Signs data.

pkiutil sign -raw -privkey <privkey> -tobesigned <tobesigned> -sigout <sigout> -sigalg <sigalg> [-sigalg <sigalg> ... -sigalg <sigalg>]

For example:

pkiutil sign -raw -privkey eepriv.pem -tobesigned myfile.txt -sigout sigfile.der -sigalg SHA256withRSA -sigalg SHA256withECDSA

See below for a description of each option.

-privkey <privkey>
-sigalg <sigalg>
-raw
-sigout <sigout>
-tobesigned <tobesigned>

-privkey <privkey>

Sign the data with the <privkey> private key, where <privkey> is the name of a file generated with the pkiutil keygen command.

Mandatory: Yes.

-sigalg <sigalg>

Sign the data with the <sigalg> algorithm, where <sigalg> is one of the algorithm identifiers listed in PKIUtil algorithm reference . Select more than one algorithm to generate a composite signature.

Mandatory: Yes.

-raw

Perform a raw signature.

The current version of PKIaaS Post Quantum only supports raw signatures.

Mandatory: Yes

-sigout <sigout>

Save the data in a file with the <sigout> name.

Mandatory : Yes.

-tobesigned <tobesigned>

Sign the <tobesigned> data, where <tobesigned> is the name of a file containing the data.

Mandatory : Yes.