I have had luck setting up signatures using MCUBOOT and sysbuild.
However, I have not been able to encrypt the images.
sysbuild.conf:
SB_CONFIG_BOOTLOADER_MCUBOOT=y
SB_CONFIG_BOOT_SIGNATURE_KEY_FILE="C:/Users/user/app/mykey.pem"
SB_CONFIG_BOOT_ENCRYPTION=y
SB_CONFIG_BOOT_ENCRYPTION_KEY_FILE="C:/Users/user/app/mykey.pem"
MCUBOOT seems to get both the keys setup correctly based generated files in build/mcuboot/zephyr/ (autogen-enckey.c and autogen-pubkey.c)
And on the output in terminal:
MCUBoot bootloader key file: C:/Users/user/app/mykey.pem
MCUBoot bootloader encryption key file: C:/Users/user/app/mykey.pem
-- Configuring done
-- Generating done
-- Build files have been written to: C:/Users/user/app/build_1/mcuboot
However, the binary generated within build/dfu_application.zip does not itself appear to be encrypted. What am I missing to actually encrypt the update binary?
Running nrf connect SDK 2.7.0 and toolchain 2.7.0
I mostly referred to these pages:
https://developer.nordicsemi.com/nRF_Connect_SDK/doc-legacy/latest/nrf/releases_and_maturity/migration/migration_sysbuild.html
developer.nordicsemi.com/.../bootloader_signature_keys.html
