NAME

pesign-client - command line tool for signing UEFI applications
 

SYNOPSIS

pesign [--in=infile | -i infile]
[--out= outfile | -o outfile]
[--export= exportfile | -e exportfile]
[--token= token | -t token]
[--certificate= nickname | -c nickname]
[--unlock | -u] [--kill | -k] [--sign | -s] [ --is-unlocked | -q ]
[--pinfd= pinfd | -f pinfd]
[--pinfile= pinfile | -F pinfile]
 

DESCRIPTION

pesign is a command line tool for manipulating signatures and cryptographic digests of UEFI applications.
 

OPTIONS

--unlock
Unlock the specified token. A PIN - specified by one of --pinfd, --pinfile, or the environmental variable PESIGN_TOKEN_PIN - is required for this operation to succeed. The PIN may be empty, if that is what is required for the token specified with --token. --is-unlocked Query a token specified with --token for lock status.
--pinfd=pinfd
When using --unlock, read the token's PIN from the open file descriptor pinfd.
--pinfile=pinfile
When using --unlock, read the token's PIN from the file pinfile.
--sign
 
Sign the binary specified by infile.
--export
When used with --sign, write the signature to outfile.
--infile=infile
When used with --sign, specify the input binary.
--outfile=outfile
When used with --sign, specify output file. If --detached is specified, this will be a DER-formatted signature. Otherwise, the output will be the signed PE binary.
--token=token
When used with --unlock or --sign, use the specified NSS token's certificate database.
--certificate=nickname
When used with --sign, use the certificate database entry with the specified nickname for signing.
--kill
 
Terminate the signing server.

SEE ALSO

pesign(1)
 

AUTHORS

Peter Jones

Recommended readings

Pages related to pesign-client you should read also:
pesign(1)

Questions & Answers

Helpful answers and articles about pesign-client you may found on these sites:
Stack Overflow Server Fault Super User Unix & Linux Ask Ubuntu Network Engineering DevOps Raspberry Pi Webmasters Google Search