sbvarsign • help

Note: help and version output are generated by a naïve script which tries a few variants of <command> --help, <command> -h etc. to find the command's help and version info. Sometimes it gets lucky, sometimes it doesn't; if the output below looks wrong, it probably is.

sbvarsign --version (return code: 0)

sbvarsign 0.6

sbvarsign --help (return code: 0)

Usage: sbvarsign [options] --key <keyfile> --cert <certfile> <var-name> <var-data-file> Sign a blob of data for use in SetVariable(). Options: --key <keyfile> signing key (PEM-encoded RSA private key) --cert <certfile> certificate (x509 certificate) --include-attrs include attrs at beginning of output file --guid <GUID> EFI GUID for the variable. If omitted, EFI_IMAGE_SECURITY_DATABASE or EFI_GLOBAL_VARIABLE (depending on <var-name>) will be used. --attr <attrs> variable attributes. One or more of: NON_VOLATILE BOOTSERVICE_ACCESS RUNTIME_ACCESS TIME_BASED_AUTHENTICATED_WRITE_ACCESS APPEND_WRITE Separate multiple attrs with a comma, default is all attributes, TIME_BASED_AUTH... is always included. --output <file> write signed data to <file> (default <var-data-file>.signed)

sbvarsign • help

sbvarsign • help

sbvarsign --version (return code: 0)

sbvarsign --help (return code: 0)

Installed via

Path