1tpm2_sign(1)                General Commands Manual               tpm2_sign(1)
2
3
4

NAME

6       tpm2_sign(1) - Sign a hash or message using the TPM.
7

SYNOPSIS

9       tpm2_sign [OPTIONS] [ARGUMENT]
10

DESCRIPTION

12       tpm2_sign(1)  - Generates signature of specified message or message-di‐
13       gest using the specified symmetric or asymmetric signing key.
14
15       When signing a message, tpm2_sign utility first calculates  the  digest
16       of  the  message similar to the tpm2_hash command.  It also generates a
17       validation ticket under TPM2_RH_NULL or TPM2_RH_OWNER  hierarchies  re‐
18       spectively for unrestricted or the restricted signing keys.
19
20       While signing messages is a provision in this tool it is recommended to
21       use the tpm2_hash tool first and pass the digest and validation ticket.
22
23       NOTE: If the signing key is a restricted signing key,  then  validation
24       and  digest  must  be  provided via the -t input.  The ticket indicates
25       that the TPM performed the hash of the message.
26

OPTIONS

28-c, --key-context=OBJECT:
29
30         Context object pointing to the the key used for  signing.   Either  a
31         file or a handle number.  See section "Context Object Format".
32
33-p, --authAUTH:
34
35         Optional  authorization value to use the key specified by -c.  Autho‐
36         rization values should follow  the  "authorization  formatting  stan‐
37         dards", see section "Authorization Formatting".
38
39-g, --hash-algorithm=ALGORITHM:
40
41         The  hash  algorithm  used  to digest the message.  Algorithms should
42         follow the "formatting  standards",  see  section  "Algorithm  Speci‐
43         fiers".   Also, see section "Supported Hash Algorithms" for a list of
44         supported hash algorithms.
45
46-s, --scheme=ALGORITHM:
47
48         The signing scheme used to sign the message.  Optional.
49
50         Signing schemes should follow the "formatting standards", see section
51         "Algorithm Specifiers".
52
53         If  specified, the signature scheme must match the key type.  If left
54         unspecified, a default signature scheme for  the  key  type  will  be
55         used.
56
57-d, --digest:
58
59         Indicate  that  FILE  is a file containing the digest of the message.
60         When this option and -t is specified, a warning is generated and  the
61         validation  ticket  (-t)  is  ignored.  You cannot use this option to
62         sign a digest against a restricted signing key.
63
64-t, --ticket=FILE:
65
66         The ticket file, containing the validation structure, optional.
67
68-o, --signature=FILE:
69
70         The signature file, records the signature structure.
71
72-f, --format=FORMAT:
73
74         Format selection for the signature output file.  See section  "Signa‐
75         ture Format Specifiers".
76
77--cphash=FILE
78
79         File path to record the hash of the command parameters.  This is com‐
80         monly termed as cpHash.  NOTE: When this option is selected, The tool
81         will not actually execute the command, it simply returns a cpHash.
82
83--commit-index=NATURALNUMBER
84
85         The  commit counter value to determine the key index to use in an EC‐
86         DAA signing scheme.  The default counter value is 0.
87
88ARGUMENT the command line argument specifies the file data for sign.
89
90   References

Context Object Format

92       The type of a context object, whether it is a handle or file  name,  is
93       determined according to the following logic in-order:
94
95       • If the argument is a file path, then the file is loaded as a restored
96         TPM transient object.
97
98       • If the argument is a prefix match on one of:
99
100         • owner: the owner hierarchy
101
102         • platform: the platform hierarchy
103
104         • endorsement: the endorsement hierarchy
105
106         • lockout: the lockout control persistent object
107
108       • If the argument argument can be loaded as a number it will  be  treat
109         as a handle, e.g.  0x81010013 and used directly.OBJECT.
110

Authorization Formatting

112       Authorization  for  use  of an object in TPM2.0 can come in 3 different
113       forms: 1.  Password 2.  HMAC 3.  Sessions
114
115       NOTE: "Authorizations default to the EMPTY  PASSWORD  when  not  speci‐
116       fied".
117
118   Passwords
119       Passwords  are  interpreted  in  the following forms below using prefix
120       identifiers.
121
122       Note: By default passwords are assumed to be in the  string  form  when
123       they do not have a prefix.
124
125   String
126       A  string  password,  specified  by  prefix "str:" or it's absence (raw
127       string without prefix) is not interpreted, and is directly used for au‐
128       thorization.
129
130   Examples
131              foobar
132              str:foobar
133
134   Hex-string
135       A  hex-string  password, specified by prefix "hex:" is converted from a
136       hexidecimal form into a byte array form, thus allowing  passwords  with
137       non-printable and/or terminal un-friendly characters.
138
139   Example
140              hex:0x1122334455667788
141
142   File
143       A  file  based password, specified be prefix "file:" should be the path
144       of a file containing the password to be read by the tool or  a  "-"  to
145       use  stdin.   Storing  passwords in files prevents information leakage,
146       passwords passed as options can be read from the process list or common
147       shell history features.
148
149   Examples
150              # to use stdin and be prompted
151              file:-
152
153              # to use a file from a path
154              file:path/to/password/file
155
156              # to echo a password via stdin:
157              echo foobar | tpm2_tool -p file:-
158
159              # to use a bash here-string via stdin:
160
161              tpm2_tool -p file:- <<< foobar
162
163   Sessions
164       When  using  a policy session to authorize the use of an object, prefix
165       the option argument with the session keyword.  Then indicate a path  to
166       a session file that was created with tpm2_startauthsession(1).  Option‐
167       ally, if the session requires an auth value to be sent with the session
168       handle  (eg policy password), then append a + and a string as described
169       in the Passwords section.
170
171   Examples
172       To use a session context file called session.ctx.
173
174              session:session.ctx
175
176       To use a session context file called session.ctx AND send the authvalue
177       mypassword.
178
179              session:session.ctx+mypassword
180
181       To use a session context file called session.ctx AND send the HEX auth‐
182       value 0x11223344.
183
184              session:session.ctx+hex:11223344
185
186   PCR Authorizations
187       You can satisfy a PCR policy using the "pcr:" prefix and the PCR  mini‐
188       language.       The     PCR     minilanguage     is     as     follows:
189       <pcr-spec>=<raw-pcr-file>
190
191       The PCR spec is documented in in the section "PCR bank specifiers".
192
193       The raw-pcr-file is an optional the output of the raw PCR  contents  as
194       returned by tpm2_pcrread(1).
195
196       PCR bank specifiers (common/pcr.md)
197
198   Examples
199       To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
200       er of:
201
202              pcr:sha256:0,1,2,3
203
204       specifying AUTH.
205

Algorithm Specifiers

207       Options that take algorithms support "nice-names".
208
209       There are two major algorithm specification string classes, simple  and
210       complex.  Only certain algorithms will be accepted by the TPM, based on
211       usage and conditions.
212
213   Simple specifiers
214       These are strings with no additional specification data.  When creating
215       objects,  non-specified  portions of an object are assumed to defaults.
216       You can find the list of known "Simple Specifiers Below".
217
218   Asymmetric
219       • rsa
220
221       • ecc
222
223   Symmetric
224       • aes
225
226       • camellia
227
228   Hashing Algorithms
229       • sha1
230
231       • sha256
232
233       • sha384
234
235       • sha512
236
237       • sm3_256
238
239       • sha3_256
240
241       • sha3_384
242
243       • sha3_512
244
245   Keyed Hash
246       • hmac
247
248       • xor
249
250   Signing Schemes
251       • rsassa
252
253       • rsapss
254
255       • ecdsa
256
257       • ecdaa
258
259       • ecschnorr
260
261   Asymmetric Encryption Schemes
262       • oaep
263
264       • rsaes
265
266       • ecdh
267
268   Modes
269       • ctr
270
271       • ofb
272
273       • cbc
274
275       • cfb
276
277       • ecb
278
279   Misc
280       • null
281
282   Complex Specifiers
283       Objects, when specified for creation by the TPM,  have  numerous  algo‐
284       rithms  to  populate  in the public data.  Things like type, scheme and
285       asymmetric details, key size, etc.  Below is  the  general  format  for
286       specifying this data: <type>:<scheme>:<symmetric-details>
287
288   Type Specifiers
289       This  portion  of the complex algorithm specifier is required.  The re‐
290       maining scheme and symmetric details will default  based  on  the  type
291       specified and the type of the object being created.
292
293       • aes - Default AES: aes128
294
295       • aes128<mode>  - 128 bit AES with optional mode (ctr|ofb|cbc|cfb|ecb).
296         If mode is not specified, defaults to null.
297
298       • aes192<mode> - Same as aes128<mode>, except for a 192 bit key size.
299
300       • aes256<mode> - Same as aes128<mode>, except for a 256 bit key size.
301
302       • ecc - Elliptical Curve, defaults to ecc256.
303
304       • ecc192 - 192 bit ECC
305
306       • ecc224 - 224 bit ECC
307
308       • ecc256 - 256 bit ECC
309
310       • ecc384 - 384 bit ECC
311
312       • ecc521 - 521 bit ECC
313
314       • rsa - Default RSA: rsa2048
315
316       • rsa1024 - RSA with 1024 bit keysize.
317
318       • rsa2048 - RSA with 2048 bit keysize.
319
320       • rsa4096 - RSA with 4096 bit keysize.
321
322   Scheme Specifiers
323       Next, is an optional field, it can be skipped.
324
325       Schemes are usually Signing Schemes or Asymmetric  Encryption  Schemes.
326       Most signing schemes take a hash algorithm directly following the sign‐
327       ing scheme.  If the hash algorithm is missing, it defaults  to  sha256.
328       Some take no arguments, and some take multiple arguments.
329
330   Hash Optional Scheme Specifiers
331       These  scheme  specifiers are followed by a dash and a valid hash algo‐
332       rithm, For example: oaep-sha256.
333
334       • oaep
335
336       • ecdh
337
338       • rsassa
339
340       • rsapss
341
342       • ecdsa
343
344       • ecschnorr
345
346   Multiple Option Scheme Specifiers
347       This scheme specifier is followed by a count  (max  size  UINT16)  then
348       followed by a dash(-) and a valid hash algorithm.  * ecdaa For example,
349       ecdaa4-sha256.  If no count is specified, it defaults to 4.
350
351   No Option Scheme Specifiers
352       This scheme specifier takes NO arguments.  * rsaes
353
354   Symmetric Details Specifiers
355       This field is optional, and defaults based on the type of object  being
356       created  and it's attributes.  Generally, any valid Symmetric specifier
357       from the Type Specifiers list should work.  If not specified, an  asym‐
358       metric objects symmetric details defaults to aes128cfb.
359
360   Examples
361   Create an rsa2048 key with an rsaes asymmetric encryption scheme
362       tpm2_create -C parent.ctx -G rsa2048:rsaes -u key.pub -r key.priv
363
364   Create an ecc256 key with an ecdaa signing scheme with a count of 4
365       and sha384 hash
366
367       /tpm2_create -C parent.ctx -G ecc256:ec‐
368       daa4-sha384 -u key.pub -r key.priv cryptographic algorithms ALGORITHM.
369

COMMON OPTIONS

371       This collection of options are common to many programs and provide  in‐
372       formation that many users may expect.
373
374-h,  --help=[man|no-man]:  Display the tools manpage.  By default, it
375         attempts to invoke the manpager for the  tool,  however,  on  failure
376         will  output  a short tool summary.  This is the same behavior if the
377         "man" option argument is specified, however if explicit "man" is  re‐
378         quested,  the  tool  will  provide errors from man on stderr.  If the
379         "no-man" option if specified, or the manpager fails,  the  short  op‐
380         tions will be output to stdout.
381
382         To  successfully use the manpages feature requires the manpages to be
383         installed or on MANPATH, See man(1) for more details.
384
385-v, --version: Display version information for this  tool,  supported
386         tctis and exit.
387
388-V,  --verbose:  Increase the information that the tool prints to the
389         console during its execution.  When using this option  the  file  and
390         line number are printed.
391
392-Q, --quiet: Silence normal tool output to stdout.
393
394-Z, --enable-errata: Enable the application of errata fixups.  Useful
395         if an errata fixup needs to be applied to commands sent to  the  TPM.
396         Defining  the environment TPM2TOOLS_ENABLE_ERRATA is equivalent.  in‐
397         formation many users may expect.
398

TCTI Configuration

400       The TCTI or "Transmission Interface"  is  the  communication  mechanism
401       with  the TPM.  TCTIs can be changed for communication with TPMs across
402       different mediums.
403
404       To control the TCTI, the tools respect:
405
406       1. The command line option -T or --tcti
407
408       2. The environment variable: TPM2TOOLS_TCTI.
409
410       Note: The command line option always overrides  the  environment  vari‐
411       able.
412
413       The current known TCTIs are:
414
415       • tabrmd      -     The     resource     manager,     called     tabrmd
416         (https://github.com/tpm2-software/tpm2-abrmd).  Note that tabrmd  and
417         abrmd as a tcti name are synonymous.
418
419       • mssim  - Typically used for communicating to the TPM software simula‐
420         tor.
421
422       • device - Used when talking directly to a TPM device file.
423
424       • none - Do not initalize a connection with the TPM.  Some tools  allow
425         for off-tpm options and thus support not using a TCTI.  Tools that do
426         not support it will error when attempted to be used  without  a  TCTI
427         connection.   Does  not  support ANY options and MUST BE presented as
428         the exact text of "none".
429
430       The arguments to either the command  line  option  or  the  environment
431       variable are in the form:
432
433       <tcti-name>:<tcti-option-config>
434
435       Specifying  an  empty  string  for  either the <tcti-name> or <tcti-op‐
436       tion-config> results in the default being used for that portion respec‐
437       tively.
438
439   TCTI Defaults
440       When  a  TCTI  is not specified, the default TCTI is searched for using
441       dlopen(3) semantics.  The tools will  search  for  tabrmd,  device  and
442       mssim  TCTIs  IN THAT ORDER and USE THE FIRST ONE FOUND.  You can query
443       what TCTI will be chosen as the default by using the -v option to print
444       the  version information.  The "default-tcti" key-value pair will indi‐
445       cate which of the aforementioned TCTIs is the default.
446
447   Custom TCTIs
448       Any TCTI that implements the dynamic TCTI interface can be loaded.  The
449       tools internally use dlopen(3), and the raw tcti-name value is used for
450       the lookup.  Thus, this could be a path to the shared library, or a li‐
451       brary name as understood by dlopen(3) semantics.
452

TCTI OPTIONS

454       This collection of options are used to configure the various known TCTI
455       modules available:
456
457device: For the device TCTI, the TPM character device file for use by
458         the device TCTI can be specified.  The default is /dev/tpm0.
459
460         Example:    -T   device:/dev/tpm0   or   export   TPM2TOOLS_TCTI="de‐
461         vice:/dev/tpm0"
462
463        mssim: For the mssim TCTI, the domain name or  IP  address  and  port
464         number  used  by  the  simulator  can  be specified.  The default are
465         127.0.0.1 and 2321.
466
467         Example: -T mssim:host=localhost,port=2321  or  export  TPM2TOOLS_TC‐
468         TI="mssim:host=localhost,port=2321"
469
470        abrmd:  For  the abrmd TCTI, the configuration string format is a se‐
471         ries of simple key value pairs separated by a  ','  character.   Each
472         key and value string are separated by a '=' character.
473
474         • TCTI abrmd supports two keys:
475
476           1. 'bus_name'  :  The  name  of  the  tabrmd  service on the bus (a
477              string).
478
479           2. 'bus_type' : The type of the dbus instance (a string) limited to
480              'session' and 'system'.
481
482         Specify  the tabrmd tcti name and a config string of bus_name=com.ex‐
483         ample.FooBar:
484
485         \--tcti=tabrmd:bus_name=com.example.FooBar
486
487         Specify the default (abrmd) tcti and a config string of bus_type=ses‐
488         sion:
489
490         \--tcti:bus_type=session
491
492         NOTE:  abrmd  and tabrmd are synonymous.  the various known TCTI mod‐
493         ules.
494

Signature Format Specifiers

496       Format selection for the signature output file.  tss (the default) will
497       output a binary blob according to the TPM 2.0 specification and any po‐
498       tential compiler padding.  The option plain will output the plain  sig‐
499       nature data as defined by the used cryptographic algorithm.
500

EXAMPLES

502   Sign and verify with the TPM using the endorsement
503       hierarchy
504
505              tpm2_createprimary -C e -c primary.ctx
506
507              tpm2_create -G rsa -u rsa.pub -r rsa.priv -C primary.ctx
508
509              tpm2_load -C primary.ctx -u rsa.pub -r rsa.priv -c rsa.ctx
510
511              echo "my message" > message.dat
512
513              tpm2_sign -c rsa.ctx -g sha256 -o sig.rssa message.dat
514
515              tpm2_verifysignature -c rsa.ctx -g sha256 -s sig.rssa -m message.dat
516
517   Sign with the TPM and verify with OSSL
518              openssl ecparam -name prime256v1 -genkey -noout -out private.ecc.pem
519
520              openssl ec -in private.ecc.pem -out public.ecc.pem -pubout
521
522              # Generate a hash to sign
523              echo "data to sign" > data.in.raw
524
525              sha256sum data.in.raw | awk '{ print "000000 " $1 }' | \
526              xxd -r -c 32 > data.in.digest
527
528              # Load the private key for signing
529              tpm2_loadexternal -Q -G ecc -r private.ecc.pem -c key.ctx
530
531              # Sign in the TPM and verify with OSSL
532              tpm2_sign -Q -c key.ctx -g sha256 -d -f plain -o data.out.signed data.in.digest
533
534              openssl dgst -verify public.ecc.pem -keyform pem -sha256 \
535              -signature data.out.signed data.in.raw
536

Returns

538       Tools can return any of the following codes:
539
540       • 0 - Success.
541
542       • 1 - General non-specific error.
543
544       • 2 - Options handling error.
545
546       • 3 - Authentication error.
547
548       • 4 - TCTI related error.
549
550       • 5 - Non supported scheme.  Applicable to tpm2_testparams.
551

BUGS

553       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
554

HELP

556       See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
557
558
559
560tpm2-tools                                                        tpm2_sign(1)
Impressum