/

tpmtoken_protect (1) Linux Manual Page

ByLinux Manual Posted on Updated on

TPM Management – tpmtoken_protect

NAME

tpmtoken_protect – encrypt or decrypt data using a symmetric key stored in the user’s TPM PKCS#11 data store

SYNOPSIS

tpmtoken_protect [ OPTION ]

DESCRIPTION

tpmtoken_protect will encrypt or decrypt data using a symmetric key that is stored in the user’s data store. The key used to protect the data is a 256-bit AES key stored as a private Secret Key PKCS#11 object. The object has the PKCS#11 label attribute of ‘User Data Protection Key’. The key is generated by the TPM PKCS#11 implementation when it is needed the first time. Since it is generated as a private object, it is protected by the TPM on the platform.

This command requires the ‘-i’ and ‘-o’ command options to be specified.

-h, –help

Display command usage info.

-v, –version

Display command version info.

-l, –log [none|error|info|debug]

Set logging level.

-d, –decrypt

Perform a decryption operation

-e, –encrypt

Perform an encryption operation

-i, –infile FILE

Use FILE as the input to the specified operation

-k, –token STRING

Use STRING to identify the label of the PKCS#11 token to be used

-o, –outfile FILE

Use FILE as the output of the specified operation

SEE ALSO

tpmtoken_init(1), tpmtoken_import(1), tpmtoken_setpasswd(1), tpmtoken_objects(1)

REPORTING BUGS

Report bugs to <trousers-users [at] lists.sourceforge.net>

Index

Leave a Reply

Your email address will not be published. Required fields are marked *