"\n%3$sTPM2 Enrollment:%4$s\n"
" --tpm2-device=PATH\n"
" Enroll a TPM2 device\n"
- " --tpm2-seal-key-handle=HANDLE\n"
- " Specify handle of key to use for sealing\n"
" --tpm2-device-key=PATH\n"
" Enroll a TPM2 device using its public key\n"
+ " --tpm2-seal-key-handle=HANDLE\n"
+ " Specify handle of key to use for sealing\n"
" --tpm2-pcrs=PCR1+PCR2+PCR3+…\n"
" Specify TPM2 PCRs to seal against\n"
" --tpm2-public-key=PATH\n"
ARG_PKCS11_TOKEN_URI,
ARG_FIDO2_DEVICE,
ARG_TPM2_DEVICE,
- ARG_TPM2_SEAL_KEY_HANDLE,
ARG_TPM2_DEVICE_KEY,
+ ARG_TPM2_SEAL_KEY_HANDLE,
ARG_TPM2_PCRS,
ARG_TPM2_PUBLIC_KEY,
ARG_TPM2_PUBLIC_KEY_PCRS,
ARG_TPM2_SIGNATURE,
- ARG_TPM2_PIN,
ARG_TPM2_PCRLOCK,
+ ARG_TPM2_WITH_PIN,
ARG_WIPE_SLOT,
ARG_FIDO2_WITH_PIN,
ARG_FIDO2_WITH_UP,
{ "fido2-with-user-presence", required_argument, NULL, ARG_FIDO2_WITH_UP },
{ "fido2-with-user-verification", required_argument, NULL, ARG_FIDO2_WITH_UV },
{ "tpm2-device", required_argument, NULL, ARG_TPM2_DEVICE },
- { "tpm2-seal-key-handle", required_argument, NULL, ARG_TPM2_SEAL_KEY_HANDLE },
{ "tpm2-device-key", required_argument, NULL, ARG_TPM2_DEVICE_KEY },
+ { "tpm2-seal-key-handle", required_argument, NULL, ARG_TPM2_SEAL_KEY_HANDLE },
{ "tpm2-pcrs", required_argument, NULL, ARG_TPM2_PCRS },
{ "tpm2-public-key", required_argument, NULL, ARG_TPM2_PUBLIC_KEY },
{ "tpm2-public-key-pcrs", required_argument, NULL, ARG_TPM2_PUBLIC_KEY_PCRS },
{ "tpm2-signature", required_argument, NULL, ARG_TPM2_SIGNATURE },
- { "tpm2-with-pin", required_argument, NULL, ARG_TPM2_PIN },
{ "tpm2-pcrlock", required_argument, NULL, ARG_TPM2_PCRLOCK },
+ { "tpm2-with-pin", required_argument, NULL, ARG_TPM2_WITH_PIN },
{ "wipe-slot", required_argument, NULL, ARG_WIPE_SLOT },
{}
};
break;
}
- case ARG_TPM2_SEAL_KEY_HANDLE:
- r = safe_atou32_full(optarg, 16, &arg_tpm2_seal_key_handle);
- if (r < 0)
- return log_error_errno(r, "Could not parse TPM2 seal key handle index '%s': %m", optarg);
-
- break;
-
case ARG_TPM2_DEVICE_KEY:
if (arg_enroll_type >= 0 || arg_tpm2_device_key)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
arg_enroll_type = ENROLL_TPM2;
break;
- case ARG_TPM2_PCRS:
- auto_hash_pcr_values = false;
- r = tpm2_parse_pcr_argument_append(optarg, &arg_tpm2_hash_pcr_values, &arg_tpm2_n_hash_pcr_values);
+ case ARG_TPM2_SEAL_KEY_HANDLE:
+ r = safe_atou32_full(optarg, 16, &arg_tpm2_seal_key_handle);
if (r < 0)
- return r;
+ return log_error_errno(r, "Could not parse TPM2 seal key handle index '%s': %m", optarg);
break;
- case ARG_TPM2_PIN:
- r = parse_boolean_argument("--tpm2-with-pin=", optarg, &arg_tpm2_pin);
+ case ARG_TPM2_PCRS:
+ auto_hash_pcr_values = false;
+ r = tpm2_parse_pcr_argument_append(optarg, &arg_tpm2_hash_pcr_values, &arg_tpm2_n_hash_pcr_values);
if (r < 0)
return r;
auto_pcrlock = false;
break;
+ case ARG_TPM2_WITH_PIN:
+ r = parse_boolean_argument("--tpm2-with-pin=", optarg, &arg_tpm2_pin);
+ if (r < 0)
+ return r;
+
+ break;
+
case ARG_WIPE_SLOT: {
const char *p = optarg;
projects / thirdparty / systemd.git / commitdiff
