The present invention provides for token based signing of an unsigned
binary which may be a stream of bits (e.g., 0's and 1's). The unsigned
binary is signed using a secret key which resides in a token (e.g., a
smart card), which makes the secret key available to the token holder.
The unsigned binary is downloaded and verified for authenticity by the
token coupled to a computing device. In one embodiment, the downloaded
unsigned binary is encrypted. If the unsigned binary is authentic, it may
be used to replace the prior firmware on that computing device.