[PATCH 2/5] docs: clarify `keyctl ... trusted` commands

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH 2/5] docs: clarify `keyctl ... trusted` commands
@ 2018-09-27 13:14 Ben Boeckel
  0 siblings, 0 replies; only message in thread
From: Ben Boeckel @ 2018-09-27 13:14 UTC (permalink / raw)
  To: keyrings

Values to be provided by the user are wrapped in `<>` to indicate such.
Hex values also do not have a literal leading `0x` on them.

Signed-off-by: Ben Boeckel <mathstuf@gmail.com>
---
 .../security/keys/trusted-encrypted.rst       | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst
index 3bb24e09a332..5f3f1f4038e5 100644
--- a/Documentation/security/keys/trusted-encrypted.rst
+++ b/Documentation/security/keys/trusted-encrypted.rst
@@ -24,19 +24,19 @@ trouser's utility: "tpm_takeownership -u -z".
 
 Usage::
 
-    keyctl add trusted name "new keylen [options]" ring
-    keyctl add trusted name "load hex_blob [pcrlock=pcrnum]" ring
+    keyctl add trusted name "new <keylen> [options]" ring
+    keyctl add trusted name "load <hex_blob> [pcrlock=pcrnum]" ring
     keyctl update key "update [options]"
     keyctl print keyid
 
     options:
-       keyhandle=    ascii hex value of sealing key default 0x40000000 (SRK)
-       keyauth=	     ascii hex auth for sealing key default 0x00...i
+       keyhandle=    ascii hex value of sealing key; default 40000000 (SRK)
+       keyauth=      ascii hex auth for sealing key; default 00...
                      (40 ascii zeros)
-       blobauth=     ascii hex auth for sealed data default 0x00...
+       blobauth=     ascii hex auth for sealed data; default 00...
                      (40 ascii zeros)
-       pcrinfo=	     ascii hex of PCR_INFO or PCR_INFO_LONG (no default)
-       pcrlock=	     pcr number to be extended to "lock" blob
+       pcrinfo=      ascii hex of PCR_INFO or PCR_INFO_LONG (no default)
+       pcrlock=      pcr number to be extended to "lock" blob
        migratable=   0|1 indicating permission to reseal to new PCR values,
                      default 1 (resealing allowed)
        hash=         hash algorithm name as a string. For TPM 1.x the only
@@ -69,10 +69,10 @@ application specific, which is identified by 'format'.
 
 Usage::
 
-    keyctl add encrypted name "new [format] key-type:master-key-name keylen"
+    keyctl add encrypted name "new [format] <key-type>:<master-key-name> <keylen>"
         ring
-    keyctl add encrypted name "load hex_blob" ring
-    keyctl update keyid "update key-type:master-key-name"
+    keyctl add encrypted name "load <hex_blob>" ring
+    keyctl update keyid "update <key-type>:<master-key-name>"
 
 Where::
 
-- 
2.17.1

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2018-09-27 13:14 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-09-27 13:14 [PATCH 2/5] docs: clarify `keyctl ... trusted` commands Ben Boeckel

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.