refactor(esp_hal_security): Updated esp_hal_security build and includes

2026-04-27 19:13:21 +00:00 · 2026-01-05 22:40:05 +05:30
parent 6c2716cd27
commit 4d3cfefc2e
149 changed files with 765 additions and 188 deletions
@@ -20,6 +20,7 @@ set(COMPONENTS
    bootloader
    esptool_py
    esp_hw_support
+    esp_hal_security
    esp_system
    freertos
    hal
@@ -91,8 +91,8 @@ SECTIONS
    *libhal.a:cache_hal.*(.literal .text .literal.* .text.*)
    *libhal.a:efuse_hal.*(.literal .text .literal.* .text.*)
    *libesp_hal_wdt.a:wdt_hal_iram.*(.literal .text .literal.* .text.*)
-    *libhal.a:huk_hal.*(.literal .text .literal.* .text.*)
-    *libhal.a:key_mgr_hal.*(.literal .text .literal.* .text.*)
+    *libesp_hal_security.a:huk_hal.*(.literal .text .literal.* .text.*)
+    *libesp_hal_security.a:key_mgr_hal.*(.literal .text .literal.* .text.*)
    *libesp_security.a:esp_key_mgr.*(.literal .text .literal.* .text.*)
    *libesp_security.a:esp_crypto_periph_clk.*(.literal .text .literal.* .text.*)
    *libesp_security.a:esp_crypto_lock.*(.literal .text .literal.* .text.*)
@@ -89,7 +89,8 @@ SECTIONS
    *libhal.a:mmu_hal.*(.literal .text .literal.* .text.*)
    *libhal.a:cache_hal.*(.literal .text .literal.* .text.*)
    *libhal.a:efuse_hal.*(.literal .text .literal.* .text.*)
-    *libhal.a:key_mgr_hal.*(.literal.key_mgr_hal_set_key_usage .text.key_mgr_hal_set_key_usage)
+    *libesp_hal_security.a:huk_hal.*(.literal .text .literal.* .text.*)
+    *libesp_hal_security.a:key_mgr_hal.*(.literal .text .literal.* .text.*)
    *libesp_security.a:esp_crypto_periph_clk.*(.literal .text .literal.* .text.*)
    *libesp_hal_wdt.a:wdt_hal_iram.*(.literal .text .literal.* .text.*)
    *libesp_hw_support.a:rtc_clk.*(.literal .text .literal.* .text.*)
@@ -90,8 +90,8 @@ SECTIONS
    *libhal.a:cache_hal.*(.literal .text .literal.* .text.*)
    *libhal.a:efuse_hal.*(.literal .text .literal.* .text.*)
    *libesp_hal_wdt.a:wdt_hal_iram.*(.literal .text .literal.* .text.*)
-    *libhal.a:huk_hal.*(.literal .text .literal.* .text.*)
-    *libhal.a:key_mgr_hal.*(.literal .text .literal.* .text.*)
+    *libesp_hal_security.a:huk_hal.*(.literal .text .literal.* .text.*)
+    *libesp_hal_security.a:key_mgr_hal.*(.literal .text .literal.* .text.*)
    *libesp_security.a:esp_key_mgr.*(.literal .text .literal.* .text.*)
    *libesp_security.a:esp_crypto_periph_clk.*(.literal .text .literal.* .text.*)
    *libesp_security.a:esp_crypto_lock.*(.literal .text .literal.* .text.*)
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2026 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
@@ -31,15 +31,15 @@ list(APPEND srcs "src/esp_efuse_api.c"

 if(non_os_build)
    idf_component_register(SRCS "${srcs}"
-                    PRIV_REQUIRES bootloader_support soc spi_flash
+                    PRIV_REQUIRES bootloader_support soc spi_flash esp_hal_security
                    INCLUDE_DIRS "${include_dirs}"
                    PRIV_INCLUDE_DIRS "${private_include}")
 else()
    list(APPEND srcs "src/esp_efuse_startup.c")
    if(${target} STREQUAL "linux")
-        set(priv_requires soc spi_flash esp_system esp_partition)
+        set(priv_requires soc spi_flash esp_system esp_partition esp_hal_security)
    else()
-        set(priv_requires bootloader_support soc spi_flash esp_system esp_partition esp_app_format)
+        set(priv_requires bootloader_support soc spi_flash esp_system esp_partition esp_app_format esp_hal_security)
    endif()
    idf_component_register(SRCS "${srcs}"
                    PRIV_REQUIRES "${priv_requires}"
@@ -6,8 +6,8 @@

 // The HAL layer for AES

-#include "esp_hal_security/aes_hal.h"
-#include "esp_hal_security/aes_ll.h"
+#include "hal/aes_hal.h"
+#include "hal/aes_ll.h"
 #include <stdlib.h>
 #include <string.h>
 #include "soc/soc_caps.h"
@@ -7,8 +7,8 @@
 #include <stdbool.h>
 #include "soc/soc_caps.h"
 #include "hal/assert.h"
-#include "esp_hal_security/apm_hal.h"
-#include "esp_hal_security/apm_ll.h"
+#include "hal/apm_hal.h"
+#include "hal/apm_ll.h"
 #include "hal/log.h"

 #if SOC_IS(ESP32P4)
@@ -5,8 +5,8 @@
 */

 #include "hal/systimer_hal.h"
-#include "esp_hal_security/ds_hal.h"
-#include "esp_hal_security/ds_ll.h"
+#include "hal/ds_hal.h"
+#include "hal/ds_ll.h"
 #include "hal/assert.h"
 #include "soc/soc_caps.h"

@@ -3,8 +3,8 @@
 *
 * SPDX-License-Identifier: Apache-2.0
 */
-#include "esp_hal_security/ecc_hal.h"
-#include "esp_hal_security/ecc_ll.h"
+#include "hal/ecc_hal.h"
+#include "hal/ecc_ll.h"
 #include "soc/soc_caps.h"

 /* ECC curve size constants in bytes */
@@ -5,8 +5,8 @@
 */

 #include "hal/assert.h"
-#include "esp_hal_security/ecdsa_ll.h"
-#include "esp_hal_security/ecdsa_hal.h"
+#include "hal/ecdsa_ll.h"
+#include "hal/ecdsa_hal.h"
 #include "hal/efuse_hal.h"
 #include "hal/efuse_ll.h"
 #include "soc/soc_caps.h"
@@ -18,8 +18,8 @@
 #endif

 #ifdef SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
-#include "esp_hal_security/key_mgr_hal.h"
-#include "esp_hal_security/key_mgr_ll.h"
+#include "hal/key_mgr_hal.h"
+#include "hal/key_mgr_ll.h"
 #endif

 #define ECDSA_HAL_P192_COMPONENT_LEN        24
@@ -11,7 +11,7 @@
 #include "soc/hwcrypto_reg.h"
 #include "soc/dport_access.h"
 #include "soc/dport_reg.h"
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -9,7 +9,7 @@
 #include <string.h>
 #include <sys/param.h>
 #include "hal/assert.h"
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/dport_reg.h"
 #include "soc/hwcrypto_periph.h"
 #include "soc/mpi_periph.h"
@@ -6,7 +6,7 @@
 #pragma once

 #include <stdbool.h>
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"
 #include "soc/dport_reg.h"
 #include "soc/hwcrypto_reg.h"
 #include "soc/dport_access.h"
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "hal/assert.h"
-#include "esp_hal_security/ecc_types.h"
+#include "hal/ecc_types.h"
 #include "soc/ecc_mult_reg.h"
 #include "soc/system_struct.h"

@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/system_struct.h"
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -10,7 +10,7 @@
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/system_struct.h"
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -18,7 +18,7 @@
 #include "soc/hwcrypto_reg.h"
 #include "soc/soc_caps.h"
 #include "soc/system_struct.h"
-#include "esp_hal_security/ds_types.h"
+#include "hal/ds_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -18,7 +18,7 @@
 #include "soc/system_reg.h"
 #include "soc/system_struct.h"
 #include "soc/hwcrypto_reg.h"
-#include "esp_hal_security/hmac_types.h"
+#include "hal/hmac_types.h"

 #define SHA256_BLOCK_SZ 64
 #define SHA256_DIGEST_SZ 32
@@ -9,7 +9,7 @@
 #include <string.h>
 #include <sys/param.h>
 #include "hal/assert.h"
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/hwcrypto_periph.h"
 #include "soc/system_reg.h"
 #include "soc/system_struct.h"
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/system_struct.h"
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -10,7 +10,7 @@
 #include <string.h>
 #include "soc/aes_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -22,7 +22,7 @@

 #include "soc/pcr_reg.h"
 #include "soc/interrupts.h"
-#include "esp_hal_security/apm_types.h"
+#include "hal/apm_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -18,7 +18,7 @@
 #include "soc/hwcrypto_reg.h"
 #include "soc/soc_caps.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/ds_types.h"
+#include "hal/ds_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "hal/assert.h"
-#include "esp_hal_security/ecc_types.h"
+#include "hal/ecc_types.h"
 #include "soc/ecc_mult_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/pcr_reg.h"
@@ -11,7 +11,7 @@
 #include "soc/ecdsa_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/efuse_periph.h"
-#include "esp_hal_security/ecdsa_types.h"
+#include "hal/ecdsa_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -18,7 +18,7 @@
 #include "soc/system_reg.h"
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/hmac_types.h"
+#include "hal/hmac_types.h"

 #define SHA256_BLOCK_SZ 64
 #define SHA256_DIGEST_SZ 32
@@ -19,7 +19,7 @@
 #include <stdbool.h>
 #include <string.h>

-#include "esp_hal_security/huk_types.h"
+#include "hal/huk_types.h"
 #include "soc/huk_reg.h"
 #include "soc/soc_caps.h"
 #include "soc/lp_aon_reg.h"
@@ -16,7 +16,7 @@
 #include <string.h>

 #include "hal/assert.h"
-#include "esp_hal_security/key_mgr_types.h"
+#include "hal/key_mgr_types.h"
 #include "soc/keymng_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/pcr_reg.h"
@@ -10,7 +10,7 @@
 #include <sys/param.h>
 #include "soc/soc_caps.h"
 #include "hal/assert.h"
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/pcr_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/rsa_reg.h"
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -10,7 +10,7 @@
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -20,7 +20,7 @@

 #include "soc/pcr_reg.h"
 #include "soc/interrupts.h"
-#include "esp_hal_security/apm_types.h"
+#include "hal/apm_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -18,7 +18,7 @@
 #include "soc/hwcrypto_reg.h"
 #include "soc/soc_caps.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/ds_types.h"
+#include "hal/ds_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "hal/assert.h"
-#include "esp_hal_security/ecc_types.h"
+#include "hal/ecc_types.h"
 #include "soc/ecc_mult_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/pcr_reg.h"
@@ -18,7 +18,7 @@
 #include "soc/system_reg.h"
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/hmac_types.h"
+#include "hal/hmac_types.h"

 #define SHA256_BLOCK_SZ 64
 #define SHA256_DIGEST_SZ 32
@@ -9,7 +9,7 @@
 #include <string.h>
 #include <sys/param.h>
 #include "hal/assert.h"
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/pcr_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/rsa_reg.h"
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -19,7 +19,7 @@

 #include "soc/pcr_reg.h"
 #include "soc/interrupts.h"
-#include "esp_hal_security/apm_types.h"
+#include "hal/apm_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "hal/assert.h"
-#include "esp_hal_security/ecc_types.h"
+#include "hal/ecc_types.h"
 #include "soc/ecc_mult_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/pcr_reg.h"
@@ -11,7 +11,7 @@
 #include "soc/ecdsa_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/efuse_periph.h"
-#include "esp_hal_security/ecdsa_types.h"
+#include "hal/ecdsa_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -10,7 +10,7 @@
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"

 #include "hal/efuse_hal.h"
 #include "soc/chip_revision.h"
@@ -17,7 +17,7 @@

 #include "soc/pcr_reg.h"
 #include "soc/interrupts.h"
-#include "esp_hal_security/apm_types.h"
+#include "hal/apm_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -18,7 +18,7 @@
 #include "soc/hwcrypto_reg.h"
 #include "soc/soc_caps.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/ds_types.h"
+#include "hal/ds_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "hal/assert.h"
-#include "esp_hal_security/ecc_types.h"
+#include "hal/ecc_types.h"
 #include "soc/ecc_mult_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/pcr_reg.h"
@@ -12,8 +12,8 @@
 #include "soc/ecdsa_struct.h"
 #include "soc/pcr_struct.h"
 #include "soc/efuse_periph.h"
-#include "esp_hal_security/ecdsa_types.h"
-#include "esp_hal_security/ecc_ll.h"
+#include "hal/ecdsa_types.h"
+#include "hal/ecc_ll.h"

 #ifdef __cplusplus
 extern "C" {
@@ -18,7 +18,7 @@
 #include "soc/system_reg.h"
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/hmac_types.h"
+#include "hal/hmac_types.h"

 #define SHA256_BLOCK_SZ 64
 #define SHA256_DIGEST_SZ 32
@@ -9,7 +9,7 @@
 #include <string.h>
 #include <sys/param.h>
 #include "hal/assert.h"
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/pcr_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/rsa_reg.h"
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -10,7 +10,7 @@
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -18,7 +18,7 @@
 #include "soc/hwcrypto_reg.h"
 #include "soc/soc_caps.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/ds_types.h"
+#include "hal/ds_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "hal/assert.h"
-#include "esp_hal_security/ecc_types.h"
+#include "hal/ecc_types.h"
 #include "soc/ecc_mult_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/pcr_reg.h"
@@ -11,7 +11,7 @@
 #include "soc/ecdsa_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/efuse_periph.h"
-#include "esp_hal_security/ecdsa_types.h"
+#include "hal/ecdsa_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -18,7 +18,7 @@
 #include "soc/system_reg.h"
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/hmac_types.h"
+#include "hal/hmac_types.h"

 #define SHA256_BLOCK_SZ 64
 #define SHA256_DIGEST_SZ 32
@@ -9,7 +9,7 @@
 #include <string.h>
 #include <sys/param.h>
 #include "hal/assert.h"
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/pcr_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/rsa_reg.h"
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/pcr_struct.h"
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "hal/assert.h"
-#include "esp_hal_security/ecc_types.h"
+#include "hal/ecc_types.h"
 #include "soc/ecc_mult_reg.h"
 #include "soc/pcr_struct.h"
 #include "soc/pcr_reg.h"
@@ -0,0 +1,44 @@
+/*
+ * SPDX-FileCopyrightText: 2025-2026 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#pragma once
+
+#include <stdbool.h>
+#include <string.h>
+#include "hal/assert.h"
+#include "soc/ecdsa_reg.h"
+#include "soc/pcr_struct.h"
+#include "soc/efuse_periph.h"
+#include "esp_hal_security/ecdsa_types.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Set the ECDSA key block in eFuse
+ *
+ * @param curve    ECDSA curve type
+ * @param efuse_blk eFuse block number
+ */
+__attribute__((always_inline)) static inline void ecdsa_ll_set_ecdsa_key_blk(ecdsa_curve_t curve, int efuse_blk)
+{
+    //ESP32H4 TODO
+    (void)curve;
+    (void)efuse_blk;
+}
+
+/**
+ * @brief Check if the ECDSA peripheral is supported on this chip revision
+ * For ESP32-H4, ECDSA is always supported
+ */
+static inline bool ecdsa_ll_is_supported(void)
+{
+    return true;
+}
+
+#ifdef __cplusplus
+}
+#endif
@@ -8,7 +8,7 @@

 #include <stdbool.h>
 #include <string.h>
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"
 #include "soc/hp_sys_clkrst_struct.h"
 #include "soc/hwcrypto_reg.h"
 #include "hal/config.h"
@@ -18,7 +18,7 @@
 #include "soc/hwcrypto_reg.h"
 #include "soc/hp_sys_clkrst_struct.h"
 #include "soc/soc_caps.h"
-#include "esp_hal_security/ds_types.h"
+#include "hal/ds_types.h"
 #include "hal/config.h"

 #ifdef __cplusplus
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "hal/assert.h"
-#include "esp_hal_security/ecc_types.h"
+#include "hal/ecc_types.h"
 #include "hal/efuse_hal.h"
 #include "soc/ecc_mult_reg.h"
 #include "soc/hp_sys_clkrst_struct.h"
@@ -0,0 +1,527 @@
+/*
+ * SPDX-FileCopyrightText: 2023-2026 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#pragma once
+
+#include <stdbool.h>
+#include <string.h>
+#include "hal/assert.h"
+#include "soc/ecdsa_reg.h"
+#include "soc/hp_sys_clkrst_struct.h"
+#include "soc/soc_caps.h"
+#include "soc/efuse_periph.h"
+#include "hal/ecdsa_types.h"
+#include "hal/efuse_hal.h"
+#include "hal/config.h"
+#include "soc/chip_revision.h"
+#include "soc/soc.h"
+#include "hal/ecdsa_types.h"
+#include "hal/efuse_hal.h"
+#include "hal/config.h"
+#include "soc/chip_revision.h"
+#include "soc/soc.h"
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Memory blocks of ECDSA parameters
+ */
+typedef enum {
+    ECDSA_PARAM_R,
+    ECDSA_PARAM_S,
+    ECDSA_PARAM_Z,
+    ECDSA_PARAM_QAX,
+    ECDSA_PARAM_QAY
+} ecdsa_ll_param_t;
+
+/**
+ * @brief Interrupt types in ECDSA
+ */
+typedef enum {
+    ECDSA_INT_CALC_DONE,
+    ECDSA_INT_SHA_RELEASE,
+} ecdsa_ll_intr_type_t;
+
+/**
+ * @brief Stages of ECDSA operation
+ */
+typedef enum {
+    ECDSA_STAGE_START_CALC,
+    ECDSA_STAGE_LOAD_DONE,
+    ECDSA_STAGE_GET_DONE
+} ecdsa_ll_stage_t;
+
+/**
+ * @brief States of ECDSA peripheral
+ */
+typedef enum {
+    ECDSA_STATE_IDLE,
+    ECDSA_STATE_LOAD,
+    ECDSA_STATE_GET,
+    ECDSA_STATE_BUSY
+} ecdsa_ll_state_t;
+
+/**
+ * @brief Types of SHA
+ */
+typedef enum {
+    ECDSA_SHA_224,
+    ECDSA_SHA_256
+} ecdsa_ll_sha_type_t;
+
+/**
+ * @brief Operation modes of SHA
+ */
+typedef enum {
+    ECDSA_MODE_SHA_START,
+    ECDSA_MODE_SHA_CONTINUE
+} ecdsa_ll_sha_mode_t;
+
+/**
+ * @brief Get the state of ECDSA peripheral
+ *
+ * @return State of ECDSA
+ */
+static inline uint32_t ecdsa_ll_get_state(void)
+{
+    return REG_GET_FIELD(ECDSA_STATE_REG, ECDSA_BUSY);
+}
+
+/**
+ * @brief Enable the bus clock for ECDSA peripheral module
+ *
+ * @param true to enable the module, false to disable the module
+ */
+static inline void ecdsa_ll_enable_bus_clock(bool enable)
+{
+    HP_SYS_CLKRST.peri_clk_ctrl25.reg_crypto_ecdsa_clk_en = enable;
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define ecdsa_ll_enable_bus_clock(...) do { \
+        (void)__DECLARE_RCC_ATOMIC_ENV; \
+        ecdsa_ll_enable_bus_clock(__VA_ARGS__); \
+    } while(0)
+
+/**
+ * @brief Reset the ECDSA peripheral module
+ */
+static inline void ecdsa_ll_reset_register(void)
+{
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_ecdsa = 1;
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_ecdsa = 0;
+
+    // Clear reset on parent crypto, otherwise ECDSA is held in reset
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_crypto = 0;
+
+    while (ecdsa_ll_get_state() != ECDSA_STATE_IDLE) {
+        ;
+    }
+}
+
+/**
+ * @brief Enable interrupt of a given type
+ *
+ * @param type Interrupt type
+ */
+static inline void ecdsa_ll_enable_intr(ecdsa_ll_intr_type_t type)
+{
+    switch (type) {
+        case ECDSA_INT_CALC_DONE:
+#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300
+            REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_PREP_DONE_INT_ENA, 1);
+#else
+            REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_CALC_DONE_INT_ENA, 1);
+#endif
+            break;
+        case ECDSA_INT_SHA_RELEASE:
+            REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_SHA_RELEASE_INT_ENA, 1);
+            break;
+        default:
+            HAL_ASSERT(false && "Unsupported interrupt type");
+            break;
+    }
+}
+
+/**
+ * @brief Disable interrupt of a given type
+ *
+ * @param type Interrupt type
+ */
+static inline void ecdsa_ll_disable_intr(ecdsa_ll_intr_type_t type)
+{
+    switch (type) {
+        case ECDSA_INT_CALC_DONE:
+#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300
+            REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_PREP_DONE_INT_ENA, 0);
+#else
+            REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_CALC_DONE_INT_ENA, 0);
+#endif
+            break;
+        case ECDSA_INT_SHA_RELEASE:
+            REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_SHA_RELEASE_INT_ENA, 0);
+            break;
+        default:
+            HAL_ASSERT(false && "Unsupported interrupt type");
+            break;
+    }
+}
+
+/**
+ * @brief Clear interrupt of a given type
+ *
+ * @param type Interrupt type
+ */
+static inline void ecdsa_ll_clear_intr(ecdsa_ll_intr_type_t type)
+{
+    switch (type) {
+        case ECDSA_INT_CALC_DONE:
+#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300
+            REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_PREP_DONE_INT_CLR, 1);
+#else
+            REG_SET_FIELD(ECDSA_INT_CLR_REG, ECDSA_CALC_DONE_INT_CLR, 1);
+#endif
+            break;
+        case ECDSA_INT_SHA_RELEASE:
+            REG_SET_FIELD(ECDSA_INT_CLR_REG, ECDSA_SHA_RELEASE_INT_CLR, 1);
+            break;
+        default:
+            HAL_ASSERT(false && "Unsupported interrupt type");
+            break;
+    }
+}
+
+/**
+ * @brief Set working mode of ECDSA
+ *
+ * @param mode Mode of operation
+ */
+static inline void ecdsa_ll_set_mode(ecdsa_mode_t mode)
+{
+    switch (mode) {
+    case ECDSA_MODE_SIGN_VERIFY:
+        REG_SET_FIELD(ECDSA_CONF_REG, ECDSA_WORK_MODE, 0);
+        break;
+    case ECDSA_MODE_SIGN_GEN:
+        REG_SET_FIELD(ECDSA_CONF_REG, ECDSA_WORK_MODE, 1);
+        break;
+    case ECDSA_MODE_EXPORT_PUBKEY:
+        REG_SET_FIELD(ECDSA_CONF_REG, ECDSA_WORK_MODE, 2);
+        break;
+    default:
+        HAL_ASSERT(false && "Unsupported mode");
+        break;
+    }
+}
+
+/**
+ * @brief Set curve for ECDSA operation
+ *
+ * @param curve ECDSA curve
+ */
+static inline void ecdsa_ll_set_curve(ecdsa_curve_t curve)
+{
+    switch (curve) {
+        case ECDSA_CURVE_SECP192R1:
+        case ECDSA_CURVE_SECP256R1:
+        case ECDSA_CURVE_SECP384R1:
+        case ECDSA_CURVE_SM2:
+            REG_SET_FIELD(ECDSA_CONF_REG, ECDSA_ECC_CURVE, curve);
+            break;
+        default:
+            HAL_ASSERT(false && "Unsupported curve");
+            return;
+    }
+}
+
+/**
+ * @brief Set the source of `Z` (SHA message)
+ *
+ * @param mode Mode of SHA generation
+ */
+static inline void ecdsa_ll_set_z_mode(ecdsa_ll_sha_mode_t mode)
+{
+    switch (mode) {
+    case ECDSA_Z_USE_SHA_PERI:
+        REG_CLR_BIT(ECDSA_CONF_REG, ECDSA_SOFTWARE_SET_Z);
+        break;
+    case ECDSA_Z_USER_PROVIDED:
+        REG_SET_BIT(ECDSA_CONF_REG, ECDSA_SOFTWARE_SET_Z);
+        break;
+    default:
+        HAL_ASSERT(false && "Unsupported curve");
+        break;
+    }
+}
+
+/**
+ * @brief Set the signature generation type of ECDSA operation
+ *
+ * @param type Type of the ECDSA signature
+ */
+static inline void ecdsa_ll_set_k_type(ecdsa_sign_type_t type)
+{
+    switch (type) {
+    case ECDSA_K_TYPE_TRNG:
+        REG_CLR_BIT(ECDSA_CONF_REG, ECDSA_DETERMINISTIC_K);
+        break;
+    case ECDSA_K_TYPE_DETERMINISITIC:
+        REG_SET_BIT(ECDSA_CONF_REG, ECDSA_DETERMINISTIC_K);
+        break;
+    default:
+        HAL_ASSERT(false && "Unsupported K type");
+        break;
+    }
+}
+
+/**
+ * @brief Set the loop number value that is used for deterministic derivation of K
+ *
+ * @param loop_number Loop number for deterministic K
+ */
+static inline void ecdsa_ll_set_deterministic_loop(uint16_t loop_number)
+{
+#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) < 300
+    REG_SET_FIELD(ECDSA_CONF_REG, ECDSA_DETERMINISTIC_LOOP, loop_number);
+#endif
+}
+
+/**
+ * @brief Set the stage of ECDSA operation
+ *
+ * @param stage Stage of operation
+ */
+static inline void ecdsa_ll_set_stage(ecdsa_ll_stage_t stage)
+{
+    switch (stage) {
+    case ECDSA_STAGE_START_CALC:
+        REG_SET_BIT(ECDSA_START_REG, ECDSA_START);
+        break;
+    case ECDSA_STAGE_LOAD_DONE:
+        REG_SET_BIT(ECDSA_START_REG, ECDSA_LOAD_DONE);
+        break;
+    case ECDSA_STAGE_GET_DONE:
+        REG_SET_BIT(ECDSA_START_REG, ECDSA_GET_DONE);
+        break;
+    default:
+        HAL_ASSERT(false && "Unsupported state");
+        break;
+    }
+}
+
+/**
+ * @brief Set the SHA type
+ *
+ * @param type Type of SHA
+ */
+static inline void ecdsa_ll_sha_set_type(ecdsa_ll_sha_type_t type)
+{
+    switch (type) {
+    case ECDSA_SHA_224:
+        REG_SET_FIELD(ECDSA_SHA_MODE_REG, ECDSA_SHA_MODE, 1);
+        break;
+    case ECDSA_SHA_256:
+        REG_SET_FIELD(ECDSA_SHA_MODE_REG, ECDSA_SHA_MODE, 2);
+        break;
+    default:
+        HAL_ASSERT(false && "Unsupported type");
+        break;
+    }
+}
+
+/**
+ * @brief Set the SHA operation mode
+ *
+ * @param mode Mode of SHA operation
+ */
+static inline void ecdsa_ll_sha_set_mode(ecdsa_ll_sha_mode_t mode)
+{
+    switch (mode) {
+    case ECDSA_MODE_SHA_START:
+        REG_SET_BIT(ECDSA_SHA_START_REG, ECDSA_SHA_START);
+        break;
+    case ECDSA_MODE_SHA_CONTINUE:
+        REG_SET_BIT(ECDSA_SHA_CONTINUE_REG, ECDSA_SHA_CONTINUE);
+        break;
+    default:
+        HAL_ASSERT(false && "Unsupported type");
+        break;
+    }
+}
+
+/**
+ * @brief Check if SHA is busy
+ *
+ * @return - true, if SHA is busy
+ *         - false, if SHA is IDLE
+ */
+static inline bool ecdsa_ll_sha_is_busy(void)
+{
+    return REG_GET_BIT(ECDSA_SHA_BUSY_REG, ECDSA_SHA_BUSY);
+}
+
+/**
+ * @brief Write the ECDSA parameter
+ *
+ * @param param Parameter to be written
+ * @param buf   Buffer containing data
+ * @param len   Length of buffer
+ */
+static inline void ecdsa_ll_write_param(ecdsa_ll_param_t param, const uint8_t *buf, uint16_t len)
+{
+    uint32_t reg;
+    uint32_t word;
+    switch (param) {
+    case ECDSA_PARAM_R:
+        reg = ECDSA_R_MEM;
+        break;
+    case ECDSA_PARAM_S:
+        reg = ECDSA_S_MEM;
+        break;
+    case ECDSA_PARAM_Z:
+        reg = ECDSA_Z_MEM;
+        break;
+    case ECDSA_PARAM_QAX:
+        reg = ECDSA_QAX_MEM;
+        break;
+    case ECDSA_PARAM_QAY:
+        reg = ECDSA_QAY_MEM;
+        break;
+    default:
+        HAL_ASSERT(false && "Invalid parameter");
+        return;
+    }
+
+    for (int i = 0; i < len; i += 4) {
+        memcpy(&word, buf + i, 4);
+        REG_WRITE(reg + i, word);
+    }
+}
+
+/**
+ * @brief Read the ECDSA parameter
+ *
+ * @param param Parameter to be read
+ * @param buf   Buffer where the data will be written
+ * @param len   Length of buffer
+ */
+static inline void ecdsa_ll_read_param(ecdsa_ll_param_t param, uint8_t *buf, uint16_t len)
+{
+    uint32_t reg;
+    switch (param) {
+    case ECDSA_PARAM_R:
+        reg = ECDSA_R_MEM;
+        break;
+    case ECDSA_PARAM_S:
+        reg = ECDSA_S_MEM;
+        break;
+    case ECDSA_PARAM_Z:
+        reg = ECDSA_Z_MEM;
+        break;
+    case ECDSA_PARAM_QAX:
+        reg = ECDSA_QAX_MEM;
+        break;
+    case ECDSA_PARAM_QAY:
+        reg = ECDSA_QAY_MEM;
+        break;
+    default:
+        HAL_ASSERT(false && "Invalid parameter");
+        return;
+    }
+
+    memcpy(buf, (void *)reg, len);
+}
+
+/**
+ * @brief Check if the ECDSA operation is successful
+ *
+ * @return - 1, if ECDSA operation succeeds
+ *         - 0, otherwise
+ */
+static inline int ecdsa_ll_get_operation_result(void)
+{
+    return REG_GET_BIT(ECDSA_RESULT_REG, ECDSA_OPERATION_RESULT);
+}
+
+/**
+ * @brief Check if the k value is greater than the curve order.
+ *
+ * @return 0, k value is not greater than the curve order. In this case, the k value is the set k value.
+ * @return 1, k value is greater than than the curve order. In this case, the k value is the set (k mod n).
+ */
+static inline int ecdsa_ll_check_k_value(void)
+{
+#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) < 300
+    return REG_GET_BIT(ECDSA_RESULT_REG, ECDSA_K_VALUE_WARNING);
+#else
+    return 0;
+#endif
+}
+
+/**
+ * @brief Check if the ECDSA deterministic mode is supported
+ */
+static inline bool ecdsa_ll_is_deterministic_mode_supported(void)
+{
+    return true;
+}
+
+/**
+ * @brief Set the ECDSA key block in eFuse
+ *
+ * @param curve    ECDSA curve type
+ * @param efuse_blk eFuse block number
+ */
+__attribute__((always_inline)) static inline void ecdsa_ll_set_ecdsa_key_blk(ecdsa_curve_t curve, int efuse_blk)
+{
+#ifdef EFUSE_CFG_ECDSA_BLK
+    (void) curve;
+    EFUSE.conf.cfg_ecdsa_blk = efuse_blk;
+#else
+    uint8_t efuse_blk_low = 0;
+    uint8_t efuse_blk_high = 0;
+    switch (curve) {
+    case ECDSA_CURVE_SECP192R1:
+        EFUSE.ecdsa.cfg_ecdsa_p192_blk = efuse_blk;
+        break;
+    case ECDSA_CURVE_SECP256R1:
+        EFUSE.ecdsa.cfg_ecdsa_p256_blk = efuse_blk;
+        break;
+    case ECDSA_CURVE_SECP384R1:
+        // ECDSA-p384 uses two efuse blocks to store the key. These two blocks are stored in a single integer
+        // where the least significant 4 bits store the low key block number and the next 4 more significant bits store the high key block number.
+        HAL_ECDSA_EXTRACT_KEY_BLOCKS(efuse_blk, efuse_blk_high, efuse_blk_low);
+        EFUSE.ecdsa.cfg_ecdsa_p384_h_blk = efuse_blk_high;
+        EFUSE.ecdsa.cfg_ecdsa_p384_l_blk = efuse_blk_low;
+        break;
+    default:
+        HAL_ASSERT(false && "Unsupported curve");
+        break;
+    }
+#endif
+}
+
+/**
+ * @brief Check if the ECDSA peripheral uses MPI module's memory
+ */
+static inline bool ecdsa_ll_is_mpi_required(void)
+{
+    return true;
+}
+
+/**
+ * @brief Check if the ECDSA peripheral is supported on this chip revision
+ * For ESP32-P4, ECDSA is only supported on eco5+ (major 3, minor 0+)
+ */
+static inline bool ecdsa_ll_is_supported(void)
+{
+    return ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 300);
+}
+
+#ifdef __cplusplus
+}
+#endif
@@ -18,7 +18,7 @@
 #include "soc/system_reg.h"
 #include "soc/hwcrypto_reg.h"
 #include "soc/hp_sys_clkrst_struct.h"
-#include "esp_hal_security/hmac_hal.h"
+#include "hal/hmac_hal.h"

 #define SHA256_BLOCK_SZ 64
 #define SHA256_DIGEST_SZ 32
@@ -19,7 +19,7 @@
 #include <stdbool.h>
 #include <string.h>

-#include "esp_hal_security/huk_types.h"
+#include "hal/huk_types.h"
 #include "soc/huk_reg.h"
 #include "soc/soc_caps.h"

@@ -16,7 +16,7 @@
 #include <string.h>

 #include "hal/assert.h"
-#include "esp_hal_security/key_mgr_types.h"
+#include "hal/key_mgr_types.h"
 #include "soc/keymng_reg.h"
 #include "soc/hp_sys_clkrst_struct.h"
 #include "hal/config.h"
@@ -9,7 +9,7 @@
 #include <string.h>
 #include <sys/param.h>
 #include "hal/assert.h"
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/hp_sys_clkrst_struct.h"
 #include "soc/mpi_periph.h"
 #include "soc/rsa_reg.h"
@@ -6,7 +6,7 @@
 #pragma once

 #include <stdbool.h>
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"
 #include "soc/hp_sys_clkrst_struct.h"
 #include "soc/hwcrypto_reg.h"

@@ -10,7 +10,7 @@
 #include <string.h>
 #include "soc/dport_reg.h"
 #include "soc/hwcrypto_reg.h"
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -9,7 +9,7 @@
 #include <string.h>
 #include <sys/param.h>
 #include "hal/assert.h"
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/hwcrypto_periph.h"
 #include "soc/dport_reg.h"
 #include "soc/mpi_periph.h"
@@ -8,7 +8,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"
 #include "soc/dport_reg.h"
 #include "hal/mmu_ll.h"

@@ -10,7 +10,7 @@
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/system_struct.h"
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -13,7 +13,7 @@
 #include "soc/hwcrypto_reg.h"
 #include "soc/soc_caps.h"
 #include "soc/system_struct.h"
-#include "esp_hal_security/ds_types.h"
+#include "hal/ds_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -17,7 +17,7 @@

 #include "soc/hwcrypto_reg.h"
 #include "soc/system_struct.h"
-#include "esp_hal_security/hmac_types.h"
+#include "hal/hmac_types.h"

 #define SHA256_BLOCK_SZ 64
 #define SHA256_DIGEST_SZ 32
@@ -9,7 +9,7 @@
 #include <string.h>
 #include <sys/param.h>
 #include "hal/assert.h"
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/hwcrypto_periph.h"
 #include "soc/dport_reg.h"
 #include "soc/mpi_periph.h"
@@ -9,7 +9,7 @@
 #include "soc/dport_reg.h"
 #include "soc/hwcrypto_reg.h"
 #include "soc/system_struct.h"
-#include "esp_hal_security/sha_types.h"
+#include "hal/sha_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -1,18 +1,18 @@
 /*
- * SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2026 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */

 #include "stdio.h"
-#include "esp_hal_security/hmac_hal.h"
-#include "esp_hal_security/hmac_ll.h"
+#include "hal/hmac_hal.h"
+#include "hal/hmac_ll.h"
 #include "hal/assert.h"
 #include "soc/soc_caps.h"

 #if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY
-#include "esp_hal_security/key_mgr_hal.h"
-#include "esp_hal_security/key_mgr_ll.h"
+#include "hal/key_mgr_hal.h"
+#include "hal/key_mgr_ll.h"
 #endif

 void hmac_hal_start(void)
@@ -1,13 +1,13 @@
 /*
- * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2026 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Apache-2.0
 */
 // The HAL layer for Hardware Unique Key(HUK) Generator

-#include "esp_hal_security/huk_hal.h"
-#include "esp_hal_security/huk_ll.h"
-#include "esp_hal_security/huk_types.h"
+#include "hal/huk_hal.h"
+#include "hal/huk_ll.h"
+#include "hal/huk_types.h"
 #include "hal/assert.h"
 #include "hal/log.h"
 #include "rom/km.h"
@@ -16,9 +16,9 @@
 #include <stddef.h>
 #include <stdbool.h>
 #include "soc/soc_caps.h"
-#include "esp_hal_security/aes_types.h"
+#include "hal/aes_types.h"
 #if SOC_AES_SUPPORTED
-#include "esp_hal_security/aes_ll.h"
+#include "hal/aes_ll.h"
 #endif

 #ifdef __cplusplus
@@ -13,8 +13,8 @@ extern "C" {
 #include "esp_err.h"
 #include "soc/soc_caps.h"
 #if SOC_APM_SUPPORTED
-#include "esp_hal_security/apm_ll.h"
-#include "esp_hal_security/apm_types.h"
+#include "hal/apm_ll.h"
+#include "hal/apm_types.h"

 #if SOC_IS(ESP32P4)

@@ -16,7 +16,7 @@
 #include <stddef.h>
 #include <stdbool.h>
 #include "soc/soc_caps.h"
-#include "esp_hal_security/ds_types.h"
+#include "hal/ds_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -15,7 +15,7 @@
 #include "stdint.h"
 #include <stdbool.h>
 #include "soc/soc_caps.h"
-#include "esp_hal_security/ecc_types.h"
+#include "hal/ecc_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -14,7 +14,7 @@

 #include <stdbool.h>
 #include <stdint.h>
-#include "esp_hal_security/ecdsa_types.h"
+#include "hal/ecdsa_types.h"
 #include "soc/soc_caps.h"
 #include "hal/config.h"

@@ -14,7 +14,7 @@

 #include <stdint.h>
 #include <stdbool.h>
-#include "esp_hal_security/hmac_types.h"
+#include "hal/hmac_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -10,7 +10,7 @@
 #include "soc/soc_caps.h"

 #if SOC_HUK_SUPPORTED
-#include "esp_hal_security/huk_types.h"
+#include "hal/huk_types.h"
 #include <stdint.h>
 #include "esp_err.h"

@@ -10,7 +10,7 @@
 #include "soc/soc_caps.h"

 #if SOC_KEY_MANAGER_SUPPORTED
-#include "esp_hal_security/key_mgr_types.h"
+#include "hal/key_mgr_types.h"

 #ifdef __cplusplus
 extern "C" {
@@ -15,7 +15,7 @@
 #include <stdbool.h>
 #include <stdint.h>
 #include <sys/param.h>
-#include "esp_hal_security/mpi_types.h"
+#include "hal/mpi_types.h"
 #include "soc/soc_caps.h"

 #ifdef __cplusplus
--- a/Show More
+++ b/Show More