Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix typos and text formatting in readmes #265

Merged
merged 1 commit into from
Nov 28, 2023
Merged

Fix typos and text formatting in readmes #265

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 17 additions & 11 deletions docs/cse.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,8 @@ GCC version > 7.5
Curl version 8.4.0

Following steps will replace the existing versions of OpenSSL and Curl from the system. If you want to keep the existing versions then use [Installation-Script](../utils/install_openssl_curl.sh) script to install Openssl and Curl at a different location.
> ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script
> OPENSSL_ROOT=/opt/openssl
> ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script
> OPENSSL_ROOT=/opt/openssl
> CURL_ROOT=/opt/curl
>
**Script usage command**
Expand Down Expand Up @@ -145,8 +145,8 @@ Issue the following command from the terminal:
curl 8.4.0 (x86_64-pc-linux-gnu) libcurl/8.4.0 OpenSSL/3.0.12 zlib/1.2.11
```
Alternatively, execute [Installation-Script](../utils/install_openssl_curl.sh) which can be used for both installation and uninstallation of OpenSSL and Curl.
> ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl to /opt/ by default. To provide different path, modify these variables in the script
> OPENSSL_ROOT=/opt/openssl
> ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl to /opt/ by default. To provide different path, modify these variables in the script
> OPENSSL_ROOT=/opt/openssl
> CURL_ROOT=/opt/curl

**Script usage command**
Expand Down Expand Up @@ -219,12 +219,12 @@ make pristine
cmake -DDA=cse_ecdsa384 .
make -j$(nproc)
```
> ***NOTE***: To run with mTLS connection,
> ***NOTE***: To run with mTLS connection,
> 1. Compile the code with `-DMTLS=true` flag.
> 2. If signing with external CA, copy CA cert and CA key to `data` folder.
> 3. Execute `bash utlils/user_csr_req.sh .`
> 3. Execute `bash utils/user_csr_req.sh .`
> This will generate client CSR and private key.
>
>
Refer to the section [FDO Build configurations](build_conf.md) for more build options.

<a name="run_linux_fdo"></a>
Expand Down Expand Up @@ -254,10 +254,16 @@ After a successful compilation, the Intel<sup>&reg;</sup> CSE enabled FDO Client
```shell
sudo ./build/linux-client
```
> ***NOTE***: Usage: `linux-client -ip <http|https>://<mfg addr>:<port>`
if -ip not specified, manufacturer_addr.bin will be used
`-ss`: specify if backend servers are using self-signed certificates
`-r`: enable resale

> ***NOTE***: Usage:
>
> ```
>./build/linux-client -ip <http|https>://<mfg addr>:<port>
>if -ip not specified, manufacturer_addr.bin will be used
>-ss: specify if backend servers are using self-signed certificates
>-r: enable resale
>```
>
> ***NOTE***: To do the DI again we need to clear the Device status from CSE storage.
> To clear the storage, compile the code with "-DCSE_CLEAR=true" flag and then execute the following command
```shell
Expand Down
28 changes: 16 additions & 12 deletions docs/linux.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,8 @@ GCC version > 7.5
Curl version 8.4.0

Following steps will replace the existing versions of OpenSSL and Curl from the system. If you want to keep the existing versions then use [Installation-Script](../utils/install_openssl_curl.sh) script to install Openssl and Curl at a different location.
> ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script
> OPENSSL_ROOT=/opt/openssl
> ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script
> OPENSSL_ROOT=/opt/openssl
> CURL_ROOT=/opt/curl
>
**Script usage command**
Expand All @@ -54,7 +54,7 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
```
sudo yum remove libcurl-devel openssl-devel
```

#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.12

1. Pull the tarball:
Expand All @@ -69,7 +69,7 @@ Following steps will replace the existing versions of OpenSSL and Curl from the
```
./config --libdir=/usr/local/lib
```

4. Issue the command:
```
make
Expand Down Expand Up @@ -191,15 +191,15 @@ cmake .
make
bash utils/keys_gen.sh .
```
> ***NOTE***: [Keys_Gen](../utils/keys_gen.sh) script will use OpenSSL from `/opt/` by default. To provide a different path, use `which openssl` command to get the exact path of OpenSSL and modify this variable in the script
> ***NOTE***: [Keys_Gen](../utils/keys_gen.sh) script will use OpenSSL from `/opt/` by default. To provide a different path, use `which openssl` command to get the exact path of OpenSSL and modify this variable in the script
> OPENSSL3_BIN=/opt/openssl/bin (can be /usr/bin or /usr/local/bin)
>
> ***NOTE***: To run with mTLS connection,
> ***NOTE***: To run with mTLS connection,
> 1. Compile the code with `-DMTLS=true` flag.
> 2. If signing with external CA, copy CA cert and CA key to `data` folder.
> 3. Execute `bash utlils/user_csr_req.sh .`
> 3. Execute `bash utils/user_csr_req.sh .`
> This will generate client CSR and private key.
>
>
Several other options to choose when building the device are, but not limited to, the following: device-attestation (DA) methods, Advanced Encryption Standard (AES) encryption modes (AES_MODE), and underlying cryptography library to use (TLS).
Refer to the section. [FDO Build configurations](build_conf.md)

Expand Down Expand Up @@ -231,7 +231,11 @@ After a successful compilation, the FDO Client SDK Linux device executable can b
./build/linux-client
```

> ***NOTE***: Usage: `linux-client -ip <http|https>://<mfg addr>:<port>`
if -ip not specified, manufacturer_addr.bin will be used
`-ss`: specify if backend servers are using self-signed certificates
`-r`: enable resale
> ***NOTE***: Usage:
>
> ```
>./build/linux-client -ip <http|https>://<mfg addr>:<port>
>if -ip not specified, manufacturer_addr.bin will be used
>-ss: specify if backend servers are using self-signed certificates
>-r: enable resale
>```
32 changes: 18 additions & 14 deletions docs/tpm.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,10 @@ Curl version 8.4.0
#### Steps to Upgrade the OpenSSL* Toolkit to Version 3.0.12

Following steps will replace the existing versions of OpenSSL and Curl from the system. If you want to keep the existing versions then use [Installation-Script](../utils/install_openssl_curl.sh) script to install Openssl and Curl at a different location.
> ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script
> OPENSSL_ROOT=/opt/openssl
> ***NOTE***: [Installation-Script](../utils/install_openssl_curl.sh) will install OpenSSL and Curl at /opt/ by default. To provide different path, modify these variables in the script
> OPENSSL_ROOT=/opt/openssl
> CURL_ROOT=/opt/curl
>
>
**Script usage command**

* Command to install OpenSSL and Curl
Expand Down Expand Up @@ -194,8 +194,8 @@ CURL_INCLUDE=/opt/curl/include (can be /usr/include or /usr/local/include)
OPENSSL3_LIB=/opt/openssl/lib64 (can be /usr/lib or /usr/local/lib or /usr/lib/x86_64-linux-gnu)
CURL_LIB=/opt/curl/lib (can be /usr/lib or /usr/local/lib or /usr/lib/x86_64-linux-gnu)
* **On RHEL\* OS version 8.4 or 8.6:**
> ***NOTE***: Use [TPM-Library-Installation-Script-RHEL](../utils/install_tpm_libs_rhel.sh) for RHEL 8.4 or 8.6.
> Before executing [TPM-Library-Installation-Script-RHEL](../utils/install_tpm_libs_rhel.sh), make sure OpenSSL v3 and Curl is installed on the system (at /usr/local/ path). Use steps in section 1 to install OpenSSL and Curl on the system.
> ***NOTE***: Use [TPM-Library-Installation-Script-RHEL](../utils/install_tpm_libs_rhel.sh) for RHEL 8.4 or 8.6.
> Before executing [TPM-Library-Installation-Script-RHEL](../utils/install_tpm_libs_rhel.sh), make sure OpenSSL v3 and Curl is installed on the system (at /usr/local/ path). Use steps in section 1 to install OpenSSL and Curl on the system.
```shell
sudo ./install_tpm_libs_rhel.sh -h
```
Expand Down Expand Up @@ -328,12 +328,12 @@ make pristine
cmake -DDA=tpm20_ecdsa256 -DTPM2_TCTI_TYPE=tpmrm0 .
make -j$(nproc)
```
> ***NOTE***: To run with mTLS connection,
> ***NOTE***: To run with mTLS connection,
> 1. Compile the code with `-DMTLS=true` flag.
> 2. If signing with external CA, copy CA cert and CA key to `data` folder.
> 3. Execute `bash utlils/user_csr_req.sh .`
> 3. Execute `bash utils/user_csr_req.sh .`
> This will generate client CSR and private key.
>
>
Several other options to choose when building the device are, but not limited to, the following: device-attestation (DA) methods, Advanced Encryption Standard (AES) encryption modes (AES_MODE), and underlying cryptography library to use (TLS).
Refer to the section [FDO Build configurations](build_conf.md)

Expand Down Expand Up @@ -361,7 +361,7 @@ After a successful compilation, the FDO Client SDK Linux device executable can b
```
> ***NOTE 1***: [TPM Make Ready](../utils/tpm_make_ready_ecdsa.sh) script will use OpenSSL from `/opt/` by default. To provide a different path, use `which openssl` command to get the exact path of OpenSSL and modify this variable in the script
> OPENSSL3_BIN=/opt/openssl/bin (can be /usr/bin or /usr/local/bin)
>
>
> ***NOTE 2***: Some platforms do not have the support for ECDSA 384 in TPM. [TPM Make Ready](../utils/tpm_make_ready_ecdsa.sh) script with option "-e 384" will fail in those platforms. Please use ECDSA 256 in that case.
>
- Once the TPM* make ready script is executed successfully, the device is now initialized with the credentials and is ready for ownership transfer. To run the device against the FDO PRI Manufacturer for the DI protocol, do the following:
Expand All @@ -376,13 +376,17 @@ After a successful compilation, the FDO Client SDK Linux device executable can b
```shell
./build/linux-client
```
> ***NOTE***: linux-client may require elevated privileges. Please use 'sudo' to execute.
> ***NOTE***: Usage: `linux-client -ip <http|https>://<mfg addr>:<port>`
if -ip not specified, manufacturer_addr.bin will be used
`-ss`: specify if backend servers are using self-signed certificates
`-r`: enable resale

> ***NOTE***: Usage:
>
> ```
>./build/linux-client -ip <http|https>://<mfg addr>:<port>
>if -ip not specified, manufacturer_addr.bin will be used
>-ss: specify if backend servers are using self-signed certificates
>-r: enable resale
>```

> ***NOTE***: linux-client may require elevated privileges. Please use 'sudo' to execute.

### 7.1 Prepare FDO Client SDK Data Folder

Expand Down