| .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. |
| .TH CREATELOADED "1" "March 2020" "createloaded 1.3" "User Commands" |
| .SH NAME |
| createloaded \- Runs TPM2 createloaded |
| .SH DESCRIPTION |
| createloaded |
| .PP |
| Runs TPM2_CreateLoaded |
| .HP |
| \fB\-hp\fR parent handle (can be hierarchy) |
| .IP |
| 40000001 Owner |
| 4000000c Platform |
| 4000000b Endorsement |
| .IP |
| [Asymmetric Key Algorithm] |
| .HP |
| \fB\-rsa\fR keybits (default) |
| .IP |
| (2048 default) |
| .HP |
| \fB\-ecc\fR curve |
| .IP |
| bnp256 |
| nistp256 |
| nistp384 |
| .IP |
| Key attributes |
| .TP |
| \fB\-bl\fR |
| data blob for unseal (create only) |
| requires \fB\-if\fR |
| .TP |
| \fB\-den\fR |
| decryption, (unrestricted, RSA and EC NULL scheme) |
| .TP |
| \fB\-deo\fR |
| decryption, (unrestricted, RSA OAEP, EC NULL scheme) |
| .TP |
| \fB\-dee\fR |
| decryption, (unrestricted, RSA ES, EC NULL scheme) |
| .TP |
| \fB\-des\fR |
| encryption/decryption, AES symmetric |
| [\-116 for TPM rev 116 compatibility] |
| .TP |
| \fB\-st\fR |
| storage (restricted) |
| [default for primary keys] |
| .TP |
| \fB\-si\fR |
| unrestricted signing (RSA and EC NULL scheme) |
| .TP |
| \fB\-sir\fR |
| restricted signing (RSA RSASSA, EC ECDSA scheme) |
| .TP |
| \fB\-dau\fR |
| unrestricted ECDAA signing key pair |
| .TP |
| \fB\-dar\fR |
| restricted ECDAA signing key pair |
| .TP |
| \fB\-kh\fR |
| keyed hash (unrestricted, hmac) |
| .TP |
| \fB\-khr\fR |
| keyed hash (restricted, hmac) |
| .TP |
| \fB\-dp\fR |
| derivation parent |
| .TP |
| \fB\-gp\fR |
| general purpose, not storage |
| .TP |
| [\-kt |
| (can be specified more than once)] |
| f fixedTPM (default for primary keys and derivation parents) |
| p fixedParent (default for primary keys and derivation parents) |
| nf no fixedTPM (default for non\-primary keys) |
| np no fixedParent (default for non\-primary keys) |
| ed encrypted duplication (default not set) |
| .TP |
| [\-da |
| object subject to DA protection (default no)] |
| .TP |
| [\-pol |
| policy file (default empty)] |
| .TP |
| [\-uwa |
| userWithAuth attribute clear (default set)] |
| .TP |
| [\-if |
| data (inSensitive) file name] |
| .TP |
| [\-nalg |
| name hash algorithm (sha1, sha256, sha384, sha512) (default sha256)] |
| .TP |
| [\-halg |
| scheme hash algorithm (sha1, sha256, sha384, sha512) (default sha256)] |
| .TP |
| [\-der |
| object's parent is a derivation parent] |
| .TP |
| [\-pwdk |
| password for key (default empty)] |
| .TP |
| [\-pwdp |
| password for parent key (default empty)] |
| .TP |
| [\-opu |
| public key file name (default do not save)] |
| .TP |
| [\-opr |
| private key file name (default do not save)] |
| .TP |
| [\-opem |
| public key PEM format file name (default do not save)] |
| .HP |
| \fB\-se[0\-2]\fR session handle / attributes (default PWAP) |
| .TP |
| 01 |
| continue |
| .TP |
| 20 |
| command decrypt |
| .TP |
| 40 |
| response encrypt |