stpm-exfiltrate - Extract key from TPM chip

       Simple-TPM-PK11 was written By Thomas Habets <habets@google.com> / <thomas@habets.se>.

       git clone https://github.com/ThomasHabets/simple-tpm-pk11.git

simple-tpm-pk11                                16th Febrary, 2014                             stpm-exfiltrate(1)

stpm-exfiltrate extracts a key that is otherwise protected by the TPM chip. This only works if the key is
       "migratable" (meaning it was generated in software), and the TPM owner password is known.

       This  is  why  you  should  generate  keys  in hardware (the default) with stpm-keygen and not use its -S
       option.

       Most errors will probably be related to interacting with the TPM chip.  Resetting the TPM chip and taking
       ownership should take care of most of them. See the TPM-TROUBLESHOOTING section of simple-tpm-pk11(7).

       stpm-exfiltrate -k ~/.simple-tpm-pk11/my.key
       Enter owner password: blah blah
       [ ... key data here ...]

       stpm-exfiltrate -p -k ~/.simple-tpm-pk11/my.key
       Enter owner password: blah blah
       Enter key PIN: my secret password here
       [ ... key data here ...]

       stpm-exfiltrate -sp -k ~/.simple-tpm-pk11/my.key
       Enter owner password: blah blah
       Enter key PIN: my secret password here
       Enter SRK PIN: 12345678
       [ ... key data here ...]

       stpm-exfiltrate - Extract key from TPM chip

       -h     Show usage info.

       -k keyfile
              Key blob file to read.

       -O     Use Well Known Secret for owner password. Default is ask.

       -p     Ask for key PIN / password. Default is Well Known Secret.

       -o     Ask for SRK PIN / password. Default is Well Known Secret.

simple-tpm-pk11(7), stpm-sign(1), stpm-keygen.

stpm-exfiltrate [ -hOps ] -k keyfile