* evmctl and pkcs#11
@ 2021-01-11 8:47 Christian Schaubschläger
0 siblings, 0 replies; only message in thread
From: Christian Schaubschläger @ 2021-01-11 8:47 UTC (permalink / raw)
To: linux-integrity
Hello list,
I'm using evmctl's ima_sign facility to sign binaries like this:
evmctl -a sha256 ima_sign -k keyfile.priv binary_file
Now I would like to use a smartcard to do the cryptography instread of providing the private key in a file using the "-k" option. Is this possible? I see that evmctl knows the option "--engine"; can I specify an openssl pkcs#11 engine with that to get the hash signed by the smartcard via pkcs#11 and openssl?
Thanks and best regards,
Christian
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-01-11 8:49 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-11 8:47 evmctl and pkcs#11 Christian Schaubschläger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).