Hi,
I'm working on nRF5340, NCS v2.6.1, Zephyr v3.4.99.
The net core is running the child image HCI RPMsg controller.
Th app core is running application and child image mcuboot.
I know that by default MCUboot uses generated NSIB key pair <ncs>/bootloader/mcuboot/root-rsa-2048.pem, not to be used for production.
Therefore, for production, my goal is to hash and sign image using custom keys and let MCUBoot to validate it at boot time.
Generating the key was pretty simple using
$ ./scripts/imgtool.py keygen -k mycompany.pem -t rsa-2048
Then I put the key file at path /home/gabriele/myproject/mycompany.pem
In myproject/child_image/mcuboot.conf I set
CONFIG_BOOT_SIGNATURE_KEY_FILE="/home/gabriele/myproject/mycompany.pem"
CONFIG_BOOT_SIGNATURE_TYPE_RSA=y
CONFIG_BOOT_VALIDATE_SLOT0=y
In /home/gabriele/myproject/prj.conf I set
CONFIG_SECURE_BOOT=y
CONFIG_SB_SIGNING_KEY_FILE="/home/gabriele/myproject/mycompany.pem"
At build time I get the following error in the end
Can anyone give a help ?