espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-11-02 16:11:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

nvs_flash: Add support for HMAC-based NVS encryption keys protection scheme

Browse Source 
- This features allows the NVS encryption keys to be derived and protected using
  the HMAC peripheral. Since the encryption keys are derived at runtime, they
  are not stored anywhere in the flash and hence this feature does not require
  a separate `nvs_keys` partition.
This commit is contained in:
Laukik Hase
2023-04-05 18:03:56 +05:30
parent 1cf46bd0f0
commit c1bed366ba
10 changed files with 147 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
components/bootloader/Kconfig.projbuild
View File

@@ -776,6 +776,7 @@ menu "Security features"
bool "Enable flash encryption on boot (READ DOCS FIRST)"
default N
select SPI_FLASH_ENABLE_ENCRYPTED_READ_WRITE
select NVS_ENCRYPTION
help
If this option is set, flash contents will be encrypted by the bootloader on first boot.