% tss2_authorizepolicy(1) tpm2-tools | General Commands Manual % % APRIL 2019
tss2_authorizepolicy(1) -
tss2_authorizepolicy [OPTIONS]
tss2_authorizepolicy(1) - This command signs a given policy with a given key such that the policy can be referenced from other policies that contain a corresponding PolicyAuthorize elements. The signature is done using the TPM signing schemes as specified in the cryptographic profile (cf., fapi-profile(5)).
These are the available options:
-
-P, --policyPath=STRING: Path of the new policy.
A policyPath is composed of two elements, separated by "/". A policyPath starts with "/policy". The second path element identifies the policy or policy template using a meaningful name.
-
-p, --keyPath=STRING: Path of the signing key.
-
-r, --policyRef=FILENAME or - (for stdin): A byte buffer to be included in the signature. Optional parameter.
tss2_authorizepolicy --keyPath=HS/SRK/myPolicySignKey --policyPath=/policy/pcr-policy --policyRef=policyRef.file0 on success or 1 on failure.