Commit Graph

9 Commits

Author SHA1 Message Date
Laukik Hase
c1bed366ba
nvs_flash: Add support for HMAC-based NVS encryption keys protection scheme
- This features allows the NVS encryption keys to be derived and protected using
  the HMAC peripheral. Since the encryption keys are derived at runtime, they
  are not stored anywhere in the flash and hence this feature does not require
  a separate `nvs_keys` partition.
2023-05-23 13:55:52 +05:30
Linda
65ee4992ce docs: update the algorithm and key name from AES-XTS to XTS-AES 2023-05-15 17:54:50 +08:00
Matus Fabo
58cca07104 add: Kconfig assert or errorcode option
add: private include header
add: macro encapsulation for assertion or error check
add: ESP_FAIL return code documentation in public headers
change: replaced all assertions by NVS_ASSERT_OR_RETURN macro
change: few internal function return values from void to esp_err_t
change: ESP_ERR_NVS_VALUE_TOO_LONG macro comment
2022-05-28 20:29:05 +02:00
Mahavir Jain
e67128dd0a nvs: add config to ignore "encrypted" flag of nvs partitions
This is to allow having pre IDF v4.3 behavior where "encrypted"
flag was not being checked for NVS partitions.

It is recommended to enable this new config only if you have
production devices where NVS partition was being set with "encrypted"
flag by mistake.

Please see commit aca9ec28b3 which
introduced check to not allow NVS partitions with "encrypted" flag set.

More discussion on this at:
https://github.com/espressif/esp-idf/issues/5747#issuecomment-956223024
https://github.com/espressif/esp-idf/issues/7839#issuecomment-961477667

Closes https://github.com/espressif/esp-idf/issues/7839
Closes IDFGH-6162
2021-11-11 15:20:57 +05:30
Aditya Patwardhan
a02be97fda nvs_flash: Modify the default NVS initialization API with internal nvs encryption
handling (only when nvs encryption is enabled)
    * NVS Encryption will now be turned on by default with flash encryption
    * Updated the flash encryption example to shocase NVS encryption
    along with information on how to configure and use NVS encryption
    * Updated respective test case
    * Added two partition tables for NVS encryption
     i) Table 1- Single factory app, no OTA, encrypted NVS
     ii) Table 2- Factory app, Two OTA, encrypted NVS
2021-01-20 11:12:14 +00:00
Roland Dobai
833822c10b Fix Kconfig issues discovered by upstream Kconfiglib 2019-09-23 16:10:57 +02:00
Roland Dobai
1ad2283641 Rename Kconfig options (components/bootloader) 2019-05-21 09:32:55 +02:00
Roland Dobai
37126d3451 Correct Kconfigs according to the coding style 2019-01-29 13:37:01 +01:00
Sagar Bijwe
48fccbf5dd nvs_flash: Add support for nvs encryption 2018-09-24 11:25:21 +05:30