NAME

       tpm_sealdata - seal input data to the system's TPM

SYNOPSIS

       tpm_sealdata [OPTION]

DESCRIPTION

       tpm_sealdata seals sensitive input data to the SRK of the system's TPM and optionally a
       PCR configuration.  Backup your data, it is unrecoverable from this format if the SRK
       changes or the specified PCR configuration is unreproducable.  The result can be unsealed
       by functions in libtpm_unseal, such as tpmUnsealFile(3).

       -h, --help
              Display command usage info.

       -v, --version
              Display command version info.

       -l, --log [none|error|info|debug]
              Set logging level.

       -i, --infile FILE
              File containing input data to seal.

       -o, --outfile FILE
              Output file.  Default is STDOUT.

       -p, --pcr NUMBER
              Seal data to the current value of the specified pcr. This option can be given
              NUM_PCRS times.  The specified pcr is in the range of 0 to NUM_PCRS-1. NUM_PCRS is
              at least 16 but may vary by platform.

       -z, --well-known
              Use TSS_WELL_KNOWN_SECRET (20 zero bytes) as the SRK password. You will not be
              prompted for the SRK password with this option.

       -u, --unicode
              Use TSS UNICODE encoding for the SRK password to comply with applications using TSS
              popup boxes.

SEE ALSO

       tpm_takeownership(8), tpmUnsealFile(3)

REPORTING BUGS

       Report bugs to <trousers-users@lists.sourceforge.net>