Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

pesign(1) [centos man page]

PESIGN(1)						      General Commands Manual							 PESIGN(1)

pesign - command line tool for signing UEFI applications SYNOPSIS
pesign [--in=infile | -i infile] [--out=outfile | -o outfile] [--token=token | -t token] [--certificate=nickname | -c nickname] [--force | -f] [--sign | -s] [--hash | -h] [--digest_type=digest | -d digest] [--show-signature | -S ] [--remove-signature | -r ] [--export-pubkey=outkey | -K outkey] [--export-cert=outcert | -C outcert] [--ascii-armor | -a] [--daemonize | -D] [--nofork | -N] DESCRIPTION
pesign is a command line tool for manipulating signatures and cryptographic digests of UEFI applications. OPTIONS
--in=infile Specify input binary. --out=outfile Specify output binary. --token=token Use the specified NSS token's certificate database. --certificate=nickname Use the certificate database entry with the specified nickname for signing. --force Overwrite output files. Without this parameter, pesign will refuse to overrite any output files which already exist. --sign Sign the input binary with the key specified by --certificate. --hash Display the cryptographic digest of the input binary on standard output. --digest_type=digest Use the specified digest in hashing and signing operations. By default, this value is "sha256". Use "--digest=help" to list the available digests. --show-signature Show information about the signature of the input binary. --remove-signature Remove the signature section from the binary. --export-pubkey=outkey Export the public key specified by --certificate to outkey --export-cert=outcert Export the certificate specified by --certificate to outcert --ascii Use ascii armoring on exported certificates. --daemonize Spawn a daemon for use with pesign-client(1) --nofork Do not fork when using --daemonize. SEE ALSO
pesign-client(1) AUTHORS
Peter Jones Thu Jun 21 2012 PESIGN(1)

Check Out this Related Man Page

DGST(1) 							      OpenSSL								   DGST(1)

dgst, md5, md4, md2, sha1, sha, mdc2, ripemd160 - message digests SYNOPSIS
openssl dgst [-md5|-md4|-md2|-sha1|-sha|-mdc2|-ripemd160|-dss1] [-c] [-d] [-hex] [-binary] [-out filename] [-sign filename] [-verify file- name] [-prverify filename] [-signature filename] [file...] [md5|md4|md2|sha1|sha|mdc2|ripemd160] [-c] [-d] [file...] DESCRIPTION
The digest functions output the message digest of a supplied file or files in hexadecimal form. They can also be used for digital signing and verification. OPTIONS
-c print out the digest in two digit groups separated by colons, only relevant if hex format output is used. -d print out BIO debugging information. -hex digest is to be output as a hex dump. This is the default case for a "normal" digest as opposed to a digital signature. -binary output the digest or signature in binary form. -out filename filename to output to, or standard output by default. -sign filename digitally sign the digest using the private key in "filename". -verify filename verify the signature using the the public key in "filename". The output is either "Verification OK" or "Verification Failure". -prverify filename verify the signature using the the private key in "filename". -signature filename the actual signature to verify. -rand file(s) a file or files containing random data used to seed the random number generator, or an EGD socket (see RAND_egd(3)). Multiple files can be specified separated by a OS-dependent character. The separator is ; for MS-Windows, , for OpenVMS, and : for all others. file... file or files to digest. If no files are specified then standard input is used. NOTES
The digest of choice for all new applications is SHA1. Other digests are however still widely used. If you wish to sign or verify data using the DSA algorithm then the dss1 digest must be used. A source of random numbers is required for certain signing algorithms, in particular DSA. The signing and verify options should only be used if a single file is being signed or verified. 0.9.7a 2000-09-04 DGST(1)
Man Page