We are trying to setup image encryption in our nRF build, for use with BLE DFU.
I see that this is not supported by Nordic, but that there is support for it in MCUBoot. There exists an example from Hellevik that we followed: https://github.com/hellesvik-nordic/samples_for_nrf_connect_sdk/tree/main/bootloader_samples/keys_and_signatures/mcuboot_smp_encryption
Using this example, we get encryption to work, with the compiler reporting the correct key file, but when attempting DFU, it just reports as failed.
From my understanding, the encryption is done using an ephemeral AES key, which is encrypted with a public key. The bootloader should hence have the private key.
I could not find that key in merged.hex, so I suspect it is not included.
The example used UART DFU, is there a difference here that requires other configuration?
I also saw another question regarding using encrypted images with a two stage bootloader, which we are using. It was said that it is not supported, but is there a difference between that and using only MCUBoot?