I tried to implement the NVS Encryption with version V4.0-Release. I followed this https://docs.espressif.com/projects/esp ... encryption.
I used the example nvs_rw_blob with the addition of the code
Code: Select all
if (!esp_flash_encryption_enabled()) {
printf("flash encryption disabled, skipping nvs_api tests with encryption enabled\n");
esp_err_t err = nvs_flash_init();
if (err == ESP_ERR_NVS_NO_FREE_PAGES || err == ESP_ERR_NVS_NEW_VERSION_FOUND) {
// NVS partition was truncated and needs to be erased
// Retry nvs_flash_init
ESP_ERROR_CHECK(nvs_flash_erase());
err = nvs_flash_init();
}
ESP_ERROR_CHECK( err );
}
else {
printf("flash encryption enable, continue to key creation\n");
const esp_partition_t* key_part = esp_partition_find_first(ESP_PARTITION_TYPE_DATA, ESP_PARTITION_SUBTYPE_DATA_NVS_KEYS, NULL);
const esp_partition_t* nvs_partition = esp_partition_find_first(ESP_PARTITION_TYPE_DATA, ESP_PARTITION_SUBTYPE_DATA_NVS, NULL);
assert(nvs_partition && "partition table must have an NVS partition");
ESP_ERROR_CHECK( esp_partition_erase_range(nvs_partition, 0, nvs_partition->size) );
nvs_sec_cfg_t cfg;
esp_err_t err = nvs_flash_read_security_cfg(key_part, &cfg);
if(err == ESP_ERR_NVS_KEYS_NOT_INITIALIZED) {
printf("nvs flash key is not intialized\n");
err = nvs_flash_generate_keys(key_part, &cfg);
if(err != ESP_OK) {
printf("nvs flash key generate error\n");
}
else {
printf("nvs flash key generate success\n");
}
} else {
ESP_ERROR_CHECK(err);
esp_log_buffer_hex("NVS KEY", cfg.eky, NVS_KEY_SIZE);
}
err = nvs_flash_secure_init(&cfg);
ESP_ERROR_CHECK(err);
}
Code: Select all
# Espressif ESP32 Partition Table
# Name, Type, SubType, Offset, Size, Flags
nvs, data, nvs, 0x9000, 0x4000
otadata, data, ota, 0xd000, 0x2000
phy_init, data, phy, 0xf000, 0x1000
ota_0, app, ota_0, 0x10000, 0x180000
ota_1, app, ota_1, , 0x180000
nvs_key, data, nvs_keys, , 0x1000, encrypted
Do you guys have any suggestions? Or if you have a link of the example, please help me.