## cosign

A tool for Container Signing, Verification and Storage in an OCI registry.

### Options

```
  -h, --help                 help for cosign
      --output-file string   log output to a file
  -t, --timeout duration     timeout for commands (default 3m0s)
  -d, --verbose              log debug output
```

### SEE ALSO

* [cosign attach](cosign_attach.md)	 - Provides utilities for attaching artifacts to other artifacts in a registry
* [cosign attest](cosign_attest.md)	 - Attest the supplied container image.
* [cosign attest-blob](cosign_attest-blob.md)	 - Attest the supplied blob.
* [cosign clean](cosign_clean.md)	 - Remove all signatures from an image.
* [cosign completion](cosign_completion.md)	 - Generate completion script
* [cosign copy](cosign_copy.md)	 - Copy the supplied container image and signatures.
* [cosign dockerfile](cosign_dockerfile.md)	 - Provides utilities for discovering images in and performing operations on Dockerfiles
* [cosign download](cosign_download.md)	 - Provides utilities for downloading artifacts and attached artifacts in a registry
* [cosign env](cosign_env.md)	 - Prints Cosign environment variables
* [cosign generate](cosign_generate.md)	 - Generates (unsigned) signature payloads from the supplied container image.
* [cosign generate-key-pair](cosign_generate-key-pair.md)	 - Generates a key-pair.
* [cosign import-key-pair](cosign_import-key-pair.md)	 - Imports a PEM-encoded RSA or EC private key.
* [cosign initialize](cosign_initialize.md)	 - Initializes SigStore root to retrieve trusted certificate and key targets for verification.
* [cosign load](cosign_load.md)	 - Load a signed image on disk to a remote registry
* [cosign login](cosign_login.md)	 - Log in to a registry
* [cosign manifest](cosign_manifest.md)	 - Provides utilities for discovering images in and performing operations on Kubernetes manifests
* [cosign piv-tool](cosign_piv-tool.md)	 - Provides utilities for managing a hardware token
* [cosign pkcs11-tool](cosign_pkcs11-tool.md)	 - Provides utilities for retrieving information from a PKCS11 token.
* [cosign public-key](cosign_public-key.md)	 - Gets a public key from the key-pair.
* [cosign save](cosign_save.md)	 - Save the container image and associated signatures to disk at the specified directory.
* [cosign sign](cosign_sign.md)	 - Sign the supplied container image.
* [cosign sign-blob](cosign_sign-blob.md)	 - Sign the supplied blob, outputting the base64-encoded signature to stdout.
* [cosign tree](cosign_tree.md)	 - Display supply chain security related artifacts for an image such as signatures, SBOMs and attestations
* [cosign triangulate](cosign_triangulate.md)	 - Outputs the located cosign image reference. This is the location where cosign stores the specified artifact type.
* [cosign upload](cosign_upload.md)	 - Provides utilities for uploading artifacts to a registry
* [cosign verify](cosign_verify.md)	 - Verify a signature on the supplied container image
* [cosign verify-attestation](cosign_verify-attestation.md)	 - Verify an attestation on the supplied container image
* [cosign verify-blob](cosign_verify-blob.md)	 - Verify a signature on the supplied blob
* [cosign verify-blob-attestation](cosign_verify-blob-attestation.md)	 - Verify an attestation on the supplied blob
* [cosign version](cosign_version.md)	 - Prints the version