tail head cat sleep
QR code linking to this page

Manual Pages  — UEFISIGN

NAME

uefisign – UEFI Secure Boot signing utility

CONTENTS

SYNOPSIS


uefisign -k key -c certificate -o output [-v] file
uefisign -V [-v] file

DESCRIPTION

The uefisign utility signs PE binary files using Authenticode scheme, as required by UEFI Secure Boot specification. Alternatively, it can be used to view and verify existing signatures. These options are available:
-V
  Determine whether the file is signed. Note that this does not verify the correctness of the signature; only that the file contains a signature.
-k
  Name of file containing the private key used to sign the binary.
-c
  Name of file containing the certificate used to sign the binary.
-o
  Name of file to write the signed binary to.
-v
  Be verbose.

EXIT STATUS

The uefisign utility exits 0 on success, and >0 if an error occurs.

EXAMPLES

Generate self-signed certificate and use it to sign a binary:

    /usr/share/examples/uefisign/uefikeys testcert

    uefisign -c testcert.pem -k testcert.key -o signed-binary binary

View signature:

    uefisign -Vv binary

SEE ALSO

openssl(1), loader(8), uefi(8)

HISTORY

The uefisign command appeared in FreeBSD 10.2 .

AUTHORS

The uefisign utility was developed by Edward Tomasz Napierala <Mt trasz@FreeBSD.org> under sponsorship from the FreeBSD Foundation.

UEFISIGN (8) July 11, 2015

tail head cat sleep
QR code linking to this page


Please direct any comments about this manual page service to Ben Bullock. Privacy policy.

This philosophy, in the hands of amateurs, leads to inexplicably mind-numbing botches like the existence of two programs, “head” and “tail,” which print the first part or the last part of a file, depending. Even though their operations are duals of one another, “head” and “tail” are different programs, written by different authors, and take different options!
— The Unix Haters' handbook