NAME
tpmtoken_protect - encrypt or decrypt data using a symmetric key stored
in the user’s TPM PKCS#11 data store
SYNOPSIS
tpmtoken_protect [ OPTION ]
DESCRIPTION
tpmtoken_protect will encrypt or decrypt data using a symmetric key
that is stored in the user’s data store. The key used to protect the
data is a 256-bit AES key stored as a private Secret Key PKCS#11
object. The object has the PKCS#11 label attribute of ´User Data
Protection Key´. The key is generated by the TPM PKCS#11
implementation when it is needed the first time. Since it is generated
as a private object, it is protected by the TPM on the platform.
This command requires the ´-i´ and ´-o´ command options to be
specified.
-h, --help
Display command usage info.
-v, --version
Display command version info.
-l, --log [none|error|info|debug]
Set logging level.
-d, --decrypt
Perform a decryption operation
-e, --encrypt
Perform an encryption operation
-i, --infile FILE
Use FILE as the input to the specified operation
-k, --token STRING
Use STRING to identify the label of the PKCS#11 token to be used
-o, --outfile FILE
Use FILE as the output of the specified operation
SEE ALSO
tpmtoken_init(1), tpmtoken_import(1), tpmtoken_setpasswd(1),
tpmtoken_objects(1)
REPORTING BUGS
Report bugs to <trousers-users@lists.sourceforge.net>