From 0d66e574c0f8afdc238f52b47b817d66edf6efc1 Mon Sep 17 00:00:00 2001
From: gojimmypi <jim@wolfssl.com>
Date: Wed, 12 Nov 2025 17:33:13 -0800
Subject: [PATCH] Introduce keygen --no-overwrite to avoid prompt

---
 docs/Signing.md         |  3 ++-
 tools/keytools/keygen.c | 44 ++++++++++++++++++++++++++++-------------
 2 files changed, 32 insertions(+), 15 deletions(-)

diff --git a/docs/Signing.md b/docs/Signing.md
index 8f78520d11..cdc36da9aa 100644
--- a/docs/Signing.md
+++ b/docs/Signing.md
@@ -31,6 +31,7 @@ The following options are supported:
 - `--der` save generated private key in DER format.
 - `--exportpubkey` to export the public key (corresponding to the private key generated with `-g`) to a DER file. This option only has an effect if used in conjunction with the `-g` option.
 - `--nolocalkeys` to generate a keystore entry with zeroized key material. This option is only useful on platforms that support using an external key by reference, such as wolfHSM. Only has an effect if used in conjunction with the `-g` option.
+- `--no-overwrite` to avoid prompt warning that keyfiles files already exist. This option ensures existing files are not overwritten.
 
 Arguments are not exclusive, and can be repeated more than once to populate a keystore with multiple keys.
 
@@ -185,7 +186,7 @@ Options:
     By default, the sign tool appends the sha of the base image to the manifest header,
     so wolfBoot will refuse to start a delta update if the sha does not match the
     one of the existing image. However, this takes up 32 to 48 bytes extra in the
-    manifest header, so this option is available to provide compatibility on 
+    manifest header, so this option is available to provide compatibility on
     existing installations without this feature, where the header size does not
     allow to accommodate the field
 
diff --git a/tools/keytools/keygen.c b/tools/keytools/keygen.c
index 615b0edbca..97f38340d6 100644
--- a/tools/keytools/keygen.c
+++ b/tools/keytools/keygen.c
@@ -112,6 +112,7 @@
 /* Globals */
 static FILE *fpub, *fpub_image;
 static int force = 0;
+static int no_overwrite = 0; /* when set, avoids prompt if !force and files exist */
 #if defined(WOLFBOOT_RENESAS_RSIP) || \
     defined(WOLFBOOT_RENESAS_TSIP) || \
     defined(WOLFBOOT_RENESAS_SCEPROTECT)
@@ -1155,18 +1156,24 @@ static void key_gen_check(const char *kfilename)
     FILE *f;
     f = fopen(kfilename, "rb");
     if (!force && (f != NULL)) {
-        char reply[40];
-        int replySz;
-        printf("** Warning: key file already exists! Are you sure you want to generate a new key and overwrite the existing key? [Type 'Yes']: ");
-        fflush(stdout);
-        replySz = scanf("%s", reply);
-        printf("Reply is [%s]\n", reply);
-        fclose(f);
-        if (replySz < 0 || strcmp(reply, "Yes") != 0) {
-            printf("Operation aborted by user.");
-            exit(5);
-        } else {
-            unlink(kfilename);
+        if (no_overwrite) {
+            printf("** Warning: key file already exists and will not be overwritten!");
+        }
+        else {
+            char reply[40];
+            int replySz;
+            printf("** Warning: key file already exists! Are you sure you want to generate a new key and overwrite the existing key? [Type 'Yes']: ");
+            fflush(stdout);
+            replySz = scanf("%s", reply);
+            printf("Reply is [%s]\n", reply);
+            fclose(f);
+            if (replySz < 0 || strcmp(reply, "Yes") != 0) {
+                printf("Operation aborted by user.");
+                exit(5);
+            }
+            else {
+                unlink(kfilename);
+            }
         }
     }
 }
@@ -1402,6 +1409,9 @@ int main(int argc, char** argv)
         else if (strcmp(argv[i], "--force") == 0) {
             force = 1;
         }
+        else if (strcmp(argv[i], "--no-overwrite") == 0) {
+            no_overwrite = 1;
+        }
         else if (strcmp(argv[i], "--der") == 0) {
             saveAsDer = 1;
         }
@@ -1436,6 +1446,7 @@ int main(int argc, char** argv)
             i++;
             sprintf(pubkeyfile,"%s%s", argv[i], "/keystore.c");
             sprintf(pubkeyimg, "%s%s", argv[i], "/keystore.der");
+            printf("keystore file: %s\n", pubkeyfile);
             i++;
             continue;
         }
@@ -1458,15 +1469,20 @@ int main(int argc, char** argv)
         exit(0);
     fpub = fopen(pubkeyfile, "rb");
     if (!force && (fpub != NULL)) {
+        if (no_overwrite) {
+            printf("** Not overwriting existing keystore file: %s\n", pubkeyfile);
+            exit(0);
+        }
         char reply[40];
         int replySz;
-        printf("** Warning: keystore already exists! Are you sure you want to generate a new key and overwrite the existing key? [Type 'Yes']: ");
+        printf("** Warning: keystore file already exists! %s\n", pubkeyfile);
+        printf("Are you sure you want to generate a new key and overwrite the existing key ? [Type 'Yes'] : ");
         fflush(stdout);
         replySz = scanf("%s", reply);
         printf("Reply is [%s]\n", reply);
         fclose(fpub);
         if (replySz < 0 || strcmp(reply, "Yes") != 0) {
-            printf("Operation aborted by user.");
+            printf("Operation aborted by user.\n");
             exit(5);
         } else {
             unlink(pubkeyfile);