.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.4.
.TH CREATE "1" "July 2017" "create " "User Commands"
.SH NAME
create \- Runs TPM2_Create
.SH DESCRIPTION
\fB\-\-version\-string\fR=\fI\,v1045\/\fR is not a valid option
.PP
create
.PP
Runs TPM2_Create
.HP
\fB\-hp\fR parent handle
.IP
[Asymmetric Key Algorithm]
.IP
\fB\-rsa\fR (default)
\fB\-ecc\fR curve
.TP
bnp256
nistp256
nistp384
.IP
Key attributes
.TP
\fB\-bl\fR data blob for unseal (create only)
\fB\-if\fR data file name
.IP
\fB\-den\fR decryption, RSA, not storage, NULL scheme
\fB\-deo\fR decryption, RSA, not storage, OAEP scheme
\fB\-des\fR encryption/decryption, AES symmetric
.IP
[\-116 for TPM rev 116 compatibility]
.TP
\fB\-st\fR storage
[default for primary keys]
.IP
\fB\-si\fR signing
\fB\-sir\fR restricted signing
\fB\-dau\fR create unrestricted ECDAA key pair
\fB\-dar\fR create restricted ECDAA key pair
\fB\-kh\fR keyed hash (hmac)
\fB\-dp\fR derivation parent
\fB\-gp\fR general purpose, not storage
.TP
[\-kt (can be specified more than once)]
f fixedTPM (default for primary keys and derivation parents)
p fixedParent (default for primary keys and derivation parents)
nf no fixedTPM (default for non\-primary keys)
np no fixedParent (default for non\-primary keys)
.IP
[\-da object subject to DA protection) (default no)]
.IP
[\-pol policy file (default empty)]
[\-uwa userWithAuth attribute clear (default set)]
.IP
[\-nalg name hash algorithm (sha1, sha256, sha384) (default sha256)]
[\-halg scheme hash algorithm (sha1, sha256, sha384) (default sha256)]
.IP
[\-pwdk password for key (default empty)]
[\-pwdp password for parent key (default empty)]
.IP
[\-opu public key file name (default do not save)]
[\-opr private key file name (default do not save)]
[\-opem public key PEM format file name (default do not save)]
[\-tk output ticket file name]
[\-ch output creation hash file name]
.HP
\fB\-se[0\-2]\fR session handle / attributes (default PWAP)
.IP
01 continue
20 command decrypt
40 response encrypt
.PP
\fB\-\-version\fR is not a valid option
.PP
create
.PP
Runs TPM2_Create
.HP
\fB\-hp\fR parent handle
.IP
[Asymmetric Key Algorithm]
.IP
\fB\-rsa\fR (default)
\fB\-ecc\fR curve
.TP
bnp256
nistp256
nistp384
.IP
Key attributes
.TP
\fB\-bl\fR data blob for unseal (create only)
\fB\-if\fR data file name
.IP
\fB\-den\fR decryption, RSA, not storage, NULL scheme
\fB\-deo\fR decryption, RSA, not storage, OAEP scheme
\fB\-des\fR encryption/decryption, AES symmetric
.IP
[\-116 for TPM rev 116 compatibility]
.TP
\fB\-st\fR storage
[default for primary keys]
.IP
\fB\-si\fR signing
\fB\-sir\fR restricted signing
\fB\-dau\fR create unrestricted ECDAA key pair
\fB\-dar\fR create restricted ECDAA key pair
\fB\-kh\fR keyed hash (hmac)
\fB\-dp\fR derivation parent
\fB\-gp\fR general purpose, not storage
.TP
[\-kt (can be specified more than once)]
f fixedTPM (default for primary keys and derivation parents)
p fixedParent (default for primary keys and derivation parents)
nf no fixedTPM (default for non\-primary keys)
np no fixedParent (default for non\-primary keys)
.IP
[\-da object subject to DA protection) (default no)]
.IP
[\-pol policy file (default empty)]
[\-uwa userWithAuth attribute clear (default set)]
.IP
[\-nalg name hash algorithm (sha1, sha256, sha384) (default sha256)]
[\-halg scheme hash algorithm (sha1, sha256, sha384) (default sha256)]
.IP
[\-pwdk password for key (default empty)]
[\-pwdp password for parent key (default empty)]
.IP
[\-opu public key file name (default do not save)]
[\-opr private key file name (default do not save)]
[\-opem public key PEM format file name (default do not save)]
[\-tk output ticket file name]
[\-ch output creation hash file name]
.HP
\fB\-se[0\-2]\fR session handle / attributes (default PWAP)
.IP
01 continue
20 command decrypt
40 response encrypt
.SH "SEE ALSO"
The full documentation for
.B create
is maintained as a Texinfo manual.  If the
.B info
and
.B create
programs are properly installed at your site, the command
.IP
.B info create
.PP
should give you access to the complete manual.