* [tpm2] tpm2_createek and transient EK problem
@ 2020-02-28 11:42 Martin Townsend
0 siblings, 0 replies; only message in thread
From: Martin Townsend @ 2020-02-28 11:42 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 1256 bytes --]
Hi,
I'm trying out the tpm2_createek tool and in the manual
https://github.com/tpm2-software/tpm2-tools/blob/master/man/tpm2_createek.1.md
It explains how to create a transient EK, I following these
instructions but can't get them to work. I've taken ownership of the
TPM and created a SRK. I then ran the command as listed in the manual
page:
tpm2_createek -G rsa -u ek.pub
ERROR: Expected option -c
Usage: tpm2_createek [<options>]
Where <options> are:
[ -P | --eh-auth=<value>] [ -w | --owner-auth=<value>] [ -p |
--ek-auth=<value>] [ -G | --key-algorithm=<value>]
[ -u | --public=<value>] [ -f | --format=<value>] [ -c |
--ek-context=<value>] [ -t | --template=<value>]
So I added the -c to save the context to disk and provide the EH authorisation:
tpm2_createek -G rsa -u ek.pub -c ek.ctx -P xxx
echo $?
0
so it looks like it's succeeded but I then try the to list the
transient objects with
tpm2_getcap handles-transient
and I get nothing. The files have been created
ls -la ek*
-rw-r--r-- 1 root root 1287 Feb 28 2020 ek.ctx
-rw-r--r-- 1 root root 316 Feb 28 2020 ek.pub
Any ideas as to why this is not working for me, do I need to perform
some other step first?
Many Thanks,
Martin.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-02-28 11:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-28 11:42 [tpm2] tpm2_createek and transient EK problem Martin Townsend
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.