diff --git a/components/esp-tls/Kconfig b/components/esp-tls/Kconfig index 1c6911c69d..03db196e88 100644 --- a/components/esp-tls/Kconfig +++ b/components/esp-tls/Kconfig @@ -26,8 +26,7 @@ menu "ESP-TLS" config ESP_TLS_USE_DS_PERIPHERAL bool "Use Digital Signature (DS) Peripheral with ESP-TLS" - depends on (IDF_TARGET_ESP32C3 || IDF_TARGET_ESP32S2 || IDF_TARGET_ESP32H2 || IDF_TARGET_ESP32S3) - depends on ESP_TLS_USING_MBEDTLS + depends on ESP_TLS_USING_MBEDTLS && SOC_DIG_SIGN_SUPPORTED default y help Enable use of the Digital Signature Peripheral for ESP-TLS.The DS peripheral diff --git a/components/esp_hw_support/include/soc/esp32c2/esp_crypto_lock.h b/components/esp_hw_support/include/soc/esp32c2/esp_crypto_lock.h index 1109610f37..0b39af1654 100644 --- a/components/esp_hw_support/include/soc/esp32c2/esp_crypto_lock.h +++ b/components/esp_hw_support/include/soc/esp32c2/esp_crypto_lock.h @@ -10,58 +10,9 @@ extern "C" { #endif -/** - * @brief Acquire lock for HMAC cryptography peripheral - * - * Internally also locks the SHA peripheral, as the HMAC depends on the SHA peripheral - */ -void esp_crypto_hmac_lock_acquire(void); - -/** - * @brief Release lock for HMAC cryptography peripheral - * - * Internally also releases the SHA peripheral, as the HMAC depends on the SHA peripheral - */ -void esp_crypto_hmac_lock_release(void); - -/** - * @brief Acquire lock for DS cryptography peripheral - * - * Internally also locks the HMAC (which locks SHA), AES and MPI peripheral, as the DS depends on these peripherals - */ -void esp_crypto_ds_lock_acquire(void); - -/** - * @brief Release lock for DS cryptography peripheral - * - * Internally also releases the HMAC (which locks SHA), AES and MPI peripheral, as the DS depends on these peripherals - */ -void esp_crypto_ds_lock_release(void); - -/** - * @brief Acquire lock for the SHA and AES cryptography peripheral. - * - */ -void esp_crypto_sha_aes_lock_acquire(void); - -/** - * @brief Release lock for the SHA and AES cryptography peripheral. - * - */ -void esp_crypto_sha_aes_lock_release(void); - - -/** - * @brief Acquire lock for the mpi cryptography peripheral. - * - */ -void esp_crypto_mpi_lock_acquire(void); - -/** - * @brief Release lock for the mpi/rsa cryptography peripheral. - * - */ -void esp_crypto_mpi_lock_release(void); +// Place-holder lock APIs as hardware AES is not supported in ESP32-C2 +static inline void esp_crypto_sha_aes_lock_acquire(void) {} +static inline void esp_crypto_sha_aes_lock_release(void) {} #ifdef __cplusplus } diff --git a/components/esp_hw_support/port/esp32c2/CMakeLists.txt b/components/esp_hw_support/port/esp32c2/CMakeLists.txt index 6e60b18e0b..f12789ce36 100644 --- a/components/esp_hw_support/port/esp32c2/CMakeLists.txt +++ b/components/esp_hw_support/port/esp32c2/CMakeLists.txt @@ -10,7 +10,6 @@ set(srcs "cpu_util_esp32c2.c" if(NOT BOOTLOADER_BUILD) list(APPEND srcs "../async_memcpy_impl_gdma.c" - "esp_crypto_lock.c" "dport_access.c") endif() diff --git a/components/esp_hw_support/port/esp32c2/esp_crypto_lock.c b/components/esp_hw_support/port/esp32c2/esp_crypto_lock.c deleted file mode 100644 index 33a9e33618..0000000000 --- a/components/esp_hw_support/port/esp32c2/esp_crypto_lock.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * SPDX-FileCopyrightText: 2015-2022 Espressif Systems (Shanghai) CO LTD - * - * SPDX-License-Identifier: Apache-2.0 - */ - -#include -#include -#include "esp_crypto_lock.h" - -/* Lock overview: -SHA: peripheral independent, but DMA is shared with AES -AES: peripheral independent, but DMA is shared with SHA -MPI/RSA: independent -HMAC: needs SHA -DS: needs HMAC (which needs SHA), AES and MPI -*/ - -#if 0 // TODO: IDF-4229 -/* Lock for DS peripheral */ -static _lock_t s_crypto_ds_lock; - -/* Lock for HMAC peripheral */ -static _lock_t s_crypto_hmac_lock; - -/* Lock for the MPI/RSA peripheral, also used by the DS peripheral */ -static _lock_t s_crypto_mpi_lock; - -/* Single lock for SHA and AES, sharing a reserved GDMA channel */ -static _lock_t s_crypto_sha_aes_lock; -#endif - -void esp_crypto_hmac_lock_acquire(void) -{ - abort(); // TODO: IDF-4229 -} - -void esp_crypto_hmac_lock_release(void) -{ - abort(); // TODO: IDF-4229 -} - -void esp_crypto_ds_lock_acquire(void) -{ - abort(); // TODO: IDF-4229 -} - -void esp_crypto_ds_lock_release(void) -{ - abort(); // TODO: IDF-4229 -} - -void esp_crypto_sha_aes_lock_acquire(void) -{ - abort(); // TODO: IDF-4229 -} - -void esp_crypto_sha_aes_lock_release(void) -{ - abort(); // TODO: IDF-4229 -} - -void esp_crypto_mpi_lock_acquire(void) -{ - abort(); // TODO: IDF-4229 -} - -void esp_crypto_mpi_lock_release(void) -{ - abort(); // TODO: IDF-4229 -} diff --git a/components/mbedtls/CMakeLists.txt b/components/mbedtls/CMakeLists.txt index 8df6680385..59dd98879a 100644 --- a/components/mbedtls/CMakeLists.txt +++ b/components/mbedtls/CMakeLists.txt @@ -110,32 +110,42 @@ endif() target_sources(mbedtls PRIVATE ${mbedtls_target_sources}) # Choose perihperal type -if(CONFIG_IDF_TARGET_ESP32) - set(SHA_PERIPHERAL_TYPE "parallel_engine") - set(AES_PERIPHERAL_TYPE "block") -else() - set(SHA_PERIPHERAL_TYPE "dma") - set(AES_PERIPHERAL_TYPE "dma") + +if(CONFIG_SOC_SHA_SUPPORTED) + if(CONFIG_SOC_SHA_SUPPORT_DMA) + set(SHA_PERIPHERAL_TYPE "dma") + else() + set(SHA_PERIPHERAL_TYPE "parallel_engine") + endif() +endif() + +if(CONFIG_SOC_AES_SUPPORTED) + if(CONFIG_SOC_AES_SUPPORT_DMA) + set(AES_PERIPHERAL_TYPE "dma") + else() + set(AES_PERIPHERAL_TYPE "block") + endif() endif() if(SHA_PERIPHERAL_TYPE STREQUAL "dma") target_include_directories(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/sha/dma/include") - if(CONFIG_IDF_TARGET_ESP32S2) + if(NOT CONFIG_SOC_SHA_GDMA) set(SHA_DMA_SRCS "${COMPONENT_DIR}/port/sha/dma/esp_sha_crypto_dma_impl.c") else() - set(SHA_DMA_SRCS "${COMPONENT_DIR}/port/sha/dma/esp_sha_gdma_impl.c" - "${COMPONENT_DIR}/port/crypto_shared_gdma/esp_crypto_shared_gdma.c") + set(SHA_DMA_SRCS "${COMPONENT_DIR}/port/sha/dma/esp_sha_gdma_impl.c") + endif() target_sources(mbedcrypto PRIVATE "${SHA_DMA_SRCS}") endif() if(AES_PERIPHERAL_TYPE STREQUAL "dma") - if(CONFIG_IDF_TARGET_ESP32S2) + if(NOT CONFIG_SOC_AES_GDMA) set(AES_DMA_SRCS "${COMPONENT_DIR}/port/aes/dma/esp_aes_crypto_dma_impl.c") else() - set(AES_DMA_SRCS "${COMPONENT_DIR}/port/aes/dma/esp_aes_gdma_impl.c") + set(AES_DMA_SRCS "${COMPONENT_DIR}/port/aes/dma/esp_aes_gdma_impl.c" + "${COMPONENT_DIR}/port/crypto_shared_gdma/esp_crypto_shared_gdma.c") endif() target_include_directories(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/aes/dma/include") @@ -146,11 +156,18 @@ target_sources(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/esp_hardware.c" "${COMPONENT_DIR}/port/esp_mem.c" "${COMPONENT_DIR}/port/esp_timing.c" "${COMPONENT_DIR}/port/sha/esp_sha.c" - "${COMPONENT_DIR}/port/aes/esp_aes_xts.c" +) + +if(CONFIG_SOC_AES_SUPPORTED) + target_sources(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/aes/esp_aes_xts.c" "${COMPONENT_DIR}/port/aes/esp_aes_common.c" "${COMPONENT_DIR}/port/aes/${AES_PERIPHERAL_TYPE}/esp_aes.c" - "${COMPONENT_DIR}/port/sha/${SHA_PERIPHERAL_TYPE}/sha.c" -) + ) +endif() + +if(CONFIG_SOC_SHA_SUPPORTED) + target_sources(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/sha/${SHA_PERIPHERAL_TYPE}/sha.c") +endif() # CONFIG_ESP_TLS_USE_DS_PERIPHERAL can be enabled only for the supported targets. if(CONFIG_ESP_TLS_USE_DS_PERIPHERAL) diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig index d52e63329a..4800211f43 100644 --- a/components/mbedtls/Kconfig +++ b/components/mbedtls/Kconfig @@ -347,7 +347,7 @@ menu "mbedTLS" config MBEDTLS_HARDWARE_AES bool "Enable hardware AES acceleration" default y - depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && !IDF_TARGET_ESP32C2 + depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_AES_SUPPORTED help Enable hardware accelerated AES encryption & decryption. @@ -366,7 +366,7 @@ menu "mbedTLS" config MBEDTLS_HARDWARE_GCM bool "Enable partially hardware accelerated GCM" - depends on IDF_TARGET_ESP32S2 && MBEDTLS_HARDWARE_AES + depends on SOC_AES_SUPPORT_GCM && MBEDTLS_HARDWARE_AES default y help Enable partially hardware accelerated GCM. GHASH calculation is still done @@ -379,7 +379,7 @@ menu "mbedTLS" config MBEDTLS_HARDWARE_MPI bool "Enable hardware MPI (bignum) acceleration" default y - depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && !IDF_TARGET_ESP32C2 + depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_MPI_SUPPORTED help Enable hardware accelerated multiple precision integer operations. @@ -401,7 +401,7 @@ menu "mbedTLS" config MBEDTLS_HARDWARE_SHA bool "Enable hardware SHA acceleration" default y - depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST + depends on !SPIRAM_CACHE_WORKAROUND_STRATEGY_DUPLDST && SOC_SHA_SUPPORTED help Enable hardware accelerated SHA1, SHA256, SHA384 & SHA512 in mbedTLS. @@ -1001,7 +1001,7 @@ menu "mbedTLS" config MBEDTLS_LARGE_KEY_SOFTWARE_MPI bool "Fallback to software implementation for larger MPI values" depends on MBEDTLS_HARDWARE_MPI - default y if IDF_TARGET_ESP32C3 || IDF_TARGET_ESP32H2 || IDF_TARGET_ESP32C2 # HW max 3072 bits + default y if SOC_RSA_MAX_BIT_LEN <= 3072 # HW max 3072 bits default n help Fallback to software implementation for RSA key lengths diff --git a/components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c b/components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c index 0bf520fe7c..a6f9f0cde1 100644 --- a/components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c +++ b/components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c @@ -15,8 +15,6 @@ #include "esp32h2/rom/digital_signature.h" #elif CONFIG_IDF_TARGET_ESP32S3 #include "esp32s3/rom/digital_signature.h" -#elif CONFIG_IDF_TARGET_ESP32C2 -#include "esp32c2/rom/digital_signature.h" #else #error "Selected target does not support esp_rsa_sign_alt (for DS)" #endif diff --git a/components/soc/esp32/include/soc/Kconfig.soc_caps.in b/components/soc/esp32/include/soc/Kconfig.soc_caps.in index 7b43804fcf..5ea0b18ce6 100644 --- a/components/soc/esp32/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32/include/soc/Kconfig.soc_caps.in @@ -103,6 +103,18 @@ config SOC_SUPPORT_COEXISTENCE bool default y +config SOC_AES_SUPPORTED + bool + default y + +config SOC_MPI_SUPPORTED + bool + default y + +config SOC_SHA_SUPPORTED + bool + default y + config SOC_ADC_RTC_CTRL_SUPPORTED bool default y diff --git a/components/soc/esp32/include/soc/soc_caps.h b/components/soc/esp32/include/soc/soc_caps.h index d4ccb27e9f..93770e060a 100644 --- a/components/soc/esp32/include/soc/soc_caps.h +++ b/components/soc/esp32/include/soc/soc_caps.h @@ -85,6 +85,9 @@ #define SOC_RMT_SUPPORTED 1 #define SOC_SIGMADELTA_SUPPORTED 1 #define SOC_SUPPORT_COEXISTENCE 1 +#define SOC_AES_SUPPORTED 1 +#define SOC_MPI_SUPPORTED 1 +#define SOC_SHA_SUPPORTED 1 /*-------------------------- ADC CAPS ----------------------------------------*/ diff --git a/components/soc/esp32c2/include/soc/Kconfig.soc_caps.in b/components/soc/esp32c2/include/soc/Kconfig.soc_caps.in index 162f1be705..0343113898 100644 --- a/components/soc/esp32c2/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32c2/include/soc/Kconfig.soc_caps.in @@ -31,10 +31,6 @@ config SOC_ASYNC_MEMCPY_SUPPORTED bool default y -config SOC_ECC_SUPPORTED - bool - default y - config SOC_SUPPORTS_SECURE_DL_MODE bool default y @@ -71,11 +67,11 @@ config SOC_FLASH_ENCRYPTION_XTS_AES bool default y -config SOC_AES_SUPPORT_DMA +config SOC_SHA_SUPPORTED bool - default y + default n -config SOC_AES_GDMA +config SOC_ECC_SUPPORTED bool default y diff --git a/components/soc/esp32c2/include/soc/gdma_channel.h b/components/soc/esp32c2/include/soc/gdma_channel.h index 1fc4dde9a0..1c84a35249 100644 --- a/components/soc/esp32c2/include/soc/gdma_channel.h +++ b/components/soc/esp32c2/include/soc/gdma_channel.h @@ -10,6 +10,5 @@ #define SOC_GDMA_TRIG_PERIPH_M2M0 (-1) #define SOC_GDMA_TRIG_PERIPH_SPI2 (0) #define SOC_GDMA_TRIG_PERIPH_UART0 (2) -#define SOC_GDMA_TRIG_PERIPH_AES0 (6) #define SOC_GDMA_TRIG_PERIPH_SHA0 (7) #define SOC_GDMA_TRIG_PERIPH_ADC0 (8) diff --git a/components/soc/esp32c2/include/soc/soc_caps.h b/components/soc/esp32c2/include/soc/soc_caps.h index ce0e77bd99..f59ed617f0 100644 --- a/components/soc/esp32c2/include/soc/soc_caps.h +++ b/components/soc/esp32c2/include/soc/soc_caps.h @@ -32,7 +32,6 @@ #define SOC_BT_SUPPORTED 0 // Enable during bringup, IDF-4357 #define SOC_WIFI_SUPPORTED 0 // Enable during bringup, IDF-3905 #define SOC_ASYNC_MEMCPY_SUPPORTED 1 -#define SOC_ECC_SUPPORTED 1 #define SOC_SUPPORTS_SECURE_DL_MODE 1 #define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 1 #define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 0 @@ -42,12 +41,8 @@ #define SOC_RTC_SLOW_MEM_SUPPORTED 0 #define SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY 0 #define SOC_FLASH_ENCRYPTION_XTS_AES 1 - -/*-------------------------- AES CAPS -----------------------------------------*/ -#define SOC_AES_SUPPORT_DMA (1) - -/* Has a centralized DMA, which is shared with all peripherals */ -#define SOC_AES_GDMA (1) +#define SOC_SHA_SUPPORTED 0 // This will be enabled with IDF-3830 +#define SOC_ECC_SUPPORTED 1 /*-------------------------- ADC CAPS -------------------------------*/ /*!< SAR ADC Module*/ diff --git a/components/soc/esp32c3/include/soc/Kconfig.soc_caps.in b/components/soc/esp32c3/include/soc/Kconfig.soc_caps.in index 777f0638e1..73abdc7548 100644 --- a/components/soc/esp32c3/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32c3/include/soc/Kconfig.soc_caps.in @@ -31,14 +31,6 @@ config SOC_BLUEDROID_SUPPORTED bool default y -config SOC_DIG_SIGN_SUPPORTED - bool - default y - -config SOC_HMAC_SUPPORTED - bool - default y - config SOC_ASYNC_MEMCPY_SUPPORTED bool default y @@ -107,6 +99,26 @@ config SOC_SUPPORT_COEXISTENCE bool default y +config SOC_AES_SUPPORTED + bool + default y + +config SOC_MPI_SUPPORTED + bool + default y + +config SOC_SHA_SUPPORTED + bool + default y + +config SOC_HMAC_SUPPORTED + bool + default y + +config SOC_DIG_SIGN_SUPPORTED + bool + default y + config SOC_AES_SUPPORT_DMA bool default y diff --git a/components/soc/esp32c3/include/soc/soc_caps.h b/components/soc/esp32c3/include/soc/soc_caps.h index 492e25779d..0a65a6be78 100644 --- a/components/soc/esp32c3/include/soc/soc_caps.h +++ b/components/soc/esp32c3/include/soc/soc_caps.h @@ -32,8 +32,6 @@ #define SOC_TWAI_SUPPORTED 1 #define SOC_BT_SUPPORTED 1 #define SOC_BLUEDROID_SUPPORTED 1 -#define SOC_DIG_SIGN_SUPPORTED 1 -#define SOC_HMAC_SUPPORTED 1 #define SOC_ASYNC_MEMCPY_SUPPORTED 1 #define SOC_USB_SERIAL_JTAG_SUPPORTED 1 #define SOC_TEMP_SENSOR_SUPPORTED 1 @@ -51,6 +49,11 @@ #define SOC_RMT_SUPPORTED 1 #define SOC_SIGMADELTA_SUPPORTED 1 #define SOC_SUPPORT_COEXISTENCE 1 +#define SOC_AES_SUPPORTED 1 +#define SOC_MPI_SUPPORTED 1 +#define SOC_SHA_SUPPORTED 1 +#define SOC_HMAC_SUPPORTED 1 +#define SOC_DIG_SIGN_SUPPORTED 1 /*-------------------------- AES CAPS -----------------------------------------*/ #define SOC_AES_SUPPORT_DMA (1) diff --git a/components/soc/esp32h2/include/soc/Kconfig.soc_caps.in b/components/soc/esp32h2/include/soc/Kconfig.soc_caps.in index ba9a92a607..ef8392098a 100644 --- a/components/soc/esp32h2/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32h2/include/soc/Kconfig.soc_caps.in @@ -35,14 +35,6 @@ config SOC_ESP_NIMBLE_CONTROLLER bool default y -config SOC_DIG_SIGN_SUPPORTED - bool - default y - -config SOC_HMAC_SUPPORTED - bool - default y - config SOC_ASYNC_MEMCPY_SUPPORTED bool default y @@ -91,6 +83,30 @@ config SOC_SIGMADELTA_SUPPORTED bool default y +config SOC_AES_SUPPORTED + bool + default y + +config SOC_MPI_SUPPORTED + bool + default y + +config SOC_SHA_SUPPORTED + bool + default y + +config SOC_HMAC_SUPPORTED + bool + default y + +config SOC_DIG_SIGN_SUPPORTED + bool + default y + +config SOC_ECC_SUPPORTED + bool + default n + config SOC_AES_SUPPORT_DMA bool default y diff --git a/components/soc/esp32h2/include/soc/soc_caps.h b/components/soc/esp32h2/include/soc/soc_caps.h index 3295748d54..f4d1b861a0 100644 --- a/components/soc/esp32h2/include/soc/soc_caps.h +++ b/components/soc/esp32h2/include/soc/soc_caps.h @@ -39,10 +39,8 @@ #define SOC_GDMA_SUPPORTED 1 #define SOC_TWAI_SUPPORTED 1 #define SOC_BT_SUPPORTED 1 -#define SOC_BLUEDROID_SUPPORTED 0 +#define SOC_BLUEDROID_SUPPORTED 0 #define SOC_ESP_NIMBLE_CONTROLLER 1 -#define SOC_DIG_SIGN_SUPPORTED 1 -#define SOC_HMAC_SUPPORTED 1 #define SOC_ASYNC_MEMCPY_SUPPORTED 1 #define SOC_USB_SERIAL_JTAG_SUPPORTED 1 #define SOC_SUPPORTS_SECURE_DL_MODE 1 @@ -55,7 +53,12 @@ #define SOC_I2S_SUPPORTED 1 #define SOC_RMT_SUPPORTED 1 #define SOC_SIGMADELTA_SUPPORTED 1 - +#define SOC_AES_SUPPORTED 1 +#define SOC_MPI_SUPPORTED 1 +#define SOC_SHA_SUPPORTED 1 +#define SOC_HMAC_SUPPORTED 1 +#define SOC_DIG_SIGN_SUPPORTED 1 +#define SOC_ECC_SUPPORTED 0 // This will be enabled with IDF-3397 /*-------------------------- AES CAPS -----------------------------------------*/ #define SOC_AES_SUPPORT_DMA (1) diff --git a/components/soc/esp32s2/include/soc/Kconfig.soc_caps.in b/components/soc/esp32s2/include/soc/Kconfig.soc_caps.in index 95c4e03538..3a9f0648bf 100644 --- a/components/soc/esp32s2/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32s2/include/soc/Kconfig.soc_caps.in @@ -55,14 +55,6 @@ config SOC_CCOMP_TIMER_SUPPORTED bool default y -config SOC_DIG_SIGN_SUPPORTED - bool - default y - -config SOC_HMAC_SUPPORTED - bool - default y - config SOC_ASYNC_MEMCPY_SUPPORTED bool default y @@ -131,6 +123,26 @@ config SOC_SUPPORT_COEXISTENCE bool default n +config SOC_AES_SUPPORTED + bool + default y + +config SOC_MPI_SUPPORTED + bool + default y + +config SOC_SHA_SUPPORTED + bool + default y + +config SOC_HMAC_SUPPORTED + bool + default y + +config SOC_DIG_SIGN_SUPPORTED + bool + default y + config SOC_ADC_RTC_CTRL_SUPPORTED bool default y diff --git a/components/soc/esp32s2/include/soc/soc_caps.h b/components/soc/esp32s2/include/soc/soc_caps.h index e62053c214..5549bcbb4e 100644 --- a/components/soc/esp32s2/include/soc/soc_caps.h +++ b/components/soc/esp32s2/include/soc/soc_caps.h @@ -52,8 +52,6 @@ #define SOC_WIFI_SUPPORTED 1 #define SOC_ULP_SUPPORTED 1 #define SOC_CCOMP_TIMER_SUPPORTED 1 -#define SOC_DIG_SIGN_SUPPORTED 1 -#define SOC_HMAC_SUPPORTED 1 #define SOC_ASYNC_MEMCPY_SUPPORTED 1 #define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3 #define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 1 @@ -71,6 +69,11 @@ #define SOC_RMT_SUPPORTED 1 #define SOC_SIGMADELTA_SUPPORTED 1 #define SOC_SUPPORT_COEXISTENCE 0 +#define SOC_AES_SUPPORTED 1 +#define SOC_MPI_SUPPORTED 1 +#define SOC_SHA_SUPPORTED 1 +#define SOC_HMAC_SUPPORTED 1 +#define SOC_DIG_SIGN_SUPPORTED 1 /*-------------------------- ADC CAPS ----------------------------------------*/ diff --git a/components/soc/esp32s3/include/soc/Kconfig.soc_caps.in b/components/soc/esp32s3/include/soc/Kconfig.soc_caps.in index c87dc02cb6..9ba9005a03 100644 --- a/components/soc/esp32s3/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32s3/include/soc/Kconfig.soc_caps.in @@ -127,14 +127,6 @@ config SOC_CCOMP_TIMER_SUPPORTED bool default y -config SOC_DIG_SIGN_SUPPORTED - bool - default y - -config SOC_HMAC_SUPPORTED - bool - default y - config SOC_ASYNC_MEMCPY_SUPPORTED bool default y @@ -207,6 +199,26 @@ config SOC_TEMP_SENSOR_SUPPORTED bool default y +config SOC_AES_SUPPORTED + bool + default y + +config SOC_MPI_SUPPORTED + bool + default y + +config SOC_SHA_SUPPORTED + bool + default y + +config SOC_HMAC_SUPPORTED + bool + default y + +config SOC_DIG_SIGN_SUPPORTED + bool + default y + config SOC_APPCPU_HAS_CLOCK_GATING_BUG bool default y diff --git a/components/soc/esp32s3/include/soc/soc_caps.h b/components/soc/esp32s3/include/soc/soc_caps.h index f55ef21de8..a00c26b8ed 100644 --- a/components/soc/esp32s3/include/soc/soc_caps.h +++ b/components/soc/esp32s3/include/soc/soc_caps.h @@ -42,8 +42,6 @@ #define SOC_USB_OTG_SUPPORTED 1 #define SOC_USB_SERIAL_JTAG_SUPPORTED 1 #define SOC_CCOMP_TIMER_SUPPORTED 1 -#define SOC_DIG_SIGN_SUPPORTED 1 -#define SOC_HMAC_SUPPORTED 1 #define SOC_ASYNC_MEMCPY_SUPPORTED 1 #define SOC_SUPPORTS_SECURE_DL_MODE 1 #define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3 @@ -62,6 +60,12 @@ #define SOC_SIGMADELTA_SUPPORTED 1 #define SOC_SUPPORT_COEXISTENCE 1 #define SOC_TEMP_SENSOR_SUPPORTED 1 +#define SOC_AES_SUPPORTED 1 +#define SOC_MPI_SUPPORTED 1 +#define SOC_SHA_SUPPORTED 1 +#define SOC_HMAC_SUPPORTED 1 +#define SOC_DIG_SIGN_SUPPORTED 1 + /*-------------------------- SOC CAPS ----------------------------------------*/ #define SOC_APPCPU_HAS_CLOCK_GATING_BUG (1) diff --git a/docs/en/api-reference/protocols/mbedtls.rst b/docs/en/api-reference/protocols/mbedtls.rst index 563affe076..c704e98f7c 100644 --- a/docs/en/api-reference/protocols/mbedtls.rst +++ b/docs/en/api-reference/protocols/mbedtls.rst @@ -56,9 +56,9 @@ Following is a brief list of important config options accessible at ``Component - :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS`: Support for TLS Session Resumption: Client session tickets - :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS`: Support for TLS Session Resumption: Server session tickets - :ref:`CONFIG_MBEDTLS_HARDWARE_SHA`: Support for hardware SHA acceleration - :SOC_AES_SUPPORT_AES_128: - :ref:`CONFIG_MBEDTLS_HARDWARE_AES`: Support for hardware AES acceleration - :not esp32c2: - :ref:`CONFIG_MBEDTLS_HARDWARE_MPI`: Support for hardware MPI (bignum) acceleration - :esp32c2: - :ref:`CONFIG_MBEDTLS_HARDWARE_ECC`: Support for hardware ECC acceleration + :SOC_AES_SUPPORTED: - :ref:`CONFIG_MBEDTLS_HARDWARE_AES`: Support for hardware AES acceleration + :SOC_MPI_SUPPORTED: - :ref:`CONFIG_MBEDTLS_HARDWARE_MPI`: Support for hardware MPI (bignum) acceleration + :SOC_ECC_SUPPORTED: - :ref:`CONFIG_MBEDTLS_HARDWARE_ECC`: Support for hardware ECC acceleration .. note:: Mbed TLS v3.0.0 and later support only TLS 1.2 and TLS 1.3 (SSL 3.0, TLS 1.0, TLS 1.1 and DTLS 1.0 are not supported). The support for TLS 1.3 is experimental and only supports the client-side. More information about this can be found out `here `__.