Kernel fitImage signing is an important step in embedded secure boot. In this technique, a public-private key pair is generated by OpenSSL. The private key is used to sign the kernel fitImage. The public key is placed in the device tree of the bootloader (uboot or barebox) which is used [...]