1tpm2_createek(1) General Commands Manual tpm2_createek(1)
2
3
4
6 tpm2_createek(1) - Generate TCG profile compliant endorsement key.
7
9 tpm2_createek [OPTIONS]
10
12 tpm2_createek(1) - Generate TCG profile compliant endorsement key (EK),
13 which is the primary object of the endorsement hierarchy.
14
15 If a transient object is generated the tool outputs a context file
16 specified with -c.
17
18 Refer to: <http://www.trustedcomputinggroup.org/files/stat‐
19 ic_page_files/7CAA5687-1A4B-B294-D04080D058E86C5F>
20
22 • -P, --eh-auth=AUTH:
23
24 The authorization value for the endorsement hierarchy
25
26 • -w, --owner-auth=AUTH
27
28 The authorization value for the owner hierarchy.
29
30 • -c, --ek-context=OBJECT or FILE:
31
32 Either a file path or a persistent handle value to save the endorse‐
33 ment key.
34
35 If a value of - is passed the tool will find a vacant persistent han‐
36 dle to use and print out the automatically selected handle.
37
38 If one saves the context file via this option and the public key via
39 the -u option, the EK can be restored via a call to tpm2_loadexter‐
40 nal(1).
41
42 • -G, --key-algorithm=ALGORITHM:
43 The endorsement key algorithm. Supports:
44
45 • ecc - A NIST_P256 key by default. Alternative curves can be se‐
46 lected using algorithm specifiers (e.g. ecc384 or ecc_nist_p384) .
47
48 • rsa - An RSA2048 key.
49
50 • keyedhash - hmac key.
51
52 • -u, --public=FILE:
53
54 The optional input for a file to save the public portion of endorse‐
55 ment key.
56
57 • -t, --template:
58
59 The optional manufacturer defined endorsement key template and nonce
60 from fixed NV Indices to populate the TPM2B_PUBLIC public area. See
61 the TCG EK Credential Profile specification for more information:
62 https://trustedcomputinggroup.org/wp-content/uploads/ TCG_IWG_Creden‐
63 tial_Profile_EK_V2.1_R13.pdf
64
65 • -f, --format:
66
67 Format selection for the public key output file. `tss' (the default)
68 will output a binary blob according to the TPM 2.0 Specification.
69 `pem' will output an OpenSSL compatible PEM encoded public key.
70 `der' will output an OpenSSL compatible DER encoded public key.
71 `tpmt' will output a binary blob of the TPMT_PUBLIC struct referenced
72 by TPM 2.0 specs.
73
74 Public key format.
75
76 References
78 The type of a context object, whether it is a handle or file name, is
79 determined according to the following logic in-order:
80
81 • If the argument is a file path, then the file is loaded as a restored
82 TPM transient object.
83
84 • If the argument is a prefix match on one of:
85
86 • owner: the owner hierarchy
87
88 • platform: the platform hierarchy
89
90 • endorsement: the endorsement hierarchy
91
92 • lockout: the lockout control persistent object
93
94 • If the argument argument can be loaded as a number it will be treat
95 as a handle, e.g. 0x81010013 and used directly._OBJECT_.
96
98 Authorization for use of an object in TPM2.0 can come in 3 different
99 forms: 1. Password 2. HMAC 3. Sessions
100
101 NOTE: “Authorizations default to the EMPTY PASSWORD when not speci‐
102 fied”.
103
104 Passwords
105 Passwords are interpreted in the following forms below using prefix
106 identifiers.
107
108 Note: By default passwords are assumed to be in the string form when
109 they do not have a prefix.
110
111 String
112 A string password, specified by prefix “str:” or it’s absence (raw
113 string without prefix) is not interpreted, and is directly used for au‐
114 thorization.
115
116 Examples
117 foobar
118 str:foobar
119
120 Hex-string
121 A hex-string password, specified by prefix “hex:” is converted from a
122 hexidecimal form into a byte array form, thus allowing passwords with
123 non-printable and/or terminal un-friendly characters.
124
125 Example
126 hex:1122334455667788
127
128 File
129 A file based password, specified be prefix “file:” should be the path
130 of a file containing the password to be read by the tool or a “-” to
131 use stdin. Storing passwords in files prevents information leakage,
132 passwords passed as options can be read from the process list or common
133 shell history features.
134
135 Examples
136 # to use stdin and be prompted
137 file:-
138
139 # to use a file from a path
140 file:path/to/password/file
141
142 # to echo a password via stdin:
143 echo foobar | tpm2_tool -p file:-
144
145 # to use a bash here-string via stdin:
146
147 tpm2_tool -p file:- <<< foobar
148
149 Sessions
150 When using a policy session to authorize the use of an object, prefix
151 the option argument with the session keyword. Then indicate a path to
152 a session file that was created with tpm2_startauthsession(1). Option‐
153 ally, if the session requires an auth value to be sent with the session
154 handle (eg policy password), then append a + and a string as described
155 in the Passwords section.
156
157 Examples
158 To use a session context file called session.ctx.
159
160 session:session.ctx
161
162 To use a session context file called session.ctx AND send the authvalue
163 mypassword.
164
165 session:session.ctx+mypassword
166
167 To use a session context file called session.ctx AND send the HEX auth‐
168 value 0x11223344.
169
170 session:session.ctx+hex:11223344
171
172 PCR Authorizations
173 You can satisfy a PCR policy using the “pcr:” prefix and the PCR mini‐
174 language. The PCR minilanguage is as follows:
175 <pcr-spec>=<raw-pcr-file>
176
177 The PCR spec is documented in in the section “PCR bank specifiers”.
178
179 The raw-pcr-file is an optional argument that contains the output of
180 the raw PCR contents as returned by tpm2_pcrread(1).
181
182 PCR bank specifiers (pcr.md)
183
184 Examples
185 To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
186 er of:
187
188 pcr:sha256:0,1,2,3
189
190 specifying AUTH.
191
193 Options that take algorithms support “nice-names”.
194
195 There are two major algorithm specification string classes, simple and
196 complex. Only certain algorithms will be accepted by the TPM, based on
197 usage and conditions.
198
199 Simple specifiers
200 These are strings with no additional specification data. When creating
201 objects, non-specified portions of an object are assumed to defaults.
202 You can find the list of known “Simple Specifiers” below.
203
204 Asymmetric
205 • rsa
206
207 • ecc
208
209 Symmetric
210 • aes
211
212 • camellia
213
214 • sm4
215
216 Hashing Algorithms
217 • sha1
218
219 • sha256
220
221 • sha384
222
223 • sha512
224
225 • sm3_256
226
227 • sha3_256
228
229 • sha3_384
230
231 • sha3_512
232
233 Keyed Hash
234 • hmac
235
236 • xor
237
238 Signing Schemes
239 • rsassa
240
241 • rsapss
242
243 • ecdsa
244
245 • ecdaa
246
247 • ecschnorr
248
249 • sm2
250
251 Asymmetric Encryption Schemes
252 • oaep
253
254 • rsaes
255
256 • ecdh
257
258 Modes
259 • ctr
260
261 • ofb
262
263 • cbc
264
265 • cfb
266
267 • ecb
268
269 Misc
270 • null
271
272 Complex Specifiers
273 Objects, when specified for creation by the TPM, have numerous algo‐
274 rithms to populate in the public data. Things like type, scheme and
275 asymmetric details, key size, etc. Below is the general format for
276 specifying this data: <type>:<scheme>:<symmetric-details>
277
278 Type Specifiers
279 This portion of the complex algorithm specifier is required. The re‐
280 maining scheme and symmetric details will default based on the type
281 specified and the type of the object being created.
282
283 • aes - Default AES: aes128
284
285 • aes128<mode> - 128 bit AES with optional mode (ctr|ofb|cbc|cfb|ecb).
286 If mode is not specified, defaults to null.
287
288 • aes192<mode> - Same as aes128<mode>, except for a 192 bit key size.
289
290 • aes256<mode> - Same as aes128<mode>, except for a 256 bit key size.
291
292 • sm4 - Default SM4: sm4128
293
294 • sm4128 or sm4_128 <mode> - 128 bit SM4 with optional mode
295 (ctr|ofb|cbc|cfb|ecb). If mode is not specified, defaults to null.
296
297 • ecc - Elliptical Curve, defaults to ecc256.
298
299 • ecc192 or ecc_nist_p192 - 192 bit ECC NIST curve
300
301 • ecc224 or ecc_nist_p224 - 224 bit ECC NIST curve
302
303 • ecc256 or ecc_nist_p256 - 256 bit ECC NIST curve
304
305 • ecc384 or ecc_nist_p384 - 384 bit ECC NIST curve
306
307 • ecc521 or ecc_nist_p521 - 521 bit ECC NIST curve
308
309 • ecc_sm2 or ecc_sm2_p256 - 256 bit SM2 curve
310
311 • rsa - Default RSA: rsa2048
312
313 • rsa1024 - RSA with 1024 bit keysize.
314
315 • rsa2048 - RSA with 2048 bit keysize.
316
317 • rsa3072 - RSA with 3072 bit keysize.
318
319 • rsa4096 - RSA with 4096 bit keysize.
320
321 Scheme Specifiers
322 Next, is an optional field, it can be skipped.
323
324 Schemes are usually Signing Schemes or Asymmetric Encryption Schemes.
325 Most signing schemes take a hash algorithm directly following the sign‐
326 ing scheme. If the hash algorithm is missing, it defaults to sha256.
327 Some take no arguments, and some take multiple arguments.
328
329 Hash Optional Scheme Specifiers
330 These scheme specifiers are followed by a dash and a valid hash algo‐
331 rithm, For example: oaep-sha256.
332
333 • oaep
334
335 • ecdh
336
337 • rsassa
338
339 • rsapss
340
341 • ecdsa
342
343 • ecschnorr
344
345 • sm2
346
347 Multiple Option Scheme Specifiers
348 This scheme specifier is followed by a count (max size UINT16) then
349 followed by a dash(-) and a valid hash algorithm. * ecdaa For example,
350 ecdaa4-sha256. If no count is specified, it defaults to 4.
351
352 No Option Scheme Specifiers
353 This scheme specifier takes NO arguments. * rsaes
354
355 Symmetric Details Specifiers
356 This field is optional, and defaults based on the type of object being
357 created and it’s attributes. Generally, any valid Symmetric specifier
358 from the Type Specifiers list should work. If not specified, an asym‐
359 metric objects symmetric details defaults to aes128cfb.
360
361 Examples
362 Create an rsa2048 key with an rsaes asymmetric encryption scheme
363 tpm2_create -C parent.ctx -G rsa2048:rsaes -u key.pub -r key.priv
364
365 Create an ecc256 key with an ecdaa signing scheme with a count of 4 and
366 sha384 hash
367 /tpm2_create -C parent.ctx -G ecc256:ecdaa4-sha384 -u key.pub -r
368 key.priv cryptographic algorithms ALGORITHM.
369
371 This collection of options are common to many programs and provide in‐
372 formation that many users may expect.
373
374 • -h, --help=[man|no-man]: Display the tools manpage. By default, it
375 attempts to invoke the manpager for the tool, however, on failure
376 will output a short tool summary. This is the same behavior if the
377 “man” option argument is specified, however if explicit “man” is re‐
378 quested, the tool will provide errors from man on stderr. If the
379 “no-man” option if specified, or the manpager fails, the short op‐
380 tions will be output to stdout.
381
382 To successfully use the manpages feature requires the manpages to be
383 installed or on MANPATH, See man(1) for more details.
384
385 • -v, --version: Display version information for this tool, supported
386 tctis and exit.
387
388 • -V, --verbose: Increase the information that the tool prints to the
389 console during its execution. When using this option the file and
390 line number are printed.
391
392 • -Q, --quiet: Silence normal tool output to stdout.
393
394 • -Z, --enable-errata: Enable the application of errata fixups. Useful
395 if an errata fixup needs to be applied to commands sent to the TPM.
396 Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent. in‐
397 formation many users may expect.
398
400 The TCTI or “Transmission Interface” is the communication mechanism
401 with the TPM. TCTIs can be changed for communication with TPMs across
402 different mediums.
403
404 To control the TCTI, the tools respect:
405
406 1. The command line option -T or --tcti
407
408 2. The environment variable: TPM2TOOLS_TCTI.
409
410 Note: The command line option always overrides the environment vari‐
411 able.
412
413 The current known TCTIs are:
414
415 • tabrmd - The resource manager, called tabrmd
416 (https://github.com/tpm2-software/tpm2-abrmd). Note that tabrmd and
417 abrmd as a tcti name are synonymous.
418
419 • mssim - Typically used for communicating to the TPM software simula‐
420 tor.
421
422 • device - Used when talking directly to a TPM device file.
423
424 • none - Do not initalize a connection with the TPM. Some tools allow
425 for off-tpm options and thus support not using a TCTI. Tools that do
426 not support it will error when attempted to be used without a TCTI
427 connection. Does not support ANY options and MUST BE presented as
428 the exact text of “none”.
429
430 The arguments to either the command line option or the environment
431 variable are in the form:
432
433 <tcti-name>:<tcti-option-config>
434
435 Specifying an empty string for either the <tcti-name> or <tcti-op‐
436 tion-config> results in the default being used for that portion respec‐
437 tively.
438
439 TCTI Defaults
440 When a TCTI is not specified, the default TCTI is searched for using
441 dlopen(3) semantics. The tools will search for tabrmd, device and
442 mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND. You can query
443 what TCTI will be chosen as the default by using the -v option to print
444 the version information. The “default-tcti” key-value pair will indi‐
445 cate which of the aforementioned TCTIs is the default.
446
447 Custom TCTIs
448 Any TCTI that implements the dynamic TCTI interface can be loaded. The
449 tools internally use dlopen(3), and the raw tcti-name value is used for
450 the lookup. Thus, this could be a path to the shared library, or a li‐
451 brary name as understood by dlopen(3) semantics.
452
454 This collection of options are used to configure the various known TCTI
455 modules available:
456
457 • device: For the device TCTI, the TPM character device file for use by
458 the device TCTI can be specified. The default is /dev/tpm0.
459
460 Example: -T device:/dev/tpm0 or export TPM2TOOLS_TCTI=“de‐
461 vice:/dev/tpm0”
462
463 • mssim: For the mssim TCTI, the domain name or IP address and port
464 number used by the simulator can be specified. The default are
465 127.0.0.1 and 2321.
466
467 Example: -T mssim:host=localhost,port=2321 or export TPM2TOOLS_TC‐
468 TI=“mssim:host=localhost,port=2321”
469
470 • abrmd: For the abrmd TCTI, the configuration string format is a se‐
471 ries of simple key value pairs separated by a `,' character. Each
472 key and value string are separated by a `=' character.
473
474 • TCTI abrmd supports two keys:
475
476 1. `bus_name' : The name of the tabrmd service on the bus (a
477 string).
478
479 2. `bus_type' : The type of the dbus instance (a string) limited to
480 `session' and `system'.
481
482 Specify the tabrmd tcti name and a config string of bus_name=com.ex‐
483 ample.FooBar:
484
485 \--tcti=tabrmd:bus_name=com.example.FooBar
486
487 Specify the default (abrmd) tcti and a config string of bus_type=ses‐
488 sion:
489
490 \--tcti:bus_type=session
491
492 NOTE: abrmd and tabrmd are synonymous. the various known TCTI mod‐
493 ules.
494
496 Create an RSA Endorsement Key and make it persistent
497 tpm2_createek -P abc123 -w abc123 -c 0x81010001 -G rsa -u ek.pub
498
499 Create an ECC NIST_P384 Endorsement Key and make it persistent
500 tpm2_createek -G ecc384 -c 0x81010002
501
502 Create a transient Endorsement Key, flush it, and reload it.
503 tpm2_createek -G rsa -u ek.pub
504
505 # Check that it is loaded in transient memory
506 tpm2_getcap handles-transient
507 - 0x80000000
508
509 # Flush the handle
510 tpm2_flushcontext 0x80000000
511
512 # Note that it is flushed
513 tpm2_getcap handles-transient
514 <null output>
515
516 # Reload it via loadexternal
517 tpm2_loadexternal -C o -u ek.pub -c ek.ctx
518
519 # Check that it is re-loaded in transient memory
520 tpm2_getcap handles-transient
521 - 0x80000000
522
524 Tools can return any of the following codes:
525
526 • 0 - Success.
527
528 • 1 - General non-specific error.
529
530 • 2 - Options handling error.
531
532 • 3 - Authentication error.
533
534 • 4 - TCTI related error.
535
536 • 5 - Non supported scheme. Applicable to tpm2_testparams.
537
539 Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
540
542 See the Mailing List (https://lists.linuxfoundation.org/mailman/listin‐
543 fo/tpm2)
544
545
546
547tpm2-tools tpm2_createek(1)