Table of Contents
TPM Management - tpmtoken_protect
tpmtoken_protect - encrypt or decrypt
data using a symmetric key stored in the user's TPM PKCS#11 data store
tpmtoken_protect [ OPTION ]
tpmtoken_protect will encrypt
or decrypt data using a symmetric key that is stored in the user's data
store. The key used to protect the data is a 256-bit AES key stored as a
private Secret Key PKCS#11 object. The object has the PKCS#11 label attribute
of 'User Data Protection Key'. The key is generated by the TPM PKCS#11 implementation
when it is needed the first time. Since it is generated as a private object,
it is protected by the TPM on the platform.
This command requires the '-i'
and '-o' command options to be specified.
- -h, --help
- Display command usage info.
- -v, --version
- Display command version info.
- -l, --log [none|error|info|debug]
- Set
logging level.
- -d, --decrypt
- Perform a decryption operation
- -e, --encrypt
- Perform
an encryption operation
- -i, --infile FILE
- Use FILE as the input to the specified
operation
- -o, --outfile FILE
- Use FILE as the output of the specified operation
tpmtoken_init(1)
, tpmtoken_import(1)
, tpmtoken_setpasswd(1)
, tpmtoken_objects(1)
Report bugs to <trousers-users@lists.sourceforge.net>
Table of Contents