Hello,
I'm having trouble saving signing keys to the KMU on the nRF54LM20-DK.
I'm using the build for the nRF54LM20B, as recommended here, so the KMU should be used for this processor:
Exercise 2 - DFU with custom keys - Nordic Developer Academy
https://nrfconnectdocs.nordicsemi.com/ncs/latest/nrf/app_dev/device_guides/nrf54l/dfu_config.html
I generated the ED25519 key, and my sysbuild.conf looks like this:
SB_CONFIG_BOOTLOADER_MCUBOOT=y
SB_CONFIG_PM_MCUBOOT_PAD=0x800
SB_CONFIG_MCUBOOT_MODE_SWAP_USING_MOVE=y
SB_CONFIG_BOOT_SIGNATURE_KEY_FILE="${APP_DIR}/keys/mcuboot_private.pem"
SB_CONFIG_BOOT_SIGNATURE_TYPE_ED25519=y
SB_CONFIG_MCUBOOT_SIGNATURE_USING_KMU=y
SB_CONFIG_MCUBOOT_GENERATE_DEFAULT_KMU_KEYFILE=y
However, unfortunately, after flashing with the –erase option, I get this message:
Flashing file: ...\build_lm20b_ns_ota_330\merged.hex Provisioning key file: ...\build_lm20b_ns_ota_330\keyfile.json Erasing non-volatile memory (ERASEALL) Programming image Verifying image KEY Provision Keys [242] failed provisioning
Please suggest a solution on how to properly enable storage in the KMU.
(As an alternative, I tried "Store it in the MCUboot bootloader image itself," where it worked fine) – after the OTA update, it only accepted a properly signed image.
Thank you