NAME

       tpm_mkaik - make a TPM Attestation Identity Key

SYNOPSIS

       tpm_mkaik [-zuhv] BLOB-FILE PUBKEY-FILE

DESCRIPTION

       The  program generates a TPM Attestation Identity Key and stores it in the file BLOB-FILE.
       The public key is stored in the file PUBKEY-FILE.  The public key is DER encoded.

       -z     Use the well known secret used as the owner secret.

       -u     Use TSS UNICODE encoding for passwords.

       -h     Display command usage info.

       -v     Display command version info.

BUGS

       Sometimes, when tpm_mkaik is invoked without the -z option, no  password  prompt  appears.
       As  a  work  around,  use  tpm_changeownerauth  to  set  the secret to the well known one,
       generate the key, and then use tpm_changeownerauth to  set  the  secret  to  its  original
       value.

SEE ALSO

       tpm_quote_tools(8), tpm_changeownerauth(8)

                                             Oct 2010                             MAKE TPM AIK(8)