tsscreateprimary man page

tsscreateprimary — Runs TPM2_CreatePrimary


createprimary creates a primary storage key

Runs TPM2_CreatePrimary

[-hi hierarchy (e, o, p, n) (default null)] [-pwdp password for hierarchy (default empty)] [-pwdpi password file name for hierarchy (default empty)] [-pwdk password for key (default empty)] [-iu inPublic unique field file (default none)] [-opu public key file name (default do not save)] [oipem public key PEM format file name (default do not save)] [-tk output ticket file name] [-ch output creation hash file name]

[Asymmetric Key Algorithm]

-rsa (default) -ecc curve


nistp256 nistp384

Key attributes

-bl data blob for unseal (create only)

-if data file name

-den decryption, RSA, not storage, NULL scheme -deo decryption, RSA, not storage, OAEP scheme -des encryption/decryption, AES symmetric

[-116 for TPM rev 116 compatibility]

-st storage

[default for primary keys]

-si signing -sir restricted signing -dau create unrestricted ECDAA key pair -dar create restricted ECDAA key pair -kh keyed hash (hmac) -dp derivation parent -gp general purpose, not storage

[-kt (can be specified more than once)]

f fixedTPM p fixedParent

[-da object subject to DA protection) (default no)]

[-pol policy file (default empty)] [-uwa userWithAuth attribute clear (default set)]

[-nalg name hash algorithm (sha1, sha256, sha384) (default sha256)] [-halg scheme hash algorithm (sha1, sha256, sha384) (default sha256)]

-se[0-2] session handle / attributes (default PWAP)

01 continue 20 command decrypt 40 response encrypt

See Also

The full documentation for tsscreateprimary is maintained as a Texinfo manual.  If the info and tsscreateprimary programs are properly installed at your site, the command

info tsscreateprimary

should give you access to the complete manual.


February 2018 tsscreateprimary v1027 User Commands