tsscreateprimary(1)

1CREATEPRIMARY(1)                 User Commands                CREATEPRIMARY(1)
2
3
4

NAME

6       createprimary - Runs TPM2 createprimary
7

DESCRIPTION

9       createprimary creates a primary storage key
10
11       Runs TPM2_CreatePrimary
12
13       [-hi   hierarchy (e, o, p, n) (default null)]
14
15       [-pwdp password for hierarchy (default empty)]
16
17       [-pwdpi
18              password file name for hierarchy (default empty)]
19
20       [-pwdk password for key (default empty)]
21
22       [-iu   inPublic unique field file (default none)]
23
24       [-opu  public key file name (default do not save)]
25
26       [-opem public key PEM format file name (default do not save)]
27
28       [-tk   output ticket file name]
29
30       [-ch   output creation hash file name]
31
32              [Asymmetric Key Algorithm]
33
34       -rsa (default)
35
36       -ecc curve
37
38              bnp256 nistp256 nistp384
39
40              Key attributes
41
42       -bl    data blob for unseal (create only) -if     data file name
43
44       -den   decryption, (unrestricted, RSA and EC NULL scheme)
45
46       -deo   decryption, (unrestricted, RSA OAEP, EC NULL scheme)
47
48       -des   encryption/decryption,  AES symmetric [-116 for TPM rev 116 com‐
49              patibility]
50
51       -st    storage (restricted) [default for primary keys]
52
53       -si    unrestricted signing (RSA and EC NULL scheme)
54
55       -sir   restricted signing (RSA RSASSA, EC ECDSA scheme)
56
57       -dau   unrestricted ECDAA signing key pair
58
59       -dar   restricted ECDAA signing key pair
60
61       -kh    keyed hash (hmac)
62
63       -dp    derivation parent
64
65       -gp    general purpose, not storage
66
67       [-kt   (can be specified more than once)] f       fixedTPM (default for
68              primary   keys   and  derivation  parents)  p        fixedParent
69              (default for primary keys and  derivation  parents)  nf       no
70              fixedTPM  (default  for non-primary keys) np      no fixedParent
71              (default for non-primary keys)
72
73       [-da   object subject to DA protection (default no)]
74
75       [-pol  policy file (default empty)]
76
77       [-uwa  userWithAuth attribute clear (default set)]
78
79       [-nalg name hash algorithm  (sha1,  sha256,  sha384,  sha512)  (default
80              sha256)]
81
82       [-halg scheme  hash  algorithm  (sha1, sha256, sha384, sha512) (default
83              sha256)]
84
85       -se[0-2] session handle / attributes (default PWAP)
86
87       01     continue
88
89       20     command decrypt
90
91       40     response encrypt
92
93
94
95createprimary 1308                August 2018                 CREATEPRIMARY(1)