Hi,
I have an application for the nRF9160 where I want to use mcuboot and of course signing, but I get the following message while building, that my key file is invalid.
-- Found assembler: D:/work/nRF_Connect_SDK/v1.8.0/toolchain/opt/bin/arm-none-eabi-gcc.exe MCUBoot bootloader key file: D:/work/nRF_Connect_SDK/devzone/hello_world1234/test_ed25519.pem -- Configuring done -- Generating done -- Build files have been written to: D:/work/nRF_Connect_SDK/devzone/hello_world1234/build/mcuboot === child image mcuboot - end === CMake Warning at D:\work\nRF_Connect_SDK\v1.8.0\nrf\modules\mcuboot\CMakeLists.txt:278 (message): Key file `D:/work/nRF_Connect_SDK/devzone/hello_world1234/test_ed25519.pem` does not contain a valid private key. Signing of images will be disabled. Disable signing with `CONFIG_SIGN_IMAGES=n` to silence this warning.
I generated this keyfile and with the imgtool.py and it looks as follows:
-----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VwBCIEIIXfDZiyadNbgeTl1FjaPsSpYOsVy8/pF1MtYafCSFcw -----END PRIVATE KEY-----
Now nothing gets signed and I get no app_update.bin file and everything that comes with it.
I have attached a sample application where I get this error, where I used the .conf files of my actual application (just to clarify why they are so overkill for a hello world program).
I am using nRF Connect SDK 1.8.0 and VSCode
Thank you in advance.
EDIT: This also applies with the default keys (meaning not setting CONFIG_BOOT_SIGNATURE_KEY_FILE to anything specific).
- Found assembler: D:/work/nRF_Connect_SDK/v1.8.0/toolchain/opt/bin/arm-none-eabi-gcc.exe
MCUBoot bootloader key file: D:/work/nRF_Connect_SDK/v1.8.0/bootloader/mcuboot/root-ed25519.pem
-- Configuring done
-- Generating done
-- Build files have been written to: D:/work/nRF_Connect_SDK/devzone/hello_world1234/build/mcuboot
=== child image mcuboot - end ===
CMake Warning at D:\work\nRF_Connect_SDK\v1.8.0\nrf\modules\mcuboot\CMakeLists.txt:255 (message):
---------------------------------------------------------
--- WARNING: Using default MCUBoot key, it should not ---
--- be used for production. ---
---------------------------------------------------------
CMake Warning at D:\work\nRF_Connect_SDK\v1.8.0\nrf\modules\mcuboot\CMakeLists.txt:278 (message):
Key file
`D:/work/nRF_Connect_SDK/v1.8.0/bootloader/mcuboot/root-ed25519.pem` does
not contain a valid private key. Signing of images will be disabled.
Disable signing with `CONFIG_SIGN_IMAGES=n` to silence this warning.
Dropping partition 'nrf_modem_lib_trace' since its size is 0.
-- Configuring done
-- Generating done
-- Build files have been written to: D:/work/nRF_Connect_SDK/devzone/hello_world1234/build
It appears, that this is ed25519 specific. RSA and ECDSA-P256 seem to work fine.
Only when going back to SDK 1.4.0 it seems to recognize the .pem file correctly and spit out a signed .bin file.
