option to -w.
    - now saves a context file for the generated primary's handle to disk.
    - -E becomes -e.
    - -g changes to -G.
    - support for non-persistent AK generation.
    * tpm2_getpubek:
    - renamed to tpm2_createek
    - --endorse-passwd is now --eh-auth.
    - --owner-passwd is now --owner-auth.
    - --ek-passwd is now --ek-auth.
    - --file is now --public.
    - --context is now --ek-context.
    - --algorithm is now --key-algorithm.
    - -e is now -P.
    - -P is now -p.
    - -p is now -u.
    - -o is now -w.
    - -g is now -G.
    - Support for saving a context file for the generated primary keys handle
      to disk.
    - support for non-persistent EK generation.
    - -f is now -p.
    - -f support for format of public key output.
    * tpm2_getrandom:
    - change default output to binary.
    - add --hex option for output to hex format.
    - --out-file is now --output.
    - bound input request on max hash size per spec, allow -f to override this.
    * tpm_gettestresult:
    - new tool for getting test results.
    * tpm2_hash:
    - add --hex for specifying hex output.
    - default output of hash to stdout.
    - default output of hash as binary.
    - remove output of ticket to stdout.
    - --halg is now --hash-algorithm.
    - --out-file is now --output.
    - -a is now -C.
    - -H is now -a.
    * tpm2_hmac:
    - add -t option for specifying ticket result.
    - --out-file is now --output.
    - --auth-key is now --auth.
    - --algorithm is now --hash-algorithm.
    - --pwdk is now --auth-key.
    - -C is now -c.
    - -P is now -p.
    * tpm2_hierarchycontrol:
    - new tool added for enabling or disabling the use
      of a hierarchy and its associated NV storage.
    * tpm2_import:
    - --object-attributes is now --attributes.
    - --auth-parent is now --parent-auth.
    - --auth-key is now --key-auth.
    - --algorithm is now --key-algorithm.
    - --in-file is now --input.
    - --parent-key is now --parent-context.
    - --privfile is now --private.
    - --pubfile is now --public.
    - --halg is now --hash-algorithm.
    - --policy-file is now --policy.
    - --sym-alg-file is now --encryption-key.
    - -A is now -b.
    - -k is now -i.
    - support OSSL style -passin argument as --passin for PEM file passwords.
    - support additional import key types:
    - RSA1024/2048.
    - AES128/192/256.
    - -q changes to -u to align with tpm2_loads public/private output arguments.
    - Supports setting object name algorithm via -g.
    - support specifying parent key with a context file.
    - --parent-key-handle/-H becomes --parent-key/-C
    - Parent public data option is optional and changes from `-K` to `-U`.
    - Supports importing external RSA 2048 keys via pem files.
    - Supports ECC Parent keys.
    * tpm2_incrementalselftest:
    - Add tool to test support of specific algorithms.
    * tpm2_listpersistent:
    - deleted as tpm2_getcap and tpm2_readpublic can be used instead.
    * tpm2_load:
    - -o is now -c.
    - --context-parent is now --parent-context.
    - --auth-parent is now --auth.
    - --pubfile is now --public.
    - --privfile is now --private.
    - --out-context is now --key-context.
    - now saves a context file for the generated primary's handle to disk.
    - Option `--pwdp` changes to `--auth-parent`.
    * tpm2_loadexternal:
    - --object-attributes is now --attributes.
    - -o is now -c
    - --key-alg is now --key-algorithm.
    - --pubfile is now --public.
    - --privfile is now --private.
    - --auth-key is now --auth.
    - --policy-file is now --policy.
    - --halg is now --hash-algorithm.
    - --out-context is now --key-context.
    - Remove unused -P option.
    - -H is now -a.
    - Fix -A option to -b for attributes.
    - now saves a context file for the generated primary's handle to disk.
    - support OSSL style -passin argument as --passin for PEM file passwords.
    - name output to file and stdout. Changes YAML stdout output.
    - ECC Public and Private PEM support.
    - AES Public and Private "raw file" support.
    - RSA Public and Private PEM support.
    - Object Attribute support.
    - Object authorization support.
    - Default hierarchy changes to the *null* hierarchy.
    * tpm2_makecredential:
    - --out-file is now --credential-blob
    - --enckey is now --encryption-key.
    - Option `--sec` changes to `--secret`.
    * tpm2_nvdefine:
    - --handle-passwd is now --hierarchy-auth.
    - --index-passwd is now --index-auth.
    - --policy-file is now --policy.
    - --auth-handle is now --hierarchy.
    - -a becomes -C.
    - -t becomes -a.
    - -I becomes -p.
    - Removed option --index with short option -x. It is now an argument.
    - Removed option --input-session-handle with short option -S.
    - Authorization session is now part of password mini language.
    * tpm2_nvincrement:
    - New tool to increment value of a Non-Volatile (NV) index setup as a
      counter.
    * tpm2_nvlist:
    - tpm2_nvlist is now tpm2_nvreadpublic.
    * tpm2_nvread:
    - --handle-passwd is now --auth.
    - --auth-handle is now --hierarchy.
    - -a becomes -C.
    - Removed option --index with short option -x. It is now an argument.
    - Removed short option -o for specifying offset. Use long option --offset.
    - Removed option --input-session-handle with short option -S.
    - Authorization session is now part of password mini language.
    - Removed option --set-list with short option -L.
    - Removed option --pcr-input-file with short option -F.
    - Pcr policy options replaced with pcr password mini language.
    - fix a buffer overflow.
    * tpm2_nvreadlock:
    - --handle-passwd is now --auth.
    - --auth-handle is now --hierarchy.
    - -a becomes -C.
    - Removed option --index with short option -x. It is now an argument.
    - Removed option --input-session-handle with short option -S.
    - Authorization session is now part of password mini language.
    * tpm2_nvwrite:
    - --handle-passwd is now --auth.
    - --auth-handle is now --hierarchy.
    - -a becomes -C.
    - Removed option --index with short option -x. It is now an argument.
    - Removed short option -o for specifying offset. Use long option --offset.
    - Removed option --input-session-handle with short option -S.
    - Authorization session is now part of password mini language.
    - Removed option --set-list with short option -L.
    - Removed option --pcr-input-file with short option -F.
    - Pcr policy options replaced with pcr password mini language.
    * tpm2_nvrelease:
    - --handle-passwd is now --auth.
    - --auth-handle is now --hierarchy.
    - -a becomes -C.
    - Removed option --index with short option -x. It is now an argument.
    - Removed option --input-session-handle with short option -S.
    - Authorization session is now part of password mini language.
    * tpm2_nvundefine:
    - Renamed from tpm2_nvrelease.
    * tpm2_pcrallocate:
    - New tool for changing the allocated PCRs of a TPM.
    * tpm2_pcrevent:
    - --password is now --auth.
    - Removed option --pcr-index with short option -i.
    - PCR index is now specified as an argument.
    - Removed option --input-session-handle with short option -S.
    - Authorization session is now part of password mini language.
    * tpm2_pcrlist:
    - -gls options go away with -g and -l becoming a single argument.
    * tpm2_pcrread:
    - Renamed from tpm2_pcrlist.
    * tpm2_print:
    - New tool that decodes a TPM data structure and prints enclosed elements
      to stdout as YAML.
    * tpm2_policyauthorize:
    - New tool that allows for policies to change by associating the policy to
      a signing authority essentially allowing the auth policy to change.
    * tpm2_policycommandcode:
    - New tool to restricts TPM object authorization to specific TPM commands.
    * tpm2_policyduplicationselect:
    - New tool for creating a policy to restrict duplication to a new parent
      and or duplicable object.
    * tpm2_policylocality:
    - New tool for creating a policy restricted to a locality.
    * tpm2_policypcr:
    - New tool to generate a pcr policy event that bounds auth to specific PCR
      values in user defined pcr banks and indices.
    * tpm2_policyor:
    - New tool to compound multiple policies in a logical OR fashion to allow
      multiple auth methods using a policy session.
    * tpm2_policypassword:
    - New tool to mandate specifying of the object password in clear using a
      policy session.
    * tpm2_policysecret:
    - New tool to associate auth of a reference object as the auth of the new
      object using a policy session.
    * tpm2_quote:
    - --ak-context is now --key-context.
    - --ak-password is now --auth.
    - --sel-list is now --pcr-list.
    - --qualify-data is now --qualification-data.
    - --pcrs is now --pcr.
    - --sig-hash-algorithm is now --hash-algorithm.
    - -P becomes -p
    - -L becomes -l.
    - -p becomes -o.
    - -G becomes -g.
    - -g becomes optional.
    - Removed option --id-list with short option -l.
    - Removed option --ak-handle with short option -k.
    - Raw object-handles and object-contexts are commonly handled with object
      handling logic.
    * tpm2_readpublic:
    - --opu is now --output.
    - --context-object is now --object-context.
    - Removed option --object with short option -H.
    - Raw object-handles and object-contexts are commonly handled with object
      handling logic.
    - Added --serialized-handle for saving serialized ESYS_TR handle to disk.
    - Added --name with short option -n for  saving the binary name.
    - Supports ECC pem and der file generation.
    * tpm2_rsadecrypt:
    - --pwdk is now --auth.
    - --out-file is now --output.
    - -P becomes -p.
    - Added --label with short option -l for specifying label.
    - Added --scheme with short option -s for specifying encryption scheme.
    - Removed option -I or in-file input option and make argument.
    - Removed option --key-handle with short option -k.
    - Raw object-handles and object-contexts are commonly handled with object
      handling logic.
    - Removed option --input-session-handle with short option -S.
    - Authorization session is now part of password mini language.
    * tpm2_rsaencrypt:
    - --out-file is now --output.
    - Added --scheme with short option -s for specifying encryption scheme.
    - Added --label with -l for specifying label.
    - Removed option --key-handle with short option -k.
    - Raw object-handles and object-contexts are commonly handled with object
      handling logic.
    - make output binary either stdout or file based on -o.
    * tpm2_selftest:
    - New tool for invoking tpm selftest.
    * tpm2_send:
    - --out-file is now --output.
    * tpm2_sign:
    - --pwdk is now --auth.
    - --halg is now --hash-algorithm.
    - --sig is now --signature.
    - -P becomes -p.
    - -s becomes -o.
    - Added --digest with short option -d.
    - Added --scheme with short option -s.
    - Supports rsapss.
    - Removed option --key-handle with short option -k.
    - Raw object-handles and object-contexts are commonly handled with object
      handling logic.
    - Removed option --msg with short option -m.
    - Make -d toggle if input is a digest.
    - Removed option --input-session-handle with short option -S.
    - Authorization session is now part of password mini language.
    - Supports signing a pre-computed hash via -d.
    * tpm2_startauthsession:
    - New tool to start/save a trial-policy-session (default) or policy-
      authorization-session with command line option --policy-session.
    * tpm2_stirrandom:
    - new command for injecting entropy into the TPM.
    * tpm2_takeownership:
    - split into tpm2_clear and tpm2_changeauth
    * tpm2_testparms:
    - new tool for querying tpm for supported algorithms.
    * tpm2_unseal:
    - --pwdk is now --auth.
    - --outfile is now --output.
    - --item-context is now --object-context.
    - -P becomes -p
    - Removed option --item with short option -H.
    - Raw object-handles and object-contexts are commonly handled with object
      handling logic.
    - Removed option --input-session-handle with short option -S.
    - Authorization session is now part of password mini language.
    - Removed option --set-list with short option -L.
    - Removed option --pcr-input-file with short option -F.
    - Pcr policy options replaced with pcr password mini language.
    * tpm2_verifysignature:
    - --halg is now --hash-algorithm.
    - --msg is now --message.
    - --sig is now --signature.
    - -D becomes -d.
    - -t becomes optional.
    - Issue warning when ticket is specified for a NULL hierarchy.
    - Added option --format with short option -f.
    - Removed option --raw with short option -r.
    - Removed option --key-handle with short option -k.
    - Raw object-handles and object-contexts are commonly handled with object
      handling logic.
    - Support routines for OpenSSL compatible format of public keys (PEM, DER) and
      plain signature data without TSS specific headers.
    * misc:
    - cmac algorithm support.
    - Add support for reading authorisation passwords from a file.
    - Ported all tools from SAPI to ESAPI.
    - Load TCTI's by SONAME, not raw .so file.
    - system tests are now run with make check when --enable-unit is used in configure.
    - Libre SSL builds fixed.
    - Dynamic TCTIS. Support for pluggable TCTI modules via the -T or --tcti
      options.
    - test: system testing scripts moved into subordinate test directory.
    - configure: enable code coverage option.
    - env: add TPM2TOOLS_ENABLE_ERRATA to control the -Z or errata option.
      affects all tools.
    - Fix parsing bug in PCR mini-language.
    - Fix misspelling of TPM2_PT_HR constants which effects tpm2_getcap output.
    - configure option --with-bashcompdir for specifying bash completion
      directory.
    - changes in version 3.2.1:
    * Fix invalid memcpy when extracting ECDSA plain signatures.
    * Fix resource leak on FILE * in hashing routine.
    * Correct PCR logic to prevent memory corruption bug.
    * Errata handler fix.
    - changes in version 3.2.0:
    * fix configure bug for linking against libmu.
    * tpm2_changeauth: Support changing platform hierarchy auth.
    * tpm2_flushcontext: Introduce new tool for flushing handles from the TPM.
    * tpm2_checkquote: Introduce new tool for checking validity of quotes.
    * tpm2_quote: Add ability to output PCR values for quotes.
    * tpm2_makecredential: add support for executing tool off-TPM.
    * tpm2_pcrreset: introduce new tool for resetting PCRs.
    * tpm2_quote: Fix AK auth password not being used.
* Mon Aug 26 2019 matthias.gerstner@suse.com
  - update to minor version 3.1.4:
    * Fix various man pages
    * tpm2_getmanufec: fix OSSL build warnings
    * Fix broken -T option
    * Various build compatibility fixes
    * Fix some unit tests
    * Update build for recent autoconf-archive versions
    * Install m4 files
* Wed Mar 06 2019 matthias.gerstner@suse.com
  - update to minor version 3.1.3:
    - Restore support for the TPM2TOOLS_* env vars for TCTI configuration, in
      addition to supporting the new unified TPM2TOOLS_ENV_TCTI
    - Fix tpm2_getcap to print properties with the TPM_PT prefix, rather than
      TPM2_PT
    - Make test_tpm2_activecredential Python 3 compatible
    - Fix tpm2_takeownership to only attempt to change the specified hierarchies
  - use a _service file to sync with upstream tags
* Wed Sep 26 2018 matthias.gerstner@suse.com
  - update to minor version 3.1.2 (FATE#326270):
    - Revert the change to use user supplied object attributes exclusively. This
      is an inappropriate behavioural change for a MINOR version number
      increment.
    - Fix inclusion of object attribute specifiers section in tpm2_create and
      tpm2_createprimary man pages.
    - Use better object attribute defaults for authentication, preventing an
      empty password being used for authentication when a policy is set.
* Wed Aug 22 2018 matthias.gerstner@suse.com
  - update to minor version 3.1.1:
    - Allow man page installation without pandoc being available
* Fri Jun 29 2018 matthias.gerstner@suse.com
  - update to major version 3.1.0:
    - the tpm2 stack introduces an incompatible ABI to the previous version with
      this update. There is no compatibility layer, libraries have new names
    - install-man.patch: dropped, because we don't really need it
    - tpm2.0-tools-fix-hardening.patch: contained in upstream tarball now
    s etc.
    - upstream changelog:
    * tpm2_unseal: -P becomes -p
    * tpm2_sign: -P becomes -p
    * tpm2_nvreadlock: long form for -P is now --auth-hierarchy
    * tpm2_rsadecrypt: -P becomes -p
    * tpm2_nvrelease: long-form of -P becomes --auth-hierarchy
    * tpm2_nvdefine: -I becomes -p
    * tpm2_encryptdecrypt: -P becomes -p
    * tpm2_dictionarylockout: -P becomes -p
    * tpm2_createprimary: -K becomes -p
    * tpm2_createak: -E becomes -e
    * tpm2_certify: -k becomes -p
    * tpm2_hash: -g changes to -G
    * tpm2_encryptdecrypt: Support IVs via -i and algorithm modes via -G.
    * tpm2_hmac: drop -g, just use the algorithm associated with the object.
    * tpm2_getmanufec: -g changes to -G
    * tpm2_createek: -g changes to -G
    * tpm2_createak: -g changes to -G
    * tpm2_verifysignature: -g becomes -G
    * tpm2_sign: -g becomes -G
    * tpm2_import: support specifying parent key with a context file,
    - -parent-key-handle/-H becomes --parent-key/-C
    * tpm2_nvwrite and tpm2_nvread: when -P is "index" -a is optional and defaults to
      the NV_INDEX value passed to -x.
    * Load TCTI's by SONAME, not raw .so file
    * tpm2_activatecredential: -e becomes -E
    * tpm2_activatecredential: -e becomes -E
    * tpm2_certify: -c and -C are swapped, -k becomes -K
    * tpm2_createprimary: -K becomes -k
    * tpm2_encryptdecrypt: supports input and output to stdin and stdout respectively.
    * tpm2_create: -g/-G become optional options.
    * tpm2_createprimary: -g/-G become optional options.
    * tpm2_verifysignature - Option `-r` changes to `-f` and supports signature format "rsa".
    * tpm2_import - Parent public data option, `-K` is optional.
    * tpm2_import - Supports importing external RSA 2048 keys via pem files.
    * tpm2_pcrlist: Option `--algorithm` changes to `--halg`, which is in line with other tools.
    * tpm2_verifysignature: Option `-r` and `--raw` have been removed. This were unused within the tool.
    * tpm2_hmac: Option `--algorithm` changes to `--halg`, which is in line with the manpage.
    * tpm2_makecredential: Option `--sec` changes to `--secret`.
    * tpm2_activatecredential: Option `--Password` changes to `--auth-key`.
    * system tests are now run with make check when --enable-unit is used in configure.
    * tpm2_unseal: Option `--pwdk` changes to `--auth-key`.
    * tpm2_sign: Option `--pwdk` changes to `--auth-key`.
    * tpm2_rsadecrypt: Option `--pwdk` changes to `--auth-key`.
    * tpm2_quote: Option `--ak-passwd` changes to `--auth-ak`
    * tpm2_pcrevent: Option `--passwd` changes to `--auth-pcr`
    * tpm2_nvwrite: Options `--authhandle` and `--handle-passwd`
      changes to `--hierarchy` and `--auth-hierarchy` respectively.
    * tpm2_nvread: Options `--authhandle` and `--handle-passwd`
      changes to `--hierarchy` and `--auth-hierarchy` respectively.
    * tpm2_nvdefine: Options `--authhandle`, `--handle-passwd` and `--index-passwd`
      changes to `--hierarchy`, `--auth-hierarchy` and `--auth-index`
      respectively.
    * tpm2_loadexternal: `-H` changes to `-a` for specifying hierarchy.
    * tpm2_load: Option `--pwdp` changes to `--auth-parent`.
    * tpm2_hmac: Option `--pwdk` changes to `--auth-key`.
    * tpm2_hash: `-H` changes to `-a` for specifying hierarchy.
    * tpm2_getmanufec: Options `--owner-passwd`, `--endorse-passwd`
    * and `--ek-passwd`change to `--auth-owner`, `--auth-endorse`
      and `--auth-ek` respectively.
    * tpm2_evictcontrol: Option group `-A` and `--auth` changes to `-a` and `--hierarchy`
      Option `--pwda` changes to `--auth-hierarchy`
    * tpm2_encryptdecrypt: Option `--pwdk` changes to `--auth-key`.
    * tpm2_dictionarylockout: Option `--lockout-passwd` changes to `--auth-lockout`
    * tpm2_createprimary: Options `--pwdp` and `--pwdk` change to
      `--auth-hierarchy` and `--auth-object` respectively.
    * tpm2_createek: Options `--owner-passwd`, `--endorse-passwd`
    * and `--ek-passwd`change to `--auth-owner`, `--auth-endorse`
      and `--auth-ek` respectively.
    * tpm2_createak: Options `--owner-passwd`, `--endorse-passwd`
    * and `--ak-passwd`change to `--auth-owner`, `--auth-endorse`
      and `--auth-ak` respectively.
    * tpm2_create: Options `--pwdo` and `--pwdk` change to `--auth-object` and
      `--auth-key` respectively.
    * tpm2_clearlock: Option `--lockout-passwd` changes to `--auth-lockout`
    * tpm2_clear: Option `--lockout-passwd` changes to `--auth-lockout`
    * tpm2_changeauth: Options, `--old-owner-passwd`, `--old-endorse-passwd`,
      and `--old-lockout-passwd` go to `--old-auth-owner`, `--old-auth-endorse`,
      and `--old-auth-lockout` respectively.
    * tpm2_certify: Options `--pwdo` and `--pwdk` change to `--auth-object` and
      `--auth-key` respectively.
    * tpm2_createprimary: `-H` changes to `-a` for specifying hierarchy.
    * tpm2_createak: support for non-persistent AK generation.
    * tpm2_createek: support for non-persistent EK generation.
    * tpm2_getpubak renamed to tpm2_createak, -f becomes -p and -f is used for format of public key
      output.
    * tpm2_getpubek renamed to tpm2_createek, -f becomes -p and -f is used for format of public key
      output.
    * Libre SSL builds fixed.
    * Dynamic TCTIS. Support for pluggable TCTI modules via the -T or --tcti options.
    * tpm2_sign: supports signing a pre-computed hash via -D
    * tpm2_clearlock: tool added
    * test: system testing scripts moved into subordinate test directory.
    * fix a buffer overflow in nvread/write tools.
    * configure: enable code coverage option.
    * tpm2_takeownership: split into tpm2_clear and tpm2_changeauth
    * env: add TPM2TOOLS_ENABLE_ERRATA to control the -Z or errata option.
* Tue Jun 05 2018 matthias.gerstner@suse.com
  - fix build after adding install-man.patch: autoreconf is needed again (sigh!)
* Wed May 02 2018 matthias.gerstner@suse.com
  - install-man.patch: even after update to 3.0.4 the man pages are not
    installed correctly. This patch fixes it locally.
* Wed May 02 2018 matthias.gerstner@suse.com
  - update to version 3.0.4:
    - Fix save and load for TPM2B_PRIVATE object.
    - Use a default buffer size for tpm2_nv{read,write} if the TPM reports a 0 size.
    - Fix --verbose and --version options crossover.
    - Generate man pages from markdown and include them in the distribution tarball.
    - Print usage summary if tools are executed with no options or man page can't be displayed.
  - man pages will be shipped for SLE version now, too (pandoc dependency was removed)
* Wed Mar 07 2018 matthias.gerstner@suse.com
  - disable pandoc for all but openSUSE, since pandoc never was on SLE
* Wed Mar 07 2018 matthias.gerstner@suse.com
  - disable pandoc/man pages generation on SLE-15, because pandoc is not
    available there (and adding it would require two dozen additional haskell
    packages)
* Thu Feb 22 2018 matthias.gerstner@suse.com
  - update to version 3.0.3:
    - various changes in tool options
    - man pages are now in section 1 (formerly in section 8)
    - tools are now installed in /usr/bin (formerly /usr/sbin)
* Thu Nov 09 2017 vcizek@suse.com
  - update to version 2.1.1
    * Potential memory leak fix when tcti/sapi initialization fails.
    * tpm2_listpcrs: use TPM2_GetCapability to determine PCRs to read
    * listpcrs: remove one redundant call to tpm get cap
    * listpcrs: fix for unsupported/disabled alg in -L
    * build: use supported comment to suppress GCC7 fallthrough warning
    * kdfa: allow to build with OpenSSL 1.1.x (bsc#1067392)
  - drop patches (upstream)
    * 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch
    * tpm2.0-tools-fix-gcc7.patch
* Mon Aug 21 2017 matthias.gerstner@suse.com
  - update to version 2.1.0:
    - dropped 0002-kdfa-use-openssl-for-hmac-not-tpm.patch, was backported
    upstream in commit 788a17abbe0000c560935ef9f31c9a6892d9ea33
    - this version now can interact with the new resource manager tpm2.0-abrmd
    - Upstream changes:
    * Fix readx and writex on multiple EINTR returns.
    * Add support for the tabrmd TCTI. This is the new default.
    * Change default socket port from 2323 (the old resourcemgr) to 2321
      (default simulator port).
    * Cherry-pick fix for CVE-2017-7524.
    * Fix tpm2_listpcr command line option handling.
    * Fix tpm2_getmanufec memory issues.
* Thu Jul 20 2017 matthias.gerstner@suse.com
  - added the new abrmd package to recommends, because the tools will otherwise
    not function
* Thu Jun 29 2017 matthias.gerstner@suse.com
  - 0002-kdfa-use-openssl-for-hmac-not-tpm.patch: fixed unexpected leak of
    cleartext password into the tpm when generating an HMAC in the context of
    tpm_kdfa() (key derivation function) (bnc#1046402, CVE-2017-7524)
* Tue Jun 20 2017 matthias.gerstner@suse.com
  - 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch: fixed
    tpm2_listpcrs aborting saying "too much pcrs to get!" (bnc#1044419)
* Fri Jun 02 2017 meissner@suse.com
  - tpm2.0-tools-fix-hardening.patch: do not disable fortify,
    do not use -Wstack-protector as it warns also for non-utilized
    functions and then -Werror fails.
  - tpm2.0-tools-fix-gcc7.patch: fixed gcc7 case fallthrough errors
* Wed May 10 2017 matthias.gerstner@suse.com
  - Major update to 2.0.0
    - dropped fixes.patch, now part of the upstream version
    - a set of man pages have been added to the package
    - Upstream changes:
    * Tracked on the milestone: https://github.com/01org/tpm2.0-tools/milestone/2
    * Reworked all the tools to support configurable TCTIs, based on build time
      configuration, one can specify the tcti via the --tcti (-T) option to all
      tools.
    * tpm2_getrandom interface made -s a positional argument.
    * Numerous bug fixes.
* Mon Mar 06 2017 meissner@suse.com
  - buildrequire pkgconfig
* Wed Mar 01 2017 meissner@suse.com
  - Updated to 1.1.0 / 016-11-04 (FATE#321509)
    - Added
    * travis ci support.
    * Allow for unit tests to be enabled selectively.
    * tpm2_rc_decode tool: Decode TPM_RC error codes.
    * Android Make file
    * tpm2_listpersistent: list all persistent objects
    * test scripts for tpm2-tools
    * tpm2_nvreadlock
    * tpm2_getmanufec: retrieve EC from tpm manufacturer server.
    * Copy 'common' and 'sample' code from the TPM2.0-TSS repo.
    - Modified
    * tpm2_takeownership: update option -c to use lockout password to clear.
    * tpm2_listpcrs: add options -L and -s, rewrite to increase performance.
    * tpm2_quote: added -L option to support selection of multiple banks.
    * tpm2_quote: add -q option to get qualifying data.
    * configure: Use pkg-config to get info about libcurl and libcrypto.
    * configure: Use pkg-config to locate SAPI and TCTI headers / libraries.
    * tpm2_x: Add -X option to enable password input in Hex format.
    * tpm2_nvdefine: Change -X option to -I.
    * tpm2-nvwrite: fix for unable to write 1024B+ data.
    * tpm2_getmanufec: Fix base64 encoding.
    * tpm2_x: fixed a lot of TPM2B failures caused by wrong initialization.
    * tpm2_getmanufec: let configure handle libs.
    * tpm2_getmanufec: Convert from dos to unix format.
    * build: Check for TSS2 library @ configure time.
    * build: Detect required TSS2 and TCTI headers.
    * build: Use libtool to build the common library
    * build: Install all binaries into sbin.
    * build: Build common sources into library.
    * build: Move all source files to 'src'.
    * Makefile.am: Move all build rules into single Makefile.am.
    * everything: Use new TCTI headers and fixup API calls.
    * everything: Update source to cope with sapi header cleanup.
    * tpm2_activatecredential: Updated to support TCG compatible EK
    * tpm2_getpubak: Updated to use TCG compatible EK
    * tpm2_getpubek: fix ek creation to follow TCG EK profile spec.
    - Removed
    * Windows related code
    * depenedency on the TPM2.0-TSS repo source code
  - 1.0-alpha_0.zip: removed, use tpm2-0-tss directly.
  - tpm2-install-binaries.patch: not needed anymore.
  - fixes.patch: fixed random return build errors.
* Mon Aug 22 2016 meissner@suse.com
  - update description
* Thu Mar 24 2016 meissner@suse.com
  - initial import of tpm2.0-tools

Files

/usr/bin/tpm2_activatecredential
/usr/bin/tpm2_certify
/usr/bin/tpm2_certifycreation
/usr/bin/tpm2_changeauth
/usr/bin/tpm2_changeeps
/usr/bin/tpm2_changepps
/usr/bin/tpm2_checkquote
/usr/bin/tpm2_clear
/usr/bin/tpm2_clearcontrol
/usr/bin/tpm2_clockrateadjust
/usr/bin/tpm2_create
/usr/bin/tpm2_createak
/usr/bin/tpm2_createek
/usr/bin/tpm2_createpolicy
/usr/bin/tpm2_createprimary
/usr/bin/tpm2_dictionarylockout
/usr/bin/tpm2_duplicate
/usr/bin/tpm2_encryptdecrypt
/usr/bin/tpm2_evictcontrol
/usr/bin/tpm2_flushcontext
/usr/bin/tpm2_getcap
/usr/bin/tpm2_getekcertificate
/usr/bin/tpm2_getrandom
/usr/bin/tpm2_gettestresult
/usr/bin/tpm2_gettime
/usr/bin/tpm2_hash
/usr/bin/tpm2_hierarchycontrol
/usr/bin/tpm2_hmac
/usr/bin/tpm2_import
/usr/bin/tpm2_incrementalselftest
/usr/bin/tpm2_load
/usr/bin/tpm2_loadexternal
/usr/bin/tpm2_makecredential
/usr/bin/tpm2_nvcertify
/usr/bin/tpm2_nvdefine
/usr/bin/tpm2_nvextend
/usr/bin/tpm2_nvincrement
/usr/bin/tpm2_nvread
/usr/bin/tpm2_nvreadlock
/usr/bin/tpm2_nvreadpublic
/usr/bin/tpm2_nvsetbits
/usr/bin/tpm2_nvundefine
/usr/bin/tpm2_nvwrite
/usr/bin/tpm2_nvwritelock
/usr/bin/tpm2_pcrallocate
/usr/bin/tpm2_pcrevent
/usr/bin/tpm2_pcrextend
/usr/bin/tpm2_pcrread
/usr/bin/tpm2_pcrreset
/usr/bin/tpm2_policyauthorize
/usr/bin/tpm2_policyauthorizenv
/usr/bin/tpm2_policyauthvalue
/usr/bin/tpm2_policycommandcode
/usr/bin/tpm2_policycountertimer
/usr/bin/tpm2_policyduplicationselect
/usr/bin/tpm2_policylocality
/usr/bin/tpm2_policynamehash
/usr/bin/tpm2_policynv
/usr/bin/tpm2_policynvwritten
/usr/bin/tpm2_policyor
/usr/bin/tpm2_policypassword
/usr/bin/tpm2_policypcr
/usr/bin/tpm2_policyrestart
/usr/bin/tpm2_policysecret
/usr/bin/tpm2_policysigned
/usr/bin/tpm2_policytemplate
/usr/bin/tpm2_policyticket
/usr/bin/tpm2_print
/usr/bin/tpm2_quote
/usr/bin/tpm2_rc_decode
/usr/bin/tpm2_readclock
/usr/bin/tpm2_readpublic
/usr/bin/tpm2_rsadecrypt
/usr/bin/tpm2_rsaencrypt
/usr/bin/tpm2_selftest
/usr/bin/tpm2_send
/usr/bin/tpm2_setclock
/usr/bin/tpm2_setprimarypolicy
/usr/bin/tpm2_shutdown
/usr/bin/tpm2_sign
/usr/bin/tpm2_startauthsession
/usr/bin/tpm2_startup
/usr/bin/tpm2_stirrandom
/usr/bin/tpm2_testparms
/usr/bin/tpm2_unseal
/usr/bin/tpm2_verifysignature
/usr/share/bash-completion
/usr/share/bash-completion/completions
/usr/share/bash-completion/completions/tpm2_activatecredential
/usr/share/bash-completion/completions/tpm2_certify
/usr/share/bash-completion/completions/tpm2_certifycreation
/usr/share/bash-completion/completions/tpm2_changeauth
/usr/share/bash-completion/completions/tpm2_changeeps
/usr/share/bash-completion/completions/tpm2_changepps
/usr/share/bash-completion/completions/tpm2_checkquote
/usr/share/bash-completion/completions/tpm2_clear
/usr/share/bash-completion/completions/tpm2_clearcontrol
/usr/share/bash-completion/completions/tpm2_clockrateadjust
/usr/share/bash-completion/completions/tpm2_completion.bash
/usr/share/bash-completion/completions/tpm2_create
/usr/share/bash-completion/completions/tpm2_createak
/usr/share/bash-completion/completions/tpm2_createek
/usr/share/bash-completion/completions/tpm2_createpolicy
/usr/share/bash-completion/completions/tpm2_createprimary
/usr/share/bash-completion/completions/tpm2_dictionarylockout
/usr/share/bash-completion/completions/tpm2_duplicate
/usr/share/bash-completion/completions/tpm2_encryptdecrypt
/usr/share/bash-completion/completions/tpm2_evictcontrol
/usr/share/bash-completion/completions/tpm2_flushcontext
/usr/share/bash-completion/completions/tpm2_getcap
/usr/share/bash-completion/completions/tpm2_getekcertificate
/usr/share/bash-completion/completions/tpm2_getrandom
/usr/share/bash-completion/completions/tpm2_gettestresult
/usr/share/bash-completion/completions/tpm2_gettime
/usr/share/bash-completion/completions/tpm2_hash
/usr/share/bash-completion/completions/tpm2_hierarchycontrol
/usr/share/bash-completion/completions/tpm2_hmac
/usr/share/bash-completion/completions/tpm2_import
/usr/share/bash-completion/completions/tpm2_incrementalselftest
/usr/share/bash-completion/completions/tpm2_load
/usr/share/bash-completion/completions/tpm2_loadexternal
/usr/share/bash-completion/completions/tpm2_makecredential
/usr/share/bash-completion/completions/tpm2_nvcertify
/usr/share/bash-completion/completions/tpm2_nvdefine
/usr/share/bash-completion/completions/tpm2_nvextend
/usr/share/bash-completion/completions/tpm2_nvincrement
/usr/share/bash-completion/completions/tpm2_nvread
/usr/share/bash-completion/completions/tpm2_nvreadlock
/usr/share/bash-completion/completions/tpm2_nvreadpublic
/usr/share/bash-completion/completions/tpm2_nvsetbits
/usr/share/bash-completion/completions/tpm2_nvundefine
/usr/share/bash-completion/completions/tpm2_nvwrite
/usr/share/bash-completion/completions/tpm2_nvwritelock
/usr/share/bash-completion/completions/tpm2_pcrallocate
/usr/share/bash-completion/completions/tpm2_pcrevent
/usr/share/bash-completion/completions/tpm2_pcrextend
/usr/share/bash-completion/completions/tpm2_pcrread
/usr/share/bash-completion/completions/tpm2_pcrreset
/usr/share/bash-completion/completions/tpm2_policyauthorize
/usr/share/bash-completion/completions/tpm2_policyauthorizenv
/usr/share/bash-completion/completions/tpm2_policyauthvalue
/usr/share/bash-completion/completions/tpm2_policycommandcode
/usr/share/bash-completion/completions/tpm2_policycountertimer
/usr/share/bash-completion/completions/tpm2_policyduplicationselect
/usr/share/bash-completion/completions/tpm2_policylocality
/usr/share/bash-completion/completions/tpm2_policynamehash
/usr/share/bash-completion/completions/tpm2_policynv
/usr/share/bash-completion/completions/tpm2_policynvwritten
/usr/share/bash-completion/completions/tpm2_policyor
/usr/share/bash-completion/completions/tpm2_policypassword
/usr/share/bash-completion/completions/tpm2_policypcr
/usr/share/bash-completion/completions/tpm2_policyrestart
/usr/share/bash-completion/completions/tpm2_policysecret
/usr/share/bash-completion/completions/tpm2_policysigned
/usr/share/bash-completion/completions/tpm2_policytemplate
/usr/share/bash-completion/completions/tpm2_policyticket
/usr/share/bash-completion/completions/tpm2_print
/usr/share/bash-completion/completions/tpm2_quote
/usr/share/bash-completion/completions/tpm2_rc_decode
/usr/share/bash-completion/completions/tpm2_readclock
/usr/share/bash-completion/completions/tpm2_readpublic
/usr/share/bash-completion/completions/tpm2_rsadecrypt
/usr/share/bash-completion/completions/tpm2_rsaencrypt
/usr/share/bash-completion/completions/tpm2_selftest
/usr/share/bash-completion/completions/tpm2_send
/usr/share/bash-completion/completions/tpm2_setclock
/usr/share/bash-completion/completions/tpm2_setprimarypolicy
/usr/share/bash-completion/completions/tpm2_shutdown
/usr/share/bash-completion/completions/tpm2_sign
/usr/share/bash-completion/completions/tpm2_startauthsession
/usr/share/bash-completion/completions/tpm2_startup
/usr/share/bash-completion/completions/tpm2_stirrandom
/usr/share/bash-completion/completions/tpm2_testparms
/usr/share/bash-completion/completions/tpm2_unseal
/usr/share/bash-completion/completions/tpm2_verifysignature
/usr/share/doc/packages/tpm2.0-tools
/usr/share/doc/packages/tpm2.0-tools/CHANGELOG.md
/usr/share/doc/packages/tpm2.0-tools/LICENSE
/usr/share/doc/packages/tpm2.0-tools/README.md
/usr/share/man/man1/tpm2_activatecredential.1.gz
/usr/share/man/man1/tpm2_certify.1.gz
/usr/share/man/man1/tpm2_certifycreation.1.gz
/usr/share/man/man1/tpm2_changeauth.1.gz
/usr/share/man/man1/tpm2_changeeps.1.gz
/usr/share/man/man1/tpm2_changepps.1.gz
/usr/share/man/man1/tpm2_checkquote.1.gz
/usr/share/man/man1/tpm2_clear.1.gz
/usr/share/man/man1/tpm2_clearcontrol.1.gz
/usr/share/man/man1/tpm2_clockrateadjust.1.gz
/usr/share/man/man1/tpm2_create.1.gz
/usr/share/man/man1/tpm2_createak.1.gz
/usr/share/man/man1/tpm2_createek.1.gz
/usr/share/man/man1/tpm2_createpolicy.1.gz
/usr/share/man/man1/tpm2_createprimary.1.gz
/usr/share/man/man1/tpm2_dictionarylockout.1.gz
/usr/share/man/man1/tpm2_duplicate.1.gz
/usr/share/man/man1/tpm2_encryptdecrypt.1.gz
/usr/share/man/man1/tpm2_evictcontrol.1.gz
/usr/share/man/man1/tpm2_flushcontext.1.gz
/usr/share/man/man1/tpm2_getcap.1.gz
/usr/share/man/man1/tpm2_getekcertificate.1.gz
/usr/share/man/man1/tpm2_getrandom.1.gz
/usr/share/man/man1/tpm2_gettestresult.1.gz
/usr/share/man/man1/tpm2_gettime.1.gz
/usr/share/man/man1/tpm2_hash.1.gz
/usr/share/man/man1/tpm2_hierarchycontrol.1.gz
/usr/share/man/man1/tpm2_hmac.1.gz
/usr/share/man/man1/tpm2_import.1.gz
/usr/share/man/man1/tpm2_incrementalselftest.1.gz
/usr/share/man/man1/tpm2_load.1.gz
/usr/share/man/man1/tpm2_loadexternal.1.gz
/usr/share/man/man1/tpm2_makecredential.1.gz
/usr/share/man/man1/tpm2_nvcertify.1.gz
/usr/share/man/man1/tpm2_nvdefine.1.gz
/usr/share/man/man1/tpm2_nvextend.1.gz
/usr/share/man/man1/tpm2_nvincrement.1.gz
/usr/share/man/man1/tpm2_nvread.1.gz
/usr/share/man/man1/tpm2_nvreadlock.1.gz
/usr/share/man/man1/tpm2_nvreadpublic.1.gz
/usr/share/man/man1/tpm2_nvsetbits.1.gz
/usr/share/man/man1/tpm2_nvundefine.1.gz
/usr/share/man/man1/tpm2_nvwrite.1.gz
/usr/share/man/man1/tpm2_nvwritelock.1.gz
/usr/share/man/man1/tpm2_pcrallocate.1.gz
/usr/share/man/man1/tpm2_pcrevent.1.gz
/usr/share/man/man1/tpm2_pcrextend.1.gz
/usr/share/man/man1/tpm2_pcrread.1.gz
/usr/share/man/man1/tpm2_pcrreset.1.gz
/usr/share/man/man1/tpm2_policyauthorize.1.gz
/usr/share/man/man1/tpm2_policyauthorizenv.1.gz
/usr/share/man/man1/tpm2_policyauthvalue.1.gz
/usr/share/man/man1/tpm2_policycommandcode.1.gz
/usr/share/man/man1/tpm2_policycountertimer.1.gz
/usr/share/man/man1/tpm2_policyduplicationselect.1.gz
/usr/share/man/man1/tpm2_policylocality.1.gz
/usr/share/man/man1/tpm2_policynamehash.1.gz
/usr/share/man/man1/tpm2_policynv.1.gz
/usr/share/man/man1/tpm2_policynvwritten.1.gz
/usr/share/man/man1/tpm2_policyor.1.gz
/usr/share/man/man1/tpm2_policypassword.1.gz
/usr/share/man/man1/tpm2_policypcr.1.gz
/usr/share/man/man1/tpm2_policyrestart.1.gz
/usr/share/man/man1/tpm2_policysecret.1.gz
/usr/share/man/man1/tpm2_policysigned.1.gz
/usr/share/man/man1/tpm2_policytemplate.1.gz
/usr/share/man/man1/tpm2_policyticket.1.gz
/usr/share/man/man1/tpm2_print.1.gz
/usr/share/man/man1/tpm2_quote.1.gz
/usr/share/man/man1/tpm2_rc_decode.1.gz
/usr/share/man/man1/tpm2_readclock.1.gz
/usr/share/man/man1/tpm2_readpublic.1.gz
/usr/share/man/man1/tpm2_rsadecrypt.1.gz
/usr/share/man/man1/tpm2_rsaencrypt.1.gz
/usr/share/man/man1/tpm2_selftest.1.gz
/usr/share/man/man1/tpm2_send.1.gz
/usr/share/man/man1/tpm2_setclock.1.gz
/usr/share/man/man1/tpm2_setprimarypolicy.1.gz
/usr/share/man/man1/tpm2_sign.1.gz
/usr/share/man/man1/tpm2_startauthsession.1.gz
/usr/share/man/man1/tpm2_startup.1.gz
/usr/share/man/man1/tpm2_stirrandom.1.gz
/usr/share/man/man1/tpm2_testparms.1.gz
/usr/share/man/man1/tpm2_unseal.1.gz
/usr/share/man/man1/tpm2_verifysignature.1.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Nov 28 00:03:51 2021