NAME

       pesign-client — tool for signing UEFI applications with a pesign server

SYNOPSIS

       pesign-client  [-i file] [-o file] [-e file] [-t token] [-c nickname] ⟨[-k |] [-q |] [-s |] [-u]⟩ [-f fd]
                     [-F file]

DESCRIPTION

       pesign-client is a command line tool for  manipulating  signatures  and  cryptographic  digests  of  UEFI
       applications.

OPTIONS

       -i file | --infile file
               The input binary file to be signed with --sign

       -o file | --outfile file
               The output binary file to be signed with --sign

       -e file | --export file
               Export signature from --sign to file

       -t token | --token token
               Sign using NSS token token

       -c nickname | --certificate nickname
               Sign using NSS certificate nickname

       -k | --kill
               Kill the pesign server

       -q | --is-unlocked
               Query the lock status of the token specified by --token

       -s | --sign
               Sign the file specified by --infile

       -u | --unlock
               Unlock  the  token  specified  with  --token  using  the  PIN  read from --pinfd or --pinfile, or
               specified by PESIGN_TOKEN_PIN

       -f fd | --pinfd fd
               File descriptor to read the PIN from for --unlock

       -F file | --pinfile file
               File to read the PIN from for unlock

ENVIRONMENT

       PESIGN_TOKEN_PIN
               PIN for use with --unlock for the token specified by -fl -token

SEE ALSO

       pesign(1), certutil(1)

AUTHORS

       Peter Jones

Linux                                             Jun 4, 2020$                                  PESIGN-CLIENT(1)