1tpm2_loadexternal(1) General Commands Manual tpm2_loadexternal(1)
2
6 tpm2_loadexternal(1) - Load an external object into the TPM.
7
9 tpm2_loadexternal [OPTIONS]
10
12 tpm2_loadexternal(1) - This command loads an external object into the
13 TPM, forgoing TPM protections. Ie, the key material is not protected
14 by the parent object's seed. The command allows loading of just the
15 public portion of an object or both the public and private portions of
16 an object.
17 The tool outputs the name of the loaded object in a YAML dictionary
19 format with the key name where the value for that key is the name of
20 the object in hex format, for example:
21 name: 000bac25cb8743111c8e1f52f2ee7279d05d3902a18dd1af694db5d1afa7adf1c8b3
23 It also saves a context file for future interactions with the object.
25
27 · -C, --hierarchy=OBJECT:
28 Hierarchy to use for the ticket, optional. Defaults to n, null.
29 Supported options are:
30 · o for the owner hierarchy.
32 · p for the platform hierarchy.
34 · e for the endorsement hierarchy.
36 · n for the null hierarchy.
38 · -G, --key-algorithm=ALGORITHM:
40 The algorithm used by the key to be imported. Supports:
41 · aes - AES 128,192 or 256 key.
43 · rsa - RSA 1024 or 2048 key.
45 · ecc - ECC NIST P192, P224, P256, P384 or P521 public and private
47 key.
48 · -u, --public=FILE:
50 The public portion of the object, this can be one of the following
51 file formats:
52 · TSS - The TSS/TPM format. For example from option -u of command
54 tpm2_create(1).
55 · RSA - OSSL PEM formats. For example public.pem from the command
57 openssl rsa -in private.pem -out public.pem -pubout
58 · ECC - OSSL PEM formats. For example public.pem from the command
60 openssl ec -in private.ecc.pem -out public.ecc.pem -pubout
61 · -r, --private=FILE:
63 The sensitive portion of the object, optional. If one wishes to use
64 the private portion of a key, this must be specified. Like option
65 -u, this command takes files in the following format:
66 · RSA - OSSL PEM formats. For example private.pem from the command
68 openssl genrsa -out private.pem 2048 Since an RSA public key can be
69 derived from the private PEM file, their is no need to specify -u
70 for the public portion.
71 Note: The private portion does not respect TSS formats as it's impos‐
73 sible to get a TPM2B_SENSITIVE output from a previous command.
74 · -p, --auth=AUTH:
76 The authorization value for the key, optional.
78 · -L, --policy=POLICY_FILE:
80 The input policy file, optional. A file containing the hash of a
82 policy derived from tpm2_createpolicy.
83 · -g, --hash-algorithm=ALGORITHM:
85 The hash algorithm for generating the objects name. This is optional
87 and defaults to sha256 when not specified. However, load external
88 supports having a null name algorithm. In this case, no cryptograph‐
89 ic binding checks between the public and private portions are per‐
90 formed.
91 · -a, --attributes=ATTRIBUTES:
93 The object attributes, optional. The default for created objects is:
95 TPMA_OBJECT_SIGN_ENCRYPT|TPMA_OBJECT_DECRYPT. Optionally, if -p is
96 specified or no -p or -L is specified then TPMA_OBJECT_USERWITHAUTH
97 is added to the default attribute set.
98 Note: If specifying attributes, the TPM will reject certain at‐
100 tributes like TPMA_OBJECT_FIXEDTPM, as those guarantees cannot be
101 made.
102 · -c, --key-context=FILE
104 The file name to save the object context, required.
106 · -n, --name=FILE:
108 An optional file to save the object name, which is in a binary hash
110 format. The size of the hash is based on name algorithm or the -g
111 option.
112 · --passin=OSSL_PEM_FILE_PASSWORD
114 An optional password for an Open SSL (OSSL) provided input file. It
116 mirrors the -passin option of OSSL and is known to support the pass,
117 file, env, fd and plain password formats of openssl. (see man(1)
118 openssl) for more.
119 References
122 The type of a context object, whether it is a handle or file name, is
123 determined according to the following logic in-order:
124 · If the argument is a file path, then the file is loaded as a restored
126 TPM transient object.
127 · If the argument is a prefix match on one of:
129 · owner: the owner hierarchy
131 · platform: the platform hierarchy
133 · endorsement: the endorsement hierarchy
135 · lockout: the lockout control persistent object
137 · If the argument argument can be loaded as a number it will be treat
139 as a handle, e.g. 0x81010013 and used directly.OBJECT.
140
142 Authorization for use of an object in TPM2.0 can come in 3 different
143 forms: 1. Password 2. HMAC 3. Sessions
144 NOTE: "Authorizations default to the EMPTY PASSWORD when not speci‐
146 fied".
147 Passwords
149 Passwords are interpreted in the following forms below using prefix
150 identifiers.
151 Note: By default passwords are assumed to be in the string form when
153 they do not have a prefix.
154 String
156 A string password, specified by prefix "str:" or it's absence (raw
157 string without prefix) is not interpreted, and is directly used for au‐
158 thorization.
159 Examples
161 foobar
162 str:foobar
163 Hex-string
165 A hex-string password, specified by prefix "hex:" is converted from a
166 hexidecimal form into a byte array form, thus allowing passwords with
167 non-printable and/or terminal un-friendly characters.
168 Example
170 hex:0x1122334455667788
171 File
173 A file based password, specified be prefix "file:" should be the path
174 of a file containing the password to be read by the tool or a "-" to
175 use stdin. Storing passwords in files prevents information leakage,
176 passwords passed as options can be read from the process list or common
177 shell history features.
178 Examples
180 # to use stdin and be prompted
181 file:-
182 # to use a file from a path
184 file:path/to/password/file
185 # to echo a password via stdin:
187 echo foobar | tpm2_tool -p file:-
188 # to use a bash here-string via stdin:
190 tpm2_tool -p file:- <<< foobar
192 Sessions
194 When using a policy session to authorize the use of an object, prefix
195 the option argument with the session keyword. Then indicate a path to
196 a session file that was created with tpm2_startauthsession(1). Option‐
197 ally, if the session requires an auth value to be sent with the session
198 handle (eg policy password), then append a + and a string as described
199 in the Passwords section.
200 Examples
202 To use a session context file called session.ctx.
203 session:session.ctx
205 To use a session context file called session.ctx AND send the authvalue
207 mypassword.
208 session:session.ctx+mypassword
210 To use a session context file called session.ctx AND send the HEX auth‐
212 value 0x11223344.
213 session:session.ctx+hex:11223344
215 PCR Authorizations
217 You can satisfy a PCR policy using the "pcr:" prefix and the PCR mini‐
218 language. The PCR minilanguage is as follows:
219 <pcr-spec>=<raw-pcr-file>
220 The PCR spec is documented in in the section "PCR bank specifiers".
222 The raw-pcr-file is an optional the output of the raw PCR contents as
224 returned by tpm2_pcrread(1).
225 PCR bank specifiers (common/pcr.md)
227 Examples
229 To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
230 er of:
231 pcr:sha256:0,1,2,3
233 specifying AUTH.
235
237 Options that take algorithms support "nice-names".
238 There are two major algorithm specification string classes, simple and
240 complex. Only certain algorithms will be accepted by the TPM, based on
241 usage and conditions.
242 Simple specifiers
244 These are strings with no additional specification data. When creating
245 objects, non-specified portions of an object are assumed to defaults.
246 You can find the list of known "Simple Specifiers Below".
247 Asymmetric
249 · rsa
250 · ecc
252 Symmetric
254 · aes
255 · camellia
257 Hashing Algorithms
259 · sha1
260 · sha256
262 · sha384
264 · sha512
266 · sm3_256
268 · sha3_256
270 · sha3_384
272 · sha3_512
274 Keyed Hash
276 · hmac
277 · xor
279 Signing Schemes
281 · rsassa
282 · rsapss
284 · ecdsa
286 · ecdaa
288 · ecschnorr
290 Asymmetric Encryption Schemes
292 · oaep
293 · rsaes
295 · ecdh
297 Modes
299 · ctr
300 · ofb
302 · cbc
304 · cfb
306 · ecb
308 Misc
310 · null
311 Complex Specifiers
313 Objects, when specified for creation by the TPM, have numerous algo‐
314 rithms to populate in the public data. Things like type, scheme and
315 asymmetric details, key size, etc. Below is the general format for
316 specifying this data: <type>:<scheme>:<symmetric-details>
317 Type Specifiers
319 This portion of the complex algorithm specifier is required. The re‐
320 maining scheme and symmetric details will default based on the type
321 specified and the type of the object being created.
322 · aes - Default AES: aes128
324 · aes128<mode> - 128 bit AES with optional mode (ctr|ofb|cbc|cfb|ecb).
326 If mode is not specified, defaults to null.
327 · aes192<mode> - Same as aes128<mode>, except for a 192 bit key size.
329 · aes256<mode> - Same as aes128<mode>, except for a 256 bit key size.
331 · ecc - Elliptical Curve, defaults to ecc256.
333 · ecc192 - 192 bit ECC
335 · ecc224 - 224 bit ECC
337 · ecc256 - 256 bit ECC
339 · ecc384 - 384 bit ECC
341 · ecc521 - 521 bit ECC
343 · rsa - Default RSA: rsa2048
345 · rsa1024 - RSA with 1024 bit keysize.
347 · rsa2048 - RSA with 2048 bit keysize.
349 · rsa4096 - RSA with 4096 bit keysize.
351 Scheme Specifiers
353 Next, is an optional field, it can be skipped.
354 Schemes are usually Signing Schemes or Asymmetric Encryption Schemes.
356 Most signing schemes take a hash algorithm directly following the sign‐
357 ing scheme. If the hash algorithm is missing, it defaults to sha256.
358 Some take no arguments, and some take multiple arguments.
359 Hash Optional Scheme Specifiers
361 These scheme specifiers are followed by a dash and a valid hash algo‐
362 rithm, For example: oaep-sha256.
363 · oaep
365 · ecdh
367 · rsassa
369 · rsapss
371 · ecdsa
373 · ecschnorr
375 Multiple Option Scheme Specifiers
377 This scheme specifier is followed by a count (max size UINT16) then
378 folloed by a dash(-) and a valid hash algorithm. * ecdaa For example,
379 ecdaa4-sha256. If no count is specified, it defaults to 4.
380 No Option Scheme Specifiers
382 This scheme specifier takes NO arguments. * rsaes
383 Symmetric Details Specifiers
385 This field is optional, and defaults based on the type of object being
386 created and it's attributes. Generally, any valid Symmetric specifier
387 from the Type Specifiers list should work. If not specified, an asym‐
388 metric objects symmetric details defaults to aes128cfb.
389 Examples
391 Create an rsa2048 key with an rsaes asymmetric encryption scheme
392 tpm2_create -C parent.ctx -G rsa2048:rsaes -u key.pub -r key.priv
393 Create an ecc256 key with an ecdaa signing scheme with a count of 4
395 and sha384 hash
396 /tpm2_create -C parent.ctx -G ecc256:ec‐
398 daa4-sha384 -u key.pub -r key.priv cryptographic algorithms ALGORITHM.
399
401 Object Attributes are used to control various properties of created ob‐
402 jects. When specified as an option, either the raw bitfield mask or
403 "nice-names" may be used. The values can be found in Table 31 Part 2
404 of the TPM2.0 specification, which can be found here:
405 <https://trustedcomputinggroup.org/wp-content/uploads/TPM-
407 Rev-2.0-Part-2-Structures-01.38.pdf>
408 Nice names are calculated by taking the name field of table 31 and re‐
410 moving the prefix TPMA_OBJECT_ and lowercasing the result. Thus, TP‐
411 MA_OBJECT_FIXEDTPM becomes fixedtpm. Nice names can be joined using
412 the bitwise or "|" symbol.
413 For instance, to set The fields TPMA_OBJECT_FIXEDTPM, TPMA_OBJECT_NODA,
415 and TPMA_OBJECT_SIGN_ENCRYPT, the argument would be:
416 fixedtpm|noda|sign specifying the object attributes ATTRIBUTES.
418
420 This collection of options are common to many programs and provide in‐
421 formation that many users may expect.
422 · -h, --help=[man|no-man]: Display the tools manpage. By default, it
424 attempts to invoke the manpager for the tool, however, on failure
425 will output a short tool summary. This is the same behavior if the
426 "man" option argument is specified, however if explicit "man" is re‐
427 quested, the tool will provide errors from man on stderr. If the
428 "no-man" option if specified, or the manpager fails, the short op‐
429 tions will be output to stdout.
430 To successfully use the manpages feature requires the manpages to be
432 installed or on MANPATH, See man(1) for more details.
433 · -v, --version: Display version information for this tool, supported
435 tctis and exit.
436 · -V, --verbose: Increase the information that the tool prints to the
438 console during its execution. When using this option the file and
439 line number are printed.
440 · -Q, --quiet: Silence normal tool output to stdout.
442 · -Z, --enable-errata: Enable the application of errata fixups. Useful
444 if an errata fixup needs to be applied to commands sent to the TPM.
445 Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent. in‐
446 formation many users may expect.
447
449 The TCTI or "Transmission Interface" is the communication mechanism
450 with the TPM. TCTIs can be changed for communication with TPMs across
451 different mediums.
452 To control the TCTI, the tools respect:
454 1. The command line option -T or --tcti
456 2. The environment variable: TPM2TOOLS_TCTI.
458 Note: The command line option always overrides the environment vari‐
460 able.
461 The current known TCTIs are:
463 · tabrmd - The resource manager, called tabrmd
465 (https://github.com/tpm2-software/tpm2-abrmd). Note that tabrmd and
466 abrmd as a tcti name are synonymous.
467 · mssim - Typically used for communicating to the TPM software simula‐
469 tor.
470 · device - Used when talking directly to a TPM device file.
472 · none - Do not initalize a connection with the TPM. Some tools allow
474 for off-tpm options and thus support not using a TCTI. Tools that do
475 not support it will error when attempted to be used without a TCTI
476 connection. Does not support ANY options and MUST BE presented as
477 the exact text of "none".
478 The arguments to either the command line option or the environment
480 variable are in the form:
481 <tcti-name>:<tcti-option-config>
483 Specifying an empty string for either the <tcti-name> or <tcti-op‐
485 tion-config> results in the default being used for that portion respec‐
486 tively.
487 TCTI Defaults
489 When a TCTI is not specified, the default TCTI is searched for using
490 dlopen(3) semantics. The tools will search for tabrmd, device and
491 mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND. You can query
492 what TCTI will be chosen as the default by using the -v option to print
493 the version information. The "default-tcti" key-value pair will indi‐
494 cate which of the aforementioned TCTIs is the default.
495 Custom TCTIs
497 Any TCTI that implements the dynamic TCTI interface can be loaded. The
498 tools internally use dlopen(3), and the raw tcti-name value is used for
499 the lookup. Thus, this could be a path to the shared library, or a li‐
500 brary name as understood by dlopen(3) semantics.
501
503 This collection of options are used to configure the various known TCTI
504 modules available:
505 · device: For the device TCTI, the TPM character device file for use by
507 the device TCTI can be specified. The default is /dev/tpm0.
508 Example: -T device:/dev/tpm0 or export TPM2TOOLS_TCTI="de‐
510 vice:/dev/tpm0"
511 · mssim: For the mssim TCTI, the domain name or IP address and port
513 number used by the simulator can be specified. The default are
514 127.0.0.1 and 2321.
515 Example: -T mssim:host=localhost,port=2321 or export TPM2TOOLS_TC‐
517 TI="mssim:host=localhost,port=2321"
518 · abrmd: For the abrmd TCTI, the configuration string format is a se‐
520 ries of simple key value pairs separated by a ',' character. Each
521 key and value string are separated by a '=' character.
522 · TCTI abrmd supports two keys:
524 1. 'bus_name' : The name of the tabrmd service on the bus (a
526 string).
527 2. 'bus_type' : The type of the dbus instance (a string) limited to
529 'session' and 'system'.
530 Specify the tabrmd tcti name and a config string of bus_name=com.ex‐
532 ample.FooBar:
533 \--tcti=tabrmd:bus_name=com.example.FooBar
535 Specify the default (abrmd) tcti and a config string of bus_type=ses‐
537 sion:
538 \--tcti:bus_type=session
540 NOTE: abrmd and tabrmd are synonymous. the various known TCTI mod‐
542 ules.
543
545 · If the hierarchy is null or the name hashing algorithm is null, tick‐
546 ets produced using the object will be NULL.
547 · If the private portion of an object is specified, the hierarchy must
549 be null or the TPM will reject loading it.
550
552 Load a TPM generated public key into the owner hierarchy
553 tpm2_createprimary -c primary.ctx
554 tpm2_create -C primary.ctx -u pub.dat -r priv.dat
556 tpm2_loadexternal -C o -u pub.dat -c pub.ctx
558 name: 000b9be4d7c6193a57e1bfc86a42a6b03856a91d2f9e77c6cbdb796a783d52d4b3b9
559 Load an RSA public key into the owner hierarchy
561 openssl genrsa -out private.pem 2048
562 openssl rsa -in private.pem -out public.pem -outform PEM -pubout
564 tpm2_loadexternal -C o -Grsa -u public.pem -c key.ctx
566 name: 000b7b91d304d16995d42792b57d0fb25df7abe5fdd8afe9950730e00dc5b934ddbc
567 Load an RSA key-pair into the null hierarchy
569 openssl genrsa -out private.pem 2048
570 tpm2_loadexternal -C n -Grsa -r private.pem -c key.ctx
572 name: 000b635ea220b6c62ec1d02343859dd203c8ac5dad82ebc5b124e407d2502f88691f
573 Load an AES key into the null hierarchy
575 dd if=/dev/urandom of=sym.key bs=1 count=16
576 tpm2_loadexternal -C n -Gaes -r sym.key -c key.ctx
578 name: 000bfc4d8dd7e4f921bcc9dca4b04f49564243cd9def129a3740002bfd4b9e966d34
579
581 Tools can return any of the following codes:
582 · 0 - Success.
584 · 1 - General non-specific error.
586 · 2 - Options handling error.
588 · 3 - Authentication error.
590 · 4 - TCTI related error.
592 · 5 - Non supported scheme. Applicable to tpm2_testparams.
594
596 Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
597
599 See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
600tpm2-tools tpm2_loadexternal(1)