Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

CentOS 7.0 - man page for pesign (centos section 1)

PESIGN(1)						      General Commands Manual							 PESIGN(1)

pesign - command line tool for signing UEFI applications
pesign [--in=infile | -i infile] [--out=outfile | -o outfile] [--token=token | -t token] [--certificate=nickname | -c nickname] [--force | -f] [--sign | -s] [--hash | -h] [--digest_type=digest | -d digest] [--show-signature | -S ] [--remove-signature | -r ] [--export-pubkey=outkey | -K outkey] [--export-cert=outcert | -C outcert] [--ascii-armor | -a] [--daemonize | -D] [--nofork | -N]
pesign is a command line tool for manipulating signatures and cryptographic digests of UEFI applications.
--in=infile Specify input binary. --out=outfile Specify output binary. --token=token Use the specified NSS token's certificate database. --certificate=nickname Use the certificate database entry with the specified nickname for signing. --force Overwrite output files. Without this parameter, pesign will refuse to overrite any output files which already exist. --sign Sign the input binary with the key specified by --certificate. --hash Display the cryptographic digest of the input binary on standard output. --digest_type=digest Use the specified digest in hashing and signing operations. By default, this value is "sha256". Use "--digest=help" to list the available digests. --show-signature Show information about the signature of the input binary. --remove-signature Remove the signature section from the binary. --export-pubkey=outkey Export the public key specified by --certificate to outkey --export-cert=outcert Export the certificate specified by --certificate to outcert --ascii Use ascii armoring on exported certificates. --daemonize Spawn a daemon for use with pesign-client(1) --nofork Do not fork when using --daemonize.
Peter Jones Thu Jun 21 2012 PESIGN(1)