1tpm2_loadexternal(1) General Commands Manual tpm2_loadexternal(1)
2
6 tpm2_loadexternal(1) - Load an external object into the TPM.
7
9 tpm2_loadexternal [OPTIONS]
10
12 tpm2_loadexternal(1) - This command loads an external object into the
13 TPM, forgoing TPM protections. Ie, the key material is not protected
14 by the parent object’s seed. The command allows loading of just the
15 public portion of an object or both the public and private portions of
16 an object.
17 The tool outputs the name of the loaded object in a YAML dictionary
19 format with the key name where the value for that key is the name of
20 the object in hex format, for example:
21 name: 000bac25cb8743111c8e1f52f2ee7279d05d3902a18dd1af694db5d1afa7adf1c8b3
23 It also saves a context file for future interactions with the object.
25
27 • -C, --hierarchy=OBJECT:
28 Hierarchy to use for the ticket, optional. Defaults to n, null.
29 Supported options are:
30 • o for the owner hierarchy.
32 • p for the platform hierarchy.
34 • e for the endorsement hierarchy.
36 • n for the null hierarchy.
38 • -G, --key-algorithm=ALGORITHM:
40 The algorithm used by the key to be imported. Supports:
41 • aes - AES 128,192 or 256 key.
43 • rsa - RSA 1024 or 2048 key.
45 • ecc - ECC NIST P192, P224, P256, P384 or P521 public and private
47 key.
48 • -u, --public=FILE:
50 The public portion of the object, this can be one of the following
51 file formats:
52 • TSS - The TSS/TPM format. For example from option -u of command
54 tpm2_create(1).
55 • RSA - OSSL PEM formats. For example public.pem from the command
57 openssl rsa -in private.pem -out public.pem -pubout
58 • ECC - OSSL PEM formats. For example public.pem from the command
60 openssl ec -in private.ecc.pem -out public.ecc.pem -pubout
61 • -r, --private=FILE:
63 The sensitive portion of the object, optional. If one wishes to use
64 the private portion of a key, this must be specified. Like option
65 -u, this command takes files in the following format:
66 • RSA - OSSL PEM formats. For example private.pem from the command
68 openssl genrsa -out private.pem 2048 Since an RSA public key can be
69 derived from the private PEM file, their is no need to specify -u
70 for the public portion.
71 Note: The private portion does not respect TSS formats as it’s impos‐
73 sible to get a TPM2B_SENSITIVE output from a previous command. They
74 are always protected by the TPM as TPM2B_PRIVATE blobs.
75 • -p, --auth=AUTH:
77 The authorization value for the key, optional.
79 • -L, --policy=POLICY_FILE:
81 The input policy file, optional. A file containing the hash of a
83 policy derived from tpm2_createpolicy.
84 • -g, --hash-algorithm=ALGORITHM:
86 The hash algorithm for generating the objects name. This is optional
88 and defaults to sha256 when not specified. However, load external
89 supports having a null name algorithm. In this case, no cryptograph‐
90 ic binding checks between the public and private portions are per‐
91 formed.
92 • -a, --attributes=ATTRIBUTES:
94 The object attributes, optional. The default for created objects is:
96 TPMA_OBJECT_SIGN_ENCRYPT|TPMA_OBJECT_DECRYPT. Optionally, if -p is
97 specified or no -p or -L is specified then TPMA_OBJECT_USERWITHAUTH
98 is added to the default attribute set.
99 Note: If specifying attributes, the TPM will reject certain at‐
101 tributes like TPMA_OBJECT_FIXEDTPM, as those guarantees cannot be
102 made.
103 • -c, --key-context=FILE
105 The file name to save the object context, required.
107 • -n, --name=FILE:
109 An optional file to save the object name, which is in a binary hash
111 format. The size of the hash is based on name algorithm or the -g
112 option.
113 • --passin=OSSL_PEM_FILE_PASSWORD
115 An optional password for an Open SSL (OSSL) provided input file. It
117 mirrors the -passin option of OSSL and is known to support the pass,
118 file, env, fd and plain password formats of openssl. (see man(1)
119 openssl) for more.
120 References
123 The type of a context object, whether it is a handle or file name, is
124 determined according to the following logic in-order:
125 • If the argument is a file path, then the file is loaded as a restored
127 TPM transient object.
128 • If the argument is a prefix match on one of:
130 • owner: the owner hierarchy
132 • platform: the platform hierarchy
134 • endorsement: the endorsement hierarchy
136 • lockout: the lockout control persistent object
138 • If the argument argument can be loaded as a number it will be treat
140 as a handle, e.g. 0x81010013 and used directly._OBJECT_.
141
143 Authorization for use of an object in TPM2.0 can come in 3 different
144 forms: 1. Password 2. HMAC 3. Sessions
145 NOTE: “Authorizations default to the EMPTY PASSWORD when not speci‐
147 fied”.
148 Passwords
150 Passwords are interpreted in the following forms below using prefix
151 identifiers.
152 Note: By default passwords are assumed to be in the string form when
154 they do not have a prefix.
155 String
157 A string password, specified by prefix “str:” or it’s absence (raw
158 string without prefix) is not interpreted, and is directly used for au‐
159 thorization.
160 Examples
162 foobar
163 str:foobar
164 Hex-string
166 A hex-string password, specified by prefix “hex:” is converted from a
167 hexidecimal form into a byte array form, thus allowing passwords with
168 non-printable and/or terminal un-friendly characters.
169 Example
171 hex:0x1122334455667788
172 File
174 A file based password, specified be prefix “file:” should be the path
175 of a file containing the password to be read by the tool or a “-” to
176 use stdin. Storing passwords in files prevents information leakage,
177 passwords passed as options can be read from the process list or common
178 shell history features.
179 Examples
181 # to use stdin and be prompted
182 file:-
183 # to use a file from a path
185 file:path/to/password/file
186 # to echo a password via stdin:
188 echo foobar | tpm2_tool -p file:-
189 # to use a bash here-string via stdin:
191 tpm2_tool -p file:- <<< foobar
193 Sessions
195 When using a policy session to authorize the use of an object, prefix
196 the option argument with the session keyword. Then indicate a path to
197 a session file that was created with tpm2_startauthsession(1). Option‐
198 ally, if the session requires an auth value to be sent with the session
199 handle (eg policy password), then append a + and a string as described
200 in the Passwords section.
201 Examples
203 To use a session context file called session.ctx.
204 session:session.ctx
206 To use a session context file called session.ctx AND send the authvalue
208 mypassword.
209 session:session.ctx+mypassword
211 To use a session context file called session.ctx AND send the HEX auth‐
213 value 0x11223344.
214 session:session.ctx+hex:11223344
216 PCR Authorizations
218 You can satisfy a PCR policy using the “pcr:” prefix and the PCR mini‐
219 language. The PCR minilanguage is as follows:
220 <pcr-spec>=<raw-pcr-file>
221 The PCR spec is documented in in the section “PCR bank specifiers”.
223 The raw-pcr-file is an optional argument that contains the output of
225 the raw PCR contents as returned by tpm2_pcrread(1).
226 PCR bank specifiers (pcr.md)
228 Examples
230 To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
231 er of:
232 pcr:sha256:0,1,2,3
234 specifying AUTH.
236
238 Options that take algorithms support “nice-names”.
239 There are two major algorithm specification string classes, simple and
241 complex. Only certain algorithms will be accepted by the TPM, based on
242 usage and conditions.
243 Simple specifiers
245 These are strings with no additional specification data. When creating
246 objects, non-specified portions of an object are assumed to defaults.
247 You can find the list of known “Simple Specifiers Below”.
248 Asymmetric
250 • rsa
251 • ecc
253 Symmetric
255 • aes
256 • camellia
258 Hashing Algorithms
260 • sha1
261 • sha256
263 • sha384
265 • sha512
267 • sm3_256
269 • sha3_256
271 • sha3_384
273 • sha3_512
275 Keyed Hash
277 • hmac
278 • xor
280 Signing Schemes
282 • rsassa
283 • rsapss
285 • ecdsa
287 • ecdaa
289 • ecschnorr
291 Asymmetric Encryption Schemes
293 • oaep
294 • rsaes
296 • ecdh
298 Modes
300 • ctr
301 • ofb
303 • cbc
305 • cfb
307 • ecb
309 Misc
311 • null
312 Complex Specifiers
314 Objects, when specified for creation by the TPM, have numerous algo‐
315 rithms to populate in the public data. Things like type, scheme and
316 asymmetric details, key size, etc. Below is the general format for
317 specifying this data: <type>:<scheme>:<symmetric-details>
318 Type Specifiers
320 This portion of the complex algorithm specifier is required. The re‐
321 maining scheme and symmetric details will default based on the type
322 specified and the type of the object being created.
323 • aes - Default AES: aes128
325 • aes128<mode> - 128 bit AES with optional mode (ctr|ofb|cbc|cfb|ecb).
327 If mode is not specified, defaults to null.
328 • aes192<mode> - Same as aes128<mode>, except for a 192 bit key size.
330 • aes256<mode> - Same as aes128<mode>, except for a 256 bit key size.
332 • ecc - Elliptical Curve, defaults to ecc256.
334 • ecc192 - 192 bit ECC
336 • ecc224 - 224 bit ECC
338 • ecc256 - 256 bit ECC
340 • ecc384 - 384 bit ECC
342 • ecc521 - 521 bit ECC
344 • rsa - Default RSA: rsa2048
346 • rsa1024 - RSA with 1024 bit keysize.
348 • rsa2048 - RSA with 2048 bit keysize.
350 • rsa4096 - RSA with 4096 bit keysize.
352 Scheme Specifiers
354 Next, is an optional field, it can be skipped.
355 Schemes are usually Signing Schemes or Asymmetric Encryption Schemes.
357 Most signing schemes take a hash algorithm directly following the sign‐
358 ing scheme. If the hash algorithm is missing, it defaults to sha256.
359 Some take no arguments, and some take multiple arguments.
360 Hash Optional Scheme Specifiers
362 These scheme specifiers are followed by a dash and a valid hash algo‐
363 rithm, For example: oaep-sha256.
364 • oaep
366 • ecdh
368 • rsassa
370 • rsapss
372 • ecdsa
374 • ecschnorr
376 Multiple Option Scheme Specifiers
378 This scheme specifier is followed by a count (max size UINT16) then
379 followed by a dash(-) and a valid hash algorithm. * ecdaa For example,
380 ecdaa4-sha256. If no count is specified, it defaults to 4.
381 No Option Scheme Specifiers
383 This scheme specifier takes NO arguments. * rsaes
384 Symmetric Details Specifiers
386 This field is optional, and defaults based on the type of object being
387 created and it’s attributes. Generally, any valid Symmetric specifier
388 from the Type Specifiers list should work. If not specified, an asym‐
389 metric objects symmetric details defaults to aes128cfb.
390 Examples
392 Create an rsa2048 key with an rsaes asymmetric encryption scheme
393 tpm2_create -C parent.ctx -G rsa2048:rsaes -u key.pub -r key.priv
394 Create an ecc256 key with an ecdaa signing scheme with a count of 4 and
396 sha384 hash
397 /tpm2_create -C parent.ctx -G ecc256:ecdaa4-sha384 -u key.pub -r
398 key.priv cryptographic algorithms ALGORITHM.
399
401 Object Attributes are used to control various properties of created ob‐
402 jects. When specified as an option, either the raw bitfield mask or
403 “nice-names” may be used. The values can be found in Table 31 Part 2
404 of the TPM2.0 specification, which can be found here:
405 <https://trustedcomputinggroup.org/wp-content/uploads/TPM-
407 Rev-2.0-Part-2-Structures-01.38.pdf>
408 Nice names are calculated by taking the name field of table 31 and re‐
410 moving the prefix TPMA_OBJECT_ and lowercasing the result. Thus, TP‐
411 MA_OBJECT_FIXEDTPM becomes fixedtpm. Nice names can be joined using
412 the bitwise or “|” symbol.
413 For instance, to set The fields TPMA_OBJECT_FIXEDTPM, TPMA_OBJECT_NODA,
415 and TPMA_OBJECT_SIGN_ENCRYPT, the argument would be:
416 fixedtpm|noda|sign specifying the object attributes ATTRIBUTES.
418
420 This collection of options are common to many programs and provide in‐
421 formation that many users may expect.
422 • -h, --help=[man|no-man]: Display the tools manpage. By default, it
424 attempts to invoke the manpager for the tool, however, on failure
425 will output a short tool summary. This is the same behavior if the
426 “man” option argument is specified, however if explicit “man” is re‐
427 quested, the tool will provide errors from man on stderr. If the
428 “no-man” option if specified, or the manpager fails, the short op‐
429 tions will be output to stdout.
430 To successfully use the manpages feature requires the manpages to be
432 installed or on MANPATH, See man(1) for more details.
433 • -v, --version: Display version information for this tool, supported
435 tctis and exit.
436 • -V, --verbose: Increase the information that the tool prints to the
438 console during its execution. When using this option the file and
439 line number are printed.
440 • -Q, --quiet: Silence normal tool output to stdout.
442 • -Z, --enable-errata: Enable the application of errata fixups. Useful
444 if an errata fixup needs to be applied to commands sent to the TPM.
445 Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent. in‐
446 formation many users may expect.
447
449 The TCTI or “Transmission Interface” is the communication mechanism
450 with the TPM. TCTIs can be changed for communication with TPMs across
451 different mediums.
452 To control the TCTI, the tools respect:
454 1. The command line option -T or --tcti
456 2. The environment variable: TPM2TOOLS_TCTI.
458 Note: The command line option always overrides the environment vari‐
460 able.
461 The current known TCTIs are:
463 • tabrmd - The resource manager, called tabrmd
465 (https://github.com/tpm2-software/tpm2-abrmd). Note that tabrmd and
466 abrmd as a tcti name are synonymous.
467 • mssim - Typically used for communicating to the TPM software simula‐
469 tor.
470 • device - Used when talking directly to a TPM device file.
472 • none - Do not initalize a connection with the TPM. Some tools allow
474 for off-tpm options and thus support not using a TCTI. Tools that do
475 not support it will error when attempted to be used without a TCTI
476 connection. Does not support ANY options and MUST BE presented as
477 the exact text of “none”.
478 The arguments to either the command line option or the environment
480 variable are in the form:
481 <tcti-name>:<tcti-option-config>
483 Specifying an empty string for either the <tcti-name> or <tcti-op‐
485 tion-config> results in the default being used for that portion respec‐
486 tively.
487 TCTI Defaults
489 When a TCTI is not specified, the default TCTI is searched for using
490 dlopen(3) semantics. The tools will search for tabrmd, device and
491 mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND. You can query
492 what TCTI will be chosen as the default by using the -v option to print
493 the version information. The “default-tcti” key-value pair will indi‐
494 cate which of the aforementioned TCTIs is the default.
495 Custom TCTIs
497 Any TCTI that implements the dynamic TCTI interface can be loaded. The
498 tools internally use dlopen(3), and the raw tcti-name value is used for
499 the lookup. Thus, this could be a path to the shared library, or a li‐
500 brary name as understood by dlopen(3) semantics.
501
503 This collection of options are used to configure the various known TCTI
504 modules available:
505 • device: For the device TCTI, the TPM character device file for use by
507 the device TCTI can be specified. The default is /dev/tpm0.
508 Example: -T device:/dev/tpm0 or export TPM2TOOLS_TCTI=“de‐
510 vice:/dev/tpm0”
511 • mssim: For the mssim TCTI, the domain name or IP address and port
513 number used by the simulator can be specified. The default are
514 127.0.0.1 and 2321.
515 Example: -T mssim:host=localhost,port=2321 or export TPM2TOOLS_TC‐
517 TI=“mssim:host=localhost,port=2321”
518 • abrmd: For the abrmd TCTI, the configuration string format is a se‐
520 ries of simple key value pairs separated by a `,' character. Each
521 key and value string are separated by a `=' character.
522 • TCTI abrmd supports two keys:
524 1. `bus_name' : The name of the tabrmd service on the bus (a
526 string).
527 2. `bus_type' : The type of the dbus instance (a string) limited to
529 `session' and `system'.
530 Specify the tabrmd tcti name and a config string of bus_name=com.ex‐
532 ample.FooBar:
533 \--tcti=tabrmd:bus_name=com.example.FooBar
535 Specify the default (abrmd) tcti and a config string of bus_type=ses‐
537 sion:
538 \--tcti:bus_type=session
540 NOTE: abrmd and tabrmd are synonymous. the various known TCTI mod‐
542 ules.
543
545 • If the hierarchy is null or the name hashing algorithm is null, tick‐
546 ets produced using the object will be NULL.
547 • If the private portion of an object is specified, the hierarchy must
549 be null or the TPM will reject loading it.
550
552 Load a TPM generated public key into the owner hierarchy
553 tpm2_createprimary -c primary.ctx
554 tpm2_create -C primary.ctx -u pub.dat -r priv.dat
556 tpm2_loadexternal -C o -u pub.dat -c pub.ctx
558 name: 000b9be4d7c6193a57e1bfc86a42a6b03856a91d2f9e77c6cbdb796a783d52d4b3b9
559 Load an RSA public key into the owner hierarchy
561 openssl genrsa -out private.pem 2048
562 openssl rsa -in private.pem -out public.pem -outform PEM -pubout
564 tpm2_loadexternal -C o -Grsa -u public.pem -c key.ctx
566 name: 000b7b91d304d16995d42792b57d0fb25df7abe5fdd8afe9950730e00dc5b934ddbc
567 Load an RSA key-pair into the null hierarchy
569 openssl genrsa -out private.pem 2048
570 tpm2_loadexternal -C n -Grsa -r private.pem -c key.ctx
572 name: 000b635ea220b6c62ec1d02343859dd203c8ac5dad82ebc5b124e407d2502f88691f
573 Load an AES key into the null hierarchy
575 dd if=/dev/urandom of=sym.key bs=1 count=16
576 tpm2_loadexternal -C n -Gaes -r sym.key -c key.ctx
578 name: 000bfc4d8dd7e4f921bcc9dca4b04f49564243cd9def129a3740002bfd4b9e966d34
579
581 Tools can return any of the following codes:
582 • 0 - Success.
584 • 1 - General non-specific error.
586 • 2 - Options handling error.
588 • 3 - Authentication error.
590 • 4 - TCTI related error.
592 • 5 - Non supported scheme. Applicable to tpm2_testparams.
594
596 Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
597
599 See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
600tpm2-tools tpm2_loadexternal(1)