tpm2_sign(1)

1tpm2_sign(1)                General Commands Manual               tpm2_sign(1)
2
3
4

6       tpm2_sign(1) - Sign a hash using the TPM.
7

9       tpm2_sign [OPTIONS] [ARGUMENT]
10

12       tpm2_sign(1)  -  Signs  an externally provided message or hash with the
13       specified symmetric or asymmetric signing key.
14
15       If the signing key is a restricted signing key, then validation can  be
16       provided  via  the  -t  output.  The ticket indicates that the TPM per‐
17       formed the hash of the message.
18

20       · -c, --key-context=OBJECT:
21
22         Context object pointing to the the key used for  signing.   Either  a
23         file or a handle number.  See section "Context Object Format".
24
25       · -p, --authAUTH:
26
27         Optional  authorization value to use the key specified by -c.  Autho‐
28         rization values should follow  the  "authorization  formatting  stan‐
29         dards", see section "Authorization Formatting".
30
31       · -g, --hash-algorithm=ALGORITHM:
32
33         The  hash  algorithm  used  to digest the message.  Algorithms should
34         follow the "formatting  standards",  see  section  "Algorithm  Speci‐
35         fiers".   Also, see section "Supported Hash Algorithms" for a list of
36         supported hash algorithms.
37
38       · -s, --scheme=ALGORITHM:
39
40         The signing scheme used to  sign  the  message.   Optional.   Signing
41         schemes  should follow the "formatting standards", see section "Algo‐
42         rithm Specifiers".  Also, see section "Supported Signing Schemes" for
43         a  list  of supported signature schemes.  If specified, the signature
44         scheme must match the key type.  If left unspecified, a default  sig‐
45         nature scheme for the key type will be used.
46
47       · -d, --digest:
48
49         Indicate  that  FILE  is a file containing the digest of the message.
50         When this option and -t is specified, a warning is generated and  the
51         validation  ticket  (-t)  is  ignored.  You cannot use this option to
52         sign a digest against a restricted signing key.
53
54       · -t, --ticket=FILE:
55
56         The ticket file, containing the validation structure, optional.
57
58       · -o, --signature=FILE:
59
60         The signature file, records the signature structure.
61
62       · -f, --format=FORMAT:
63
64         Format selection for the signature output file.  See section  "Signa‐
65         ture Format Specifiers".
66
67       · ARGUMENT the command line argument specifies the file data for sign.
68
69   References

71       The  type  of a context object, whether it is a handle or file name, is
72       determined according to the following logic in-order:
73
74       · If the argument is a file path, then the file is loaded as a restored
75         TPM transient object.
76
77       · If the argument is a prefix match on one of:
78
79         · owner: the owner hierarchy
80
81         · platform: the platform hierarchy
82
83         · endorsement: the endorsement hierarchy
84
85         · lockout: the lockout control persistent object
86
87       · If  the  argument argument can be loaded as a number it will be treat
88         as a handle, e.g.  0x81010013 and used directly.OBJECT.
89

91       Authorization for use of an object in TPM2.0 can come  in  3  different
92       forms: 1.  Password 2.  HMAC 3.  Sessions
93
94       NOTE:  "Authorizations  default  to  the EMPTY PASSWORD when not speci‐
95       fied".
96
97   Passwords
98       Passwords are interpreted in the following  forms  below  using  prefix
99       identifiers.
100
101       Note:  By  default  passwords are assumed to be in the string form when
102       they do not have a prefix.
103
104   String
105       A string password, specified by prefix  "str:"  or  it's  absence  (raw
106       string without prefix) is not interpreted, and is directly used for au‐
107       thorization.
108
109   Examples
110              foobar
111              str:foobar
112
113   Hex-string
114       A hex-string password, specified by prefix "hex:" is converted  from  a
115       hexidecimal  form  into a byte array form, thus allowing passwords with
116       non-printable and/or terminal un-friendly characters.
117
118   Example
119              hex:0x1122334455667788
120
121   File
122       A file based password, specified be prefix "file:" should be  the  path
123       of  a  file  containing the password to be read by the tool or a "-" to
124       use stdin.  Storing passwords in files  prevents  information  leakage,
125       passwords passed as options can be read from the process list or common
126       shell history features.
127
128   Examples
129              # to use stdin and be prompted
130              file:-
131
132              # to use a file from a path
133              file:path/to/password/file
134
135              # to echo a password via stdin:
136              echo foobar | tpm2_tool -p file:-
137
138              # to use a bash here-string via stdin:
139
140              tpm2_tool -p file:- <<< foobar
141
142   Sessions
143       When using a policy session to authorize the use of an  object,  prefix
144       the  option argument with the session keyword.  Then indicate a path to
145       a session file that was created with tpm2_startauthsession(1).  Option‐
146       ally, if the session requires an auth value to be sent with the session
147       handle (eg policy password), then append a + and a string as  described
148       in the Passwords section.
149
150   Examples
151       To use a session context file called session.ctx.
152
153              session:session.ctx
154
155       To use a session context file called session.ctx AND send the authvalue
156       mypassword.
157
158              session:session.ctx+mypassword
159
160       To use a session context file called session.ctx AND send the HEX auth‐
161       value 0x11223344.
162
163              session:session.ctx+hex:11223344
164
165   PCR Authorizations
166       You  can satisfy a PCR policy using the "pcr:" prefix and the PCR mini‐
167       language.      The     PCR     minilanguage     is     as      follows:
168       <pcr-spec>=<raw-pcr-file>
169
170       The PCR spec is documented in in the section "PCR bank specifiers".
171
172       The  raw-pcr-file  is an optional the output of the raw PCR contents as
173       returned by tpm2_pcrread(1).
174
175       PCR bank specifiers (common/pcr.md)
176
177   Examples
178       To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
179       er of:
180
181              pcr:sha256:0,1,2,3
182
183       specifying AUTH.
184

186       Options that take algorithms support "nice-names".
187
188       There  are two major algorithm specification string classes, simple and
189       complex.  Only certain algorithms will be accepted by the TPM, based on
190       usage and conditions.
191
192   Simple specifiers
193       These are strings with no additional specification data.  When creating
194       objects, non-specified portions of an object are assumed  to  defaults.
195       You can find the list of known "Simple Specifiers Below".
196
197   Asymmetric
198       · rsa
199
200       · ecc
201
202   Symmetric
203       · aes
204
205       · camellia
206
207   Hashing Algorithms
208       · sha1
209
210       · sha256
211
212       · sha384
213
214       · sha512
215
216       · sm3_256
217
218       · sha3_256
219
220       · sha3_384
221
222       · sha3_512
223
224   Keyed Hash
225       · hmac
226
227       · xor
228
229   Signing Schemes
230       · rsassa
231
232       · rsapss
233
234       · ecdsa
235
236       · ecdaa
237
238       · ecschnorr
239
240   Asymmetric Encryption Schemes
241       · oaep
242
243       · rsaes
244
245       · ecdh
246
247   Modes
248       · ctr
249
250       · ofb
251
252       · cbc
253
254       · cfb
255
256       · ecb
257
258   Misc
259       · null
260
261   Complex Specifiers
262       Objects,  when  specified  for creation by the TPM, have numerous algo‐
263       rithms to populate in the public data.  Things like  type,  scheme  and
264       asymmetric  details,  key  size,  etc.  Below is the general format for
265       specifying this data: <type>:<scheme>:<symmetric-details>
266
267   Type Specifiers
268       This portion of the complex algorithm specifier is required.   The  re‐
269       maining  scheme  and  symmetric  details will default based on the type
270       specified and the type of the object being created.
271
272       · aes - Default AES: aes128
273
274       · aes128<mode> - 128 bit AES with optional mode  (ctr|ofb|cbc|cfb|ecb).
275         If mode is not specified, defaults to null.
276
277       · aes192<mode> - Same as aes128<mode>, except for a 192 bit key size.
278
279       · aes256<mode> - Same as aes128<mode>, except for a 256 bit key size.
280
281       · ecc - Elliptical Curve, defaults to ecc256.
282
283       · ecc192 - 192 bit ECC
284
285       · ecc224 - 224 bit ECC
286
287       · ecc256 - 256 bit ECC
288
289       · ecc384 - 384 bit ECC
290
291       · ecc521 - 521 bit ECC
292
293       · rsa - Default RSA: rsa2048
294
295       · rsa1024 - RSA with 1024 bit keysize.
296
297       · rsa2048 - RSA with 2048 bit keysize.
298
299       · rsa4096 - RSA with 4096 bit keysize.
300
301   Scheme Specifiers
302       Next, is an optional field, it can be skipped.
303
304       Schemes  are  usually Signing Schemes or Asymmetric Encryption Schemes.
305       Most signing schemes take a hash algorithm directly following the sign‐
306       ing  scheme.   If the hash algorithm is missing, it defaults to sha256.
307       Some take no arguments, and some take multiple arguments.
308
309   Hash Optional Scheme Specifiers
310       These scheme specifiers are followed by a dash and a valid  hash  algo‐
311       rithm, For example: oaep-sha256.
312
313       · oaep
314
315       · ecdh
316
317       · rsassa
318
319       · rsapss
320
321       · ecdsa
322
323       · ecschnorr
324
325   Multiple Option Scheme Specifiers
326       This  scheme  specifier  is  followed by a count (max size UINT16) then
327       folloed by a dash(-) and a valid hash algorithm.  * ecdaa For  example,
328       ecdaa4-sha256.  If no count is specified, it defaults to 4.
329
330   No Option Scheme Specifiers
331       This scheme specifier takes NO arguments.  * rsaes
332
333   Symmetric Details Specifiers
334       This  field is optional, and defaults based on the type of object being
335       created and it's attributes.  Generally, any valid Symmetric  specifier
336       from  the Type Specifiers list should work.  If not specified, an asym‐
337       metric objects symmetric details defaults to aes128cfb.
338
339   Examples
340   Create an rsa2048 key with an rsaes asymmetric encryption scheme
341       tpm2_create -C parent.ctx -G rsa2048:rsaes -u key.pub -r key.priv
342
343   Create an ecc256 key with an ecdaa signing scheme with a count of 4
344       and sha384 hash
345
346       /tpm2_create -C parent.ctx -G ecc256:ec‐
347       daa4-sha384 -u key.pub -r key.priv cryptographic algorithms ALGORITHM.
348

350       This  collection of options are common to many programs and provide in‐
351       formation that many users may expect.
352
353       · -h, --help=[man|no-man]: Display the tools manpage.  By  default,  it
354         attempts  to  invoke  the  manpager for the tool, however, on failure
355         will output a short tool summary.  This is the same behavior  if  the
356         "man"  option argument is specified, however if explicit "man" is re‐
357         quested, the tool will provide errors from man  on  stderr.   If  the
358         "no-man"  option  if  specified, or the manpager fails, the short op‐
359         tions will be output to stdout.
360
361         To successfully use the manpages feature requires the manpages to  be
362         installed or on MANPATH, See man(1) for more details.
363
364       · -v,  --version:  Display version information for this tool, supported
365         tctis and exit.
366
367       · -V, --verbose: Increase the information that the tool prints  to  the
368         console  during  its  execution.  When using this option the file and
369         line number are printed.
370
371       · -Q, --quiet: Silence normal tool output to stdout.
372
373       · -Z, --enable-errata: Enable the application of errata fixups.  Useful
374         if  an  errata fixup needs to be applied to commands sent to the TPM.
375         Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent.   in‐
376         formation many users may expect.
377

379       The  TCTI  or  "Transmission  Interface" is the communication mechanism
380       with the TPM.  TCTIs can be changed for communication with TPMs  across
381       different mediums.
382
383       To control the TCTI, the tools respect:
384
385       1. The command line option -T or --tcti
386
387       2. The environment variable: TPM2TOOLS_TCTI.
388
389       Note:  The  command  line option always overrides the environment vari‐
390       able.
391
392       The current known TCTIs are:
393
394       · tabrmd     -     The     resource     manager,     called      tabrmd
395         (https://github.com/tpm2-software/tpm2-abrmd).   Note that tabrmd and
396         abrmd as a tcti name are synonymous.
397
398       · mssim - Typically used for communicating to the TPM software  simula‐
399         tor.
400
401       · device - Used when talking directly to a TPM device file.
402
403       · none  - Do not initalize a connection with the TPM.  Some tools allow
404         for off-tpm options and thus support not using a TCTI.  Tools that do
405         not  support  it  will error when attempted to be used without a TCTI
406         connection.  Does not support ANY options and MUST  BE  presented  as
407         the exact text of "none".
408
409       The  arguments  to  either  the  command line option or the environment
410       variable are in the form:
411
412       <tcti-name>:<tcti-option-config>
413
414       Specifying an empty string for  either  the  <tcti-name>  or  <tcti-op‐
415       tion-config> results in the default being used for that portion respec‐
416       tively.
417
418   TCTI Defaults
419       When a TCTI is not specified, the default TCTI is  searched  for  using
420       dlopen(3)  semantics.   The  tools  will  search for tabrmd, device and
421       mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND.  You  can  query
422       what TCTI will be chosen as the default by using the -v option to print
423       the version information.  The "default-tcti" key-value pair will  indi‐
424       cate which of the aforementioned TCTIs is the default.
425
426   Custom TCTIs
427       Any TCTI that implements the dynamic TCTI interface can be loaded.  The
428       tools internally use dlopen(3), and the raw tcti-name value is used for
429       the lookup.  Thus, this could be a path to the shared library, or a li‐
430       brary name as understood by dlopen(3) semantics.
431

433       This collection of options are used to configure the various known TCTI
434       modules available:
435
436       · device: For the device TCTI, the TPM character device file for use by
437         the device TCTI can be specified.  The default is /dev/tpm0.
438
439         Example:   -T   device:/dev/tpm0   or   export    TPM2TOOLS_TCTI="de‐
440         vice:/dev/tpm0"
441
442       · mssim:  For  the  mssim  TCTI, the domain name or IP address and port
443         number used by the simulator  can  be  specified.   The  default  are
444         127.0.0.1 and 2321.
445
446         Example:  -T  mssim:host=localhost,port=2321  or export TPM2TOOLS_TC‐
447         TI="mssim:host=localhost,port=2321"
448
449       · abrmd: For the abrmd TCTI, the configuration string format is  a  se‐
450         ries  of  simple  key value pairs separated by a ',' character.  Each
451         key and value string are separated by a '=' character.
452
453         · TCTI abrmd supports two keys:
454
455           1. 'bus_name' : The name of  the  tabrmd  service  on  the  bus  (a
456              string).
457
458           2. 'bus_type' : The type of the dbus instance (a string) limited to
459              'session' and 'system'.
460
461         Specify the tabrmd tcti name and a config string of  bus_name=com.ex‐
462         ample.FooBar:
463
464         \--tcti=tabrmd:bus_name=com.example.FooBar
465
466         Specify the default (abrmd) tcti and a config string of bus_type=ses‐
467         sion:
468
469         \--tcti:bus_type=session
470
471         NOTE: abrmd and tabrmd are synonymous.  the various known  TCTI  mod‐
472         ules.  # Signature Format Specifiers
473
474       Format selection for the signature output file.  tss (the default) will
475       output a binary blob according to the TPM 2.0 specification and any po‐
476       tential  compiler padding.  The option plain will output the plain sig‐
477       nature data as defined by the used cryptographic algorithm.
478

480   Sign and verify with the TPM using the endorsement
481       hierarchy
482
483              tpm2_createprimary -C e -c primary.ctx
484
485              tpm2_create -G rsa -u rsa.pub -r rsa.priv -C primary.ctx
486
487              tpm2_load -C primary.ctx -u rsa.pub -r rsa.priv -c rsa.ctx
488
489              echo "my message" > message.dat
490
491              tpm2_sign -c rsa.ctx -g sha256 -o sig.rssa message.dat
492
493              tpm2_verifysignature -c rsa.ctx -g sha256 -s sig.rssa -m message.dat
494
495   Sign with the TPM and verify with OSSL
496              openssl ecparam -name prime256v1 -genkey -noout -out private.ecc.pem
497
498              openssl ec -in private.ecc.pem -out public.ecc.pem -pubout
499
500              # Generate a hash to sign
501              echo "data to sign" > data.in.raw
502
503              sha256sum data.in.raw | awk '{ print "000000 " $1 }' | \
504              xxd -r -c 32 > data.in.digest
505
506              # Load the private key for signing
507              tpm2_loadexternal -Q -G ecc -r private.ecc.pem -c key.ctx
508
509              # Sign in the TPM and verify with OSSL
510              tpm2_sign -Q -c key.ctx -g sha256 -d -f plain -o data.out.signed data.in.digest
511
512              openssl dgst -verify public.ecc.pem -keyform pem -sha256 \
513              -signature data.out.signed data.in.raw
514

516       Tools can return any of the following codes:
517
518       · 0 - Success.
519
520       · 1 - General non-specific error.
521
522       · 2 - Options handling error.
523
524       · 3 - Authentication error.
525
526       · 4 - TCTI related error.
527
528       · 5 - Non supported scheme.  Applicable to tpm2_testparams.
529

531       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
532

534       See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
535
536
537
538tpm2-tools                                                        tpm2_sign(1)

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

Context Object Format

Authorization Formatting

Algorithm Specifiers

COMMON OPTIONS

TCTI Configuration

TCTI OPTIONS

EXAMPLES

Returns

BUGS

HELP