NAME

SYNOPSIS

tss2_exportkey [OPTIONS]

DESCRIPTION

tss2_exportkey(1) - This command will duplicate a key and encrypt it using the public key of a new parent. The exported data will contain the re-wrapped key pointed to by the pathOfKeyToDuplicate and then the JSON encoded policy. Encryption is done according to TPM encryption schemes specified in the cryptographic profile (cf., fapi-profile(5)).

OPTIONS

These are the available options:

•: -e --pathToPublicKeyOfNewParent=STRING:

The path to the public key of the new parent. This key MAY be in the public key hierarchy /ext. Optional parameter. If omitted only the public key will exported.

•: -f, --force:

Force overwriting the output file.

•: -o, --exportedData=FILENAME or - (for stdout):

Returns the exported subtree.

•: -p, --pathOfKeyToDuplicate=STRING:

The path to the root of the subtree to export.

COMMON OPTIONS

This collection of options are common to all tss2 programs and provide information that many users may expect.

•: -h, --help [man|no-man]: Display the tools manpage. By default, it attempts to invoke the manpager for the tool, however, on failure will output a short tool summary. This is the same behavior if the “man” option argument is specified, however if explicit “man” is requested, the tool will provide errors from man on stderr. If the “no-man” option if specified, or the manpager fails, the short options will be output to stdout.

To successfully use the manpages feature requires the manpages to be installed or on MANPATH, See man(1) for more details.

•: -v, --version: Display version information for this tool, supported tctis and exit.

EXAMPLE

tss2_exportkey --pathOfKeyToDuplicate=HS/SRK/myRSADecrypt --exportedData=exportedData.file

RETURNS

0 on success or 1 on failure.

BUGS

Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)

HELP

See the Mailing List (https://lists.linuxfoundation.org/mailman/listinfo/tpm2)

APRIL 2019

tpm2-tools