Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

lcp_crtpol(8) [centos man page]

LCP_CRTPOL(8)							   User Manuals 						     LCP_CRTPOL(8)

lcp_crtpol - create a TXT v1 Launch Control Policy SYNOPSIS
lcp_crtpol -t policy-type [-a hashalg] [-v version] [-sr SINIT-revocation-counter] [-s srtm-file] [-m mle-file] [-o policy-file] [-b pol- icy-data-file] [-pcf policy-control-field] [-h] DESCRIPTION
lcp_crtpol is used to create a TXT v1 LCP policy (and optionally policy data), which can later be written to the TPM. The policy created are for platforms produced before 2009 (Weybridge, Montevina, McCreary). OPTIONS
-t policy-type Policy type can be UINT8 or string. 5 strings are supported for the reserved LCP policy types. Strings and default policy type val- ues for each string are: 0 or "hashonly" 1 or "unsigned" 2 or "signed" 3 or "any" 4 or "forceowner" -a hashalg Hash algorithm. Currently we only support SHA-1 algorithm: 0 OR 'sha1'. -v version Version number. Currently it can be set to 0 or 1 if specified. The default value is 0. -sr SINIT-revocation-counter The default sinit revocation counter is 0. -s srtm-file File name of platform configuration data, as produced by lcp_crtpconf. -m mle-file File name of file containing the MLE hash values. This is a text file that contains one SHA-1 hash per line. The value of the hash must be hexadecimal values, specified either a single un-deliminated set or as space-delimited two-character (i.e. one byte) values. This can be produced by the lcp_mlehash command. -o policy-file File name to store the output policy. -b policy-data-file File name to store the LCP Policy data. -pcf policy-control-field The default policy control field value is 0. -h Print out the help message EXAMPLES
lcp_crtpol -t 0 -m mle-file -o policy-hashonly-file lcp_crtpol -t 1 -m mle-file -s pconf-file -b policy-data-file lcp_crtpol -t unsigned -a sha1 -m mle-file -s pconf-file -o policy-unsigned-file -b policy-data-file SEE ALSO
lcp_readpol(8), lcp_writepol(8), lcp_mlehash(8), lcp_crtpconf(8). tboot 2011-12-31 LCP_CRTPOL(8)

Check Out this Related Man Page

Mail::DKIM::Policy(3)					User Contributed Perl Documentation				     Mail::DKIM::Policy(3)

Mail::DKIM::Policy - abstract base class for originator "signing" policies SYNOPSIS
# get all policies that apply to a verified message foreach my $policy ($dkim->policies) { # the name of this policy my $name = $policy->name; # the location in DNS where this policy was found my $location = $policy->location; # apply this policy to the message being verified my $result = $policy->apply($dkim); } DESCRIPTION
Between the various versions of the DomainKeys/DKIM standards, several different forms of sender "signing" policies have been defined. In order for the Mail::DKIM library to support these different policies, it uses several different subclasses. All subclasses support this general interface, so that a program using Mail::DKIM can support any and all policies found for a message. METHODS
These methods are supported by all classes implementing the Mail::DKIM::Policy interface. apply() Apply the policy to the results of a DKIM verifier. my $result = $policy->apply($dkim_verifier); The caller must provide an instance of Mail::DKIM::Verifier, one which has already been fed the message being verified. Possible results are: accept The message is approved by the sender signing policy. reject The message is rejected by the sender signing policy. neutral The message is neither approved nor rejected by the sender signing policy. It can be considered suspicious. as_string() The policy as a string. Note that the string returned by this method will not necessarily have the tags ordered the same as the text record found in DNS. is_implied_default_policy() Is this policy implied? my $is_implied = $policy->is_implied_default_policy; If you fetch the policy for a particular domain, but that domain does not have a policy published, then the "default policy" is in effect. Use this method to detect when that happens. location() Where the policy was fetched from. This is generally a domain name, the domain name where the policy was published. If nothing is published for the domain, and the default policy was returned instead, the location will be "undef". name() Identify what type of policy this is. This currently returns strings like "sender", "author", and "ADSP". It is subject to change in the next version of Mail::DKIM. SEE ALSO
Mail::DKIM::DkPolicy - for RFC4870(historical) DomainKeys sender signing policies Mail::DKIM::DkimPolicy - for early draft DKIM sender signing policies Mail::DKIM::AuthorDomainPolicy - for Author Domain Signing Practices (ADSP) AUTHOR
Copyright (C) 2006-2009 by Messiah College This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. perl v5.18.2 2013-02-06 Mail::DKIM::Policy(3)
Man Page