From 52555e4f34ec23e77a3ee5b6cf722f1f55d85a70 Mon Sep 17 00:00:00 2001
From: pennam <m.pennasilico@arduino.cc>
Date: Mon, 28 Mar 2022 15:31:33 +0200
Subject: [PATCH 1/2] Rename default keys and add public key pem file

---
 ...a-p256-encrypt-key.pem => ecdsa-p256-encrypt-priv-key.pem} | 0
 libraries/MCUboot/default_keys/ecdsa-p256-encrypt-pub-key.pem | 4 ++++
 ...a-p256-signing-key.pem => ecdsa-p256-signing-priv-key.pem} | 0
 libraries/MCUboot/default_keys/ecdsa-p256-signing-pub-key.pem | 4 ++++
 4 files changed, 8 insertions(+)
 rename libraries/MCUboot/default_keys/{ecdsa-p256-encrypt-key.pem => ecdsa-p256-encrypt-priv-key.pem} (100%)
 create mode 100644 libraries/MCUboot/default_keys/ecdsa-p256-encrypt-pub-key.pem
 rename libraries/MCUboot/default_keys/{ecdsa-p256-signing-key.pem => ecdsa-p256-signing-priv-key.pem} (100%)
 create mode 100644 libraries/MCUboot/default_keys/ecdsa-p256-signing-pub-key.pem

diff --git a/libraries/MCUboot/default_keys/ecdsa-p256-encrypt-key.pem b/libraries/MCUboot/default_keys/ecdsa-p256-encrypt-priv-key.pem
similarity index 100%
rename from libraries/MCUboot/default_keys/ecdsa-p256-encrypt-key.pem
rename to libraries/MCUboot/default_keys/ecdsa-p256-encrypt-priv-key.pem
diff --git a/libraries/MCUboot/default_keys/ecdsa-p256-encrypt-pub-key.pem b/libraries/MCUboot/default_keys/ecdsa-p256-encrypt-pub-key.pem
new file mode 100644
index 000000000..b23dadbcc
--- /dev/null
+++ b/libraries/MCUboot/default_keys/ecdsa-p256-encrypt-pub-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaskgTJbWiejRblEEAobolQsixMmV
+Bk/1G/bQ44PZ0YFmbvIHOwPb5NHefENwjaKJ6xv6vgJeXKAS3CMxweA3sA==
+-----END PUBLIC KEY-----
diff --git a/libraries/MCUboot/default_keys/ecdsa-p256-signing-key.pem b/libraries/MCUboot/default_keys/ecdsa-p256-signing-priv-key.pem
similarity index 100%
rename from libraries/MCUboot/default_keys/ecdsa-p256-signing-key.pem
rename to libraries/MCUboot/default_keys/ecdsa-p256-signing-priv-key.pem
diff --git a/libraries/MCUboot/default_keys/ecdsa-p256-signing-pub-key.pem b/libraries/MCUboot/default_keys/ecdsa-p256-signing-pub-key.pem
new file mode 100644
index 000000000..4337f3bb5
--- /dev/null
+++ b/libraries/MCUboot/default_keys/ecdsa-p256-signing-pub-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1RY1JsM7rU1njkMkxJjpay6+DaPx
+9JeAezEyB9mVpxdXaUN76ciq0AoMhgvjf5mIUcT5Ipi+Xqr9kDyidBhJBQ==
+-----END PUBLIC KEY-----

From 8940680c65e2b4cd2e943e332d07753caf9f7209 Mon Sep 17 00:00:00 2001
From: pennam <m.pennasilico@arduino.cc>
Date: Mon, 28 Mar 2022 15:32:51 +0200
Subject: [PATCH 2/2] Make more clear that we are using private key for signing
 and public key for encryption

---
 boards.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/boards.txt b/boards.txt
index 4ec896b00..c7d3eb3d5 100644
--- a/boards.txt
+++ b/boards.txt
@@ -82,8 +82,8 @@ envie_m7.build.alignment=32
 envie_m7.build.version=1.2.3+4
 envie_m7.menu.security.sien.build.postbuild.cmd="{tools.imgtool.path}/{tools.imgtool.cmd}" {tools.imgtool.flags}
 envie_m7.menu.security.sien.build.keys.keychain={runtime.platform.path}/libraries/MCUboot/default_keys
-envie_m7.menu.security.sien.build.keys.sign_key=ecdsa-p256-signing-key.pem
-envie_m7.menu.security.sien.build.keys.encrypt_key=ecdsa-p256-encrypt-key.pem
+envie_m7.menu.security.sien.build.keys.sign_key=ecdsa-p256-signing-priv-key.pem
+envie_m7.menu.security.sien.build.keys.encrypt_key=ecdsa-p256-encrypt-pub-key.pem
 envie_m7.menu.security.none.build.postbuild.cmd="{tools.imgtool.path}/{tools.imgtool.cmd}" exit
 envie_m7.compiler.mbed.arch.define=
 envie_m7.compiler.mbed.defines={build.variant.path}/defines.txt