File: tpm2_encodeobject.1.md

package info (click to toggle)
tpm2-tools 5.7-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 5,988 kB
  • sloc: ansic: 45,737; sh: 14,915; xml: 8,342; makefile: 610; python: 51
file content (97 lines) | stat: -rw-r--r-- 2,482 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
% tpm2_encodeobject(1) tpm2-tools | General Commands Manual

# NAME

**tpm2_encodeobject**(1) - Encode an object into a combined PEM format.

# SYNOPSIS

**tpm2_encodeobject** [*OPTIONS*]

# DESCRIPTION

**tpm2_encodeobject**(1) - Encode both the private and public portions of an
object into a combined PEM format used by tpm2-tss-engine.

The tool reads private and public portions of an object and encodes it
into a combined PEM format used by tpm2-tss-engine and other
applications.

**NOTE**: Both private and public portions of the tpm key must be specified.

# OPTIONS

  * **-C**, **\--parent-context**=_OBJECT_:

    The parent object.

  * **-P**, **\--auth**=_AUTH_:

    The authorization value of the parent object specified by **-C**.

  * **-u**, **\--public**=_FILE_:

    A file containing the public portion of the object.

  * **-r**, **\--private**=_FILE_:

    A file containing the sensitive portion of the object.

  * **-p**, **\--key-auth**:

    Indicates if an authorization value is needed for the object specified by
    **-r** and **-u**.

  * **-o**, **\--output**=_FILE_:

    The output file path, recording the public portion of the object.

## References

[context object format](common/ctxobj.md) details the methods for specifying
_OBJECT_.

[authorization formatting](common/authorizations.md) details the methods for
specifying _AUTH_.

[common options](common/options.md) collection of common options that provide
information many users may expect.

[common tcti options](common/tcti.md) collection of options used to configure
the various known TCTI modules.

# EXAMPLES

## Setup
To load an object you first must create an object under a primary object. So the
first step is to create the primary object.

```bash
tpm2_createprimary -c primary.ctx
```

Step 2 is to create an object under the primary object.

```bash
tpm2_create -C primary.ctx -u key.pub -r key.priv -f pem -o pub.pem
```

This creates the private and public portions of the TPM object. With these
object portions, it is now possible to load that object into the TPM for
subsequent use.

## Encoding an Object into a combined PEM format

The final step, is encoding the public and private portions of the object into a
PEM format.

```bash
tpm2_encodeobject -C primary.ctx -u key.pub -r key.priv -o priv.pem
```

The generated `priv.pem` can be used together with `pub.pem` created in the
step 2 of Setup section.

[returns](common/returns.md)

[footer](common/footer.md)