boot: zephyr: Use private key
Change adds using own private key for MCUBoot bootloader.
Signed-off-by: Marek Pieta <Marek.Pieta@nordicsemi.no>
diff --git a/boot/zephyr/CMakeLists.txt b/boot/zephyr/CMakeLists.txt
index 6cdb024..abe931e 100644
--- a/boot/zephyr/CMakeLists.txt
+++ b/boot/zephyr/CMakeLists.txt
@@ -231,9 +231,14 @@
)
endif()
+# CONF_FILE points to the KConfig configuration file of the bootloader
+get_filename_component(CONF_DIR ${CONF_FILE} DIRECTORY)
+
if(NOT CONFIG_BOOT_SIGNATURE_KEY_FILE STREQUAL "")
if(IS_ABSOLUTE ${CONFIG_BOOT_SIGNATURE_KEY_FILE})
set(KEY_FILE ${CONFIG_BOOT_SIGNATURE_KEY_FILE})
+ elseif(EXISTS ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})
+ set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})
else()
set(KEY_FILE ${MCUBOOT_DIR}/${CONFIG_BOOT_SIGNATURE_KEY_FILE})
endif()
diff --git a/boot/zephyr/Kconfig b/boot/zephyr/Kconfig
index 10cd885..f1ec0a7 100644
--- a/boot/zephyr/Kconfig
+++ b/boot/zephyr/Kconfig
@@ -128,6 +128,11 @@
string "PEM key file"
default ""
help
+ You can use either absolute or relative path.
+ In case relative path is used, the build system assumes that it starts
+ from the directory where the MCUBoot KConfig configuration file is
+ located. If the key file is not there, the build system uses relative
+ path that starts from the MCUBoot repository root directory.
The key file will be parsed by imgtool's getpub command and a .c source
with the public key information will be written in a format expected by
MCUboot.