| CONFIG_CONSOLE_HANDLER=y |
| CONFIG_DEBUG=y |
| CONFIG_SYSTEM_CLOCK_DISABLE=y |
| CONFIG_SYS_POWER_MANAGEMENT=n |
| |
| CONFIG_MAIN_STACK_SIZE=10240 |
| CONFIG_MBEDTLS_CFG_FILE="mcuboot-mbedtls-cfg.h" |
| |
| CONFIG_BOOT_ENCRYPT_RSA=n |
| |
| CONFIG_BOOT_BOOTSTRAP=n |
| |
| ### Default to RSA |
| CONFIG_BOOT_SIGNATURE_TYPE_RSA=y |
| CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=n |
| |
| ### The bootloader generates its own signature verification based on a |
| ### key file which needs to be provided and needs to match the selected signing |
| ### algorithm (CONFIG_BOOT_SIGNATURE_TYPE_). |
| ### The PEM files below are provided as examples. |
| CONFIG_BOOT_SIGNATURE_KEY_FILE="root-rsa-2048.pem" |
| #CONFIG_BOOT_SIGNATURE_KEY_FILE="root-ec-p256.pem" |
| |
| ### mbedTLS has its own heap |
| # CONFIG_HEAP_MEM_POOL_SIZE is not set |
| |
| ### We never want Zephyr's copy of tinycrypt. If tinycrypt is needed, |
| ### MCUboot has its own copy in tree. |
| # CONFIG_TINYCRYPT is not set |
| # CONFIG_TINYCRYPT_ECC_DSA is not set |
| # CONFIG_TINYCRYPT_SHA256 is not set |
| |
| CONFIG_FLASH=y |
| |
| CONFIG_MULTITHREADING=n |
| |
| ### Various Zephyr boards enable features that we don't want. |
| # CONFIG_BT is not set |
| # CONFIG_BT_CTLR is not set |
| # CONFIG_I2C is not set |
| |
| ### Ensure Zephyr logging changes don't use more resources |
| CONFIG_LOG_DEFAULT_LEVEL=0 |