% tpm2_hash(1) tpm2-tools | General Commands Manual
tpm2_hash(1) - Performs a hash operation with the TPM.
tpm2_hash [OPTIONS] [ARGUMENT OR STDIN]
tpm2_hash(1) - Performs a hash operation on file and returns the results. If argument is not specified, then data is read from stdin. If the results of the hash will be used in a signing operation that uses a restricted signing key, then the ticket returned by this command can indicate that the hash is safe to sign.
Output defaults to stdout and binary format unless otherwise specified via -o and --hex options respectively.
-
-C, --hierarchy=OBJECT:
Hierarchy to use for the ticket. Defaults to o, TPM_RH_OWNER, when no value has been specified. Supported options are:
- o for TPM_RH_OWNER
- p for TPM_RH_PLATFORM
- e for TPM_RH_ENDORSEMENT
- n for TPM_RH_NULL
-
-g, --hash-algorithm=ALGORITHM:
The hashing algorithm for the digest operation.
-
--hex
Convert the output hmac to hex format without a leading "0x".
-
-o, --output=FILE or STDOUT:
Optional file to save the hash result. Defaults to stdout in hex form.
-
-t, --ticket=TICKET_FILE
Optional file record of the ticket result. Defaults to stdout in hex form.
-
ARGUMENT or STDIN the command line argument specifies the FILE to hash.
context object format details the methods for specifying OBJECT.
authorization formatting details the methods for specifying the ALGORITHM.
common options collection of common options that provide information many users may expect.
common tcti options collection of options used to configure the various known TCTI modules.
tpm2_hash -C e -g sha1 -o hash.bin -t ticket.bin data.txt