PESIGN-CLIENT(1)            General Commands Manual           PESIGN-CLIENT(1)

NAME
     pesign-client - tool for signing UEFI applications with a pesign server

SYNOPSIS
     pesign-client [-i file] [-o file] [-e file] [-t token] [-c nickname]
                   <[-k |] [-q |] [-s |] [-u]> [-f fd] [-F file]

DESCRIPTION
     pesign-client is a command line tool for manipulating signatures and
     cryptographic digests of UEFI applications.

OPTIONS
     -i file | --infile file
             The input binary file to be signed with --sign

     -o file | --outfile file
             The output binary file to be signed with --sign

     -e file | --export file
             Export signature from --sign to file

     -t token | --token token
             Sign using NSS token token

     -c nickname | --certificate nickname
             Sign using NSS certificate nickname

     -k | --kill
             Kill the pesign server

     -q | --is-unlocked
             Query the lock status of the token specified by --token

     -s | --sign
             Sign the file specified by --infile

     -u | --unlock
             Unlock the token specified with --token using the PIN read from
             --pinfd or --pinfile, or specified by PESIGN_TOKEN_PIN

     -f fd | --pinfd fd
             File descriptor to read the PIN from for --unlock

     -F file | --pinfile file
             File to read the PIN from for unlock

ENVIRONMENT
     PESIGN_TOKEN_PIN
             PIN for use with --unlock for the token specified by -fl -token

SEE ALSO
     pesign(1), certutil(1)

AUTHORS
     Peter Jones

Linux                            June 4, 2020                            Linux