Skip to content

Multi-key support with MCUBOOT_HW_KEYS #2311

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Cpt-Seablue opened this issue May 21, 2025 · 2 comments
Closed

Multi-key support with MCUBOOT_HW_KEYS #2311

Cpt-Seablue opened this issue May 21, 2025 · 2 comments

Comments

@Cpt-Seablue
Copy link

Cpt-Seablue commented May 21, 2025

We are trying to use MCUboot with signature validation. For actual releases, we plan to use MCUBOOT_HW_KEY setting to have the production key stored externally to MCUboot.

However, for development, we would like to use a dummy development key. Our end goal is that a development bootloader accepts images signed by either the production key or development key. Release bootloader should only accept images signed by the production key.

Sadly, MCUBOOT_HW_KEY only supports using single key (to my knowledge). We tried disabling MCUBOOT_HW_KEY for development bootloaders & stored the keys directly but this causes an issue, because production images are signed with --public-key-format full and development images with --public-key-format hash.

This means that even if we have both keys in the development bootloader, a production image gets rejected, because it does not have the expected data in the TLV.

Is there a way to achieve what we're trying?

@nordicjm
Copy link
Collaborator

It's possible that #2305 might fit your needs

@Cpt-Seablue
Copy link
Author

Cpt-Seablue commented May 23, 2025

Ah I see. We decided to scrap that expectation for now but I'll keep an eye on that PR. Thank you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants