I want to generate a bootloadable file for my application and I was wondering if the signature (-S option of cymcuelftool.exe) is mandatory or optional?
Also, if signed, where is the signature validation done / should be done?
The signature is mandatory.
elftool does add signature for application image only if add e.g. below line in main_cm4.c:
CY_SECTION(".cy_app_signature") __USED static const uint32_t
The signature should be validated during bootloading process. For more details of generating a bootloadable project, please refer to chapter 4.3 of AN213924.