NAME¶

load_tpm2_key - load a tpm2 key at a permanent index

SYNOPSIS¶

load_tpm2_key [options] <filename> <nvindex>

DESCRIPTION¶

Used to load keys created by create_tpm2_key(1) to a permanent NV index.

The reasons for doing this are either to have an unrestricted key always accessible to the TPM without needing a key file or to have a new restricted decryption key parent from which other keys can be created as children.

OPTIONS¶

-b, --auth-parent <pwd>: Specify the parent key password (default EmptyAuth)
-f, --force: force loading of key with policy
-h, --help: print this help message

EXAMPLES¶

Create a TPM internal key and load it at index 81000101

create_tpm2_key -p 81000001 tmp.key
load_tpm2_key tmp.key 81000101

Create a wrapped restricted decryption key at 81000101 and use it as the parent of a new key

openssl genrsa 2048 > key.priv
create_tpm2_key --restricted -w key.priv key.tpm
load_tpm2_key key.tpm 81000101
create_tpm2_key -p 81000101 newkey.tpm

AUTHOR¶

Written by James Bottomley <James.Bottomley@HansenPartnership.com>

REPORTING BUGS¶

Report bugs to <openssl-tpm2-engine@groups.io>

COPYRIGHT¶

April 2024

load_tpm2_key 4.1.2

Source file:	load_tpm2_key.1.en.gz (from openssl_tpm2_engine 4.1.2-1.1)
Source last updated:	2024-04-19T15:50:30Z
Converted to HTML:	2024-05-04T01:35:26Z