During the first boot, the microcontroller automatically generates a key pair. The process includes:

1. Secure random number generation using hardware TRNG (True Random Generator).
2. ECC key pair creation (SECP256R1) using the mbedTLS library.
3. Conversion of the private key to DER format following the PKCS#8 standard.
4. Store the private key into the flash partition.
5. Conversion of the public key to PEM format for export.

The private key remains stored in a secure area of the microcontroller and is never exposed. The public key can be retrived only on boot if the key storage is empty.

Signed-off-by: WIKA IIoT RD <60038@wika.com>

Author: Wika-Group-IIoT-RD

boot/bootutil/include/bootutil/boot_store_enc_keys.h

@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2026 WIKA Alexander Wiegand SE & Co. KG
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#ifndef _BOOT_STORE_ENC_KEYS_H_
+#define _BOOT_STORE_ENC_KEYS_H_
+
+#include <stddef.h>
+#include <stdbool.h>
+
+/**
+ * @brief Store the private key into the flash partition
+ * 
+ * @param key       Pointer to the buffer where the key is stored 
+ * @param key_len   Size of the key
+ * 
+ * @return          0 on success; nonzero on failure.
+ */
+int store_priv_enc_key(const unsigned char *key, size_t key_len);
+
+/**
+*  @brief Check the private key encryption storage is empty.
+*
+*  @retval true     The key storage is empty.
+*  @retval false    The key storage is not empty or the flash area could not be accessed. 
+*
+**/
+bool is_key_storage_erased();
+
+#endif /*_BOOT_STORE_ENC_KEYS_H_*/

boot/bootutil/include/bootutil/generate_key_pair.h

@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2026 WIKA Alexander Wiegand SE & Co. KG
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#ifndef __GENERATE_KEY_PAIR_H__
+#define __GENERATE_KEY_PAIR_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Generate public and private key for encryption in (PKCS8 and PEM format).
+ *
+ * @return On failure, print error message.
+ * 
+ */
+void generate_enc_key_pair(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __GENERATE_KEY_PAIR_H__ */

boot/bootutil/src/boot_store_enc_keys.c

@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2026 WIKA Alexander Wiegand SE & Co. KG
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include "mcuboot_config/mcuboot_config.h"
+
+#if defined(MCUBOOT_GEN_ENC_KEY)
+#include <bootutil/boot_store_enc_keys.h>
+#include "bootutil_priv.h"
+#include <bootutil/bootutil_macros.h>
+
+#define PRIV_ENC_KEY_ALIGN_SIZE ALIGN_UP(MCUBOOT_PRIV_ENC_KEY_LEN, MCUBOOT_BOOT_MAX_ALIGN)
+
+int
+store_priv_enc_key(const unsigned char *key, size_t key_len)
+{
+    if((key == NULL) || key_len != MCUBOOT_PRIV_ENC_KEY_LEN)
+    {
+        return -1;
+    }
+
+    const struct flash_area *fa;
+    int rc = flash_area_open(KEY_STORAGE_ID, &fa);
+    if (rc)
+    {
+        return rc;
+    }
+
+    uint32_t pad_off = ALIGN_UP(KEY_STORAGE_BASE, MCUBOOT_BOOT_MAX_ALIGN) - KEY_STORAGE_BASE;
+    uint8_t erased_val = flash_area_erased_val(fa);
+
+    rc = boot_erase_region(fa, pad_off, PRIV_ENC_KEY_ALIGN_SIZE, false);
+    if (rc != 0) {
+        return BOOT_EFLASH;
+    }
+
+    uint8_t priv_enc_key[PRIV_ENC_KEY_ALIGN_SIZE];
+    memset(&priv_enc_key[0], erased_val, PRIV_ENC_KEY_ALIGN_SIZE);
+    memcpy(&priv_enc_key[0], key, MCUBOOT_PRIV_ENC_KEY_LEN);
+
+    rc = flash_area_write(fa, pad_off, &priv_enc_key[0], PRIV_ENC_KEY_ALIGN_SIZE);
+    flash_area_close(fa);
+    if (rc != 0) {
+        return BOOT_EFLASH;
+    }
+    return 0;
+}
+
+bool is_key_storage_erased(){
+    const struct flash_area *fa;
+    if (flash_area_open(KEY_STORAGE_ID, &fa) < 0)
+    {
+        return false;
+    }
+    bool ret = bootutil_buffer_is_erased(fa, (const void*)ALIGN_UP(KEY_STORAGE_BASE, MCUBOOT_BOOT_MAX_ALIGN), MCUBOOT_PRIV_ENC_KEY_LEN);
+    flash_area_close(fa);
+    return ret;
+}
+
+#endif /* MCUBOOT_GEN_ENC_KEY */

boot/bootutil/src/generate_key_pair.c

@@ -0,0 +1,153 @@
+/*
+ * Copyright (c) 2026 WIKA Alexander Wiegand SE & Co. KG
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include "mcuboot_config/mcuboot_config.h"
+
+#if defined(MCUBOOT_GEN_ENC_KEY)
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/ecp.h"
+#include "bootutil/generate_key_pair.h"
+#include "bootutil/boot_store_enc_keys.h"
+#include "pkcs8secp256write.h"
+#include "bootutil/bootutil_log.h"
+BOOT_LOG_MODULE_DECLARE(mcuboot);
+
+#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES    (30 + 2 * MBEDTLS_ECP_MAX_BYTES)
+#define PK_ECP_SIZE_BASE64 ((MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES*4+3-1)/3)
+#define PEM_BEGIN_PUBLIC_KEY_SIZE 25
+#define PEM_END_PUBLIC_KEY_SIZE 27
+#define NEW_LINE_CHARS 3
+#define PEM_PUBLIC_KEY_SIZE (PEM_BEGIN_PUBLIC_KEY_SIZE + PK_ECP_SIZE_BASE64 + PEM_END_PUBLIC_KEY_SIZE + NEW_LINE_CHARS)
+
+/**
+ * @brief Generate public and private key and contain in mbedtls_pk_context.
+ *
+ * @param pk Initialize mbedtls_pk_context and contains the generate key pair.
+ *
+ * @return 0 for Success.
+ * @return Not equal to zero, therefore failure.
+ */
+static int
+gen_p256_keypair(mbedtls_pk_context *pk)
+{
+    int ret;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+    const unsigned char pers[] = "keyge-p256-keygenkeyge-p256-keygen";
+
+    mbedtls_pk_init(pk);
+    mbedtls_entropy_init(&entropy);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                                pers, sizeof(pers) - 1);
+    if (ret != 0) {
+        BOOT_LOG_ERR("SEED FAIL ret=%d", ret);
+        goto cleanup;
+    }
+
+    ret = mbedtls_pk_setup(pk, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY));
+    if (ret != 0) {
+        BOOT_LOG_ERR("PK_SETUP FAIL ret=%d", ret);
+        goto cleanup;
+    }
+
+    ret = mbedtls_ecp_gen_key(MBEDTLS_ECP_DP_SECP256R1, mbedtls_pk_ec(*pk),
+                              mbedtls_ctr_drbg_random, &ctr_drbg);
+    if (ret != 0) {
+        BOOT_LOG_ERR("GEN_KEY FAIL ret=%d", ret);
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+    return ret;
+}
+
+/**
+ * @brief Export private key in PKCS8 format.
+ *
+ * @param pk Initialize mbedtls_pk_context and contains the generate key pair.
+ *
+ * @return 0 for Success.
+ * @return Not equal to zero, therefore failure.
+ */
+static int
+save_privkey_der(const mbedtls_pk_context *pk)
+{
+    unsigned char buf[MCUBOOT_PRIV_ENC_KEY_LEN];
+
+    int len = mbedtls_pk_write_keypkcs8_der(pk, buf, sizeof(buf));
+    if (len != MCUBOOT_PRIV_ENC_KEY_LEN) {
+        BOOT_LOG_ERR("fails write pkcs8 der: len=%d", len);
+        return len;
+    }
+
+    int ret = store_priv_enc_key(buf, len);
+    if (ret != 0)
+    {
+        BOOT_LOG_ERR("key store fail store ret=%d",ret);
+        return ret;
+    }
+
+    return 0;
+}
+
+/**
+ * @brief Export private and public key in PEM format.
+ *
+ * @param pk Initialize mbedtls_pk_context and contains the generate key pair.
+ *
+ * @return 0 for Success.
+ * @return Not equal to zero, therefore failure.
+ */
+static int
+export_pub_pem(const mbedtls_pk_context *pk)
+{
+    unsigned char buf_pub[PEM_PUBLIC_KEY_SIZE];
+
+    int ret = mbedtls_pk_write_pubkey_pem(pk, buf_pub, sizeof(buf_pub));
+    if (ret != 0) 
+    {
+        BOOT_LOG_ERR("PUBKEY_PEM FAIL ret=%d", ret);
+        return ret;
+    }
+
+    BOOT_LOG_INF("\n%s", buf_pub);
+
+    return 0;
+}
+
+void
+generate_enc_key_pair(void)
+{
+    mbedtls_pk_context pk;
+    BOOT_LOG_INF("Generate enc key pair starting...");
+
+    int ret = gen_p256_keypair(&pk);
+    if(ret != 0){
+        BOOT_LOG_ERR("Error during the generation enc key pair");
+        return;
+    }
+
+    ret = save_privkey_der(&pk);
+    if(ret != 0){
+        BOOT_LOG_ERR("Error during safe of private key der");
+        return;
+    }
+
+    BOOT_LOG_INF("Saved private enc key");
+
+    ret = export_pub_pem(&pk);
+    if(ret != 0){
+        BOOT_LOG_ERR("Error during the exportation of public key pem");
+        return;
+    }
+}
+
+#endif /* MCUBOOT_GEN_ENC_KEY */

boot/zephyr/CMakeLists.txt

@@ -2,6 +2,7 @@
 #
 # Copyright (c) 2017 Open Source Foundries Limited
 # Copyright (c) 2023-2026 Nordic Semiconductor ASA
+# Copyright (c) 2026 WIKA Alexander Wiegand SE & Co. KG
 #
 # SPDX-License-Identifier: Apache-2.0
 
@@ -36,6 +37,8 @@ if(NOT CONFIG_MBEDTLS_BUILTIN AND NOT CONFIG_BOOT_KEY_IMPORT_BYPASS_ASN)
   assert_exists(MBEDTLS_ASN1_DIR)
 endif()
 set(NRF_DIR "${MCUBOOT_DIR}/ext/nrf")
+set(MBEDTLS_PKCS8_DIR "${MCUBOOT_DIR}/ext/mbedtls-pkcs8")
+assert_exists(MBEDTLS_PKCS8_DIR)
 
 if(CONFIG_BOOT_USE_NRF_CC310_BL)
   if(NOT ZEPHYR_NRFXLIB_MODULE_DIR OR NOT EXISTS ${ZEPHYR_NRFXLIB_MODULE_DIR})
@@ -545,6 +548,43 @@ if(CONFIG_MULTIPLE_EXECUTABLE_RAM_REGIONS_DEFAULT_FILE)
   zephyr_sources(ram_load.c)
 endif()
 
+if(CONFIG_BOOT_GEN_ENC_KEY)
+  dt_chosen(chosen_key_storage PROPERTY "zephyr,key-storage")
+  if(DEFINED chosen_key_storage)
+    dt_get_nvm_device(${chosen_key_storage} key_storage_device)
+    dt_chosen(chosen_code_partition PROPERTY "zephyr,code-partition")
+    dt_get_nvm_device(${chosen_code_partition} code_partition_device)
+
+    if("${key_storage_device}" STREQUAL "${code_partition_device}")
+      dt_prop(key_storage_label PATH "${chosen_key_storage}" PROPERTY "label")
+      if(key_storage_label STREQUAL "storage")
+        message(WARNING "Using default storage. Replace with a proper partition.")
+      endif()
+
+      dt_prop(key_storage_adr PATH "${chosen_key_storage}" PROPERTY "reg" INDEX 0)
+      dt_prop(key_storage_size PATH "${chosen_key_storage}" PROPERTY "reg" INDEX 1)
+      align_up(${CONFIG_BOOT_PRIV_ENC_KEY_LEN} ${CONFIG_MCUBOOT_BOOT_MAX_ALIGN} priv_enc_key_size_align)
+      align_up(${key_storage_adr} ${CONFIG_MCUBOOT_BOOT_MAX_ALIGN} key_storage_adr_align)
+      math(EXPR key_storage_max_adr "${key_storage_adr} + ${key_storage_size}")
+      math(EXPR key_storage_required_max_adr "${key_storage_adr_align} + ${priv_enc_key_size_align}")
+      if (${key_storage_max_adr} LESS ${key_storage_required_max_adr})
+        message(FATAL_ERROR "The 'zephyr,key-storage' is to small to store priv enc key!")
+      endif()
+    else()
+      message(FATAL_ERROR "The 'zephyr,key-storage' must be located on same nvm device as 'zephyr,code-partition'!")
+    endif()
+  else()
+    message(FATAL_ERROR "The 'zephyr,key-storage' chosen property is not defined!")
+  endif()
+
+  zephyr_include_directories(${MBEDTLS_PKCS8_DIR})
+  zephyr_library_sources(
+    ${BOOT_DIR}/bootutil/src/generate_key_pair.c
+    ${MBEDTLS_PKCS8_DIR}/pkcs8secp256write.c
+    ${BOOT_DIR}/bootutil/src/boot_store_enc_keys.c
+    )
+endif()
+
 if(SYSBUILD)
   if(CONFIG_SINGLE_APPLICATION_SLOT OR CONFIG_BOOT_FIRMWARE_LOADER OR CONFIG_BOOT_SWAP_USING_SCRATCH OR CONFIG_BOOT_SWAP_USING_MOVE OR CONFIG_BOOT_SWAP_USING_OFFSET OR CONFIG_BOOT_UPGRADE_ONLY OR CONFIG_BOOT_DIRECT_XIP OR CONFIG_BOOT_RAM_LOAD)
     # TODO: RAM LOAD support

boot/zephyr/Kconfig

@@ -1,6 +1,7 @@
 # Copyright (c) 2017-2020 Linaro Limited
 # Copyright (c) 2020 Arm Limited
 # Copyright (c) 2023 Nordic Semiconductor ASA
+# Copyright (c) 2026 WIKA Alexander Wiegand SE & Co. KG
 #
 # SPDX-License-Identifier: Apache-2.0
 #
@@ -136,6 +137,16 @@ endif # BOOT_USE_PSA_CRYPTO
 
 menu "MCUBoot settings"
 
+config BOOT_GEN_ENC_KEY
+	bool "Device generate encryption key"
+	select BOOT_ENCRYPT_IMAGE
+
+if BOOT_GEN_ENC_KEY
+config BOOT_PRIV_ENC_KEY_LEN
+	int "Private encryption key length"
+	default 138
+endif
+
 config BOOT_SOMETHING_USES_SHA256
 	bool
 	help
@@ -271,6 +282,7 @@ if BOOT_SIGNATURE_TYPE_ECDSA_P256
 
 choice BOOT_ECDSA_IMPLEMENTATION
 	prompt "Ecdsa implementation"
+	default BOOT_ECDSA_MBEDTLS if BOOT_GEN_ENC_KEY
 	default BOOT_ECDSA_TINYCRYPT
 
 config BOOT_ECDSA_TINYCRYPT
@@ -290,6 +302,11 @@ config BOOT_ECDSA_MBEDTLS
 	select MBEDTLS_MD if MBEDTLS_BUILTIN
 	select MBEDTLS_ECDH_C if MBEDTLS_BUILTIN && BOOT_ENCRYPT_IMAGE
 	select BOOT_AES_MBEDTLS_DEPENDENCIES if MBEDTLS_BUILTIN && BOOT_ENCRYPT_IMAGE
+	select MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED if MBEDTLS_BUILTIN && BOOT_GEN_ENC_KEY
+	select MBEDTLS_PK_WRITE_C if MBEDTLS_BUILTIN && BOOT_GEN_ENC_KEY
+	select MBEDTLS_ENTROPY_C if MBEDTLS_BUILTIN && BOOT_GEN_ENC_KEY
+	select MBEDTLS_PEM_CERTIFICATE_FORMAT if MBEDTLS_BUILTIN && BOOT_GEN_ENC_KEY
+
 
 config BOOT_ECDSA_CC310
 	bool "Use CC310"
@@ -803,6 +820,7 @@ endif # BOOT_ENCRYPT_X25519 && BOOT_USE_PSA_CRYPTO
 config BOOT_ENCRYPTION_KEY_FILE
 	string "Encryption key file"
 	depends on BOOT_ENCRYPT_IMAGE
+	default "" if BOOT_GEN_ENC_KEY
 	default "enc-rsa2048-priv.pem" if BOOT_ENCRYPT_RSA
 	default "enc-ec256-priv.pem" if BOOT_ENCRYPT_EC256
 	default "enc-x25519-priv.pem" if BOOT_ENCRYPT_X25519

boot/zephyr/gen_enc_keys.conf

@@ -0,0 +1,8 @@
+
+CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256=y
+
+CONFIG_BOOT_GEN_ENC_KEY=y
+CONFIG_BOOT_ENCRYPT_IMAGE=y
+
+CONFIG_TEST_RANDOM_GENERATOR=y
+CONFIG_TIMER_RANDOM_GENERATOR=y