pemtpm is an utility based on ibmtpm20tss-tss
that extracts from the private key in PEM format the arguments:
objectPublic(TPM2B_PUBLIC)duplicate(TPM2B_PRIVATE)
These arguments are needed by the TPM2_Import command.
If you want to import keys generated by OpenSSL on your TPM, you would need
to run the importpem utility from the ibmtpm20tss toolset.
In some environments, importpem would not be able to execute because of its
size (due to the openssl dependency). Therefore, this utility retrives the
correct arguments to TPM2_Import from the private key removing the hassle to
include ibmtpm20tss in constrained environments.
Generate a RSA private key with OpenSSL in PEM format:
openssl genrsa -out private.pem 2048
Use pemtpm to get the objectPublic and duplicate arguments:
./pemtpm -ipem private.pem -opu opu.bin -opr opr.bin