Chapter 2. API Reference
parttool.py --port /dev/ttyUSB0 --partition-table-offset "nvs_key␣
,→partition offset" write_partition --partition-name="name of nvs_key␣
,→partition" --input "nvs_key partition"
Since the key partition is marked as encrypted and Flash Encryption is enabled, the bootloader will encrypt this
partition using flash encryption key on the first boot.
It is possible for an application to use different keys for different NVS partitions and thereby have multiple key-
partitions. However, it is a responsibility of the application to provide correct key-partition/keys for the purpose of
encryption/decryption.
Encrypted Read/Write The same NVS API functions nvs_get_* or nvs_set_* can be used for reading of,
and writing to an encrypted nvs partition as well.
Encrypt the default NVS partition: To enable encryption for the default NVS partition no additional steps are
necessary. When CONFIG_NVS_ENCRYPTION is enabled, the nvs_flash_init() API function internally per-
forms some additional steps using the first NVS key partition found to enable encryption for the default NVS partition
(refer to the API documentation for more details). Alternatively, nvs_flash_secure_init() API function
can also be used to enable encryption for the default NVS partition.
Encrypt a custom NVS partition: To enable encryption for a custom NVS par-
tition, nvs_flash_secure_init_partition() API function is used instead of
nvs_flash_init_partition().
When nvs_flash_secure_init() and nvs_flash_secure_init_partition() API functions are
used, the applications are expected to follow the steps below in order to perform NVS read/write operations with
encryption enabled.
1. Find key partition and NVS data partition using esp_partition_find* API functions.
2. Populate the nvs_sec_cfg_t struct using the nvs_flash_read_security_cfg() or
nvs_flash_generate_keys() API functions.
3. Initialise NVS flash partition using the nvs_flash_secure_init() or
nvs_flash_secure_init_partition() API functions.
4. Open a namespace using the nvs_open() or nvs_open_from_partition() API functions.
5. Perform NVS read/write operations using nvs_get_* or nvs_set_*.
6. Deinitialise an NVS partition using nvs_flash_deinit().
NVS Partition Generator Utility
This utility helps generate NVS partition binary files which can be flashed separately on a dedicated partition via a
flashing utility. Key-value pairs to be flashed onto the partition can be provided via a CSV file. For more details,
please refer to NVS Partition Generator Utility.
Application Example
You can find code examples in the storage directory of ESP-IDF examples:
storage/nvs_rw_value
Demonstrates how to read a single integer value from, and write it to NVS.
The value checked in this example holds the number of the ESP32-S2 module restarts. The value’s
function as a counter is only possible due to its storing in NVS.
The example also shows how to check if a read / write operation was successful, or if a certain value
has not been initialized in NVS. The diagnostic procedure is provided in plain text to help you track the
program flow and capture any issues on the way.
storage/nvs_rw_blob
Espressif Systems 708
Submit Document Feedback
Release v4.4
To Next Page
Loading...
Need help?
General