tpm2_create.md Add example for a restricted signing key

An example with an appropriate algorithm parameter was added. Signed-off-by: Juergen Repp <[email protected]>
tpm2-software · Dec 13, 2023 · 31845c7 · 31845c7
1 parent 08634a5
commit 31845c7
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/man/tpm2_create.1.md b/man/tpm2_create.1.md
@@ -218,6 +218,16 @@ PEM files.
 ```bash
 tpm2_create -C primary.ctx -u obj.pub -r obj.priv -f pem -o obj.pem
 ```
+## Create a restricted RSA signing key
+
+For a restricted signing key the scheme and null for the symmetric algorithm must be
+specified.
+
+```bash
+tpm2_create -C primary.ctx -Grsa2048:rsapss:null  \
+    -a "fixedtpm|fixedparen|sensitivedataorigin|userwithauth|restricted|sign" \
+    -r obj.priv -u obj.pub
+```
 
 [returns](common/returns.md)