boot: zephyr: Use private key

Change adds using own private key for MCUBoot bootloader. Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
2020-08-04 02:22:55 -07:00 · 2020-08-04 02:22:55 -07:00 · bdcfc859d4
parent 71966db097
commit bdcfc859d4
2 changed files with 10 additions and 0 deletions
--- a/boot/zephyr/CMakeLists.txt
+++ b/boot/zephyr/CMakeLists.txt
@ -231,9 +231,14 @@ if(CONFIG_MCUBOOT_SERIAL)
    )
 endif()

+# CONF_FILE points to the KConfig configuration file of the bootloader
+get_filename_component(CONF_DIR ${CONF_FILE} DIRECTORY)
+
 if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "")
  if(IS_ABSOLUTE ${CONFIG_BOOT_SIGNATURE_KEY_FILE})
    set(KEY_FILE ${CONFIG_BOOT_SIGNATURE_KEY_FILE})
+  elseif(EXISTS ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})
+    set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})
  else()
    set(KEY_FILE ${MCUBOOT_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})
  endif()
--- a/boot/zephyr/Kconfig
+++ b/boot/zephyr/Kconfig
@ -128,6 +128,11 @@ config BOOT_SIGNATURE_KEY_FILE
 	string "PEM key file"
 	default ""
 	help
+	  You can use either absolute or relative path.
+	  In case relative path is used, the build system assumes that it starts
+	  from the directory where the MCUBoot KConfig configuration file is
+	  located. If the key file is not there, the build system uses relative
+	  path that starts from the MCUBoot repository root directory.
 	  The key file will be parsed by imgtool's getpub command and a .c source
 	  with the public key information will be written in a format expected by
 	  MCUboot.