From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 7 Feb 2014 13:44:19 +0000 (+0100)
Subject: conf: Document options of plugins in libpts
X-Git-Tag: 5.1.2rc1~7^2~5
X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=5ac757872b12e7197cce4ab159a964fb073b19b5

conf: Document options of plugins in libpts
---

diff --git a/conf/Makefile.am b/conf/Makefile.am
index 5c1932e..19fce81 100644
--- a/conf/Makefile.am
+++ b/conf/Makefile.am
@@ -8,6 +8,7 @@ optionstemplatedir = $(templatesdir)/strongswan.d
 pluginstemplatedir = $(templatesdir)/plugins
 
 options = \
+	options/attest.opt \
 	options/charon.opt \
 	options/charon-logging.opt \
 	options/imcv.opt \
@@ -37,9 +38,12 @@ plugins = \
 	plugins/error-notify.opt \
 	plugins/gcrypt.opt \
 	plugins/ha.opt \
+	plugins/imc-attestation.opt \
 	plugins/imc-os.opt \
 	plugins/imc-scanner.opt \
+	plugins/imc-swid.opt \
 	plugins/imc-test.opt \
+	plugins/imv-attestation.opt \
 	plugins/imv-os.opt \
 	plugins/imv-scanner.opt \
 	plugins/imv-test.opt \
diff --git a/conf/options/attest.opt b/conf/options/attest.opt
new file mode 100644
index 0000000..736eb9d
--- /dev/null
+++ b/conf/options/attest.opt
@@ -0,0 +1,5 @@
+attest.database =
+	Path to database with file measurement information.
+
+attest.load =
+	Plugins to load in ipsec attest tool.
diff --git a/conf/plugins/imc-attestation.opt b/conf/plugins/imc-attestation.opt
new file mode 100644
index 0000000..9c10805
--- /dev/null
+++ b/conf/plugins/imc-attestation.opt
@@ -0,0 +1,17 @@
+charon.plugins.imc-attestation.aik_blob =
+	AIK encrypted private key blob file.
+
+charon.plugins.imc-attestation.aik_cert =
+	AIK certificate file.
+
+charon.plugins.imc-attestation.aik_key =
+	AIK public key file.
+
+charon.plugins.imc-attestation.nonce_len = 20
+	DH nonce length.
+
+charon.plugins.imc-attestation.use_quote2 = yes
+	Use Quote2 AIK signature instead of Quote signature.
+
+charon.plugins.imc-attestation.pcr_info = yes
+	Whether to send pcr_before and pcr_after info.
\ No newline at end of file
diff --git a/conf/plugins/imc-swid.opt b/conf/plugins/imc-swid.opt
new file mode 100644
index 0000000..67f7c79
--- /dev/null
+++ b/conf/plugins/imc-swid.opt
@@ -0,0 +1,2 @@
+charon.plugins.imc-swid.swid_directory = ${prefix}/share
+	Directory where SWID tags are located.
diff --git a/conf/plugins/imv-attestation.opt b/conf/plugins/imv-attestation.opt
new file mode 100644
index 0000000..c0ae204
--- /dev/null
+++ b/conf/plugins/imv-attestation.opt
@@ -0,0 +1,29 @@
+charon.plugins.imv-attestation.cadir =
+	Path to directory with AIK cacerts.
+
+charon.plugins.imv-attestation.dh_group = ecp256
+	Preferred Diffie-Hellman group.
+
+charon.plugins.imv-attestation.hash_algorithm = sha256
+	Preferred measurement hash algorithm.
+
+charon.plugins.imv-attestation.min_nonce_len = 0
+	DH minimum nonce length.
+
+charon.plugins.imc-attestation.pcr17_after
+	Dummy data if the TBOOT log is not retrieved.
+
+charon.plugins.imc-attestation.pcr17_before
+	Dummy data if the TBOOT log is not retrieved.
+
+charon.plugins.imc-attestation.pcr17_meas
+	Dummy data if the TBOOT log is not retrieved.
+
+charon.plugins.imc-attestation.pcr18_after
+	Dummy data if the TBOOT log is not retrieved.
+
+charon.plugins.imc-attestation.pcr18_before
+	Dummy data if the TBOOT log is not retrieved.
+
+charon.plugins.imc-attestation.pcr18_meas
+	Dummy data if the TBOOT log is not retrieved.