Code Signing Tool with keys in HSM

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Code Signing Tool with keys in HSM

145 Views
ThomasGu
Contributor I

Hi

when signing an bootloader with code signing tool (cst) the private key is needed to create the signature.

We want to have the private keys in a HSM but not the certificates (which are stored on the file system)

All the examples define the certificate to be used for signing (e.g. in the CSF file):

[Install CSFK]
File = "pkcs11:token=CST-HSM-DEMO;object=CSF1_1_sha256_2048_65537_v3_usr;type=cert;pin-value=${USR_PIN}"

So I wondering how I can tell the cst which private key it should use.

Thanks in advance

Thomas

0 Kudos
Reply
0 Replies