tpmtoken_protect - Man Page

encrypt or decrypt data using a symmetric key stored in the user's TPM PKCS#11 data store

TPM Management - tpmtoken_protect


tpmtoken_protect [ OPTION ]


tpmtoken_protect will encrypt or decrypt data using a symmetric key that is stored in the user's data store.  The key used to protect the data is a 256-bit AES key stored as a private Secret Key PKCS#11 object.  The object has the PKCS#11 label attribute of ´User Data Protection Key´. The key is generated by the TPM PKCS#11 implementation when it is needed the first time.  Since it is generated as a private object, it is protected by the TPM on the platform.

This command requires the ´-i´ and ´-o´ command options to be specified.

-h,  --help

Display command usage info.

-v,  --version

Display command version info.

-l,  --log [none|error|info|debug]

Set logging level.

-d,  --decrypt

Perform a decryption operation

-e,  --encrypt

Perform an encryption operation

-i,  --infile FILE

Use FILE as the input to the specified operation

-k,  --token STRING

Use STRING to identify the label of the PKCS#11 token to be used

-o,  --outfile FILE

Use FILE as the output of the specified operation

See Also

tpmtoken_init(1), tpmtoken_import(1), tpmtoken_setpasswd(1), tpmtoken_objects(1)

Reporting Bugs

Report bugs to <>

Referenced By

tpmtoken_import(1), tpmtoken_init(1), tpmtoken_objects(1), tpmtoken_setpasswd(1).

2005-04-25 TPM Management