Provided by: tboot_1.8.3-0ubuntu1_i386 bug


       lcp_mlehash  -  generate a SHA-1 hash of a TXT MLE binary file suitable
       for use in a TXT launch control policy


       lcp_mlehash [-v] [-c cmdline] [-h] mle-file


       lcp_mlehash is used to generate a SHA-1  hash  of  the  portion  of  an
       executable   file  that  contains  the  IntelĀ®  TXT  measured  launched
       environment (MLE).  In the MLE binary file, the portion of the file  to
       be  used  as  the  MLE  is  specified  in the MLE header structure.  If
       verbose mode is not used, the output is suitable for use  as  the  mle-
       file to the lcp_crtpol and lcp_crtpolelt commands.


              File  name of the MLE binary.  If it is a gzip file then it will
              be un-ziped before hashing.

       -v     Verbose mode, display progress indications.

       -c cmdline
              Specify quote-delimited command line. It is important to specify
              the command line that is used when launching the MLE or the hash
              will not match what is calculated by SINIT.

       -h     Print out the help message.


       lcp_mlehash -c "logging=memory,serial,vga" /boot/tboot.gz > mle-hash


       lcp_readpol(8), lcp_writepol(8), lcp_crtpol(8), lcp_crtpolelt(8).