Lines Matching refs:key

3 Trusted and Encrypted Keys are two new key types added to the existing kernel
4 key ring service.  Both of these new types are variable length symmetric keys,
12 under a 2048 bit RSA key in the TPM, and optionally sealed to specified PCR
16 when the kernel and initramfs are updated.  The same key can have many saved
26     keyctl update key "update [options]"
30        keyhandle= ascii hex value of sealing key default 0x40000000 (SRK)
31        keyauth=	  ascii hex auth for sealing key default 0x00...i
42 "keyctl print" returns an ascii hex copy of the sealed key, which is in standard
43 TPM_STORED_DATA format.  The key length for new keys are always in bytes.
49 numbers, and are encrypted/decrypted using a specified 'master' key.  The
50 'master' key can either be a trusted-key or user-key type.  The main
51 disadvantage of encrypted keys is that if they are not rooted in a trusted key,
52 they are only as secure as the user key encrypting them.  The master user key
57 key or a more complex structure. The format of the more complex structure is
61     keyctl add encrypted name "new [format] key-type:master-key-name keylen"
64     keyctl update keyid "update key-type:master-key-name"
67 key-type:= 'trusted' | 'user'
70 Examples of trusted and encrypted key usage:
72 Create and save a trusted key named "kmk" of length 32 bytes:
95 Load a trusted key from the saved blob:
110 Reseal a trusted key under new pcr values:
125 quality symmetric key for HMAC protection of file metadata.  The use of a
126 trusted key provides strong guarantees that the EVM key has not been
129 encrypted key "evm" using the above trusted key "kmk":
146 Load an encrypted key "evm" from saved blob: