controll of where the signing keys are stored (CONFIG_BOOT_SIGNATURE_KEY_FILE)

Want to store the CONFIG_BOOT_SIGNATURE_KEY_FILE in the project space, not the ncs folders.

Looking for a method to define file location without using a absolute path.

Build env is defaulting to "/home/username/ncs/v2.0.0/bootloader/mcuboot/child_image/key.pem"

Want to avoid a hardcoded full path, want to avoid the following.

CONFIG_BOOT_SIGNATURE_KEY_FILE="~/project/child_image/key.pem"
CONFIG_BOOT_SIGNATURE_KEY_FILE="/home/user/project/child_image/key.pem"
CONFIG_BOOT_SIGNATURE_KEY_FILE="C:/Nordic/nrf_connect_projects/project/child_image/key.pem"

Looking for something like.

CONFIG_BOOT_SIGNATURE_KEY_FILE="${PROJECT_DIR}//child_image/key.pem"

Parents Reply Children
  • I must be missing something....

    added line to CMakeLists.txt

    # SPDX-License-Identifier: Apache-2.0
    
    cmake_minimum_required(VERSION 3.20.0)
    
    find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
    project(net_core)
    
    target_sources(app PRIVATE src/main.c)
    
    if(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/child_image/mcuboot.conf")
        message("mcuboot.conf exist")
        set(mcuboot_CONF_FILE prj.conf ${CMAKE_CURRENT_LIST_DIR}/child_image/mcuboot.conf)
    endif()
    
    set(mcuboot_CONFIG_BOOT_SIGNATURE_KEY_FILE \\"${CMAKE_CURRENT_SOURCE_DIR}/child_image/key.pem\\")
    
    # Custom files and folders
    target_sources(app PRIVATE
    
        src/app/ble_app.c
    <more stuff>

    I see a warning in the build 

    CMake Warning at /home/dwaynef/ncs/v2.0.0/nrf/modules/mcuboot/CMakeLists.txt:281 (message):

    ---------------------------------------------------------
    --- WARNING: Using default MCUBoot key, it should not ---
    --- be used for production. ---
    ---------------------------------------------------------

    I'm running ncs 2.0.0

  • Ha, looks like location in CMakeList.txt is important...

    Moving the set command from line 15 up to line 4 fixes it.

  • That's an awesome solution thanks Dwayne!.  I was using my build script to generate mcuboot.conf to avoid hard coding absolute paths but this is way better

Related