Lines Matching refs:trusted

24 By default, trusted keys are sealed under the SRK, which has the default
49     keyctl add trusted name "new keylen [options]" ring
50     keyctl add trusted name "load hex_blob [pcrlock=pcrnum]" ring
84 'master' key can either be a trusted-key or user-key type.  The main
85 disadvantage of encrypted keys is that if they are not rooted in a trusted key,
104 	key-type:= 'trusted' | 'user'
107 Examples of trusted and encrypted key usage:
109 Create and save a trusted key named "kmk" of length 32 bytes.
117     $ keyctl add trusted kmk "new 32" @u
124     440502848 --alswrv    500   500       \_ trusted: kmk
138 Load a trusted key from the saved blob::
140     $ keyctl add trusted kmk "load `cat kmk.blob`" @u
153 Reseal a trusted key under new pcr values::
167 The initial consumer of trusted keys is EVM, which at boot time needs a high
169 trusted key provides strong guarantees that the EVM key has not been
172 encrypted key "evm" using the above trusted key "kmk":
176     $ keyctl add encrypted evm "new trusted:kmk 32" @u
181     $ keyctl add encrypted evm "new default trusted:kmk 32" @u
185     default trusted:kmk 32 2375725ad57798846a9bbd240de8906f006e66c03af53b1b3
197     default trusted:kmk 32 2375725ad57798846a9bbd240de8906f006e66c03af53b1b3
201 Other uses for trusted and encrypted keys, such as for disk and file encryption