boot: Add MCUBOOT_HW_KEY support for image encryption Currently encryption supports only private key embed in mcuboot itself. To support MCUBOOT_HW_KEY for image encryption boot_retrieve_private_key() hook is added. This hook helps retrieving private key from trusted sources like OTP, TPM. Signed-off-by: Dinesh Kumar K <dinesh@linumiz.com>

commit: 0fa46270c0b52b371a094042731c69e100478cbb [log] [tgz]
author: Dinesh Kumar K <dinesh@linumiz.com> Tue Jun 06 16:36:57 2023 +0530
committer: David Brown <davidb@davidb.org> Wed Jun 12 15:17:54 2024 -0600
tree: 58d7cfe7f2fa3b04f48231fda52cc3edf5c1533f
parent: 92ad926ecc17944a0df15293b98121968b3ac292 [diff] [blame]
diff --git a/boot/zephyr/keys.c b/boot/zephyr/keys.c
index ab403dd..f1d7e34 100644
--- a/boot/zephyr/keys.c
+++ b/boot/zephyr/keys.c

@@ -86,3 +86,12 @@
 #elif defined(MCUBOOT_ENCRYPT_KW)
 #error "Encrypted images with AES-KW is not implemented yet."
 #endif
+
+#if !defined(MCUBOOT_HW_KEY) && defined(MCUBOOT_ENC_IMAGES)
+int boot_enc_retrieve_private_key(struct bootutil_key **private_key)
+{
+    *private_key = (struct bootutil_key *)&bootutil_enc_key;
+
+    return 0;
+}
+#endif /* !MCUBOOT_HW_KEY && MCUBOOT_ENC_IMAGES */
commit	0fa46270c0b52b371a094042731c69e100478cbb	[log] [tgz]
author	Dinesh Kumar K <dinesh@linumiz.com>	Tue Jun 06 16:36:57 2023 +0530
committer	David Brown <davidb@davidb.org>	Wed Jun 12 15:17:54 2024 -0600
tree	58d7cfe7f2fa3b04f48231fda52cc3edf5c1533f
parent	92ad926ecc17944a0df15293b98121968b3ac292 [diff] [blame]