Skip to content

vathpela/pesign

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
8 branches 26 tags
Code
This branch is up to date with rhboot/pesign:main.

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github/workflows
 
 
include
 
 
libdpe
 
 
src
 
 
util
 
 
.gitignore
 
 
CODE_OF_CONDUCT.md
 
 
COPYING
 
 
Make.coverity
 
 
Make.defaults
 
 
Make.deps
 
 
Make.efirules
 
 
Make.rules
 
 
Make.scan-build
 
 
Make.version
 
 
Makefile
 
 
README.md
 
 
TODO
 
 
pesign + efikeygen Examples

README.md

pesign + efikeygen

Signing tools for PE-COFF binaries. Compliant with the PE and Authenticode specifications.

(These serve a similar purpose to Microsoft's SignTool.exe, except for Linux.)

Examples

Generate a key for use with pesign, stored on disk:

efikeygen -d /etc/pki/pesign -S -TYPE -c 'CN=Your Name Key' -n 'Custom Secureboot'

(where TYPE is m if you're only signing kernel modules, and k otherwise).

For more complex and secure use cases (e.g., hardware tokens), see efikeygen man page (man efikeygen).

Sign a UEFI application using that key:

pesign -i grubx64.efi -o grubx64.efi.signed -c 'Custom Secureboot' -s

Show signatures on a UEFI application:

pesign -i grubx64.efi.signed -S

For more signing/verification operations, see the pesign man page (man pesign).

About

Tools for manipulating signed PE-COFF binaries

Resources

Readme

License

GPL-2.0 license

Code of conduct

Code of conduct
Activity

Stars

6 stars

Watchers

2 watching

Forks

50 forks
Report repository

Releases

26 tags

Packages

No packages published

Languages

  • C 87.7%
  • Roff 5.5%
  • Shell 4.7%
  • Makefile 2.1%