The keydir/keyname path should follow the FIT signing key convention and read <key-name-hint>.key. Using .pem here is incorrect and does not match the filenames used by mkimage and binman key-directory flows.
Signed-off-by: James Hilliard <[email protected]> --- lib/ecdsa/ecdsa-libcrypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c index c4bfb2cec61..ef3e42cb0f8 100644 --- a/lib/ecdsa/ecdsa-libcrypto.c +++ b/lib/ecdsa/ecdsa-libcrypto.c @@ -338,7 +338,7 @@ static int prepare_ctx(struct signer *ctx, const struct image_sign_info *info) } else if (info->keyfile) { snprintf(kname, sizeof(kname), "%s", info->keyfile); } else if (info->keydir && info->keyname) { - snprintf(kname, sizeof(kname), "%s/%s.pem", info->keydir, + snprintf(kname, sizeof(kname), "%s/%s.key", info->keydir, info->keyname); } else { fprintf(stderr, "keyfile, keyname, or key-name-hint missing\n"); -- 2.53.0

