From ca851c87cf6f82708fd4d4fe1fd8f7c1b745da7e Mon Sep 17 00:00:00 2001 From: Mahavir Jain Date: Mon, 19 Sep 2022 11:43:34 +0530 Subject: [PATCH] esptool: (re)populate the secure boot signing key path For project with reduced component list, secure boot signing key path was not getting correctly. This change sets the secure boot signing key path explicitly based on the relevant config option. Closes https://github.com/espressif/esp-idf/issues/9578 Close IDFGH-8075 --- components/esptool_py/project_include.cmake | 2 ++ 1 file changed, 2 insertions(+) diff --git a/components/esptool_py/project_include.cmake b/components/esptool_py/project_include.cmake index 50c6b74190..72f5aabab4 100644 --- a/components/esptool_py/project_include.cmake +++ b/components/esptool_py/project_include.cmake @@ -140,6 +140,8 @@ endif() if(NOT BOOTLOADER_BUILD AND CONFIG_SECURE_SIGNED_APPS) if(CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES) # for locally signed secure boot image, add a signing step to get from unsigned app to signed app + get_filename_component(secure_boot_signing_key "${CONFIG_SECURE_BOOT_SIGNING_KEY}" + ABSOLUTE BASE_DIR "${project_dir}") add_custom_command(OUTPUT "${build_dir}/.signed_bin_timestamp" COMMAND ${ESPSECUREPY} sign_data --version ${secure_boot_version} --keyfile ${secure_boot_signing_key} -o "${build_dir}/${PROJECT_BIN}" "${build_dir}/${unsigned_project_binary}"