TPM Management - tpm_sealdata
tpm_sealdata - seal input data to the system's TPM
tpm_sealdata seals sensitive input data to the SRK of the
system's TPM and optionally a PCR configuration. Backup your data, it is
unrecoverable from this format if the SRK changes or the specified PCR
configuration is unreproducable. The result can be unsealed by functions in
libtpm_unseal, such as tpmUnsealFile(3).
- -h, --help
- Display command usage info.
- -v, --version
- Display command version info.
- -l, --log
[none|error|info|debug]
- Set logging level.
- -i, --infile
FILE
- File containing input data to seal.
- -o, --outfile
FILE
- Output file. Default is STDOUT.
- -p, --pcr
NUMBER
- Seal data to the current value of the specified pcr. This option can be
given NUM_PCRS times. The specified pcr is in the range of 0 to
NUM_PCRS-1. NUM_PCRS is at least 16 but may vary by platform.
- -z,
--well-known
- Use TSS_WELL_KNOWN_SECRET (20 zero bytes) as the SRK password. You will
not be prompted for the SRK password with this option.
- -u, --unicode
- Use TSS UNICODE encoding for the SRK password to comply with applications
using TSS popup boxes.
Report bugs to <trousers-users@lists.sourceforge.net>