On Thu, 2015-10-29 at 17:59 +0200, Jarkko Sakkinen wrote: > Documented 'hash=' option. No reason for a separate patch. Please squash this patch with the one that introduced the new option. Mimi > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > --- > Documentation/security/keys-trusted-encrypted.txt | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/Documentation/security/keys-trusted-encrypted.txt b/Documentation/security/keys-trusted-encrypted.txt > index e105ae9..fd2565b 100644 > --- a/Documentation/security/keys-trusted-encrypted.txt > +++ b/Documentation/security/keys-trusted-encrypted.txt > @@ -38,6 +38,9 @@ Usage: > pcrlock= pcr number to be extended to "lock" blob > migratable= 0|1 indicating permission to reseal to new PCR values, > default 1 (resealing allowed) > + hash= hash algorithm name as a string. For TPM 1.x the only > + allowed value is sha1. For TPM 2.x the allowed values > + are sha1, sha256, sha384, sha512 and sm3-256. > > "keyctl print" returns an ascii hex copy of the sealed key, which is in standard > TPM_STORED_DATA format. The key length for new keys are always in bytes. -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
