CONFIG_TFM_KEY_FILE_NS

Path to private key used to sign non-secure firmware images.

Path to private key used to sign non-secure firmware images.

Type: string

Help

The path and filename for the .pem file containing the private key
that should be used by the BL2 bootloader when signing non-secure
firmware images.

Help

The path and filename for the .pem file containing the private key
that should be used by the BL2 bootloader when signing non-secure
firmware images.

Direct dependencies

(BUILD_WITH_TFM && BUILD_WITH_TFM) || (BUILD_WITH_TFM && BUILD_WITH_TFM && 0)

(Includes any dependencies from ifs and menus.)

Defaults

  • “/home/runner/work/sdk-nrf/sdk-nrf/ncs/modules/tee/tf-m/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem”

  • “/home/runner/work/sdk-nrf/sdk-nrf/ncs/modules/tee/tf-m/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem”

Kconfig definitions

At <Zephyr>/modules/trusted-firmware-m/Kconfig.tfm:62

Included via <Zephyr>/Kconfig:8<Zephyr>/Kconfig.zephyr:33<Zephyr>/modules/Kconfig:6<nRF>/doc/_build/kconfig/Kconfig.modules:20<nRF>/modules/trusted-firmware-m/Kconfig:44

Menu path: (Top) → Modules → trusted-firmware-m (/home/runner/work/sdk-nrf/sdk-nrf/ncs/modules/tee/tf-m/trusted-firmware-m) → Build with TF-M as the Secure Execution Environment

config TFM_KEY_FILE_NS
    string "Path to private key used to sign non-secure firmware images."
    default "/home/runner/work/sdk-nrf/sdk-nrf/ncs/modules/tee/tf-m/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem"
    depends on BUILD_WITH_TFM && BUILD_WITH_TFM
    help
      The path and filename for the .pem file containing the private key
      that should be used by the BL2 bootloader when signing non-secure
      firmware images.

At <Zephyr>/modules/trusted-firmware-m/Kconfig.tfm:62

Included via <Zephyr>/Kconfig:8<Zephyr>/Kconfig.zephyr:33<Zephyr>/modules/Kconfig:80<Zephyr>/modules/trusted-firmware-m/Kconfig:7

Menu path: (Top) → Modules → Build with TF-M as the Secure Execution Environment

config TFM_KEY_FILE_NS
    string "Path to private key used to sign non-secure firmware images."
    default "/home/runner/work/sdk-nrf/sdk-nrf/ncs/modules/tee/tf-m/trusted-firmware-m/bl2/ext/mcuboot/root-RSA-3072_1.pem"
    depends on BUILD_WITH_TFM && BUILD_WITH_TFM && 0
    help
      The path and filename for the .pem file containing the private key
      that should be used by the BL2 bootloader when signing non-secure
      firmware images.

(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)