centos man page for pesign-client

PESIGN-CLIENT(1)					      General Commands Manual						  PESIGN-CLIENT(1)

NAME
       pesign-client - command line tool for signing UEFI applications

SYNOPSIS
       pesign [--in=infile | -i infile]
	      [--out=outfile | -o outfile]
	      [--export=exportfile | -e exportfile]
	      [--token=token | -t token]
	      [--certificate=nickname | -c nickname]
	      [--unlock | -u] [--kill | -k] [--sign | -s]
	      [--pinfd=pinfd | -f pinfd]
	      [--pinfile=pinfile | -F pinfile]

DESCRIPTION
       pesign is a command line tool for manipulating signatures and cryptographic digests of UEFI applications.

OPTIONS
       --unlock
	      Unlock  the  specified  token.   A PIN - specified by one of --pinfd, --pinfile, or the environmental variable PESIGN_TOKEN_PIN - is
	      required for this operation to succeed.  The PIN may be empty, if that is what is required for the token specified with --token.

       --pinfd=pinfd
	      When using --unlock, read the token's PIN from the open file descriptor pinfd.

       --pinfile=pinfile
	      When using --unlock, read the token's PIN from the file pinfile.

       --sign
	      Sign the binary specified by infile.

       --detached
	      When used with --sign, write the signature to outfile.

       --in=infile
	      When used with --sign, specify the input binary.

       --out=outfile
	      When used with --sign, specify output file.  If --detached is specified, this will be a  DER-formatted  signature.   Otherwise,  the
	      output will be the signed PE binary.

       --token=token
	      When used with --unlock or --sign, use the specified NSS token's certificate database.

       --certificate=nickname
	      When used with --sign, use the certificate database entry with the specified nickname for signing.

       --kill
	      Terminate the signing server.

SEE ALSO
       pesign(1)

AUTHORS
       Peter Jones

								  Mon Oct 15 2012						  PESIGN-CLIENT(1)