NAME

       tpm_mkaik - make a TPM Attestation Identity Key

SYNOPSIS

       tpm_mkaik [-zuhv] BLOB-FILE PUBKEY-FILE

DESCRIPTION

       The program generates a TPM Attestation Identity Key and stores it in the file BLOB-FILE.  The public key
       is stored in the file PUBKEY-FILE.  The public key is DER encoded.

       -z     Use the well known secret used as the owner secret.

       -u     Use TSS UNICODE encoding for passwords.

       -h     Display command usage info.

       -v     Display command version info.

BUGS

       Sometimes,  when  tpm_mkaik  is  invoked  without  the  -z option, no password prompt appears.  As a work
       around, use tpm_changeownerauth to set the secret to the well known one, generate the key, and  then  use
       tpm_changeownerauth to set the secret to its original value.

SEE ALSO

       tpm_quote_tools(8), tpm_changeownerauth(8)

                                                    Oct 2010                                     MAKE TPM AIK(8)