1tpm2_policysecret(1) General Commands Manual tpm2_policysecret(1)
2
6 tpm2_policysecret(1) - Couples the authorization of an object to that
7 of an existing object.
8
10 tpm2_policysecret [OPTIONS] [ARGUMENT]
11
13 tpm2_policysecret(1) - Couples the authorization of an object to that
14 of an existing object without requiring exposing the existing secret
15 until time of object use.
16
18 · -c, --object-context=OBJECT:
19 A context object specifier of a transient/permanent/persistent ob‐
21 ject. Either a file path of a object context blob or a loaded/per‐
22 sistent/permanent handle id. See section "Context Object Format".
23 As an argument, it takes the auth value of the associated TPM object,
24 a single dash - can be used to read the auth value from stdin. The
25 argument follows the "authorization formatting standards", see sec‐
26 tion "Authorization Formatting".
27 · -S, --session=FILE:
29 The policy session file generated via the -S option to tpm2_star‐
31 tauthsession(1).
32 · -L, --policy=FILE:
34 File to save the policy digest.
36 · -t, --expiration=NATURAL_NUMBER:
38 Set the expiration time of the policy in seconds. In absence of non‐
40 ceTPM the expiration time is the policy timeout value. If expiration
41 value is 0 then the policy does not have a time limit on the autho‐
42 rization.
43 · --ticket=FILE:
45 The ticket file to record the authorization ticket structure.
47 · --timeout=FILE:
49 The file path to record the timeout structure returned.
51 · -x, --nonce-tpm:
53 Enable the comparison of the current session's nonceTPM to ensure the
55 validity of the policy authorization is limited to the current ses‐
56 sion.
57 · -q, --qualification=FILE_OR_HEX_STR:
59 Optional, the policy qualifier data that the signer can choose to in‐
61 clude in the signature. Can be either a hex string or path.
62 · ARGUMENT the command line argument specifies the AUTH to be set for
64 the object specified with -c.
65 References
68 The type of a context object, whether it is a handle or file name, is
69 determined according to the following logic in-order:
70 · If the argument is a file path, then the file is loaded as a restored
72 TPM transient object.
73 · If the argument is a prefix match on one of:
75 · owner: the owner hierarchy
77 · platform: the platform hierarchy
79 · endorsement: the endorsement hierarchy
81 · lockout: the lockout control persistent object
83 · If the argument argument can be loaded as a number it will be treat
85 as a handle, e.g. 0x81010013 and used directly.OBJECT.
86
88 Authorization for use of an object in TPM2.0 can come in 3 different
89 forms: 1. Password 2. HMAC 3. Sessions
90 NOTE: "Authorizations default to the EMPTY PASSWORD when not speci‐
92 fied".
93 Passwords
95 Passwords are interpreted in the following forms below using prefix
96 identifiers.
97 Note: By default passwords are assumed to be in the string form when
99 they do not have a prefix.
100 String
102 A string password, specified by prefix "str:" or it's absence (raw
103 string without prefix) is not interpreted, and is directly used for au‐
104 thorization.
105 Examples
107 foobar
108 str:foobar
109 Hex-string
111 A hex-string password, specified by prefix "hex:" is converted from a
112 hexidecimal form into a byte array form, thus allowing passwords with
113 non-printable and/or terminal un-friendly characters.
114 Example
116 hex:0x1122334455667788
117 File
119 A file based password, specified be prefix "file:" should be the path
120 of a file containing the password to be read by the tool or a "-" to
121 use stdin. Storing passwords in files prevents information leakage,
122 passwords passed as options can be read from the process list or common
123 shell history features.
124 Examples
126 # to use stdin and be prompted
127 file:-
128 # to use a file from a path
130 file:path/to/password/file
131 # to echo a password via stdin:
133 echo foobar | tpm2_tool -p file:-
134 # to use a bash here-string via stdin:
136 tpm2_tool -p file:- <<< foobar
138 Sessions
140 When using a policy session to authorize the use of an object, prefix
141 the option argument with the session keyword. Then indicate a path to
142 a session file that was created with tpm2_startauthsession(1). Option‐
143 ally, if the session requires an auth value to be sent with the session
144 handle (eg policy password), then append a + and a string as described
145 in the Passwords section.
146 Examples
148 To use a session context file called session.ctx.
149 session:session.ctx
151 To use a session context file called session.ctx AND send the authvalue
153 mypassword.
154 session:session.ctx+mypassword
156 To use a session context file called session.ctx AND send the HEX auth‐
158 value 0x11223344.
159 session:session.ctx+hex:11223344
161 PCR Authorizations
163 You can satisfy a PCR policy using the "pcr:" prefix and the PCR mini‐
164 language. The PCR minilanguage is as follows:
165 <pcr-spec>=<raw-pcr-file>
166 The PCR spec is documented in in the section "PCR bank specifiers".
168 The raw-pcr-file is an optional the output of the raw PCR contents as
170 returned by tpm2_pcrread(1).
171 PCR bank specifiers (common/pcr.md)
173 Examples
175 To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
176 er of:
177 pcr:sha256:0,1,2,3
179 specifying AUTH.
181
183 This collection of options are common to many programs and provide in‐
184 formation that many users may expect.
185 · -h, --help=[man|no-man]: Display the tools manpage. By default, it
187 attempts to invoke the manpager for the tool, however, on failure
188 will output a short tool summary. This is the same behavior if the
189 "man" option argument is specified, however if explicit "man" is re‐
190 quested, the tool will provide errors from man on stderr. If the
191 "no-man" option if specified, or the manpager fails, the short op‐
192 tions will be output to stdout.
193 To successfully use the manpages feature requires the manpages to be
195 installed or on MANPATH, See man(1) for more details.
196 · -v, --version: Display version information for this tool, supported
198 tctis and exit.
199 · -V, --verbose: Increase the information that the tool prints to the
201 console during its execution. When using this option the file and
202 line number are printed.
203 · -Q, --quiet: Silence normal tool output to stdout.
205 · -Z, --enable-errata: Enable the application of errata fixups. Useful
207 if an errata fixup needs to be applied to commands sent to the TPM.
208 Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent. in‐
209 formation many users may expect.
210
212 The TCTI or "Transmission Interface" is the communication mechanism
213 with the TPM. TCTIs can be changed for communication with TPMs across
214 different mediums.
215 To control the TCTI, the tools respect:
217 1. The command line option -T or --tcti
219 2. The environment variable: TPM2TOOLS_TCTI.
221 Note: The command line option always overrides the environment vari‐
223 able.
224 The current known TCTIs are:
226 · tabrmd - The resource manager, called tabrmd
228 (https://github.com/tpm2-software/tpm2-abrmd). Note that tabrmd and
229 abrmd as a tcti name are synonymous.
230 · mssim - Typically used for communicating to the TPM software simula‐
232 tor.
233 · device - Used when talking directly to a TPM device file.
235 · none - Do not initalize a connection with the TPM. Some tools allow
237 for off-tpm options and thus support not using a TCTI. Tools that do
238 not support it will error when attempted to be used without a TCTI
239 connection. Does not support ANY options and MUST BE presented as
240 the exact text of "none".
241 The arguments to either the command line option or the environment
243 variable are in the form:
244 <tcti-name>:<tcti-option-config>
246 Specifying an empty string for either the <tcti-name> or <tcti-op‐
248 tion-config> results in the default being used for that portion respec‐
249 tively.
250 TCTI Defaults
252 When a TCTI is not specified, the default TCTI is searched for using
253 dlopen(3) semantics. The tools will search for tabrmd, device and
254 mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND. You can query
255 what TCTI will be chosen as the default by using the -v option to print
256 the version information. The "default-tcti" key-value pair will indi‐
257 cate which of the aforementioned TCTIs is the default.
258 Custom TCTIs
260 Any TCTI that implements the dynamic TCTI interface can be loaded. The
261 tools internally use dlopen(3), and the raw tcti-name value is used for
262 the lookup. Thus, this could be a path to the shared library, or a li‐
263 brary name as understood by dlopen(3) semantics.
264
266 This collection of options are used to configure the various known TCTI
267 modules available:
268 · device: For the device TCTI, the TPM character device file for use by
270 the device TCTI can be specified. The default is /dev/tpm0.
271 Example: -T device:/dev/tpm0 or export TPM2TOOLS_TCTI="de‐
273 vice:/dev/tpm0"
274 · mssim: For the mssim TCTI, the domain name or IP address and port
276 number used by the simulator can be specified. The default are
277 127.0.0.1 and 2321.
278 Example: -T mssim:host=localhost,port=2321 or export TPM2TOOLS_TC‐
280 TI="mssim:host=localhost,port=2321"
281 · abrmd: For the abrmd TCTI, the configuration string format is a se‐
283 ries of simple key value pairs separated by a ',' character. Each
284 key and value string are separated by a '=' character.
285 · TCTI abrmd supports two keys:
287 1. 'bus_name' : The name of the tabrmd service on the bus (a
289 string).
290 2. 'bus_type' : The type of the dbus instance (a string) limited to
292 'session' and 'system'.
293 Specify the tabrmd tcti name and a config string of bus_name=com.ex‐
295 ample.FooBar:
296 \--tcti=tabrmd:bus_name=com.example.FooBar
298 Specify the default (abrmd) tcti and a config string of bus_type=ses‐
300 sion:
301 \--tcti:bus_type=session
303 NOTE: abrmd and tabrmd are synonymous. the various known TCTI mod‐
305 ules.
306
308 Associate auth value of a sealing object to the owner hierarchy pass‐
309 word. * Start a trial auth session and run tpm2_policysecret(1) to
310 create policy that can only be satisfied if owner hierarchy auth value
311 is supplied. * Start a real policy session and provide the owner hier‐
312 archy auth value. * Provide the session input where in the policyse‐
313 cret for owner hierarchy auth was satisfied to the unseal tool. * If
314 the policy was satisfied unsealing should succeed.
315 Generate a policy that binds to the secret of the owner hiearchy
317 tpm2_startauthsession -S session.ctx
318 tpm2_policysecret -S session.ctx -c o -L secret.policy
320 tpm2_flushcontext session.ctx
322 Create a TPM object using the policy
324 tpm2_createprimary -Q -C o -g sha256 -G rsa -c prim.ctx
325 tpm2_create -Q -g sha256 -u sealing_key.pub -r sealing_key.priv -i- \
327 -C prim.ctx -L secret.policy <<< "SEALED-SECRET"
328 tpm2_load -C prim.ctx -u sealing_key.pub -r sealing_key.priv \
330 -c sealing_key.ctx
331 Satisfy the policy and unseal the secret
333 tpm2_startauthsession --policy-session -S session.ctx
334 tpm2_policysecret -S session.ctx -c o -L secret.policy
336 tpm2_unseal -p "session:session.ctx" -c sealing_key.ctx
338 SEALED-SECRET
339 tpm2_flushcontext session.ctx
341
343 Tools can return any of the following codes:
344 · 0 - Success.
346 · 1 - General non-specific error.
348 · 2 - Options handling error.
350 · 3 - Authentication error.
352 · 4 - TCTI related error.
354 · 5 - Non supported scheme. Applicable to tpm2_testparams.
356
358 It expects a session to be already established via tpm2_startauthses‐
359 sion(1) and requires one of the following:
360 · direct device access
362 · extended session support with tpm2-abrmd.
364 Without it, most resource managers will not save session state between
366 command invocations.
367
369 Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
370
372 See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
373tpm2-tools tpm2_policysecret(1)