Reorganization of the authentication chapter.

1 files changed, 122 insertions, 65 deletions

diff --git a/doc/invoke-tpmtool.texi b/doc/invoke-tpmtool.texi
index 93ea0c6db4..98c267de1b 100644
--- a/doc/invoke-tpmtool.texi
+++ b/doc/invoke-tpmtool.texi
@@ -6,30 +6,23 @@
 # 
 # DO NOT EDIT THIS FILE   (invoke-tpmtool.texi)
 # 
-# It has been AutoGen-ed  December 12, 2012 at 07:06:11 PM by AutoGen 5.16
+# It has been AutoGen-ed  December 29, 2012 at 01:00:46 PM by AutoGen 5.12
 # From the definitions    ../src/tpmtool-args.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
 
-
 Program that allows handling cryptographic data from the TPM chip.
 
 This section was generated by @strong{AutoGen},
 using the @code{agtexi-cmd} template and the option descriptions for the @code{tpmtool} program.
-This software is released under the GNU General Public License, version 3 or later.
+
+This software is released under the GNU General Public License.
 
 
 @anchor{tpmtool usage}
-@subsubheading tpmtool help/usage (-h)
-@cindex tpmtool help
+@subsubheading tpmtool usage help (-?)
 
-This is the automatically generated usage text for tpmtool.
-The text printed is the same whether for the @code{help} option (-h) or the @code{more-help} option (-!).  @code{more-help} will print
-the usage text by passing it through a pager program.
-@code{more-help} is disabled on platforms without a working
-@code{fork(2)} function.  The @code{PAGER} environment variable is
-used to select the program, defaulting to @file{more}.  Both will exit
-with a status code of 0.
+This is the automatically generated usage text for tpmtool:
 
 @exampleindent 0
 @example
@@ -90,12 +83,24 @@ please send bug reports to:  bug-gnutls@@gnu.org
 @end example
 @exampleindent 4
 
+@anchor{tpmtool bits}
+@subsubheading bits option
+
+This is the ``specify the number of bits for key generate'' option.
+
+
 @anchor{tpmtool debug}
 @subsubheading debug option (-d)
 
 This is the ``enable debugging.'' option.
-This option takes an argument number.
 Specifies the debug level.
+
+@anchor{tpmtool delete}
+@subsubheading delete option
+
+This is the ``delete the key identified by the given url (uuid).'' option.
+
+
 @anchor{tpmtool generate-rsa}
 @subsubheading generate-rsa option
 
@@ -103,29 +108,105 @@ This is the ``generate an rsa private-public key pair'' option.
 Generates an RSA private-public key pair in the TPM chip. 
 The key may be stored in filesystem and protected by a PIN, or stored (registered)
 in the TPM chip flash.
-@anchor{tpmtool user}
-@subsubheading user option
 
-This is the ``any registered key will be a user key'' option.
+@anchor{tpmtool inder}
+@subsubheading inder option
+
+This is the ``use the der format for keys.'' option.
+The input files will be assumed to be in the portable
+DER format of TPM. The default format is a custom format used by various
+TPM tools
+
+@anchor{tpmtool infile}
+@subsubheading infile option
+
+This is the ``input file'' option.
+
+
+@anchor{tpmtool legacy}
+@subsubheading legacy option
+
+This is the ``any generated key will be a legacy key'' option.
 
-@noindent
 This option has some usage constraints.  It:
 @itemize @bullet
 @item
 must appear in combination with the following options:
-register.
+generate-rsa.
 @item
 must not appear in combination with any of the following options:
-system.
+signing.
 @end itemize
 
-The generated key will be stored in a user specific persistent storage.
+
+
+@anchor{tpmtool list}
+@subsubheading list option
+
+This is the ``lists all stored keys in the tpm'' option.
+
+
+@anchor{tpmtool outder}
+@subsubheading outder option
+
+This is the ``use der format for output keys'' option.
+The output will be in the TPM portable DER format.
+
+@anchor{tpmtool outfile}
+@subsubheading outfile option
+
+This is the ``output file'' option.
+
+
+@anchor{tpmtool pubkey}
+@subsubheading pubkey option
+
+This is the ``prints the public key of the provided key'' option.
+
+
+@anchor{tpmtool register}
+@subsubheading register option
+
+This is the ``any generated key will be registered in the tpm'' option.
+
+This option has some usage constraints.  It:
+@itemize @bullet
+@item
+must appear in combination with the following options:
+generate-rsa.
+@end itemize
+
+
+
+@anchor{tpmtool sec-param}
+@subsubheading sec-param option
+
+This is the ``specify the security level [low, legacy, normal, high, ultra].'' option.
+This is alternative to the bits option. Note however that the
+values allowed by the TPM chip are quantized and given values may be rounded up.
+
+@anchor{tpmtool signing}
+@subsubheading signing option
+
+This is the ``any generated key will be a signing key'' option.
+
+This option has some usage constraints.  It:
+@itemize @bullet
+@item
+must appear in combination with the following options:
+generate-rsa.
+@item
+must not appear in combination with any of the following options:
+legacy.
+@end itemize
+
+
+
 @anchor{tpmtool system}
 @subsubheading system option
 
 This is the ``any registred key will be a system key'' option.
 
-@noindent
 This option has some usage constraints.  It:
 @itemize @bullet
 @item
@@ -137,64 +218,40 @@ user.
 @end itemize
 
 The generated key will be stored in system persistent storage.
-@anchor{tpmtool sec-param}
-@subsubheading sec-param option
 
-This is the ``specify the security level [low, legacy, normal, high, ultra].'' option.
-This option takes an argument string @file{Security parameter}.
-This is alternative to the bits option. Note however that the
-values allowed by the TPM chip are quantized and given values may be rounded up.
-@anchor{tpmtool inder}
-@subsubheading inder option
+@anchor{tpmtool user}
+@subsubheading user option
 
-This is the ``use the der format for keys.'' option.
-The input files will be assumed to be in the portable
-DER format of TPM. The default format is a custom format used by various
-TPM tools
-@anchor{tpmtool outder}
-@subsubheading outder option
+This is the ``any registered key will be a user key'' option.
+
+This option has some usage constraints.  It:
+@itemize @bullet
+@item
+must appear in combination with the following options:
+register.
+@item
+must not appear in combination with any of the following options:
+system.
+@end itemize
+
+The generated key will be stored in a user specific persistent storage.
 
-This is the ``use der format for output keys'' option.
-The output will be in the TPM portable DER format.
 @anchor{tpmtool exit status}
 @subsubheading tpmtool exit status
 
 One of the following exit values will be returned:
 @table @samp
-@item 0 (EXIT_SUCCESS)
+@item 0
 Successful program execution.
-@item 1 (EXIT_FAILURE)
+@item 1
 The operation failed or the command syntax was not valid.
 @end table
+
+
 @anchor{tpmtool See Also}
 @subsubheading tpmtool See Also
-    p11tool (1), certtool (1)
+
 
 @anchor{tpmtool Examples}
 @subsubheading tpmtool Examples
-To generate a key that is to be stored in filesystem use:
-@example
-$ tpmtool --generate-rsa --bits 2048 --outfile tpmkey.pem
-@end example
-
-To generate a key that is to be stored in TPM's flash use:
-@example
-$ tpmtool --generate-rsa --bits 2048 --register --user
-@end example
-
-To get the public key of a TPM key use:
-@example
-$ tpmtool --pubkey tpmkey:uuid=58ad734b-bde6-45c7-89d8-756a55ad1891;storage=user \
-          --outfile pubkey.pem
-@end example
-
-or if the key is stored in the filesystem:
-@example
-$ tpmtool --pubkey tpmkey:file=tmpkey.pem --outfile pubkey.pem
-@end example
-
-To list all keys stored in TPM use:
-@example
-$ tpmtool --list
-@end example