Add --subkey_in option to kernel signing utility.

Add --subkey_in option to kernel signing utility.

This allows for using an existing key signature (subkey) header to generate new signed images if the kernel signing is unchanged. This obviates the need to take out the firmware private key each time a new signed kernel image is generated.

A similar change will also be propagated to the firmware signing utility. We would REALLY like to reduce the need to take out the verified boot private root key (used for generating R/W firmware key signature headers) everytime we generate a new signed R/W firmware image.

[Bill Richardson, 2010-05-28 14:47:35]

LGTM

[Randall Spangler, 2010-05-28 15:58:21]

LGTM