From 017f4c12b0327131c34051e535a9c6d83c75748d Mon Sep 17 00:00:00 2001
From: John Bland <john.bland@wolfssl.com>
Date: Tue, 22 Aug 2023 23:09:38 -0400
Subject: [PATCH] make aes_init and chacha_init read the backup key

---
 src/libwolfboot.c | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

diff --git a/src/libwolfboot.c b/src/libwolfboot.c
index 61925ddc3..4d63628cd 100644
--- a/src/libwolfboot.c
+++ b/src/libwolfboot.c
@@ -1540,16 +1540,12 @@ int RAMFUNCTION chacha_init(void)
 #if defined(MMU) || defined(UNIT_TEST)
     uint8_t *key = ENCRYPT_KEY;
 #else
-    uint8_t *key = (uint8_t *)(WOLFBOOT_PARTITION_BOOT_ADDRESS +
-        ENCRYPT_TMP_SECRET_OFFSET);
+    uint8_t key[ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE];
+    wolfBoot_get_encrypt_key(key, key + ENCRYPT_KEY_SIZE);
 #endif
     uint8_t ff[ENCRYPT_KEY_SIZE];
     uint8_t* stored_nonce;
 
-#ifdef NVM_FLASH_WRITEONCE
-    key -= WOLFBOOT_SECTOR_SIZE * nvm_select_fresh_sector(PART_BOOT);
-#endif
-
     stored_nonce = key + ENCRYPT_KEY_SIZE;
 
     XMEMSET(&chacha, 0, sizeof(chacha));
@@ -1586,17 +1582,13 @@ int aes_init(void)
 #if defined(MMU) || defined(UNIT_TEST)
     uint8_t *key = ENCRYPT_KEY;
 #else
-    uint8_t *key = (uint8_t *)(WOLFBOOT_PARTITION_BOOT_ADDRESS +
-        ENCRYPT_TMP_SECRET_OFFSET);
+    uint8_t key[ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE];
+    wolfBoot_get_encrypt_key(key, key + ENCRYPT_KEY_SIZE);
 #endif
     uint8_t ff[ENCRYPT_KEY_SIZE];
     uint8_t iv_buf[ENCRYPT_NONCE_SIZE];
     uint8_t* stored_nonce;
 
-#ifdef NVM_FLASH_WRITEONCE
-    key -= WOLFBOOT_SECTOR_SIZE * nvm_select_fresh_sector(PART_BOOT);
-#endif
-
     stored_nonce = key + ENCRYPT_KEY_SIZE;
 
     XMEMSET(&aes_enc, 0, sizeof(aes_enc));