tpm_sealdata man page

TPM Management - tpm_sealdata

tpm_sealdata — seal input data to the system's TPM


tpm_sealdata [OPTION]


tpm_sealdata seals sensitive input data to the SRK of the system's TPM and optionally a PCR configuration. Backup your data, it is unrecoverable from this format if the SRK changes or the specified PCR configuration is unreproducable. The result can be unsealed by functions in libtpm_unseal, such as tpmUnsealFile(3).

-h, --help
Display command usage info.
-v, --version
Display command version info.
-l, --log [none|error|info|debug]
Set logging level.
-i, --infile FILE
File containing input data to seal.
-o, --outfile FILE
Output file. Default is STDOUT.
-p, --pcr NUMBER
Seal data to the current value of the specified pcr. This option can be given NUM_PCRS times. The specified pcr is in the range of 0 to NUM_PCRS-1. NUM_PCRS is at least 16 but may vary by platform.
-z, --well-known
Use TSS_WELL_KNOWN_SECRET (20 zero bytes) as the SRK password. You will not be prompted for the SRK password with this option.
-u, --unicode
Use TSS UNICODE encoding for the SRK password to comply with applications using TSS popup boxes.

See Also

tpm_takeownership(8), tpmUnsealFile(3)

Reporting Bugs

Report bugs to <trousers-users@lists.sourceforge.net>

Referenced By


Explore man page connections for tpm_sealdata(1).

TPM Management 2005-08-10