Tpm2-Tools

• tpm2_activatecredential(1) \f[B]tpm2_activatecredential\f[R](1) - Enables access to the credential qualifier to recover the credential secret.
• tpm2_certify(1) \f[B]tpm2_certify\f[R](1) - Prove that an object is loaded in the TPM.
• tpm2_certifycreation(1) \f[B]tpm2_certifycreation\f[R](1) - Attest the association between a loaded public area and the provided hash of the creation
• tpm2_certifyX509certutil(1) \f[B]tpm2_certifyX509certutil\f[R](1) - Generate partial X509 certificate.
• tpm2_changeauth(1) \f[B]tpm2_changeauth\f[R] - Changes authorization values for TPM objects.
• tpm2_changeeps(1) \f[B]tpm2_changeeps\f[R](1) - Replaces the active endorsement primary seed with a new one generated off the TPM2 RNG.
• tpm2_changepps(1) \f[B]tpm2_changepps\f[R](1) - Replaces the active platform primary seed with a new one generated off the TPM2 RNG.
• tpm2_checkquote(1) \f[B]tpm2_checkquote\f[R](1) - Validates a quote provided by a TPM.
• tpm2_clear(1) \f[B]tpm2_clear\f[R](1) - Clears lockout, endorsement and owner hierarchy authorization values.
• tpm2_clearcontrol(1) \f[B]tpm2_clearcontrol\f[R](1) - Set/ Clear TPMA_PERMANENTattribute to effectively block/ unblock lockout authorization handle for issuing TPM
• tpm2_clockrateadjust(1) \f[B]tpm2_clockrateadjust\f[R](1) - Sets the clock rate period on the TPM.
• tpm2_commit(1) \f[B]tpm2_commit\f[R](1) - Performs the first part of an ECC anonymous signing operation.
• tpm2_create(1) \f[B]tpm2_create\f[R](1) - Create a child object.
• tpm2_createak(1) \f[B]tpm2_createak\f[R](1) - Generate attestation key with given algorithm under the endorsement hierarchy.
• tpm2_createek(1) \f[B]tpm2_createek\f[R](1) - Generate TCG profile compliant endorsement key.
• tpm2_createpolicy(1) \f[B]tpm2_createpolicy\f[R](1) - Creates simple assertion authorization policies based on multiple PCR indices values across multiple enabled
• tpm2_createprimary(1) \f[B]tpm2_createprimary\f[R](1) - Create a primary key.
• tpm2_dictionarylockout(1) \f[B]tpm2_dictionarylockout\f[R](1) - Setup or clear dictionary-attack-lockout parameters.
• tpm2_duplicate(1) tpm2_duplicate(1) - Duplicates a loaded object so that it may be used in a different hierarchy.
• tpm2_ecdhkeygen(1) \f[B]tpm2_ecdhkeygen\f[R](1) - Creates an ephemeral key and uses it to generate the shared secret value using the parameters from a ECC public
• tpm2_ecdhzgen(1) \f[B]tpm2_ecdhzgen\f[R](1) - Recovers the shared secret value (Z) from a public point and a specified private key.
• tpm2_ecephemeral(1) \f[B]tpm2_ecephemeral\f[R](1) - Creates an ephemeral key for use in a two-phase key exchange protocol.
• tpm2_encodeobject(1) \f[B]tpm2_encodeobject\f[R](1) - Encode an object into a combined PEM format.
• tpm2_encryptdecrypt(1) \f[B]tpm2_encryptdecrypt\f[R](1) - Performs symmetric encryption or decryption.
• tpm2_eventlog(1) \f[B]tpm2_eventlog\f[R](1) - Display tpm2 event log.
• tpm2_evictcontrol(1) \f[B]tpm2_evictcontrol\f[R](1) - Make a transient object persistent or evict a persistent object.
• tpm2_flushcontext(1) \f[B]tpm2_flushcontext\f[R](1) - Remove a specified handle, or all contexts associated with a transient object, loaded session or saved session
• tpm2_getcap(1) \f[B]tpm2_getcap\f[R](1) - Display TPM capabilities in a human readable form.
• tpm2_getcommandauditdigest(1) \f[B]tpm2_getcommandauditdigest\f[R](1) - Retrieve the command audit attestation data from the TPM.
• tpm2_geteccparameters(1) \f[B]tpm2_geteccparameters\f[R](1) - Retrieves the parameters of an ECC curve identified by its TCG-assigned curveID.
• tpm2_getekcertificate(1) \f[B]tpm2_getekcertificate\f[R](1) - Retrieve the Endorsement key Certificate.
• tpm2_getpolicydigest(1) \f[B]tpm2_getpolicydigest\f[R](1) - Retrieves the policy digest from session.
• tpm2_getrandom(1) \f[B]tpm2_getrandom\f[R](1) - Retrieves random bytes from the TPM.
• tpm2_getsessionauditdigest(1) \f[B]tpm2_getsessionauditdigest\f[R](1) - Retrieve the command audit attestation data from the TPM.
• tpm2_gettestresult(1) \f[B]tpm2_gettestresult\f[R](1) - Get the result of tests performed by the TPM
• tpm2_gettime(1) \f[B]tpm2_gettime\f[R](1) - Get the current time and clock from the TPM in a signed form.
• tpm2_hash(1) \f[B]tpm2_hash\f[R](1) - Performs a hash operation with the TPM.
• tpm2_hierarchycontrol(1) \f[B]tpm2_hierarchycontrol\f[R](1) - Enable and disable use of a hierarchy and its associated NV storage.
• tpm2_hmac(1) \f[B]tpm2_hmac\f[R](1) - Performs an HMAC operation with the TPM.
• tpm2_import(1) \f[B]tpm2_import\f[R](1) - Imports an external key into the tpm as a TPM managed key object.
• tpm2_incrementalselftest(1) \f[B]tpm2_incrementalselftest\f[R](1) - Request testing of specified algorithm list
• tpm2_load(1) \f[B]tpm2_load\f[R](1) - Load an object into the TPM.
• tpm2_loadexternal(1) \f[B]tpm2_loadexternal\f[R](1) - Load an external object into the TPM.
• tpm2_makecredential(1) \f[B]tpm2_makecredential\f[R](1) - Generate the encrypted-user-chosen-data and the wrapped-secret-data-encryption-key for the privacy-sensitive
• tpm2_nvcertify(1) \f[B]tpm2_nvcertify\f[R](1) - Provides attestation of the contents of an NV index.
• tpm2_nvdefine(1) \f[B]tpm2_nvdefine\f[R](1) - Define a TPM Non-Volatile (NV) index.
• tpm2_nvextend(1) \f[B]tpm2_nvextend\f[R](1) - Extend an Non-Volatile (NV) index like it was a PCR.
• tpm2_nvincrement(1) \f[B]tpm2_nvincrement\f[R](1) - Increment counter in a Non-Volatile (NV) index.
• tpm2_nvread(1) \f[B]tpm2_nvread\f[R](1) - Read the data stored in a Non-Volatile (NV)s index.
• tpm2_nvreadlock(1) \f[B]tpm2_nvreadlock\f[R](1) - Lock the Non-Volatile (NV) index for further reads.
• tpm2_nvreadpublic(1) \f[B]tpm2_nvreadpublic\f[R](1) - Display all defined Non-Volatile (NV)s indices.
• tpm2_nvsetbits(1) \f[B]tpm2_nvsetbits\f[R](1) - Bitwise OR bits into a Non-Volatile (NV).
• tpm2_nvundefine(1) \f[B]tpm2_nvundefine\f[R](1) - Delete a Non-Volatile (NV) index.
• tpm2_nvwrite(1) \f[B]tpm2_nvwrite\f[R](1) - Write data to a Non-Volatile (NV) index.
• tpm2_nvwritelock(1) \f[B]tpm2_nvwritelock\f[R](1) - Lock the Non-Volatile (NV) index for further writes.
• tpm2_pcrallocate(1) \f[B]tpm2_pcrallocate\f[R](1) - Configure PCRs and bank algorithms.
• tpm2_pcrevent(1) \f[B]tpm2_pcrevent\f[R](1) - Hashes a file and optionally extends a pcr.
• tpm2_pcrextend(1) \f[B]tpm2_pcrextend\f[R](1) - Extends a PCR.
• tpm2_pcrread(1) \f[B]tpm2_pcrread\f[R](1) - List PCR values.
• tpm2_pcrreset(1) \f[B]tpm2_pcrreset\f[R](1) - Reset one or more PCR banks
• tpm2_policyauthorize(1) \f[B]tpm2_policyauthorize\f[R](1) - Allows for mutable policies by tethering to a signing authority.
• tpm2_policyauthorizenv(1) \f[B]tpm2_policyauthorizenv\f[R](1) - Allows for mutable policies by referencing to a policy from an NV index.
• tpm2_policyauthvalue(1) \f[B]tpm2_policyauthvalue\f[R](1) - Enables binding a policy to the authorization value of the authorized TPM object.
• tpm2_policycommandcode(1) \f[B]tpm2_policycommandcode\f[R](1) - Restrict TPM object authorization to specific TPM commands.
• tpm2_policycountertimer(1) \f[B]tpm2_policycountertimer\f[R](1) - Enables policy authorization by evaluating the comparison operation on the TPM parameters time, clock, reset
• tpm2_policycphash(1) \f[B]tpm2_policycphash\f[R](1) - Couples a policy with command parameters of the command.
• tpm2_policyduplicationselect(1) \f[B]tpm2_policyduplicationselect\f[R](1) - Restricts duplication to a specific new parent.
• tpm2_policylocality(1) \f[B]tpm2_policylocality\f[R](1) - Restrict TPM object authorization to specific localities.
• tpm2_policynamehash(1) \f[B]tpm2_policynamehash\f[R](1) - Couples a policy with names of specific objects.
• tpm2_policynv(1) \f[B]tpm2_policynv\f[R](1) - Evaluates policy authorization by comparing a specified value against the contents in the specified NV
• tpm2_policynvwritten(1) \f[B]tpm2_policynvwritten\f[R](1) - Restrict TPM object authorization to the written state of an NV index.
• tpm2_policyor(1) \f[B]tpm2_policyor\f[R](1) - logically OR\[cq]s two policies together.
• tpm2_policypassword(1) \f[B]tpm2_policypassword\f[R](1) - Enables binding a policy to the authorization value of the authorized TPM object.
• tpm2_policypcr(1) \f[B]tpm2_policypcr\f[R](1) - Create a policy that includes specific PCR values.
• tpm2_policyrestart(1) \f[B]tpm2_policyrestart\f[R](1) - Restart an existing session with the TPM.
• tpm2_policysecret(1) \f[B]tpm2_policysecret\f[R](1) - Couples the authorization of an object to that of an existing object.
• tpm2_policysigned(1) \f[B]tpm2_policysigned\f[R](1) - Enables policy authorization by verifying signature of optional TPM2 parameters.
• tpm2_policytemplate(1) \f[B]tpm2_policytemplate\f[R](1) - Couples a policy with public template data digest of an object.
• tpm2_policyticket(1) \f[B]tpm2_ticket\f[R](1) - Enables policy authorization by verifying a ticket that represents a validated authorization that had an expiration time
• tpm2_print(1) \f[B]tpm2_print\f[R](1) - Prints TPM data structures
• tpm2_quote(1) \f[B]tpm2_quote\f[R](1) - Provide a quote and signature from the TPM.
• tpm2_rc_decode(1) \f[B]tpm2_rc_decode\f[R](1) - Decode TPM2 error codes to a human readable format.
• tpm2_readclock(1) \f[B]tpm2_readclock\f[R](1) - Retrieves the time information from the TPM.
• tpm2_readpublic(1) \f[B]tpm2_readpublic\f[R](1) - Read the public area of a loaded object.
• tpm2_rsadecrypt(1) \f[B]tpm2_rsadecrypt\f[R](1) - Performs an RSA decryption operation using the TPM.
• tpm2_rsaencrypt(1) \f[B]tpm2_rsaencrypt\f[R](1) - Performs an RSA encryption operation using the TPM.
• tpm2_selftest(1) \f[B]tpm2_selftest\f[R](1) - Run TPM\[cq]s self-test internal routines
• tpm2_send(1) \f[B]tpm2_send\f[R](1) - Send a raw command buffer to the TPM.
• tpm2_sessionconfig(1) \f[B]tpm2_sessionconfig\f[R](1) - Configure session attributes and print session info from a session file.
• tpm2_setclock(1) \f[B]tpm2_setclock\f[R](1) - Sets the time on the TPM.
• tpm2_setcommandauditstatus(1) \f[B]tpm2_setcommandauditstatus\f[R](1) - Add or remove TPM2 commands to the audited commands list.
• tpm2_setprimarypolicy(1) \f[B]tpm2_setprimarypolicy\f[R](1) - Sets the authorization policy for the lockout (lockoutPolicy), the platform hierarchy (platformPolicy), the
• tpm2_shutdown(1) \f[B]tpm2_shutdown\f[R](1) - Send a shutdown command to the TPM.
• tpm2_sign(1) \f[B]tpm2_sign\f[R](1) - Sign a hash or message using the TPM.
• tpm2_startauthsession(1) \f[B]tpm2_startauthsession\f[R](1) - Start a session with the TPM.
• tpm2_startup(1) \f[B]tpm2_startup\f[R](1) - Send a startup command to the TPM.
• tpm2_stirrandom(1) \f[B]tpm2_stirrandom\f[R](1) - Add \[lq]additional information\[rq] into TPM RNG state.
• tpm2_testparms(1) \f[B]tpm2_testparms\f[R](1) - Verify that specified algorithm suite is supported by TPM
• tpm2_unseal(1) \f[B]tpm2_unseal\f[R](1) - Returns a data blob in a loaded TPM object. The data blob is returned in clear.
• tpm2_verifysignature(1) \f[B]tpm2_verifysignature\f[R](1) - Validates a signature using the TPM.
• tpm2_zgen2phase(1) \f[B]tpm2_zgen2phase\f[R](1) - Command to enable the TPM to combine data from the other party with the ephemeral key generated in the first phase
• tpm2(1) \f[B]tpm2\f[R](1) - A single small executable that combines the various tpm2-tools much like a BusyBox that provides a fairly complete environment
• tss2_authorizepolicy(1) \f[B]tss2_authorizepolicy\f[R](1) -
• tss2_changeauth(1) \f[B]tss2_changeauth\f[R](1) - This command changes the authorization data of an entity referred to by the path.
• tss2_createkey(1) \f[B]tss2_createkey\f[R](1) -
• tss2_createnv(1) \f[B]tss2_createnv\f[R](1) -
• tss2_createseal(1) \f[B]tss2_createseal\f[R](1) -
• tss2_decrypt(1) \f[B]tss2_decrypt\f[R](1) - decrypts data
• tss2_delete(1) \f[B]tss2_delete\f[R](1) -
• tss2_encrypt(1) \f[B]tss2_encrypt\f[R](1) - encrypts data
• tss2_exportkey(1) \f[B]tss2_exportkey\f[R](1) -
• tss2_exportpolicy(1) \f[B]tss2_policyexport\f[R](1) -
• tss2_getappdata(1) \f[B]tss2_getappdata\f[R](1)
• tss2_getcertificate(1) \f[B]tss2_getcertificate\f[R](1) -
• tss2_getdescription(1) \f[B]tss2_getdescription\f[R](1)
• tss2_getinfo(1) \f[B]tss2_getinfo\f[R](1) -
• tss2_getplatformcertificates(1) \f[B]tss2_getplatformcertificates\f[R](1) -
• tss2_getrandom(1) \f[B]tss2_getrandom\f[R](1) - # SYNOPSIS \f[B]tss2_getrandom\f[R] [\f[I]OPTIONS\f[R]]
• tss2_gettpm2object(1) \f[B]tss2_gettpm2object\f[R](1)
• tss2_gettpmblobs(1) \f[B]tss2_gettpmblobs\f[R](1) -
• tss2_import(1) \f[B]tss2_import\f[R](1) -
• tss2_list(1) \f[B]tss2_list\f[R](1) -
• tss2_nvextend(1) \f[B]tss2_nvextend\f[R](1) -
• tss2_nvincrement(1) \f[B]tss2_nvincrement\f[R](1) -
• tss2_nvread(1) \f[B]tss2_nvread\f[R](1) -
• tss2_nvsetbits(1) \f[B]tss2_nvsetbits\f[R](1) -
• tss2_nvwrite(1) \f[B]tss2_nvwrite\f[R](1) -
• tss2_pcrextend(1) \f[B]tss2_pcrextend\f[R](1) -
• tss2_pcrread(1) \f[B]tss2_pcrread\f[R](1) -
• tss2_provision(1) \f[B]tss2_provision\f[R](1) -
• tss2_quote(1) \f[B]tss2_quote\f[R](1) -
• tss2_setappdata(1) \f[B]tss2_setappdata\f[R](1)
• tss2_setcertificate(1) \f[B]tss2_setcertificate\f[R](1) -
• tss2_setdescription(1) \f[B]tss2_setdescription\f[R](1)
• tss2_sign(1) \f[B]tss2_sign\f[R](1) -
• tss2_unseal(1) \f[B]tss2_unseal\f[R](1) -
• tss2_verifyquote(1) \f[B]tss2_verifyquote\f[R](1) -
• tss2_verifysignature(1) \f[B]tss2_verifysignature\f[R](1) -
• tss2_writeauthorizenv(1) \f[B]tss2_writeauthorizenv\f[R](1) -
• tss2(1) A single small executable that combines the various tpm2-tools much like a BusyBox that provides a fairly complete environment for any small or