FreeBSD Manual Pages

home | help

tss2_sign(1)		    General Commands Manual		  tss2_sign(1)

NAME
       tss2_sign(1) -

SYNOPSIS
       tss2_sign [OPTIONS]

SEE ALSO
       fapi-config(5)  to  adjust  Fapi	parameters like	the used cryptographic
       profile and TCTI	or directories for the Fapi metadata storages.

       fapi-profile(5) to determine the	cryptographic algorithms  and  parame-
       ters for	all keys and operations	of a specific TPM interaction like the
       name hash algorithm, the	asymmetric signature algorithm,	scheme and pa-
       rameters	and PCR	bank selection.

DESCRIPTION
       tss2_sign(1)  - This command uses a key inside the TPM to sign a	digest
       value using the TPM signing schemes as specified	in  the	 cryptographic
       profile (cf., fapi-profile(5)).

OPTIONS
       These are the available options:

       • -p, --keyPath=STRING:

	 The path to the signing key.

       • -s, --padding=STRING:

	 The  padding  scheme  used.  Possible values are "RSA_SSA", "RSA_PSS"
	 (case insensitive).  Optional parameter.   If	omitted,  the  default
	 padding specified in the cryptographic	profile	(cf., fapi-profile(5))
	 is used.

       • -c, --certificate=FILENAME or - (for stdout):

	 The  certificate associated with keyPath in PEM format.  Optional pa-
	 rameter.

       • -d, --digest=FILENAME or - (for stdin):

	 The data to be	signed,	already	hashed.

       • -f, --force:

	 Force overwriting the output file.

       • -k, --publicKey=FILENAME or - (for stdout):

	 The public key	associated with	keyPath	in PEM format.	Optional para-
	 meter.

       • -o, --signature=FILENAME or - (for stdout):

	 Returns the signature in binary form.

COMMON OPTIONS
       This collection of options are common to	all tss2 programs and  provide
       information that	many users may expect.

       • -h,  --help  [man|no-man]: Display the	tools manpage.	By default, it
	 attempts to invoke the	manpager for the  tool,	 however,  on  failure
	 will  output  a short tool summary.  This is the same behavior	if the
	 "man" option argument is specified, however if	explicit "man" is  re-
	 quested,  the	tool  will  provide errors from	man on stderr.	If the
	 "no-man" option if specified, or the manpager fails,  the  short  op-
	 tions will be output to stdout.

	 To  successfully use the manpages feature requires the	manpages to be
	 installed or on MANPATH, See man(1) for more details.

       • -v, --version:	Display	version	information for	this  tool,  supported
	 tctis and exit.

EXAMPLE
	      tss2_sign	--keyPath=HS/SRK/myRSASign --padding="RSA_PSS" --digest=digest.file --signature=signature.file --publicKey=publicKey.file

RETURNS
       0 on success or 1 on failure.

BUGS
       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)

HELP
       See the Mailing List (https://lists.linuxfoundation.org/mailman/listin-
       fo/tpm2)

tpm2-tools			  APRIL	2019			  tss2_sign(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=tss2_sign&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help

Header And Logo

Peripheral Links

Site Navigation

FreeBSD Manual Pages

Header And Logo

Peripheral Links

Search

Site Navigation

FreeBSD Manual Pages