1TSSCREATEPRIMARY(1)              User Commands             TSSCREATEPRIMARY(1)
2
3
4

NAME

6       tsscreateprimary - Runs TPM2_CreatePrimary
7

DESCRIPTION

9       createprimary creates a primary storage key
10
11       Runs TPM2_CreatePrimary
12
13              [-hi  hierarchy (e, o, p, n) (default null)] [-pwdp password for
14              hierarchy (default empty)] [-pwdpi password file name for  hier‐
15              archy  (default empty)] [-pwdk password for key (default empty)]
16              [-iu inPublic unique field file (default none)] [-opu public key
17              file  name  (default  do not save)] [-opem public key PEM format
18              file name (default do not save)] [-tk output ticket  file  name]
19              [-ch output creation hash file name]
20
21              [Asymmetric Key Algorithm]
22
23              -rsa (default) -ecc curve
24
25       bnp256 nistp256 nistp384
26
27              Key attributes
28
29       -bl data blob for unseal (create only)
30              -if data file name
31
32              -den  decryption,  (unrestricted,  RSA  and EC NULL scheme) -deo
33              decryption,  (unrestricted,  RSA  OAEP,  EC  NULL  scheme)  -des
34              encryption/decryption, AES symmetric
35
36              [-116 for TPM rev 116 compatibility]
37
38       -st storage (restricted)
39              [default for primary keys]
40
41              -si   unrestricted   signing  (RSA  and  EC  NULL  scheme)  -sir
42              restricted signing (RSA RSASSA,  EC  ECDSA  scheme)  -dau  unre‐
43              stricted  ECDAA  signing  key pair -dar restricted ECDAA signing
44              key pair -kh keyed hash (hmac) -dp derivation parent -gp general
45              purpose, not storage
46
47       [-kt (can be specified more than once)]
48              f  fixedTPM  (default for primary keys and derivation parents) p
49              fixedParent (default for primary keys and derivation parents) nf
50              no  fixedTPM  (default  for  non-primary keys) np no fixedParent
51              (default for non-primary keys)
52
53              [-da object subject to DA protection (default no)]
54
55              [-pol policy file (default empty)] [-uwa userWithAuth  attribute
56              clear (default set)]
57
58              [-nalg  name  hash  algorithm  (sha1,  sha256,  sha384) (default
59              sha256)] [-halg scheme hash  algorithm  (sha1,  sha256,  sha384)
60              (default sha256)]
61
62       -se[0-2] session handle / attributes (default PWAP)
63
64              01 continue 20 command decrypt 40 response encrypt
65

SEE ALSO

67       The  full documentation for tsscreateprimary is maintained as a Texinfo
68       manual.   If  the  info  and  tsscreateprimary  programs  are  properly
69       installed at your site, the command
70
71              info tsscreateprimary
72
73       should give you access to the complete manual.
74
75
76
77tsscreateprimary v1234             June 2018               TSSCREATEPRIMARY(1)
Impressum