2 releases
0.1.1 | Feb 22, 2024 |
---|---|
0.1.0 | Feb 12, 2024 |
#1996 in Cryptography
23 downloads per month
15KB
208 lines
TPM Box
Encrypts data to a ephemeral symmetric key that is stored in the TPM.
This way the application can store and give others encrypted blobs that can be decrypted only by the same instance of the TpmBox
.
Example
Sealing the data and then unsealing it using the same in-memory object:
let mut data = tpm_box::TpmBox::new("mssim:").unwrap();
let plaintext = vec![1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 16];
let ciphertext = data.encrypt(&plaintext).unwrap();
let unsealed = data.decrypt(&ciphertext).unwrap();
assert_eq!(plaintext, unsealed.as_ref());
For hardware TPMs a TCTI such as device:/dev/tpmrm0
is appropriate.
License
This project is licensed under either of:
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this crate by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Dependencies
~7–10MB
~233K SLoC