Hello,
I have read the chapter (Code Signing Tool) of the https://docs.nxp.com/bundle/GUID-487B2E69-BB19-42CB-AC38-7EF18C0FE3AE/page/GUID-932D50F3-D90D-4ED0-B....
The boot image shall be signed by the integrated CST. In my use case, our RSA private key stores in company's HSM (that cannot export the private key, only sign APIs can be called). Is it possible to sign the boot image through our HSM?
I have went through the source code of the CST, I can modify the CST sign function by myself. However, I noticed that the private key is Mandatory for header creation, you can refer to the user guide https://docs.nxp.com/bundle/GUID-487B2E69-BB19-42CB-AC38-7EF18C0FE3AE/page/GUID-FEB09C78-938E-401A-8...
So, Is there any method to avoid assigning the private key in the step of header creation?
