This is the command stpm-sign that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
stpm-sign - Sign data using the TPM chip
SYNOPSIS
stpm-sign [ -hs ] -k key file -f input file
DESCRIPTION
stpm-sign takes the SRK-encrypted key blob and has the TPM sign the contents of input file
using the key.
This program is mostly made for debugging, to make sure that the TPM is set up correctly
and a valid key was generated.
OPTIONS
-h Show usage info.
-f input file
File containing dato to be signed.
-k Key to sign with. The key is generated with stpm-keysign.
-s Ask for the SRK password interactively. By default the "Well Known Secret" (20
nulls) is used. The SRK password is an access token that must be presented for the
TPM to perform any operation that involves the TPM, and an actual secret password
is usually not required or useful.
EXAMPLES
stpm-sign -k ~/.simple-tpm-pk11/my.key -f my-data-here
stpm-sign -k ~/.simple-tpm-pk11/my-PIN-key.key -f my-data-here
Enter key PIN: my secret password here
stpm-sign -sk ~/.simple-tpm-pk11/my-PIN-key.key -f my-data-here
Enter SRK PIN: 12345678
Enter key PIN: my secret password here
DIAGNOSTICS
Most errors will probably be related to interacting with the TPM chip. Resetting the TPM
chip and taking ownership should take care of most of them. See the TPM-TROUBLESHOOTING
section of simple-tpm-pk11(7).
Use stpm-sign online using onworks.net services