bootutil: Move encryption key function to common file

Move the definition of boot_enc_retrieve_private_key() to a common file
to avoid code duplication and also endure seamless transition to this new
key handling approach for targets which don't use hardware keys.

Change-Id: I57e54e4332503c11d18762f8291c3cab53df3d20
Signed-off-by: David Vincze <[email protected]>

Author: davidvincze

boot/bootutil/src/encrypted.c

@@ -2,7 +2,7 @@
  * SPDX-License-Identifier: Apache-2.0
  *
  * Copyright (c) 2018-2019 JUUL Labs
- * Copyright (c) 2019-2023 Arm Limited
+ * Copyright (c) 2019-2024 Arm Limited
  */
 
 #include "mcuboot_config/mcuboot_config.h"
@@ -334,7 +334,22 @@ hkdf(uint8_t *ikm, uint16_t ikm_len, uint8_t *info, uint16_t info_len,
     bootutil_hmac_sha256_drop(&hmac);
     return -1;
 }
-#endif
+#endif /* MCUBOOT_ENCRYPT_EC256 || MCUBOOT_ENCRYPT_X25519 */
+
+#if !defined(MCUBOOT_HW_KEY)
+extern const struct bootutil_key bootutil_enc_key;
+
+/*
+ * Default implementation to retrieve the private encryption key which is
+ * embedded in the bootloader code (when MCUBOOT_HW_KEY is not defined).
+ */
+int boot_enc_retrieve_private_key(struct bootutil_key **private_key)
+{
+    *private_key = (struct bootutil_key *)&bootutil_enc_key;
+
+    return 0;
+}
+#endif /* !MCUBOOT_HW_KEY */
 
 int
 boot_enc_init(struct enc_key_data *enc_state, uint8_t slot)

boot/cypress/MCUBootApp/keys.c

@@ -167,12 +167,3 @@ const struct bootutil_key bootutil_enc_key = {
     .key = enc_priv_key,
     .len = &enc_priv_key_len,
 };
-
-#if !defined(MCUBOOT_HW_KEY) && defined(MCUBOOT_ENC_IMAGES)
-int boot_enc_retrieve_private_key(struct bootutil_key **private_key)
-{
-    *private_key = (struct bootutil_key *)&bootutil_enc_key;
-
-    return 0;
-}
-#endif /* !MCUBOOT_HW_KEY && MCUBOOT_ENC_IMAGES */

boot/mbed/app_enc_keys.c

@@ -69,12 +69,3 @@ const struct bootutil_key bootutil_enc_key = {
 #endif
 
 #endif
-
-#if !defined(MCUBOOT_HW_KEY) && defined(MCUBOOT_ENC_IMAGES)
-int boot_enc_retrieve_private_key(struct bootutil_key **private_key)
-{
-    *private_key = (struct bootutil_key *)&bootutil_enc_key;
-
-    return 0;
-}
-#endif /* !MCUBOOT_HW_KEY && MCUBOOT_ENC_IMAGES */

boot/zephyr/keys.c

@@ -86,12 +86,3 @@ const struct bootutil_key bootutil_enc_key = {
 #elif defined(MCUBOOT_ENCRYPT_KW)
 #error "Encrypted images with AES-KW is not implemented yet."
 #endif
-
-#if !defined(MCUBOOT_HW_KEY) && defined(MCUBOOT_ENC_IMAGES)
-int boot_enc_retrieve_private_key(struct bootutil_key **private_key)
-{
-    *private_key = (struct bootutil_key *)&bootutil_enc_key;
-
-    return 0;
-}
-#endif /* !MCUBOOT_HW_KEY && MCUBOOT_ENC_IMAGES */

ci/mynewt_keys/enc_kw/src/keys.c

@@ -28,12 +28,3 @@ const struct bootutil_key bootutil_enc_key = {
     .key = enc_key,
     .len = &enc_key_len,
 };
-
-#if !defined(MCUBOOT_HW_KEY) && defined(MCUBOOT_ENC_IMAGES)
-int boot_enc_retrieve_private_key(struct bootutil_key **private_key)
-{
-    *private_key = (struct bootutil_key *)&bootutil_enc_key;
-
-    return 0;
-}
-#endif /* !MCUBOOT_HW_KEY && MCUBOOT_ENC_IMAGES */

ci/mynewt_keys/enc_rsa/src/keys.c

@@ -126,12 +126,3 @@ const struct bootutil_key bootutil_enc_key = {
     .key = enc_key,
     .len = &enc_key_len,
 };
-
-#if !defined(MCUBOOT_HW_KEY) && defined(MCUBOOT_ENC_IMAGES)
-int boot_enc_retrieve_private_key(struct bootutil_key **private_key)
-{
-    *private_key = (struct bootutil_key *)&bootutil_enc_key;
-
-    return 0;
-}
-#endif /* !MCUBOOT_HW_KEY && MCUBOOT_ENC_IMAGES */

sim/mcuboot-sys/csupport/keys.c

@@ -328,12 +328,3 @@ const struct bootutil_key bootutil_enc_key = {
     .len = &enc_key_len,
 };
 #endif
-
-#if !defined(MCUBOOT_HW_KEY) && defined(MCUBOOT_ENC_IMAGES)
-int boot_enc_retrieve_private_key(struct bootutil_key **private_key)
-{
-    *private_key = (struct bootutil_key *)&bootutil_enc_key;
-
-    return 0;
-}
-#endif /* !MCUBOOT_HW_KEY && MCUBOOT_ENC_IMAGES */