Man page - tss2_createnv(1)

Packages contains this manual

Package:  tpm2-tools
apt-get install tpm2-tools

Manuals in package:
• tpm2_policylocality(1)
• tss2_createnv(1)
• tpm2_policycommandcode(1)
• tpm2_createpolicy(1)
• tpm2_readclock(1)
• tpm2_policyauthvalue(1)
• tss2_nvsetbits(1)
• tpm2_activatecredential(1)
• tpm2_dictionarylockout(1)
• tss2_quote(1)
• tss2_setcertificate(1)
• tss2(1)
• tss2_exportkey(1)
• tss2_changeauth(1)
• tpm2_createak(1)
• tss2_createkey(1)
• tpm2_selftest(1)
• tpm2_policytemplate(1)
• tpm2_pcrreset(1)
• tpm2_tr_encode(1)
• tpm2_unseal(1)
• tpm2_policycphash(1)
• tpm2_hierarchycontrol(1)
• tpm2_makecredential(1)
• tpm2_policyauthorizenv(1)
• tss2_gettpm2object(1)
• tpm2_encryptdecrypt(1)
• tss2_provision(1)
• tpm2_createprimary(1)
• tpm2_testparms(1)
• tpm2_rc_decode(1)
• tpm2_policynv(1)
• tss2_createseal(1)
• tss2_import(1)
• tpm2_policyor(1)
• tpm2_commit(1)
• tpm2_print(1)
• tpm2_clearcontrol(1)
• tss2_nvwrite(1)
• tpm2_getrandom(1)
• tss2_list(1)
• tpm2_certifycreation(1)
• tpm2_nvincrement(1)
• tpm2_nvread(1)
• tpm2_getekcertificate(1)
• tpm2_policyauthorize(1)
• tpm2_policyrestart(1)
• tss2_nvincrement(1)
• tpm2_shutdown(1)
• tss2_sign(1)
• tpm2_nvundefine(1)
• tpm2_policyticket(1)
• tpm2_policyduplicationselect(1)
• tpm2_setcommandauditstatus(1)
• tpm2_createek(1)
• tpm2_policysigned(1)
• tpm2_ecdhzgen(1)
• tss2_getappdata(1)
• tpm2_readpublic(1)
• tpm2_clear(1)
• tpm2_changepps(1)
• tpm2_incrementalselftest(1)
• tpm2_policycountertimer(1)
• tss2_pcrread(1)
• tpm2_certify(1)
• tss2_decrypt(1)
• tpm2_gettime(1)
• tpm2_policynvwritten(1)
• tss2_authorizepolicy(1)
• tss2_setappdata(1)
• tpm2_hash(1)
• tss2_verifyquote(1)
• tpm2_gettestresult(1)
• tpm2_sessionconfig(1)
• tpm2_nvsetbits(1)
• tpm2_policypcr(1)
• tpm2_loadexternal(1)
• tpm2_clockrateadjust(1)
• tpm2_rsadecrypt(1)
• tpm2_getcommandauditdigest(1)
• tpm2_eventlog(1)
• tss2_getcertificate(1)
• tpm2_evictcontrol(1)
• tpm2_getpolicydigest(1)
• tpm2_startauthsession(1)
• tss2_exportpolicy(1)
• tpm2_nvextend(1)
• tss2_delete(1)
• tpm2_changeauth(1)
• tpm2_load(1)
• tpm2_policypassword(1)
• tpm2_pcrevent(1)
• tss2_pcrextend(1)
• tpm2_quote(1)
• tpm2_policysecret(1)
• tss2_unseal(1)
• tss2_nvextend(1)
• tpm2_checkquote(1)
• tpm2_nvwrite(1)
• tpm2_duplicate(1)
• tss2_getplatformcertificates(1)
• tpm2_setclock(1)
• tss2_gettpmblobs(1)
• tpm2(1)
• tss2_getinfo(1)
• tss2_getrandom(1)
• tpm2_policynamehash(1)
• tpm2_send(1)
• tss2_writeauthorizenv(1)
• tpm2_pcrextend(1)
• tpm2_verifysignature(1)
• tpm2_import(1)
• tpm2_create(1)
• tpm2_geteccparameters(1)
• tpm2_hmac(1)
• tpm2_pcrallocate(1)
• tpm2_nvwritelock(1)
• tpm2_setprimarypolicy(1)
• tpm2_flushcontext(1)
• tpm2_rsaencrypt(1)
• tpm2_pcrread(1)
• tpm2_encodeobject(1)
• tpm2_zgen2phase(1)
• tss2_getdescription(1)
• tss2_nvread(1)
• tpm2_startup(1)
• tss2_verifysignature(1)
• tss2_setdescription(1)
• tpm2_nvreadpublic(1)
• tpm2_sign(1)
• tpm2_ecephemeral(1)
• tpm2_changeeps(1)
• tpm2_stirrandom(1)
• tpm2_nvreadlock(1)
• tpm2_nvdefine(1)
• tss2_encrypt(1)
• tpm2_nvcertify(1)
• tpm2_getcap(1)
• tpm2_ecdhkeygen(1)
• tpm2_getsessionauditdigest(1)
Documentations in package:
• tpm2-tools

Manual

tss2_createnv

NAME
SYNOPSIS
SEE ALSO
DESCRIPTION
OPTIONS
COMMON OPTIONS
EXAMPLE
RETURNS
BUGS
HELP

---

NAME

tss2_createnv (1) -

SYNOPSIS

tss2_createnv [ OPTIONS ]

SEE ALSO

fapi-config(5) to adjust Fapi parameters like the used cryptographic profile and TCTI or directories for the Fapi metadata storages.

fapi-profile(5) to determine the cryptographic algorithms and parameters for all keys and operations of a specific TPM interaction like the name hash algorithm, the asymmetric signature algorithm, scheme and parameters and PCR bank selection.

DESCRIPTION

tss2_createnv (1) - This command creates an NV index in the TPM.

OPTIONS

These are the available options:

•

-p , --path = STRING :

Path of the new NV space.

The path is composed of three elements, separated by “/”. An nvPath starts with “/nv”. The second path element identifies the NV handle range for the nv object. This includes the following values: Owner, TPM, Platform, Endorsement_Certificate, Platform_Certificate, Component_OEM, TPM_OEM, Platform_OEM, PC-Client, Server, Virtualized_Platform, MPWG, Embedded. The third path element identifies the actual NV-Index using a meaningful name.

•

-t , --type = STRING :

Identifies the intended usage. Optional parameter. Types may be any comma-separated combination of:

- "noda": Sets the noda attribute of a key or NV index.
- "bitfield": Sets the NV type to bitfield.
- "counter": Sets the NV type to counter.
- "pcr": Sets the NV type to pcr-like behavior.
- Hint: If none of the previous three keywords is provided a regular NV
  index is created.

•

-s , --size = INTEGER :

The size in bytes of the NV index to be created. Can be omitted if size can be inferred from the type; e.g. an NV index of type counter has a size of 8 bytes.

•

-P , --policyPath = STRING :

Identifies the policy to be associated with the new NV space. Optional parameter. If omitted then no policy will be associated with the key.

A policyPath is composed of two elements, separated by “/”. A policyPath starts with “/policy”. The second path element identifies the policy or policy template using a meaningful name.

•

-a , --authValue = STRING :

The new UTF-8 password. Optional parameter. If it is neglected then the user is queried interactively for a password. To set no password, this option should be used with the empty string (““). The maximum password size is determined by the digest size of the chosen name hash algorithm in the cryptographic profile (cf., fapi-profile(5) ). For example, choosing SHA256 as hash algorithm, allows passwords of a maximum size of 32 characters.

COMMON OPTIONS

This collection of options are common to all tss2 programs and provide information that many users may expect.

•

-h , --help [man|no-man] : Display the tools manpage. By default, it attempts to invoke the manpager for the tool, however, on failure will output a short tool summary. This is the same behavior if the “man” option argument is specified, however if explicit “man” is requested, the tool will provide errors from man on stderr. If the “no-man” option if specified, or the manpager fails, the short options will be output to stdout.

To successfully use the manpages feature requires the manpages to be installed or on MANPATH , See man (1) for more details.

•

-v , --version : Display version information for this tool, supported tctis and exit.

EXAMPLE

tss2_createnv --authValue=abc --path=/nv/Owner/myNV --size=20 --type="noDa"

RETURNS

0 on success or 1 on failure.

BUGS

Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)

HELP

See the Mailing List (https://lists.linuxfoundation.org/mailman/listinfo/tpm2)

---