1SBVARSIGN(1)                     User Commands                    SBVARSIGN(1)
2
3
4

NAME

6       sbvarsign - UEFI authenticated variable signing tool
7

SYNOPSIS

9       sbvarsign  [options] --key <keyfile> --cert <certfile> <var-name> <var-
10       data-file>
11

DESCRIPTION

13       Sign a blob of data for use in SetVariable().
14

OPTIONS

16       --engine <eng>
17              use the specified engine to load the key
18
19       --key <keyfile>
20              signing key (PEM-encoded RSA private key)
21
22       --cert <certfile>
23              certificate (x509 certificate)
24
25       --include-attrs
26              include attrs at beginning of output file
27
28       --guid <GUID>
29              EFI GUID for the variable. If omitted,  EFI_IMAGE_SECURITY_DATA‐
30              BASE  or  EFI_GLOBAL_VARIABLE  (depending on <var-name>) will be
31              used.
32
33       --attr <attrs>
34              variable attributes.  One  or  more  of:  NON_VOLATILE  BOOTSER‐
35              VICE_ACCESS RUNTIME_ACCESS TIME_BASED_AUTHENTICATED_WRITE_ACCESS
36              APPEND_WRITE
37
38       Separate multiple attrs with a comma,
39              default is all  attributes,  TIME_BASED_AUTH...  is  always  in‐
40              cluded.
41
42       --output <file>
43              write signed data to <file> (default <var-data-file>.signed)
44
45
46
47sbvarsign 0.9.5                    May 2023                       SBVARSIGN(1)
Impressum