Allow using a TPM module as a key source

[tjohns]

Looking at the docs, it seems that the only secure option for storing the master key is Amazon's KMS. (The other options are all potentially vulnerable to key extraction by a rouge admin or hacker.)

It would be nice if support was added for using a key stored on a hardware TPM chip. This would provide similar functionality to KMS, and is available on almost any modern bare-metal server.

For an example of how to interact with a TPM: https://www.cylab.cmu.edu/tiw/slides/challener-TPM.pdf

[TomFrost]

Are you aware of any TPM bindings available for node? All I was able to find on short order is https://github.com/jplyle/node-tss, however after brief review it looks like this use case isn't directly supported by that library. C bindings to the TPM headers are beyond the scope of Cryptex, but I agree with the feature need and would love to support a module that provided a TPM API Cryptex could take advantage of.

[tjohns]

I'm afraid I'm not familiar with any other Node.js libraries for interacting with the TPM, sorry. (Admittedly, I haven't done much with Node.js myself!)