% tpm2_pcrevent(1) tpm2-tools | General Commands Manual
tpm2_pcrevent(1) - Hashes a file and optionally extends a pcr.
tpm2_pcrevent [OPTIONS] FILE PCR_INDEX
tpm2_pcrevent(1) - Hashes FILE if specified or stdin. It uses all of the hashing algorithms that the TPM supports.
Optionally, if a PCR index is specified, it extends that PCR for all supported algorithms with the hash digest. FILE and _PCR_INDEX_ arguments don't need to come in any particular order.
In either case, it outputs to stdout the hash algorithm used and the digest value, one per line:
alg:digest
Where alg is the algorithm used (like sha1) and digest is the digest resulting from the hash computation of alg on the data.
See sections 23.1 and sections 17 of the TPM2.0 Specification
These options control extending the pcr:
-
-P, --auth=AUTH:
Specifies the authorization value for PCR.
-
--cphash=FILE
File path to record the hash of the command parameters. This is commonly termed as cpHash. NOTE: When this option is selected, The tool will not actually execute the command, it simply returns a cpHash.
echo "foo" > data
tpm2_pcrevent dataecho "foo" > data
tpm2_pcrevent 8 data