Draft: Support offline signatures
With this early code, it is now possible to
pvr sig -e RS256 -x ../keys/cert.pem add -p pv-avahi |
openssl sha256 -binary |
openssl pkeyutl -sign -inkey ../keys/key.pem -pkeyopt digest:sha256 |
pvr sig -i -x ../keys/cert.pem add -p pv-avahi
to achieve the same effect as
pvr sig -k ../keys/key.pem -x ../keys/cert.pem add -p pv-avahi
This enables the use of HSMs, KMS, external software signing services without having to wait synchronously for the signature.