pesign-client(1) [centos man page]
PESIGN-CLIENT(1) General Commands Manual PESIGN-CLIENT(1) NAME
pesign-client - command line tool for signing UEFI applications SYNOPSIS
pesign [--in=infile | -i infile] [--out=outfile | -o outfile] [--export=exportfile | -e exportfile] [--token=token | -t token] [--certificate=nickname | -c nickname] [--unlock | -u] [--kill | -k] [--sign | -s] [--pinfd=pinfd | -f pinfd] [--pinfile=pinfile | -F pinfile] DESCRIPTION
pesign is a command line tool for manipulating signatures and cryptographic digests of UEFI applications. OPTIONS
--unlock Unlock the specified token. A PIN - specified by one of --pinfd, --pinfile, or the environmental variable PESIGN_TOKEN_PIN - is required for this operation to succeed. The PIN may be empty, if that is what is required for the token specified with --token. --pinfd=pinfd When using --unlock, read the token's PIN from the open file descriptor pinfd. --pinfile=pinfile When using --unlock, read the token's PIN from the file pinfile. --sign Sign the binary specified by infile. --detached When used with --sign, write the signature to outfile. --in=infile When used with --sign, specify the input binary. --out=outfile When used with --sign, specify output file. If --detached is specified, this will be a DER-formatted signature. Otherwise, the output will be the signed PE binary. --token=token When used with --unlock or --sign, use the specified NSS token's certificate database. --certificate=nickname When used with --sign, use the certificate database entry with the specified nickname for signing. --kill Terminate the signing server. SEE ALSO
pesign(1) AUTHORS
Peter Jones Mon Oct 15 2012 PESIGN-CLIENT(1)
Check Out this Related Man Page
PESIGN(1) General Commands Manual PESIGN(1) NAME
pesign - command line tool for signing UEFI applications SYNOPSIS
pesign [--in=infile | -i infile] [--out=outfile | -o outfile] [--token=token | -t token] [--certificate=nickname | -c nickname] [--force | -f] [--sign | -s] [--hash | -h] [--digest_type=digest | -d digest] [--show-signature | -S ] [--remove-signature | -r ] [--export-pubkey=outkey | -K outkey] [--export-cert=outcert | -C outcert] [--ascii-armor | -a] [--daemonize | -D] [--nofork | -N] DESCRIPTION
pesign is a command line tool for manipulating signatures and cryptographic digests of UEFI applications. OPTIONS
--in=infile Specify input binary. --out=outfile Specify output binary. --token=token Use the specified NSS token's certificate database. --certificate=nickname Use the certificate database entry with the specified nickname for signing. --force Overwrite output files. Without this parameter, pesign will refuse to overrite any output files which already exist. --sign Sign the input binary with the key specified by --certificate. --hash Display the cryptographic digest of the input binary on standard output. --digest_type=digest Use the specified digest in hashing and signing operations. By default, this value is "sha256". Use "--digest=help" to list the available digests. --show-signature Show information about the signature of the input binary. --remove-signature Remove the signature section from the binary. --export-pubkey=outkey Export the public key specified by --certificate to outkey --export-cert=outcert Export the certificate specified by --certificate to outcert --ascii Use ascii armoring on exported certificates. --daemonize Spawn a daemon for use with pesign-client(1) --nofork Do not fork when using --daemonize. SEE ALSO
pesign-client(1) AUTHORS
Peter Jones Thu Jun 21 2012 PESIGN(1)