tsscreate man page

tsscreate — Runs TPM2_Create



Runs TPM2_Create

-hp parent handle

[Asymmetric Key Algorithm]

-rsa (default) -ecc curve


nistp256 nistp384

Key attributes

-bl data blob for unseal (create only)

-if data file name

-den decryption, RSA, not storage, NULL scheme -deo decryption, RSA, not storage, OAEP scheme -des encryption/decryption, AES symmetric

[-116 for TPM rev 116 compatibility]

-st storage

[default for primary keys]

-si signing -sir restricted signing -dau create unrestricted ECDAA key pair -dar create restricted ECDAA key pair -kh keyed hash (hmac) -dp derivation parent -gp general purpose, not storage

[-kt (can be specified more than once)]

f fixedTPM p fixedParent

[-da object subject to DA protection) (default no)]

[-pol policy file (default empty)] [-uwa userWithAuth attribute clear (default set)]

[-nalg name hash algorithm (sha1, sha256, sha384) (default sha256)] [-halg scheme hash algorithm (sha1, sha256, sha384) (default sha256)]

[-pwdk password for key (default empty)] [-pwdp password for parent key (default empty)]

[-opu public key file name (default do not save)] [-opr private key file name (default do not save)] [-opem public key PEM format file name (default do not save)] [-tk output ticket file name] [-ch output creation hash file name]

-se[0-2] session handle / attributes (default PWAP)

01 continue 20 command decrypt 40 response encrypt

See Also

The full documentation for tsscreate is maintained as a Texinfo manual.  If the info and tsscreate programs are properly installed at your site, the command

info tsscreate

should give you access to the complete manual.


February 2018 tsscreate v1027 User Commands