1tpm2_certifycreation(1) General Commands Manual tpm2_certifycreation(1)
2
6 tpm2_certifycreation(1) - Attest the association between a loaded pub‐
7 lic area and the provided hash of the creation data.
8
10 tpm2_certifycreation [OPTIONS]
11
13 tpm2_certifycreation(1) - Attest the association between a loaded pub‐
14 lic area and the provided hash of the creation data. The creation data
15 and the creation ticket is produced when creating the object. The ob‐
16 ject itself is created with either TPM2_CreatePrimary or TPM2_Create
17 commands.
18
20 • -C, --signingkey-context=OBJECT:
21 Context object pointing to the key used that signs the attestation.
23 • -P, --signingkey-auth_AUTH_:
25 Optional authorization value to use for the key specified by -C.
27 • -c, --certifiedkey-context=OBJECT:
29 Context object pointing to the key that has to be certified.
31 • -g, --hash-algorithm=ALGORITHM:
33 The hash algorithm used to digest the creation data.
35 • -s, --scheme=ALGORITHM:
37 The signing scheme used to sign the attestation data.
39 • -d, --creation-hash=FILE
41 File containing the digest of the creation data.
43 • -t, --ticket=FILE:
45 The ticket file to validate that the creation data was produced by
47 the TPM.
48 • -o, --signature=FILE:
50 File containing the signature of the attestation data for the certi‐
52 fied key.
53 • -f, --format=FORMAT:
55 Output signature format selection.
57 • –attestation=FILE:
59 The attestation data of the type TPM2_CREATION_INFO signed with sign‐
61 ing key.
62 • -q, --qualification=FILE_OR_HEX:
64 Optional, the policy qualifier data that the signer can choose to in‐
66 clude in the signature. Can either be a path or hex string.
67 • --cphash=FILE
69 File path to record the hash of the command parameters. This is com‐
71 monly termed as cpHash. NOTE: When this option is selected, The tool
72 will not actually execute the command, it simply returns a cpHash,
73 unless rphash is also required.
74 • --rphash=FILE
76 File path to record the hash of the response parameters. This is
78 commonly termed as rpHash.
79 • -S, --session=FILE:
81 The session created using tpm2_startauthsession. This can be used to
83 specify an auxiliary session for auditing and or encryption/decryp‐
84 tion of the parameters.
85 References
88 The type of a context object, whether it is a handle or file name, is
89 determined according to the following logic in-order:
90 • If the argument is a file path, then the file is loaded as a restored
92 TPM transient object.
93 • If the argument is a prefix match on one of:
95 • owner: the owner hierarchy
97 • platform: the platform hierarchy
99 • endorsement: the endorsement hierarchy
101 • lockout: the lockout control persistent object
103 • If the argument argument can be loaded as a number it will be treat
105 as a handle, e.g. 0x81010013 and used directly._OBJECT_.
106
108 Authorization for use of an object in TPM2.0 can come in 3 different
109 forms: 1. Password 2. HMAC 3. Sessions
110 NOTE: “Authorizations default to the EMPTY PASSWORD when not speci‐
112 fied”.
113 Passwords
115 Passwords are interpreted in the following forms below using prefix
116 identifiers.
117 Note: By default passwords are assumed to be in the string form when
119 they do not have a prefix.
120 String
122 A string password, specified by prefix “str:” or it’s absence (raw
123 string without prefix) is not interpreted, and is directly used for au‐
124 thorization.
125 Examples
127 foobar
128 str:foobar
129 Hex-string
131 A hex-string password, specified by prefix “hex:” is converted from a
132 hexidecimal form into a byte array form, thus allowing passwords with
133 non-printable and/or terminal un-friendly characters.
134 Example
136 hex:1122334455667788
137 File
139 A file based password, specified be prefix “file:” should be the path
140 of a file containing the password to be read by the tool or a “-” to
141 use stdin. Storing passwords in files prevents information leakage,
142 passwords passed as options can be read from the process list or common
143 shell history features.
144 Examples
146 # to use stdin and be prompted
147 file:-
148 # to use a file from a path
150 file:path/to/password/file
151 # to echo a password via stdin:
153 echo foobar | tpm2_tool -p file:-
154 # to use a bash here-string via stdin:
156 tpm2_tool -p file:- <<< foobar
158 Sessions
160 When using a policy session to authorize the use of an object, prefix
161 the option argument with the session keyword. Then indicate a path to
162 a session file that was created with tpm2_startauthsession(1). Option‐
163 ally, if the session requires an auth value to be sent with the session
164 handle (eg policy password), then append a + and a string as described
165 in the Passwords section.
166 Examples
168 To use a session context file called session.ctx.
169 session:session.ctx
171 To use a session context file called session.ctx AND send the authvalue
173 mypassword.
174 session:session.ctx+mypassword
176 To use a session context file called session.ctx AND send the HEX auth‐
178 value 0x11223344.
179 session:session.ctx+hex:11223344
181 PCR Authorizations
183 You can satisfy a PCR policy using the “pcr:” prefix and the PCR mini‐
184 language. The PCR minilanguage is as follows:
185 <pcr-spec>=<raw-pcr-file>
186 The PCR spec is documented in in the section “PCR bank specifiers”.
188 The raw-pcr-file is an optional argument that contains the output of
190 the raw PCR contents as returned by tpm2_pcrread(1).
191 PCR bank specifiers (pcr.md)
193 Examples
195 To satisfy a PCR policy of sha256 on banks 0, 1, 2 and 3 use a specifi‐
196 er of:
197 pcr:sha256:0,1,2,3
199 specifying AUTH.
201
203 Options that take algorithms support “nice-names”.
204 There are two major algorithm specification string classes, simple and
206 complex. Only certain algorithms will be accepted by the TPM, based on
207 usage and conditions.
208 Simple specifiers
210 These are strings with no additional specification data. When creating
211 objects, non-specified portions of an object are assumed to defaults.
212 You can find the list of known “Simple Specifiers” below.
213 Asymmetric
215 • rsa
216 • ecc
218 Symmetric
220 • aes
221 • camellia
223 • sm4
225 Hashing Algorithms
227 • sha1
228 • sha256
230 • sha384
232 • sha512
234 • sm3_256
236 • sha3_256
238 • sha3_384
240 • sha3_512
242 Keyed Hash
244 • hmac
245 • xor
247 Signing Schemes
249 • rsassa
250 • rsapss
252 • ecdsa
254 • ecdaa
256 • ecschnorr
258 • sm2
260 Asymmetric Encryption Schemes
262 • oaep
263 • rsaes
265 • ecdh
267 Modes
269 • ctr
270 • ofb
272 • cbc
274 • cfb
276 • ecb
278 Misc
280 • null
281 Complex Specifiers
283 Objects, when specified for creation by the TPM, have numerous algo‐
284 rithms to populate in the public data. Things like type, scheme and
285 asymmetric details, key size, etc. Below is the general format for
286 specifying this data: <type>:<scheme>:<symmetric-details>
287 Type Specifiers
289 This portion of the complex algorithm specifier is required. The re‐
290 maining scheme and symmetric details will default based on the type
291 specified and the type of the object being created.
292 • aes - Default AES: aes128
294 • aes128<mode> - 128 bit AES with optional mode (ctr|ofb|cbc|cfb|ecb).
296 If mode is not specified, defaults to null.
297 • aes192<mode> - Same as aes128<mode>, except for a 192 bit key size.
299 • aes256<mode> - Same as aes128<mode>, except for a 256 bit key size.
301 • sm4 - Default SM4: sm4128
303 • sm4128 or sm4_128 <mode> - 128 bit SM4 with optional mode
305 (ctr|ofb|cbc|cfb|ecb). If mode is not specified, defaults to null.
306 • ecc - Elliptical Curve, defaults to ecc256.
308 • ecc192 or ecc_nist_p192 - 192 bit ECC NIST curve
310 • ecc224 or ecc_nist_p224 - 224 bit ECC NIST curve
312 • ecc256 or ecc_nist_p256 - 256 bit ECC NIST curve
314 • ecc384 or ecc_nist_p384 - 384 bit ECC NIST curve
316 • ecc521 or ecc_nist_p521 - 521 bit ECC NIST curve
318 • ecc_sm2 or ecc_sm2_p256 - 256 bit SM2 curve
320 • rsa - Default RSA: rsa2048
322 • rsa1024 - RSA with 1024 bit keysize.
324 • rsa2048 - RSA with 2048 bit keysize.
326 • rsa3072 - RSA with 3072 bit keysize.
328 • rsa4096 - RSA with 4096 bit keysize.
330 Scheme Specifiers
332 Next, is an optional field, it can be skipped.
333 Schemes are usually Signing Schemes or Asymmetric Encryption Schemes.
335 Most signing schemes take a hash algorithm directly following the sign‐
336 ing scheme. If the hash algorithm is missing, it defaults to sha256.
337 Some take no arguments, and some take multiple arguments.
338 Hash Optional Scheme Specifiers
340 These scheme specifiers are followed by a dash and a valid hash algo‐
341 rithm, For example: oaep-sha256.
342 • oaep
344 • ecdh
346 • rsassa
348 • rsapss
350 • ecdsa
352 • ecschnorr
354 • sm2
356 Multiple Option Scheme Specifiers
358 This scheme specifier is followed by a count (max size UINT16) then
359 followed by a dash(-) and a valid hash algorithm. * ecdaa For example,
360 ecdaa4-sha256. If no count is specified, it defaults to 4.
361 No Option Scheme Specifiers
363 This scheme specifier takes NO arguments. * rsaes
364 Symmetric Details Specifiers
366 This field is optional, and defaults based on the type of object being
367 created and it’s attributes. Generally, any valid Symmetric specifier
368 from the Type Specifiers list should work. If not specified, an asym‐
369 metric objects symmetric details defaults to aes128cfb.
370 Examples
372 Create an rsa2048 key with an rsaes asymmetric encryption scheme
373 tpm2_create -C parent.ctx -G rsa2048:rsaes -u key.pub -r key.priv
374 Create an ecc256 key with an ecdaa signing scheme with a count of 4 and
376 sha384 hash
377 /tpm2_create -C parent.ctx -G ecc256:ecdaa4-sha384 -u key.pub -r
378 key.priv cryptographic algorithms ALGORITHM.
379
381 This collection of options are common to many programs and provide in‐
382 formation that many users may expect.
383 • -h, --help=[man|no-man]: Display the tools manpage. By default, it
385 attempts to invoke the manpager for the tool, however, on failure
386 will output a short tool summary. This is the same behavior if the
387 “man” option argument is specified, however if explicit “man” is re‐
388 quested, the tool will provide errors from man on stderr. If the
389 “no-man” option if specified, or the manpager fails, the short op‐
390 tions will be output to stdout.
391 To successfully use the manpages feature requires the manpages to be
393 installed or on MANPATH, See man(1) for more details.
394 • -v, --version: Display version information for this tool, supported
396 tctis and exit.
397 • -V, --verbose: Increase the information that the tool prints to the
399 console during its execution. When using this option the file and
400 line number are printed.
401 • -Q, --quiet: Silence normal tool output to stdout.
403 • -Z, --enable-errata: Enable the application of errata fixups. Useful
405 if an errata fixup needs to be applied to commands sent to the TPM.
406 Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent. in‐
407 formation many users may expect.
408
410 The TCTI or “Transmission Interface” is the communication mechanism
411 with the TPM. TCTIs can be changed for communication with TPMs across
412 different mediums.
413 To control the TCTI, the tools respect:
415 1. The command line option -T or --tcti
417 2. The environment variable: TPM2TOOLS_TCTI.
419 Note: The command line option always overrides the environment vari‐
421 able.
422 The current known TCTIs are:
424 • tabrmd - The resource manager, called tabrmd
426 (https://github.com/tpm2-software/tpm2-abrmd). Note that tabrmd and
427 abrmd as a tcti name are synonymous.
428 • mssim - Typically used for communicating to the TPM software simula‐
430 tor.
431 • device - Used when talking directly to a TPM device file.
433 • none - Do not initalize a connection with the TPM. Some tools allow
435 for off-tpm options and thus support not using a TCTI. Tools that do
436 not support it will error when attempted to be used without a TCTI
437 connection. Does not support ANY options and MUST BE presented as
438 the exact text of “none”.
439 The arguments to either the command line option or the environment
441 variable are in the form:
442 <tcti-name>:<tcti-option-config>
444 Specifying an empty string for either the <tcti-name> or <tcti-op‐
446 tion-config> results in the default being used for that portion respec‐
447 tively.
448 TCTI Defaults
450 When a TCTI is not specified, the default TCTI is searched for using
451 dlopen(3) semantics. The tools will search for tabrmd, device and
452 mssim TCTIs IN THAT ORDER and USE THE FIRST ONE FOUND. You can query
453 what TCTI will be chosen as the default by using the -v option to print
454 the version information. The “default-tcti” key-value pair will indi‐
455 cate which of the aforementioned TCTIs is the default.
456 Custom TCTIs
458 Any TCTI that implements the dynamic TCTI interface can be loaded. The
459 tools internally use dlopen(3), and the raw tcti-name value is used for
460 the lookup. Thus, this could be a path to the shared library, or a li‐
461 brary name as understood by dlopen(3) semantics.
462
464 This collection of options are used to configure the various known TCTI
465 modules available:
466 • device: For the device TCTI, the TPM character device file for use by
468 the device TCTI can be specified. The default is /dev/tpm0.
469 Example: -T device:/dev/tpm0 or export TPM2TOOLS_TCTI=“de‐
471 vice:/dev/tpm0”
472 • mssim: For the mssim TCTI, the domain name or IP address and port
474 number used by the simulator can be specified. The default are
475 127.0.0.1 and 2321.
476 Example: -T mssim:host=localhost,port=2321 or export TPM2TOOLS_TC‐
478 TI=“mssim:host=localhost,port=2321”
479 • abrmd: For the abrmd TCTI, the configuration string format is a se‐
481 ries of simple key value pairs separated by a `,' character. Each
482 key and value string are separated by a `=' character.
483 • TCTI abrmd supports two keys:
485 1. `bus_name' : The name of the tabrmd service on the bus (a
487 string).
488 2. `bus_type' : The type of the dbus instance (a string) limited to
490 `session' and `system'.
491 Specify the tabrmd tcti name and a config string of bus_name=com.ex‐
493 ample.FooBar:
494 \--tcti=tabrmd:bus_name=com.example.FooBar
496 Specify the default (abrmd) tcti and a config string of bus_type=ses‐
498 sion:
499 \--tcti:bus_type=session
501 NOTE: abrmd and tabrmd are synonymous. the various known TCTI mod‐
503 ules. # Signature Format Specifiers
504 Format selection for the signature output file. tss (the default) will
506 output a binary blob according to the TPM 2.0 specification and any po‐
507 tential compiler padding. The option plain will output the plain sig‐
508 nature data as defined by the used cryptographic algorithm.
509
511 Certify creation data of a primary key.
512 tpm2_createprimary -C o -c prim.ctx --creation-data create.dat \
513 -d create.dig -t create.ticket
514 tpm2_create -G rsa -u rsa.pub -r rsa.priv -C prim.ctx -c signing_key.ctx
516 tpm2_certifycreation -C signing_key.ctx -c prim.ctx -d create.dig \
518 -t create.ticket -g sha256 -o sig.nature --attestation attestat.ion -f plain \
519 -s rsassa
520
522 Tools can return any of the following codes:
523 • 0 - Success.
525 • 1 - General non-specific error.
527 • 2 - Options handling error.
529 • 3 - Authentication error.
531 • 4 - TCTI related error.
533 • 5 - Non supported scheme. Applicable to tpm2_testparams.
535
537 Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
538
540 See the Mailing List (https://lists.linuxfoundation.org/mailman/listin‐
541 fo/tpm2)
542tpm2-tools tpm2_certifycreation(1)