Commit graph

4 commits

Author SHA1 Message Date
Helge Juul 8749cd4d76 kconfig: Add option for encryption of binaries
Introduce new Kconfig option MCUBOOT_ENCRYPTION_KEY_FILE. If the
string is not empty Cmake will try to encrypt the final binaries using
the given key file.

Signed-off-by: Helge Juul <helge@fastmail.com>
2021-08-26 21:15:54 -04:00
Henrik Brix Andersen 7e39e1d747 cmake: mcuboot: confirmed images needs to be padded
Add --pad to imgtool.py command line arguments when generating confirmed
images, otherwise the image contains no trailer magic for writing the
confirmed status.

Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
2020-09-04 12:00:04 +02:00
Martí Bolívar 003d30b6f0 cmake: flash signed binaries for mcuboot
When CONFIG_MCUBOOT_SIGNATURE_KEY_FILE is set and the build system
successfully creates signed outputs, use them as the default artifacts
to flash.

This flashes the non-confirmed variant regardless of
CONFIG_MCUBOOT_GENERATE_CONFIRMED_IMAGE, allowing POST code in the
application to confirm the image or not. Since this is used primarily
from development, I'd hesitate to assume the confirmed image is good.

Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
2020-09-03 16:49:09 -05:00
Martí Bolívar f66a0c3772 build: auto-generate signed mcuboot binaries
Add new Kconfig options which depend on CONFIG_BOOTLOADER_MCUBOOT:

- CONFIG_MCUBOOT_SIGNATURE_KEY_FILE: the path to the key pair which
  should be used to sign the image, in PEM format. This is sent to
  imgtool via 'west sign' when set to produce zephyr.signed.bin and
  zephyr.signed.hex files as needed.

- CONFIG_MCUBOOT_EXTRA_IMGTOOL_ARGS: additional arguments to pass to
  imgtool.

- CONFIG_MCUBOOT_GENERATE_CONFIRMED_IMAGE: also generate
  zephyr.signed.confirmed.{bin,hex}

Add build system support for these options.

This makes a separate 'west sign' step unnecessary when using MCUboot,
if the application image is properly configured with the location of
the key file.

Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
2020-09-01 13:33:46 +02:00