From cad6e4e9e81cd1789402208070f6a4921328cc7c Mon Sep 17 00:00:00 2001
From: Artur Hadasz <artur.hadasz@nordicsemi.no>
Date: Fri, 4 Oct 2024 15:02:20 +0200
Subject: [PATCH] Aligned sign_script to regenerate.sh + to new default
 volatile KEY_ID

Signed-off-by: Artur Hadasz <artur.hadasz@nordicsemi.no>
---
 ncs/sign_script.py | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/ncs/sign_script.py b/ncs/sign_script.py
index 2225aa4..dff281b 100644
--- a/ncs/sign_script.py
+++ b/ncs/sign_script.py
@@ -31,12 +31,18 @@
 from collections import defaultdict
 from enum import Enum, unique
 
+import logging
+
+logger = logging.getLogger(__name__)
+
 #
 # User note:
 #   Rename the files to 'key_private_<KEY>.der' if you are using keys in DER format.
 #
+DEFAULT_PRIVATE_KEY = Path(__file__).parent / "key_private.pem"
+
 PRIVATE_KEYS = {
-    0x7FFFFFE0: Path(__file__).parent / "key_private.pem",
+    0x40000000: Path(__file__).parent / "key_private.pem",
     0x4000AA00: Path(__file__).parent / "key_private_OEM_ROOT_GEN1.pem",
     0x40022100: Path(__file__).parent / "key_private_APPLICATION_GEN1.pem",
     0x40032100: Path(__file__).parent / "key_private_RADIO_GEN1.pem",
@@ -68,13 +74,13 @@ class SuitIds(Enum):
     SUIT_MANIFEST_COMPONENT_ID = 5
 
 
-DEFAULT_KEY_ID = 0x7FFFFFE0
+DEFAULT_KEY_ID = 0x40000000
 
 KEY_IDS = {
     "nRF54H20_sample_root": 0x4000AA00,  # MANIFEST_PUBKEY_OEM_ROOT_GEN1
     "nRF54H20_sample_app": 0x40022100,  # MANIFEST_PUBKEY_APPLICATION_GEN1
-    "nRF54H20_sample_rad": 0x40032100,
-}  # MANIFEST_PUBKEY_RADIO_GEN1
+    "nRF54H20_sample_rad": 0x40032100, # MANIFEST_PUBKEY_RADIO_GEN1
+}
 
 DOMAIN_NAME = "nordicsemi.com"
 
@@ -176,7 +182,12 @@ def _get_key_id_for_manifest_class(self):
 
     def _get_private_key_path_for_manifest_class(self) -> Path:
         key_id = self._key_ids[self._get_manifest_class_id()]
-        return PRIVATE_KEYS[key_id]
+        key_path = PRIVATE_KEYS[key_id]
+        if not key_path.exists():
+            logger.warning(f"Private key {key_path} not found. Using default key path {DEFAULT_PRIVATE_KEY}. "
+                           "This is only for Nordic testing purposes - please provide the {key_path} file.")
+            key_path = DEFAULT_PRIVATE_KEY
+        return key_path
 
     def sign(self, private_key_path: Path = None) -> None:
         """Add signature to the envelope."""