Skip to content

Throw a warning when using the example signing/encryption keys #2352

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Mar 22, 2025
Merged

Throw a warning when using the example signing/encryption keys #2352

merged 3 commits into from
Mar 22, 2025

Conversation

@will-v-pi
Copy link
Contributor

This throws a CMake warning when the example signing/encryption keys from pico-examples are used to sign/encrypt a binary, as the user should replace these with their own keys when actually developing secure applications

This is automatically disabled for pico-examples (as that can use the example keys), and can be manually disabled by setting PICO_ALLOW_EXAMPLE_KEYS

@will-v-pi
Throw a warning when using the example signing/encryption keys
e2d5268 
This is automatically disabled for pico-examples, and can be manually disabled by setting PICO_ALLOW_EXAMPLE_KEYS
@will-v-pi will-v-pi added this to the 2.1.2 milestone Mar 14, 2025
lurch
lurch reviewed Mar 17, 2025
View reviewed changes
lurch
lurch reviewed Mar 17, 2025
View reviewed changes
tools/CMakeLists.txt
RESULT_VARIABLE compare_result
)
if(compare_result EQUAL 0)
message(WARNING "${TARGET} is using a default ${TYPE} key - this must be changed before production")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would there be any value in also having a PICO_FORBID_EXAMPLE_KEYS setting, which changes this WARNING to an ERROR ? 🤷

lurch
lurch reviewed Mar 17, 2025
View reviewed changes
lurch
lurch reviewed Mar 17, 2025
View reviewed changes
@will-v-pi will-v-pi mentioned this pull request Mar 18, 2025
Merged
tdewey-rpi
tdewey-rpi previously approved these changes Mar 18, 2025
View reviewed changes
Copy link

@tdewey-rpi tdewey-rpi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good use of CMake functionality, and I approve of the concept entirely.

Make doing the right thing easy, and the wrong thing hard.

kilograham
kilograham reviewed Mar 22, 2025
View reviewed changes
@kilograham kilograham merged commit f81851a into raspberrypi:develop Mar 22, 2025
4 checks passed
will-v-pi added a commit to raspberrypi/pico-examples that referenced this pull request Mar 26, 2025
@will-v-pi
Allow example keys in the examples repo (#628)
58877e4 
Corresponds to raspberrypi/pico-sdk#2352
@hanshuebner hanshuebner mentioned this pull request May 18, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lurch lurch lurch left review comments

@kilograham kilograham kilograham approved these changes

@tdewey-rpi tdewey-rpi tdewey-rpi left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

2.2.0

Development

Successfully merging this pull request may close these issues.

4 participants

@will-v-pi @lurch @kilograham @tdewey-rpi