Support for CUSTOM_ENCRYPT_KEY that allows customer to supply their own implementation

dgarske · dgarske · commit 4f707867d009 · 2025-12-30T16:47:02.000-08:00
diff --git a/docs/encrypted_partitions.md b/docs/encrypted_partitions.md
@@ -36,6 +36,28 @@ wolfBoot upon next boot.
 Aside from setting the temporary key, the update mechanism remains the same for distributing, uploading and
 installing firmware updates through wolfBoot.
 
+### Custom encryption key storage
+
+You can use the `CUSTOM_ENCRYPT_KEY` option to implement your own functions for:
+`wolfBoot_get_encrypt_key`, `wolfBoot_set_encrypt_key`, `wolfBoot_erase_encrypt_key`,
+and `wolfBoot_initialize_encryption`.
+
+To enable:
+
+1) Add `CUSTOM_ENCRYPT_KEY=1` to your `.config`
+2) Add your own .c file using `OBJS_EXTRA`. For example, for your own
+   `src/custom_encrypt_key.c` add this to your `.config`:
+   `OBJS_EXTRA=src/custom_encrypt_key.o`
+
+Your custom implementation must provide these functions:
+
+```c
+int wolfBoot_set_encrypt_key(const uint8_t *key, const uint8_t *nonce);
+int wolfBoot_get_encrypt_key(uint8_t *key, uint8_t *nonce);
+int wolfBoot_erase_encrypt_key(void);
+int wolfBoot_initialize_encryption(void);
+```
+
 ### Libwolfboot API
 
 The API to communicate with the bootloader from the application is expanded when this feature is enabled,
diff --git a/options.mk b/options.mk
@@ -563,6 +563,9 @@ ifeq ($(ENCRYPT),1)
       endif
     endif
   endif
+  ifeq ($(CUSTOM_ENCRYPT_KEY),1)
+    CFLAGS+=-D"CUSTOM_ENCRYPT_KEY"
+  endif
 endif
 
 ifeq ($(EXT_FLASH),1)
diff --git a/src/libwolfboot.c b/src/libwolfboot.c
@@ -81,6 +81,7 @@ extern void aes_set_iv(uint8_t *nonce, uint32_t address);
 #endif
 
 #if defined (__WOLFBOOT) || defined (UNIT_TEST)
+#ifndef CUSTOM_ENCRYPT_KEY
 int wolfBoot_initialize_encryption(void)
 {
     if (!encrypt_initialized) {
@@ -91,6 +92,7 @@ int wolfBoot_initialize_encryption(void)
     }
     return 0;
 }
+#endif /* !CUSTOM_ENCRYPT_KEY */
 #endif
 
 #else
@@ -1491,6 +1493,7 @@ static int RAMFUNCTION hal_set_key(const uint8_t *k, const uint8_t *nonce)
     return ret;
 #endif
 }
+#ifndef CUSTOM_ENCRYPT_KEY
 /**
  * @brief Set the encryption key.
  *
@@ -1545,7 +1548,8 @@ int RAMFUNCTION wolfBoot_get_encrypt_key(uint8_t *k, uint8_t *nonce)
 #endif
     return 0;
 }
-#endif
+#endif /* UNIT_TEST */
+
 /**
  * @brief Erase the encryption key.
  *
@@ -1575,6 +1579,7 @@ int RAMFUNCTION wolfBoot_erase_encrypt_key(void)
 #endif
     return 0;
 }
+#endif /* !CUSTOM_ENCRYPT_KEY */
 
 #if defined(__WOLFBOOT) || defined(UNIT_TEST)
 

Original file line number	Diff line number	Diff line change
`@@ -81,6 +81,7 @@ extern void aes_set_iv(uint8_t *nonce, uint32_t address);`
`81`	`81`	`#endif`
`82`	`82`
`83`	`83`	`#if defined (__WOLFBOOT) \|\| defined (UNIT_TEST)`
	`84`	`+#ifndef CUSTOM_ENCRYPT_KEY`
`84`	`85`	`int wolfBoot_initialize_encryption(void)`
`85`	`86`	`{`
`86`	`87`	`if (!encrypt_initialized) {`
`@@ -91,6 +92,7 @@ int wolfBoot_initialize_encryption(void)`
`91`	`92`	`}`
`92`	`93`	`return 0;`
`93`	`94`	`}`
	`95`	`+#endif /* !CUSTOM_ENCRYPT_KEY */`
`94`	`96`	`#endif`
`95`	`97`
`96`	`98`	`#else`
`@@ -1491,6 +1493,7 @@ static int RAMFUNCTION hal_set_key(const uint8_t k, const uint8_t nonce)`
`1491`	`1493`	`return ret;`
`1492`	`1494`	`#endif`
`1493`	`1495`	`}`
	`1496`	`+#ifndef CUSTOM_ENCRYPT_KEY`
`1494`	`1497`	`/**`
`1495`	`1498`	`* @brief Set the encryption key.`
`1496`	`1499`	`*`
`@@ -1545,7 +1548,8 @@ int RAMFUNCTION wolfBoot_get_encrypt_key(uint8_t k, uint8_t nonce)`
`1545`	`1548`	`#endif`
`1546`	`1549`	`return 0;`
`1547`	`1550`	`}`
`1548`		`-#endif`
	`1551`	`+#endif /* UNIT_TEST */`
	`1552`	`+`
`1549`	`1553`	`/**`
`1550`	`1554`	`* @brief Erase the encryption key.`
`1551`	`1555`	`*`
`@@ -1575,6 +1579,7 @@ int RAMFUNCTION wolfBoot_erase_encrypt_key(void)`
`1575`	`1579`	`#endif`
`1576`	`1580`	`return 0;`
`1577`	`1581`	`}`
	`1582`	`+#endif /* !CUSTOM_ENCRYPT_KEY */`
`1578`	`1583`
`1579`	`1584`	`#if defined(__WOLFBOOT) \|\| defined(UNIT_TEST)`
`1580`	`1585`