diff --git a/components/esp_hw_support/include/esp_private/esp_crypto_lock_internal.h b/components/esp_hw_support/include/esp_private/esp_crypto_lock_internal.h index 734baea164..2f6421fb0b 100644 --- a/components/esp_hw_support/include/esp_private/esp_crypto_lock_internal.h +++ b/components/esp_hw_support/include/esp_private/esp_crypto_lock_internal.h @@ -13,7 +13,9 @@ extern "C" { #endif -#if SOC_RCC_IS_INDEPENDENT +// NOTE: [ESP-TEE] Since the clock configuration APIs are part +// of the TEE, the XYZ_RCC_ATOMIC macros need to be defined as void. +#if SOC_RCC_IS_INDEPENDENT || ESP_TEE_BUILD #define MPI_RCC_ATOMIC() #define ECC_RCC_ATOMIC() #define HMAC_RCC_ATOMIC() @@ -21,6 +23,7 @@ extern "C" { #define ECDSA_RCC_ATOMIC() #define AES_RCC_ATOMIC() #define SHA_RCC_ATOMIC() +#define KEY_MANAGER_RCC_ATOMIC() #else /* !SOC_RCC_IS_INDEPENDENT */ #define MPI_RCC_ATOMIC() PERIPH_RCC_ATOMIC() #define ECC_RCC_ATOMIC() PERIPH_RCC_ATOMIC() @@ -29,6 +32,7 @@ extern "C" { #define ECDSA_RCC_ATOMIC() PERIPH_RCC_ATOMIC() #define AES_RCC_ATOMIC() PERIPH_RCC_ATOMIC() #define SHA_RCC_ATOMIC() PERIPH_RCC_ATOMIC() +#define KEY_MANAGER_RCC_ATOMIC() PERIPH_RCC_ATOMIC() #endif /* SOC_RCC_IS_INDEPENDENT */ #ifdef __cplusplus diff --git a/components/esp_security/CMakeLists.txt b/components/esp_security/CMakeLists.txt index da2fb0125b..af523cc28a 100644 --- a/components/esp_security/CMakeLists.txt +++ b/components/esp_security/CMakeLists.txt @@ -29,8 +29,12 @@ if(NOT non_os_build) list(APPEND srcs "src/esp_dpa_protection.c") endif() - list(APPEND srcs "src/esp_crypto_lock.c") + list(APPEND srcs "src/esp_crypto_lock.c" "src/esp_crypto_periph_clk.c") list(APPEND priv_requires efuse esp_hw_support esp_system esp_timer) +elseif(esp_tee_build) + list(APPEND srcs "src/esp_crypto_periph_clk.c") + list(APPEND includes "src/${IDF_TARGET}") + list(APPEND priv_requires esp_hw_support) endif() idf_component_register(SRCS ${srcs} diff --git a/components/esp_security/include/esp_crypto_periph_clk.h b/components/esp_security/include/esp_crypto_periph_clk.h new file mode 100644 index 0000000000..1555fce565 --- /dev/null +++ b/components/esp_security/include/esp_crypto_periph_clk.h @@ -0,0 +1,72 @@ +/* + * SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ +#pragma once + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @brief Enable or disable the AES peripheral clock + * + * @param enable true: enable; false: disable + */ +void esp_crypto_aes_enable_periph_clk(bool enable); + +/** + * @brief Enable or disable the SHA peripheral clock + * + * @param enable true: enable; false: disable + */ +void esp_crypto_sha_enable_periph_clk(bool enable); + +/** + * @brief Enable or disable the MPI peripheral clock + * + * @param enable true: enable; false: disable + */ +void esp_crypto_mpi_enable_periph_clk(bool enable); + +/** + * @brief Enable or disable the ECC peripheral clock + * + * @param enable true: enable; false: disable + */ +void esp_crypto_ecc_enable_periph_clk(bool enable); + +/** + * @brief Enable or disable the HMAC peripheral clock + * + * @param enable true: enable; false: disable + */ +void esp_crypto_hmac_enable_periph_clk(bool enable); + +/** + * @brief Enable or disable the DS peripheral clock + * + * @param enable true: enable; false: disable + */ +void esp_crypto_ds_enable_periph_clk(bool enable); + +/** + * @brief Enable or disable the ECDSA peripheral clock + * + * @param enable true: enable; false: disable + */ +void esp_crypto_ecdsa_enable_periph_clk(bool enable); + +/** + * @brief Enable or disable the Key Manager peripheral clock + * + * @param enable true: enable; false: disable + */ +void esp_crypto_key_mgr_enable_periph_clk(bool enable); + +#ifdef __cplusplus +} +#endif diff --git a/components/esp_security/src/esp_crypto_periph_clk.c b/components/esp_security/src/esp_crypto_periph_clk.c new file mode 100644 index 0000000000..a21a0f6487 --- /dev/null +++ b/components/esp_security/src/esp_crypto_periph_clk.c @@ -0,0 +1,149 @@ +/* + * SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#include "soc/soc_caps.h" +#include "esp_private/esp_crypto_lock_internal.h" +#include "sdkconfig.h" + +#if SOC_AES_SUPPORTED +#include "hal/aes_ll.h" +#endif +#if SOC_SHA_SUPPORTED +#include "hal/sha_ll.h" +#endif +#if SOC_MPI_SUPPORTED +#include "hal/mpi_ll.h" +#endif +#if SOC_ECC_SUPPORTED +#include "hal/ecc_ll.h" +#endif +/* NOTE: For ESP32-S2, the HMAC and DS are implemented in the ROM */ +#if SOC_HMAC_SUPPORTED && !CONFIG_IDF_TARGET_ESP32S2 +#include "hal/hmac_ll.h" +#endif +#if SOC_DIG_SIGN_SUPPORTED && !CONFIG_IDF_TARGET_ESP32S2 +#include "hal/ds_ll.h" +#endif +#if SOC_ECDSA_SUPPORTED +#include "hal/ecdsa_ll.h" +#endif +#if SOC_KEY_MANAGER_SUPPORTED +#include "hal/key_mgr_ll.h" +#endif +/* Crypto DMA, shared between AES and SHA */ +#if SOC_AES_CRYPTO_DMA && SOC_SHA_CRYPTO_DMA +#include "hal/crypto_dma_ll.h" +#endif + +#if SOC_AES_SUPPORTED +void esp_crypto_aes_enable_periph_clk(bool enable) +{ + AES_RCC_ATOMIC() { + aes_ll_enable_bus_clock(enable); + if (enable) { + aes_ll_reset_register(); + } +#if SOC_AES_CRYPTO_DMA + crypto_dma_ll_enable_bus_clock(enable); + if (enable) { + crypto_dma_ll_reset_register(); + } +#endif + } +} +#endif + +#if SOC_SHA_SUPPORTED +void esp_crypto_sha_enable_periph_clk(bool enable) +{ + SHA_RCC_ATOMIC() { + sha_ll_enable_bus_clock(enable); + if (enable) { + sha_ll_reset_register(); + } +#if SOC_SHA_CRYPTO_DMA + crypto_dma_ll_enable_bus_clock(enable); + if (enable) { + crypto_dma_ll_reset_register(); + } +#endif + } +} +#endif + +#if SOC_MPI_SUPPORTED +void esp_crypto_mpi_enable_periph_clk(bool enable) +{ + MPI_RCC_ATOMIC() { + mpi_ll_enable_bus_clock(enable); + if (enable) { + mpi_ll_reset_register(); + } + } +} +#endif + +#if SOC_ECC_SUPPORTED +void esp_crypto_ecc_enable_periph_clk(bool enable) +{ + ECC_RCC_ATOMIC() { + ecc_ll_enable_bus_clock(enable); + if (enable) { + ecc_ll_power_up(); + ecc_ll_reset_register(); + } else { + ecc_ll_power_down(); + } + } +} +#endif + +#if SOC_HMAC_SUPPORTED && !CONFIG_IDF_TARGET_ESP32S2 +void esp_crypto_hmac_enable_periph_clk(bool enable) +{ + HMAC_RCC_ATOMIC() { + hmac_ll_enable_bus_clock(enable); + if (enable) { + hmac_ll_reset_register(); + } + } +} +#endif + +#if SOC_DIG_SIGN_SUPPORTED && !CONFIG_IDF_TARGET_ESP32S2 +void esp_crypto_ds_enable_periph_clk(bool enable) +{ + DS_RCC_ATOMIC() { + ds_ll_enable_bus_clock(enable); + if (enable) { + ds_ll_reset_register(); + } + } +} +#endif + +#if SOC_ECDSA_SUPPORTED +void esp_crypto_ecdsa_enable_periph_clk(bool enable) +{ + ECDSA_RCC_ATOMIC() { + ecdsa_ll_enable_bus_clock(enable); + if (enable) { + ecdsa_ll_reset_register(); + } + } +} +#endif + +#if SOC_KEY_MANAGER_SUPPORTED +void esp_crypto_key_mgr_enable_periph_clk(bool enable) +{ + KEY_MANAGER_RCC_ATOMIC() { + key_mgr_ll_enable_bus_clock(enable); + key_mgr_ll_enable_peripheral_clock(enable); + key_mgr_ll_reset_register(); + } +} +#endif diff --git a/components/esp_security/src/esp_ds.c b/components/esp_security/src/esp_ds.c index 6b7fda6856..6f6a461e74 100644 --- a/components/esp_security/src/esp_ds.c +++ b/components/esp_security/src/esp_ds.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2020-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -14,7 +14,7 @@ #include "esp_timer.h" #include "esp_ds.h" #include "esp_crypto_lock.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "esp_hmac.h" #include "esp_memory_utils.h" #if CONFIG_IDF_TARGET_ESP32S2 @@ -268,20 +268,11 @@ static void ds_acquire_enable(void) esp_crypto_ds_lock_acquire(); // We also enable SHA and HMAC here. SHA is used by HMAC, HMAC is used by DS. - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(true); - hmac_ll_reset_register(); - } + esp_crypto_hmac_enable_periph_clk(true); - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(true); - sha_ll_reset_register(); - } + esp_crypto_sha_enable_periph_clk(true); - DS_RCC_ATOMIC() { - ds_ll_enable_bus_clock(true); - ds_ll_reset_register(); - } + esp_crypto_ds_enable_periph_clk(true); hmac_hal_start(); } @@ -290,17 +281,11 @@ static void ds_disable_release(void) { ds_hal_finish(); - DS_RCC_ATOMIC() { - ds_ll_enable_bus_clock(false); - } + esp_crypto_ds_enable_periph_clk(false); - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(false); - } + esp_crypto_sha_enable_periph_clk(false); - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(false); - } + esp_crypto_hmac_enable_periph_clk(false); esp_crypto_ds_lock_release(); } @@ -445,15 +430,9 @@ esp_err_t esp_ds_encrypt_params(esp_ds_data_t *data, // would be enough rather than acquiring a lock for the Digital Signature peripheral. esp_crypto_sha_aes_lock_acquire(); - AES_RCC_ATOMIC() { - aes_ll_enable_bus_clock(true); - aes_ll_reset_register(); - } + esp_crypto_aes_enable_periph_clk(true); - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(true); - sha_ll_reset_register(); - } + esp_crypto_sha_enable_periph_clk(true); ets_ds_data_t *ds_data = (ets_ds_data_t *) data; const ets_ds_p_data_t *ds_plain_data = (const ets_ds_p_data_t *) p_data; @@ -464,13 +443,9 @@ esp_err_t esp_ds_encrypt_params(esp_ds_data_t *data, result = ESP_ERR_INVALID_ARG; } - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(false); - } + esp_crypto_sha_enable_periph_clk(false); - AES_RCC_ATOMIC() { - aes_ll_enable_bus_clock(false); - } + esp_crypto_aes_enable_periph_clk(false); esp_crypto_sha_aes_lock_release(); diff --git a/components/esp_security/src/esp_hmac.c b/components/esp_security/src/esp_hmac.c index c922752788..2e2cf020a4 100644 --- a/components/esp_security/src/esp_hmac.c +++ b/components/esp_security/src/esp_hmac.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -13,7 +13,7 @@ #include "esp_hmac.h" #include "esp_log.h" #include "esp_crypto_lock.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "soc/hwcrypto_reg.h" #include "soc/system_reg.h" @@ -71,20 +71,11 @@ esp_err_t esp_hmac_calculate(hmac_key_id_t key_id, esp_crypto_hmac_lock_acquire(); // We also enable SHA and DS here. SHA is used by HMAC, DS will otherwise hold SHA in reset state. - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(true); - hmac_ll_reset_register(); - } + esp_crypto_hmac_enable_periph_clk(true); - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(true); - sha_ll_reset_register(); - } + esp_crypto_sha_enable_periph_clk(true); - DS_RCC_ATOMIC() { - ds_ll_enable_bus_clock(true); - ds_ll_reset_register(); - } + esp_crypto_ds_enable_periph_clk(true); hmac_hal_start(); @@ -146,17 +137,11 @@ esp_err_t esp_hmac_calculate(hmac_key_id_t key_id, // Read back result (bit swapped) hmac_hal_read_result_256(hmac); - DS_RCC_ATOMIC() { - ds_ll_enable_bus_clock(false); - } + esp_crypto_ds_enable_periph_clk(false); - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(false); - } + esp_crypto_sha_enable_periph_clk(false); - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(false); - } + esp_crypto_hmac_enable_periph_clk(false); esp_crypto_hmac_lock_release(); @@ -195,9 +180,7 @@ esp_err_t esp_hmac_jtag_enable(hmac_key_id_t key_id, const uint8_t *token) ESP_LOGD(TAG, "HMAC computation in downstream mode is completed."); - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(false); - } + esp_crypto_hmac_enable_periph_clk(false); esp_crypto_hmac_lock_release(); @@ -208,15 +191,11 @@ esp_err_t esp_hmac_jtag_disable() { esp_crypto_hmac_lock_acquire(); - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(true); - } + esp_crypto_hmac_enable_periph_clk(true); REG_WRITE(HMAC_SET_INVALIDATE_JTAG_REG, 1); - HMAC_RCC_ATOMIC() { - hmac_ll_enable_bus_clock(false); - } + esp_crypto_hmac_enable_periph_clk(false); esp_crypto_hmac_lock_release(); diff --git a/components/esp_security/src/esp_key_mgr.c b/components/esp_security/src/esp_key_mgr.c index 77537735e8..275bd2d575 100644 --- a/components/esp_security/src/esp_key_mgr.c +++ b/components/esp_security/src/esp_key_mgr.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -8,7 +8,7 @@ #include #include "assert.h" #include "esp_key_mgr.h" -#include "esp_private/periph_ctrl.h" +#include "esp_crypto_periph_clk.h" #include "esp_crypto_lock.h" #include "esp_log.h" #include "esp_err.h" @@ -32,8 +32,6 @@ static const char *TAG = "esp_key_mgr"; -#define KEY_MANAGER_RCC_ATOMIC() PERIPH_RCC_ATOMIC() - static _lock_t s_key_mgr_ecdsa_key_lock; static _lock_t s_key_mgr_xts_aes_key_lock; @@ -80,11 +78,7 @@ static void esp_key_mgr_acquire_hardware(bool deployment_mode) esp_crypto_key_manager_lock_acquire(); } // Reset the Key Manager Clock - KEY_MANAGER_RCC_ATOMIC() { - key_mgr_ll_enable_bus_clock(true); - key_mgr_ll_enable_peripheral_clock(true); - key_mgr_ll_reset_register(); - } + esp_crypto_key_mgr_enable_periph_clk(true); } static void esp_key_mgr_release_hardware(bool deployment_mode) @@ -96,11 +90,7 @@ static void esp_key_mgr_release_hardware(bool deployment_mode) } // Reset the Key Manager Clock - KEY_MANAGER_RCC_ATOMIC() { - key_mgr_ll_enable_peripheral_clock(false); - key_mgr_ll_enable_bus_clock(false); - key_mgr_ll_reset_register(); - } + esp_crypto_key_mgr_enable_periph_clk(false); } static void key_mgr_wait_for_state(esp_key_mgr_state_t state) diff --git a/components/esp_tee/scripts/esp32c6/sec_srv_tbl_default.yml b/components/esp_tee/scripts/esp32c6/sec_srv_tbl_default.yml index a9bd42c37f..e567aca201 100644 --- a/components/esp_tee/scripts/esp32c6/sec_srv_tbl_default.yml +++ b/components/esp_tee/scripts/esp32c6/sec_srv_tbl_default.yml @@ -208,9 +208,9 @@ secure_services: type: IDF function: esp_sha_write_digest_state args: 2 - - id: 132 + - id: 98 type: IDF - function: esp_sha_enable_periph_clk + function: esp_crypto_sha_enable_periph_clk args: 1 # ID: 134-149 (16) - eFuse - family: efuse diff --git a/components/esp_tee/src/esp_secure_service_wrapper.c b/components/esp_tee/src/esp_secure_service_wrapper.c index 692bceb92c..70250d91d0 100644 --- a/components/esp_tee/src/esp_secure_service_wrapper.c +++ b/components/esp_tee/src/esp_secure_service_wrapper.c @@ -228,9 +228,9 @@ void __wrap_esp_sha_write_digest_state(esp_sha_type sha_type, void *digest_state esp_tee_service_call(3, SS_ESP_SHA_WRITE_DIGEST_STATE, sha_type, digest_state); } -void __wrap_esp_sha_enable_periph_clk(bool enable) +void __wrap_esp_crypto_sha_enable_periph_clk(bool enable) { - esp_tee_service_call(2, SS_ESP_SHA_ENABLE_PERIPH_CLK, enable); + esp_tee_service_call(2, SS_ESP_CRYPTO_SHA_ENABLE_PERIPH_CLK, enable); } /* ---------------------------------------------- MMU HAL ------------------------------------------------- */ diff --git a/components/esp_tee/subproject/main/core/esp_secure_services.c b/components/esp_tee/subproject/main/core/esp_secure_services.c index 989fc6afcf..05e9aee0b0 100644 --- a/components/esp_tee/subproject/main/core/esp_secure_services.c +++ b/components/esp_tee/subproject/main/core/esp_secure_services.c @@ -26,7 +26,7 @@ #include "soc/soc_caps.h" #include "aes/esp_aes.h" #include "sha/sha_core.h" -#include "esp_sha_internal.h" +#include "esp_crypto_periph_clk.h" #include "esp_tee.h" #include "esp_tee_memory_utils.h" @@ -326,9 +326,9 @@ void _ss_esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_fi esp_sha_block(sha_type, data_block, is_first_block); } -void _ss_esp_sha_enable_periph_clk(bool enable) +void _ss_esp_crypto_sha_enable_periph_clk(bool enable) { - esp_sha_enable_periph_clk(enable); + esp_crypto_sha_enable_periph_clk(enable); } /* ---------------------------------------------- OTA ------------------------------------------------- */ diff --git a/components/mbedtls/esp_tee/esp_tee_mbedtls.cmake b/components/mbedtls/esp_tee/esp_tee_mbedtls.cmake index be6d1b4597..9a86363c09 100644 --- a/components/mbedtls/esp_tee/esp_tee_mbedtls.cmake +++ b/components/mbedtls/esp_tee/esp_tee_mbedtls.cmake @@ -40,6 +40,8 @@ endforeach() target_link_libraries(${COMPONENT_LIB} INTERFACE ${mbedtls_targets}) +target_link_libraries(mbedcrypto PRIVATE idf::esp_security) + target_include_directories(mbedcrypto PRIVATE ${crypto_port_inc_dirs}) # Shared GDMA layer for TEE diff --git a/components/mbedtls/port/aes/dma/esp_aes.c b/components/mbedtls/port/aes/dma/esp_aes.c index 28af391bf3..e6b6f69d1b 100644 --- a/components/mbedtls/port/aes/dma/esp_aes.c +++ b/components/mbedtls/port/aes/dma/esp_aes.c @@ -31,16 +31,14 @@ #include "esp_log.h" #include "esp_crypto_lock.h" #include "hal/aes_hal.h" -#include "hal/aes_ll.h" #include "esp_aes_internal.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #if SOC_AES_GDMA #if !ESP_TEE_BUILD #define AES_LOCK() esp_crypto_sha_aes_lock_acquire() #define AES_RELEASE() esp_crypto_sha_aes_lock_release() #else -#define AES_RCC_ATOMIC() #define AES_LOCK() #define AES_RELEASE() #endif @@ -56,29 +54,13 @@ void esp_aes_acquire_hardware( void ) { /* Released by esp_aes_release_hardware()*/ AES_LOCK(); - - AES_RCC_ATOMIC() { - aes_ll_enable_bus_clock(true); -#if SOC_AES_CRYPTO_DMA - crypto_dma_ll_enable_bus_clock(true); -#endif - aes_ll_reset_register(); -#if SOC_AES_CRYPTO_DMA - crypto_dma_ll_reset_register(); -#endif - } + esp_crypto_aes_enable_periph_clk(true); } /* Function to disable AES and Crypto DMA clocks and release locks */ void esp_aes_release_hardware( void ) { - AES_RCC_ATOMIC() { - aes_ll_enable_bus_clock(false); -#if SOC_AES_CRYPTO_DMA - crypto_dma_ll_enable_bus_clock(false); -#endif - } - + esp_crypto_aes_enable_periph_clk(false); AES_RELEASE(); } diff --git a/components/mbedtls/port/bignum/bignum_alt.c b/components/mbedtls/port/bignum/bignum_alt.c index ce7e08dd75..ceb263b8d5 100644 --- a/components/mbedtls/port/bignum/bignum_alt.c +++ b/components/mbedtls/port/bignum/bignum_alt.c @@ -1,25 +1,22 @@ /* - * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ +#include #include "esp_crypto_lock.h" #include "bignum_impl.h" #include "mbedtls/bignum.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "hal/mpi_hal.h" -#include "hal/mpi_ll.h" void esp_mpi_enable_hardware_hw_op( void ) { esp_crypto_mpi_lock_acquire(); /* Enable RSA hardware */ - MPI_RCC_ATOMIC() { - mpi_ll_enable_bus_clock(true); - mpi_ll_reset_register(); - } + esp_crypto_mpi_enable_periph_clk(true); mpi_hal_enable_hardware_hw_op(); } @@ -30,9 +27,7 @@ void esp_mpi_disable_hardware_hw_op( void ) mpi_hal_disable_hardware_hw_op(); /* Disable RSA hardware */ - MPI_RCC_ATOMIC() { - mpi_ll_enable_bus_clock(false); - } + esp_crypto_mpi_enable_periph_clk(false); esp_crypto_mpi_lock_release(); } diff --git a/components/mbedtls/port/ecc/esp_ecc.c b/components/mbedtls/port/ecc/esp_ecc.c index 436da6bb51..43060022fe 100644 --- a/components/mbedtls/port/ecc/esp_ecc.c +++ b/components/mbedtls/port/ecc/esp_ecc.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2021-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -8,29 +8,21 @@ #include #include "esp_crypto_lock.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "ecc_impl.h" #include "hal/ecc_hal.h" -#include "hal/ecc_ll.h" #include "soc/soc_caps.h" static void esp_ecc_acquire_hardware(void) { esp_crypto_ecc_lock_acquire(); - ECC_RCC_ATOMIC() { - ecc_ll_enable_bus_clock(true); - ecc_ll_power_up(); - ecc_ll_reset_register(); - } + esp_crypto_ecc_enable_periph_clk(true); } static void esp_ecc_release_hardware(void) { - ECC_RCC_ATOMIC() { - ecc_ll_enable_bus_clock(false); - ecc_ll_power_down(); - } + esp_crypto_ecc_enable_periph_clk(false); esp_crypto_ecc_lock_release(); } diff --git a/components/mbedtls/port/ecdsa/ecdsa_alt.c b/components/mbedtls/port/ecdsa/ecdsa_alt.c index 0fe826fb3e..f3a7721fa7 100644 --- a/components/mbedtls/port/ecdsa/ecdsa_alt.c +++ b/components/mbedtls/port/ecdsa/ecdsa_alt.c @@ -13,8 +13,7 @@ #include "soc/soc_caps.h" #include "esp_crypto_lock.h" -#include "esp_private/esp_crypto_lock_internal.h" - +#include "esp_crypto_periph_clk.h" #include "mbedtls/error.h" #include "mbedtls/ecdsa.h" #include "mbedtls/asn1.h" @@ -69,43 +68,26 @@ static void esp_ecdsa_acquire_hardware(void) { esp_crypto_ecdsa_lock_acquire(); - ECDSA_RCC_ATOMIC() { - ecdsa_ll_enable_bus_clock(true); - ecdsa_ll_reset_register(); - } + esp_crypto_ecdsa_enable_periph_clk(true); - ECC_RCC_ATOMIC() { - ecc_ll_enable_bus_clock(true); - ecc_ll_power_up(); - ecc_ll_reset_register(); - } + esp_crypto_ecc_enable_periph_clk(true); #if SOC_ECDSA_USES_MPI /* We need to reset the MPI peripheral because ECDSA peripheral * of some targets use the MPI peripheral as well. */ - MPI_RCC_ATOMIC() { - mpi_ll_enable_bus_clock(true); - mpi_ll_reset_register(); - } + esp_crypto_mpi_enable_periph_clk(true); #endif /* SOC_ECDSA_USES_MPI */ } static void esp_ecdsa_release_hardware(void) { - ECDSA_RCC_ATOMIC() { - ecdsa_ll_enable_bus_clock(false); - } + esp_crypto_ecdsa_enable_periph_clk(false); - ECC_RCC_ATOMIC() { - ecc_ll_enable_bus_clock(false); - ecc_ll_power_down(); - } + esp_crypto_ecc_enable_periph_clk(false); #if SOC_ECDSA_USES_MPI - MPI_RCC_ATOMIC() { - mpi_ll_enable_bus_clock(false); - } + esp_crypto_mpi_enable_periph_clk(false); #endif /* SOC_ECDSA_USES_MPI */ esp_crypto_ecdsa_lock_release(); diff --git a/components/mbedtls/port/sha/core/include/esp_sha_internal.h b/components/mbedtls/port/sha/core/include/esp_sha_internal.h index 76fcf5f7db..55e667774e 100644 --- a/components/mbedtls/port/sha/core/include/esp_sha_internal.h +++ b/components/mbedtls/port/sha/core/include/esp_sha_internal.h @@ -56,13 +56,6 @@ static inline esp_sha_mode sha_operation_mode(size_t length) return SHA_BLOCK_MODE; } -/** - * @brief Enable or disable the SHA peripheral clock - * - * @param enable true to enable, false to disable - */ -void esp_sha_enable_periph_clk(bool enable); - #ifdef __cplusplus } #endif diff --git a/components/mbedtls/port/sha/core/sha.c b/components/mbedtls/port/sha/core/sha.c index fe3731196a..369e39b745 100644 --- a/components/mbedtls/port/sha/core/sha.c +++ b/components/mbedtls/port/sha/core/sha.c @@ -13,7 +13,7 @@ #include #include "esp_crypto_lock.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "esp_crypto_periph_clk.h" #include "esp_log.h" #include "sha/sha_core.h" #include "esp_sha_internal.h" @@ -56,7 +56,6 @@ #define SHA_LOCK() esp_crypto_sha_aes_lock_acquire() #define SHA_RELEASE() esp_crypto_sha_aes_lock_release() #else -#define SHA_RCC_ATOMIC() #define SHA_LOCK() #define SHA_RELEASE() #endif @@ -101,13 +100,13 @@ void esp_sha_acquire_hardware(void) { /* Released when releasing hw with esp_sha_release_hardware() */ SHA_LOCK(); - esp_sha_enable_periph_clk(true); + esp_crypto_sha_enable_periph_clk(true); } /* Disable SHA peripheral block and then release it */ void esp_sha_release_hardware(void) { - esp_sha_enable_periph_clk(false); + esp_crypto_sha_enable_periph_clk(false); SHA_RELEASE(); } diff --git a/components/mbedtls/port/sha/esp_sha.c b/components/mbedtls/port/sha/esp_sha.c index 30185ff620..cd897975b4 100644 --- a/components/mbedtls/port/sha/esp_sha.c +++ b/components/mbedtls/port/sha/esp_sha.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2018-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2018-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -7,7 +7,6 @@ #include #include #include -#include "hal/sha_ll.h" #include "hal/sha_hal.h" #include "hal/sha_types.h" #include "soc/soc_caps.h" @@ -21,33 +20,10 @@ #include "sha/sha_parallel_engine.h" #else #include "sha/sha_core.h" -#include "esp_sha_internal.h" -#include "esp_private/esp_crypto_lock_internal.h" -#if SOC_SHA_CRYPTO_DMA -#include "hal/crypto_dma_ll.h" -#endif #endif static const char *TAG = "esp_sha"; -#if !SOC_SHA_SUPPORT_PARALLEL_ENG -void esp_sha_enable_periph_clk(bool enable) -{ - SHA_RCC_ATOMIC() { - sha_ll_enable_bus_clock(enable); - if (enable) { - sha_ll_reset_register(); - } -#if SOC_SHA_CRYPTO_DMA - crypto_dma_ll_enable_bus_clock(enable); - if (enable) { - crypto_dma_ll_reset_register(); - } -#endif - } -} -#endif - void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, unsigned char *output) { union {