Scroll to navigation

tpm2_createprimary(8) tpm2.0-tools tpm2_createprimary(8)

NAME

tpm2_createprimary - Create a primary key under a primary seed or a temporary primary key under the TPM_RH_NULL hierarchy.

SYNOPSIS

tpm2_createprimary [COMMON OPTIONS] [TCTI OPTIONS] [-A|--auth=][o|p|e|n] [-P|--pwdp=][string] [-K|--pwdk=][string] [-g|--halg=][0x4|0xB|0xC|0xD|0x12] [-G|--kalg=][0x1|0x8|0x23|0x25] [-C|--context=][filepath] [-X|--passwdInHex [-d|--debugLevel=][0|1|2|3]

DESCRIPTION

This command is used to create a Primary Object under one of the Primary Seeds or a Temporary Object under TPM_RH_NULL. The command uses a TPM2B_PUBLIC as a template for the object to be created. The command will create and load a Primary Object. The sensitive area is not returned.

OPTIONS

Specify the hierarchy under which the object is created. This will also dictate which authorization secret (if any) must be supplied.
Supported options are:
'o' for TPM_RH_OWNER
'p' for TPM_RH_PLATFORM
'e' for TPM_RH_ENDORSEMENT
'n' for TPM_RH_NULL
Optional authorization string if authorization is required to create object under the specified hierarchy.
Optional authorization string for the newly created object.
Hash algorithm used in the computation of the object name.
Supported options are:
'0x4' for TPM_ALG_SHA1
'0xB' for TPM_ALG_SHA256
'0xC' for TPM_ALG_SHA384
'0xD' for TPM_ALG_SHA256
'0x12' for TPM_ALG_SM3_256
NOTE: Your TPM may not support all algorithms.
Algorithm type for generated key.
Supported options are:
'0x1' for TPM_ALG_RSA
'0x8' for TPM_ALG_KEYEDHASH
'0x23' for TPM_ALG_ECC
'0x25' for TPM_ALG_SYMCIPHER
An optional file used to store the object context returned.
A flag used to indicate that the supplied passwords are hex strings.
Control the verbosity of debug output from the tool. Supported values are:
'0' is the default
'1' displays test app send / receive byte streams
'2' displays resource manager send / receive byte streams
'3' displays the resource manager tables
[COMMON OPTIONS ]
This collection of options are common to many programs and provide information that many users may expect.
Display a manual describing the tool and its usage.
Display version information for this tool.
Increase the information that the tool prints to the console during its execution.
[TCTI OPTIONS ]
This collection of options are used to configure the varous TCTI modules available.
Select the TCTI used for communication with the next component down the TSS stack. In most configurations this will be the TPM but it could be a simulator or proxy. Supported TCTIs are or “device” or “socket” .
Specify the TPM device file for use by the device TCTI. The default is /dev/tpm0.

Specify the domain name or IP address used by the socket TCTI. The default is 127.0.0.1.
Specify the port number used by the socket TCTI. The default is 2321.

ENVIRONMENT

This collection of environment variables that may be used to configure the varous TCTI modules available. The values passed through these variables can be overridden on a per-command basis using the available command line options.
Select the TCTI used for communication with the next component down the TSS stack. In most configurations this will be the TPM but it could be a simulator or proxy. See 'OPTIONS' section for the names of supported TCTIs.
Specify the TPM device file for use by the device TCTI.

Specify the domain name or IP address used by the socket TCTI.
Specify the port number used by the socket TCTI.
DECEMBER 2016 Intel