Editar

Compartir a través de


Get-TpmEndorsementKeyInfo

Gets information about the endorsement key and certificates of the TPM.

Syntax

Get-TpmEndorsementKeyInfo
   [[-HashAlgorithm] <String>]
   [<CommonParameters>]

Description

The Get-TpmEndorsementKeyInfo cmdlet gets information about the endorsement public key and certificates of the Trusted Platform Module (TPM).

Examples

Example 1: Get endorsement key information

PS C:\> Get-TpmEndorsementKeyInfo -Hash "Sha256"
IsPresent                : True
PublicKey                : System.Security.Cryptography.AsnEncodedData
PublicKeyHash            : 70769c52b6e24ef683693c2a0208da68d77e94192e1f4080ae7c9b97c6caa681
ManufacturerCertificates : {[Subject]
OID.2.23.133.2.3=1.2,
OID.2.23.133.2.2=C4T8SOX3.5,
OID.2.23.133.2.1=id:782F345A

[Issuer]
CN=Contoso TPM CA1, OU=Contoso
Certification Authority, O=Contoso, C=KR

[Serial Number]
77A120A

[Not Before]
6/4/2012 6:35:58 PM

[Not After]
6/4/2022 6:35:57 PM

[Thumbprint]
77378D1480AB48FEA2D4E610B2C7EEF648FEA2
}
AdditionalCertificates   : {}

This command gets information about the endorsement key of the TPM. The command uses the Sha256 algorithm to hash the public key.

Parameters

-HashAlgorithm

Specifies the hash algorithm used for the public key. The acceptable values for this parameter are: Sha256.

Type:String
Accepted values:sha256
Position:1
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

Inputs

String

This accepts the name of the algorithm, as a string, used to hash the public key. Sha256 is the only supported algorithm.

Outputs

EndorsementKeyObject

This cmdlet generates an EndorsementKeyObject object that contains the following members:

  • IsPresent. A Boolean that represents whether the endorsement public key is known to the operating system.
  • PublicKey. An AsnEncodedData object that contains the asn.1 encoded public portion of the endorsement key.
  • PublicKeyHash. The hash, as a String, of the public key if the cmdlet used a hash algorithm.
  • ManufacturerCertificates. A X509Certificate2Collection object that contains the manufacturer endorsement key certificates. This object can contain the manufacturer and platform certificates.
  • AdditionalCertificates. A X509Certificate2Collection object that contains a collection of additional endorsement key certificates that are registered to the operating system, such as any enterprise certificates.