In the current framework for using engine based keys, the engine has
to be loaded and initialised as part of the default engines. The only
way this can happen for the TPM engine is if it is named in a config
secion, so all the tools must read and act on the config file to be
able to use TPM based keys.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
sbsign will sign an already signed binary (adding a signature at the end)
sbverify has a new mode --list, for listing all the signatures and sbattach
takes a --signum argument for --remove or --detach.
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
This prevents a FIPS failure message if no FIPS module is loaded.
Plus add -v as short form for --verbose in sbverify
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
