Sign-hash commands
This section covers commands that you use in SMCTL to sign a hash.
Sign-hash
Sign-hash commands begin with:
smctl sign sign-hash <keypair ID>
Subcommands
The sign-hash command supports these subcommands:
Table 1. Flag for managing hashing signing
Shortcut | Flag | Description |
|---|---|---|
--binary | Signature in binary (default is Base64). | |
--file string | File path. | |
--hash string | Base64 hash. | |
--hash-algorithm string | Hash algorithm. (default "SHA-256") | |
--non-decorate-signature | Skip ASN1 decoration for ECDSA signatures. | |
--signature-algorithm string | Signature algorithm. (default "SHA256withRSA"). | |
--signature-file string | Signature file path. | |
-h | --help | Help for sign-hash commands. |
Command example
Description: Sign hash.
Command:
smctl sign sign-hash --file <file path> --hash-algorithm <hash algorithm> --signature-algorithm <algorithm> <keypair ID> --signature-file <signature file path> --binary
Command sample:
smctl sign sign-hash --file UNSIGNED_JAR.jar --hash-algorithm SHA-512 --signature-algorithm MLDSA44 c16f3975-101b-4837-8de5-42160e791220 --signature-file mldsasign44.txt --binary