| Feature | |
| Support for CableLabs OpenCable I05 | X |
| Support for CableLabs DOCSIS 1.1/2.0 BPI+ | X |
| Support for: | |
| PKCS#1 | X |
| PKCS#5 | X |
| PKCS#7 | X |
| PKCS#8 | X |
| PKCS#12 | X |
| X.509 certificates | X |
| Curves supported | secp 163r1, secp 256r1, secp384r1, secp521r1 |
| Platform Support | Windows 32 (32-and 64-bit platforms) |
| Option | Description |
| -address <address> [<length>] | Specifies the address where the final image (or piece of image) will be stored. |
| -allow <option> | Forces Certicom CodeSign to ignore certain errors |
| -asn | Enables the CMS data to be output in the ASN.1 format |
| -format <docsis | opencable | trustedboot> | Allows specification of output format. The default is trustedboot. |
| -hash <sha1 | sha256 | sha384 | sha512> | Specifies which hash algorithm to use. |
| -help | Display tool usage information. |
| -include certificate | Includes identity certificate(s) in the CMS object. |
| -identity <filename1 [filename2…]> | Specifies the identity file(s). Currently supports PEM- or DER-encoded identities. |
| -input <filename> | Specify the file to be signed. |
| -output <filename> | Specifies the output file. |
| -password <password> | Specify the private key password. |
| -quiet | Suppresses all output. |
| -relative <start | end> | Determines whther CMS data will be placed before the start of image or after the end of the image data. |
| -signtime <certificate | current | <YYMMDDhhmmss> | Allows signing time to be specified. Choosing 'certificate will use the start time of the validity of the certificate. |
| -trusted <filename1 [filename2…]> | Specify the certificate authority certificate file (s) |
| -verbose <cms | identity | trusted> | Display additional information about the identity. |
| -verify <filename> | Verify a previously produced CMS file. |
| -version | Output version information. |