This is the command pesign-client that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
pesign-client - command line tool for signing UEFI applications
SYNOPSIS
pesign [--in=infile | -i infile]
[--out=outfile | -o outfile]
[--export=exportfile | -e exportfile]
[--token=token | -t token]
[--certificate=nickname | -c nickname]
[--unlock | -u] [--kill | -k] [--sign | -s] [ --is-unlocked | -q ]
[--pinfd=pinfd | -f pinfd]
[--pinfile=pinfile | -F pinfile]
DESCRIPTION
pesign is a command line tool for manipulating signatures and cryptographic digests of
UEFI applications.
OPTIONS
--unlock
Unlock the specified token. A PIN - specified by one of --pinfd, --pinfile, or the
environmental variable PESIGN_TOKEN_PIN - is required for this operation to
succeed. The PIN may be empty, if that is what is required for the token specified
with --token.
--is-unlocked Query a token specified with --token for lock status.
--pinfd=pinfd
When using --unlock, read the token's PIN from the open file descriptor pinfd.
--pinfile=pinfile
When using --unlock, read the token's PIN from the file pinfile.
--sign
Sign the binary specified by infile.
--export
When used with --sign, write the signature to outfile.
--infile=infile
When used with --sign, specify the input binary.
--outfile=outfile
When used with --sign, specify output file. If --detached is specified, this will
be a DER-formatted signature. Otherwise, the output will be the signed PE binary.
--token=token
When used with --unlock or --sign, use the specified NSS token's certificate
database.
--certificate=nickname
When used with --sign, use the certificate database entry with the specified
nickname for signing.
--kill
Terminate the signing server.
Use pesign-client online using onworks.net services
