Provided by: tss2_1045-1.2build1_amd64 
NAME
createprimary - Runs TPM2_CreatePrimary
DESCRIPTION
--version-string=v1045 is not a valid option
createprimary creates a primary storage key
Runs TPM2_CreatePrimary
[-hi hierarchy (e, o, p, n) (default null)] [-pwdp password for hierarchy (default
empty)] [-pwdpi password file name for hierarchy (default empty)] [-pwdk password
for key (default empty)] [-iu inPublic unique field file (default none)] [-opu
public key file name (default do not save)] [oipem public key PEM format file name
(default do not save)] [-tk output ticket file name] [-ch output creation hash file
name]
[Asymmetric Key Algorithm]
-rsa (default) -ecc curve
bnp256 nistp256 nistp384
Key attributes
-bl data blob for unseal (create only)
-if data file name
-den decryption, RSA, not storage, NULL scheme -deo decryption, RSA, not storage,
OAEP scheme -des encryption/decryption, AES symmetric
[-116 for TPM rev 116 compatibility]
-st storage
[default for primary keys]
-si signing -sir restricted signing -dau create unrestricted ECDAA key pair -dar
create restricted ECDAA key pair -kh keyed hash (hmac) -dp derivation parent -gp
general purpose, not storage
[-kt (can be specified more than once)]
f fixedTPM (default for primary keys and derivation parents) p fixedParent (default
for primary keys and derivation parents) nf no fixedTPM (default for non-primary
keys) np no fixedParent (default for non-primary keys)
[-da object subject to DA protection) (default no)]
[-pol policy file (default empty)] [-uwa userWithAuth attribute clear (default
set)]
[-nalg name hash algorithm (sha1, sha256, sha384) (default sha256)] [-halg scheme
hash algorithm (sha1, sha256, sha384) (default sha256)]
-se[0-2] session handle / attributes (default PWAP)
01 continue 20 command decrypt 40 response encrypt
--version is not a valid option
createprimary creates a primary storage key
Runs TPM2_CreatePrimary
[-hi hierarchy (e, o, p, n) (default null)] [-pwdp password for hierarchy (default
empty)] [-pwdpi password file name for hierarchy (default empty)] [-pwdk password
for key (default empty)] [-iu inPublic unique field file (default none)] [-opu
public key file name (default do not save)] [oipem public key PEM format file name
(default do not save)] [-tk output ticket file name] [-ch output creation hash file
name]
[Asymmetric Key Algorithm]
-rsa (default) -ecc curve
bnp256
nistp256 nistp384
Key attributes
-bl data blob for unseal (create only)
-if data file name
-den decryption, RSA, not storage, NULL scheme -deo decryption, RSA, not storage,
OAEP scheme -des encryption/decryption, AES symmetric
[-116 for TPM rev 116 compatibility]
-st storage
[default for primary keys]
-si signing -sir restricted signing -dau create unrestricted ECDAA key pair -dar
create restricted ECDAA key pair -kh keyed hash (hmac) -dp derivation parent -gp
general purpose, not storage
[-kt (can be specified more than once)]
f fixedTPM (default for primary keys and derivation parents) p fixedParent (default
for primary keys and derivation parents) nf no fixedTPM (default for non-primary
keys) np no fixedParent (default for non-primary keys)
[-da object subject to DA protection) (default no)]
[-pol policy file (default empty)] [-uwa userWithAuth attribute clear (default
set)]
[-nalg name hash algorithm (sha1, sha256, sha384) (default sha256)] [-halg scheme
hash algorithm (sha1, sha256, sha384) (default sha256)]
-se[0-2] session handle / attributes (default PWAP)
01 continue 20 command decrypt 40 response encrypt
SEE ALSO
The full documentation for createprimary is maintained as a Texinfo manual. If the info
and createprimary programs are properly installed at your site, the command
info createprimary
should give you access to the complete manual.