logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

tss2_sign(1) -

Contents

Bugs

       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)

Common Options

       This  collection  of  options are common to all tss2 programs and provide information that many users may
       expect.

       • -h, --help[man|no-man]: Display the tools manpage.  By default, it attempts to invoke the manpager for
         the tool, however, on failure will output a short tool summary.  This is the same behavior if the “man”
         option argument is specified, however if explicit “man” is requested, the tool will provide errors from
         man on stderr.  If the “no-man” option if specified, or the manpager fails, the short options  will  be
         output to stdout.

         To  successfully  use  the  manpages  feature  requires the manpages to be installed or on MANPATH, See
         man(1) for more details.

       • -v, --version: Display version information for this tool, supported tctis and exit.

Description

tss2_sign(1) - This command uses a key inside the TPM to sign  a  digest  value  using  the  TPM  signing
       schemes as specified in the cryptographic profile (cf., fapi-profile(5)).

Example

              tss2_sign --keyPath=HS/SRK/myRSASign --padding="RSA_PSS" --digest=digest.file --signature=signature.file --publicKey=publicKey.file

Help

       See the Mailing List (https://lists.linuxfoundation.org/mailman/listinfo/tpm2)

tpm2-tools                                         APRIL 2019                                       tss2_sign(1)

Name

tss2_sign(1) -

Options

       These are the available options:

       • -p, --keyPath=STRING:

         The path to the signing key.

       • -s, --padding=STRING:

         The  padding scheme used.  Possible values are “RSA_SSA”, “RSA_PSS” (case insensitive).  Optional para‐
         meter.  If omitted, the default padding specified in the cryptographic profile  (cf.,  fapi-profile(5))
         is used.

       • -c, --certificate=FILENAME or - (for stdout):

         The certificate associated with keyPath in PEM format.  Optional parameter.

       • -d, --digest=FILENAME or - (for stdin):

         The data to be signed, already hashed.

       • -f, --force:

         Force overwriting the output file.

       • -k, --publicKey=FILENAME or - (for stdout):

         The public key associated with keyPath in PEM format.  Optional parameter.

       • -o, --signature=FILENAME or - (for stdout):

         Returns the signature in binary form.

Returns

       0 on success or 1 on failure.

See Also

fapi-config(5)  to adjust Fapi parameters like the used cryptographic profile and TCTI or directories for
       the Fapi metadata storages.

       fapi-profile(5) to determine the cryptographic algorithms and parameters for all keys and operations of a
       specific TPM interaction like the name hash algorithm, the asymmetric signature algorithm, scheme and pa‐
       rameters and PCR bank selection.

Synopsis

tss2_sign [OPTIONS]

See Also

Man Pages
sign Man Pages
Man Pages
profile Man Pages
Man Pages
options Man Pages
Signature
Signature PNG Icons
Man Pages
tss2 Man Pages
Man Pages
fapi Man Pages
Headphones Icomoon
Headphones Icomoon SVG Icons
Cheatsheets
Stdout Redirection - Command Line Output Management Cheatsheets
Man Pages
tpm2 Man Pages
← View User commands Category← Back to File management🙏  Credits & Acknowledgments