1tpm2_encryptdecrypt(1)      General Commands Manual     tpm2_encryptdecrypt(1)
2
3
4

NAME

6       tpm2_encryptdecrypt(1) - Performs symmetric encryption or decryption.
7

SYNOPSIS

9       tpm2_encryptdecrypt [OPTIONS] [ARGUMENT]
10

DESCRIPTION

12       tpm2_encryptdecrypt(1)  -  Performs  symmetric encryption or decryption
13       with a specified symmetric key on the contents of FILE.  If FILE is not
14       specified, defaults to stdin.
15

OPTIONS

17-c, --key-context=OBJECT:
18
19         The encryption key object.
20
21-p, --auth=AUTH:
22
23         The authorization value for the encryption key object.
24
25-d, --decrypt:
26
27         Perform a decrypt operation.  Defaults to encryption when this option
28         is not specified.
29
30-e, --pad:
31
32         Enable pkcs7 padding for applicable AES encryption modes cfb/cbc/ecb.
33         Applicable  only  to  encryption  and  for input data with last block
34         shorter than encryption block length.
35
36-o, --output=FILE or STDOUT:
37
38         The output file path for either the encrypted or decrypted data.   If
39         not specified, defaults to stdout.
40
41-G, --mode=ALGORITHM:
42
43         The  key  algorithm  associated with this object.  Defaults to object
44         properties or CFB if not defined.
45
46-t, --iv=FILE:
47
48         Optional initialization vector to use.  Defaults to 0’s.  Syntax  al‐
49         lows  for  an input file and output file source to be specified.  The
50         input file path is first, optionally followed by a colon “:” and  the
51         output  iv  path.   This  output iv can be saved for subsequent calls
52         when chaining.
53
54--cphash=FILE
55
56         File path to record the hash of the command parameters.  This is com‐
57         monly termed as cpHash.  NOTE: When this option is selected, The tool
58         will not actually execute the command, it simply returns a cpHash.
59
60ARGUMENT the command line argument specifies the input file path FILE
61         of the data to encrypt or decrypt.
62
63   References

Context Object Format

65       The  type  of a context object, whether it is a handle or file name, is
66       determined according to the following logic in-order:
67
68       • If the argument is a file path, then the file is loaded as a restored
69         TPM transient object.
70
71       • If the argument is a prefix match on one of:
72
73         • owner: the owner hierarchy
74
75         • platform: the platform hierarchy
76
77         • endorsement: the endorsement hierarchy
78
79         • lockout: the lockout control persistent object
80
81       • If  the  argument argument can be loaded as a number it will be treat
82         as a handle, e.g. 0x81010013 and used directly._OBJECT_.
83

Authorization Formatting

85       Authorization for use of an object in TPM2.0 can come  in  3  different
86       forms: 1.  Password 2.  HMAC 3.  Sessions
87
88       NOTE:  “Authorizations  default  to  the EMPTY PASSWORD when not speci‐
89       fied”.
90
91   Passwords
92       Passwords are interpreted in the following  forms  below  using  prefix
93       identifiers.
94
95       Note:  By  default  passwords are assumed to be in the string form when
96       they do not have a prefix.
97
98   String
99       A string password, specified by prefix  “str:”  or  it’s  absence  (raw
100       string without prefix) is not interpreted, and is directly used for au‐
101       thorization.
102
103   Examples
104              foobar
105              str:foobar
106
107   Hex-string
108       A hex-string password, specified by prefix “hex:” is converted  from  a
109       hexidecimal  form  into a byte array form, thus allowing passwords with
110       non-printable and/or terminal un-friendly characters.
111
112   Example
113              hex:1122334455667788
114
115   File
116       A file based password, specified be prefix “file:” should be  the  path
117       of  a  file  containing the password to be read by the tool or a “-” to
118       use stdin.  Storing passwords in files  prevents  information  leakage,
119       passwords passed as options can be read from the process list or common
120       shell history features.
121
122   Examples
123              # to use stdin and be prompted
124              file:-
125
126              # to use a file from a path
127              file:path/to/password/file
128
129              # to echo a password via stdin:
130              echo foobar | tpm2_tool -p file:-
131
132              # to use a bash here-string via stdin:
133
134              tpm2_tool -p file:- <<< foobar
135
136   Sessions
137       When using a policy session to authorize the use of an  object,  prefix
138       the  option argument with the session keyword.  Then indicate a path to
139       a session file that was created with tpm2_startauthsession(1).  Option‐
140       ally, if the session requires an auth value to be sent with the session
141       handle (eg policy password), then append a + and a string as  described
142       in the Passwords section.
143
144   Examples
145       To use a session context file called session.ctx.
146
147              session:session.ctx
148
149       To use a session context file called session.ctx AND send the authvalue
150       mypassword.
151
152              session:session.ctx+mypassword
153
154       To use a session context file called session.ctx AND send the HEX auth‐
155       value 0x11223344.
156
157              session:session.ctx+hex:11223344
158
159   PCR Authorizations
160       You  can satisfy a PCR policy using the “pcr:” prefix and the PCR mini‐
161       language.      The     PCR     minilanguage     is     as      follows:
162       <pcr-spec>=<raw-pcr-file>
163
164       The PCR spec is documented in in the section “PCR bank specifiers”.
165
166       The  raw-pcr-file  is  an optional argument that contains the output of
167       the raw PCR contents as returned by tpm2_pcrread(1).
168
169       PCR bank specifiers (pcr.md)
170
171   Examples
172       To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
173       er of:
174
175              pcr:sha256:0,1,2,3
176
177       specifying AUTH.
178

Algorithm Specifiers

180       Options that take algorithms support “nice-names”.
181
182       There  are two major algorithm specification string classes, simple and
183       complex.  Only certain algorithms will be accepted by the TPM, based on
184       usage and conditions.
185
186   Simple specifiers
187       These are strings with no additional specification data.  When creating
188       objects, non-specified portions of an object are assumed  to  defaults.
189       You can find the list of known “Simple Specifiers” below.
190
191   Asymmetric
192       • rsa
193
194       • ecc
195
196   Symmetric
197       • aes
198
199       • camellia
200
201       • sm4
202
203   Hashing Algorithms
204       • sha1
205
206       • sha256
207
208       • sha384
209
210       • sha512
211
212       • sm3_256
213
214       • sha3_256
215
216       • sha3_384
217
218       • sha3_512
219
220   Keyed Hash
221       • hmac
222
223       • xor
224
225   Signing Schemes
226       • rsassa
227
228       • rsapss
229
230       • ecdsa
231
232       • ecdaa
233
234       • ecschnorr
235
236       • sm2
237
238   Asymmetric Encryption Schemes
239       • oaep
240
241       • rsaes
242
243       • ecdh
244
245   Modes
246       • ctr
247
248       • ofb
249
250       • cbc
251
252       • cfb
253
254       • ecb
255
256   Misc
257       • null
258
259   Complex Specifiers
260       Objects,  when  specified  for creation by the TPM, have numerous algo‐
261       rithms to populate in the public data.  Things like  type,  scheme  and
262       asymmetric  details,  key  size,  etc.  Below is the general format for
263       specifying this data: <type>:<scheme>:<symmetric-details>
264
265   Type Specifiers
266       This portion of the complex algorithm specifier is required.   The  re‐
267       maining  scheme  and  symmetric  details will default based on the type
268       specified and the type of the object being created.
269
270       • aes - Default AES: aes128
271
272       • aes128<mode> - 128 bit AES with optional mode  (ctr|ofb|cbc|cfb|ecb).
273         If mode is not specified, defaults to null.
274
275       • aes192<mode> - Same as aes128<mode>, except for a 192 bit key size.
276
277       • aes256<mode> - Same as aes128<mode>, except for a 256 bit key size.
278
279       • sm4 - Default SM4: sm4128
280
281       • sm4128   or   sm4_128  <mode>  -  128  bit  SM4  with  optional  mode
282         (ctr|ofb|cbc|cfb|ecb).  If mode is not specified, defaults to null.
283
284       • ecc - Elliptical Curve, defaults to ecc256.
285
286       • ecc192 or ecc_nist_p192 - 192 bit ECC NIST curve
287
288       • ecc224 or ecc_nist_p224 - 224 bit ECC NIST curve
289
290       • ecc256 or ecc_nist_p256 - 256 bit ECC NIST curve
291
292       • ecc384 or ecc_nist_p384 - 384 bit ECC NIST curve
293
294       • ecc521 or ecc_nist_p521 - 521 bit ECC NIST curve
295
296       • ecc_sm2 or ecc_sm2_p256 - 256 bit SM2 curve
297
298       • rsa - Default RSA: rsa2048
299
300       • rsa1024 - RSA with 1024 bit keysize.
301
302       • rsa2048 - RSA with 2048 bit keysize.
303
304       • rsa3072 - RSA with 3072 bit keysize.
305
306       • rsa4096 - RSA with 4096 bit keysize.
307
308   Scheme Specifiers
309       Next, is an optional field, it can be skipped.
310
311       Schemes are usually Signing Schemes or Asymmetric  Encryption  Schemes.
312       Most signing schemes take a hash algorithm directly following the sign‐
313       ing scheme.  If the hash algorithm is missing, it defaults  to  sha256.
314       Some take no arguments, and some take multiple arguments.
315
316   Hash Optional Scheme Specifiers
317       These  scheme  specifiers are followed by a dash and a valid hash algo‐
318       rithm, For example: oaep-sha256.
319
320       • oaep
321
322       • ecdh
323
324       • rsassa
325
326       • rsapss
327
328       • ecdsa
329
330       • ecschnorr
331
332       • sm2
333
334   Multiple Option Scheme Specifiers
335       This scheme specifier is followed by a count  (max  size  UINT16)  then
336       followed by a dash(-) and a valid hash algorithm.  * ecdaa For example,
337       ecdaa4-sha256.  If no count is specified, it defaults to 4.
338
339   No Option Scheme Specifiers
340       This scheme specifier takes NO arguments.  * rsaes
341
342   Symmetric Details Specifiers
343       This field is optional, and defaults based on the type of object  being
344       created  and it’s attributes.  Generally, any valid Symmetric specifier
345       from the Type Specifiers list should work.  If not specified, an  asym‐
346       metric objects symmetric details defaults to aes128cfb.
347
348   Examples
349   Create an rsa2048 key with an rsaes asymmetric encryption scheme
350       tpm2_create -C parent.ctx -G rsa2048:rsaes -u key.pub -r key.priv
351
352   Create  an  ecc256  key  with an ecdaa signing scheme with a count of 4 and
353       sha384 hash
354       /tpm2_create  -C  parent.ctx  -G  ecc256:ecdaa4-sha384  -u  key.pub  -r
355       key.priv cryptographic algorithms ALGORITHM.
356

COMMON OPTIONS

358       This  collection of options are common to many programs and provide in‐
359       formation that many users may expect.
360
361-h, --help=[man|no-man]: Display the tools manpage.  By  default,  it
362         attempts  to  invoke  the  manpager for the tool, however, on failure
363         will output a short tool summary.  This is the same behavior  if  the
364         “man”  option argument is specified, however if explicit “man” is re‐
365         quested, the tool will provide errors from man  on  stderr.   If  the
366         “no-man”  option  if  specified, or the manpager fails, the short op‐
367         tions will be output to stdout.
368
369         To successfully use the manpages feature requires the manpages to  be
370         installed or on MANPATH, See man(1) for more details.
371
372-v,  --version:  Display version information for this tool, supported
373         tctis and exit.
374
375-V, --verbose: Increase the information that the tool prints  to  the
376         console  during  its  execution.  When using this option the file and
377         line number are printed.
378
379-Q, --quiet: Silence normal tool output to stdout.
380
381-Z, --enable-errata: Enable the application of errata fixups.  Useful
382         if  an  errata fixup needs to be applied to commands sent to the TPM.
383         Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent.   in‐
384         formation many users may expect.
385

TCTI Configuration

387       The  TCTI  or  “Transmission  Interface” is the communication mechanism
388       with the TPM.  TCTIs can be changed for communication with TPMs  across
389       different mediums.
390
391       To control the TCTI, the tools respect:
392
393       1. The command line option -T or --tcti
394
395       2. The environment variable: TPM2TOOLS_TCTI.
396
397       Note:  The  command  line option always overrides the environment vari‐
398       able.
399
400       The current known TCTIs are:
401
402       • tabrmd     -     The     resource     manager,     called      tabrmd
403         (https://github.com/tpm2-software/tpm2-abrmd).   Note that tabrmd and
404         abrmd as a tcti name are synonymous.
405
406       • mssim - Typically used for communicating to the TPM software  simula‐
407         tor.
408
409       • device - Used when talking directly to a TPM device file.
410
411       • none  - Do not initalize a connection with the TPM.  Some tools allow
412         for off-tpm options and thus support not using a TCTI.  Tools that do
413         not  support  it  will error when attempted to be used without a TCTI
414         connection.  Does not support ANY options and MUST  BE  presented  as
415         the exact text of “none”.
416
417       The  arguments  to  either  the  command line option or the environment
418       variable are in the form:
419
420       <tcti-name>:<tcti-option-config>
421
422       Specifying an empty string for  either  the  <tcti-name>  or  <tcti-op‐
423       tion-config> results in the default being used for that portion respec‐
424       tively.
425
426   TCTI Defaults
427       When a TCTI is not specified, the default TCTI is  searched  for  using
428       dlopen(3)  semantics.   The  tools  will  search for tabrmd, device and
429       mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND.  You  can  query
430       what TCTI will be chosen as the default by using the -v option to print
431       the version information.  The “default-tcti” key-value pair will  indi‐
432       cate which of the aforementioned TCTIs is the default.
433
434   Custom TCTIs
435       Any TCTI that implements the dynamic TCTI interface can be loaded.  The
436       tools internally use dlopen(3), and the raw tcti-name value is used for
437       the lookup.  Thus, this could be a path to the shared library, or a li‐
438       brary name as understood by dlopen(3) semantics.
439

TCTI OPTIONS

441       This collection of options are used to configure the various known TCTI
442       modules available:
443
444device: For the device TCTI, the TPM character device file for use by
445         the device TCTI can be specified.  The default is /dev/tpm0.
446
447         Example:   -T   device:/dev/tpm0   or   export    TPM2TOOLS_TCTI=“de‐
448         vice:/dev/tpm0”
449
450mssim:  For  the  mssim  TCTI, the domain name or IP address and port
451         number used by the simulator  can  be  specified.   The  default  are
452         127.0.0.1 and 2321.
453
454         Example:  -T  mssim:host=localhost,port=2321  or export TPM2TOOLS_TC‐
455         TI=“mssim:host=localhost,port=2321”
456
457abrmd: For the abrmd TCTI, the configuration string format is  a  se‐
458         ries  of  simple  key value pairs separated by a `,' character.  Each
459         key and value string are separated by a `=' character.
460
461         • TCTI abrmd supports two keys:
462
463           1. `bus_name' : The name of  the  tabrmd  service  on  the  bus  (a
464              string).
465
466           2. `bus_type' : The type of the dbus instance (a string) limited to
467              `session' and `system'.
468
469         Specify the tabrmd tcti name and a config string of  bus_name=com.ex‐
470         ample.FooBar:
471
472                \--tcti=tabrmd:bus_name=com.example.FooBar
473
474         Specify the default (abrmd) tcti and a config string of bus_type=ses‐
475         sion:
476
477                \--tcti:bus_type=session
478
479         NOTE: abrmd and tabrmd are synonymous.  the various known  TCTI  mod‐
480         ules.
481

EXAMPLES

Create an AES key

484              tpm2_createprimary -c primary.ctx
485              tpm2_create -C primary.ctx -Gaes128 -u key.pub -r key.priv
486              tpm2_load -C primary.ctx -u key.pub -r key.priv -c key.ctx
487

Encrypt and Decrypt some data

489              echo "my secret" > secret.dat
490              tpm2_encryptdecrypt -c key.ctx -o secret.enc secret.dat
491              tpm2_encryptdecrypt -d -c key.ctx -o secret.dec secret.enc
492              cat secret.dec
493              my secret
494

Returns

496       Tools can return any of the following codes:
497
498       • 0 - Success.
499
500       • 1 - General non-specific error.
501
502       • 2 - Options handling error.
503
504       • 3 - Authentication error.
505
506       • 4 - TCTI related error.
507
508       • 5 - Non supported scheme.  Applicable to tpm2_testparams.
509

BUGS

511       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
512

HELP

514       See the Mailing List (https://lists.linuxfoundation.org/mailman/listin
515       fo/tpm2)
516
517
518
519tpm2-tools                                              tpm2_encryptdecrypt(1)
Impressum