Hi Kernel testing focused and somewhat opionated TPM2 tool tpm2sh has now first usable release:
https://crates.io/crates/tpm2sh/0.11.0 ❯ tpm2sh help Usage: tpm2sh [-d <device>] [--log-format <log-format>] [-P] <command> [<args>] TPM 2.0 shell Options: -d, --device device path --log-format log format: 'plain' or 'pretty' -P, --plain print tables without headers and with space-separated columns --help, help display usage information Commands: algorithm Lists available algorithms supported by the chip. certificate Exports an endorsement key certificate. convert Converts external key files to TPMKey files. create Creates secondary keys. create-primary Creates a new primary key in a specified hierarchy. delete Deletes TPM objects, and cached keys and sessions. key Lists cached keys. load Loads a key under a parent and caches its context. memory Lists objects inside TPM memory. pcr-event Extends a PCR with an event. policy Builds an authorization policy. return-code Prints a TPM return code in human-readable format. reset-lock Resets the dictionary attack lockout counter. save Stores a cached key to non-volatile memory. seal Creates a sealed data object. session Lists cached authorization sessions. start-session Starts a new authorization session. unseal Retrieves data from a sealed data object. It can convert and load PKCS#1, SEC1 and PKCS#8 keys into TPMKey files, which makes it practical with kernel interfaces. BR, Jarkko
