stpm-verify(1)

verify - Verify data using the TPM chip

Section 1 simple-tpm-pk11 bookworm source

Description

stpm-verify

NAME

stpm-verify - Verify data using the TPM chip

SYNOPSIS

stpm-verify [ -hq ] -f data -s sig file -k <key file>

DESCRIPTION

stpm-verify verifies data signed by stpm-sign.

This program is mostly made for debugging, to make sure that the TPM is set up correctly and a valid key was generated.

OPTIONS

-h

Show usage info.

-f data file

File containing data to be verified.

-s sig file

File containing signature from stpm-sign.

-k key file

File containing the encrypted key blob.

EXAMPLES

dd if=/dev/urandom of=to-sign bs=1 count=35
stpm-sign -k ˜/.simple-tpm-pk11/my.key -f to-sign -r > to-sign.sig
stpm-verify -f to-sign -k ˜/.simple-tpm-pk11/my.key -s to-sign.sig

DIAGNOSTICS

Most errors will probably be related to interacting with the TPM chip. Resetting the TPM chip and taking ownership should take care of most of them. See the TPM-TROUBLESHOOTING section of simple-tpm-pk11(7).

SEE ALSO

simple-tpm-pk11(7), stpm-keygen(1), stpm-sign(1).

AUTHOR

Simple-TPM-PK11 was written By Thomas Habets <habets@google.com> / <thomas@habets.se>.

git clone https://github.com/ThomasHabets/simple-tpm-pk11.git

See Also

  • pk11(7)
  • keygen(1)
  • sign(1)