update README

jerryrhyu · jerryrhyu · commit 5d662156aae7 · 2023-11-09T18:11:58.000Z
diff --git a/go-tdx/README.md b/go-tdx/README.md
@@ -1,5 +1,6 @@
 # Intel® Trust Authority Go TDX Adapter
-Go module for collecting TDX Quote from TDX enabled platform.
+Go module for collecting TDX Quote from MSFT Azure TDX enabled platform.
+This module is specifically built to work with Azure TDX stack only.
 
 ## Go Requirement
 
@@ -30,44 +31,6 @@ if err != nil {
 }
 ```
 
-### To generate RSA keypair
-
-```go
-km := &tdx.KeyMetadata{
-	KeyLength: 3072,
-}
-privateKeyPem, publicKeyPem, err := tdx.GenerateKeyPair(km)
-if err != nil {
-    fmt.Printf("Something bad happened: %s\n\n", err)
-    return err
-}
-```
-
-### To decrypt an encrypted blob
-
-```go
-em := &tdx.EncryptionMetadata{
-	PrivateKeyLocation: privateKeyPath,
-	HashAlgorithm:      "SHA256",
-}
-decryptedData, err := tdx.Decrypt(encryptedData, em)
-if err != nil {
-    fmt.Printf("Something bad happened: %s\n\n", err)
-    return err
-}
-```
-
-### To collect event log from TD
-Note that the TD should have exposed ACPI table for eventlog collection.
-
-```go
-evLogParser := tdx.NewEventLogParser()
-eventLog, err := evLogParser.GetEventLogs()
-if err != nil {
-    return err
-}
-```
-
 ## License
 
 This source is distributed under the BSD-style license found in the [LICENSE](../LICENSE)
diff --git a/tdx-cli/README.md b/tdx-cli/README.md
@@ -1,6 +1,12 @@
 # Intel® Trust Authority TDX CLI
 An easy-to-use command line interface for attesting TDX TEE(TD) with Intel Trust Authority. The CLI will be installed and run inside the TD.
 
+## TPM2 Tools
+Tpm2 tools is required to read the TDX report data from vTPM. Install tpm2-tools package, e.g., on Ubuntu:
+```sh
+sudo apt install tpm2-tools
+```
+
 ## Go Requirement
 
 Use <b>go1.19 or newer</b>. Follow https://go.dev/doc/install for installation of Go.
@@ -26,59 +32,34 @@ See the example test in `tdx-cli/token_test.go` for an example of a test.
 ### To get list of all the available commands
 
 ```sh
-trustauthority-cli --help
+./trustauthority-cli --help
 ```
 More info about a specific command can be found using
 ```sh
-trustauthority-cli <command> --help
-```
-
-### To create RSA keypair
-
-```sh
-trustauthority-cli create-key-pair --pub-path <public key file path>
+./trustauthority-cli <command> --help
 ```
 
 ### To get Intel Trust Authority signed token
 
 `token` command requires Intel Trust Authority configuration to be passed in json format
 ```json
 {
-    "trustauthority_api_url": "<trustauthority attestation api url>",
+    "trustauthority_api_url": "https://api.trustauthority.intel.com",
     "trustauthority_api_key": "<trustauthority attestation api key>"
 }
 ```
 Save this data in config.json file and invoke `token` command
 ```sh
-trustauthority-cli token --config config.json --user-data <base64 encoded userdata> --policy-ids <comma separated trustauthority attestation policy ids>
-```
-OR
-```sh
-trustauthority-cli token --config config.json --pub-path <public key file path> --policy-ids <comma separated trustauthority attestation policy ids>
+sudo ./trustauthority-cli token --config config.json --user-data <base64 encoded userdata>  --no-eventlog
 ```
 
-### To get TD quote with Nonce and UserData
-
-```sh
-trustauthority-cli quote --nonce <base64 encoded nonce> --user-data <base64 encoded userdata>
-```
-
-### To decrypt an encrypted blob
-
-```sh
-trustauthority-cli decrypt --key-path <private key file path> --in <base64 encoded encrypted blob>
-```
-OR
-```sh
-trustauthority-cli decrypt --key <base64 encoded private key> --in <base64 encoded encrypted blob>
-```
 
 ### To verify Intel Trust Authority signed token
 
 `verify` command requires Intel Trust Authority URL to be passed in json format
 ```json
 {
-    "trustauthority_url": "<trustauthority url>"
+    "trustauthority_url": "https://portal.trustauthority.intel.com"
 }
 ```
 Save this data in config.json file and invoke `verify` command
