Re: [U-Boot] mkimage: Add support for signing with pkcs11

On Fri, Jan 06, 2017 at 01:14:17PM -0600, George McCollister wrote:

Add support for signing with the pkcs11 engine. This allows FIT images to be signed with keys securely stored on a smartcard, hardware security module, etc without exposing the keys.

Support for other engines can be added in the future by modifying rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct correct key_id strings.

Signed-off-by: George McCollister george.mccollister@gmail.com

Applied to u-boot/master, thanks!