tpm2_nvcertify(1)

1tpm2_nvcertify(1)           General Commands Manual          tpm2_nvcertify(1)
2
3
4

6       tpm2_nvcertify(1)  -  Provides attestation of the contents of an NV in‐
7       dex.
8

10       tpm2_nvcertify [OPTIONS] [ARGUMENTS]
11

13       tpm2_nvcertify(1) - Provides attestation of the contents of an  NV  in‐
14       dex.   NOTE:  As  part of the attestation output, the NV index contents
15       are revealed.
16

18       These options control the certification:
19
20       • -C, --signingkey-context=OBJECT:
21
22         The key object that signs the attestation structure.
23
24       • -P, --signingkey-auth=AUTH:
25
26         The authorization value provided for the object specified with -C.
27
28       • -c, --nvauthobj-context=OBJECT:
29
30         The object that is the authorization handle for the NV object.  It is
31         either  the  NV  index handle itself or the platform/ owner hierarchy
32         handle.  If not specified it defaults to the NV index handle.
33
34       • -p, --nvauthobj-auth=AUTH:
35
36         The authorization value provided for the object specified with -c.
37
38       • -g, --hash-algorithm=ALGORITHM:
39
40         The hash algorithm to use in signature generation.
41
42       • -s, --scheme=ALGORITHM:
43
44         The signing scheme used to sign the attestation data.
45
46       • -f, --format=FORMAT:
47
48         Format selection for the signature output file.
49
50       • -o, --signature=FILE:
51
52         Output file name for the signature data.
53
54       • -q, --qualification=FILE_OR_HEX_STR:
55
56         Optional, the policy qualifier data that the signer can choose to in‐
57         clude in the signature.  Can be either a hex string or path.
58
59       • --size=NATURAL_NUMBER:
60
61         Specifies  the  size  of data to be read in bytes, starting from 0 if
62         offset is not specified.  If not specified, the size of the  data  as
63         reported by the public portion of the index will be used.
64
65       • --offset=NATURAL_NUMBER:
66
67         The offset within the NV index to start reading from.
68
69       • –attestation=FILE:
70
71         The attestation data of the type TPM2_CREATION_INFO signed with sign‐
72         ing key.
73
74       • --cphash=FILE
75
76         File path to record the hash of the command parameters.  This is com‐
77         monly termed as cpHash.  NOTE: When this option is selected, The tool
78         will not actually execute the command, it simply returns a cpHash.
79
80       • ARGUMENT the command line argument specifies the NV index  or  offset
81         number.
82
83   References

85       The  type  of a context object, whether it is a handle or file name, is
86       determined according to the following logic in-order:
87
88       • If the argument is a file path, then the file is loaded as a restored
89         TPM transient object.
90
91       • If the argument is a prefix match on one of:
92
93         • owner: the owner hierarchy
94
95         • platform: the platform hierarchy
96
97         • endorsement: the endorsement hierarchy
98
99         • lockout: the lockout control persistent object
100
101       • If  the  argument argument can be loaded as a number it will be treat
102         as a handle, e.g. 0x81010013 and used directly._OBJECT_.
103

105       Authorization for use of an object in TPM2.0 can come  in  3  different
106       forms: 1.  Password 2.  HMAC 3.  Sessions
107
108       NOTE:  “Authorizations  default  to  the EMPTY PASSWORD when not speci‐
109       fied”.
110
111   Passwords
112       Passwords are interpreted in the following  forms  below  using  prefix
113       identifiers.
114
115       Note:  By  default  passwords are assumed to be in the string form when
116       they do not have a prefix.
117
118   String
119       A string password, specified by prefix  “str:”  or  it’s  absence  (raw
120       string without prefix) is not interpreted, and is directly used for au‐
121       thorization.
122
123   Examples
124              foobar
125              str:foobar
126
127   Hex-string
128       A hex-string password, specified by prefix “hex:” is converted  from  a
129       hexidecimal  form  into a byte array form, thus allowing passwords with
130       non-printable and/or terminal un-friendly characters.
131
132   Example
133              hex:0x1122334455667788
134
135   File
136       A file based password, specified be prefix “file:” should be  the  path
137       of  a  file  containing the password to be read by the tool or a “-” to
138       use stdin.  Storing passwords in files  prevents  information  leakage,
139       passwords passed as options can be read from the process list or common
140       shell history features.
141
142   Examples
143              # to use stdin and be prompted
144              file:-
145
146              # to use a file from a path
147              file:path/to/password/file
148
149              # to echo a password via stdin:
150              echo foobar | tpm2_tool -p file:-
151
152              # to use a bash here-string via stdin:
153
154              tpm2_tool -p file:- <<< foobar
155
156   Sessions
157       When using a policy session to authorize the use of an  object,  prefix
158       the  option argument with the session keyword.  Then indicate a path to
159       a session file that was created with tpm2_startauthsession(1).  Option‐
160       ally, if the session requires an auth value to be sent with the session
161       handle (eg policy password), then append a + and a string as  described
162       in the Passwords section.
163
164   Examples
165       To use a session context file called session.ctx.
166
167              session:session.ctx
168
169       To use a session context file called session.ctx AND send the authvalue
170       mypassword.
171
172              session:session.ctx+mypassword
173
174       To use a session context file called session.ctx AND send the HEX auth‐
175       value 0x11223344.
176
177              session:session.ctx+hex:11223344
178
179   PCR Authorizations
180       You  can satisfy a PCR policy using the “pcr:” prefix and the PCR mini‐
181       language.      The     PCR     minilanguage     is     as      follows:
182       <pcr-spec>=<raw-pcr-file>
183
184       The PCR spec is documented in in the section “PCR bank specifiers”.
185
186       The  raw-pcr-file  is  an optional argument that contains the output of
187       the raw PCR contents as returned by tpm2_pcrread(1).
188
189       PCR bank specifiers (pcr.md)
190
191   Examples
192       To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
193       er of:
194
195              pcr:sha256:0,1,2,3
196
197       specifying AUTH.
198

200       Options that take algorithms support “nice-names”.
201
202       There  are two major algorithm specification string classes, simple and
203       complex.  Only certain algorithms will be accepted by the TPM, based on
204       usage and conditions.
205
206   Simple specifiers
207       These are strings with no additional specification data.  When creating
208       objects, non-specified portions of an object are assumed  to  defaults.
209       You can find the list of known “Simple Specifiers Below”.
210
211   Asymmetric
212       • rsa
213
214       • ecc
215
216   Symmetric
217       • aes
218
219       • camellia
220
221   Hashing Algorithms
222       • sha1
223
224       • sha256
225
226       • sha384
227
228       • sha512
229
230       • sm3_256
231
232       • sha3_256
233
234       • sha3_384
235
236       • sha3_512
237
238   Keyed Hash
239       • hmac
240
241       • xor
242
243   Signing Schemes
244       • rsassa
245
246       • rsapss
247
248       • ecdsa
249
250       • ecdaa
251
252       • ecschnorr
253
254   Asymmetric Encryption Schemes
255       • oaep
256
257       • rsaes
258
259       • ecdh
260
261   Modes
262       • ctr
263
264       • ofb
265
266       • cbc
267
268       • cfb
269
270       • ecb
271
272   Misc
273       • null
274
275   Complex Specifiers
276       Objects,  when  specified  for creation by the TPM, have numerous algo‐
277       rithms to populate in the public data.  Things like  type,  scheme  and
278       asymmetric  details,  key  size,  etc.  Below is the general format for
279       specifying this data: <type>:<scheme>:<symmetric-details>
280
281   Type Specifiers
282       This portion of the complex algorithm specifier is required.   The  re‐
283       maining  scheme  and  symmetric  details will default based on the type
284       specified and the type of the object being created.
285
286       • aes - Default AES: aes128
287
288       • aes128<mode> - 128 bit AES with optional mode  (ctr|ofb|cbc|cfb|ecb).
289         If mode is not specified, defaults to null.
290
291       • aes192<mode> - Same as aes128<mode>, except for a 192 bit key size.
292
293       • aes256<mode> - Same as aes128<mode>, except for a 256 bit key size.
294
295       • ecc - Elliptical Curve, defaults to ecc256.
296
297       • ecc192 - 192 bit ECC
298
299       • ecc224 - 224 bit ECC
300
301       • ecc256 - 256 bit ECC
302
303       • ecc384 - 384 bit ECC
304
305       • ecc521 - 521 bit ECC
306
307       • rsa - Default RSA: rsa2048
308
309       • rsa1024 - RSA with 1024 bit keysize.
310
311       • rsa2048 - RSA with 2048 bit keysize.
312
313       • rsa4096 - RSA with 4096 bit keysize.
314
315   Scheme Specifiers
316       Next, is an optional field, it can be skipped.
317
318       Schemes  are  usually Signing Schemes or Asymmetric Encryption Schemes.
319       Most signing schemes take a hash algorithm directly following the sign‐
320       ing  scheme.   If the hash algorithm is missing, it defaults to sha256.
321       Some take no arguments, and some take multiple arguments.
322
323   Hash Optional Scheme Specifiers
324       These scheme specifiers are followed by a dash and a valid  hash  algo‐
325       rithm, For example: oaep-sha256.
326
327       • oaep
328
329       • ecdh
330
331       • rsassa
332
333       • rsapss
334
335       • ecdsa
336
337       • ecschnorr
338
339   Multiple Option Scheme Specifiers
340       This  scheme  specifier  is  followed by a count (max size UINT16) then
341       followed by a dash(-) and a valid hash algorithm.  * ecdaa For example,
342       ecdaa4-sha256.  If no count is specified, it defaults to 4.
343
344   No Option Scheme Specifiers
345       This scheme specifier takes NO arguments.  * rsaes
346
347   Symmetric Details Specifiers
348       This  field is optional, and defaults based on the type of object being
349       created and it’s attributes.  Generally, any valid Symmetric  specifier
350       from  the Type Specifiers list should work.  If not specified, an asym‐
351       metric objects symmetric details defaults to aes128cfb.
352
353   Examples
354   Create an rsa2048 key with an rsaes asymmetric encryption scheme
355       tpm2_create -C parent.ctx -G rsa2048:rsaes -u key.pub -r key.priv
356
357   Create an ecc256 key with an ecdaa signing scheme with a  count  of  4  and
358       sha384 hash
359       /tpm2_create  -C  parent.ctx  -G  ecc256:ecdaa4-sha384  -u  key.pub  -r
360       key.priv cryptographic algorithms ALGORITHM.
361

363       Format selection for the signature output file.  tss (the default) will
364       output a binary blob according to the TPM 2.0 specification and any po‐
365       tential compiler padding.  The option plain will output the plain  sig‐
366       nature  data as defined by the used cryptographic algorithm.  signature
367       FORMAT.
368

370       This collection of options are common to many programs and provide  in‐
371       formation that many users may expect.
372
373       • -h,  --help=[man|no-man]:  Display the tools manpage.  By default, it
374         attempts to invoke the manpager for the  tool,  however,  on  failure
375         will  output  a short tool summary.  This is the same behavior if the
376         “man” option argument is specified, however if explicit “man” is  re‐
377         quested,  the  tool  will  provide errors from man on stderr.  If the
378         “no-man” option if specified, or the manpager fails,  the  short  op‐
379         tions will be output to stdout.
380
381         To  successfully use the manpages feature requires the manpages to be
382         installed or on MANPATH, See man(1) for more details.
383
384       • -v, --version: Display version information for this  tool,  supported
385         tctis and exit.
386
387       • -V,  --verbose:  Increase the information that the tool prints to the
388         console during its execution.  When using this option  the  file  and
389         line number are printed.
390
391       • -Q, --quiet: Silence normal tool output to stdout.
392
393       • -Z, --enable-errata: Enable the application of errata fixups.  Useful
394         if an errata fixup needs to be applied to commands sent to  the  TPM.
395         Defining  the environment TPM2TOOLS_ENABLE_ERRATA is equivalent.  in‐
396         formation many users may expect.
397

399       The TCTI or “Transmission Interface”  is  the  communication  mechanism
400       with  the TPM.  TCTIs can be changed for communication with TPMs across
401       different mediums.
402
403       To control the TCTI, the tools respect:
404
405       1. The command line option -T or --tcti
406
407       2. The environment variable: TPM2TOOLS_TCTI.
408
409       Note: The command line option always overrides  the  environment  vari‐
410       able.
411
412       The current known TCTIs are:
413
414       • tabrmd      -     The     resource     manager,     called     tabrmd
415         (https://github.com/tpm2-software/tpm2-abrmd).  Note that tabrmd  and
416         abrmd as a tcti name are synonymous.
417
418       • mssim  - Typically used for communicating to the TPM software simula‐
419         tor.
420
421       • device - Used when talking directly to a TPM device file.
422
423       • none - Do not initalize a connection with the TPM.  Some tools  allow
424         for off-tpm options and thus support not using a TCTI.  Tools that do
425         not support it will error when attempted to be used  without  a  TCTI
426         connection.   Does  not  support ANY options and MUST BE presented as
427         the exact text of “none”.
428
429       The arguments to either the command  line  option  or  the  environment
430       variable are in the form:
431
432       <tcti-name>:<tcti-option-config>
433
434       Specifying  an  empty  string  for  either the <tcti-name> or <tcti-op‐
435       tion-config> results in the default being used for that portion respec‐
436       tively.
437
438   TCTI Defaults
439       When  a  TCTI  is not specified, the default TCTI is searched for using
440       dlopen(3) semantics.  The tools will  search  for  tabrmd,  device  and
441       mssim  TCTIs  IN THAT ORDER and USE THE FIRST ONE FOUND.  You can query
442       what TCTI will be chosen as the default by using the -v option to print
443       the  version information.  The “default-tcti” key-value pair will indi‐
444       cate which of the aforementioned TCTIs is the default.
445
446   Custom TCTIs
447       Any TCTI that implements the dynamic TCTI interface can be loaded.  The
448       tools internally use dlopen(3), and the raw tcti-name value is used for
449       the lookup.  Thus, this could be a path to the shared library, or a li‐
450       brary name as understood by dlopen(3) semantics.
451

453       This collection of options are used to configure the various known TCTI
454       modules available:
455
456       • device: For the device TCTI, the TPM character device file for use by
457         the device TCTI can be specified.  The default is /dev/tpm0.
458
459         Example:    -T   device:/dev/tpm0   or   export   TPM2TOOLS_TCTI=“de‐
460         vice:/dev/tpm0”
461
462       • mssim: For the mssim TCTI, the domain name or  IP  address  and  port
463         number  used  by  the  simulator  can  be specified.  The default are
464         127.0.0.1 and 2321.
465
466         Example: -T mssim:host=localhost,port=2321  or  export  TPM2TOOLS_TC‐
467         TI=“mssim:host=localhost,port=2321”
468
469       • abrmd:  For  the abrmd TCTI, the configuration string format is a se‐
470         ries of simple key value pairs separated by a  `,'  character.   Each
471         key and value string are separated by a `=' character.
472
473         • TCTI abrmd supports two keys:
474
475           1. `bus_name'  :  The  name  of  the  tabrmd  service on the bus (a
476              string).
477
478           2. `bus_type' : The type of the dbus instance (a string) limited to
479              `session' and `system'.
480
481         Specify  the tabrmd tcti name and a config string of bus_name=com.ex‐
482         ample.FooBar:
483
484                \--tcti=tabrmd:bus_name=com.example.FooBar
485
486         Specify the default (abrmd) tcti and a config string of bus_type=ses‐
487         sion:
488
489                \--tcti:bus_type=session
490
491         NOTE:  abrmd  and tabrmd are synonymous.  the various known TCTI mod‐
492         ules.
493

495              tpm2_nvdefine -s 32 -a "authread|authwrite" 1
496
497              dd if=/dev/urandom bs=1 count=32 status=none| \
498              tpm2_nvwrite 1 -i-
499
500              tpm2_createprimary -C o -c primary.ctx -Q
501
502              tpm2_create -G rsa -u rsa.pub -r rsa.priv -C primary.ctx -c signing_key.ctx -Q
503
504              tpm2_readpublic -c signing_key.ctx -f pem -o sslpub.pem -Q
505
506              tpm2_nvcertify -C signing_key.ctx -g sha256 -f plain -s rsassa \
507              -o signature.bin --attestation attestation.bin --size 32 1
508

510       Tools can return any of the following codes:
511
512       • 0 - Success.
513
514       • 1 - General non-specific error.
515
516       • 2 - Options handling error.
517
518       • 3 - Authentication error.
519
520       • 4 - TCTI related error.
521
522       • 5 - Non supported scheme.  Applicable to tpm2_testparams.
523

525       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
526

528       See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
529
530
531
532tpm2-tools                                                   tpm2_nvcertify(1)

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

Context Object Format

Authorization Formatting

Algorithm Specifiers

Signature Format Specifiers

COMMON OPTIONS

TCTI Configuration

TCTI OPTIONS

EXAMPLES

Returns

BUGS

HELP