diff --git a/tools/tpm2_akparse.c b/tools/tpm2_akparse.c
@@ -36,7 +36,6 @@
 #include <stdio.h>
 #include <string.h>
 
-#include <getopt.h>
 #include <sapi/tpm20.h>
 
 #include "tpm2_options.h"
@@ -49,7 +48,6 @@ typedef struct tpm_akparse_ctx tpm_akparse_ctx;
 struct tpm_akparse_ctx {
     char *ak_data_file_path;
     char *ak_key_file_path;
-    TSS2_SYS_CONTEXT *sapi_context;
 };
 
 static tpm_akparse_ctx ctx;
@@ -170,10 +168,9 @@ bool tpm2_tool_onstart(tpm2_options **opts) {
 
 int tpm2_tool_onrun(TSS2_SYS_CONTEXT *sapi_context, tpm2_option_flags flags) {
 
+    UNUSED(sapi_context);
     UNUSED(flags);
 
-    ctx.sapi_context = sapi_context;
-
     /* 0 on success 1 on error */
     return parse_and_save_ak_public() != true;
 }
diff --git a/tools/tpm2_certify.c b/tools/tpm2_certify.c
@@ -34,7 +34,6 @@
 #include <stdio.h>
 #include <string.h>
 
-#include <getopt.h>
 #include <limits.h>
 #include <sapi/tpm20.h>
 
@@ -59,7 +58,6 @@ struct tpm_certify_ctx {
         char *attest;
         char *sig;
     } file_path;
-    TSS2_SYS_CONTEXT *sapi_context;
     struct {
         UINT16 H : 1;
         UINT16 k : 1;
@@ -143,7 +141,7 @@ static bool set_scheme(TSS2_SYS_CONTEXT *sapi_context, TPMI_DH_OBJECT key_handle
     return true;
 }
 
-static bool certify_and_save_data(void) {
+static bool certify_and_save_data(TSS2_SYS_CONTEXT *sapi_context) {
 
     TPMS_AUTH_COMMAND *cmd_session_array[ARRAY_LEN(ctx.cmd_auth)] = {
         &ctx.cmd_auth[0],
@@ -174,7 +172,7 @@ static bool certify_and_save_data(void) {
     };
 
     TPMT_SIG_SCHEME scheme;
-    bool result = set_scheme(ctx.sapi_context, ctx.handle.key, ctx.halg, &scheme);
+    bool result = set_scheme(sapi_context, ctx.handle.key, ctx.halg, &scheme);
     if (!result) {
         LOG_ERR("No suitable signing scheme!");
         return false;
@@ -188,7 +186,7 @@ static bool certify_and_save_data(void) {
 
     TPMT_SIGNATURE signature;
 
-    TPM_RC rval = Tss2_Sys_Certify(ctx.sapi_context, ctx.handle.obj,
+    TPM_RC rval = Tss2_Sys_Certify(sapi_context, ctx.handle.obj,
             ctx.handle.key, &cmd_auth_array, &qualifying_data, &scheme,
             &certify_info, &signature, &sessions_data_out);
     if (rval != TPM_RC_SUCCESS) {
@@ -216,34 +214,41 @@ static bool on_option(char key, char *value) {
     case 'H':
         result = tpm2_util_string_to_uint32(value, &ctx.handle.obj);
         if (!result) {
+            LOG_ERR("Could not format object handle to number, got: \"%s\"",
+                    value);
             return false;
         }
         ctx.flags.H = 1;
         break;
     case 'k':
         result = tpm2_util_string_to_uint32(value, &ctx.handle.key);
         if (!result) {
+            LOG_ERR("Could not format key handle to number, got: \"%s\"",
+                    value);
             return false;
         }
         ctx.flags.k = 1;
         break;
     case 'P':
         result = tpm2_password_util_from_optarg(value, &ctx.cmd_auth[0].hmac);
         if (!result) {
+            LOG_ERR("Invalid object key password, got\"%s\"", value);
             return false;
         }
         ctx.flags.P = 1;
         break;
     case 'K':
         result = tpm2_password_util_from_optarg(value, &ctx.cmd_auth[1].hmac);
         if (!result) {
+            LOG_ERR("Invalid key handle password, got\"%s\"", value);
             return false;
         }
         ctx.flags.K = 1;
         break;
     case 'g':
         ctx.halg = tpm2_alg_util_from_optarg(value);
         if (ctx.halg == TPM_ALG_ERROR) {
+            LOG_ERR("Could not format algorithm to number, got: \"%s\"", value);
             return false;
         }
         ctx.flags.g = 1;
@@ -264,13 +269,15 @@ static bool on_option(char key, char *value) {
         break;
     case 'c':
         if (ctx.context_key_file) {
+            LOG_ERR("Multiple specifications of -c");
             return false;
         }
         ctx.context_key_file = value;
         ctx.flags.c = 1;
         break;
     case 'C':
         if (ctx.context_file) {
+            LOG_ERR("Multiple specifications of -C");
             return false;
         }
         ctx.context_file = optarg;
@@ -306,7 +313,6 @@ int tpm2_tool_onrun(TSS2_SYS_CONTEXT *sapi_context, tpm2_option_flags flags) {
     bool result;
 
     UNUSED(flags);
-    ctx.sapi_context = sapi_context;
 
     if (!(ctx.flags.H || ctx.flags.C) && (ctx.flags.k || ctx.flags.c) && (ctx.flags.g) && (ctx.flags.a)
         && (ctx.flags.s)) {
@@ -315,20 +321,20 @@ int tpm2_tool_onrun(TSS2_SYS_CONTEXT *sapi_context, tpm2_option_flags flags) {
 
     /* Load input files */
     if (ctx.flags.C) {
-        result = files_load_tpm_context_from_file(ctx.sapi_context, &ctx.handle.obj,
+        result = files_load_tpm_context_from_file(sapi_context, &ctx.handle.obj,
                                                   ctx.context_file);
         if (!result) {
             return 1;
         }
     }
 
     if (ctx.flags.c) {
-        result = files_load_tpm_context_from_file(ctx.sapi_context, &ctx.handle.key,
+        result = files_load_tpm_context_from_file(sapi_context, &ctx.handle.key,
                                                   ctx.context_key_file);
         if (!result) {
             return 1;
         }
     }
 
-    return certify_and_save_data() != true;
+    return certify_and_save_data(sapi_context) != true;
 }
diff --git a/tools/tpm2_create.c b/tools/tpm2_create.c
@@ -36,7 +36,6 @@
 #include <string.h>
 #include <limits.h>
 #include <ctype.h>
-#include <getopt.h>
 #include <stdbool.h>
 
 #include <sapi/tpm20.h>
@@ -51,7 +50,6 @@
 
 typedef struct tpm_create_ctx tpm_create_ctx;
 struct tpm_create_ctx {
-    TSS2_SYS_CONTEXT *sapi_context;
     TPMS_AUTH_COMMAND session_data;
     TPM2B_SENSITIVE_CREATE in_sensitive;
     TPM2B_PUBLIC in_public;
@@ -167,7 +165,7 @@ int setup_alg()
     return 0;
 }
 
-int create(void)
+int create(TSS2_SYS_CONTEXT *sapi_context)
 {
     TPM_RC rval;
     TPMS_AUTH_RESPONSE sessionDataOut;
@@ -207,7 +205,7 @@ int create(void)
 
     creationPCR.count = 0;
 
-    rval = Tss2_Sys_Create(ctx.sapi_context, ctx.parent_handle, &sessionsData, &ctx.in_sensitive,
+    rval = Tss2_Sys_Create(sapi_context, ctx.parent_handle, &sessionsData, &ctx.in_sensitive,
                            &ctx.in_public, &outsideInfo, &creationPCR, &outPrivate,&outPublic,
                            &creationData, &creationHash, &creationTicket, &sessionsDataOut);
     if(rval != TPM_RC_SUCCESS) {
@@ -239,41 +237,47 @@ static bool on_option(char key, char *value) {
     switch(key) {
     case 'H':
         if(!tpm2_util_string_to_uint32(value, &ctx.parent_handle)) {
+            LOG_ERR("Invalid parent handle, got\"%s\"", value);
             return false;
         }
         ctx.flags.H = 1;
         break;
     case 'P':
         res = tpm2_password_util_from_optarg(value, &ctx.session_data.hmac);
         if (!res) {
+            LOG_ERR("Invalid parent key password, got\"%s\"", value);
             return false;
         }
         ctx.flags.P = 1;
         break;
     case 'K':
         res = tpm2_password_util_from_optarg(value, &ctx.in_sensitive.t.sensitive.userAuth);
         if (!res) {
+            LOG_ERR("Invalid key password, got\"%s\"", value);
             return false;
         }
         ctx.flags.K = 1;
         break;
     case 'g':
         ctx.nameAlg = tpm2_alg_util_from_optarg(value);
         if(ctx.nameAlg == TPM_ALG_ERROR) {
+            LOG_ERR("Invalid hash algorithm, got\"%s\"", value);
             return false;
         }
         ctx.flags.g = 1;
         break;
     case 'G':
         ctx.type = tpm2_alg_util_from_optarg(value);
         if(ctx.type == TPM_ALG_ERROR) {
+            LOG_ERR("Invalid key algorithm, got\"%s\"", value);
             return false;
         }
 
         ctx.flags.G = 1;
         break;
     case 'A':
         if(!tpm2_util_string_to_uint32(value, &ctx.objectAttributes)) {
+            LOG_ERR("Invalid object attribute, got\"%s\"", value);
             return false;
         }
         ctx.flags.A = 1;
@@ -297,10 +301,12 @@ static bool on_option(char key, char *value) {
                                        &ctx.in_public.t.publicArea.authPolicy.t.size)) {
             return false;
         }
-        ctx.flags.L  = 1;
+        ctx.flags.L = 1;
         break;
     case 'S':
         if (!tpm2_util_string_to_uint32(optarg, &ctx.session_data.sessionHandle)) {
+            LOG_ERR("Could not convert session handle to number, got: \"%s\"",
+                    value);
             return false;
         }
         break;
@@ -352,6 +358,9 @@ bool tpm2_tool_onstart(tpm2_options **opts) {
       {0,0,0,0}
     };
 
+    setbuf(stdout, NULL);
+    setvbuf (stdout, NULL, _IONBF, BUFSIZ);
+
     *opts = tpm2_options_new("H:P:K:g:G:A:I:L:o:O:c:S:E", ARRAY_LEN(topts), topts, on_option, NULL);
 
     return *opts != NULL;
@@ -361,11 +370,6 @@ int tpm2_tool_onrun(TSS2_SYS_CONTEXT *sapi_context, tpm2_option_flags flags) {
 
     UNUSED(flags);
 
-    ctx.sapi_context = sapi_context;
-
-    setbuf(stdout, NULL);
-    setvbuf (stdout, NULL, _IONBF, BUFSIZ);
-
     int returnVal = 0;
     int flagCnt = 0;
 
@@ -390,10 +394,10 @@ int tpm2_tool_onrun(TSS2_SYS_CONTEXT *sapi_context, tpm2_option_flags flags) {
     } else if(flagCnt == 3 && (ctx.flags.H == 1 || ctx.flags.c == 1) &&
               ctx.flags.g == 1 && ctx.flags.G == 1) {
         if(ctx.flags.c)
-            returnVal = files_load_tpm_context_from_file(ctx.sapi_context,
+            returnVal = files_load_tpm_context_from_file(sapi_context,
                                                          &ctx.parent_handle, ctx.context_parent_path) != true;
         if(returnVal == 0)
-            returnVal = create();
+            returnVal = create(sapi_context);
 
         if(returnVal)
             return 1;

diff --git a/tools/tpm2_createpolicy.c b/tools/tpm2_createpolicy.c
@@ -33,7 +33,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#include <getopt.h>
 #include <sapi/tpm20.h>
 
 #include "tpm2_options.h"
@@ -73,7 +72,6 @@ struct tpm2_pcr_policy_options{
 
 typedef struct create_policy_ctx create_policy_ctx;
 struct create_policy_ctx {
-    TSS2_SYS_CONTEXT *sapi_context; // system API context from main
     tpm2_common_policy_options common_policy_options;
     tpm2_pcr_policy_options pcr_policy_options;
 };
@@ -89,7 +87,7 @@ static create_policy_ctx pctx = {
     .common_policy_options = TPM2_COMMON_POLICY_INIT
 };
 
-static TPM_RC parse_policy_type_specific_command (void) {
+static TPM_RC parse_policy_type_specific_command(TSS2_SYS_CONTEXT *sapi_context) {
     TPM_RC rval = TPM_RC_SUCCESS;
     if (!pctx.common_policy_options.policy_type.is_policy_type_selected){
         LOG_ERR("No Policy type chosen.");
@@ -102,7 +100,7 @@ static TPM_RC parse_policy_type_specific_command (void) {
             LOG_ERR("Need the pcr list to account for in the policy.");
             return TPM_RC_NO_RESULT;
         }
-        rval = tpm2_policy_build(pctx.sapi_context,
+        rval = tpm2_policy_build(sapi_context,
                                  &pctx.common_policy_options.policy_session,
                                  pctx.common_policy_options.policy_session_type,
                                  pctx.common_policy_options.policy_digest_hash_alg,
@@ -161,6 +159,7 @@ static bool on_option(char key, char *value) {
         pctx.common_policy_options.policy_digest_hash_alg
             = tpm2_alg_util_from_optarg(value);
         if(pctx.common_policy_options.policy_digest_hash_alg == TPM_ALG_ERROR) {
+            LOG_ERR("Invalid choice for policy digest hash algorithm");
             return false;
         }
         break;
@@ -206,7 +205,6 @@ bool tpm2_tool_onstart(tpm2_options **opts) {
 int tpm2_tool_onrun(TSS2_SYS_CONTEXT *sapi_context, tpm2_option_flags flags) {
 
     UNUSED(flags);
-    pctx.sapi_context = sapi_context;
 
     if (pctx.common_policy_options.policy_file_flag == false &&
         pctx.common_policy_options.policy_session_type == TPM_SE_TRIAL) {
@@ -215,5 +213,5 @@ int tpm2_tool_onrun(TSS2_SYS_CONTEXT *sapi_context, tpm2_option_flags flags) {
         return 1;
     }
 
-    return parse_policy_type_specific_command() != TPM_RC_SUCCESS;
+    return parse_policy_type_specific_command(sapi_context) != TPM_RC_SUCCESS;
 }