tss2_sign(1)

1tss2_sign(1)                General Commands Manual               tss2_sign(1)
2
3
4

6       tss2_sign(1) -
7

9       tss2_sign [OPTIONS]
10

12       fapi-config(5)  to  adjust  Fapi parameters like the used cryptographic
13       profile and TCTI or directories for the Fapi metadata storages.
14
15       fapi-profile(5) to determine the cryptographic algorithms  and  parame‐
16       ters for all keys and operations of a specific TPM interaction like the
17       name hash algorithm, the asymmetric signature algorithm, scheme and pa‐
18       rameters and PCR bank selection.
19

21       tss2_sign(1)  - This command uses a key inside the TPM to sign a digest
22       value using the TPM signing schemes as specified in  the  cryptographic
23       profile (cf., fapi-profile(5)).
24

26       These are the available options:
27
28       • -p, --keyPath=STRING:
29
30         The path to the signing key.
31
32       • -s, --padding=STRING:
33
34         The  padding  scheme  used.  Possible values are "RSA_SSA", "RSA_PSS"
35         (case insensitive).  Optional parameter.   If  omitted,  the  default
36         padding specified in the cryptographic profile (cf., fapi-profile(5))
37         is used.
38
39       • -c, --certificate=FILENAME or - (for stdout):
40
41         The certificate associated with keyPath in PEM format.  Optional  pa‐
42         rameter.
43
44       • -d, --digest=FILENAME or - (for stdin):
45
46         The data to be signed, already hashed.
47
48       • -f, --force:
49
50         Force overwriting the output file.
51
52       • -k, --publicKey=FILENAME or - (for stdout):
53
54         The  public  key associated with keyPath in PEM format.  Optional pa‐
55         rameter.
56
57       • -o, --signature=FILENAME or - (for stdout):
58
59         Returns the signature in binary form.
60

62       This collection of options are common to all tss2 programs and  provide
63       information that many users may expect.
64
65       • -h,  --help  [man|no-man]: Display the tools manpage.  By default, it
66         attempts to invoke the manpager for the  tool,  however,  on  failure
67         will  output  a short tool summary.  This is the same behavior if the
68         "man" option argument is specified, however if explicit "man" is  re‐
69         quested,  the  tool  will  provide errors from man on stderr.  If the
70         "no-man" option if specified, or the manpager fails,  the  short  op‐
71         tions will be output to stdout.
72
73         To  successfully use the manpages feature requires the manpages to be
74         installed or on MANPATH, See man(1) for more details.
75
76       • -v, --version: Display version information for this  tool,  supported
77         tctis and exit.
78

80              tss2_sign --keyPath=HS/SRK/myRSASign --padding="RSA_PSS" --digest=digest.file --signature=signature.file --publicKey=publicKey.file
81

83       0 on success or 1 on failure.
84

86       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
87

89       See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
90
91
92
93tpm2-tools                        APRIL 2019                      tss2_sign(1)

NAME

SYNOPSIS

SEE ALSO

DESCRIPTION

OPTIONS

COMMON OPTIONS

EXAMPLE

RETURNS

BUGS

HELP