--- /dev/null
+
+#
+# This is the configuration file for the trousers tcsd. (The Trusted Computing
+# Software Stack Core Services Daemon).
+#
+# Defaults are listed below, commented out
+#
+# Send questions to: trousers-users@lists.sourceforge.net
+#
+
+# Option: port
+# Values: 1 - 65535
+# Description: The port that the tcsd will listen on.
+#
+# port = 30003
+#
+
+# Option: num_threads
+# Values: 1 - 65535
+# Description: The number of threads that the tcsd will spawn internally.
+#
+# num_threads = 10
+#
+
+# Option: system_ps_file
+# Values: Any absolute directory path
+# Description: Path where the tcsd creates its persistent storage file.
+#
+# system_ps_file = /var/lib/tpm/system.data
+#
+
+# Option: firmware_log_file
+# Values: Any absolute directory path
+# Description: Path to the file containing the current firmware PCR event
+# log data. The interface to this log is usually provided by the TPM
+# device driver.
+#
+# firmware_log_file = /sys/kernel/security/tpm0/binary_bios_measurements
+#
+
+# Option: kernel_log_file
+# Values: Any absolute directory path
+# Description: Path to the file containing the current kernel PCR event
+# log data. By default, this data will be parsed in the format provided
+# by the Integrity Measurement Architecture LSM. See
+# http://sf.net/projects/linux-ima for more info on getting IMA.
+#
+#
+# kernel_log_file = /sys/kernel/security/ima/binary_runtime_measurements
+#
+
+# Option: firmware_pcrs
+# Values: PCR indices, separated by commas (no whitespace)
+# Description: A list of PCR indices that are manipulated only by the system
+# firmware and therefore are not extended or logged by the TCSD.
+#
+# firmware_pcrs =
+#
+
+# Option: kernel_pcrs
+# Values: PCR indices, separated by commas (no whitespace)
+# Description: A list of PCR indices that are manipulated only by the kernel
+# and therefore are not extended or logged by the TCSD.
+#
+# kernel_pcrs =
+#
+
+# Option: platform_cred
+# Values: Any absolute directory path (example: /path/to/platform.cert)
+# Description: Path to the file containing your TPM's platform credential.
+# The platform credential may have been provided to you by your TPM
+# manufacturer. If so, set platform_cred to the path to the file on disk.
+# Whenever a new TPM identity is created, the credential will be used. See
+# Tspi_TPM_CollateIdentityRequest(3) for more information.
+#
+# platform_cred =
+#
+
+# Option: conformance_cred
+# Values: Any absolute directory path (example: /path/to/conformance.cert)
+# Description: Path to the file containing your TPM's conformance credential.
+# The conformance credential may have been provided to you by your TPM
+# manufacturer. If so, set conformance_cred to the path to the file on disk.
+# Whenever a new TPM identity is created, the credential will be used. See
+# Tspi_TPM_CollateIdentityRequest(3) for more information.
+#
+# conformance_cred =
+#
+
+# Option: endorsement_cred
+# Values: Any absolute directory path (example: /path/to/endorsement.cert)
+# Description: Path to the file containing your TPM's endorsement credential.
+# The endorsement credential may have been provided to you by your TPM
+# manufacturer. If so, set endorsement_cred to the path to the file on disk.
+# Whenever a new TPM identity is created, the credential will be used. See
+# Tspi_TPM_CollateIdentityRequest(3) for more information.
+#
+# endorsement_cred =
+#
+
+# Option: remote_ops
+# Values: TCS operation names, separated by commas (no whitespace)
+# Description: A list of TCS commands which will be allowed to be executed
+# on this machine's TCSD by TSP's on non-local hosts (over the internet).
+# By default, access to all operations is denied.
+#
+# possible values: seal - encrypt data bound to PCR values
+# unseal - decrypt data bound to PCR values
+# registerkey - store keys in system persistent storage [Disk write access!]
+# unregisterkey - remove keys from system persistent storage [Disk write access!]
+# loadkey - load a key into the TPM
+# createkey - create a key using the TPM
+# sign - encrypt data using a private key
+# random - generate random numbers
+# getcapability - query the TCS/TPM for its capabilities
+# unbind - decrypt data
+# quote - request a signed blob containing all PCR values
+# readpubek - access the TPM's Public EndorsementKey
+# getregisteredkeybypublicinfo - Search system persistent storage for a public key
+# getpubkey - Retrieve a loaded key's public data from inside the TPM
+# selftest - execute selftest and test results ordinals
+#
+# remote_ops =
+#
+
+# Option: enforce_exclusive_transport
+# Values: 0 or 1
+# Description: When an application opens a transport session with the TPM, one
+# of the options available is an "exclusive" session, meaning that the TPM
+# will not execute any commands other than those coming through the transport
+# session for the lifetime of the session. The TCSD can choose to enforce this
+# option or not. By default, exclusive sessions are not enforced, since this
+# could allow for a denial of service to the TPM.
+#
+# enforce_exclusive_transport = 0
+#
+
+# Option: host_platform_class
+# Values: One of the TCG platform class specifications
+# PC_11 - PC Client System, version 1.1
+# PC_12 - PC Client System, version 1.2
+# PDA_12 - PDA System, version 1.2
+# SERVER_12 - Server System, version 1.2
+# MOBILE_12 - Mobile Phone System, version 1.2
+#
+# Description: This option determines the host platform (host the TCS system
+# is running on) class, among those specified by the Trusted Computing group
+# on https://www.trustedcomputinggroup.org/specs/. This class will be reported
+# by the TCS daemon when an application queries it using the
+# TSS_TCSCAP_PROP_HOST_PLATFORM sub-capability. The default is PC_12.
+#
+# host_platform_class = PC_12
+#
+
+# Option: all_platform_classes
+# Values: TCG Platform class names, separated by commas (no whitespaces)
+# PC_11 - PC Client System, version 1.1
+# PC_12 - PC Client System, version 1.2
+# PDA_12 - PDA System, version 1.2
+# SERVER_12 - Server System, version 1.2
+# MOBILE_12 - Mobile Phone System, version 1.2
+#
+# Description: This option determines all the platform classes supported by the
+# TCS daemon. This list must not include the value set as "host_platform_class"
+# specified above. Since by default TrouSerS supports all TPM 1.2 functionality,
+# the default is all 1.2 and 1.1 platform classes.
+#
+# all_platform_classes = PC_11,PDA_12,SERVER_12,MOBILE_12
+#
+
projects / config / bruni / etc.git / commitdiff