tpmvscmgr

TPM Virtual Smartcard Setup Utility

TPM Virtual Smartcard Setup Utility


tpmvscmgr

  • C:\Windows\system32\tpmvscmgr.exe /?

STDERR:

TpmVscMgr.exe

 Commands:
	create
		[/quiet]
		/name <name>
		/adminkey 'PROMPT'|'DEFAULT'|'RANDOM'
		[/puk 'PROMPT'|'DEFAULT']
		/pin 'PROMPT'|'DEFAULT'
		[/generate]
		[/machine <machine name>]
		[/pinpolicy [policy options]]
		    policy options:
			minlen <minimum PIN length>
			maxlen <maximum PIN length>
			uppercase 'ALLOWED'|'DISALLOWED'|'REQUIRED'
			lowercase 'ALLOWED'|'DISALLOWED'|'REQUIRED'
			digits 'ALLOWED'|'DISALLOWED'|'REQUIRED'
			specialchars 'ALLOWED'|'DISALLOWED'|'REQUIRED'
		[/attestation 'AIK_AND_CERT'|'AIK_ONLY']

	destroy
		[/quiet]
		/instance <device instance ID>
		[/machine <machine name>]

 Legend:
		'PROMPT' => prompt for parameter
		'DEFAULT' => default value for parameter
		'RANDOM' => generate a random value
		'ALLOWED' => these characters are allowed
		'DISALLOWED' => these characters are not
		    allowed
		'REQUIRED' => at least one such character
		    is required
		'AIK_AND_CERT' => Creates an AIK and obtains
		    an AIK certificate from the cloud CA
		'AIK_ONLY' => Creates an AIK but
		    does not obtain an AIK certificate

 Note:
		The generate command formats the TPM
		virtual smart card so that it can be used
		to enroll for certificates. If this option
		is not specified, a card management
		system/tool will need to be used to format
		the card before first use.

 Note:
		/pinpolicy may only be used in conjunction
		with /pin prompt.

 Note:
		The default PIN policy options are as
		follows:
		    minlen 8
		    maxlen 127
		    uppercase allowed
		    lowercase allowed
		    digits allowed
		    specialchars allowed

		The lower and upper bounds on PIN length
		are 4 and 127, respectively. When using
		/pinpolicy, PIN characters must be
		printable ASCII characters.

 Note:
		If '/attestation AIK_AND_CERT' is specified, it
		is possible that VSC creation will fail if
		there is no network connectivity.
 Examples:
    Create a TPM virtual smart card with default value for
    PIN and a random admin key with no attestation:

	TpmVscMgr create /name MyVSC /pin default /adminkey random /generate

    Create a TPM virtual smart card with default value for
    admin key and a specified PIN policy and attestation method:

	TpmVscMgr create /name MyVSC /pin prompt /pinpolicy minlen 4 maxlen 8
	    /adminkey default /attestation AIK_AND_CERT /generate

    Destroy a TPM virtual smart card using the instance ID
    that was returned when the card was created:

	TpmVscMgr destroy /instance root\smartcardreader\0000

Return Code: 0


C:\Windows\system32\tpmvscmgr.exe
c:\>ver
Microsoft Windows [Version 10.0.19045.2075]
FileInfo
File Size102400bytes
Creation Time2019/12/07 18:08:49
LastWrite Time2019/12/07 18:08:49
ProductVersion10.0.19041.1
FileVersion4.00 (WinBuild.160101.0800)
HashValue
MD5d922a26d46a2e2194be6c3af1548d0e9
SHA1d0afd35a719dc0efc018f2609144297473d711d3
SHA2241b242d0d695d5163c09bef37719353c73ab319ce83eeeb2bca71f1f9
SHA2564363b665cb1b4b724716d7e287fe770d8c38c76aa78fa0d1cbcd1c9bc1c2b02c
SHA3842e90c554917683cc150985a422381ca830ca4fb6a08b6cb72a8e61a8452c91599061efbc6101b52569b2822532fc5e7e
SHA512582d2892040c7f57dd00e14c9382cfb832cadda8b7a6dbc5dbf02b6a2aaf2d311cbc47012369020c413f8bdb03ee7dfc7aebc898278a973bc14d0796a22de977
Built with Hugo
Theme Stack designed by Jimmy