tsscreate(1)

1TSSCREATE(1)                     User Commands                    TSSCREATE(1)
2
3
4

NAME

6       tsscreate - Runs TPM2 create
7

DESCRIPTION

9       create
10
11       Runs TPM2_Create
12
13       -hp parent handle
14
15              [Asymmetric Key Algorithm]
16
17       -rsa [keybits] (default)
18
19              (2048 default)
20
21       -ecc curve
22
23              bnp256 nistp256 nistp384
24
25              Key attributes
26
27       -bl    data blob for unseal (create only) requires -if
28
29       -den   decryption, (unrestricted, RSA and EC NULL scheme)
30
31       -deo   decryption, (unrestricted, RSA OAEP, EC NULL scheme)
32
33       -dee   decryption, (unrestricted, RSA ES, EC NULL scheme)
34
35       -des   encryption/decryption,  AES symmetric [-116 for TPM rev 116 com‐
36              patibility]
37
38       -st    storage (restricted) [default for primary keys]
39
40       -si    unrestricted signing (RSA and EC NULL scheme)
41
42       -sir   restricted signing (RSA RSASSA, EC ECDSA scheme)
43
44       -dau   unrestricted ECDAA signing key pair
45
46       -dar   restricted ECDAA signing key pair
47
48       -kh    keyed hash (unrestricted, hmac)
49
50       -khr   keyed hash (restricted, hmac)
51
52       -dp    derivation parent
53
54       -gp    general purpose, not storage
55
56       [-kt   (can be specified more than once)] f       fixedTPM (default for
57              primary  keys  and  derivation parents) p       fixedParent (de‐
58              fault for  primary  keys  and  derivation  parents)  nf       no
59              fixedTPM  (default  for non-primary keys) np      no fixedParent
60              (default for non-primary  keys)  ed       encrypted  duplication
61              (default not set)
62
63       [-da   object subject to DA protection (default no)]
64
65       [-pol  policy file (default empty)]
66
67       [-uwa  userWithAuth attribute clear (default set)]
68
69       [-if   data (inSensitive) file name]
70
71       [-nalg name  hash  algorithm  (sha1,  sha256,  sha384, sha512) (default
72              sha256)]
73
74       [-halg scheme hash algorithm (sha1, sha256,  sha384,  sha512)  (default
75              sha256)]
76
77       [-pwdk password for key (default empty)]
78
79       [-pwdp password for parent key (default empty)]
80
81       [-opu  public key file name (default do not save)]
82
83       [-opr  private key file name (default do not save)]
84
85       [-opem public key PEM format file name (default do not save)]
86
87       [-tk   output ticket file name (default do not save)]
88
89       [-ch   output creation hash file name (default do not save)]
90
91       -se[0-2] session handle / attributes (default PWAP)
92
93       01     continue
94
95       20     command decrypt
96
97       40     response encrypt
98
99
100
101tsscreate 1.6                    November 2020                    TSSCREATE(1)