I am aware that there are multiple versions of the code signing tool from different locations.
I currently am using the CST located at github.com/nxp-qoriq/cst. This appears to be version 2.0 and matches what documentation I seem to come across. I have also seen versions in the 3.* range as well as a 4.* version. From postings on the forums it seems these version 3 and 4 versions of CST can support a HSM through some configuration changes.
However, I can't seem to find an equivalent for CST 2.0? Can CST 2.0 utilize a HSM? If yes what steps would be required, if no, then can other versions of CST be used as drop in replacements?
I also noticed that the latest CST 4 doesn't appear to have actual source code available, or am I just looking in the wrong place? The precompiled binaries are only available for x86_64, but I'm developing natively on the LS1043A aarch64, so the precompiled binaries are obviously not an option. I don't mind building a different version, I just need to know where the source is and if there are any compatibility issues to be aware of?
Thank you for your time.
