CONFIG_CONSOLE_HANDLER=y CONFIG_DEBUG=y CONFIG_SYSTEM_CLOCK_DISABLE=y CONFIG_SYS_POWER_MANAGEMENT=n CONFIG_MAIN_STACK_SIZE=10240 CONFIG_MBEDTLS_CFG_FILE="mcuboot-mbedtls-cfg.h" CONFIG_BOOT_SWAP_SAVE_ENCTLV=n CONFIG_BOOT_ENCRYPT_RSA=n CONFIG_BOOT_ENCRYPT_EC256=n CONFIG_BOOT_UPGRADE_ONLY=n CONFIG_BOOT_BOOTSTRAP=n ### Default to RSA CONFIG_BOOT_SIGNATURE_TYPE_RSA=y CONFIG_BOOT_SIGNATURE_TYPE_RSA_LEN=2048 CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=n CONFIG_BOOT_SIGNATURE_TYPE_ED25519=n ### The bootloader generates its own signature verification based on a ### key file which needs to be provided and needs to match the selected signing ### algorithm (CONFIG_BOOT_SIGNATURE_TYPE_). ### The PEM files below are provided as examples. CONFIG_BOOT_SIGNATURE_KEY_FILE="root-rsa-2048.pem" #CONFIG_BOOT_SIGNATURE_KEY_FILE="root-rsa-3072.pem" #CONFIG_BOOT_SIGNATURE_KEY_FILE="root-ec-p256.pem" #CONFIG_BOOT_SIGNATURE_KEY_FILE="root-ed25519.pem" ### mbedTLS has its own heap # CONFIG_HEAP_MEM_POOL_SIZE is not set ### We never want Zephyr's copy of tinycrypt. If tinycrypt is needed, ### MCUboot has its own copy in tree. # CONFIG_TINYCRYPT is not set # CONFIG_TINYCRYPT_ECC_DSA is not set # CONFIG_TINYCRYPT_SHA256 is not set CONFIG_FLASH=y ### Various Zephyr boards enable features that we don't want. # CONFIG_BT is not set # CONFIG_BT_CTLR is not set # CONFIG_I2C is not set CONFIG_LOG=y ### Ensure Zephyr logging changes don't use more resources CONFIG_LOG_DEFAULT_LEVEL=0