Provided by: tss2_1045-3_amd64 
NAME
create - Runs TPM2_Create
DESCRIPTION
--version-string=v1045 is not a valid option
create
Runs TPM2_Create
-hp parent handle
[Asymmetric Key Algorithm]
-rsa (default) -ecc curve
bnp256
nistp256 nistp384
Key attributes
-bl data blob for unseal (create only)
-if data file name
-den decryption, RSA, not storage, NULL scheme -deo decryption, RSA, not storage, OAEP scheme -des
encryption/decryption, AES symmetric
[-116 for TPM rev 116 compatibility]
-st storage
[default for primary keys]
-si signing -sir restricted signing -dau create unrestricted ECDAA key pair -dar create restricted
ECDAA key pair -kh keyed hash (hmac) -dp derivation parent -gp general purpose, not storage
[-kt (can be specified more than once)]
f fixedTPM (default for primary keys and derivation parents) p fixedParent (default for primary
keys and derivation parents) nf no fixedTPM (default for non-primary keys) np no fixedParent
(default for non-primary keys)
[-da object subject to DA protection) (default no)]
[-pol policy file (default empty)] [-uwa userWithAuth attribute clear (default set)]
[-nalg name hash algorithm (sha1, sha256, sha384) (default sha256)] [-halg scheme hash algorithm
(sha1, sha256, sha384) (default sha256)]
[-pwdk password for key (default empty)] [-pwdp password for parent key (default empty)]
[-opu public key file name (default do not save)] [-opr private key file name (default do not
save)] [-opem public key PEM format file name (default do not save)] [-tk output ticket file name]
[-ch output creation hash file name]
-se[0-2] session handle / attributes (default PWAP)
01 continue 20 command decrypt 40 response encrypt
--version is not a valid option
create
Runs TPM2_Create
-hp parent handle
[Asymmetric Key Algorithm]
-rsa (default) -ecc curve
bnp256
nistp256 nistp384
Key attributes
-bl data blob for unseal (create only)
-if data file name
-den decryption, RSA, not storage, NULL scheme -deo decryption, RSA, not storage, OAEP scheme -des
encryption/decryption, AES symmetric
[-116 for TPM rev 116 compatibility]
-st storage
[default for primary keys]
-si signing -sir restricted signing -dau create unrestricted ECDAA key pair -dar create restricted
ECDAA key pair -kh keyed hash (hmac) -dp derivation parent -gp general purpose, not storage
[-kt (can be specified more than once)]
f fixedTPM (default for primary keys and derivation parents) p fixedParent (default for primary
keys and derivation parents) nf no fixedTPM (default for non-primary keys) np no fixedParent
(default for non-primary keys)
[-da object subject to DA protection) (default no)]
[-pol policy file (default empty)] [-uwa userWithAuth attribute clear (default set)]
[-nalg name hash algorithm (sha1, sha256, sha384) (default sha256)] [-halg scheme hash algorithm
(sha1, sha256, sha384) (default sha256)]
[-pwdk password for key (default empty)] [-pwdp password for parent key (default empty)]
[-opu public key file name (default do not save)] [-opr private key file name (default do not
save)] [-opem public key PEM format file name (default do not save)] [-tk output ticket file name]
[-ch output creation hash file name]
-se[0-2] session handle / attributes (default PWAP)
01 continue 20 command decrypt 40 response encrypt
SEE ALSO
The full documentation for create is maintained as a Texinfo manual. If the info and create programs are
properly installed at your site, the command
info create
should give you access to the complete manual.
create July 2017 CREATE(1)