• State Not Answered
  • Replies 6 replies
  • Subscribers 64 subscribers
  • Views 225 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 324184
Options

Using zephyr and MCUboot without image signatures

JoshK

Is there a way to not use signatures at all for MCUboot?

Without any changes to the kconfig file, I get a warning when compiling a project using MCUboot:

--- WARNING: Using default MCUBoot key, it should not ---
--- be used for production. --

I have a DFU process that already includes signature verification, so I have no reason to use MCUboot to verify the signature again.

I know that I can set CONFIG_BOOT_SIGNATURE_TYPE_NONE in an MCUboot kconfig file (PROJ_DIR/child_image/mcuboot.conf), and that I could choose a custom key in the main zephyr application, but I have not seen a way to set the main application to not use any key to sign the image.

Thanks
  • 0

    Hello,

    The warning message you're seeing is indicating that the default MCUBoot key is being used. This key is intended for development or debug use only and should not be used for production.

    It might not be possible to avoid the warning without setting your custom key for MCUboot, as this warning is a built-in feature of MCUboot to ensure the security of the application when it comes to production. I think you can just ignore the warning if you are using some other method for verification.

    Kind Regards,

    Abhijith

  • 0 in reply to Menon

    I understand that is the cause of the warning. I can avoid it by using a custom key, but would prefer to use no key whatsoever. 

    The problem is that setting MCUboot to not require a key seems to result in build errors from the nrf connect sdk, which is attempting to sign the image as part of the build process (using then nonexistent resources).

  • 0 in reply to JoshK

    Hello,

    JoshK said:
    The problem is that setting MCUboot to not require a key seems to result in build errors from the nrf connect sdk, which is attempting to sign the image as part of the build process (using then nonexistent resources).

    Yes, the NCS release until version V2.6.0 does not support the not-checking signature feature. Most of these will be included in the upcoming release, but I cannot provide you with a timeline for this.

    Can you include the configuration CONFIG_SIGN_IMAGES=n in the project configuration (prj.config) and CONFIG_BOOT_SIGNATURE_TYPE_NONE=y inside the mcuboot configuration (childimage/mcuboot/mcuboot.config)? Let me know if this works or not.

    Please expect some delay after this response as it is Easter vacation here in Norway. You can expect a response after the 2nd of April. Sorry if this creates any inconvenience for your development.

    Kind Regards,

    Abhijith

  • 0 in reply to Menon

    I tried that, it does actually finish the build with no issues, but it no longer generates a binary file for application updates, which is the output that I need. app_update.bin.

    Maybe I am missing something there?

  • 0

    Hello,

    That's strange. Then, I guess, you need to manually set the MCUboot build to not use a signature. I believe this feature will be included in the next release of NCS with the inclusion of Sysbuild as the new multi-image build system. 

    Kind Regards,

    Abhijith

Related