summaryrefslogtreecommitdiff
path: root/src/libpts/plugins/imv_attestation/attest_usage.c
blob: 8f4afdbade9346d0e17b78ee4c36e3e7adc598d2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
/*
 * Copyright (C) 2011-2014 Andreas Steffen
 * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include <stdio.h>

#include "attest_usage.h"

/**
 * print attest usage info
 */
void usage(void)
{
	printf("\
Usage:\n\
  ipsec attest --components|--devices|--sessions|--files|--hashes|--keys [options]\n\
  \n\
  ipsec attest --measurements|--packages|--products|--add|--del [options]\n\
  \n\
  ipsec attest --components [--key <digest>|--kid <id>]\n\
    Show a list of components with an AIK digest or\n\
    its primary key as an optional selector.\n\
  \n\
  ipsec attest --devices [--utc]\n\
    Show a list of registered devices and associated collected information\n\
  \n\
  ipsec attest --sessions [--utc]\n\
    Show a chronologically sorted list of all TNC sessions\n\
  \n\
  ipsec attest --files [--product <name>|--pid <id>]\n\
    Show a list of files with a software product name or\n\
    its primary key as an optional selector.\n\
  \n\
  ipsec attest --hashes [--sha1|--sha256|--sha384] [--product <name>|--pid <id>]\n\
    Show a list of measurement hashes for a given software product or\n\
    its primary key as an optional selector.\n\
  \n\
  ipsec attest --hashes [--sha1|--sha1-ima|--sha256|--sha384] [--file <path>|--fid <id>]\n\
    Show a list of measurement hashes for a given file or\n\
    its primary key as an optional selector.\n\
  \n\
  ipsec attest --keys [--components <cfn>|--cid <id>]\n\
    Show a list of AIK key digests with a component or\n\
    its primary key as an optional selector.\n\
  \n\
  ipsec attest --measurements --sha1|--sha256|--sha384 [--component <cfn>|--cid <id>]\n\
    Show a list of component measurements for a given component or\n\
    its primary key as an optional selector.\n\
  \n\
  ipsec attest --measurements --sha1|--sha256|--sha384 [--key <digest>|--kid <id>|--aik <path>]\n\
    Show a list of component measurements for a given AIK or\n\
    its primary key as an optional selector.\n\
  \n\
  ipsec attest --packages [--product <name>|--pid <id>] [--utc]\n\
    Show a list of software packages for a given product or\n\
    its primary key as an optional selector.\n\
  \n\
  ipsec attest --products [--file <path>|--fid <id>]\n\
    Show a list of supported software products with a file path or\n\
    its primary key as an optional selector.\n\
  \n\
  ipsec attest --add --file <path>|--dir <path>|--product <name>|--component <cfn>\n\
    Add a file, directory, product or component entry\n\
    Component <cfn> entries must be of the form <vendor_id>/<name>-<qualifier>\n\
  \n\
  ipsec attest --add [--owner <name>] --key <digest>|--aik <path>\n\
    Add an AIK public key digest entry preceded by an optional owner name\n\
  \n\
  ipsec attest --add --product <name>|--pid <id> --sha1|--sha1-ima|--sha256|--sha384\n\
              [--relative|--rel] --dir <path>|--file <path>\n\
    Add hashes of a single file or all files in a directory under absolute or relative filenames\n\
  \n\
  ipsec attest --add --key <digest|--kid <id> --component <cfn>|--cid <id> --sequence <no>|--seq <no>\n\
    Add an ordered key/component entry\n\
  \n\
  ipsec attest --add --package <name> --version <string> [--security|--blacklist]\n\
              [--product <name>|--pid <id>]\n\
    Add a package version for a given product optionally with security or blacklist flag\n\
  \n\
  ipsec attest --del --file <path>|--fid <id>|--dir <path>|--did <id>\n\
    Delete a file or directory entry referenced either by value or primary key\n\
  \n\
  ipsec attest --del --product <name>|--pid <id>|--component <cfn>|--cid <id>\n\
    Delete a product or component entry referenced either by value or primary key\n\
  \n\
  ipsec attest --del --product <name>|--pid <id> --file <path>|--fid <id>|--dir <path>|--did <id>\n\
    Delete a product/file entry referenced either by value or primary key\n\
  \n\
  ipsec attest --del --key <digest>|--kid <id>|--aik <path>\n\
    Delete an AIK entry referenced either by value or primary key\n\
  \n\
  ipsec attest --del --key <digest|--kid <id> --component <cfn>|--cid <id>\n\
    Delete a key/component entry\n\
  \n\
  ipsec attest --del --product <name>|--pid <id> --sha1|--sha1-ima|--sha256|--sha384\n\
               [--dir <path>|--did <id>] --file <path>|--fid <id>\n\
    Delete a file hash given an absolute or relative filename\n\
  \n");
}