From 44d536182133fee44843fff161822f79b35ca319 Mon Sep 17 00:00:00 2001 From: "nilesh.kale" Date: Wed, 15 Jan 2025 16:22:12 +0530 Subject: [PATCH] feat: add efuses for esp32h21 This commit adds ecdsa efuses for esp32h21 --- components/efuse/esp32h21/esp_efuse_table.c | 23 ++++--- components/efuse/esp32h21/esp_efuse_table.csv | 3 +- .../efuse/esp32h21/include/esp_efuse_table.h | 7 +- .../soc/esp32h21/register/soc/efuse_reg.h | 69 ++++++++++--------- .../soc/esp32h21/register/soc/efuse_struct.h | 39 ++++++----- 5 files changed, 80 insertions(+), 61 deletions(-) diff --git a/components/efuse/esp32h21/esp_efuse_table.c b/components/efuse/esp32h21/esp_efuse_table.c index 29e8f1bde4..2aa510ada0 100644 --- a/components/efuse/esp32h21/esp_efuse_table.c +++ b/components/efuse/esp32h21/esp_efuse_table.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2017-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -9,9 +9,7 @@ #include #include "esp_efuse_table.h" -// TODO: [ESP32H21] IDF-11556, file inherit from verify code, please check - -// md5_digest_table bedca3b10dd5d184f2e294291996a60e +// md5_digest_table 4ec5511e3b738f65373b56d5cdecea93 // This file was generated from the file esp_efuse_table.csv. DO NOT CHANGE THIS FILE MANUALLY. // If you want to change some fields, you need to change esp_efuse_table.csv file // then run `efuse_common_table` or `efuse_custom_table` command it will generate this file. @@ -121,8 +119,12 @@ static const esp_efuse_desc_t WR_DIS_SECURE_BOOT_AGGRESSIVE_REVOKE[] = { {EFUSE_BLK0, 16, 1}, // [] wr_dis of SECURE_BOOT_AGGRESSIVE_REVOKE, }; -static const esp_efuse_desc_t WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[] = { - {EFUSE_BLK0, 17, 1}, // [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K, +static const esp_efuse_desc_t WR_DIS_ECDSA_CURVE_MODE[] = { + {EFUSE_BLK0, 17, 1}, // [] wr_dis of ECDSA_CURVE_MODE, +}; + +static const esp_efuse_desc_t WR_DIS_ECC_FORCE_CONST_TIME[] = { + {EFUSE_BLK0, 17, 1}, // [] wr_dis of ECC_FORCE_CONST_TIME, }; static const esp_efuse_desc_t WR_DIS_FLASH_TPUW[] = { @@ -909,8 +911,13 @@ const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_AGGRESSIVE_REVOKE[] = { NULL }; -const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[] = { - &WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[0], // [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K +const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_CURVE_MODE[] = { + &WR_DIS_ECDSA_CURVE_MODE[0], // [] wr_dis of ECDSA_CURVE_MODE + NULL +}; + +const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECC_FORCE_CONST_TIME[] = { + &WR_DIS_ECC_FORCE_CONST_TIME[0], // [] wr_dis of ECC_FORCE_CONST_TIME NULL }; diff --git a/components/efuse/esp32h21/esp_efuse_table.csv b/components/efuse/esp32h21/esp_efuse_table.csv index 0f39ced267..7cc4ae4b24 100644 --- a/components/efuse/esp32h21/esp_efuse_table.csv +++ b/components/efuse/esp32h21/esp_efuse_table.csv @@ -39,7 +39,8 @@ WR_DIS.SEC_DPA_LEVEL, EFUSE_BLK0, 14, 1, [] wr_dis WR_DIS.CRYPT_DPA_ENABLE, EFUSE_BLK0, 14, 1, [] wr_dis of CRYPT_DPA_ENABLE WR_DIS.SECURE_BOOT_EN, EFUSE_BLK0, 15, 1, [] wr_dis of SECURE_BOOT_EN WR_DIS.SECURE_BOOT_AGGRESSIVE_REVOKE, EFUSE_BLK0, 16, 1, [] wr_dis of SECURE_BOOT_AGGRESSIVE_REVOKE -WR_DIS.ECDSA_FORCE_USE_HARDWARE_K, EFUSE_BLK0, 17, 1, [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K +WR_DIS.ECDSA_CURVE_MODE, EFUSE_BLK0, 17, 1, [] wr_dis of ECDSA_CURVE_MODE +WR_DIS.ECC_FORCE_CONST_TIME, EFUSE_BLK0, 17, 1, [] wr_dis of ECC_FORCE_CONST_TIME WR_DIS.FLASH_TPUW, EFUSE_BLK0, 18, 1, [] wr_dis of FLASH_TPUW WR_DIS.DIS_DOWNLOAD_MODE, EFUSE_BLK0, 18, 1, [] wr_dis of DIS_DOWNLOAD_MODE WR_DIS.DIS_DIRECT_BOOT, EFUSE_BLK0, 18, 1, [] wr_dis of DIS_DIRECT_BOOT diff --git a/components/efuse/esp32h21/include/esp_efuse_table.h b/components/efuse/esp32h21/include/esp_efuse_table.h index a836d6711a..fcbaf9acf3 100644 --- a/components/efuse/esp32h21/include/esp_efuse_table.h +++ b/components/efuse/esp32h21/include/esp_efuse_table.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2017-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -10,7 +10,7 @@ extern "C" { #include "esp_efuse.h" -// md5_digest_table bedca3b10dd5d184f2e294291996a60e +// md5_digest_table 4ec5511e3b738f65373b56d5cdecea93 // This file was generated from the file esp_efuse_table.csv. DO NOT CHANGE THIS FILE MANUALLY. // If you want to change some fields, you need to change esp_efuse_table.csv file // then run `efuse_common_table` or `efuse_custom_table` command it will generate this file. @@ -50,7 +50,8 @@ extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SEC_DPA_LEVEL[]; extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_CRYPT_DPA_ENABLE[]; extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_EN[]; extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_AGGRESSIVE_REVOKE[]; -extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[]; +extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_CURVE_MODE[]; +extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECC_FORCE_CONST_TIME[]; extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_FLASH_TPUW[]; extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_DIS_DOWNLOAD_MODE[]; extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_DIS_DIRECT_BOOT[]; diff --git a/components/soc/esp32h21/register/soc/efuse_reg.h b/components/soc/esp32h21/register/soc/efuse_reg.h index 915c37d848..2c8d3140da 100644 --- a/components/soc/esp32h21/register/soc/efuse_reg.h +++ b/components/soc/esp32h21/register/soc/efuse_reg.h @@ -1,5 +1,5 @@ /** - * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -289,20 +289,26 @@ extern "C" { #define EFUSE_VDD_SPI_AS_GPIO_M (EFUSE_VDD_SPI_AS_GPIO_V << EFUSE_VDD_SPI_AS_GPIO_S) #define EFUSE_VDD_SPI_AS_GPIO_V 0x00000001U #define EFUSE_VDD_SPI_AS_GPIO_S 26 -/** EFUSE_RPT4_RESERVED0_2 : RO; bitpos: [28:27]; default: 0; - * Reserved. +/** EFUSE_ECDSA_CURVE_MODE : RO; bitpos: [28:27]; default: 0; + * Represents the configuration of the curve of ECDSA calculation. + * 0: Only enable P256 + * 1: Only enable P192 + * 2: Both enable P256 and P192 + * 3: Only enable P256 */ -#define EFUSE_RPT4_RESERVED0_2 0x00000003U -#define EFUSE_RPT4_RESERVED0_2_M (EFUSE_RPT4_RESERVED0_2_V << EFUSE_RPT4_RESERVED0_2_S) -#define EFUSE_RPT4_RESERVED0_2_V 0x00000003U -#define EFUSE_RPT4_RESERVED0_2_S 27 -/** EFUSE_RPT4_RESERVED0_1 : RO; bitpos: [29]; default: 0; - * Reserved. +#define EFUSE_ECDSA_CURVE_MODE 0x00000003U +#define EFUSE_ECDSA_CURVE_MODE_M (EFUSE_ECDSA_CURVE_MODE_V << EFUSE_ECDSA_CURVE_MODE_S) +#define EFUSE_ECDSA_CURVE_MODE_V 0x00000003U +#define EFUSE_ECDSA_CURVE_MODE_S 27 +/** EFUSE_ECC_FORCE_CONST_TIME : RO; bitpos: [29]; default: 0; + * Represents whether to permanently turn on ECC const-time mode. + * 0: Disabled + * 1: Enabled */ -#define EFUSE_RPT4_RESERVED0_1 (BIT(29)) -#define EFUSE_RPT4_RESERVED0_1_M (EFUSE_RPT4_RESERVED0_1_V << EFUSE_RPT4_RESERVED0_1_S) -#define EFUSE_RPT4_RESERVED0_1_V 0x00000001U -#define EFUSE_RPT4_RESERVED0_1_S 29 +#define EFUSE_ECC_FORCE_CONST_TIME (BIT(29)) +#define EFUSE_ECC_FORCE_CONST_TIME_M (EFUSE_ECC_FORCE_CONST_TIME_V << EFUSE_ECC_FORCE_CONST_TIME_S) +#define EFUSE_ECC_FORCE_CONST_TIME_V 0x00000001U +#define EFUSE_ECC_FORCE_CONST_TIME_S 29 /** EFUSE_RPT4_RESERVED0_0 : RO; bitpos: [31:30]; default: 0; * Reserved. */ @@ -416,14 +422,13 @@ extern "C" { #define EFUSE_SEC_DPA_LEVEL_M (EFUSE_SEC_DPA_LEVEL_V << EFUSE_SEC_DPA_LEVEL_S) #define EFUSE_SEC_DPA_LEVEL_V 0x00000003U #define EFUSE_SEC_DPA_LEVEL_S 16 -/** EFUSE_ECDSA_FORCE_USE_HARDWARE_K : RO; bitpos: [18]; default: 1; - * Represents whether hardware random number k is forced used in ESDCA. 1: force used. - * 0: not force used. +/** EFUSE_RPT4_RESERVED2_1 : RO; bitpos: [18]; default: 0; + * Reserved */ -#define EFUSE_ECDSA_FORCE_USE_HARDWARE_K (BIT(18)) -#define EFUSE_ECDSA_FORCE_USE_HARDWARE_K_M (EFUSE_ECDSA_FORCE_USE_HARDWARE_K_V << EFUSE_ECDSA_FORCE_USE_HARDWARE_K_S) -#define EFUSE_ECDSA_FORCE_USE_HARDWARE_K_V 0x00000001U -#define EFUSE_ECDSA_FORCE_USE_HARDWARE_K_S 18 +#define EFUSE_RPT4_RESERVED2_1 (BIT(18)) +#define EFUSE_RPT4_RESERVED2_1_M (EFUSE_RPT4_RESERVED2_1_V << EFUSE_RPT4_RESERVED2_1_S) +#define EFUSE_RPT4_RESERVED2_1_V 0x00000001U +#define EFUSE_RPT4_RESERVED2_1_S 18 /** EFUSE_CRYPT_DPA_ENABLE : RO; bitpos: [19]; default: 1; * Represents whether anti-dpa attack is enabled. 1:enabled. 0: disabled. */ @@ -1888,20 +1893,20 @@ extern "C" { #define EFUSE_VDD_SPI_AS_GPIO_ERR_M (EFUSE_VDD_SPI_AS_GPIO_ERR_V << EFUSE_VDD_SPI_AS_GPIO_ERR_S) #define EFUSE_VDD_SPI_AS_GPIO_ERR_V 0x00000001U #define EFUSE_VDD_SPI_AS_GPIO_ERR_S 26 -/** EFUSE_RPT4_RESERVED0_ERR_2 : RO; bitpos: [28:27]; default: 0; - * Reserved. +/** EFUSE_ECDSA_CURVE_MODE_ERR : RO; bitpos: [28:27]; default: 0; + * Represents the programming error of EFUSE_ECDSA_CURVE_MODE */ -#define EFUSE_RPT4_RESERVED0_ERR_2 0x00000003U -#define EFUSE_RPT4_RESERVED0_ERR_2_M (EFUSE_RPT4_RESERVED0_ERR_2_V << EFUSE_RPT4_RESERVED0_ERR_2_S) -#define EFUSE_RPT4_RESERVED0_ERR_2_V 0x00000003U -#define EFUSE_RPT4_RESERVED0_ERR_2_S 27 -/** EFUSE_RPT4_RESERVED0_ERR_1 : RO; bitpos: [29]; default: 0; - * Reserved. +#define EFUSE_ECDSA_CURVE_MODE_ERR 0x00000003U +#define EFUSE_ECDSA_CURVE_MODE_ERR_M (EFUSE_ECDSA_CURVE_MODE_ERR_V << EFUSE_ECDSA_CURVE_MODE_ERR_S) +#define EFUSE_ECDSA_CURVE_MODE_ERR_V 0x00000003U +#define EFUSE_ECDSA_CURVE_MODE_ERR_S 27 +/** EFUSE_ECC_FORCE_CONST_TIME_ERR : RO; bitpos: [29]; default: 0; + * Represents the programming error of EFUSE_ECC_FORCE_CONST_TIME */ -#define EFUSE_RPT4_RESERVED0_ERR_1 (BIT(29)) -#define EFUSE_RPT4_RESERVED0_ERR_1_M (EFUSE_RPT4_RESERVED0_ERR_1_V << EFUSE_RPT4_RESERVED0_ERR_1_S) -#define EFUSE_RPT4_RESERVED0_ERR_1_V 0x00000001U -#define EFUSE_RPT4_RESERVED0_ERR_1_S 29 +#define EFUSE_ECC_FORCE_CONST_TIME_ERR (BIT(29)) +#define EFUSE_ECC_FORCE_CONST_TIME_ERR_M (EFUSE_ECC_FORCE_CONST_TIME_ERR_V << EFUSE_ECC_FORCE_CONST_TIME_ERR_S) +#define EFUSE_ECC_FORCE_CONST_TIME_ERR_V 0x00000001U +#define EFUSE_ECC_FORCE_CONST_TIME_ERR_S 29 /** EFUSE_RPT4_RESERVED0_ERR_0 : RO; bitpos: [31:30]; default: 0; * Reserved. */ diff --git a/components/soc/esp32h21/register/soc/efuse_struct.h b/components/soc/esp32h21/register/soc/efuse_struct.h index ab4c17e475..6f84cf12a1 100644 --- a/components/soc/esp32h21/register/soc/efuse_struct.h +++ b/components/soc/esp32h21/register/soc/efuse_struct.h @@ -1,5 +1,5 @@ /** - * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -252,14 +252,20 @@ typedef union { * functioned. */ uint32_t vdd_spi_as_gpio:1; - /** rpt4_reserved0_2 : RO; bitpos: [28:27]; default: 0; - * Reserved. + /** ecdsa_curve_mode : RO; bitpos: [28:27]; default: 0; + * Represents the configuration of the curve of ECDSA calculation. + * 0: Only enable P256 + * 1: Only enable P192 + * 2: Both enable P256 and P192 + * 3: Only enable P256 */ - uint32_t rpt4_reserved0_2:2; - /** rpt4_reserved0_1 : RO; bitpos: [29]; default: 0; - * Reserved. + uint32_t ecdsa_curve_mode:2; + /** ecc_force_const_time : RO; bitpos: [29]; default: 0; + * Represents whether to permanently turn on ECC const-time mode. + * 0: Disabled + * 1: Enabled */ - uint32_t rpt4_reserved0_1:1; + uint32_t ecc_force_const_time:1; /** rpt4_reserved0_0 : RO; bitpos: [31:30]; default: 0; * Reserved. */ @@ -339,11 +345,10 @@ typedef union { * Represents the spa secure level by configuring the clock random divide mode. */ uint32_t sec_dpa_level:2; - /** ecdsa_force_use_hardware_k : RO; bitpos: [18]; default: 1; - * Represents whether hardware random number k is forced used in ESDCA. 1: force used. - * 0: not force used. + /** rpt4_reserved2_1 : RO; bitpos: [18]; default: 0; + * Reserved. */ - uint32_t ecdsa_force_use_hardware_k:1; + uint32_t rpt4_reserved2_1:1; /** crypt_dpa_enable : RO; bitpos: [19]; default: 1; * Represents whether anti-dpa attack is enabled. 1:enabled. 0: disabled. */ @@ -1684,14 +1689,14 @@ typedef union { * Indicates a programming error of VDD_SPI_AS_GPIO. */ uint32_t vdd_spi_as_gpio_err:1; - /** rpt4_reserved0_err_2 : RO; bitpos: [28:27]; default: 0; - * Reserved. + /** ecdsa_curve_mode_err : RO; bitpos: [28:27]; default: 0; + * Represents the programming error of EFUSE_ECDSA_CURVE_MODE */ - uint32_t rpt4_reserved0_err_2:2; - /** rpt4_reserved0_err_1 : RO; bitpos: [29]; default: 0; - * Reserved. + uint32_t ecdsa_curve_mode_err:2; + /** ecc_force_const_time_err : RO; bitpos: [29]; default: 0; + * Represents the programming error of EFUSE_ECC_FORCE_CONST_TIME */ - uint32_t rpt4_reserved0_err_1:1; + uint32_t ecc_force_const_time_err:1; /** rpt4_reserved0_err_0 : RO; bitpos: [31:30]; default: 0; * Reserved. */