1PESIGN-CLIENT(1) BSD General Commands Manual PESIGN-CLIENT(1)
2
4 pesign-client — tool for signing UEFI applications with a pesign server
5
7 pesign-client [-i file] [-o file] [-e file] [-t token] [-c nickname]
8 ⟨[-k |] [-q |] [-s |] [-u]⟩ [-f fd] [-F file]
9
11 pesign-client is a command line tool for manipulating signatures and
12 cryptographic digests of UEFI applications.
13
15 -i file | --infile file
16 The input binary file to be signed with --sign
17 -o file | --outfile file
19 The output binary file to be signed with --sign
20 -e file | --export file
22 Export signature from --sign to file
23 -t token | --token token
25 Sign using NSS token token
26 -c nickname | --certificate nickname
28 Sign using NSS certificate nickname
29 -k | --kill
31 Kill the pesign server
32 -q | --is-unlocked
34 Query the lock status of the token specified by --token
35 -s | --sign
37 Sign the file specified by --infile
38 -u | --unlock
40 Unlock the token specified with --token using the PIN read from
41 --pinfd or --pinfile, or specified by PESIGN_TOKEN_PIN
42 -f fd | --pinfd fd
44 File descriptor to read the PIN from for --unlock
45 -F file | --pinfile file
47 File to read the PIN from for unlock
48
50 PESIGN_TOKEN_PIN
51 PIN for use with --unlock for the token specified by -fl -token
52
54 pesign(1), certutil(1)
55
57 Peter Jones
58Linux Jun 4, 2020$ Linux