Lines Matching refs:trusted

21 By default, trusted keys are sealed under the SRK, which has the default
27     keyctl add trusted name "new keylen [options]" ring
28     keyctl add trusted name "load hex_blob [pcrlock=pcrnum]" ring
60 'master' key can either be a trusted-key or user-key type.  The main
61 disadvantage of encrypted keys is that if they are not rooted in a trusted key,
80 	key-type:= 'trusted' | 'user'
83 Examples of trusted and encrypted key usage:
85 Create and save a trusted key named "kmk" of length 32 bytes::
87     $ keyctl add trusted kmk "new 32" @u
94     440502848 --alswrv    500   500       \_ trusted: kmk
108 Load a trusted key from the saved blob::
110     $ keyctl add trusted kmk "load `cat kmk.blob`" @u
123 Reseal a trusted key under new pcr values::
137 The initial consumer of trusted keys is EVM, which at boot time needs a high
139 trusted key provides strong guarantees that the EVM key has not been
142 encrypted key "evm" using the above trusted key "kmk":
146     $ keyctl add encrypted evm "new trusted:kmk 32" @u
151     $ keyctl add encrypted evm "new default trusted:kmk 32" @u
155     default trusted:kmk 32 2375725ad57798846a9bbd240de8906f006e66c03af53b1b3
167     default trusted:kmk 32 2375725ad57798846a9bbd240de8906f006e66c03af53b1b3
171 Other uses for trusted and encrypted keys, such as for disk and file encryption