diff --git a/components/hal/esp32c5/include/hal/spi_flash_encrypted_ll.h b/components/hal/esp32c5/include/hal/spi_flash_encrypted_ll.h index f0e9235e3d..49239efd27 100644 --- a/components/hal/esp32c5/include/hal/spi_flash_encrypted_ll.h +++ b/components/hal/esp32c5/include/hal/spi_flash_encrypted_ll.h @@ -146,6 +146,29 @@ static inline bool spi_flash_encrypt_ll_check(uint32_t address, uint32_t length) return ((address % length) == 0) ? true : false; } +/** + * @brief Enable the pseudo-round function during XTS-AES operations + * + * @param mode set the mode for pseudo rounds, zero to disable, with increasing security upto three. + * @param base basic number of pseudo rounds, zero if disable + * @param increment increment number of pseudo rounds, zero if disable + * @param key_rng_cnt update frequency of the pseudo-key, zero if disable + */ +static inline void spi_flash_encrypt_ll_enable_pseudo_rounds(uint8_t mode, uint8_t base, uint8_t increment, uint8_t key_rng_cnt) +{ + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_MODE_PSEUDO, mode); + + if (mode) { + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_BASE, base); + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_INC, increment); + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_RNG_CNT, key_rng_cnt); + } else { + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_BASE, 0); + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_INC, 0); + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_RNG_CNT, 0); + } +} + #ifdef __cplusplus } #endif diff --git a/components/hal/esp32c61/include/hal/spi_flash_encrypted_ll.h b/components/hal/esp32c61/include/hal/spi_flash_encrypted_ll.h index 4192f40a65..0d79cbd678 100644 --- a/components/hal/esp32c61/include/hal/spi_flash_encrypted_ll.h +++ b/components/hal/esp32c61/include/hal/spi_flash_encrypted_ll.h @@ -146,6 +146,29 @@ static inline bool spi_flash_encrypt_ll_check(uint32_t address, uint32_t length) return ((address % length) == 0) ? true : false; } +/** + * @brief Enable the pseudo-round function during XTS-AES operations + * + * @param mode set the mode for pseudo rounds, zero to disable, with increasing security upto three. + * @param base basic number of pseudo rounds, zero if disable + * @param increment increment number of pseudo rounds, zero if disable + * @param key_rng_cnt update frequency of the pseudo-key, zero if disable + */ +static inline void spi_flash_encrypt_ll_enable_pseudo_rounds(uint8_t mode, uint8_t base, uint8_t increment, uint8_t key_rng_cnt) +{ + (void) key_rng_cnt; + + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_MODE_PSEUDO, mode); + + if (mode) { + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_BASE, base); + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_INC, increment); + } else { + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_BASE, 0); + REG_SET_FIELD(SPI_MEM_XTS_PSEUDO_ROUND_CONF_REG(0), SPI_MEM_PSEUDO_INC, 0); + } +} + #ifdef __cplusplus } #endif diff --git a/components/hal/include/hal/spi_flash_encrypt_hal.h b/components/hal/include/hal/spi_flash_encrypt_hal.h index e3da8c30d5..df0064b44a 100644 --- a/components/hal/include/hal/spi_flash_encrypt_hal.h +++ b/components/hal/include/hal/spi_flash_encrypt_hal.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -13,11 +13,35 @@ // The HAL layer for SPI Flash Encryption #include "hal/spi_flash_encrypted_ll.h" +#include "soc/soc_caps.h" #ifdef __cplusplus extern "C" { #endif +#ifdef SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND +/** + * @brief Default pseudo rounds configs of the XTS-AES accelerator + */ +typedef enum { + ESP_XTS_AES_PSEUDO_ROUNDS_DISABLE = 0, + ESP_XTS_AES_PSEUDO_ROUNDS_LOW, + ESP_XTS_AES_PSEUDO_ROUNDS_MEDIUM, + ESP_XTS_AES_PSEUDO_ROUNDS_HIGH, +} esp_xts_aes_psuedo_rounds_state_t; + +/* The total number of pseudo-rounds randomly inserted in an XTS-AES operation are controlled by + * configuring the PSEUDO_MODE, PSEUDO_BASE, PSEUDO_INC parameters. + * Users can also set the frequency of random key updates by configuring the PSEUDO_RNG_CNT. + * Here, we would be using some pre-decided values for these parameters corresponding to the security needed. + * For more information regarding these parameters please refer the TRM. + */ +#define XTS_AES_PSEUDO_ROUNDS_BASE 4 +#define XTS_AES_PSEUDO_ROUNDS_INC 2 +#define XTS_AES_PSEUDO_ROUNDS_RNG_CNT 7 + +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND */ + /** * @brief Enable the flash encryption */ @@ -57,6 +81,18 @@ void spi_flash_encryption_hal_destroy(void); */ bool spi_flash_encryption_hal_check(uint32_t address, uint32_t length); +#ifdef SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND +/** + * @brief Enable the pseudo-round function during XTS-AES operations + * + * @param mode set the mode for pseudo rounds, zero to disable, with increasing security upto three. + * @param base basic number of pseudo rounds, zero if disable + * @param increment increment number of pseudo rounds, zero if disable + * @param key_rng_cnt update frequency of the pseudo-key, zero if disable + */ +void spi_flash_encryption_hal_enable_pseudo_rounds(uint8_t mode, uint8_t base, uint8_t increment, uint8_t key_rng_cnt); +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND */ + #ifdef __cplusplus } #endif diff --git a/components/hal/include/hal/spi_flash_types.h b/components/hal/include/hal/spi_flash_types.h index d36332e2d8..42ccc883e5 100644 --- a/components/hal/include/hal/spi_flash_types.h +++ b/components/hal/include/hal/spi_flash_types.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2010-2022 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2010-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -48,7 +48,7 @@ typedef enum esp_flash_speed_s { ESP_FLASH_26MHZ = 26, ///< The flash runs under 26MHz ESP_FLASH_40MHZ = 40, ///< The flash runs under 40MHz ESP_FLASH_80MHZ = 80, ///< The flash runs under 80MHz - ESP_FLASH_120MHZ = 120, ///< The flash runs under 120MHz, 120MHZ can only be used by main flash after timing tuning in system. Do not use this directely in any API. + ESP_FLASH_120MHZ = 120, ///< The flash runs under 120MHz, 120MHZ can only be used by main flash after timing tuning in system. Do not use this directly in any API. ESP_FLASH_SPEED_MAX, ///< The maximum frequency supported by the host is ``ESP_FLASH_SPEED_MAX-1``. } esp_flash_speed_t __attribute__((deprecated)); diff --git a/components/hal/spi_flash_encrypt_hal_iram.c b/components/hal/spi_flash_encrypt_hal_iram.c index 2636e699f5..68a309a92d 100644 --- a/components/hal/spi_flash_encrypt_hal_iram.c +++ b/components/hal/spi_flash_encrypt_hal_iram.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2021-2024 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -7,6 +7,7 @@ // This part is put in iram. #include "hal/spi_flash_encrypted_ll.h" +#include "soc/soc_caps.h" void spi_flash_encryption_hal_enable(void) { @@ -49,3 +50,10 @@ bool spi_flash_encryption_hal_check(uint32_t address, uint32_t length) { return spi_flash_encrypt_ll_check(address, length); } + +#ifdef SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND +void spi_flash_encryption_hal_enable_pseudo_rounds(uint8_t mode, uint8_t base, uint8_t increment, uint8_t key_rng_cnt) +{ + spi_flash_encrypt_ll_enable_pseudo_rounds(mode, base, increment, key_rng_cnt); +} +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND */ diff --git a/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in b/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in index 628902e6e9..a0b211ad85 100644 --- a/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32c5/include/soc/Kconfig.soc_caps.in @@ -1251,6 +1251,10 @@ config SOC_FLASH_ENCRYPTION_XTS_AES_128 bool default y +config SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND + bool + default y + config SOC_APM_CTRL_FILTER_SUPPORTED bool default y diff --git a/components/soc/esp32c5/include/soc/soc_caps.h b/components/soc/esp32c5/include/soc/soc_caps.h index 2c8a5f44a7..805bb6ed29 100644 --- a/components/soc/esp32c5/include/soc/soc_caps.h +++ b/components/soc/esp32c5/include/soc/soc_caps.h @@ -522,6 +522,7 @@ #define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX (64) #define SOC_FLASH_ENCRYPTION_XTS_AES 1 #define SOC_FLASH_ENCRYPTION_XTS_AES_128 1 +#define SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND 1 /*-------------------------- APM CAPS-----------------------------------------*/ #define SOC_APM_CTRL_FILTER_SUPPORTED 1 /*!< Support for APM control filter */ diff --git a/components/soc/esp32c61/include/soc/Kconfig.soc_caps.in b/components/soc/esp32c61/include/soc/Kconfig.soc_caps.in index eb5a1908b3..32f1de140e 100644 --- a/components/soc/esp32c61/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32c61/include/soc/Kconfig.soc_caps.in @@ -943,6 +943,10 @@ config SOC_FLASH_ENCRYPTION_XTS_AES_128 bool default y +config SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND + bool + default y + config SOC_APM_CTRL_FILTER_SUPPORTED bool default y diff --git a/components/soc/esp32c61/include/soc/soc_caps.h b/components/soc/esp32c61/include/soc/soc_caps.h index eb2a1ae6c1..af95d3232c 100644 --- a/components/soc/esp32c61/include/soc/soc_caps.h +++ b/components/soc/esp32c61/include/soc/soc_caps.h @@ -390,6 +390,7 @@ #define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX (64) #define SOC_FLASH_ENCRYPTION_XTS_AES 1 #define SOC_FLASH_ENCRYPTION_XTS_AES_128 1 +#define SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND 1 /*-------------------------- APM CAPS ----------------------------------------*/ #define SOC_APM_CTRL_FILTER_SUPPORTED 1 /*!< Support for APM control filter */ diff --git a/components/spi_flash/spi_flash_chip_generic.c b/components/spi_flash/spi_flash_chip_generic.c index 9edcbe6c51..287ac7e7b1 100644 --- a/components/spi_flash/spi_flash_chip_generic.c +++ b/components/spi_flash/spi_flash_chip_generic.c @@ -527,6 +527,11 @@ esp_err_t spi_flash_chip_generic_write_encrypted(esp_flash_t *chip, const void * const uint8_t *data_bytes = (const uint8_t *)buffer; esp_flash_encryption->flash_encryption_enable(); + +#if SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND + spi_flash_encryption_hal_enable_pseudo_rounds(ESP_XTS_AES_PSEUDO_ROUNDS_LOW, XTS_AES_PSEUDO_ROUNDS_BASE, XTS_AES_PSEUDO_ROUNDS_INC, XTS_AES_PSEUDO_ROUNDS_RNG_CNT); +#endif /* SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND */ + while (length > 0) { int block_size; /* Write the largest block if possible */