Documentation made easier

PESIGN-CLIENT(1) BSD General Commands Manual PESIGN-CLIENT(1)

NAME

pesign-client — tool for signing UEFI applications with a pesign server

SYNOPSIS

pesign-client [−i file] [−o file] [−e file] [−t token] [−c nickname] ⟨

[−k |] [−q |] [−s |] [−u] ⟩ [−f fd] [−F file]

DESCRIPTION

pesign-client is a command line tool for manipulating signatures and cryptographic digests of UEFI applications.

OPTIONS
−i file | −−infile file

The input binary file to be signed with −−sign

−o file | −−outfile file

The output binary file to be signed with −−sign

−e file | −−export file

Export signature from −−sign to file

−t token | −−token token

Sign using NSS token token

−c nickname | −−certificate nickname

Sign using NSS certificate nickname

−k | −−kill

Kill the pesign server

−q | −−is-unlocked

Query the lock status of the token specified by −−token

−s | −−sign

Sign the file specified by −−infile

−u | −−unlock

Unlock the token specified with −−token using the PIN read from −−pinfd or −−pinfile, or specified by PESIGN_TOKEN_PIN

−f fd | −−pinfd fd

File descriptor to read the PIN from for −−unlock

−F file | −−pinfile file

File to read the PIN from for unlock

ENVIRONMENT
PESIGN_TOKEN_PIN

PIN for use with −−unlock for the token specified by −fl −token

SEE ALSO

pesign(1), certutil(1)

AUTHORS

Peter Jones

Linux Jun 4, 2020$ Linux