nethsm-openpgp-sign-state(1)                           General Commands Manual

NAME
       nethsm-openpgp-sign-state - Create an OpenPGP signature for a hasher
       state

SYNOPSIS
       nethsm openpgp sign-state [-f|--force] [-o|--output]
       [-a|--auth-passphrase-file] [-c|--config] [-l|--label] [-u|--user]
       [-h|--help] <KEY_ID> <INPUT>

DESCRIPTION
       Create an OpenPGP signature for a hasher's state

       Requires a valid hasher state payload on stdin as produced by the
       `signstar-request-signature` binary.

       The signature is written to stdout, unless a specific path to a file is
       provided.

       Requires authentication of a user in the "Operator" role that has
       access to the targeted key.

OPTIONS
       -f, --force
              Write to output file even if it exists already
              May also be specified with the NETHSM_FORCE environment
              variable.

       -o, --output=OUTPUT
              The optional path to a specific output file
              May also be specified with the
              NETHSM_OPENPGP_SIGNATURE_OUTPUT_FILE environment variable.

       -a, --auth-passphrase-file=AUTH_PASSPHRASE_FILE
              The path to a file containing a passphrase for authentication

              The passphrase provided in the file must be the one for the user
              chosen for the command.

              This option can be provided multiple times, which is needed for
              commands that require multiple roles at once.  With multiple
              passphrase files ordering matters, as the files are assigned to
              the respective user provided by the "--user" option.
              May also be specified with the NETHSM_AUTH_PASSPHRASE_FILE
              environment variable.

       -c, --config=CONFIG
              The path to a custom configuration file

              If specified, the custom configuration file is used instead of
              the default configuration file location.
              May also be specified with the NETHSM_CONFIG environment
              variable.

       -l, --label=LABEL
              A label uniquely identifying a device in the configuration file

              Must be provided if more than one device is setup in the
              configuration file.
              May also be specified with the NETHSM_LABEL environment
              variable.

       -u, --user=USER
              A user name which is used for a command

              Can be provided, if no user name is setup in the configuration
              file for a device.  Must be provided, if several user names of
              the same target role are setup in the configuration file for a
              device.

              This option can be provided multiple times, which is needed for
              commands that require multiple roles at once.

              May also be specified with the NETHSM_USER environment variable.

       -h, --help
              Print help (see a summary with '-h')

       <KEY_ID>
              The ID of the key to use
              May also be specified with the NETHSM_KEY_ID environment
              variable.

       <INPUT>
              The path to a valid signature request file
              May also be specified with the
              NETHSM_OPENPGP_REQUEST_SIGNATURE_FILE environment variable.

                          nethsm-openpgp-sign-state
                                                  nethsm-openpgp-sign-state(1)