NISB with ECDSA-P256 for nrf54l15

Hi, 

I am still waiting for the update in case anyone knows about it, please suggest.

Thanks!!

Later on, reading some documentation come to know for nrf54l15 only ed25519 is supported. 

I assume, this is due to the key provisioning support.

As far as I know, this is a design choice, to make NSIB as small as possible.

Also, wanted to know is there is any plan to support ecdsa-p256 for nrf54l15?

I am not able to answer questions about our timeline. You can try to ask your local sales representative from Nordic Semiconductor for information about our timeline.

Can you explain more about the FPROTECT issue?

Regards,
Sigurd Hellesvik

Later on, reading some documentation come to know for nrf54l15 only ed25519 is supported. 

I assume, this is due to the key provisioning support.

As far as I know, this is a design choice, to make NSIB as small as possible.

Also, wanted to know is there is any plan to support ecdsa-p256 for nrf54l15?

I am not able to answer questions about our timeline. You can try to ask your local sales representative from Nordic Semiconductor for information about our timeline.

Can you explain more about the FPROTECT issue?

Regards,
Sigurd Hellesvik

Hi,

Thanks for the information. I thought so, it might be to keep NSIB size minimum. But then, got confused as it is applicable for nrf54l15 only and for others ecdsa-p256 is supported (Read on one of the documentations).

Regarding FPROTECT, on enabling I am getting below warning.

was assigned the value 'y' but got the value 'n'. Check these unsatisfied dependencies:
(!(SOC_SERIES_NRF54LX && IS_SECURE_BOOTLOADER)) (=n). See 
http://docs.zephyrproject.org/latest/kconfig.html#CONFIG_FPROTECT and/or look up FPROTECT in the 
menuconfig/guiconfig interface. The Application Development Primer, Setting Configuration Values,
and Kconfig - Tips and Best Practices sections of the manual might be helpful too.  

Thanks!

Nilesh

If you want to enable FPROTECT for NSIB, set it in sysbuild/b0.conf. See this DevAcademy on Sysbuild to learn how to set configurations for images in sysbuild builds.

Hi,

I am sorry If I misunderstood your point. I am enabling CONFIG_FPROTECT, however it is giving me a warning due to dependency on another flag and due to which this flag is not getting set.

menuconfig FPROTECT
	bool "Enable FPROTECT"
	depends on SOC_FAMILY_NORDIC_NRF
	depends on !(SOC_SERIES_NRF54LX && IS_SECURE_BOOTLOADER)
	select NRFX_RRAMC if SOC_SERIES_NRF54LX
	help
	  Enable the software library FPROTECT that may or may not be used
	  by other systems to protect flash from writes and possibly also
	  reads. Does not protect against execution.
	  May use the HW peripherals BPROT, ACL, or SPU to achieve this.

Warning is coming from here, I think.

However, I'll still try your suggestion and will update here.

Thanks,

Nilesh

You can set that configuration different places.
The IS_SECURE_BOOTLOADER flag checks if you set it for the NSIB project, so I suspect that the configuration is set for the wrong project.

Hi,

I tried to rebuild (pristine build) and still getting the same warning.

Maybe, I am getting confused here. Can you please elaborate your point?

Some more information from my end. I am trying to build NSIB with default available configs and MCUBoot as upgradable bootloader. And I am able to test the functionality.