fix(soc): Disable XTS-AES-256 using efuse key for ESP32-C5

2025-10-03 10:30:58 +02:00 · 2025-08-18 14:55:32 +05:30
parent 86fc2e116f
commit d59bcb633c
8 changed files with 50 additions and 36 deletions
--- a/components/efuse/esp32c5/include/esp_efuse_chip.h
+++ b/components/efuse/esp32c5/include/esp_efuse_chip.h
@@ -64,8 +64,6 @@ typedef enum {
    ESP_EFUSE_KEY_PURPOSE_USER = 0,                         /**< User purposes (software-only use) */
    ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY = 1,                    /**< ECDSA private key (P256) (Expected in little endian order)*/
    ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY_P256 = ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY, /**< ECDSA private key (P256) (Expected in little endian order)*/
-    ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_1 = 2,            /**< XTS_AES_256_KEY_1 (flash/PSRAM encryption) */
-    ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_2 = 3,            /**< XTS_AES_256_KEY_2 (flash/PSRAM encryption) */
    ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY = 4,              /**< XTS_AES_128_KEY (flash/PSRAM encryption) */
    ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_ALL = 5,                /**< HMAC Downstream mode */
    ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_JTAG = 6,               /**< JTAG soft enable key (uses HMAC Downstream mode) */
@@ -75,8 +73,6 @@ typedef enum {
    ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST1 = 10,         /**< SECURE_BOOT_DIGEST1 (Secure Boot key digest) */
    ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST2 = 11,         /**< SECURE_BOOT_DIGEST2 (Secure Boot key digest) */
    ESP_EFUSE_KEY_PURPOSE_KM_INIT_KEY = 12,                 /**< KM_INIT_KEY (Key Manager initialization key) */
-    ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_PSRAM_KEY_1 = 13,     /**< XTS_AES_256_PSRAM_KEY_1 (PSRAM encryption) */
-    ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_PSRAM_KEY_2 = 14,     /**< XTS_AES_256_PSRAM_KEY_2 (PSRAM encryption) */
    ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_PSRAM_KEY = 15,       /**< XTS_AES_128_PSRAM_KEY (PSRAM encryption) */
    ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY_P192 = 16,              /**< ECDSA private key (P192) */
    ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY_P384_L = 17,            /**< ECDSA private key (P384) */
--- a/components/hal/test_apps/crypto/main/key_manager/test_key_manager.c
+++ b/components/hal/test_apps/crypto/main/key_manager/test_key_manager.c
@@ -84,7 +84,7 @@ static void test_xts_aes_key_ecdh0_mode(test_data_ecdh0_mode_t *test_data)
    ESP_LOG_BUFFER_HEXDUMP("Encrypted data", read_data, data_size, ESP_LOG_DEBUG);
 }

-#if SOC_FLASH_ENCRYPTION_XTS_AES_128
+#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
 static void key_mgr_test_xts_aes_128_aes_mode(void)
 {
    static esp_key_mgr_aes_key_config_t key_config;
@@ -117,9 +117,9 @@ static void key_mgr_test_xts_aes_128_ecdh0_mode(void)
    test_xts_aes_key_ecdh0_mode(&test_data_ecdh0);
    TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
 }
-#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */
+#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 */

-#if SOC_FLASH_ENCRYPTION_XTS_AES_256
+#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
 static void key_mgr_test_xts_aes_256_aes_mode(void)
 {
    static esp_key_mgr_aes_key_config_t key_config;
@@ -155,7 +155,7 @@ static void key_mgr_test_xts_aes_256_ecdh0_mode(void)
    test_xts_aes_key_ecdh0_mode(&test_data_ecdh0);
    TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
 }
-#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */
+#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */

 #if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
 static void test_xts_aes_key_random_mode(void)
@@ -173,7 +173,7 @@ static void test_xts_aes_key_random_mode(void)
    }
 }

-#if SOC_FLASH_ENCRYPTION_XTS_AES_128
+#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
 static void key_mgr_test_xts_aes_128_random_mode(void)
 {
    static esp_key_mgr_random_key_config_t key_config;
@@ -185,9 +185,9 @@ static void key_mgr_test_xts_aes_128_random_mode(void)
    test_xts_aes_key_random_mode();
    TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
 }
-#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */
+#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 */

-#if SOC_FLASH_ENCRYPTION_XTS_AES_256
+#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
 static void key_mgr_test_xts_aes_256_random_mode(void)
 {
    static esp_key_mgr_random_key_config_t key_config;
@@ -199,7 +199,7 @@ static void key_mgr_test_xts_aes_256_random_mode(void)
    test_xts_aes_key_random_mode();
    TEST_ASSERT_EQUAL(ESP_OK, esp_key_mgr_deactivate_key(key_recovery_info.key_type));
 }
-#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */
+#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
 #endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
 #endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */

@@ -436,7 +436,7 @@ TEST_TEAR_DOWN(key_manager)
 }

 #if SOC_KEY_MANAGER_FE_KEY_DEPLOY
-#if SOC_FLASH_ENCRYPTION_XTS_AES_128
+#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
 TEST(key_manager, xts_aes_128_key_aes_deployment)
 {
    key_mgr_test_xts_aes_128_aes_mode();
@@ -453,9 +453,9 @@ TEST(key_manager, xts_key_128_random_deployment)
    key_mgr_test_xts_aes_128_random_mode();
 }
 #endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
-#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */
+#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 */

-#if SOC_FLASH_ENCRYPTION_XTS_AES_256
+#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
 TEST(key_manager, xts_aes_256_key_aes_deployment)
 {
    key_mgr_test_xts_aes_256_aes_mode();
@@ -472,7 +472,7 @@ TEST(key_manager, xts_key_256_random_deployment)
    key_mgr_test_xts_aes_256_random_mode();
 }
 #endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
-#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */
+#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
 #endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */

 #if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
@@ -519,22 +519,22 @@ TEST(key_manager, ds_key_aes_deployment)
 TEST_GROUP_RUNNER(key_manager)
 {
 #if SOC_KEY_MANAGER_FE_KEY_DEPLOY
-#if SOC_FLASH_ENCRYPTION_XTS_AES_128
+#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
    RUN_TEST_CASE(key_manager, xts_aes_128_key_aes_deployment);
    RUN_TEST_CASE(key_manager, xts_key_128_ecdh0_deployment);
 #if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
    // This tests expects Flash encryption to be enabled as the test compares the decrypted flash data with the plaintext data
    RUN_TEST_CASE(key_manager, xts_key_128_random_deployment);
 #endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
-#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_128 */
+#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 */

-#if SOC_FLASH_ENCRYPTION_XTS_AES_256
+#if SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
    RUN_TEST_CASE(key_manager, xts_aes_256_key_aes_deployment);
    RUN_TEST_CASE(key_manager, xts_key_256_ecdh0_deployment);
 #if CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS
    RUN_TEST_CASE(key_manager, xts_key_256_random_deployment);
 #endif /* CONFIG_CRYPTO_TEST_APP_ENABLE_FPGA_TESTS */
-#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_256 */
+#endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 */
 #endif /* SOC_KEY_MANAGER_FE_KEY_DEPLOY */

 #if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
--- a/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in
+++ b/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in
@@ -1403,6 +1403,14 @@ config SOC_KEY_MANAGER_FE_KEY_DEPLOY
    bool
    default y

+config SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
+    bool
+    default y
+
+config SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
+    bool
+    default y
+
 config SOC_KEY_MANAGER_HMAC_KEY_DEPLOY
    bool
    default y
@@ -1443,10 +1451,6 @@ config SOC_FLASH_ENCRYPTION_XTS_AES_128
    bool
    default y

-config SOC_FLASH_ENCRYPTION_XTS_AES_256
-    bool
-    default y
-
 config SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND
    bool
    default y
@@ -1455,10 +1459,6 @@ config SOC_PSRAM_ENCRYPTION_XTS_AES_128
    bool
    default y

-config SOC_PSRAM_ENCRYPTION_XTS_AES_256
-    bool
-    default y
-
 config SOC_RECOVERY_BOOTLOADER_SUPPORTED
    bool
    default y
--- a/components/soc/esp32c5/include/soc/soc_caps.h
+++ b/components/soc/esp32c5/include/soc/soc_caps.h
@@ -546,6 +546,8 @@
 #define SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT  1 /*!< Key manager supports key deployment */
 #define SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY        1 /*!< Key manager responsible to deploy ECDSA key */
 #define SOC_KEY_MANAGER_FE_KEY_DEPLOY           1 /*!< Key manager responsible to deploy Flash Encryption key */
+#define SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128   1 /*!< Key manager responsible to deploy the XTS-AES-128 key */
+#define SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256   1 /*!< Key manager responsible to deploy the XTS-AES-256 key */
 #define SOC_KEY_MANAGER_HMAC_KEY_DEPLOY         1 /*!< Key manager responsible to deploy HMAC key */
 #define SOC_KEY_MANAGER_DS_KEY_DEPLOY           1 /*!< Key manager responsible to deploy DS key */

@@ -560,12 +562,10 @@
 #define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX   (64)
 #define SOC_FLASH_ENCRYPTION_XTS_AES        1
 #define SOC_FLASH_ENCRYPTION_XTS_AES_128    1
-#define SOC_FLASH_ENCRYPTION_XTS_AES_256    1
 #define SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND  1

 /*-------------------------- PSRAM Encryption CAPS----------------------------*/
 #define SOC_PSRAM_ENCRYPTION_XTS_AES_128    (1)
-#define SOC_PSRAM_ENCRYPTION_XTS_AES_256    (1)

 /*------------------------Bootloader CAPS---------------------------------*/
 /* Support Recovery Bootloader */
--- a/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in
+++ b/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in
@@ -1799,6 +1799,14 @@ config SOC_KEY_MANAGER_FE_KEY_DEPLOY
    bool
    default y

+config SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128
+    bool
+    default y
+
+config SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256
+    bool
+    default y
+
 config SOC_SECURE_BOOT_V2_RSA
    bool
    default y
--- a/components/soc/esp32p4/include/soc/soc_caps.h
+++ b/components/soc/esp32p4/include/soc/soc_caps.h
@@ -667,6 +667,8 @@
 #define SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT  1 /*!< Key manager supports key deployment */
 #define SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY        1 /*!< Key manager responsible to deploy ECDSA key */
 #define SOC_KEY_MANAGER_FE_KEY_DEPLOY           1 /*!< Key manager responsible to deploy Flash Encryption key */
+#define SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128   1 /*!< Key manager responsible to deploy the XTS-AES-128 key */
+#define SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256   1 /*!< Key manager responsible to deploy the XTS-AES-256 key */

 /*-------------------------- Secure Boot CAPS----------------------------*/
 #define SOC_SECURE_BOOT_V2_RSA              1
--- a/docs/en/api-reference/peripherals/ecdsa.rst
+++ b/docs/en/api-reference/peripherals/ecdsa.rst
@@ -12,9 +12,13 @@ ECDSA peripheral can help to establish **Secure Device Identity** for TLS mutual
 Supported Features
 ------------------

- ECDSA digital signature generation and verification
- Two different elliptic curves, namely P-192 and P-256 (FIPS 186-3 specification)
- Two hash algorithms for message hash in the ECDSA operation, namely SHA-224 and SHA-256 (FIPS PUB 180-4 specification)
+.. list::
+
+    - ECDSA digital signature generation and verification
+    :SOC_ECDSA_SUPPORT_CURVE_P384: - Three different elliptic curves, namely P-192, P-256 and P-384 (FIPS 186-3 specification)
+    :not SOC_ECDSA_SUPPORT_CURVE_P384: - Two different elliptic curves, namely P-192 and P-256 (FIPS 186-3 specification)
+    :SOC_ECDSA_SUPPORT_CURVE_P384: - Three hash algorithms for message hash in the ECDSA operation, namely SHA-224, SHA-256 and SHA-384 (FIPS PUB 180-4 specification)
+    :not SOC_ECDSA_SUPPORT_CURVE_P384: - Two hash algorithms for message hash in the ECDSA operation, namely SHA-224 and SHA-256 (FIPS PUB 180-4 specification)


 ECDSA on {IDF_TARGET_NAME}
--- a/docs/zh_CN/api-reference/peripherals/ecdsa.rst
+++ b/docs/zh_CN/api-reference/peripherals/ecdsa.rst
@@ -12,9 +12,13 @@ ECDSA 外设可以为 TLS 双向身份验证等用例建立 **安全设备身份
 支持的特性
 ----------

- ECDSA 数字签名生成和验证
- 两种不同的椭圆曲线，P-192 和 P-256（FIPS 186-3 规范）
- ECDSA 操作中哈希消息的两种哈希算法，SHA-224 和 SHA-256（FIPS PUB 180-4 规范）
+.. list::
+
+    - ECDSA 数字签名生成和验证
+    :SOC_ECDSA_SUPPORT_CURVE_P384: - 三种不同的椭圆曲线，P-192，P-256 和 P-384（FIPS 186-3 规范）
+    :not SOC_ECDSA_SUPPORT_CURVE_P384: - 两种不同的椭圆曲线，P-192 和 P-256（FIPS 186-3 规范）
+    :SOC_ECDSA_SUPPORT_CURVE_P384: - ECDSA 操作中用于散列消息的三种哈希算法，SHA-224, SHA-256 和 SHA-384（FIPS PUB 180-4 规范）
+    :not SOC_ECDSA_SUPPORT_CURVE_P384: - ECDSA 操作中哈希消息的两种哈希算法，SHA-224 和 SHA-256（FIPS PUB 180-4 规范）


 {IDF_TARGET_NAME} 上的 ECDSA