AES/Hybrid encryption SAMD21

Hi all,
I'am working with an SADM21 I have an SD card and now I'd like to encrypt data on my SD card. I'd like to use AES but I've a problem, storing my secret key in my code isn't secure, so what is the solution? I've searched and some people talk about hybrid encryption but I'don't know this encryption, is it possible on SAMD21? Is anyone have a tutorial or document?

Usually you'd store a secret in the EEPROM, not sure if the SAMD21 has EEPROM though.

You could add the key to the code as a preprocessing step (insert a custom .h file perhaps) and never store the modified sourcecode anywhere...

What is your threat model?

BTW hybrid won't help you, you still need to store the secret key for the asymmetric cipher to use it.

No samd21 doesn’t have EEPROM but I can use FlashStorqge whose emulate eeprom in flash.
So your idea is to push my key in eeprom and in preprocessing get my key ?

That way it never appears in sourcecode. That's what you wanted?

BTW I asked what is your thread model? Without a threat model its impossible to know if you are taking suitable precautions.

Yes this is what I want. I don't want to see my secret key in my code if I dissasemble my binary. Bt my question now is, how can I write in my EEPROM with FlashStorage without using my source code ?
Beceause if I use FlashStorage I need to do something like this if I wan to write 255 in emulated EEPROM

FlashStorage(my_flash_store, int);

You'll have to do it somewhere - a separate temporary sketch that's never retained perhaps? Perhaps you can upload EEPROM only somehow directly?

What's your threat model?