NAME
tpm_sealdata - seal input data to the system’s TPM
SYNOPSIS
tpm_sealdata [OPTION]
DESCRIPTION
tpm_sealdata seals sensitive input data to the SRK of the system’s TPM
and optionally a PCR configuration. Backup your data, it is
unrecoverable from this format if the SRK changes or the specified PCR
configuration is unreproducable. The result can be unsealed by
functions in libtpm_unseal, such as tpmUnsealFile(3).
-h, --help
Display command usage info.
-v, --version
Display command version info.
-l, --log [none|error|info|debug]
Set logging level.
-i, --infile FILE
File containing input data to seal.
-o, --outfile FILE
Output file. Default is STDOUT.
-p, --pcr NUMBER
Seal data to the current value of the specified pcr. This option
can be given NUM_PCRS times. The specified pcr is in the range
of 0 to NUM_PCRS-1. NUM_PCRS is at least 16 but may vary by
platform.
-z, --well-known
Use TSS_WELL_KNOWN_SECRET (20 zero bytes) as the SRK password.
You will not be prompted for the SRK password with this option.
-u, --unicode
Use TSS UNICODE encoding for the SRK password to comply with
applications using TSS popup boxes.
SEE ALSO
tpm_takeownership(8), tpmUnsealFile(3)
REPORTING BUGS
Report bugs to <trousers-users@lists.sourceforge.net>