make aes_init and chacha_init read the backup key

wolfSSL · Aug 23, 2023 · 017f4c1 · 017f4c1
1 parent 1543ab0
commit 017f4c1
Showing 1 changed file with 4 additions and 12 deletions.
diff --git a/src/libwolfboot.c b/src/libwolfboot.c
@@ -1540,16 +1540,12 @@ int RAMFUNCTION chacha_init(void)
 #if defined(MMU) || defined(UNIT_TEST)
     uint8_t *key = ENCRYPT_KEY;
 #else
-    uint8_t *key = (uint8_t *)(WOLFBOOT_PARTITION_BOOT_ADDRESS +
-        ENCRYPT_TMP_SECRET_OFFSET);
+    uint8_t key[ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE];
+    wolfBoot_get_encrypt_key(key, key + ENCRYPT_KEY_SIZE);
 #endif
     uint8_t ff[ENCRYPT_KEY_SIZE];
     uint8_t* stored_nonce;
 
-#ifdef NVM_FLASH_WRITEONCE
-    key -= WOLFBOOT_SECTOR_SIZE * nvm_select_fresh_sector(PART_BOOT);
-#endif
-
     stored_nonce = key + ENCRYPT_KEY_SIZE;
 
     XMEMSET(&chacha, 0, sizeof(chacha));
@@ -1586,17 +1582,13 @@ int aes_init(void)
 #if defined(MMU) || defined(UNIT_TEST)
     uint8_t *key = ENCRYPT_KEY;
 #else
-    uint8_t *key = (uint8_t *)(WOLFBOOT_PARTITION_BOOT_ADDRESS +
-        ENCRYPT_TMP_SECRET_OFFSET);
+    uint8_t key[ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE];
+    wolfBoot_get_encrypt_key(key, key + ENCRYPT_KEY_SIZE);
 #endif
     uint8_t ff[ENCRYPT_KEY_SIZE];
     uint8_t iv_buf[ENCRYPT_NONCE_SIZE];
     uint8_t* stored_nonce;
 
-#ifdef NVM_FLASH_WRITEONCE
-    key -= WOLFBOOT_SECTOR_SIZE * nvm_select_fresh_sector(PART_BOOT);
-#endif
-
     stored_nonce = key + ENCRYPT_KEY_SIZE;
 
     XMEMSET(&aes_enc, 0, sizeof(aes_enc));