NAME

       tpmtoken_protect  - encrypt or decrypt data using a symmetric key stored in the user's TPM
       PKCS#11 data store

SYNOPSIS

       tpmtoken_protect [ OPTION ]

DESCRIPTION

       tpmtoken_protect will encrypt or decrypt data using a symmetric key that is stored in the
       user's data store.  The key used to protect the data is a 256-bit AES key stored as a
       private Secret Key PKCS#11 object.  The object has the PKCS#11 label attribute of ´User
       Data Protection Key´.  The key is generated by the TPM PKCS#11 implementation when it is
       needed the first time.  Since it is generated as a private object, it is protected by the
       TPM on the platform.

       This command requires the ´-i´ and ´-o´ command options to be specified.

       -h, --help
              Display command usage info.

       -v, --version
              Display command version info.

       -l, --log [none|error|info|debug]
              Set logging level.

       -d, --decrypt
              Perform a decryption operation

       -e, --encrypt
              Perform an encryption operation

       -i, --infile FILE
              Use FILE as the input to the specified operation

       -k, --token STRING
              Use STRING to identify the label of the PKCS#11 token to be used

       -o, --outfile FILE
              Use FILE as the output of the specified operation

SEE ALSO

       tpmtoken_init(1), tpmtoken_import(1), tpmtoken_setpasswd(1), tpmtoken_objects(1)

REPORTING BUGS

       Report bugs to <trousers-users@lists.sourceforge.net>