feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

Merge branch 'feature/esp32h2_eco5_ecc_v5.2' into 'release/v5.2'

Browse Source 
feat(ecc): enable ECC constant time mode for ESP32-H2 ECO5 (v5.2)

See merge request espressif/esp-idf!36586
This commit is contained in:
Aditya Patwardhan
2025-02-11 09:54:03 +08:00
parent b8b0046903 cc64fb4338
commit 4c281f8eee
28 changed files with 1390 additions and 545 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
components/esp_hw_support/Kconfig
View File

@@ -336,6 +336,20 @@ menu "Hardware Settings"
endmenu
config ESP_CRYPTO_FORCE_ECC_CONSTANT_TIME_POINT_MUL
bool "Forcefully enable ECC constant time point multiplication operations"
depends on SOC_ECC_CONSTANT_TIME_POINT_MUL
default N
help
If enabled, the app startup code will burn the ECC_FORCE_CONST_TIME efuse bit to force the
ECC peripheral to always perform constant time point multiplication operations,
irrespective of the ECC_MULT_SECURITY_MODE status bit that is present in the ECC_MULT_CONF_REG
register. By default, ESP-IDF configures the ECC peripheral to perform constant time point
multiplication operations, so enabling this config would provide security enhancement only in
the cases when trusted boot is not enabled and the attacker tries carrying out non-constant
time point multiplication operations by changing the default ESP-IDF configurations.
Performing constant time operations protect the ECC multiplication operations from timing attacks.
# Invisible bringup bypass options for esp_hw_support component
config ESP_BRINGUP_BYPASS_CPU_CLK_SETTING
bool

22
components/esp_system/startup.c
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -38,6 +38,12 @@
/***********************************************/
// Headers for other components init functions
#if CONFIG_ESP_CRYPTO_FORCE_ECC_CONSTANT_TIME_POINT_MUL
#include "soc/chip_revision.h"
#include "hal/efuse_hal.h"
#endif
#if CONFIG_SW_COEXIST_ENABLE || CONFIG_EXTERNAL_COEX_ENABLE
#include "private/esp_coexist_internal.h"
#endif
@@ -374,6 +380,20 @@ static void do_core_init(void)
}
#endif
#if CONFIG_ESP_CRYPTO_FORCE_ECC_CONSTANT_TIME_POINT_MUL
bool force_constant_time = true;
#if CONFIG_IDF_TARGET_ESP32H2
if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102)) {
force_constant_time = false;
}
#endif
if (!esp_efuse_read_field_bit(ESP_EFUSE_ECC_FORCE_CONST_TIME) && force_constant_time) {
ESP_EARLY_LOGD(TAG, "Forcefully enabling ECC constant time operations");
esp_err_t err = esp_efuse_write_field_bit(ESP_EFUSE_ECC_FORCE_CONST_TIME);
assert(err == ESP_OK && "Failed to enable ECC constant time operations");
}
#endif
#if CONFIG_SECURE_DISABLE_ROM_DL_MODE
err = esp_efuse_disable_rom_download_mode();
assert(err == ESP_OK && "Failed to disable ROM download mode");

4
components/hal/Kconfig
View File

@@ -105,11 +105,13 @@ menu "Hardware Abstraction Layer (HAL) and Low Level (LL)"
config HAL_ECDSA_GEN_SIG_CM
bool "Enable countermeasure for ECDSA signature generation"
depends on IDF_TARGET_ESP32H2
default n
# ToDo - IDF-11051
help
Enable this option to apply the countermeasure for ECDSA signature operation
This countermeasure masks the real ECDSA sign operation
under dummy sign operations to add randomness in the generated power signature.
This countermeasure is only necessary for ESP32-H2 < v1.2.
endmenu

5
components/hal/ecc_hal.c
View File

@@ -177,3 +177,8 @@ int ecc_hal_read_mod_op_result(uint8_t *r, uint16_t len)
}
#endif /* SOC_ECC_EXTENDED_MODES_SUPPORTED */
void ecc_hal_enable_constant_time_point_mul(bool enable)
{
ecc_ll_enable_constant_time_point_mul(enable);
}

11
components/hal/ecdsa_hal.c
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -16,6 +16,7 @@
#if CONFIG_HAL_ECDSA_GEN_SIG_CM
#include "esp_fault.h"
#include "esp_random.h"
#include "soc/chip_revision.h"
#endif
#define ECDSA_HAL_P192_COMPONENT_LEN 24
@@ -121,7 +122,15 @@ void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *hash,
configure_ecdsa_periph(conf);
#if CONFIG_HAL_ECDSA_GEN_SIG_CM
#if CONFIG_IDF_TARGET_ESP32H2
if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102)) {
ecdsa_hal_gen_signature_with_countermeasure(hash, r_out, s_out, len);
} else {
ecdsa_hal_gen_signature_inner(hash, r_out, s_out, len);
}
#else
ecdsa_hal_gen_signature_with_countermeasure(hash, r_out, s_out, len);
#endif
#else /* CONFIG_HAL_ECDSA_GEN_SIG_CM */
ecdsa_hal_gen_signature_inner(hash, r_out, s_out, len);
#endif /* !CONFIG_HAL_ECDSA_GEN_SIG_CM */

8
components/hal/esp32c2/include/hal/ecc_ll.h
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2020-2023 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2020-2024 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -171,6 +171,12 @@ static inline void ecc_ll_read_param(ecc_ll_param_t param, uint8_t *buf, uint16_
memcpy(buf, (void *)reg, len);
}
static inline void ecc_ll_enable_constant_time_point_mul(bool enable)
{
// Not supported for ESP32-C2
(void) enable; //unused
}
#ifdef __cplusplus
}
#endif

6
components/hal/esp32c6/include/hal/ecc_ll.h
View File

@@ -173,6 +173,12 @@ static inline void ecc_ll_read_param(ecc_ll_param_t param, uint8_t *buf, uint16_
memcpy(buf, (void *)reg, len);
}
static inline void ecc_ll_enable_constant_time_point_mul(bool enable)
{
// Not supported for ESP32-C6
(void) enable; //unused
}
#ifdef __cplusplus
}
#endif

14
components/hal/esp32h2/include/hal/ecc_ll.h
View File

@@ -12,6 +12,8 @@
#include "soc/ecc_mult_reg.h"
#include "soc/pcr_struct.h"
#include "soc/pcr_reg.h"
#include "soc/chip_revision.h"
#include "hal/efuse_hal.h"
#ifdef __cplusplus
extern "C" {
@@ -211,6 +213,18 @@ static inline ecc_mod_base_t ecc_ll_get_mod_base(void)
return (ecc_mod_base_t)(REG_GET_FIELD(ECC_MULT_CONF_REG, ECC_MULT_MOD_BASE));
}
static inline void ecc_ll_enable_constant_time_point_mul(bool enable)
{
// ECC constant time point multiplication is supported only on rev 1.2 and above
if (ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102)){
if (enable) {
REG_SET_BIT(ECC_MULT_CONF_REG, ECC_MULT_SECURITY_MODE);
} else {
REG_CLR_BIT(ECC_MULT_CONF_REG, ECC_MULT_SECURITY_MODE);
}
}
}
static inline void ecc_ll_read_param(ecc_ll_param_t param, uint8_t *buf, uint16_t len)
{
uint32_t reg;

18
components/hal/esp32h2/include/hal/ecdsa_ll.h
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -9,8 +9,10 @@
#include <string.h>
#include "hal/assert.h"
#include "soc/ecdsa_reg.h"
#include "soc/ecdsa_struct.h"
#include "soc/pcr_struct.h"
#include "hal/ecdsa_types.h"
#include "hal/ecc_ll.h"
#ifdef __cplusplus
extern "C" {
@@ -31,7 +33,7 @@ typedef enum {
* @brief Interrupt types in ECDSA
*/
typedef enum {
ECDSA_INT_CALC_DONE,
ECDSA_INT_PREP_DONE,
ECDSA_INT_SHA_RELEASE,
} ecdsa_ll_intr_type_t;
@@ -97,8 +99,8 @@ static inline void ecdsa_ll_reset_register(void)
static inline void ecdsa_ll_enable_intr(ecdsa_ll_intr_type_t type)
{
switch (type) {
case ECDSA_INT_CALC_DONE:
REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_CALC_DONE_INT_ENA, 1);
case ECDSA_INT_PREP_DONE:
REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_PREP_DONE_INT_ENA, 1);
break;
case ECDSA_INT_SHA_RELEASE:
REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_SHA_RELEASE_INT_ENA, 1);
@@ -117,8 +119,8 @@ static inline void ecdsa_ll_enable_intr(ecdsa_ll_intr_type_t type)
static inline void ecdsa_ll_disable_intr(ecdsa_ll_intr_type_t type)
{
switch (type) {
case ECDSA_INT_CALC_DONE:
REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_CALC_DONE_INT_ENA, 0);
case ECDSA_INT_PREP_DONE:
REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_PREP_DONE_INT_ENA, 0);
break;
case ECDSA_INT_SHA_RELEASE:
REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_SHA_RELEASE_INT_ENA, 0);
@@ -137,8 +139,8 @@ static inline void ecdsa_ll_disable_intr(ecdsa_ll_intr_type_t type)
static inline void ecdsa_ll_clear_intr(ecdsa_ll_intr_type_t type)
{
switch (type) {
case ECDSA_INT_CALC_DONE:
REG_SET_FIELD(ECDSA_INT_CLR_REG, ECDSA_CALC_DONE_INT_CLR, 1);
case ECDSA_INT_PREP_DONE:
REG_SET_FIELD(ECDSA_INT_CLR_REG, ECDSA_PREP_DONE_INT_CLR, 1);
break;
case ECDSA_INT_SHA_RELEASE:
REG_SET_FIELD(ECDSA_INT_CLR_REG, ECDSA_SHA_RELEASE_INT_CLR, 1);

8
components/hal/esp32p4/include/hal/ecc_ll.h
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -241,6 +241,12 @@ static inline void ecc_ll_read_param(ecc_ll_param_t param, uint8_t *buf, uint16_
memcpy(buf, (void *)reg, len);
}
static inline void ecc_ll_enable_constant_time_point_mul(bool enable)
{
// Not supported for ESP32-P4
(void) enable; //unused
}
#ifdef __cplusplus
}
#endif

7
components/hal/include/hal/ecc_hal.h
View File

@@ -195,6 +195,13 @@ int ecc_hal_read_mod_op_result(uint8_t *r, uint16_t len);
#endif /* SOC_ECC_EXTENDED_MODES_SUPPORTED */
/**
* @brief Enable constant time multiplication operations
*
* @param true: enable; false: disable
*/
void ecc_hal_enable_constant_time_point_mul(bool enable);
#ifdef __cplusplus
}
#endif

2
components/hal/include/hal/ecdsa_hal.h
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/

2
components/hal/test_apps/crypto/main/CMakeLists.txt
View File

@@ -33,5 +33,5 @@ if(CONFIG_SOC_SHA_SUPPORTED)
endif()
idf_component_register(SRCS ${srcs}
REQUIRES test_utils unity
REQUIRES test_utils unity ccomp_timer
WHOLE_ARCHIVE)

85
components/hal/test_apps/crypto/main/ecc/test_ecc.c
View File

@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: CC0-1.0
*/
@@ -14,7 +14,8 @@
#include "soc/soc_caps.h"
#include "hal/ecc_hal.h"
#include "hal/ecc_ll.h"
#include "ccomp_timer.h"
#include "sys/param.h"
#include "memory_checks.h"
#include "unity_fixture.h"
@@ -86,6 +87,7 @@ static void ecc_point_mul(const uint8_t *k_le, const uint8_t *x_le, const uint8_
} else {
ecc_hal_set_mode(ECC_MODE_POINT_MUL);
}
ecc_hal_enable_constant_time_point_mul(true);
ecc_hal_start_calc();
while (!ecc_hal_is_calc_finished()) {
@@ -160,6 +162,82 @@ TEST(ecc, ecc_point_multiplication_on_SECP192R1_and_SECP256R1)
{
test_ecc_point_mul_inner(false);
}
#if SOC_ECC_CONSTANT_TIME_POINT_MUL
#define CONST_TIME_DEVIATION_PERCENT 0.002
static void test_ecc_point_mul_inner_constant_time(void)
{
#if CONFIG_IDF_TARGET_ESP32H2
if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102)) {
TEST_IGNORE_MESSAGE("Skipping test, not supported on ESP32-H2 <v1.2\n");
return;
}
#endif
uint8_t scalar_le[32];
uint8_t x_le[32];
uint8_t y_le[32];
/* P256 */
ecc_be_to_le(ecc_p256_scalar, scalar_le, 32);
ecc_be_to_le(ecc_p256_point_x, x_le, 32);
ecc_be_to_le(ecc_p256_point_y, y_le, 32);
uint8_t x_res_le[32];
uint8_t y_res_le[32];
double deviation = 0;
uint32_t elapsed_time, mean_elapsed_time, total_elapsed_time = 0;
uint32_t max_time = 0, min_time = UINT32_MAX;
int loop_count = 10;
for (int i = 0; i < loop_count; i++) {
ccomp_timer_start();
ecc_point_mul(scalar_le, x_le, y_le, 32, 0, x_res_le, y_res_le);
elapsed_time = ccomp_timer_stop();
max_time = MAX(elapsed_time, max_time);
min_time = MIN(elapsed_time, min_time);
total_elapsed_time += elapsed_time;
}
mean_elapsed_time = total_elapsed_time / loop_count;
deviation = ((double)(max_time - mean_elapsed_time) / mean_elapsed_time);
int is_constant_time = (deviation < CONST_TIME_DEVIATION_PERCENT);
TEST_ASSERT_EQUAL(is_constant_time, 1);
/* P192 */
ecc_be_to_le(ecc_p192_scalar, scalar_le, 24);
ecc_be_to_le(ecc_p192_point_x, x_le, 24);
ecc_be_to_le(ecc_p192_point_y, y_le, 24);
max_time = 0;
min_time = UINT32_MAX;
total_elapsed_time = 0;
for (int i = 0; i < loop_count; i++) {
ccomp_timer_start();
ecc_point_mul(scalar_le, x_le, y_le, 24, 0, x_res_le, y_res_le);
elapsed_time = ccomp_timer_stop();
max_time = MAX(elapsed_time, max_time);
min_time = MIN(elapsed_time, min_time);
total_elapsed_time += elapsed_time;
}
mean_elapsed_time = total_elapsed_time / loop_count;
deviation = ((double)(max_time - mean_elapsed_time) / mean_elapsed_time);
is_constant_time = (deviation < CONST_TIME_DEVIATION_PERCENT);
TEST_ASSERT_EQUAL(is_constant_time, 1);
}
TEST(ecc, ecc_point_multiplication_const_time_check_on_SECP192R1_and_SECP256R1)
{
test_ecc_point_mul_inner_constant_time();
}
#endif
#endif
#if SOC_ECC_SUPPORT_POINT_VERIFY && !defined(SOC_ECC_SUPPORT_POINT_VERIFY_QUIRK)
@@ -493,6 +571,9 @@ TEST_GROUP_RUNNER(ecc)
{
#if SOC_ECC_SUPPORT_POINT_MULT
RUN_TEST_CASE(ecc, ecc_point_multiplication_on_SECP192R1_and_SECP256R1);
#if SOC_ECC_CONSTANT_TIME_POINT_MUL
RUN_TEST_CASE(ecc, ecc_point_multiplication_const_time_check_on_SECP192R1_and_SECP256R1);
#endif
#endif
#if SOC_ECC_SUPPORT_POINT_VERIFY && !defined(SOC_ECC_SUPPORT_POINT_VERIFY_QUIRK)

17
components/hal/test_apps/crypto/main/idf_component.yml Normal file
View File

@@ -0,0 +1,17 @@
## IDF Component Manager Manifest File
dependencies:
## Required IDF version
idf:
version: '>=4.1.0'
# # Put list of dependencies here
# # For components maintained by Espressif:
# component: "~1.0.0"
# # For 3rd party components:
# username/component: ">=1.0.0,<2.0.0"
# username2/component2:
# version: "~1.0.0"
# # For transient dependencies `public` flag can be set.
# # `public` flag doesn't have an effect dependencies of the `main` component.
# # All dependencies of `main` are public by default.
# public: true
espressif/ccomp_timer: '*'

5
components/mbedtls/Kconfig
View File

@@ -575,16 +575,16 @@ menu "mbedTLS"
config MBEDTLS_HARDWARE_ECDSA_SIGN_MASKING_CM
bool "Mask original ECDSA sign operation under dummy sign operations"
select HAL_ECDSA_GEN_SIG_CM
# ToDo: IDF-11051
default y
help
The ECDSA peripheral before ECO5 does not offer constant time ECDSA sign operation.
The ECDSA peripheral before ESP32-H2 v1.2 does not offer constant time ECDSA sign operation.
This time can be observed through power profiling of the device,
making the ECDSA private key vulnerable to side-channel timing attacks.
This countermeasure masks the real ECDSA sign operation
under dummy sign operations to add randomness in the generated power signature.
It is highly recommended to also enable Secure Boot for the device in addition to this countermeasure
so that only trusted software can execute on the device.
This countermeasure can be safely disabled for ESP32-H2 v1.2 and above.
config MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM
bool "Make ECDSA signature operation pseudo constant time for software"
@@ -597,6 +597,7 @@ menu "mbedTLS"
of an arbitrary message.
The signature time would appear to be constant to the external entity after enabling
this option.
This countermeasure can be safely disabled for ESP32-H2 v1.2 and above.
endmenu

8
components/mbedtls/port/ecc/esp_ecc.c
View File

@@ -44,6 +44,14 @@ int esp_ecc_point_multiply(const ecc_point_t *point, const uint8_t *scalar, ecc_
ecc_hal_write_mul_param(scalar, point->x, point->y, len);
ecc_hal_set_mode(work_mode);
/*
* Enable constant-time point multiplication operations for the ECC hardware accelerator,
* if supported for the given target. This protects the ECC multiplication operation from
* timing attacks. This increases the time taken (by almost 50%) for some point
* multiplication operations performed by the ECC hardware accelerator.
*/
ecc_hal_enable_constant_time_point_mul(true);
ecc_hal_start_calc();
memset(result, 0, sizeof(ecc_point_t));

10
components/mbedtls/port/ecdsa/ecdsa_alt.c
View File

@@ -25,6 +25,8 @@
#if CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM
#include "esp_timer.h"
#include "soc/chip_revision.h"
#include "hal/efuse_hal.h"
#if CONFIG_ESP_CRYPTO_DPA_PROTECTION_LEVEL_HIGH
/*
@@ -316,9 +318,11 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s
#endif
ecdsa_hal_gen_signature(&conf, sha_le, r_le, s_le, len);
#if CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM
sig_time = esp_timer_get_time() - sig_time;
if (sig_time < ECDSA_CM_FIXED_SIG_TIME) {
esp_rom_delay_us(ECDSA_CM_FIXED_SIG_TIME - sig_time);
if (!ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102)) {
sig_time = esp_timer_get_time() - sig_time;
if (sig_time < ECDSA_CM_FIXED_SIG_TIME) {
esp_rom_delay_us(ECDSA_CM_FIXED_SIG_TIME - sig_time);
}
}
#endif
process_again = !ecdsa_hal_get_operation_result()

4
components/soc/esp32h2/include/soc/Kconfig.soc_caps.in
View File

@@ -1139,6 +1139,10 @@ config SOC_CRYPTO_DPA_PROTECTION_SUPPORTED
bool
default y
config SOC_ECC_CONSTANT_TIME_POINT_MUL
bool
default y
config SOC_ECDSA_USES_MPI
bool
default y

13
components/soc/esp32h2/include/soc/chip_rev.h Normal file
View File

@@ -0,0 +1,13 @@
/*
* SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
#include "soc/efuse_struct.h"
#define ESP_SOC_GET_CHIP_REV (EFUSE.rd_mac_sys_3.wafer_version_major * 100 + EFUSE.rd_mac_sys_3.wafer_version_minor)
#define REG_COMPATIBLE_ADDR(rev, before_addr, after_addr) ((ESP_SOC_GET_CHIP_REV >= (rev)) ? (after_addr) : (before_addr))

584
components/soc/esp32h2/include/soc/ecdsa_reg.h
View File

@@ -1,5 +1,5 @@
/**
* SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -7,208 +7,388 @@
#include <stdint.h>
#include "soc/soc.h"
#include "soc/chip_rev.h"
#ifdef __cplusplus
extern "C" {
#endif
/** ECDSA_CONF_REG register
* ECDSA configure register
*/
#define ECDSA_CONF_REG (DR_REG_ECDSA_BASE + 0x4)
/** ECDSA_WORK_MODE : R/W; bitpos: [0]; default: 0;
* The work mode bits of ECDSA Accelerator. 0: Signature Verify mode. 1: Signature
* Generate Mode.
*/
#define ECDSA_WORK_MODE (BIT(0))
#define ECDSA_WORK_MODE_M (ECDSA_WORK_MODE_V << ECDSA_WORK_MODE_S)
#define ECDSA_WORK_MODE_V 0x00000001U
#define ECDSA_WORK_MODE_S 0
/** ECDSA_ECC_CURVE : R/W; bitpos: [1]; default: 0;
* The ecc curve select bit of ECDSA Accelerator. 0: P-192. 1: P-256.
*/
#define ECDSA_ECC_CURVE (BIT(1))
#define ECDSA_ECC_CURVE_M (ECDSA_ECC_CURVE_V << ECDSA_ECC_CURVE_S)
#define ECDSA_ECC_CURVE_V 0x00000001U
#define ECDSA_ECC_CURVE_S 1
/** ECDSA_SOFTWARE_SET_K : R/W; bitpos: [2]; default: 0;
* The source of k select bit. 0: k is automatically generated by TRNG. 1: k is
* written by software.
*/
#define ECDSA_SOFTWARE_SET_K (BIT(2))
#define ECDSA_SOFTWARE_SET_K_M (ECDSA_SOFTWARE_SET_K_V << ECDSA_SOFTWARE_SET_K_S)
#define ECDSA_SOFTWARE_SET_K_V 0x00000001U
#define ECDSA_SOFTWARE_SET_K_S 2
/** ECDSA_SOFTWARE_SET_Z : R/W; bitpos: [3]; default: 0;
* The source of z select bit. 0: z is generated from SHA result. 1: z is written by
* software.
*/
#define ECDSA_SOFTWARE_SET_Z (BIT(3))
#define ECDSA_SOFTWARE_SET_Z_M (ECDSA_SOFTWARE_SET_Z_V << ECDSA_SOFTWARE_SET_Z_S)
#define ECDSA_SOFTWARE_SET_Z_V 0x00000001U
#define ECDSA_SOFTWARE_SET_Z_S 3
/** ECDSA_CLK_REG register
* ECDSA clock gate register
*/
#define ECDSA_CLK_REG (DR_REG_ECDSA_BASE + 0x8)
/** ECDSA_CLK_GATE_FORCE_ON : R/W; bitpos: [0]; default: 0;
* Write 1 to force on register clock gate.
*/
#define ECDSA_CLK_GATE_FORCE_ON (BIT(0))
#define ECDSA_CLK_GATE_FORCE_ON_M (ECDSA_CLK_GATE_FORCE_ON_V << ECDSA_CLK_GATE_FORCE_ON_S)
#define ECDSA_CLK_GATE_FORCE_ON_V 0x00000001U
#define ECDSA_CLK_GATE_FORCE_ON_S 0
/** ECDSA_INT_RAW_REG register
* ECDSA interrupt raw register, valid in level.
*/
#define ECDSA_INT_RAW_REG (DR_REG_ECDSA_BASE + 0xc)
/** ECDSA_CALC_DONE_INT_RAW : RO/WTC/SS; bitpos: [0]; default: 0;
* The raw interrupt status bit for the ecdsa_calc_done_int interrupt
*/
#define ECDSA_CALC_DONE_INT_RAW (BIT(0))
#define ECDSA_CALC_DONE_INT_RAW_M (ECDSA_CALC_DONE_INT_RAW_V << ECDSA_CALC_DONE_INT_RAW_S)
#define ECDSA_CALC_DONE_INT_RAW_V 0x00000001U
#define ECDSA_CALC_DONE_INT_RAW_S 0
/** ECDSA_SHA_RELEASE_INT_RAW : RO/WTC/SS; bitpos: [1]; default: 0;
* The raw interrupt status bit for the ecdsa_sha_release_int interrupt
*/
#define ECDSA_SHA_RELEASE_INT_RAW (BIT(1))
#define ECDSA_SHA_RELEASE_INT_RAW_M (ECDSA_SHA_RELEASE_INT_RAW_V << ECDSA_SHA_RELEASE_INT_RAW_S)
#define ECDSA_SHA_RELEASE_INT_RAW_V 0x00000001U
#define ECDSA_SHA_RELEASE_INT_RAW_S 1
/** ECDSA_INT_ST_REG register
* ECDSA interrupt status register.
*/
#define ECDSA_INT_ST_REG (DR_REG_ECDSA_BASE + 0x10)
/** ECDSA_CALC_DONE_INT_ST : RO; bitpos: [0]; default: 0;
* The masked interrupt status bit for the ecdsa_calc_done_int interrupt
*/
#define ECDSA_CALC_DONE_INT_ST (BIT(0))
#define ECDSA_CALC_DONE_INT_ST_M (ECDSA_CALC_DONE_INT_ST_V << ECDSA_CALC_DONE_INT_ST_S)
#define ECDSA_CALC_DONE_INT_ST_V 0x00000001U
#define ECDSA_CALC_DONE_INT_ST_S 0
/** ECDSA_SHA_RELEASE_INT_ST : RO; bitpos: [1]; default: 0;
* The masked interrupt status bit for the ecdsa_sha_release_int interrupt
*/
#define ECDSA_SHA_RELEASE_INT_ST (BIT(1))
#define ECDSA_SHA_RELEASE_INT_ST_M (ECDSA_SHA_RELEASE_INT_ST_V << ECDSA_SHA_RELEASE_INT_ST_S)
#define ECDSA_SHA_RELEASE_INT_ST_V 0x00000001U
#define ECDSA_SHA_RELEASE_INT_ST_S 1
/** ECDSA_INT_ENA_REG register
* ECDSA interrupt enable register.
*/
#define ECDSA_INT_ENA_REG (DR_REG_ECDSA_BASE + 0x14)
/** ECDSA_CALC_DONE_INT_ENA : R/W; bitpos: [0]; default: 0;
* The interrupt enable bit for the ecdsa_calc_done_int interrupt
*/
#define ECDSA_CALC_DONE_INT_ENA (BIT(0))
#define ECDSA_CALC_DONE_INT_ENA_M (ECDSA_CALC_DONE_INT_ENA_V << ECDSA_CALC_DONE_INT_ENA_S)
#define ECDSA_CALC_DONE_INT_ENA_V 0x00000001U
#define ECDSA_CALC_DONE_INT_ENA_S 0
/** ECDSA_SHA_RELEASE_INT_ENA : R/W; bitpos: [1]; default: 0;
* The interrupt enable bit for the ecdsa_sha_release_int interrupt
*/
#define ECDSA_SHA_RELEASE_INT_ENA (BIT(1))
#define ECDSA_SHA_RELEASE_INT_ENA_M (ECDSA_SHA_RELEASE_INT_ENA_V << ECDSA_SHA_RELEASE_INT_ENA_S)
#define ECDSA_SHA_RELEASE_INT_ENA_V 0x00000001U
#define ECDSA_SHA_RELEASE_INT_ENA_S 1
/** ECDSA_INT_CLR_REG register
* ECDSA interrupt clear register.
*/
#define ECDSA_INT_CLR_REG (DR_REG_ECDSA_BASE + 0x18)
/** ECDSA_CALC_DONE_INT_CLR : WT; bitpos: [0]; default: 0;
* Set this bit to clear the ecdsa_calc_done_int interrupt
*/
#define ECDSA_CALC_DONE_INT_CLR (BIT(0))
#define ECDSA_CALC_DONE_INT_CLR_M (ECDSA_CALC_DONE_INT_CLR_V << ECDSA_CALC_DONE_INT_CLR_S)
#define ECDSA_CALC_DONE_INT_CLR_V 0x00000001U
#define ECDSA_CALC_DONE_INT_CLR_S 0
/** ECDSA_SHA_RELEASE_INT_CLR : WT; bitpos: [1]; default: 0;
* Set this bit to clear the ecdsa_sha_release_int interrupt
*/
#define ECDSA_SHA_RELEASE_INT_CLR (BIT(1))
#define ECDSA_SHA_RELEASE_INT_CLR_M (ECDSA_SHA_RELEASE_INT_CLR_V << ECDSA_SHA_RELEASE_INT_CLR_S)
#define ECDSA_SHA_RELEASE_INT_CLR_V 0x00000001U
#define ECDSA_SHA_RELEASE_INT_CLR_S 1
/** ECDSA_START_REG register
* ECDSA start register
*/
#define ECDSA_START_REG (DR_REG_ECDSA_BASE + 0x1c)
/** ECDSA_START : WT; bitpos: [0]; default: 0;
* Write 1 to start caculation of ECDSA Accelerator. This bit will be self-cleared
* after configuration.
*/
#define ECDSA_START (BIT(0))
#define ECDSA_START_M (ECDSA_START_V << ECDSA_START_S)
#define ECDSA_START_V 0x00000001U
#define ECDSA_START_S 0
/** ECDSA_LOAD_DONE : WT; bitpos: [1]; default: 0;
* Write 1 to input load done signal of ECDSA Accelerator. This bit will be
* self-cleared after configuration.
*/
#define ECDSA_LOAD_DONE (BIT(1))
#define ECDSA_LOAD_DONE_M (ECDSA_LOAD_DONE_V << ECDSA_LOAD_DONE_S)
#define ECDSA_LOAD_DONE_V 0x00000001U
#define ECDSA_LOAD_DONE_S 1
/** ECDSA_GET_DONE : WT; bitpos: [2]; default: 0;
* Write 1 to input get done signal of ECDSA Accelerator. This bit will be
* self-cleared after configuration.
*/
#define ECDSA_GET_DONE (BIT(2))
#define ECDSA_GET_DONE_M (ECDSA_GET_DONE_V << ECDSA_GET_DONE_S)
#define ECDSA_GET_DONE_V 0x00000001U
#define ECDSA_GET_DONE_S 2
/** ECDSA_STATE_REG register
* ECDSA status register
*/
#define ECDSA_STATE_REG (DR_REG_ECDSA_BASE + 0x20)
/** ECDSA_BUSY : RO; bitpos: [1:0]; default: 0;
* The status bits of ECDSA Accelerator. ECDSA is at 0: IDLE, 1: LOAD, 2: GET, 3: BUSY
* state.
*/
#define ECDSA_BUSY 0x00000003U
#define ECDSA_BUSY_M (ECDSA_BUSY_V << ECDSA_BUSY_S)
#define ECDSA_BUSY_V 0x00000003U
#define ECDSA_BUSY_S 0
/** ECDSA_RESULT_REG register
* ECDSA result register
*/
#define ECDSA_RESULT_REG (DR_REG_ECDSA_BASE + 0x24)
/** ECDSA_OPERATION_RESULT : RO/SS; bitpos: [0]; default: 0;
* The operation result bit of ECDSA Accelerator, only valid when ECDSA calculation is
* done.
*/
#define ECDSA_OPERATION_RESULT (BIT(0))
#define ECDSA_OPERATION_RESULT_M (ECDSA_OPERATION_RESULT_V << ECDSA_OPERATION_RESULT_S)
#define ECDSA_OPERATION_RESULT_V 0x00000001U
#define ECDSA_OPERATION_RESULT_S 0
/** Version register */
/** ECDSA_DATE_REG register
* Version control register
* Version control
* register
*/
#define ECDSA_DATE_REG (DR_REG_ECDSA_BASE + 0xfc)
/** ECDSA_DATE : R/W; bitpos: [27:0]; default: 35684752;
* ECDSA version control register
/* ECDSA_DATE : R/W; bitpos: [28:0]; default: 35684752 (0x21FFB30) for rev 0.0;
* ECDSA_DATE : R/W; bitpos: [28:0]; default: 37761312 (0x2403120) for rev 1.2;
* ECDSA version control
* register
*/
#define ECDSA_DATE 0x0FFFFFFFU
#define ECDSA_DATE_M (ECDSA_DATE_V << ECDSA_DATE_S)
#define ECDSA_DATE_V 0x0FFFFFFFU
#define ECDSA_DATE_S 0
/**
* @brief Get the correct value of a field according to the register version
* @note ESP32-H2 v1.2 updated the register ECDSA_DATE_REG to a new version,
* At the same time the value of some registers was changed
* This macro can help to get the correct value of a field according to the register version
** @param old: the value of the field for the old version where DATE == 0x021FFB30 (rev 0.0)
* @param new: the value of the field for the new version where DATE == 0x2403120 (rev 1.2)
*/
#define ECDSA_REG_GET_OFFSET(old, new) (REG_GET_FIELD(ECDSA_DATE_REG, ECDSA_DATE) >= 0x02403120 ? (new) : (old))
/** Configuration registers */
/** ECDSA_CONF_REG register
* ECDSA configure
* register
*/
#define ECDSA_CONF_REG (DR_REG_ECDSA_BASE + 0x4)
/* ECDSA_WORK_MODE : R/W;
* bitpos: [0]; default: 0; for DATE == 0x21FFB30 (rev 0.0)
* bitpos: [1:0]; default: 0; for DATE == 0x2403120 (rev 1.2)
* The work mode bits of ECDSA Accelerator.
* 0: Signature Generate Mode.
* 1: Signature Verify Mode.
* 2: Export public key Mode. (only available for DATE == 0x2403120 (rev 1.2))
* 3: Invalid mode. (only available for DATE == 0x2403120 (rev 1.2))
*/
#define ECDSA_WORK_MODE ECDSA_REG_GET_OFFSET(BIT(0), 0x00000003U)
#define ECDSA_WORK_MODE_M (ECDSA_WORK_MODE_V << ECDSA_WORK_MODE_S)
#define ECDSA_WORK_MODE_V ECDSA_REG_GET_OFFSET(0x00000001U, 0x00000003U)
#define ECDSA_WORK_MODE_S 0
/* ECDSA_ECC_CURVE : R/W;
* bitpos: [1]; default: 0; for DATE == 0x21FFB30 (rev 0.0)
* bitpos: [2]; default: 0; for DATE == 0x2403120 (rev 1.2)
* The ecc curve select bit of ECDSA Accelerator.
* 0: P-192. 1: P-256.
*/
#define ECDSA_ECC_CURVE ECDSA_REG_GET_OFFSET(BIT(1), BIT(2))
#define ECDSA_ECC_CURVE_M (ECDSA_ECC_CURVE_V << ECDSA_ECC_CURVE_S)
#define ECDSA_ECC_CURVE_V 0x00000001U
#define ECDSA_ECC_CURVE_S ECDSA_REG_GET_OFFSET(1, 2)
/* ECDSA_SOFTWARE_SET_K : R/W; bitpos: [2]; default: 0;
* The source of k select bit. 0: k is automatically generated by TRNG. 1:
* k is written by
* software.
*/
#define ECDSA_SOFTWARE_SET_K ECDSA_REG_GET_OFFSET(BIT(2), BIT(3))
#define ECDSA_SOFTWARE_SET_K_M (ECDSA_SOFTWARE_SET_K_V << ECDSA_SOFTWARE_SET_K_S)
#define ECDSA_SOFTWARE_SET_K_V 0x00000001U
#define ECDSA_SOFTWARE_SET_K_S ECDSA_REG_GET_OFFSET(2, 3)
/* ECDSA_SOFTWARE_SET_Z : R/W; bitpos: [3]; default: 0;
* The source of z select bit. 0: z is generated from SHA result. 1: z is
* written by
* software.
*/
#define ECDSA_SOFTWARE_SET_Z ECDSA_REG_GET_OFFSET(BIT(3), BIT(4))
#define ECDSA_SOFTWARE_SET_Z_M (ECDSA_SOFTWARE_SET_Z_V << ECDSA_SOFTWARE_SET_Z_S)
#define ECDSA_SOFTWARE_SET_Z_V 0x00000001U
#define ECDSA_SOFTWARE_SET_Z_S ECDSA_REG_GET_OFFSET(3, 4)
/* ECDSA_K_DETERMINISTIC : R/W; bitpos: [5]; default: 0;
* The source of k select bit. 0: k is generated from TRNG. 1: k is
* written by
* software.
*/
#define ECDSA_DETERMINISTIC_K (BIT(5))
#define ECDSA_DETERMINISTIC_K_M (ECDSA_DETERMINISTIC_K_V << ECDSA_DETERMINISTIC_K_S)
#define ECDSA_DETERMINISTIC_K_V 0x00000001U
#define ECDSA_DETERMINISTIC_K_S 5
/** Clock and reset registers */
/** ECDSA_CLK_REG register
* ECDSA clock gate
* register
*/
#define ECDSA_CLK_REG (DR_REG_ECDSA_BASE + 0x8)
/* ECDSA_CLK_GATE_FORCE_ON : R/W; bitpos: [0]; default: 0;
* Write 1 to force on register clock
* gate.
*/
#define ECDSA_CLK_GATE_FORCE_ON (BIT(0))
#define ECDSA_CLK_GATE_FORCE_ON_M (ECDSA_CLK_GATE_FORCE_ON_V << ECDSA_CLK_GATE_FORCE_ON_S)
#define ECDSA_CLK_GATE_FORCE_ON_V 0x00000001U
#define ECDSA_CLK_GATE_FORCE_ON_S 0
/** Interrupt registers */
/** ECDSA_INT_RAW_REG register
* ECDSA interrupt raw register, valid in
* level.
*/
#define ECDSA_INT_RAW_REG (DR_REG_ECDSA_BASE + 0xc)
/* ECDSA_PREP_DONE_INT_RAW : RO/WTC/SS; bitpos: [0]; default: 0;
* The raw interrupt status bit for the ecdsa_prep_done_int
* interrupt
* This bit was named as ECDSA_CALC_DONE_INT_RAW in rev 0.0 and changed to ECDSA_PREP_DONE_INT_RAW in rev 1.2
* functionality is the same
*/
#define ECDSA_PREP_DONE_INT_RAW (BIT(0))
#define ECDSA_PREP_DONE_INT_RAW_M (ECDSA_PREP_DONE_INT_RAW_V << ECDSA_PREP_DONE_INT_RAW_S)
#define ECDSA_PREP_DONE_INT_RAW_V 0x00000001U
#define ECDSA_PREP_DONE_INT_RAW_S 0
/* ECDSA_PROC_DONE_INT_RAW : RO/WTC/SS; bitpos: [1]; default: 0;
* The raw interrupt status bit for the ecdsa_proc_done_int
* interrupt
* This bit is only available for DATE == 0x2403120 (rev 1.2)
*/
#define ECDSA_PROC_DONE_INT_RAW (BIT(1))
#define ECDSA_PROC_DONE_INT_RAW_M (ECDSA_PROC_DONE_INT_RAW_V << ECDSA_PROC_DONE_INT_RAW_S)
#define ECDSA_PROC_DONE_INT_RAW_V 0x00000001U
#define ECDSA_PROC_DONE_INT_RAW_S 1
/* ECDSA_POST_DONE_INT_RAW : RO/WTC/SS; bitpos: [2]; default: 0;
* The raw interrupt status bit for the ecdsa_post_done_int
* interrupt
* This bit is only available for DATE == 0x2403120 (rev 1.2)
*/
#define ECDSA_POST_DONE_INT_RAW (BIT(2))
#define ECDSA_POST_DONE_INT_RAW_M (ECDSA_POST_DONE_INT_RAW_V << ECDSA_POST_DONE_INT_RAW_S)
#define ECDSA_POST_DONE_INT_RAW_V 0x00000001U
#define ECDSA_POST_DONE_INT_RAW_S 2
/* ECDSA_SHA_RELEASE_INT_RAW : RO/WTC/SS; bitpos: [1]; default: 0;
* The raw interrupt status bit for the ecdsa_sha_release_int
* interrupt
* This bit is only available for DATE == 0x2403120 (rev 1.2)
*/
#define ECDSA_SHA_RELEASE_INT_RAW ECDSA_REG_GET_OFFSET(BIT(1), BIT(3))
#define ECDSA_SHA_RELEASE_INT_RAW_M (ECDSA_SHA_RELEASE_INT_RAW_V << ECDSA_SHA_RELEASE_INT_RAW_S)
#define ECDSA_SHA_RELEASE_INT_RAW_V 0x00000001U
#define ECDSA_SHA_RELEASE_INT_RAW_S ECDSA_REG_GET_OFFSET(1, 3)
/** ECDSA_INT_ST_REG register
* ECDSA interrupt status
* register.
*/
#define ECDSA_INT_ST_REG (DR_REG_ECDSA_BASE + 0x10)
/* ECDSA_PREP_DONE_INT_ST : RO; bitpos: [0]; default: 0;
* The masked interrupt status bit for the ecdsa_prep_done_int
* interrupt
* This bit was named as ECDSA_CALC_DONE_INT_ST in rev 0.0 and changed to ECDSA_PREP_DONE_INT_ST in rev 1.2
* functionality is the same
*/
#define ECDSA_PREP_DONE_INT_ST (BIT(0))
#define ECDSA_PREP_DONE_INT_ST_M (ECDSA_PREP_DONE_INT_ST_V << ECDSA_PREP_DONE_INT_ST_S)
#define ECDSA_PREP_DONE_INT_ST_V 0x00000001U
#define ECDSA_PREP_DONE_INT_ST_S 0
/* ECDSA_PROC_DONE_INT_ST : RO; bitpos: [1]; default: 0;
* The masked interrupt status bit for the ecdsa_proc_done_int
* interrupt
* This bit is only available for DATE == 0x2403120 (rev 1.2)
*/
#define ECDSA_PROC_DONE_INT_ST (BIT(1))
#define ECDSA_PROC_DONE_INT_ST_M (ECDSA_PROC_DONE_INT_ST_V << ECDSA_PROC_DONE_INT_ST_S)
#define ECDSA_PROC_DONE_INT_ST_V 0x00000001U
#define ECDSA_PROC_DONE_INT_ST_S 1
/* ECDSA_POST_DONE_INT_ST : RO; bitpos: [2]; default: 0;
* The masked interrupt status bit for the ecdsa_post_done_int
* interrupt
* This bit is only available for DATE == 0x2403120 (rev 1.2)
*/
#define ECDSA_POST_DONE_INT_ST (BIT(2))
#define ECDSA_POST_DONE_INT_ST_M (ECDSA_POST_DONE_INT_ST_V << ECDSA_POST_DONE_INT_ST_S)
#define ECDSA_POST_DONE_INT_ST_V 0x00000001U
#define ECDSA_POST_DONE_INT_ST_S 2
/* ECDSA_SHA_RELEASE_INT_ST : RO;
* bitpos: [1] for DATE == 0x21FFB30 (rev 0.0) ; default: 0;
* bitpos: [3] for DATE == 0x2403120 (rev 1.2) ; default: 0;
* The masked interrupt status bit for the ecdsa_sha_release_int
* interrupt
*/
#define ECDSA_SHA_RELEASE_INT_ST ECDSA_REG_GET_OFFSET(BIT(1), BIT(3))
#define ECDSA_SHA_RELEASE_INT_ST_M (ECDSA_SHA_RELEASE_INT_ST_V << ECDSA_SHA_RELEASE_INT_ST_S)
#define ECDSA_SHA_RELEASE_INT_ST_V 0x00000001U
#define ECDSA_SHA_RELEASE_INT_ST_S ECDSA_REG_GET_OFFSET(1, 3)
/** ECDSA_INT_ENA_REG register
* ECDSA interrupt enable
* register.
*/
#define ECDSA_INT_ENA_REG (DR_REG_ECDSA_BASE + 0x14)
/* ECDSA_PREP_DONE_INT_ENA : R/W; bitpos: [0]; default: 0;
* The interrupt enable bit for the ecdsa_prep_done_int
* interrupt
* This bit was named as ECDSA_CALC_DONE_INT_ENA in rev 0.0 and changed to ECDSA_PREP_DONE_INT_ENA in rev 1.2
* functionality is the same
*/
#define ECDSA_PREP_DONE_INT_ENA (BIT(0))
#define ECDSA_PREP_DONE_INT_ENA_M (ECDSA_PREP_DONE_INT_ENA_V << ECDSA_PREP_DONE_INT_ENA_S)
#define ECDSA_PREP_DONE_INT_ENA_V 0x00000001U
#define ECDSA_PREP_DONE_INT_ENA_S 0
/* ECDSA_PROC_DONE_INT_ENA : R/W; bitpos: [1]; default: 0;
* The interrupt enable bit for the ecdsa_proc_done_int
* interrupt
* This bit is only available for DATE == 0x2403120 (rev 1.2)
*/
#define ECDSA_PROC_DONE_INT_ENA (BIT(1))
#define ECDSA_PROC_DONE_INT_ENA_M (ECDSA_PROC_DONE_INT_ENA_V << ECDSA_PROC_DONE_INT_ENA_S)
#define ECDSA_PROC_DONE_INT_ENA_V 0x00000001U
#define ECDSA_PROC_DONE_INT_ENA_S 1
/* ECDSA_POST_DONE_INT_ENA : R/W; bitpos: [2]; default: 0;
* The interrupt enable bit for the ecdsa_post_done_int
* interrupt
* This bit is only available for DATE == 0x2403120 (rev 1.2)
*/
#define ECDSA_POST_DONE_INT_ENA (BIT(2))
#define ECDSA_POST_DONE_INT_ENA_M (ECDSA_POST_DONE_INT_ENA_V << ECDSA_POST_DONE_INT_ENA_S)
#define ECDSA_POST_DONE_INT_ENA_V 0x00000001U
#define ECDSA_POST_DONE_INT_ENA_S 2
/* ECDSA_SHA_RELEASE_INT_ENA : R/W;
* bitpos: [1] for DATE == 0x21FFB30 (rev 0.0); default: 0;
* bitpos: [3] for DATE == 0x2403120 (rev 1.2); default: 0;
* The interrupt enable bit for the ecdsa_sha_release_int
* interrupt
*/
#define ECDSA_SHA_RELEASE_INT_ENA (ECDSA_REG_GET_OFFSET(BIT(1), BIT(3)))
#define ECDSA_SHA_RELEASE_INT_ENA_M (ECDSA_SHA_RELEASE_INT_ENA_V << ECDSA_SHA_RELEASE_INT_ENA_S)
#define ECDSA_SHA_RELEASE_INT_ENA_V 0x00000001U
#define ECDSA_SHA_RELEASE_INT_ENA_S (ECDSA_REG_GET_OFFSET(1, 3))
/** ECDSA_INT_CLR_REG register
* ECDSA interrupt clear
* register.
*/
#define ECDSA_INT_CLR_REG (DR_REG_ECDSA_BASE + 0x18)
/* ECDSA_PREP_DONE_INT_CLR : WT; bitpos: [0]; default: 0;
* Set this bit to clear the ecdsa_prep_done_int interrupt
* This bit was named as ECDSA_CALC_DONE_INT_CLR in rev 0.0 and changed to ECDSA_PREP_DONE_INT_CLR in rev 1.2
* functionality is the same
*/
#define ECDSA_PREP_DONE_INT_CLR (BIT(0))
#define ECDSA_PREP_DONE_INT_CLR_M (ECDSA_PREP_DONE_INT_CLR_V << ECDSA_PREP_DONE_INT_CLR_S)
#define ECDSA_PREP_DONE_INT_CLR_V 0x00000001U
#define ECDSA_PREP_DONE_INT_CLR_S 0
#define ECDSA_PROC_DONE_INT_CLR (BIT(1))
#define ECDSA_PROC_DONE_INT_CLR_M (ECDSA_PROC_DONE_INT_CLR_V << ECDSA_PROC_DONE_INT_CLR_S)
#define ECDSA_PROC_DONE_INT_CLR_V 0x00000001U
#define ECDSA_PROC_DONE_INT_CLR_S 1
/* This bit is only available for DATE == 0x2403120 (rev 1.2)
* ECDSA_POST_DONE_INT_CLR : WT; bitpos: [2]; default: 0;
* Set this bit to clear the ecdsa_post_done_int interrupt
*/
#define ECDSA_POST_DONE_INT_CLR (BIT(2))
#define ECDSA_POST_DONE_INT_CLR_M (ECDSA_POST_DONE_INT_CLR_V << ECDSA_POST_DONE_INT_CLR_S)
#define ECDSA_POST_DONE_INT_CLR_V 0x00000001U
#define ECDSA_POST_DONE_INT_CLR_S 2
/* ECDSA_SHA_RELEASE_INT_CLR : WT;
* bitpos: [1] for DATE == 0x21FFB30 (rev 0.0); default: 0;
* bitpos: [3] for DATE == 0x2403120 (rev 1.2); default: 0;
* Set this bit to clear the ecdsa_sha_release_int
* interrupt
*/
#define ECDSA_SHA_RELEASE_INT_CLR (ECDSA_REG_GET_OFFSET(BIT(1), BIT(3)))
#define ECDSA_SHA_RELEASE_INT_CLR_M (ECDSA_SHA_RELEASE_INT_CLR_V << ECDSA_SHA_RELEASE_INT_CLR_S)
#define ECDSA_SHA_RELEASE_INT_CLR_V 0x00000001U
#define ECDSA_SHA_RELEASE_INT_CLR_S (ECDSA_REG_GET_OFFSET(1, 3))
/** ECDSA_START_REG register
* ECDSA start
* register
*/
#define ECDSA_START_REG (DR_REG_ECDSA_BASE + 0x1c)
/* ECDSA_START : WT; bitpos: [0]; default: 0;
* Write 1 to start calculation of ECDSA Accelerator. This bit will be
* self-cleared after
* configuration.
*/
#define ECDSA_START (BIT(0))
#define ECDSA_START_M (ECDSA_START_V << ECDSA_START_S)
#define ECDSA_START_V 0x00000001U
#define ECDSA_START_S 0
/* ECDSA_LOAD_DONE : WT; bitpos: [1]; default: 0;
* Write 1 to input load done signal of ECDSA Accelerator. This bit will
* be self-cleared after
* configuration.
*/
#define ECDSA_LOAD_DONE (BIT(1))
#define ECDSA_LOAD_DONE_M (ECDSA_LOAD_DONE_V << ECDSA_LOAD_DONE_S)
#define ECDSA_LOAD_DONE_V 0x00000001U
#define ECDSA_LOAD_DONE_S 1
/* ECDSA_GET_DONE : WT; bitpos: [2]; default: 0;
* Write 1 to input get done signal of ECDSA Accelerator. This bit will be
* self-cleared after
* configuration.
*/
#define ECDSA_GET_DONE (BIT(2))
#define ECDSA_GET_DONE_M (ECDSA_GET_DONE_V << ECDSA_GET_DONE_S)
#define ECDSA_GET_DONE_V 0x00000001U
#define ECDSA_GET_DONE_S 2
/** Status registers */
/** ECDSA_STATE_REG register
* ECDSA status
* register
*/
#define ECDSA_STATE_REG (DR_REG_ECDSA_BASE + 0x20)
/* ECDSA_BUSY : RO; bitpos: [2:0]; default: 0;
* The status bits of ECDSA Accelerator. ECDSA is at 0: IDLE, 1: LOAD, 2:
* GET, 3: BUSY
* state.
*/
#define ECDSA_BUSY 0x00000003U
#define ECDSA_BUSY_M (ECDSA_BUSY_V << ECDSA_BUSY_S)
#define ECDSA_BUSY_V 0x00000003U
#define ECDSA_BUSY_S 0
/** Result registers */
/** ECDSA_RESULT_REG register
* ECDSA result
* register
*/
#define ECDSA_RESULT_REG (DR_REG_ECDSA_BASE + 0x24)
/* ECDSA_OPERATION_RESULT : RO/SS; bitpos: [0]; default: 0;
* The operation result bit of ECDSA Accelerator, only valid when ECDSA
* calculation is
* done.
*/
#define ECDSA_OPERATION_RESULT (BIT(0))
#define ECDSA_OPERATION_RESULT_M (ECDSA_OPERATION_RESULT_V << ECDSA_OPERATION_RESULT_S)
#define ECDSA_OPERATION_RESULT_V 0x00000001U
#define ECDSA_OPERATION_RESULT_S 0
/** SHA register */
/** ECDSA_SHA_MODE_REG register
* ECDSA control SHA register
* ECDSA control SHA
* register
*/
#define ECDSA_SHA_MODE_REG (DR_REG_ECDSA_BASE + 0x200)
/** ECDSA_SHA_MODE : R/W; bitpos: [2:0]; default: 0;
* The work mode bits of SHA Calculator in ECDSA Accelerator. 1: SHA-224. 2: SHA-256.
* Others: invalid.
/* ECDSA_SHA_MODE : R/W; bitpos: [3:0]; default: 0;
* The work mode bits of SHA Calculator in ECDSA Accelerator. 1: SHA-224.
* 2: SHA-256. Others:
* invalid.
*/
#define ECDSA_SHA_MODE 0x00000007U
#define ECDSA_SHA_MODE_M (ECDSA_SHA_MODE_V << ECDSA_SHA_MODE_S)
@@ -216,7 +396,8 @@ extern "C" {
#define ECDSA_SHA_MODE_S 0
/** ECDSA_SHA_START_REG register
* ECDSA control SHA register
* ECDSA control SHA
* register
*/
#define ECDSA_SHA_START_REG (DR_REG_ECDSA_BASE + 0x210)
/** ECDSA_SHA_START : WT; bitpos: [0]; default: 0;
@@ -229,12 +410,14 @@ extern "C" {
#define ECDSA_SHA_START_S 0
/** ECDSA_SHA_CONTINUE_REG register
* ECDSA control SHA register
* ECDSA control SHA
* register
*/
#define ECDSA_SHA_CONTINUE_REG (DR_REG_ECDSA_BASE + 0x214)
/** ECDSA_SHA_CONTINUE : WT; bitpos: [0]; default: 0;
* Write 1 to start the latter caculation of SHA Calculator in ECDSA Accelerator. This
* bit will be self-cleared after configuration.
/* ECDSA_SHA_CONTINUE : WT; bitpos: [0]; default: 0;
* Write 1 to start the latter calculation of SHA Calculator in ECDSA
* Accelerator. This bit will be self-cleared after
* configuration.
*/
#define ECDSA_SHA_CONTINUE (BIT(0))
#define ECDSA_SHA_CONTINUE_M (ECDSA_SHA_CONTINUE_V << ECDSA_SHA_CONTINUE_S)
@@ -242,18 +425,21 @@ extern "C" {
#define ECDSA_SHA_CONTINUE_S 0
/** ECDSA_SHA_BUSY_REG register
* ECDSA status register
* ECDSA status
* register
*/
#define ECDSA_SHA_BUSY_REG (DR_REG_ECDSA_BASE + 0x218)
/** ECDSA_SHA_BUSY : RO; bitpos: [0]; default: 0;
* The busy status bit of SHA Calculator in ECDSA Accelerator. 1:SHA is in
* calculation. 0: SHA is idle.
/* ECDSA_SHA_BUSY : RO; bitpos: [0]; default: 0;
* The busy status bit of SHA Calculator in ECDSA Accelerator. 1:SHA is in
* calculation. 0: SHA is
* idle.
*/
#define ECDSA_SHA_BUSY (BIT(0))
#define ECDSA_SHA_BUSY_M (ECDSA_SHA_BUSY_V << ECDSA_SHA_BUSY_S)
#define ECDSA_SHA_BUSY_V 0x00000001U
#define ECDSA_SHA_BUSY_S 0
/** ECDSA_MESSAGE_MEM register
* The memory that stores message.
*/
@@ -263,31 +449,31 @@ extern "C" {
/** ECDSA_R_MEM register
* The memory that stores r.
*/
#define ECDSA_R_MEM (DR_REG_ECDSA_BASE + 0xa00)
#define ECDSA_R_MEM (DR_REG_ECDSA_BASE + REG_COMPATIBLE_ADDR(102, 0xa00, 0x340))
#define ECDSA_R_MEM_SIZE_BYTES 32
/** ECDSA_S_MEM register
* The memory that stores s.
*/
#define ECDSA_S_MEM (DR_REG_ECDSA_BASE + 0xa20)
#define ECDSA_S_MEM (DR_REG_ECDSA_BASE + REG_COMPATIBLE_ADDR(102, 0xa20, 0x360))
#define ECDSA_S_MEM_SIZE_BYTES 32
/** ECDSA_Z_MEM register
* The memory that stores software written z.
*/
#define ECDSA_Z_MEM (DR_REG_ECDSA_BASE + 0xa40)
#define ECDSA_Z_MEM (DR_REG_ECDSA_BASE + REG_COMPATIBLE_ADDR(102, 0xa40, 0x380))
#define ECDSA_Z_MEM_SIZE_BYTES 32
/** ECDSA_QAX_MEM register
* The memory that stores x coordinates of QA or software written k.
*/
#define ECDSA_QAX_MEM (DR_REG_ECDSA_BASE + 0xa60)
#define ECDSA_QAX_MEM (DR_REG_ECDSA_BASE + REG_COMPATIBLE_ADDR(102, 0xa60, 0x3a0))
#define ECDSA_QAX_MEM_SIZE_BYTES 32
/** ECDSA_QAY_MEM register
* The memory that stores y coordinates of QA.
*/
#define ECDSA_QAY_MEM (DR_REG_ECDSA_BASE + 0xa80)
#define ECDSA_QAY_MEM (DR_REG_ECDSA_BASE + REG_COMPATIBLE_ADDR(102, 0xa80, 0x3c0))
#define ECDSA_QAY_MEM_SIZE_BYTES 32
#ifdef __cplusplus

321
components/soc/esp32h2/include/soc/ecdsa_rev_0_0_struct.h Normal file
View File

@@ -0,0 +1,321 @@
/**
* SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
#include <stdint.h>
#ifdef __cplusplus
extern "C" {
#endif
/** Group: Data Memory */
/** Group: Configuration registers */
/** Type of conf register
* ECDSA configure register
*/
typedef union {
struct {
/** work_mode : R/W; bitpos: [0]; default: 0;
* The work mode bits of ECDSA Accelerator. 0: Signature Verify Mode. 1: Signature
* Generate Mode.
*/
uint32_t work_mode:1;
/** ecc_curve : R/W; bitpos: [1]; default: 0;
* The ecc curve select bit of ECDSA Accelerator. 0: P-192. 1: P-256.
*/
uint32_t ecc_curve:1;
/** software_set_k : R/W; bitpos: [2]; default: 0;
* The source of k select bit. 0: k is automatically generated by TRNG. 1: k is
* written by software.
*/
uint32_t software_set_k:1;
/** software_set_z : R/W; bitpos: [3]; default: 0;
* The source of z select bit. 0: z is generated from SHA result. 1: z is written by
* software.
*/
uint32_t software_set_z:1;
uint32_t reserved_4:28;
};
uint32_t val;
} ecdsa_rev_0_0_conf_reg_t;
/** Type of start register
* ECDSA start register
*/
typedef union {
struct {
/** start : WT; bitpos: [0]; default: 0;
* Write 1 to start caculation of ECDSA Accelerator. This bit will be self-cleared
* after configuration.
*/
uint32_t start:1;
/** load_done : WT; bitpos: [1]; default: 0;
* Write 1 to input load done signal of ECDSA Accelerator. This bit will be
* self-cleared after configuration.
*/
uint32_t load_done:1;
/** get_done : WT; bitpos: [2]; default: 0;
* Write 1 to input get done signal of ECDSA Accelerator. This bit will be
* self-cleared after configuration.
*/
uint32_t get_done:1;
uint32_t reserved_3:29;
};
uint32_t val;
} ecdsa_rev_0_0_start_reg_t;
/** Group: Clock and reset registers */
/** Type of clk register
* ECDSA clock gate register
*/
typedef union {
struct {
/** clk_gate_force_on : R/W; bitpos: [0]; default: 0;
* Write 1 to force on register clock gate.
*/
uint32_t clk_gate_force_on:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_rev_0_0_clk_reg_t;
/** Group: Interrupt registers */
/** Type of int_raw register
* ECDSA interrupt raw register, valid in level.
*/
typedef union {
struct {
/** calc_done_int_raw : RO/WTC/SS; bitpos: [0]; default: 0;
* The raw interrupt status bit for the ecdsa_calc_done_int interrupt
*/
uint32_t calc_done_int_raw:1;
/** sha_release_int_raw : RO/WTC/SS; bitpos: [1]; default: 0;
* The raw interrupt status bit for the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_raw:1;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_rev_0_0_int_raw_reg_t;
/** Type of int_st register
* ECDSA interrupt status register.
*/
typedef union {
struct {
/** calc_done_int_st : RO; bitpos: [0]; default: 0;
* The masked interrupt status bit for the ecdsa_calc_done_int interrupt
*/
uint32_t calc_done_int_st:1;
/** sha_release_int_st : RO; bitpos: [1]; default: 0;
* The masked interrupt status bit for the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_st:1;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_rev_0_0_int_st_reg_t;
/** Type of int_ena register
* ECDSA interrupt enable register.
*/
typedef union {
struct {
/** calc_done_int_ena : R/W; bitpos: [0]; default: 0;
* The interrupt enable bit for the ecdsa_calc_done_int interrupt
*/
uint32_t calc_done_int_ena:1;
/** sha_release_int_ena : R/W; bitpos: [1]; default: 0;
* The interrupt enable bit for the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_ena:1;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_rev_0_0_int_ena_reg_t;
/** Type of int_clr register
* ECDSA interrupt clear register.
*/
typedef union {
struct {
/** calc_done_int_clr : WT; bitpos: [0]; default: 0;
* Set this bit to clear the ecdsa_calc_done_int interrupt
*/
uint32_t calc_done_int_clr:1;
/** sha_release_int_clr : WT; bitpos: [1]; default: 0;
* Set this bit to clear the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_clr:1;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_rev_0_0_int_clr_reg_t;
/** Group: Status registers */
/** Type of state register
* ECDSA status register
*/
typedef union {
struct {
/** busy : RO; bitpos: [1:0]; default: 0;
* The status bits of ECDSA Accelerator. ECDSA is at 0: IDLE, 1: LOAD, 2: GET, 3: BUSY
* state.
*/
uint32_t busy:2;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_rev_0_0_state_reg_t;
/** Group: Result registers */
/** Type of result register
* ECDSA result register
*/
typedef union {
struct {
/** operation_result : RO/SS; bitpos: [0]; default: 0;
* The operation result bit of ECDSA Accelerator, only valid when ECDSA calculation is
* done.
*/
uint32_t operation_result:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_rev_0_0_result_reg_t;
/** Group: SHA register */
/** Type of sha_mode register
* ECDSA control SHA register
*/
typedef union {
struct {
/** sha_mode : R/W; bitpos: [2:0]; default: 0;
* The work mode bits of SHA Calculator in ECDSA Accelerator. 1: SHA-224. 2: SHA-256.
* Others: invalid.
*/
uint32_t sha_mode:3;
uint32_t reserved_3:29;
};
uint32_t val;
} ecdsa_rev_0_0_sha_mode_reg_t;
/** Type of sha_start register
* ECDSA control SHA register
*/
typedef union {
struct {
/** sha_start : WT; bitpos: [0]; default: 0;
* Write 1 to start the first caculation of SHA Calculator in ECDSA Accelerator. This
* bit will be self-cleared after configuration.
*/
uint32_t sha_start:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_rev_0_0_sha_start_reg_t;
/** Type of sha_continue register
* ECDSA control SHA register
*/
typedef union {
struct {
/** sha_continue : WT; bitpos: [0]; default: 0;
* Write 1 to start the latter caculation of SHA Calculator in ECDSA Accelerator. This
* bit will be self-cleared after configuration.
*/
uint32_t sha_continue:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_rev_0_0_sha_continue_reg_t;
/** Type of sha_busy register
* ECDSA status register
*/
typedef union {
struct {
/** sha_busy : RO; bitpos: [0]; default: 0;
* The busy status bit of SHA Calculator in ECDSA Accelerator. 1:SHA is in
* calculation. 0: SHA is idle.
*/
uint32_t sha_busy:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_rev_0_0_sha_busy_reg_t;
/** Group: Version register */
/** Type of date register
* Version control register
*/
typedef union {
struct {
/** date : R/W; bitpos: [27:0]; default: 35684752;
* ECDSA version control register
*/
uint32_t ecdsa_date:28;
uint32_t reserved_28:4;
};
uint32_t val;
} ecdsa_rev_0_0_date_reg_t;
/**
* ECDSA message register
*/
typedef struct {
volatile uint32_t message[8];
} ecdsa_rev_0_0_message_reg_t;
/**
* ECDSA memory register
*/
typedef struct {
volatile uint32_t r[8];
volatile uint32_t s[8];
volatile uint32_t z[8];
volatile uint32_t qax[8];
volatile uint32_t qay[8];
} ecdsa_rev_0_0_mem_reg_t;
typedef struct {
uint32_t reserved_000;
volatile ecdsa_rev_0_0_conf_reg_t conf;
volatile ecdsa_rev_0_0_clk_reg_t clk;
volatile ecdsa_rev_0_0_int_raw_reg_t int_raw;
volatile ecdsa_rev_0_0_int_st_reg_t int_st;
volatile ecdsa_rev_0_0_int_ena_reg_t int_ena;
volatile ecdsa_rev_0_0_int_clr_reg_t int_clr;
volatile ecdsa_rev_0_0_start_reg_t start;
volatile ecdsa_rev_0_0_state_reg_t state;
volatile ecdsa_rev_0_0_result_reg_t result;
uint32_t reserved_028[53];
volatile ecdsa_rev_0_0_date_reg_t date;
uint32_t reserved_100[64];
volatile ecdsa_rev_0_0_sha_mode_reg_t sha_mode;
uint32_t reserved_204[3];
volatile ecdsa_rev_0_0_sha_start_reg_t sha_start;
volatile ecdsa_rev_0_0_sha_continue_reg_t sha_continue;
volatile ecdsa_rev_0_0_sha_busy_reg_t sha_busy;
uint32_t reserved_21c[25];
volatile ecdsa_rev_0_0_message_reg_t message;
uint32_t reserved_2a0[472];
volatile ecdsa_rev_0_0_mem_reg_t mem;
} ecdsa_dev_rev_0_0_t;
#ifndef __cplusplus
_Static_assert(sizeof(ecdsa_dev_rev_0_0_t) == 0xaa0, "Invalid size of ecdsa_dev_rev_0_0_t structure");
#endif
#ifdef __cplusplus
}
#endif

368
components/soc/esp32h2/include/soc/ecdsa_rev_1_2_struct.h Normal file
View File

@@ -0,0 +1,368 @@
/**
* SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
#include <stdint.h>
#ifdef __cplusplus
extern "C" {
#endif
/** Group: Data Memory */
/** Group: Configuration registers */
/** Type of conf register
* ECDSA configure register
*/
typedef union {
struct {
/** work_mode : R/W; bitpos: [1:0]; default: 0;
* The work mode bits of ECDSA Accelerator.
* 0: Signature Verify Mode.
* 1: Signature Generate Mode.
* 2: Export Public Key Mode.
* 3: invalid.
*/
uint32_t work_mode:2;
/** ecc_curve : R/W; bitpos: [2]; default: 0;
* The ecc curve select bit of ECDSA Accelerator. 0: P-192. 1: P-256.
*/
uint32_t ecc_curve:1;
/** software_set_k : R/W; bitpos: [3]; default: 0;
* The source of k select bit. 0: k is automatically generated by TRNG. 1: k is
* written by software.
*/
uint32_t software_set_k:1;
/** software_set_z : R/W; bitpos: [4]; default: 0;
* The source of z select bit. 0: z is generated from SHA result. 1: z is written by
* software.
*/
uint32_t software_set_z:1;
/** ecdsa_deterministic_k : R/W; bitpos: [5]; default: 0;
* The source of hardware generated k. 0: k is generated by TRNG. 1: k is generated by
* deterministic derivation algorithm.
*/
uint32_t ecdsa_deterministic_k:1;
uint32_t reserved_6:26;
};
uint32_t val;
} ecdsa_conf_reg_t;
/** Type of start register
* ECDSA start register
*/
typedef union {
struct {
/** start : WT; bitpos: [0]; default: 0;
* Write 1 to start calculation of ECDSA Accelerator. This bit will be self-cleared
* after configuration.
*/
uint32_t start:1;
/** load_done : WT; bitpos: [1]; default: 0;
* Write 1 to input load done signal of ECDSA Accelerator. This bit will be
* self-cleared after configuration.
*/
uint32_t load_done:1;
/** get_done : WT; bitpos: [2]; default: 0;
* Write 1 to input get done signal of ECDSA Accelerator. This bit will be
* self-cleared after configuration.
*/
uint32_t get_done:1;
uint32_t reserved_3:29;
};
uint32_t val;
} ecdsa_start_reg_t;
/** Group: Clock and reset registers */
/** Type of clk register
* ECDSA clock gate register
*/
typedef union {
struct {
/** clk_gate_force_on : R/W; bitpos: [0]; default: 0;
* Write 1 to force on register clock gate.
*/
uint32_t clk_gate_force_on:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_clk_reg_t;
/** Group: Interrupt registers */
/** Type of int_raw register
* ECDSA interrupt raw register, valid in level.
*/
typedef union {
struct {
/** prep_done_int_raw : RO/WTC/SS; bitpos: [0]; default: 0;
* The raw interrupt status bit for the ecdsa_prep_done_int interrupt
*/
uint32_t prep_done_int_raw:1;
/** proc_done_int_raw : RO/WTC/SS; bitpos: [1]; default: 0;
* The raw interrupt status bit for the ecdsa_proc_done_int interrupt
*/
uint32_t proc_done_int_raw:1;
/** post_done_int_raw : RO/WTC/SS; bitpos: [2]; default: 0;
* The raw interrupt status bit for the ecdsa_post_done_int interrupt
*/
uint32_t post_done_int_raw:1;
/** sha_release_int_raw : RO/WTC/SS; bitpos: [3]; default: 0;
* The raw interrupt status bit for the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_raw:1;
uint32_t reserved_4:28;
};
uint32_t val;
} ecdsa_int_raw_reg_t;
/** Type of int_st register
* ECDSA interrupt status register.
*/
typedef union {
struct {
/** prep_done_int_st : RO; bitpos: [0]; default: 0;
* The masked interrupt status bit for the ecdsa_prep_done_int interrupt
*/
uint32_t prep_done_int_st:1;
/** proc_done_int_st : RO; bitpos: [1]; default: 0;
* The masked interrupt status bit for the ecdsa_proc_done_int interrupt
*/
uint32_t proc_done_int_st:1;
/** post_done_int_st : RO; bitpos: [2]; default: 0;
* The masked interrupt status bit for the ecdsa_post_done_int interrupt
*/
uint32_t post_done_int_st:1;
/** sha_release_int_st : RO; bitpos: [3]; default: 0;
* The masked interrupt status bit for the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_st:1;
uint32_t reserved_4:28;
};
uint32_t val;
} ecdsa_int_st_reg_t;
/** Type of int_ena register
* ECDSA interrupt enable register.
*/
typedef union {
struct {
/** prep_done_int_ena : R/W; bitpos: [0]; default: 0;
* The interrupt enable bit for the ecdsa_prep_done_int interrupt
*/
uint32_t prep_done_int_ena:1;
/** sha_release_int_ena : R/W; bitpos: [1]; default: 0;
* The interrupt enable bit for the ecdsa_sha_release_int interrupt
*/
uint32_t proc_done_int_ena:1;
/** post_done_int_ena : R/W; bitpos: [2]; default: 0;
* The interrupt enable bit for the ecdsa_post_done_int interrupt
*/
uint32_t post_done_int_ena:1;
/** sha_release_int_ena : R/W; bitpos: [3]; default: 0;
* The interrupt enable bit for the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_ena:1;
uint32_t reserved_4:28;
};
uint32_t val;
} ecdsa_int_ena_reg_t;
/** Type of int_clr register
* ECDSA interrupt clear register.
*/
typedef union {
struct {
/** prep_done_int_clr : WT; bitpos: [0]; default: 0;
* Set this bit to clear the ecdsa_prep_done_int interrupt
*/
uint32_t prep_done_int_clr:1;
/** proc_done_int_clr : WT; bitpos: [1]; default: 0;
* Set this bit to clear the ecdsa_proc_done_int interrupt
*/
uint32_t proc_done_int_clr:1;
/** post_done_int_clr : WT; bitpos: [2]; default: 0;
* Set this bit to clear the ecdsa_post_done_int interrupt
*/
uint32_t post_done_int_clr:1;
/** sha_release_int_clr : WT; bitpos: [3]; default: 0;
* Set this bit to clear the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_clr:1;
uint32_t reserved_4:28;
};
uint32_t val;
} ecdsa_int_clr_reg_t;
/** Group: Status registers */
/** Type of state register
* ECDSA status register
*/
typedef union {
struct {
/** busy : RO; bitpos: [1:0]; default: 0;
* The status bits of ECDSA Accelerator. ECDSA is at 0: IDLE, 1: LOAD, 2: GET, 3: BUSY
* state.
*/
uint32_t busy:2;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_state_reg_t;
/** Group: Result registers */
/** Type of result register
* ECDSA result register
*/
typedef union {
struct {
/** operation_result : RO/SS; bitpos: [0]; default: 0;
* The operation result bit of ECDSA Accelerator, only valid when ECDSA calculation is
* done.
*/
uint32_t operation_result:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_result_reg_t;
/** Group: SHA register */
/** Type of sha_mode register
* ECDSA control SHA register
*/
typedef union {
struct {
/** sha_mode : R/W; bitpos: [2:0]; default: 0;
* The work mode bits of SHA Calculator in ECDSA Accelerator. 1: SHA-224. 2: SHA-256.
* Others: invalid.
*/
uint32_t sha_mode:3;
uint32_t reserved_3:29;
};
uint32_t val;
} ecdsa_sha_mode_reg_t;
/** Type of sha_start register
* ECDSA control SHA register
*/
typedef union {
struct {
/** sha_start : WT; bitpos: [0]; default: 0;
* Write 1 to start the first calculation of SHA Calculator in ECDSA Accelerator. This
* bit will be self-cleared after configuration.
*/
uint32_t sha_start:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_sha_start_reg_t;
/** Type of sha_continue register
* ECDSA control SHA register
*/
typedef union {
struct {
/** sha_continue : WT; bitpos: [0]; default: 0;
* Write 1 to start the latter calculation of SHA Calculator in ECDSA Accelerator. This
* bit will be self-cleared after configuration.
*/
uint32_t sha_continue:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_sha_continue_reg_t;
/** Type of sha_busy register
* ECDSA status register
*/
typedef union {
struct {
/** sha_busy : RO; bitpos: [0]; default: 0;
* The busy status bit of SHA Calculator in ECDSA Accelerator. 1:SHA is in
* calculation. 0: SHA is idle.
*/
uint32_t sha_busy:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_sha_busy_reg_t;
/** Group: Version register */
/** Type of date register
* Version control register
*/
typedef union {
struct {
/** ECDSA_DATE : R/W; bitpos: [27:0]; default: 37761312;
* ECDSA version control register
*/
uint32_t ecdsa_date:28;
uint32_t reserved_28:4;
};
uint32_t val;
} ecdsa_date_reg_t;
/**
* ECDSA message register
*/
typedef struct {
volatile uint32_t message[8];
} ecdsa_message_reg_t;
/**
* ECDSA memory register
*/
typedef struct {
volatile uint32_t r[8];
volatile uint32_t s[8];
volatile uint32_t z[8];
volatile uint32_t qax[8];
volatile uint32_t qay[8];
} ecdsa_mem_reg_t;
typedef struct {
uint32_t reserved_000;
volatile ecdsa_conf_reg_t conf;
volatile ecdsa_clk_reg_t clk;
volatile ecdsa_int_raw_reg_t int_raw;
volatile ecdsa_int_st_reg_t int_st;
volatile ecdsa_int_ena_reg_t int_ena;
volatile ecdsa_int_clr_reg_t int_clr;
volatile ecdsa_start_reg_t start;
volatile ecdsa_state_reg_t state;
volatile ecdsa_result_reg_t result;
uint32_t reserved_028[53];
volatile ecdsa_date_reg_t date;
uint32_t reserved_100[64];
volatile ecdsa_sha_mode_reg_t sha_mode;
uint32_t reserved_204[3];
volatile ecdsa_sha_start_reg_t sha_start;
volatile ecdsa_sha_continue_reg_t sha_continue;
volatile ecdsa_sha_busy_reg_t sha_busy;
uint32_t reserved_21c[25];
volatile ecdsa_message_reg_t message;
uint32_t reserved_2a0[40];
volatile ecdsa_mem_reg_t mem;
uint32_t reserved_300[432];
} ecdsa_dev_rev_1_2_t;
#ifndef __cplusplus
_Static_assert(sizeof(ecdsa_dev_rev_1_2_t) == 0xaa0, "Invalid size of ecdsa_dev_rev_1_2_t structure");
#endif
#ifdef __cplusplus
}
#endif

319
components/soc/esp32h2/include/soc/ecdsa_struct.h
View File

@@ -1,5 +1,5 @@
/**
* SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -10,300 +10,43 @@
extern "C" {
#endif
/** Group: Data Memory */
#include "soc/ecdsa_rev_0_0_struct.h"
#include "soc/ecdsa_rev_1_2_struct.h"
/** Group: Configuration registers */
/** Type of conf register
* ECDSA configure register
/**
* @brief Compatible ecdsa struct wrapper
*
*/
typedef union {
struct {
/** work_mode : R/W; bitpos: [0]; default: 0;
* The work mode bits of ECDSA Accelerator. 0: Signature Verify Mode. 1: Signature
* Generate Mode.
*/
uint32_t work_mode:1;
/** ecc_curve : R/W; bitpos: [1]; default: 0;
* The ecc curve select bit of ECDSA Accelerator. 0: P-192. 1: P-256.
*/
uint32_t ecc_curve:1;
/** software_set_k : R/W; bitpos: [2]; default: 0;
* The source of k select bit. 0: k is automatically generated by TRNG. 1: k is
* written by software.
*/
uint32_t software_set_k:1;
/** software_set_z : R/W; bitpos: [3]; default: 0;
* The source of z select bit. 0: z is generated from SHA result. 1: z is written by
* software.
*/
uint32_t software_set_z:1;
uint32_t reserved_4:28;
};
uint32_t val;
} ecdsa_conf_reg_t;
/** Type of start register
* ECDSA start register
*/
typedef union {
struct {
/** start : WT; bitpos: [0]; default: 0;
* Write 1 to start caculation of ECDSA Accelerator. This bit will be self-cleared
* after configuration.
*/
uint32_t start:1;
/** load_done : WT; bitpos: [1]; default: 0;
* Write 1 to input load done signal of ECDSA Accelerator. This bit will be
* self-cleared after configuration.
*/
uint32_t load_done:1;
/** get_done : WT; bitpos: [2]; default: 0;
* Write 1 to input get done signal of ECDSA Accelerator. This bit will be
* self-cleared after configuration.
*/
uint32_t get_done:1;
uint32_t reserved_3:29;
};
uint32_t val;
} ecdsa_start_reg_t;
/** Group: Clock and reset registers */
/** Type of clk register
* ECDSA clock gate register
*/
typedef union {
struct {
/** clk_gate_force_on : R/W; bitpos: [0]; default: 0;
* Write 1 to force on register clock gate.
*/
uint32_t clk_gate_force_on:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_clk_reg_t;
/** Group: Interrupt registers */
/** Type of int_raw register
* ECDSA interrupt raw register, valid in level.
*/
typedef union {
struct {
/** calc_done_int_raw : RO/WTC/SS; bitpos: [0]; default: 0;
* The raw interrupt status bit for the ecdsa_calc_done_int interrupt
*/
uint32_t calc_done_int_raw:1;
/** sha_release_int_raw : RO/WTC/SS; bitpos: [1]; default: 0;
* The raw interrupt status bit for the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_raw:1;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_int_raw_reg_t;
/** Type of int_st register
* ECDSA interrupt status register.
*/
typedef union {
struct {
/** calc_done_int_st : RO; bitpos: [0]; default: 0;
* The masked interrupt status bit for the ecdsa_calc_done_int interrupt
*/
uint32_t calc_done_int_st:1;
/** sha_release_int_st : RO; bitpos: [1]; default: 0;
* The masked interrupt status bit for the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_st:1;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_int_st_reg_t;
/** Type of int_ena register
* ECDSA interrupt enable register.
*/
typedef union {
struct {
/** calc_done_int_ena : R/W; bitpos: [0]; default: 0;
* The interrupt enable bit for the ecdsa_calc_done_int interrupt
*/
uint32_t calc_done_int_ena:1;
/** sha_release_int_ena : R/W; bitpos: [1]; default: 0;
* The interrupt enable bit for the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_ena:1;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_int_ena_reg_t;
/** Type of int_clr register
* ECDSA interrupt clear register.
*/
typedef union {
struct {
/** calc_done_int_clr : WT; bitpos: [0]; default: 0;
* Set this bit to clear the ecdsa_calc_done_int interrupt
*/
uint32_t calc_done_int_clr:1;
/** sha_release_int_clr : WT; bitpos: [1]; default: 0;
* Set this bit to clear the ecdsa_sha_release_int interrupt
*/
uint32_t sha_release_int_clr:1;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_int_clr_reg_t;
/** Group: Status registers */
/** Type of state register
* ECDSA status register
*/
typedef union {
struct {
/** busy : RO; bitpos: [1:0]; default: 0;
* The status bits of ECDSA Accelerator. ECDSA is at 0: IDLE, 1: LOAD, 2: GET, 3: BUSY
* state.
*/
uint32_t busy:2;
uint32_t reserved_2:30;
};
uint32_t val;
} ecdsa_state_reg_t;
/** Group: Result registers */
/** Type of result register
* ECDSA result register
*/
typedef union {
struct {
/** operation_result : RO/SS; bitpos: [0]; default: 0;
* The operation result bit of ECDSA Accelerator, only valid when ECDSA calculation is
* done.
*/
uint32_t operation_result:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_result_reg_t;
/** Group: SHA register */
/** Type of sha_mode register
* ECDSA control SHA register
*/
typedef union {
struct {
/** sha_mode : R/W; bitpos: [2:0]; default: 0;
* The work mode bits of SHA Calculator in ECDSA Accelerator. 1: SHA-224. 2: SHA-256.
* Others: invalid.
*/
uint32_t sha_mode:3;
uint32_t reserved_3:29;
};
uint32_t val;
} ecdsa_sha_mode_reg_t;
/** Type of sha_start register
* ECDSA control SHA register
*/
typedef union {
struct {
/** sha_start : WT; bitpos: [0]; default: 0;
* Write 1 to start the first caculation of SHA Calculator in ECDSA Accelerator. This
* bit will be self-cleared after configuration.
*/
uint32_t sha_start:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_sha_start_reg_t;
/** Type of sha_continue register
* ECDSA control SHA register
*/
typedef union {
struct {
/** sha_continue : WT; bitpos: [0]; default: 0;
* Write 1 to start the latter caculation of SHA Calculator in ECDSA Accelerator. This
* bit will be self-cleared after configuration.
*/
uint32_t sha_continue:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_sha_continue_reg_t;
/** Type of sha_busy register
* ECDSA status register
*/
typedef union {
struct {
/** sha_busy : RO; bitpos: [0]; default: 0;
* The busy status bit of SHA Calculator in ECDSA Accelerator. 1:SHA is in
* calculation. 0: SHA is idle.
*/
uint32_t sha_busy:1;
uint32_t reserved_1:31;
};
uint32_t val;
} ecdsa_sha_busy_reg_t;
/** Group: Version register */
/** Type of date register
* Version control register
*/
typedef union {
struct {
/** date : R/W; bitpos: [27:0]; default: 35684752;
* ECDSA version control register
*/
uint32_t date:28;
uint32_t reserved_28:4;
};
uint32_t val;
} ecdsa_date_reg_t;
typedef struct {
uint32_t reserved_000;
volatile ecdsa_conf_reg_t conf;
volatile ecdsa_clk_reg_t clk;
volatile ecdsa_int_raw_reg_t int_raw;
volatile ecdsa_int_st_reg_t int_st;
volatile ecdsa_int_ena_reg_t int_ena;
volatile ecdsa_int_clr_reg_t int_clr;
volatile ecdsa_start_reg_t start;
volatile ecdsa_state_reg_t state;
volatile ecdsa_result_reg_t result;
uint32_t reserved_028[53];
volatile ecdsa_date_reg_t date;
uint32_t reserved_100[64];
volatile ecdsa_sha_mode_reg_t sha_mode;
uint32_t reserved_204[3];
volatile ecdsa_sha_start_reg_t sha_start;
volatile ecdsa_sha_continue_reg_t sha_continue;
volatile ecdsa_sha_busy_reg_t sha_busy;
uint32_t reserved_21c[25];
volatile uint32_t message[8];
uint32_t reserved_2a0[472];
volatile uint32_t r[8];
volatile uint32_t s[8];
volatile uint32_t z[8];
volatile uint32_t qax[8];
volatile uint32_t qay[8];
volatile ecdsa_dev_rev_0_0_t rev_0_0;
volatile ecdsa_dev_rev_1_2_t rev_1_2;
} ecdsa_dev_t;
extern ecdsa_dev_t ECDSA;
#ifndef __cplusplus
_Static_assert(sizeof(ecdsa_dev_t) == 0xaa0, "Invalid size of ecdsa_dev_t structure");
#endif
/* Note: For ECDSA register on ESP32-H2, you need to use the ECDSA struct through
* ECDSA_REG_GET and ECDSA_REG_SET to access the ECDSA peripheral register and its fields respectively.
* For e.g., ECDSA_REG_SET(ECDSA.clk.clk_gate_force_on, enable) is used to set the register value.
* The ECDSA struct should not be referenced directly.
*/
/** The ECDSA date version of chip revision 1.2*/
#define ECDSA_REV1_2_DATE (0x2403120)
/**
* @brief Set the register value compatibly
* @param reg The register to set
* @param val The value to set
*/
#define ECDSA_REG_SET(reg, val) (ECDSA.rev_1_2.date.ecdsa_date >= ECDSA_REV1_2_DATE ? \
(ECDSA.rev_1_2.reg = (val)) : (ECDSA.rev_0_0.reg = (val)))
/**
* @brief Get the register value compatibly
* @param reg The register to get
*/
#define ECDSA_REG_GET(reg) (ECDSA.rev_1_2.date.ecdsa_date >= ECDSA_REV1_2_DATE ? \
(ECDSA.rev_1_2.reg) : (ECDSA.rev_0_0.reg))
#ifdef __cplusplus
}

4
components/soc/esp32h2/include/soc/soc_caps.h
View File

@@ -480,9 +480,11 @@
/*------------------------ Anti DPA (Security) CAPS --------------------------*/
#define SOC_CRYPTO_DPA_PROTECTION_SUPPORTED 1
/*--------------------------- ECC CAPS ---------------------------------------*/
#define SOC_ECC_CONSTANT_TIME_POINT_MUL 1
/*------------------------- ECDSA CAPS -------------------------*/
#define SOC_ECDSA_USES_MPI (1)
/*-------------------------- UART CAPS ---------------------------------------*/
// ESP32-H2 has 2 UARTs
#define SOC_UART_NUM (2)

2
components/soc/esp32h2/ld/esp32h2.peripherals.ld
View File

@@ -40,7 +40,7 @@ PROVIDE ( RSA = 0x6008A000 );
PROVIDE ( ECC = 0x6008B000 );
PROVIDE ( DS = 0x6008C000 );
PROVIDE ( HMAC = 0x6008D000 );
PROVIDE ( ECDSA = 0x6008E000 );
PROVIDE ( IO_MUX = 0x60090000 );
PROVIDE ( GPIO = 0x60091000 );
PROVIDE ( GPIO_EXT = 0x60091f00 );

37
docs/en/api-guides/performance/size.rst
View File

@@ -488,23 +488,26 @@ Under **Component Config** > **mbedTLS**, there are multiple mbedTLS features en
These include:
- :ref:`CONFIG_MBEDTLS_HAVE_TIME`
- :ref:`CONFIG_MBEDTLS_ECDSA_DETERMINISTIC`
- :ref:`CONFIG_MBEDTLS_SHA512_C`
- :ref:`CONFIG_MBEDTLS_SHA3_C`
- :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION`
- :ref:`CONFIG_MBEDTLS_SSL_ALPN`
- :ref:`CONFIG_MBEDTLS_SSL_RENEGOTIATION`
- :ref:`CONFIG_MBEDTLS_CCM_C`
- :ref:`CONFIG_MBEDTLS_GCM_C`
- :ref:`CONFIG_MBEDTLS_ECP_C` (Alternatively: Leave this option enabled but disable some of the elliptic curves listed in the sub-menu.)
- :ref:`CONFIG_MBEDTLS_ECP_NIST_OPTIM`
- :ref:`CONFIG_MBEDTLS_ECP_FIXED_POINT_OPTIM`
- Change :ref:`CONFIG_MBEDTLS_TLS_MODE` if both server & client functionalities are not needed.
- Consider disabling some cipher suites listed in the ``TLS Key Exchange Methods`` sub-menu (i.e., :ref:`CONFIG_MBEDTLS_KEY_EXCHANGE_RSA`).
- Consider disabling :ref:`CONFIG_MBEDTLS_ERROR_STRINGS` if the application is already pulling in mbedTLS error strings through using :cpp:func:`mbedtls_strerror`.
.. list::
- :ref:`CONFIG_MBEDTLS_HAVE_TIME`
- :ref:`CONFIG_MBEDTLS_ECDSA_DETERMINISTIC`
- :ref:`CONFIG_MBEDTLS_SHA512_C`
- :ref:`CONFIG_MBEDTLS_SHA3_C`
- :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION`
- :ref:`CONFIG_MBEDTLS_SSL_ALPN`
- :ref:`CONFIG_MBEDTLS_SSL_RENEGOTIATION`
- :ref:`CONFIG_MBEDTLS_CCM_C`
- :ref:`CONFIG_MBEDTLS_GCM_C`
- :ref:`CONFIG_MBEDTLS_ECP_C` (Alternatively: Leave this option enabled but disable some of the elliptic curves listed in the sub-menu.)
- :ref:`CONFIG_MBEDTLS_ECP_NIST_OPTIM`
- :ref:`CONFIG_MBEDTLS_ECP_FIXED_POINT_OPTIM`
- Change :ref:`CONFIG_MBEDTLS_TLS_MODE` if both server & client functionalities are not needed.
- Consider disabling some cipher suites listed in the ``TLS Key Exchange Methods`` sub-menu (i.e., :ref:`CONFIG_MBEDTLS_KEY_EXCHANGE_RSA`).
- Consider disabling :ref:`CONFIG_MBEDTLS_ERROR_STRINGS` if the application is already pulling in mbedTLS error strings through using :cpp:func:`mbedtls_strerror`.
:esp32h2: - For {IDF_TARGET_NAME} v1.2 and above, consider disabling :ref:`CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_MASKING_CM` and :ref:`CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM` as the software countermeasures for the ECDSA sign operation are not required.
The help text for each option has some more information for reference.

37
docs/zh_CN/api-guides/performance/size.rst
View File

@@ -488,23 +488,26 @@ MbedTLS 功能
这些功能包括:
- :ref:`CONFIG_MBEDTLS_HAVE_TIME`
- :ref:`CONFIG_MBEDTLS_ECDSA_DETERMINISTIC`
- :ref:`CONFIG_MBEDTLS_SHA512_C`
- :ref:`CONFIG_MBEDTLS_SHA3_C`
- :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION`
- :ref:`CONFIG_MBEDTLS_SSL_ALPN`
- :ref:`CONFIG_MBEDTLS_SSL_RENEGOTIATION`
- :ref:`CONFIG_MBEDTLS_CCM_C`
- :ref:`CONFIG_MBEDTLS_GCM_C`
- :ref:`CONFIG_MBEDTLS_ECP_C` (或者:启用此选项,但在子菜单中禁用部分椭圆曲线)
- :ref:`CONFIG_MBEDTLS_ECP_NIST_OPTIM`
- :ref:`CONFIG_MBEDTLS_ECP_FIXED_POINT_OPTIM`
- 如果不需要 mbedTLS 的服务器和客户端功能,可以修改 :ref:`CONFIG_MBEDTLS_TLS_MODE`
- 可以考虑禁用在 ``TLS Key Exchange Methods`` 子菜单中列出的一些密码套件(例如 :ref:`CONFIG_MBEDTLS_KEY_EXCHANGE_RSA`),以减小代码大小。
- 如果应用程序已经通过使用 :cpp:func:`mbedtls_strerror` 拉取 mbedTLS 错误字符串,则可以考虑禁用 :ref:`CONFIG_MBEDTLS_ERROR_STRINGS`
.. list::
- :ref:`CONFIG_MBEDTLS_HAVE_TIME`
- :ref:`CONFIG_MBEDTLS_ECDSA_DETERMINISTIC`
- :ref:`CONFIG_MBEDTLS_SHA512_C`
- :ref:`CONFIG_MBEDTLS_SHA3_C`
- :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS`
- :ref:`CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION`
- :ref:`CONFIG_MBEDTLS_SSL_ALPN`
- :ref:`CONFIG_MBEDTLS_SSL_RENEGOTIATION`
- :ref:`CONFIG_MBEDTLS_CCM_C`
- :ref:`CONFIG_MBEDTLS_GCM_C`
- :ref:`CONFIG_MBEDTLS_ECP_C` (或者:启用此选项,但在子菜单中禁用部分椭圆曲线)
- :ref:`CONFIG_MBEDTLS_ECP_NIST_OPTIM`
- :ref:`CONFIG_MBEDTLS_ECP_FIXED_POINT_OPTIM`
- 如果不需要 mbedTLS 的服务器和客户端功能,可以修改 :ref:`CONFIG_MBEDTLS_TLS_MODE`
- 可以考虑禁用在 ``TLS Key Exchange Methods`` 子菜单中列出的一些密码套件(例如 :ref:`CONFIG_MBEDTLS_KEY_EXCHANGE_RSA`),以减小代码大小。
- 如果应用程序已经通过使用 :cpp:func:`mbedtls_strerror` 拉取 mbedTLS 错误字符串,则可以考虑禁用 :ref:`CONFIG_MBEDTLS_ERROR_STRINGS`
:esp32h2: - 对于 {IDF_TARGET_NAME} v1.2 及以上版本,可以考虑禁用 :ref:`CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_MASKING_CM` 和 :ref:`CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN_CONSTANT_TIME_CM`,因为无需再使用 ECDSA 签名的软件防护措施。
每个选项的帮助文本中都有更多信息可供参考。