TPM Management - tpmtoken_protect
NAME¶
tpmtoken_protect - encrypt or decrypt data using a symmetric key stored in the
user's TPM PKCS#11 data store
SYNOPSIS¶
tpmtoken_protect [ OPTION ]
DESCRIPTION¶
tpmtoken_protect will encrypt or decrypt data using a symmetric key that
is stored in the user's data store. The key used to protect the data is a
256-bit AES key stored as a private Secret Key PKCS#11 object. The object has
the PKCS#11 label attribute of ´User Data Protection Key´. The key
is generated by the TPM PKCS#11 implementation when it is needed the first
time. Since it is generated as a private object, it is protected by the TPM on
the platform.
This command requires the ´-i´ and ´-o´ command options to
be specified.
- -h, --help
- Display command usage info.
- -v, --version
- Display command version info.
- -l, --log [none|error|info|debug]
- Set logging level.
- -d, --decrypt
- Perform a decryption operation
- -e, --encrypt
- Perform an encryption operation
- -i, --infile FILE
- Use FILE as the input to the specified operation
- -k, --token STRING
- Use STRING to identify the label of the PKCS#11 token to be
used
- -o, --outfile FILE
- Use FILE as the output of the specified operation
SEE ALSO¶
tpmtoken_init(1),
tpmtoken_import(1),
tpmtoken_setpasswd(1),
tpmtoken_objects(1)
REPORTING BUGS¶
Report bugs to <trousers-users@lists.sourceforge.net>
