diff options
author | Roland Hieber <rhi@pengutronix.de> | 2021-07-14 14:02:33 +0200 |
---|---|---|
committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2021-07-16 21:24:44 +0200 |
commit | 00d6be294509952a736f6d77a735dfe2583507bd (patch) | |
tree | 25e99ee6092ff57d10f1c8b1149bdb81ab78f5de /doc | |
parent | 235332de090655007e6ca808e79c9206d1e075da (diff) | |
download | ptxdist-00d6be294509952a736f6d77a735dfe2583507bd.tar.gz ptxdist-00d6be294509952a736f6d77a735dfe2583507bd.tar.xz |
doc: code signing: define code signing consumers
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Message-Id: <20210714120234.16196-1-rhi@pengutronix.de>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/dev_code_signing.rst | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/doc/dev_code_signing.rst b/doc/dev_code_signing.rst index 1f43f2b60..3fcf68667 100644 --- a/doc/dev_code_signing.rst +++ b/doc/dev_code_signing.rst @@ -10,6 +10,8 @@ This is also essential when a verified boot chain is established, e.g. via *High Assurance Boot* (HAB), signed FIT images, and a verified root file system. +On the one side, **code signing consumers** are PTXdist recipes that want to +make use of key material, e.g. for signing kernel modules or disk images. PTXdist uses `PKCS#11 <pkcs11-doc_>`_ internally to provide access to keys and certificates, therefore code signing consumers should implement a PKCS#11 interface to make use of PTXdist's code signing infrastructure. |