tpm2_certifycreation(1)

1tpm2_certifycreation(1)     General Commands Manual    tpm2_certifycreation(1)
2
3
4

6       tpm2_certifycreation(1)  - Attest the association between a loaded pub‐
7       lic area and the provided hash of the creation data.
8

10       tpm2_certifycreation [OPTIONS]
11

13       tpm2_certifycreation(1) - Attest the association between a loaded  pub‐
14       lic area and the provided hash of the creation data.  The creation data
15       and the creation ticket is produced when creating the object.  The  ob‐
16       ject  itself  is  created with either TPM2_CreatePrimary or TPM2_Create
17       commands.
18

20       · -C, --signingkey-context=OBJECT:
21
22         Context object pointing to the key used that signs the attestation.
23
24       · -P, --signingkey-authAUTH:
25
26         Optional authorization value to use for the key specified by -C.
27
28       · -c, --certifiedkey-context=OBJECT:
29
30         Context object pointing to the key that has to be certified.
31
32       · -g, --hash-algorithm=ALGORITHM:
33
34         The hash algorithm used to digest the creation data.
35
36       · -s, --scheme=ALGORITHM:
37
38         The signing scheme used to sign the attestation data.
39
40       · -d, --creation-hash=FILE
41
42         File containing the digest of the creation data.
43
44       · -t, --ticket=FILE:
45
46         The ticket file to validate that the creation data  was  produced  by
47         the TPM.
48
49       · -o, --signature=FILE:
50
51         File  containing the signature of the attestation data for the certi‐
52         fied key.
53
54       · -f, --format=FORMAT:
55
56         Output signature format selection.
57
58       · --attestation=FILE:
59
60         The attestation data of the type TPM2_CREATION_INFO signed with sign‐
61         ing key.
62
63       · -q, --qualification=FILE_OR_HEX:
64
65         Optional, the policy qualifier data that the signer can choose to in‐
66         clude in the signature.  Can either be a path or hex string.
67
68   References

70       The type of a context object, whether it is a handle or file  name,  is
71       determined according to the following logic in-order:
72
73       · If the argument is a file path, then the file is loaded as a restored
74         TPM transient object.
75
76       · If the argument is a prefix match on one of:
77
78         · owner: the owner hierarchy
79
80         · platform: the platform hierarchy
81
82         · endorsement: the endorsement hierarchy
83
84         · lockout: the lockout control persistent object
85
86       · If the argument argument can be loaded as a number it will  be  treat
87         as a handle, e.g.  0x81010013 and used directly.OBJECT.
88

90       Authorization  for  use  of an object in TPM2.0 can come in 3 different
91       forms: 1.  Password 2.  HMAC 3.  Sessions
92
93       NOTE: "Authorizations default to the EMPTY  PASSWORD  when  not  speci‐
94       fied".
95
96   Passwords
97       Passwords  are  interpreted  in  the following forms below using prefix
98       identifiers.
99
100       Note: By default passwords are assumed to be in the  string  form  when
101       they do not have a prefix.
102
103   String
104       A  string  password,  specified  by  prefix "str:" or it's absence (raw
105       string without prefix) is not interpreted, and is directly used for au‐
106       thorization.
107
108   Examples
109              foobar
110              str:foobar
111
112   Hex-string
113       A  hex-string  password, specified by prefix "hex:" is converted from a
114       hexidecimal form into a byte array form, thus allowing  passwords  with
115       non-printable and/or terminal un-friendly characters.
116
117   Example
118              hex:0x1122334455667788
119
120   File
121       A  file  based password, specified be prefix "file:" should be the path
122       of a file containing the password to be read by the tool or  a  "-"  to
123       use  stdin.   Storing  passwords in files prevents information leakage,
124       passwords passed as options can be read from the process list or common
125       shell history features.
126
127   Examples
128              # to use stdin and be prompted
129              file:-
130
131              # to use a file from a path
132              file:path/to/password/file
133
134              # to echo a password via stdin:
135              echo foobar | tpm2_tool -p file:-
136
137              # to use a bash here-string via stdin:
138
139              tpm2_tool -p file:- <<< foobar
140
141   Sessions
142       When  using  a policy session to authorize the use of an object, prefix
143       the option argument with the session keyword.  Then indicate a path  to
144       a session file that was created with tpm2_startauthsession(1).  Option‐
145       ally, if the session requires an auth value to be sent with the session
146       handle  (eg policy password), then append a + and a string as described
147       in the Passwords section.
148
149   Examples
150       To use a session context file called session.ctx.
151
152              session:session.ctx
153
154       To use a session context file called session.ctx AND send the authvalue
155       mypassword.
156
157              session:session.ctx+mypassword
158
159       To use a session context file called session.ctx AND send the HEX auth‐
160       value 0x11223344.
161
162              session:session.ctx+hex:11223344
163
164   PCR Authorizations
165       You can satisfy a PCR policy using the "pcr:" prefix and the PCR  mini‐
166       language.       The     PCR     minilanguage     is     as     follows:
167       <pcr-spec>=<raw-pcr-file>
168
169       The PCR spec is documented in in the section "PCR bank specifiers".
170
171       The raw-pcr-file is an optional the output of the raw PCR  contents  as
172       returned by tpm2_pcrread(1).
173
174       PCR bank specifiers (common/pcr.md)
175
176   Examples
177       To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
178       er of:
179
180              pcr:sha256:0,1,2,3
181
182       specifying AUTH.
183

185       Options that take algorithms support "nice-names".
186
187       There are two major algorithm specification string classes, simple  and
188       complex.  Only certain algorithms will be accepted by the TPM, based on
189       usage and conditions.
190
191   Simple specifiers
192       These are strings with no additional specification data.  When creating
193       objects,  non-specified  portions of an object are assumed to defaults.
194       You can find the list of known "Simple Specifiers Below".
195
196   Asymmetric
197       · rsa
198
199       · ecc
200
201   Symmetric
202       · aes
203
204       · camellia
205
206   Hashing Algorithms
207       · sha1
208
209       · sha256
210
211       · sha384
212
213       · sha512
214
215       · sm3_256
216
217       · sha3_256
218
219       · sha3_384
220
221       · sha3_512
222
223   Keyed Hash
224       · hmac
225
226       · xor
227
228   Signing Schemes
229       · rsassa
230
231       · rsapss
232
233       · ecdsa
234
235       · ecdaa
236
237       · ecschnorr
238
239   Asymmetric Encryption Schemes
240       · oaep
241
242       · rsaes
243
244       · ecdh
245
246   Modes
247       · ctr
248
249       · ofb
250
251       · cbc
252
253       · cfb
254
255       · ecb
256
257   Misc
258       · null
259
260   Complex Specifiers
261       Objects, when specified for creation by the TPM,  have  numerous  algo‐
262       rithms  to  populate  in the public data.  Things like type, scheme and
263       asymmetric details, key size, etc.  Below is  the  general  format  for
264       specifying this data: <type>:<scheme>:<symmetric-details>
265
266   Type Specifiers
267       This  portion  of the complex algorithm specifier is required.  The re‐
268       maining scheme and symmetric details will default  based  on  the  type
269       specified and the type of the object being created.
270
271       · aes - Default AES: aes128
272
273       · aes128<mode>  - 128 bit AES with optional mode (ctr|ofb|cbc|cfb|ecb).
274         If mode is not specified, defaults to null.
275
276       · aes192<mode> - Same as aes128<mode>, except for a 192 bit key size.
277
278       · aes256<mode> - Same as aes128<mode>, except for a 256 bit key size.
279
280       · ecc - Elliptical Curve, defaults to ecc256.
281
282       · ecc192 - 192 bit ECC
283
284       · ecc224 - 224 bit ECC
285
286       · ecc256 - 256 bit ECC
287
288       · ecc384 - 384 bit ECC
289
290       · ecc521 - 521 bit ECC
291
292       · rsa - Default RSA: rsa2048
293
294       · rsa1024 - RSA with 1024 bit keysize.
295
296       · rsa2048 - RSA with 2048 bit keysize.
297
298       · rsa4096 - RSA with 4096 bit keysize.
299
300   Scheme Specifiers
301       Next, is an optional field, it can be skipped.
302
303       Schemes are usually Signing Schemes or Asymmetric  Encryption  Schemes.
304       Most signing schemes take a hash algorithm directly following the sign‐
305       ing scheme.  If the hash algorithm is missing, it defaults  to  sha256.
306       Some take no arguments, and some take multiple arguments.
307
308   Hash Optional Scheme Specifiers
309       These  scheme  specifiers are followed by a dash and a valid hash algo‐
310       rithm, For example: oaep-sha256.
311
312       · oaep
313
314       · ecdh
315
316       · rsassa
317
318       · rsapss
319
320       · ecdsa
321
322       · ecschnorr
323
324   Multiple Option Scheme Specifiers
325       This scheme specifier is followed by a count  (max  size  UINT16)  then
326       folloed  by a dash(-) and a valid hash algorithm.  * ecdaa For example,
327       ecdaa4-sha256.  If no count is specified, it defaults to 4.
328
329   No Option Scheme Specifiers
330       This scheme specifier takes NO arguments.  * rsaes
331
332   Symmetric Details Specifiers
333       This field is optional, and defaults based on the type of object  being
334       created  and it's attributes.  Generally, any valid Symmetric specifier
335       from the Type Specifiers list should work.  If not specified, an  asym‐
336       metric objects symmetric details defaults to aes128cfb.
337
338   Examples
339   Create an rsa2048 key with an rsaes asymmetric encryption scheme
340       tpm2_create -C parent.ctx -G rsa2048:rsaes -u key.pub -r key.priv
341
342   Create an ecc256 key with an ecdaa signing scheme with a count of 4
343       and sha384 hash
344
345       /tpm2_create -C parent.ctx -G ecc256:ec‐
346       daa4-sha384 -u key.pub -r key.priv cryptographic algorithms ALGORITHM.
347

349       This collection of options are common to many programs and provide  in‐
350       formation that many users may expect.
351
352       · -h,  --help=[man|no-man]:  Display the tools manpage.  By default, it
353         attempts to invoke the manpager for the  tool,  however,  on  failure
354         will  output  a short tool summary.  This is the same behavior if the
355         "man" option argument is specified, however if explicit "man" is  re‐
356         quested,  the  tool  will  provide errors from man on stderr.  If the
357         "no-man" option if specified, or the manpager fails,  the  short  op‐
358         tions will be output to stdout.
359
360         To  successfully use the manpages feature requires the manpages to be
361         installed or on MANPATH, See man(1) for more details.
362
363       · -v, --version: Display version information for this  tool,  supported
364         tctis and exit.
365
366       · -V,  --verbose:  Increase the information that the tool prints to the
367         console during its execution.  When using this option  the  file  and
368         line number are printed.
369
370       · -Q, --quiet: Silence normal tool output to stdout.
371
372       · -Z, --enable-errata: Enable the application of errata fixups.  Useful
373         if an errata fixup needs to be applied to commands sent to  the  TPM.
374         Defining  the environment TPM2TOOLS_ENABLE_ERRATA is equivalent.  in‐
375         formation many users may expect.
376

378       The TCTI or "Transmission Interface"  is  the  communication  mechanism
379       with  the TPM.  TCTIs can be changed for communication with TPMs across
380       different mediums.
381
382       To control the TCTI, the tools respect:
383
384       1. The command line option -T or --tcti
385
386       2. The environment variable: TPM2TOOLS_TCTI.
387
388       Note: The command line option always overrides  the  environment  vari‐
389       able.
390
391       The current known TCTIs are:
392
393       · tabrmd      -     The     resource     manager,     called     tabrmd
394         (https://github.com/tpm2-software/tpm2-abrmd).  Note that tabrmd  and
395         abrmd as a tcti name are synonymous.
396
397       · mssim  - Typically used for communicating to the TPM software simula‐
398         tor.
399
400       · device - Used when talking directly to a TPM device file.
401
402       · none - Do not initalize a connection with the TPM.  Some tools  allow
403         for off-tpm options and thus support not using a TCTI.  Tools that do
404         not support it will error when attempted to be used  without  a  TCTI
405         connection.   Does  not  support ANY options and MUST BE presented as
406         the exact text of "none".
407
408       The arguments to either the command  line  option  or  the  environment
409       variable are in the form:
410
411       <tcti-name>:<tcti-option-config>
412
413       Specifying  an  empty  string  for  either the <tcti-name> or <tcti-op‐
414       tion-config> results in the default being used for that portion respec‐
415       tively.
416
417   TCTI Defaults
418       When  a  TCTI  is not specified, the default TCTI is searched for using
419       dlopen(3) semantics.  The tools will  search  for  tabrmd,  device  and
420       mssim  TCTIs  IN THAT ORDER and USE THE FIRST ONE FOUND.  You can query
421       what TCTI will be chosen as the default by using the -v option to print
422       the  version information.  The "default-tcti" key-value pair will indi‐
423       cate which of the aforementioned TCTIs is the default.
424
425   Custom TCTIs
426       Any TCTI that implements the dynamic TCTI interface can be loaded.  The
427       tools internally use dlopen(3), and the raw tcti-name value is used for
428       the lookup.  Thus, this could be a path to the shared library, or a li‐
429       brary name as understood by dlopen(3) semantics.
430

432       This collection of options are used to configure the various known TCTI
433       modules available:
434
435       · device: For the device TCTI, the TPM character device file for use by
436         the device TCTI can be specified.  The default is /dev/tpm0.
437
438         Example:    -T   device:/dev/tpm0   or   export   TPM2TOOLS_TCTI="de‐
439         vice:/dev/tpm0"
440
441       · mssim: For the mssim TCTI, the domain name or  IP  address  and  port
442         number  used  by  the  simulator  can  be specified.  The default are
443         127.0.0.1 and 2321.
444
445         Example: -T mssim:host=localhost,port=2321  or  export  TPM2TOOLS_TC‐
446         TI="mssim:host=localhost,port=2321"
447
448       · abrmd:  For  the abrmd TCTI, the configuration string format is a se‐
449         ries of simple key value pairs separated by a  ','  character.   Each
450         key and value string are separated by a '=' character.
451
452         · TCTI abrmd supports two keys:
453
454           1. 'bus_name'  :  The  name  of  the  tabrmd  service on the bus (a
455              string).
456
457           2. 'bus_type' : The type of the dbus instance (a string) limited to
458              'session' and 'system'.
459
460         Specify  the tabrmd tcti name and a config string of bus_name=com.ex‐
461         ample.FooBar:
462
463         \--tcti=tabrmd:bus_name=com.example.FooBar
464
465         Specify the default (abrmd) tcti and a config string of bus_type=ses‐
466         sion:
467
468         \--tcti:bus_type=session
469
470         NOTE:  abrmd  and tabrmd are synonymous.  the various known TCTI mod‐
471         ules.  # Signature Format Specifiers
472
473       Format selection for the signature output file.  tss (the default) will
474       output a binary blob according to the TPM 2.0 specification and any po‐
475       tential compiler padding.  The option plain will output the plain  sig‐
476       nature data as defined by the used cryptographic algorithm.
477

479   Certify creation data of a primary key.
480              tpm2_createprimary -C o -c prim.ctx --creation-data create.dat \
481              -d create.dig -t create.ticket
482
483              tpm2_create -G rsa -u rsa.pub -r rsa.priv -C prim.ctx -c signing_key.ctx
484
485              tpm2_certifycreation -C signing_key.ctx -c prim.ctx -d create.dig \
486              -t create.ticket -g sha256 -o sig.nature --attestation attestat.ion -f plain \
487              -s rsassa
488

490       Tools can return any of the following codes:
491
492       · 0 - Success.
493
494       · 1 - General non-specific error.
495
496       · 2 - Options handling error.
497
498       · 3 - Authentication error.
499
500       · 4 - TCTI related error.
501
502       · 5 - Non supported scheme.  Applicable to tpm2_testparams.
503

505       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
506

508       See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
509
510
511
512tpm2-tools                                             tpm2_certifycreation(1)

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

Context Object Format

Authorization Formatting

Algorithm Specifiers

COMMON OPTIONS

TCTI Configuration

TCTI OPTIONS

EXAMPLES

Returns

BUGS

HELP