Support for yubikey

sbctl now supports a yubikey backend for signing keys. This can be controlled through the usual --keytype, --pk-keytype, --kek-keytype and --db-keytype flags with sbctl create-keys.

Please note that sbctl does not carry any infrastructure to do interactive prompts. Any PINs needs to be passed through with the SBCTL_YUBIKEY_PIN environment variable.

Changelog

• Fixed a bug where sbctl verify would choke on any non-PE executables.
• sbctl sign -s will not save files before checking if we can sign them.
• Misc dependency updates

Generated list of changes

What's Changed

• Initial yubikey backend keytype support by @tomis007 in #418
• CI: missing libpcsclite pkg by @pheiduck in #445

New Contributors

• @tomis007 made their first contribution in #418

Full Changelog: 0.17...0.18