diff --git a/components/esp_rom/esp32p4/include/esp32p4/rom/key_mgr.h b/components/esp_rom/esp32p4/include/esp32p4/rom/key_mgr.h index eb0914f4b9..c28d56c121 100644 --- a/components/esp_rom/esp32p4/include/esp32p4/rom/key_mgr.h +++ b/components/esp_rom/esp32p4/include/esp32p4/rom/key_mgr.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -17,9 +17,10 @@ extern "C" { #endif -// store huk info, occupy 96 words struct huk_info { -#define HUK_INFO_LEN 384 +// store huk info, occupy 165 words +#define HUK_INFO_LEN 660 + uint8_t info[HUK_INFO_LEN]; uint32_t crc; } PACKED_ATTR; @@ -35,8 +36,7 @@ struct huk_key_block { #define KEY_HUK_SECTOR_MAGIC 0xDEA5CE5A uint32_t magic; uint32_t version; // for backward compatibility - uint8_t key_type; - uint8_t reserved[15]; + uint8_t reserved[16]; struct huk_info huk_info; struct key_info key_info[2]; // at most 2 key info (XTS-512_1 and XTS-512_2), at least use 1 } WORD_ALIGNED_ATTR PACKED_ATTR; @@ -56,10 +56,18 @@ struct huk_key_block { #define KM_PERI_XTS (BIT(1)) struct km_deploy_ops { -#define KM_KEY_PURPOSE_ECDSA 1 -#define KM_KEY_PURPOSE_XTS_256_1 2 -#define KM_KEY_PURPOSE_XTS_256_2 3 -#define KM_KEY_PURPOSE_XTS_128 4 +#define KM_KEY_PURPOSE_ECDSA_KEY_192 1 +#define KM_KEY_PURPOSE_ECDSA_KEY_256 2 +#define KM_KEY_PURPOSE_FLASH_XTS_256_1 3 +#define KM_KEY_PURPOSE_FLASH_XTS_256_2 4 +#define KM_KEY_PURPOSE_FLASH_XTS_128 5 +#define KM_KEY_PURPOSE_HMAC 6 +#define KM_KEY_PURPOSE_DS 7 +#define KM_KEY_PURPOSE_PSRAM_XTS_256_1 8 +#define KM_KEY_PURPOSE_PSRAM_XTS_256_2 9 +#define KM_KEY_PURPOSE_PSRAM_XTS_128 10 +#define KM_KEY_PURPOSE_ECDSA_KEY_384_L 11 +#define KM_KEY_PURPOSE_ECDSA_KEY_384_H 12 int km_key_purpose; #define KM_DEPLOY_MODE_RANDOM 0 #define KM_DEPLOY_MODE_AES 1 diff --git a/components/esp_security/src/esp_ds.c b/components/esp_security/src/esp_ds.c index 0ca22898ee..82bb521f01 100644 --- a/components/esp_security/src/esp_ds.c +++ b/components/esp_security/src/esp_ds.c @@ -40,6 +40,7 @@ #ifdef SOC_KEY_MANAGER_DS_KEY_DEPLOY #include "hal/key_mgr_hal.h" +#include "hal/key_mgr_ll.h" #endif /** @@ -326,6 +327,10 @@ esp_err_t esp_ds_start_sign(const void *message, ds_acquire_enable(); #if SOC_KEY_MANAGER_DS_KEY_DEPLOY + if (!key_mgr_ll_is_supported()) { + assert(false && "Key manager is not supported"); + } + if (key_id == HMAC_KEY_KM) { key_mgr_hal_set_key_usage(ESP_KEY_MGR_DS_KEY, ESP_KEY_MGR_USE_OWN_KEY); ds_hal_set_key_source(DS_KEY_SOURCE_KEY_MGR); diff --git a/components/esp_security/src/esp_key_mgr.c b/components/esp_security/src/esp_key_mgr.c index 3c07e90156..43e5720d09 100644 --- a/components/esp_security/src/esp_key_mgr.c +++ b/components/esp_security/src/esp_key_mgr.c @@ -21,6 +21,7 @@ #include "hal/huk_hal.h" #include "rom/key_mgr.h" +#if SOC_KEY_MANAGER_SUPPORTED static const char *TAG = "esp_key_mgr"; static _lock_t s_key_mgr_ecdsa_key_lock; @@ -914,3 +915,4 @@ esp_err_t esp_key_mgr_deploy_key_in_random_mode(const esp_key_mgr_random_key_con return esp_ret; } +#endif diff --git a/components/esp_security/src/init.c b/components/esp_security/src/init.c index 5f1bbfe561..17196935f3 100644 --- a/components/esp_security/src/init.c +++ b/components/esp_security/src/init.c @@ -29,13 +29,13 @@ __attribute__((unused)) static const char *TAG = "esp_security"; +#if SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT static void esp_key_mgr_init(void) { // The following code initializes the key manager. // When Flash Encryption is already enabled, Key Manager is initialized by the // ROM, and when Flash Encryption is enabled during boot up, Key Manager is // initialized by the bootloader. -#if SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT if (!efuse_hal_flash_encryption_enabled()) { // Enable key manager clock key_mgr_ll_power_up(); @@ -50,13 +50,17 @@ static void esp_key_mgr_init(void) // Force Key Manager to use eFuse key by-default for an XTS-AES operation. key_mgr_ll_set_key_usage(ESP_KEY_MGR_XTS_AES_128_KEY, ESP_KEY_MGR_USE_EFUSE_KEY); } -#endif /* SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT */ } +#endif /* SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT */ ESP_SYSTEM_INIT_FN(esp_security_init, SECONDARY, BIT(0), 103) { esp_crypto_clk_init(); + +#if SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT esp_key_mgr_init(); +#endif + #if CONFIG_ESP_CRYPTO_DPA_PROTECTION_AT_STARTUP esp_crypto_dpa_protection_startup(); #endif diff --git a/components/esp_security/test_apps/crypto_drivers/main/CMakeLists.txt b/components/esp_security/test_apps/crypto_drivers/main/CMakeLists.txt index b6ae16ae0a..c28bdcd955 100644 --- a/components/esp_security/test_apps/crypto_drivers/main/CMakeLists.txt +++ b/components/esp_security/test_apps/crypto_drivers/main/CMakeLists.txt @@ -8,7 +8,7 @@ if(CONFIG_SOC_DIG_SIGN_SUPPORTED) list(APPEND srcs "test_ds.c") endif() -if(CONFIG_SOC_KEY_MANAGER_SUPPORTED) +if(CONFIG_ESP_SECURITY_IS_KEY_MANAGER_SUPPORTED) list(APPEND srcs "test_key_mgr.c") endif() diff --git a/components/esp_security/test_apps/crypto_drivers/main/Kconfig.projbuild b/components/esp_security/test_apps/crypto_drivers/main/Kconfig.projbuild index 7cdf8c00fa..1659b2ab75 100644 --- a/components/esp_security/test_apps/crypto_drivers/main/Kconfig.projbuild +++ b/components/esp_security/test_apps/crypto_drivers/main/Kconfig.projbuild @@ -6,4 +6,12 @@ menu "ESP Security Tests" help This includes the esp_security tests that actually require burning some efuses. It is better to run these tests on an FPGA to avoid mistakenly burning eFuses. + + config ESP_SECURITY_IS_KEY_MANAGER_SUPPORTED + bool + default n if IDF_TARGET_ESP32P4 && ESP32P4_SELECTS_REV_LESS_V3 + default y + depends on SOC_KEY_MANAGER_SUPPORTED + help + A hidden config to determine if the Key Manager tests should be included. endmenu diff --git a/components/esp_security/test_apps/crypto_drivers/main/test_key_mgr.c b/components/esp_security/test_apps/crypto_drivers/main/test_key_mgr.c index 1b2a25a4b6..a2f9c01181 100644 --- a/components/esp_security/test_apps/crypto_drivers/main/test_key_mgr.c +++ b/components/esp_security/test_apps/crypto_drivers/main/test_key_mgr.c @@ -19,6 +19,9 @@ #include "esp_system.h" #include "unity_test_utils_memory.h" +#if SOC_KEY_MANAGER_SUPPORTED +#include "hal/key_mgr_ll.h" + #if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY #include "esp_hmac.h" #include "hmac_test_cases.h" @@ -394,3 +397,4 @@ TEST_CASE("Key Manager random mode: DS key deployment", "[hw_crypto] [key_mgr]") free(key_recovery_info); } #endif /* SOC_KEY_MANAGER_DS_KEY_DEPLOY */ +#endif /* SOC_KEY_MANAGER_SUPPORTED */ diff --git a/components/hal/ds_hal.c b/components/hal/ds_hal.c index 7591eff3a8..9890df41a1 100644 --- a/components/hal/ds_hal.c +++ b/components/hal/ds_hal.c @@ -7,6 +7,7 @@ #include "hal/systimer_hal.h" #include "hal/ds_hal.h" #include "hal/ds_ll.h" +#include "hal/assert.h" #include "soc/soc_caps.h" void ds_hal_start(void) @@ -29,7 +30,7 @@ void ds_hal_set_key_source(ds_key_source_t key_source) { ds_ll_set_key_source(key_source); } -#endif +#endif /* SOC_KEY_MANAGER_DS_KEY_DEPLOY */ void ds_hal_write_message(const uint8_t *msg, size_t size) { diff --git a/components/hal/ecdsa_hal.c b/components/hal/ecdsa_hal.c index 0c6a4a10dd..923119017b 100644 --- a/components/hal/ecdsa_hal.c +++ b/components/hal/ecdsa_hal.c @@ -19,6 +19,7 @@ #ifdef SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY #include "hal/key_mgr_hal.h" +#include "hal/key_mgr_ll.h" #endif #define ECDSA_HAL_P192_COMPONENT_LEN 24 @@ -40,9 +41,14 @@ static void configure_ecdsa_periph(ecdsa_hal_config_t *conf) { if (conf->use_km_key == 0) { + ecdsa_hal_set_efuse_key(conf->curve, conf->efuse_key_blk); #if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY + if (!key_mgr_ll_is_supported()) { + HAL_ASSERT(false && "Key manager is not supported"); + } + // Force Key Manager to use eFuse key for XTS-AES operation if (conf->curve == ECDSA_CURVE_SECP192R1) { key_mgr_hal_set_key_usage(ESP_KEY_MGR_ECDSA_192_KEY, ESP_KEY_MGR_USE_EFUSE_KEY); diff --git a/components/hal/esp32c5/include/hal/key_mgr_ll.h b/components/hal/esp32c5/include/hal/key_mgr_ll.h index 455979d4cf..ff35e84aaf 100644 --- a/components/hal/esp32c5/include/hal/key_mgr_ll.h +++ b/components/hal/esp32c5/include/hal/key_mgr_ll.h @@ -206,7 +206,7 @@ static inline void key_mgr_ll_set_key_usage(const esp_key_mgr_key_type_t key_typ } break; default: - HAL_ASSERT(false && "Unsupported mode"); + HAL_ASSERT(false && "Unsupported key type"); return; } } @@ -218,28 +218,23 @@ static inline esp_key_mgr_key_usage_t key_mgr_ll_get_key_usage(esp_key_mgr_key_t case ESP_KEY_MGR_ECDSA_256_KEY: case ESP_KEY_MGR_ECDSA_384_KEY: return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_ECDSA)); - break; case ESP_KEY_MGR_XTS_AES_128_KEY: case ESP_KEY_MGR_XTS_AES_256_KEY: return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_FLASH)); - break; case ESP_KEY_MGR_HMAC_KEY: return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_HMAC)); - break; case ESP_KEY_MGR_DS_KEY: return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_DS)); - break; case ESP_KEY_MGR_PSRAM_128_KEY: case ESP_KEY_MGR_PSRAM_256_KEY: return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_PSRAM)); - break; default: - HAL_ASSERT(false && "Unsupported mode"); + HAL_ASSERT(false && "Unsupported key type"); return ESP_KEY_MGR_USAGE_INVALID; } return ESP_KEY_MGR_USAGE_INVALID; @@ -288,7 +283,7 @@ static inline void key_mgr_ll_lock_use_efuse_key_reg(esp_key_mgr_key_type_t key_ break; default: - HAL_ASSERT(false && "Unsupported mode"); + HAL_ASSERT(false && "Unsupported key type"); return; } } @@ -331,28 +326,23 @@ static inline bool key_mgr_ll_is_key_deployment_valid(const esp_key_mgr_key_type return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_ECDSA_256_VLD); case ESP_KEY_MGR_ECDSA_384_KEY: return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_ECDSA_384_VLD); - break; case ESP_KEY_MGR_XTS_AES_128_KEY: case ESP_KEY_MGR_XTS_AES_256_KEY: return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_FLASH_VLD); - break; case ESP_KEY_MGR_HMAC_KEY: return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_HMAC_VLD); - break; case ESP_KEY_MGR_DS_KEY: return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_DS_VLD); - break; case ESP_KEY_MGR_PSRAM_128_KEY: case ESP_KEY_MGR_PSRAM_256_KEY: return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_PSRAM_VLD); - break; default: - HAL_ASSERT(false && "Unsupported mode"); + HAL_ASSERT(false && "Unsupported key type"); return 0; } } @@ -448,6 +438,11 @@ static inline uint32_t key_mgr_ll_get_date_info(void) return (uint32_t)(0x0FFFFFFF & REG_READ(KEYMNG_DATE_REG)); } +static inline bool key_mgr_ll_is_supported(void) +{ + return true; +} + #ifdef __cplusplus } #endif diff --git a/components/hal/esp32p4/include/hal/ds_ll.h b/components/hal/esp32p4/include/hal/ds_ll.h index 1d6437a8f1..c219b40e12 100644 --- a/components/hal/esp32p4/include/hal/ds_ll.h +++ b/components/hal/esp32p4/include/hal/ds_ll.h @@ -19,7 +19,7 @@ #include "soc/hp_sys_clkrst_struct.h" #include "soc/soc_caps.h" #include "hal/ds_types.h" - +#include "hal/config.h" #ifdef __cplusplus extern "C" { @@ -95,6 +95,16 @@ static inline ds_key_check_t ds_ll_key_error_source(void) } } +/** + * @brief Set the DS key source. + */ +static inline void ds_ll_set_key_source(ds_key_source_t key_source) +{ +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + REG_WRITE(DS_KEY_SOURCE_REG, key_source); +#endif /* HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 */ +} + /** * @brief Write the initialization vector to the corresponding register field. */ diff --git a/components/hal/esp32p4/include/hal/key_mgr_ll.h b/components/hal/esp32p4/include/hal/key_mgr_ll.h index c418c30c5f..dfc3b510a6 100644 --- a/components/hal/esp32p4/include/hal/key_mgr_ll.h +++ b/components/hal/esp32p4/include/hal/key_mgr_ll.h @@ -19,12 +19,32 @@ #include "hal/key_mgr_types.h" #include "soc/keymng_reg.h" #include "soc/hp_sys_clkrst_struct.h" -#include "esp_private/esp_crypto_lock_internal.h" +#include "hal/config.h" #ifdef __cplusplus extern "C" { #endif +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) < 300 +#define KEYMNG_USE_EFUSE_KEY_FLASH KEYMNG_USE_EFUSE_KEY_XTS +#define KEYMNG_USE_EFUSE_KEY_LOCK_FLASH KEYMNG_USE_EFUSE_KEY_LOCK_XTS +#define KEYMNG_KEY_FLASH_VLD KEYMNG_KEY_XTS_VLD +#define KEYMNG_KEY_FLASH_VLD_V KEYMNG_KEY_XTS_VLD_V +#define KEYMNG_KEY_FLASH_VLD_S KEYMNG_KEY_XTS_VLD_S +#define KEYMNG_KEY_ECDSA_192_VLD KEYMNG_KEY_ECDSA_VLD +#define KEYMNG_KEY_ECDSA_192_VLD_V KEYMNG_KEY_ECDSA_VLD_V +#define KEYMNG_KEY_ECDSA_192_VLD_S KEYMNG_KEY_ECDSA_VLD_S +#define KEYMNG_KEY_ECDSA_256_VLD KEYMNG_KEY_ECDSA_VLD +#define KEYMNG_KEY_ECDSA_256_VLD_V KEYMNG_KEY_ECDSA_VLD_V +#define KEYMNG_KEY_ECDSA_256_VLD_S KEYMNG_KEY_ECDSA_VLD_S +#define KEYMNG_KEY_ECDSA_384_VLD KEYMNG_KEY_ECDSA_VLD +#define KEYMNG_KEY_ECDSA_384_VLD_V KEYMNG_KEY_ECDSA_VLD_V +#define KEYMNG_KEY_ECDSA_384_VLD_S KEYMNG_KEY_ECDSA_VLD_S +#define KEYMNG_FLASH_KEY_LEN KEYMNG_XTS_AES_KEY_LEN +#define KEYMNG_FLASH_KEY_LEN_V KEYMNG_XTS_AES_KEY_LEN_V +#define KEYMNG_FLASH_KEY_LEN_S KEYMNG_XTS_AES_KEY_LEN_S +#endif + static inline void key_mgr_ll_power_up(void) { // TODO: IDF-13524 @@ -116,7 +136,6 @@ static inline void key_mgr_ll_continue(void) REG_SET_BIT(KEYMNG_START_REG, KEYMNG_CONTINUE); } - /* @brief Enable or Disable the KEY_MGR interrupts */ static inline void key_mgr_ll_configure_interrupt(const esp_key_mgr_interrupt_type_t intr, bool en) { @@ -153,7 +172,6 @@ static inline void key_mgr_ll_clear_int(const esp_key_mgr_interrupt_type_t intr) } } - /** * @brief Set the key manager to use the software provided init key */ @@ -171,20 +189,48 @@ static inline void key_mgr_ll_set_key_usage(const esp_key_mgr_key_type_t key_typ switch (key_type) { case ESP_KEY_MGR_ECDSA_192_KEY: case ESP_KEY_MGR_ECDSA_256_KEY: + case ESP_KEY_MGR_ECDSA_384_KEY: if (key_usage == ESP_KEY_MGR_USE_EFUSE_KEY) { REG_SET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_ECDSA); } else { REG_CLR_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_ECDSA); } break; + case ESP_KEY_MGR_XTS_AES_128_KEY: case ESP_KEY_MGR_XTS_AES_256_KEY: - if (key_usage == ESP_KEY_MGR_USE_EFUSE_KEY) { - REG_SET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_XTS); - } else { - REG_CLR_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_XTS); - } + if (key_usage == ESP_KEY_MGR_USE_EFUSE_KEY) { + REG_SET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_FLASH); + } else { + REG_CLR_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_FLASH); + } + break; +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + case ESP_KEY_MGR_HMAC_KEY: + if (key_usage == ESP_KEY_MGR_USE_EFUSE_KEY) { + REG_SET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_HMAC); + } else { + REG_CLR_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_HMAC); + } + break; + + case ESP_KEY_MGR_DS_KEY: + if (key_usage == ESP_KEY_MGR_USE_EFUSE_KEY) { + REG_SET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_DS); + } else { + REG_CLR_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_DS); + } + break; + + case ESP_KEY_MGR_PSRAM_128_KEY: + case ESP_KEY_MGR_PSRAM_256_KEY: + if (key_usage == ESP_KEY_MGR_USE_EFUSE_KEY) { + REG_SET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_PSRAM); + } else { + REG_CLR_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_PSRAM); + } break; +#endif default: HAL_ASSERT(false && "Unsupported mode"); return; @@ -196,14 +242,28 @@ static inline esp_key_mgr_key_usage_t key_mgr_ll_get_key_usage(esp_key_mgr_key_t switch (key_type) { case ESP_KEY_MGR_ECDSA_192_KEY: case ESP_KEY_MGR_ECDSA_256_KEY: + case ESP_KEY_MGR_ECDSA_384_KEY: return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_ECDSA)); break; case ESP_KEY_MGR_XTS_AES_128_KEY: case ESP_KEY_MGR_XTS_AES_256_KEY: - return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_XTS)); - break; + return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_FLASH)); + break; +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + case ESP_KEY_MGR_HMAC_KEY: + return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_HMAC)); + break; + case ESP_KEY_MGR_DS_KEY: + return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_DS)); + break; + + case ESP_KEY_MGR_PSRAM_128_KEY: + case ESP_KEY_MGR_PSRAM_256_KEY: + return (esp_key_mgr_key_usage_t) (REG_GET_BIT(KEYMNG_STATIC_REG, KEYMNG_USE_EFUSE_KEY_PSRAM)); + break; +#endif default: HAL_ASSERT(false && "Unsupported mode"); return ESP_KEY_MGR_USAGE_INVALID; @@ -231,12 +291,28 @@ static inline void key_mgr_ll_lock_use_efuse_key_reg(esp_key_mgr_key_type_t key_ switch(key_type) { case ESP_KEY_MGR_ECDSA_192_KEY: case ESP_KEY_MGR_ECDSA_256_KEY: + case ESP_KEY_MGR_ECDSA_384_KEY: REG_SET_BIT(KEYMNG_LOCK_REG, KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA); break; + case ESP_KEY_MGR_XTS_AES_128_KEY: case ESP_KEY_MGR_XTS_AES_256_KEY: - REG_SET_BIT(KEYMNG_LOCK_REG, KEYMNG_USE_EFUSE_KEY_LOCK_XTS); - break; + REG_SET_BIT(KEYMNG_LOCK_REG, KEYMNG_USE_EFUSE_KEY_LOCK_FLASH); + break; +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + case ESP_KEY_MGR_HMAC_KEY: + REG_SET_BIT(KEYMNG_LOCK_REG, KEYMNG_USE_EFUSE_KEY_LOCK_HMAC); + break; + + case ESP_KEY_MGR_DS_KEY: + REG_SET_BIT(KEYMNG_LOCK_REG, KEYMNG_USE_EFUSE_KEY_LOCK_DS); + break; + + case ESP_KEY_MGR_PSRAM_128_KEY: + case ESP_KEY_MGR_PSRAM_256_KEY: + REG_SET_BIT(KEYMNG_LOCK_REG, KEYMNG_USE_EFUSE_KEY_LOCK_PSRAM); + break; +#endif default: HAL_ASSERT(false && "Unsupported key type"); return; @@ -246,21 +322,7 @@ static inline void key_mgr_ll_lock_use_efuse_key_reg(esp_key_mgr_key_type_t key_ /* @brief Configure the key purpose to be used by the Key Manager for key generator operation */ static inline void key_mgr_ll_set_key_purpose(const esp_key_mgr_key_purpose_t key_purpose) { - switch(key_purpose) { - case ESP_KEY_MGR_KEY_PURPOSE_ECDSA_192: - case ESP_KEY_MGR_KEY_PURPOSE_ECDSA_256: - REG_SET_FIELD(KEYMNG_CONF_REG, KEYMNG_KEY_PURPOSE, KEYMNG_KEY_PURPOSE_ECDSA); - break; - case ESP_KEY_MGR_KEY_PURPOSE_XTS_AES_256_1: - REG_SET_FIELD(KEYMNG_CONF_REG, KEYMNG_KEY_PURPOSE, KEYMNG_KEY_PURPOSE_XTS_AES_256_1); - break; - case ESP_KEY_MGR_KEY_PURPOSE_XTS_AES_256_2: - REG_SET_FIELD(KEYMNG_CONF_REG, KEYMNG_KEY_PURPOSE, KEYMNG_KEY_PURPOSE_XTS_AES_256_2); - break; - default: - HAL_ASSERT(false && "Unsupported mode"); - return; - } + REG_SET_FIELD(KEYMNG_CONF_REG, KEYMNG_KEY_PURPOSE, key_purpose); } /** @@ -289,17 +351,27 @@ static inline bool key_mgr_ll_is_result_success(void) static inline bool key_mgr_ll_is_key_deployment_valid(const esp_key_mgr_key_type_t key_type) { switch (key_type) { - case ESP_KEY_MGR_ECDSA_192_KEY: + return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_ECDSA_192_VLD); case ESP_KEY_MGR_ECDSA_256_KEY: - return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_ECDSA_VLD); - break; + return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_ECDSA_256_VLD); + case ESP_KEY_MGR_ECDSA_384_KEY: + return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_ECDSA_384_VLD); case ESP_KEY_MGR_XTS_AES_128_KEY: case ESP_KEY_MGR_XTS_AES_256_KEY: - return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_XTS_VLD); - break; + return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_FLASH_VLD); +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + case ESP_KEY_MGR_HMAC_KEY: + return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_HMAC_VLD); + case ESP_KEY_MGR_DS_KEY: + return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_DS_VLD); + + case ESP_KEY_MGR_PSRAM_128_KEY: + case ESP_KEY_MGR_PSRAM_256_KEY: + return REG_GET_FIELD(KEYMNG_KEY_VLD_REG, KEYMNG_KEY_PSRAM_VLD); +#endif default: HAL_ASSERT(false && "Unsupported mode"); return 0; @@ -367,17 +439,31 @@ static inline bool key_mgr_ll_is_huk_valid(void) { return REG_GET_FIELD(KEYMNG_HUK_VLD_REG, KEYMNG_HUK_VALID); } - -/* @brief Set the AES-XTS key length for the Key Manager */ -static inline void key_mgr_ll_set_xts_aes_key_len(const esp_key_mgr_xts_aes_key_len_t key_len) +/* @brief Set the XTS-AES (Flash Encryption) key length for the Key Manager */ +static inline void key_mgr_ll_set_xts_aes_key_len(const esp_key_mgr_key_type_t key_type, const esp_key_mgr_xts_aes_key_len_t key_len) { - REG_SET_FIELD(KEYMNG_STATIC_REG, KEYMNG_XTS_AES_KEY_LEN, key_len); + if (key_type == ESP_KEY_MGR_XTS_AES_128_KEY || key_type == ESP_KEY_MGR_XTS_AES_256_KEY) { + REG_SET_FIELD(KEYMNG_STATIC_REG, KEYMNG_FLASH_KEY_LEN, key_len); + } +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + else if (key_type == ESP_KEY_MGR_PSRAM_128_KEY || key_type == ESP_KEY_MGR_PSRAM_256_KEY) { + REG_SET_FIELD(KEYMNG_STATIC_REG, KEYMNG_PSRAM_KEY_LEN, key_len); + } +#endif } -/* @brief Get the AES-XTS key length for the Key Manager */ -static inline esp_key_mgr_xts_aes_key_len_t key_mgr_ll_get_xts_aes_key_len(void) +/* @brief Get the XTS-AES (Flash Encryption) key length for the Key Manager */ +static inline esp_key_mgr_xts_aes_key_len_t key_mgr_ll_get_xts_aes_key_len(const esp_key_mgr_key_type_t key_type) { - return (esp_key_mgr_xts_aes_key_len_t) REG_GET_FIELD(KEYMNG_STATIC_REG, KEYMNG_XTS_AES_KEY_LEN); + if (key_type == ESP_KEY_MGR_XTS_AES_128_KEY || key_type == ESP_KEY_MGR_XTS_AES_256_KEY) { + return (esp_key_mgr_xts_aes_key_len_t) REG_GET_FIELD(KEYMNG_STATIC_REG, KEYMNG_FLASH_KEY_LEN); + } else { +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + return (esp_key_mgr_xts_aes_key_len_t) REG_GET_FIELD(KEYMNG_STATIC_REG, KEYMNG_PSRAM_KEY_LEN); +#else + HAL_ASSERT(false && "Unsupported key type"); +#endif + } } /** @@ -385,10 +471,19 @@ static inline esp_key_mgr_xts_aes_key_len_t key_mgr_ll_get_xts_aes_key_len(void) */ static inline uint32_t key_mgr_ll_get_date_info(void) { - // Only the lest siginificantt 28 bits have desired information + // Only the least significant 28 bits have desired information return (uint32_t)(0x0FFFFFFF & REG_READ(KEYMNG_DATE_REG)); } +static inline bool key_mgr_ll_is_supported(void) +{ +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) < 300 + return false; +#else + return true; +#endif +} + #ifdef __cplusplus } #endif diff --git a/components/hal/hmac_hal.c b/components/hal/hmac_hal.c index 99bb565863..fc77233848 100644 --- a/components/hal/hmac_hal.c +++ b/components/hal/hmac_hal.c @@ -7,10 +7,12 @@ #include "stdio.h" #include "hal/hmac_hal.h" #include "hal/hmac_ll.h" +#include "hal/assert.h" #include "soc/soc_caps.h" #if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY #include "hal/key_mgr_hal.h" +#include "hal/key_mgr_ll.h" #endif void hmac_hal_start(void) @@ -26,6 +28,10 @@ uint32_t hmac_hal_configure(hmac_hal_output_t config, uint32_t key_id) #if SOC_KEY_MANAGER_HMAC_KEY_DEPLOY if (key_id == HMAC_KEY_KM) { + if (!key_mgr_ll_is_supported()) { + HAL_ASSERT(false && "Key manager is not supported"); + } + if (config == HMAC_OUTPUT_USER) { key_mgr_hal_set_key_usage(ESP_KEY_MGR_HMAC_KEY, ESP_KEY_MGR_USE_OWN_KEY); } else { diff --git a/components/hal/huk_hal.c b/components/hal/huk_hal.c index c9f9e51399..a274219162 100644 --- a/components/hal/huk_hal.c +++ b/components/hal/huk_hal.c @@ -15,6 +15,7 @@ #include "esp_err.h" #include "soc/soc_caps.h" +#if SOC_KEY_MANAGER_SUPPORTED esp_huk_state_t huk_hal_get_state(void) { return huk_ll_get_state(); @@ -52,3 +53,4 @@ void huk_hal_recharge_huk_memory(void) huk_ll_recharge_huk_memory(); } #endif +#endif diff --git a/components/hal/test_apps/crypto/CMakeLists.txt b/components/hal/test_apps/crypto/CMakeLists.txt index 213af4cade..a9af3ba145 100644 --- a/components/hal/test_apps/crypto/CMakeLists.txt +++ b/components/hal/test_apps/crypto/CMakeLists.txt @@ -1,7 +1,5 @@ cmake_minimum_required(VERSION 3.22) -set(COMPONENTS main) - set(EXTRA_COMPONENT_DIRS "$ENV{IDF_PATH}/tools/test_apps/components") include($ENV{IDF_PATH}/tools/cmake/project.cmake) diff --git a/components/hal/test_apps/crypto/main/CMakeLists.txt b/components/hal/test_apps/crypto/main/CMakeLists.txt index e63a848486..9b3a118fe8 100644 --- a/components/hal/test_apps/crypto/main/CMakeLists.txt +++ b/components/hal/test_apps/crypto/main/CMakeLists.txt @@ -21,7 +21,7 @@ if(CONFIG_SOC_ECDSA_SUPPORTED) list(APPEND srcs "ecdsa/test_ecdsa.c") endif() -if(CONFIG_SOC_KEY_MANAGER_SUPPORTED) +if(CONFIG_CRYPTO_IS_KEY_MANAGER_SUPPORTED) list(APPEND srcs "key_manager/test_key_manager.c" "$ENV{IDF_PATH}/components/esp_security/src/esp_key_mgr.c") list(APPEND priv_include_dirs "$ENV{IDF_PATH}/components/esp_security/include") diff --git a/components/hal/test_apps/crypto/main/Kconfig.projbuild b/components/hal/test_apps/crypto/main/Kconfig.projbuild index ff8977805f..823eeb9bc6 100644 --- a/components/hal/test_apps/crypto/main/Kconfig.projbuild +++ b/components/hal/test_apps/crypto/main/Kconfig.projbuild @@ -37,9 +37,17 @@ menu "Test App Configuration" config CRYPTO_TESTAPP_USE_AES_INTERRUPT bool "Use interrupt for long AES operations" - depends on SOC_AES_SUPPORTED + depends on SOC_AES_SUPPORTED default n help Use an interrupt to coordinate long AES operations. + config CRYPTO_IS_KEY_MANAGER_SUPPORTED + bool + default n if IDF_TARGET_ESP32P4 && ESP32P4_SELECTS_REV_LESS_V3 + default y + depends on SOC_KEY_MANAGER_SUPPORTED + help + A hidden config to determine if the Key Manager tests should be included. + endmenu diff --git a/components/hal/test_apps/crypto/main/app_main.c b/components/hal/test_apps/crypto/main/app_main.c index 7449b2483e..b7e8e6119e 100644 --- a/components/hal/test_apps/crypto/main/app_main.c +++ b/components/hal/test_apps/crypto/main/app_main.c @@ -6,6 +6,7 @@ #include "freertos/FreeRTOS.h" #include "freertos/task.h" +#include "sdkconfig.h" #include "unity.h" #include "unity_fixture.h" #include "unity_fixture_extras.h" @@ -30,7 +31,7 @@ static void run_all_tests(void) #endif /* !CONFIG_SOC_SHA_SUPPORT_PARALLEL_ENG*/ #endif -#if CONFIG_SOC_KEY_MANAGER_SUPPORTED +#if CONFIG_CRYPTO_IS_KEY_MANAGER_SUPPORTED RUN_TEST_GROUP(key_manager); #endif diff --git a/components/hal/test_apps/crypto/main/ds/test_ds.c b/components/hal/test_apps/crypto/main/ds/test_ds.c index 5f9531b3c7..bf7962ec89 100644 --- a/components/hal/test_apps/crypto/main/ds/test_ds.c +++ b/components/hal/test_apps/crypto/main/ds/test_ds.c @@ -93,6 +93,10 @@ static esp_err_t esp_ds_start_sign(const void *message, const esp_ds_data_t *dat #if SOC_KEY_MANAGER_DS_KEY_DEPLOY if (key_id == HMAC_KEY_KM) { + if (!key_mgr_ll_is_supported()) { + HAL_ASSERT(false && "Key manager is not supported"); + } + ds_hal_set_key_source(DS_KEY_SOURCE_KEY_MGR); } else { ds_hal_set_key_source(DS_KEY_SOURCE_EFUSE); diff --git a/components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py b/components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py index 3853455e1e..e271b3d48b 100644 --- a/components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py +++ b/components/hal/test_apps/crypto/main/key_manager/gen_key_manager_test_cases.py @@ -148,11 +148,11 @@ def generate_k1_G(key_file_path: str) -> tuple: def generate_hmac_test_data(key: bytes) -> tuple: hmac_message = ( - 'Deleniti voluptas explicabo et assumenda. Sed et aliquid minus quis. ' - 'Praesentium cupiditate quia nemo est. Laboriosam pariatur ut distinctio tenetur. ' - 'Sunt architecto iure aspernatur soluta ut recusandae. ' - 'Ut quibusdam occaecati ut qui sit dignissimos eaque..' - ).encode('utf-8') + b'Deleniti voluptas explicabo et assumenda. Sed et aliquid minus quis. ' + b'Praesentium cupiditate quia nemo est. Laboriosam pariatur ut distinctio tenetur. ' + b'Sunt architecto iure aspernatur soluta ut recusandae. ' + b'Ut quibusdam occaecati ut qui sit dignissimos eaque..' + ) hmac_result = hmac.HMAC(key, hmac_message, hashlib.sha256).digest() return hmac_message, hmac_result @@ -179,22 +179,18 @@ def number_as_bignum_words(number): # type: (int) -> str return '{ ' + ', '.join(result) + ' }' -def generate_ds_encrypted_input_params(aes_key: bytes, target: str) -> tuple: - iv = os.urandom(16) - max_key_size = max(supported_ds_key_size[target]) - key_size = max_key_size - private_key = rsa.generate_private_key(public_exponent=65537, key_size=key_size, backend=default_backend()) - +def generate_ds_encrypted_input_params(aes_key: bytes, max_key_size: int, iv: bytes) -> tuple: + private_key = rsa.generate_private_key(public_exponent=65537, key_size=max_key_size, backend=default_backend()) priv_numbers = private_key.private_numbers() pub_numbers = private_key.public_key().public_numbers() Y = priv_numbers.d M = pub_numbers.n - rr = 1 << (key_size * 2) + rr = 1 << (max_key_size * 2) rinv = rr % pub_numbers.n mprime = -rsa._modinv(M, 1 << 32) mprime &= 0xFFFFFFFF - length = key_size // 32 - 1 + length = max_key_size // 32 - 1 # calculate MD from preceding values and IV # Y_max_key_size || M_max_key_size || Rb_max_key_size || M_prime32 || LENGTH32 || IV128 @@ -230,12 +226,12 @@ def generate_ds_encrypted_input_params(aes_key: bytes, target: str) -> tuple: encryptor = cipher.encryptor() ds_encrypted_input_params = encryptor.update(p) + encryptor.finalize() - mask = (1 << key_size) - 1 # truncate messages if needed + mask = (1 << max_key_size) - 1 # truncate messages if needed ds_message = random.randrange(0, 1 << max_key_size) ds_result = number_as_bytes(pow(ds_message & mask, Y, M)) - return number_as_bytes(ds_message), ds_encrypted_input_params, iv, key_size, ds_result + return number_as_bytes(ds_message), ds_encrypted_input_params, ds_result def write_to_c_header( @@ -254,77 +250,77 @@ def write_to_c_header( k1_G_1: bytes, hmac_message: bytes, hmac_result: bytes, - ds_message: bytes, - ds_encrypted_input_params: bytes, - ds_encrypted_input_params_iv: bytes, - ds_key_size: int, - ds_result: bytes, + ds_message_4096: bytes, + ds_encrypted_input_params_4096: bytes, + ds_result_4096: bytes, + ds_message_3072: bytes, + ds_encrypted_input_params_3072: bytes, + ds_result_3072: bytes, + ds_iv: bytes, ) -> None: with open('key_manager_test_cases.h', 'w', encoding='utf-8') as file: - header_content = """#include + header_content = f"""#include +#include "soc/soc_caps.h" #define TEST_COUNT 5 -typedef struct test_xts_data { +typedef struct test_xts_data {{ uint16_t data_size; uint32_t data_offset; uint8_t ciphertext[128]; -} test_xts_data_t; +}} test_xts_data_t; -typedef struct test_ecdsa_data { +typedef struct test_ecdsa_data {{ uint8_t pubx[32]; uint8_t puby[32]; -} test_ecdsa_data_t; +}} test_ecdsa_data_t; -typedef struct test_hmac_data { - uint8_t message[%d]; +typedef struct test_hmac_data {{ + uint8_t message[{len(hmac_message)}]; uint8_t hmac_result[32]; -} test_hmac_data_t; +}} test_hmac_data_t; -typedef struct test_ds_data { - uint8_t ds_message[%d / 8]; - uint8_t ds_encrypted_input_params[%d]; - uint8_t ds_encrypted_input_params_iv[16]; +typedef struct test_ds_data {{ +#if SOC_RSA_MAX_BIT_LEN == 4096 + uint8_t ds_message[4096 / 8]; + uint8_t ds_encrypted_input_params[1584]; + uint8_t ds_result[4096 / 8]; +#elif SOC_RSA_MAX_BIT_LEN == 3072 + uint8_t ds_message[3072 / 8]; + uint8_t ds_encrypted_input_params[1200]; + uint8_t ds_result[3072 / 8]; +#endif size_t ds_key_size; - uint8_t ds_result[%d]; -} test_ds_data_t; + uint8_t ds_encrypted_input_params_iv[16]; +}} test_ds_data_t; -typedef struct test_data { +typedef struct test_data {{ uint8_t init_key[32]; uint8_t k2_info[64]; uint8_t k1_encrypted[2][32]; // For both 256-bit and 512-bit keys uint8_t plaintext_data[128]; - union { + union {{ test_xts_data_t xts_test_data[TEST_COUNT]; test_ecdsa_data_t ecdsa_test_data; test_hmac_data_t hmac_test_data; test_ds_data_t ds_test_data; - }; -} test_data_aes_mode_t; + }}; +}} test_data_aes_mode_t; -typedef struct test_data_ecdh0 { +typedef struct test_data_ecdh0 {{ uint8_t plaintext_data[128]; uint8_t k1[2][32]; uint8_t k1_G[2][64]; -} test_data_ecdh0_mode_t; +}} test_data_ecdh0_mode_t; // For 32-byte k1 key -test_data_aes_mode_t test_data_xts_aes_128 = { - .init_key = { %s }, - .k2_info = { %s }, - .k1_encrypted = { { %s }, { } }, - .plaintext_data = { %s }, - .xts_test_data = { -""" % ( - len(hmac_message), - ds_key_size, - len(ds_encrypted_input_params), - len(ds_result), - key_to_c_format(init_key), - key_to_c_format(k2_info), - key_to_c_format(k1_encrypted_32_reversed[0]), - key_to_c_format(bytes(range(1, 129))), - ) +test_data_aes_mode_t test_data_xts_aes_128 = {{ + .init_key = {{ {key_to_c_format(init_key)} }}, + .k2_info = {{ {key_to_c_format(k2_info)} }}, + .k1_encrypted = {{ {{ {key_to_c_format(k1_encrypted_32_reversed[0])} }}, {{ }} }}, + .plaintext_data = {{ {key_to_c_format(bytes(range(1, 129)))} }}, + .xts_test_data = {{ +""" for data_size, flash_address, ciphertext in test_data_xts_aes_128: header_content += ( @@ -354,85 +350,65 @@ test_data_aes_mode_t test_data_xts_aes_128 = { ) header_content += '\t}\n};\n' - header_content += """ -test_data_aes_mode_t test_data_ecdsa = { - .init_key = { %s }, - .k2_info = { %s }, - .k1_encrypted = { { %s }, { } }, - .ecdsa_test_data = { - .pubx = { %s }, - .puby = { %s } - } -};\n -""" % ( - key_to_c_format(init_key), - key_to_c_format(k2_info), - key_to_c_format(k1_encrypted_32_reversed[0]), - key_to_c_format(pubx), - key_to_c_format(puby), - ) + header_content += f""" +test_data_aes_mode_t test_data_ecdsa = {{ + .init_key = {{ {key_to_c_format(init_key)} }}, + .k2_info = {{ {key_to_c_format(k2_info)} }}, + .k1_encrypted = {{ {{ {key_to_c_format(k1_encrypted_32_reversed[0])} }}, {{ }} }}, + .ecdsa_test_data = {{ + .pubx = {{ {key_to_c_format(pubx)} }}, + .puby = {{ {key_to_c_format(puby)} }} + }} +}}; +""" - header_content += """ -test_data_ecdh0_mode_t test_data_ecdh0 = { - .plaintext_data = { %s }, - .k1 = { - { %s }, - { %s }, - }, - .k1_G = { - { %s }, - { %s }, - } -};\n -""" % ( - key_to_c_format(bytes(range(1, 129))), - key_to_c_format(k1), - key_to_c_format(k1), - key_to_c_format(k1_G_0), - key_to_c_format(k1_G_1), - ) + header_content += f""" +test_data_ecdh0_mode_t test_data_ecdh0 = {{ + .plaintext_data = {{ {key_to_c_format(bytes(range(1, 129)))} }}, + .k1 = {{ + {{ {key_to_c_format(k1)} }}, + {{ {key_to_c_format(k1)} }}, + }}, + .k1_G = {{ + {{ {key_to_c_format(k1_G_0)} }}, + {{ {key_to_c_format(k1_G_1)} }}, + }} +}}; +""" - header_content += """ -test_data_aes_mode_t test_data_hmac = { - .init_key = { %s }, - .k2_info = { %s }, - .k1_encrypted = { { %s }, { } }, - .hmac_test_data = { - .message = { %s }, - .hmac_result = { %s } - } -};\n -""" % ( - key_to_c_format(init_key), - key_to_c_format(k2_info), - key_to_c_format(k1_encrypted_32[0]), - key_to_c_format(hmac_message), - key_to_c_format(hmac_result), - ) + header_content += f""" +test_data_aes_mode_t test_data_hmac = {{ + .init_key = {{ {key_to_c_format(init_key)} }}, + .k2_info = {{ {key_to_c_format(k2_info)} }}, + .k1_encrypted = {{ {{ {key_to_c_format(k1_encrypted_32[0])} }}, {{ }} }}, + .hmac_test_data = {{ + .message = {{ {key_to_c_format(hmac_message)} }}, + .hmac_result = {{ {key_to_c_format(hmac_result)} }} + }} +}}; +""" - header_content += """ -test_data_aes_mode_t test_data_ds = { - .init_key = { %s }, - .k2_info = { %s }, - .k1_encrypted = { { %s }, { } }, - .ds_test_data = { - .ds_message = { %s }, - .ds_encrypted_input_params = { %s }, - .ds_encrypted_input_params_iv = { %s }, - .ds_key_size = %d, - .ds_result = { %s } - } -};\n -""" % ( - key_to_c_format(init_key), - key_to_c_format(k2_info), - key_to_c_format(k1_encrypted_32_reversed[0]), - key_to_c_format(ds_message), - key_to_c_format(ds_encrypted_input_params), - key_to_c_format(ds_encrypted_input_params_iv), - ds_key_size, - key_to_c_format(ds_result), - ) + header_content += f""" +test_data_aes_mode_t test_data_ds = {{ + .init_key = {{ {key_to_c_format(init_key)} }}, + .k2_info = {{ {key_to_c_format(k2_info)} }}, + .k1_encrypted = {{ {{ {key_to_c_format(k1_encrypted_32_reversed[0])} }}, {{ }} }}, + .ds_test_data = {{ +#if SOC_DS_SIGNATURE_MAX_BIT_LEN == 4096 + .ds_message = {{ {key_to_c_format(ds_message_4096)} }}, + .ds_encrypted_input_params = {{ {key_to_c_format(ds_encrypted_input_params_4096)} }}, + .ds_key_size = 4096, + .ds_result = {{ {key_to_c_format(ds_result_4096)} }}, +#elif SOC_DS_SIGNATURE_MAX_BIT_LEN == 3072 + .ds_message = {{ {key_to_c_format(ds_message_3072)} }}, + .ds_encrypted_input_params = {{ {key_to_c_format(ds_encrypted_input_params_3072)} }}, + .ds_key_size = 3072, + .ds_result = {{ {key_to_c_format(ds_result_3072)} }}, +#endif + .ds_encrypted_input_params_iv = {{ {key_to_c_format(ds_iv)} }}, + }}, +}}; +""" file.write(header_content) @@ -472,8 +448,14 @@ def generate_tests_cases(target: str) -> None: hmac_message, hmac_result = generate_hmac_test_data(k1_32) - ds_message, ds_encrypted_input_params, ds_encrypted_input_params_iv, ds_key_size, ds_result = ( - generate_ds_encrypted_input_params(k1_32, target) + ds_iv = os.urandom(16) + + ds_message_4096, ds_encrypted_input_params_4096, ds_result_4096 = generate_ds_encrypted_input_params( + k1_32, 4096, ds_iv + ) + + ds_message_3072, ds_encrypted_input_params_3072, ds_result_3072 = generate_ds_encrypted_input_params( + k1_32, 3072, ds_iv ) write_to_c_header( @@ -492,11 +474,13 @@ def generate_tests_cases(target: str) -> None: k1_G_1, hmac_message, hmac_result, - ds_message, - ds_encrypted_input_params, - ds_encrypted_input_params_iv, - ds_key_size, - ds_result, + ds_message_4096, + ds_encrypted_input_params_4096, + ds_result_4096, + ds_message_3072, + ds_encrypted_input_params_3072, + ds_result_3072, + ds_iv, ) diff --git a/components/hal/test_apps/crypto/main/key_manager/key_manager_test_cases.h b/components/hal/test_apps/crypto/main/key_manager/key_manager_test_cases.h index 18ec4fd461..d6cfe6fd54 100644 --- a/components/hal/test_apps/crypto/main/key_manager/key_manager_test_cases.h +++ b/components/hal/test_apps/crypto/main/key_manager/key_manager_test_cases.h @@ -4,6 +4,7 @@ * SPDX-License-Identifier: Unlicense OR CC0-1.0 */ #include +#include "soc/soc_caps.h" #define TEST_COUNT 5 @@ -24,11 +25,17 @@ typedef struct test_hmac_data { } test_hmac_data_t; typedef struct test_ds_data { +#if SOC_RSA_MAX_BIT_LEN == 4096 + uint8_t ds_message[4096 / 8]; + uint8_t ds_encrypted_input_params[1584]; + uint8_t ds_result[4096 / 8]; +#elif SOC_RSA_MAX_BIT_LEN == 3072 uint8_t ds_message[3072 / 8]; uint8_t ds_encrypted_input_params[1200]; - uint8_t ds_encrypted_input_params_iv[16]; + uint8_t ds_result[3072 / 8]; +#endif size_t ds_key_size; - uint8_t ds_result[384]; + uint8_t ds_encrypted_input_params_iv[16]; } test_ds_data_t; typedef struct test_data { @@ -90,7 +97,6 @@ test_data_aes_mode_t test_data_ecdsa = { } }; - test_data_ecdh0_mode_t test_data_ecdh0 = { .plaintext_data = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x80 }, .k1 = { @@ -103,7 +109,6 @@ test_data_ecdh0_mode_t test_data_ecdh0 = { } }; - test_data_aes_mode_t test_data_hmac = { .init_key = { 0xee, 0x89, 0x95, 0xda, 0x3c, 0x8a, 0x43, 0x83, 0xa9, 0x4b, 0x25, 0x5b, 0x04, 0x7e, 0xf1, 0x57, 0xb8, 0xe8, 0x06, 0x45, 0x87, 0x76, 0xee, 0x1b, 0x4e, 0x2e, 0x55, 0xa7, 0x1f, 0x25, 0xe1, 0x94 }, .k2_info = { 0x8f, 0x96, 0x33, 0x47, 0xe1, 0xa5, 0x57, 0xe9, 0x2a, 0x51, 0xa9, 0xbe, 0x48, 0x84, 0x25, 0x4e, 0x6f, 0x50, 0x1c, 0x45, 0xdb, 0xb6, 0xfa, 0xeb, 0x35, 0xd2, 0x27, 0x91, 0x3f, 0x67, 0x57, 0xd9, 0xcb, 0x55, 0xe4, 0x2b, 0x18, 0x16, 0xe7, 0xce, 0x6c, 0xf2, 0x58, 0x71, 0x17, 0x76, 0x2a, 0x86, 0x05, 0xe7, 0x37, 0x45, 0x71, 0x34, 0xca, 0xaf, 0x60, 0x07, 0xdf, 0xf4, 0xd2, 0xee, 0x3d, 0x4b }, @@ -114,16 +119,22 @@ test_data_aes_mode_t test_data_hmac = { } }; - test_data_aes_mode_t test_data_ds = { .init_key = { 0xee, 0x89, 0x95, 0xda, 0x3c, 0x8a, 0x43, 0x83, 0xa9, 0x4b, 0x25, 0x5b, 0x04, 0x7e, 0xf1, 0x57, 0xb8, 0xe8, 0x06, 0x45, 0x87, 0x76, 0xee, 0x1b, 0x4e, 0x2e, 0x55, 0xa7, 0x1f, 0x25, 0xe1, 0x94 }, .k2_info = { 0x8f, 0x96, 0x33, 0x47, 0xe1, 0xa5, 0x57, 0xe9, 0x2a, 0x51, 0xa9, 0xbe, 0x48, 0x84, 0x25, 0x4e, 0x6f, 0x50, 0x1c, 0x45, 0xdb, 0xb6, 0xfa, 0xeb, 0x35, 0xd2, 0x27, 0x91, 0x3f, 0x67, 0x57, 0xd9, 0xcb, 0x55, 0xe4, 0x2b, 0x18, 0x16, 0xe7, 0xce, 0x6c, 0xf2, 0x58, 0x71, 0x17, 0x76, 0x2a, 0x86, 0x05, 0xe7, 0x37, 0x45, 0x71, 0x34, 0xca, 0xaf, 0x60, 0x07, 0xdf, 0xf4, 0xd2, 0xee, 0x3d, 0x4b }, .k1_encrypted = { { 0xe0, 0xe8, 0x41, 0xe3, 0xd0, 0x92, 0x71, 0x84, 0x4b, 0x02, 0x1e, 0xec, 0x14, 0xdd, 0xaf, 0xf8, 0x39, 0xf9, 0x6a, 0x8d, 0x1b, 0xd7, 0x64, 0x3b, 0x7b, 0xa6, 0x05, 0x42, 0x01, 0xfb, 0xab, 0xe1 }, { } }, .ds_test_data = { - .ds_message = { 0x61, 0xaf, 0x8a, 0x89, 0xd9, 0x0c, 0x47, 0x6f, 0x08, 0xf8, 0x39, 0x77, 0x6c, 0xf1, 0x24, 0x23, 0xaa, 0xe3, 0xa2, 0x68, 0x62, 0xa5, 0x45, 0x3b, 0x01, 0x1a, 0xc4, 0xf6, 0x0d, 0x20, 0x9d, 0x7e, 0xa9, 0xcd, 0x0a, 0x73, 0xc7, 0x27, 0xf6, 0xff, 0xf7, 0x97, 0x8d, 0xd3, 0x99, 0xbd, 0xcc, 0xdf, 0xa2, 0xc8, 0xf5, 0x84, 0x58, 0xce, 0xaf, 0xef, 0x62, 0x52, 0xfb, 0x0b, 0x3b, 0xd0, 0x55, 0xb4, 0x69, 0x2d, 0x33, 0xf4, 0xd9, 0x6f, 0x84, 0xba, 0x35, 0x98, 0x07, 0x13, 0x41, 0x2f, 0xab, 0xec, 0x9d, 0xf0, 0x69, 0xc5, 0x72, 0xde, 0x19, 0x0f, 0xac, 0xda, 0x9c, 0x89, 0x97, 0xfa, 0x6f, 0x88, 0xff, 0xc5, 0x14, 0x36, 0x7f, 0x53, 0x85, 0xcd, 0x07, 0x73, 0x52, 0xcc, 0xe2, 0x5a, 0xc3, 0x09, 0xc3, 0x4c, 0x3b, 0x9d, 0x9e, 0xaa, 0xe1, 0x69, 0x4a, 0xea, 0x38, 0xac, 0x38, 0x13, 0x50, 0x25, 0x4f, 0xe2, 0x01, 0x27, 0x82, 0xaa, 0x5e, 0x9c, 0xeb, 0x0b, 0xe1, 0x2b, 0x9a, 0x05, 0x71, 0xdd, 0xf5, 0x6b, 0xaa, 0x63, 0xdb, 0xa3, 0xbc, 0xff, 0x31, 0xf9, 0xdb, 0x1d, 0xe5, 0x5f, 0x82, 0xc3, 0x67, 0x9a, 0xee, 0x2b, 0xc6, 0xc6, 0xbb, 0x10, 0x2d, 0xa7, 0xa5, 0x16, 0x7b, 0x7a, 0x80, 0x81, 0xd2, 0xf3, 0xfd, 0x00, 0xd4, 0x8f, 0x7e, 0x5d, 0xba, 0xd5, 0xbd, 0x73, 0x51, 0x4a, 0x25, 0x13, 0x18, 0x3f, 0xbf, 0xd1, 0x4d, 0xc1, 0x23, 0x94, 0xc7, 0xb6, 0xd4, 0xa8, 0xd3, 0xa2, 0xcf, 0x7f, 0x0e, 0x1e, 0xa7, 0xd9, 0xce, 0x36, 0x3b, 0x04, 0x5f, 0xf8, 0x83, 0xc4, 0x21, 0xa0, 0x48, 0x3d, 0xe3, 0xc7, 0xf8, 0x41, 0x4e, 0x69, 0x18, 0x30, 0x4b, 0x36, 0x88, 0x9d, 0x33, 0x29, 0x7e, 0xe0, 0x6f, 0x93, 0x59, 0xa2, 0x0e, 0x50, 0xc9, 0x1d, 0x38, 0xe2, 0x1b, 0x68, 0xfa, 0xc1, 0x2f, 0x29, 0x35, 0x02, 0x65, 0x1a, 0x2b, 0x36, 0x98, 0x00, 0x3f, 0xf3, 0x6d, 0xa3, 0xbf, 0xe3, 0xd8, 0x39, 0x6e, 0x30, 0x1e, 0xd2, 0xe9, 0x58, 0xb0, 0xb0, 0x60, 0xc0, 0x85, 0x0b, 0x8d, 0x47, 0xa2, 0xcb, 0x67, 0x8a, 0xe3, 0x13, 0xec, 0x2d, 0x6d, 0x01, 0xf6, 0x6c, 0x07, 0xab, 0xfe, 0xe5, 0x29, 0xe9, 0x65, 0x3e, 0x55, 0x7a, 0x76, 0xcb, 0x45, 0xa1, 0x42, 0xa8, 0xa3, 0x34, 0x67, 0xb8, 0xec, 0x61, 0x00, 0xa7, 0xfc, 0xd0, 0xc3, 0xdb, 0xc9, 0xf9, 0xa1, 0x46, 0xf5, 0x8a, 0xc2, 0x96, 0xf4, 0xae, 0x34, 0xf9, 0xd8, 0x86, 0x9f, 0x67, 0x57, 0x58, 0xba, 0x46, 0x1b, 0x2f, 0xdf, 0x0f, 0x9c, 0x49, 0x21, 0x16, 0x2f, 0xb2, 0xc1, 0xa6, 0xe4, 0x8e, 0x4f, 0x87, 0x3d, 0x8c, 0x29, 0x03, 0x0a, 0x81, 0xbf, 0x3f, 0xa4, 0xee, 0x99, 0xd1, 0xbc, 0x01, 0x40, 0xfb, 0xdf, 0x1e, 0xe3, 0x71, 0x58, 0x5a }, - .ds_encrypted_input_params = { 0x1c, 0x8e, 0xa5, 0x03, 0xc3, 0x5e, 0xc3, 0xcc, 0xf6, 0x52, 0xda, 0x20, 0x95, 0xff, 0xf7, 0xe5, 0x36, 0x45, 0x4e, 0xae, 0xf6, 0x41, 0xcc, 0xda, 0x73, 0xa5, 0xfd, 0xa4, 0x56, 0x61, 0xaa, 0x5d, 0xf7, 0x55, 0xed, 0x01, 0x03, 0xd0, 0x15, 0x65, 0x32, 0x76, 0x38, 0xc4, 0x84, 0x25, 0x4f, 0x48, 0xe2, 0xe3, 0x1f, 0xf9, 0x16, 0xe2, 0xf2, 0x58, 0xde, 0x46, 0x2a, 0x92, 0x68, 0xb6, 0x1c, 0xe0, 0xde, 0x17, 0x77, 0x25, 0x06, 0xa2, 0x93, 0x02, 0xfe, 0x84, 0x72, 0xae, 0xba, 0x09, 0x45, 0xdc, 0x1e, 0x69, 0xa8, 0xbd, 0xfa, 0x34, 0xce, 0x58, 0x8c, 0x3a, 0x46, 0xab, 0xdc, 0x42, 0xa1, 0x54, 0x0d, 0x36, 0x91, 0x99, 0xe5, 0x27, 0x3c, 0x2b, 0x09, 0x7a, 0xc7, 0x79, 0xc0, 0x0f, 0x54, 0x02, 0xfa, 0x93, 0x95, 0xb0, 0xdd, 0xca, 0x26, 0xdc, 0x91, 0x65, 0x29, 0xf7, 0x19, 0xb0, 0xa8, 0xb3, 0xf8, 0xa4, 0xf8, 0xbc, 0x02, 0x84, 0x3d, 0xda, 0xef, 0x44, 0x48, 0xef, 0x06, 0xd8, 0x41, 0x44, 0x0d, 0x5c, 0xfa, 0x4c, 0xe2, 0x1a, 0x6e, 0x15, 0xf0, 0x74, 0xce, 0xfd, 0x61, 0xda, 0x83, 0xe4, 0x3a, 0xfc, 0xd3, 0xc4, 0xc2, 0x94, 0xb0, 0xf6, 0x80, 0x10, 0xf3, 0x6c, 0xa1, 0x3f, 0xe0, 0x55, 0x8e, 0x6d, 0x0c, 0x21, 0x3f, 0xfb, 0xe8, 0x61, 0x63, 0x01, 0x3f, 0x64, 0x93, 0xfc, 0x67, 0x0e, 0x0f, 0x85, 0x18, 0xe9, 0x34, 0x0b, 0x89, 0xa9, 0x87, 0x6f, 0xfe, 0x39, 0x91, 0x31, 0x42, 0xcd, 0x3c, 0xe0, 0x7b, 0x22, 0x46, 0xf2, 0xee, 0xb3, 0x4b, 0x5c, 0xd0, 0x6f, 0xb8, 0x0d, 0x24, 0x3d, 0x06, 0xf5, 0x13, 0x7c, 0x21, 0xb5, 0xc7, 0xd3, 0x0e, 0x9e, 0x53, 0x29, 0x19, 0x96, 0x76, 0xf3, 0x44, 0x69, 0x67, 0x3e, 0xb3, 0x3c, 0x89, 0x92, 0x6c, 0x86, 0xe3, 0x64, 0x5d, 0xc0, 0x8d, 0x7a, 0xfe, 0x01, 0x45, 0x98, 0x34, 0x3d, 0x26, 0x50, 0xd7, 0x33, 0xbb, 0xcf, 0xea, 0x53, 0x65, 0xb8, 0x4f, 0x51, 0x99, 0x91, 0x13, 0x32, 0xdd, 0x92, 0xd0, 0x22, 0xb2, 0xbd, 0x23, 0xed, 0xdf, 0x73, 0xea, 0x72, 0x02, 0x3d, 0x39, 0x38, 0x49, 0x18, 0x0a, 0xe7, 0x48, 0x96, 0xec, 0xce, 0x0c, 0x1a, 0x9f, 0xc5, 0x84, 0xfc, 0x95, 0x6c, 0x59, 0xb4, 0xda, 0x74, 0xb3, 0xd7, 0x94, 0xe4, 0x5c, 0xf3, 0x7f, 0xba, 0x17, 0x79, 0xf7, 0xdb, 0x1a, 0xd0, 0x51, 0xf5, 0xc6, 0xbd, 0x55, 0x1b, 0xcc, 0x67, 0x20, 0xc8, 0x70, 0x0d, 0xdc, 0x5d, 0x9d, 0xdd, 0x9e, 0x13, 0x6e, 0x4b, 0x07, 0x3b, 0x56, 0x34, 0x68, 0xe3, 0x9e, 0xa8, 0xa1, 0x46, 0xbb, 0x30, 0xb1, 0xc1, 0xef, 0xea, 0x86, 0xf7, 0x1f, 0x44, 0xee, 0xf5, 0x07, 0x73, 0x36, 0x78, 0xfd, 0x38, 0x43, 0xef, 0x7a, 0x93, 0x00, 0x4f, 0x6b, 0x69, 0xc5, 0x6a, 0x9d, 0xc7, 0x87, 0x99, 0xde, 0x19, 0xfa, 0x83, 0x65, 0x6e, 0x77, 0x5d, 0x09, 0x04, 0xb8, 0x7a, 0xfd, 0xc3, 0x6c, 0xb8, 0x48, 0xb4, 0x5a, 0x4b, 0x54, 0xb8, 0x52, 0xcc, 0x85, 0x9d, 0xd9, 0xa5, 0xa4, 0x49, 0x27, 0x56, 0x24, 0xfb, 0xc2, 0xf0, 0x81, 0x20, 0xa5, 0x00, 0xc7, 0xff, 0xd6, 0x9c, 0x08, 0x0f, 0xd4, 0xe4, 0x78, 0x96, 0xce, 0x53, 0xd5, 0x0b, 0xc3, 0x1a, 0xe5, 0xc9, 0xb2, 0x57, 0xea, 0x44, 0xd9, 0x74, 0x39, 0x6b, 0xd7, 0x73, 0x35, 0xd7, 0xb9, 0xa8, 0x25, 0x74, 0x90, 0xf2, 0x11, 0xd1, 0x65, 0xdc, 0xf7, 0x7d, 0x9a, 0x56, 0x01, 0x4b, 0x0d, 0x78, 0xe9, 0xd3, 0xe7, 0xae, 0x23, 0xe5, 0xa5, 0x1c, 0x8a, 0x0e, 0x95, 0xb6, 0xae, 0xdd, 0xdf, 0xcd, 0x89, 0xb7, 0x10, 0x54, 0x24, 0x69, 0x3e, 0xec, 0x66, 0x2b, 0x94, 0x3e, 0x6c, 0xcb, 0x70, 0x4c, 0xb9, 0xa8, 0x29, 0x97, 0xcd, 0xdb, 0x29, 0x3e, 0xd0, 0xbf, 0x5d, 0xa8, 0x55, 0x9d, 0x22, 0x3d, 0xb8, 0x84, 0xbc, 0xe2, 0xc4, 0x58, 0xe6, 0xbf, 0xd4, 0xd4, 0x99, 0xed, 0x85, 0x59, 0x5e, 0xb9, 0xc3, 0x8b, 0x78, 0x49, 0xd3, 0xea, 0xe3, 0x39, 0xb2, 0x5b, 0x37, 0x7a, 0xe9, 0x74, 0x14, 0x61, 0xb0, 0x05, 0x0f, 0x95, 0xca, 0xa6, 0xd7, 0x9e, 0xd6, 0x13, 0x7e, 0xda, 0xbc, 0x17, 0xee, 0x10, 0xcf, 0x10, 0xa4, 0x76, 0xd1, 0xff, 0xa7, 0xce, 0x5e, 0x66, 0xcd, 0x28, 0x12, 0x83, 0x73, 0x37, 0x59, 0x28, 0xac, 0x97, 0x3e, 0x82, 0xd6, 0x98, 0xd5, 0x34, 0xe2, 0xbf, 0xd8, 0xda, 0xad, 0x5e, 0x02, 0xdd, 0xe4, 0x50, 0xbb, 0x8f, 0x0d, 0x01, 0x36, 0x5c, 0xe0, 0x2d, 0xae, 0xa6, 0x09, 0xb9, 0xcf, 0x44, 0x36, 0x6b, 0x0c, 0xa9, 0x7f, 0x88, 0xd7, 0xd8, 0x6c, 0x98, 0xc9, 0x21, 0x70, 0xf7, 0x0d, 0x7e, 0x6d, 0x6b, 0x08, 0x09, 0xea, 0xbf, 0x95, 0xb1, 0xa3, 0x48, 0x73, 0xfc, 0xc0, 0xb8, 0x40, 0xee, 0xc6, 0xd0, 0xe1, 0xbb, 0x52, 0x95, 0x0e, 0xc7, 0xde, 0xc8, 0xe6, 0xcf, 0x51, 0x01, 0xfc, 0x69, 0xba, 0x75, 0x82, 0x32, 0x5f, 0x24, 0x5b, 0x60, 0xc0, 0x46, 0xc0, 0xc3, 0x07, 0x67, 0x25, 0x77, 0xaf, 0x2e, 0x4b, 0x88, 0xf5, 0xe6, 0xd7, 0x6b, 0xd3, 0x28, 0xa6, 0x92, 0x77, 0xc5, 0x02, 0x76, 0xbe, 0xe0, 0x70, 0x6e, 0xe8, 0xa0, 0x55, 0xb4, 0xfe, 0xfe, 0x8d, 0x57, 0x02, 0x80, 0xe3, 0x0e, 0xb4, 0x1b, 0xe0, 0xcb, 0xb2, 0xc8, 0x6c, 0xa9, 0x8a, 0xb8, 0x61, 0x9c, 0x87, 0x3e, 0x10, 0x25, 0x3e, 0x29, 0x68, 0x5b, 0x07, 0x7a, 0x29, 0xe6, 0x1b, 0x68, 0x24, 0x25, 0xbb, 0xfd, 0xec, 0xe0, 0xcf, 0x08, 0x20, 0x49, 0x36, 0x49, 0xdf, 0x6d, 0xb1, 0xf9, 0x17, 0xa2, 0xfb, 0xb3, 0xb0, 0x68, 0x1c, 0x2d, 0x4e, 0x8b, 0x95, 0xfa, 0x01, 0x1c, 0xea, 0x90, 0xd4, 0xf8, 0x3c, 0xcd, 0x17, 0xb0, 0x86, 0xd6, 0xbe, 0x41, 0xfa, 0x36, 0x7f, 0x0f, 0x12, 0xec, 0x3c, 0xb7, 0x38, 0x2e, 0xdb, 0x12, 0x0c, 0x6d, 0x88, 0x8e, 0x19, 0x97, 0x5c, 0xf4, 0xed, 0x11, 0x09, 0xfb, 0xda, 0x76, 0xe6, 0x5f, 0x16, 0x17, 0x43, 0xe6, 0x36, 0xab, 0x97, 0x36, 0x2d, 0x60, 0xf4, 0xf2, 0x94, 0xe3, 0x50, 0xe2, 0x42, 0x98, 0x32, 0x22, 0xde, 0x0f, 0x86, 0x83, 0x7d, 0xcf, 0x4a, 0x64, 0x91, 0xfc, 0x42, 0xea, 0xc2, 0xdf, 0x72, 0x33, 0xad, 0x8a, 0xc0, 0x20, 0x03, 0x32, 0xf8, 0x48, 0xdc, 0xe9, 0xed, 0x28, 0x34, 0x16, 0x84, 0xbc, 0xd2, 0xde, 0x47, 0x69, 0xf7, 0x65, 0x92, 0x28, 0x58, 0x30, 0x5e, 0xf9, 0xfe, 0x47, 0xff, 0x2d, 0xe3, 0xff, 0xf8, 0x37, 0xa5, 0xf2, 0x99, 0x7c, 0x86, 0xad, 0xfe, 0x92, 0x11, 0x19, 0x40, 0x45, 0x5b, 0x13, 0xaf, 0x87, 0x25, 0x74, 0x28, 0x8b, 0x34, 0x53, 0xcd, 0xc5, 0xb2, 0xde, 0x8c, 0x5a, 0xcc, 0x03, 0x2d, 0x88, 0x5e, 0xe3, 0x6a, 0x31, 0x14, 0x57, 0xdc, 0x9a, 0x05, 0x0a, 0xef, 0xa3, 0xb0, 0xcf, 0xda, 0xfe, 0xc1, 0x3b, 0x96, 0xb0, 0xa9, 0x0f, 0xdd, 0xbb, 0x7e, 0x71, 0xb8, 0x28, 0x0b, 0x79, 0x74, 0xf4, 0xcd, 0x70, 0x76, 0x1f, 0xcf, 0x60, 0x4d, 0x39, 0xb4, 0xac, 0x65, 0xc7, 0x23, 0x12, 0x04, 0xf1, 0xbf, 0x7f, 0xf1, 0xb5, 0x08, 0x87, 0x9b, 0x83, 0x15, 0x86, 0x3a, 0x19, 0x61, 0x87, 0x44, 0x19, 0xce, 0x8b, 0xac, 0xd3, 0xf2, 0x25, 0x75, 0x49, 0xc0, 0x0e, 0x97, 0x3b, 0x13, 0x12, 0x08, 0x83, 0xa0, 0x40, 0x48, 0x2d, 0x47, 0xb8, 0x7a, 0x68, 0xcd, 0x1d, 0x1d, 0xa8, 0x4f, 0xb4, 0x7a, 0x39, 0x0c, 0x13, 0xba, 0x38, 0x49, 0x33, 0x8e, 0x0e, 0x8c, 0x81, 0x16, 0x0c, 0x12, 0xb6, 0x1b, 0x07, 0x76, 0x67, 0xc1, 0x7a, 0xb7, 0x5a, 0x3b, 0x73, 0x5f, 0x6b, 0x96, 0x9c, 0xb4, 0x94, 0x25, 0x05, 0xaf, 0xb6, 0x8b, 0x2d, 0x4b, 0x82, 0x95, 0x88, 0xce, 0xc0, 0x31, 0x44, 0xa3, 0x69, 0x8d, 0x9d, 0xe4, 0x8b, 0xd8, 0x86, 0xd4, 0x63, 0x82, 0xe1, 0x98, 0x91, 0xb1, 0xd1, 0x6b, 0xf4, 0xb4, 0x79, 0xcf, 0xff, 0x2a, 0x5a, 0x6c, 0x50, 0x47, 0x83, 0x87, 0x90, 0xb8, 0x3b, 0xb1, 0xa6, 0x18, 0x33, 0x25, 0xc0, 0x8e, 0xbe, 0x27, 0x40, 0xea, 0x6f, 0x1e, 0x5c, 0x0b, 0x2c, 0x62, 0xf9, 0xf5, 0xf4, 0x4c, 0xf9, 0x46, 0x1a, 0x36, 0xe6, 0x74, 0x3f, 0x5e, 0x9c, 0x64, 0x33, 0xba, 0x4f, 0xc7, 0xee, 0x1e, 0x66, 0xf4, 0x29, 0xbe, 0xe0, 0x05, 0xbf, 0xad, 0x1b, 0x1b, 0xe4, 0x17, 0x2c, 0xe5, 0xf7, 0x44, 0xf1, 0xe6, 0x11, 0x05, 0x37, 0xa4, 0x5f, 0xd0, 0xaa, 0xb1, 0xc1, 0x49, 0x92, 0xf2, 0x8e, 0xc4, 0x37, 0xfe, 0x9f, 0xf4, 0x89, 0x22, 0x0c, 0x68, 0x06, 0xa9, 0x8e, 0x05, 0x04, 0x8a, 0xa9, 0x93, 0x18, 0xbe, 0x24, 0x0c, 0xc6, 0xbd, 0x6b, 0xa5, 0x1b, 0xbd, 0x6f, 0x78, 0x57, 0x13, 0xf0, 0xda, 0x23, 0x73, 0x1b, 0xf8, 0xcd, 0x08, 0x8c }, - .ds_encrypted_input_params_iv = { 0xbc, 0xea, 0xec, 0x15, 0x14, 0xa4, 0x09, 0x48, 0xc4, 0x3c, 0x64, 0xcb, 0xc9, 0x4b, 0x70, 0x32 }, +#if SOC_DS_SIGNATURE_MAX_BIT_LEN == 4096 + .ds_message = { 0x24, 0x9b, 0x52, 0x6f, 0xcd, 0xa0, 0x61, 0xab, 0xaa, 0x78, 0x7e, 0x3f, 0x4a, 0xd6, 0x0c, 0xd6, 0x54, 0xe7, 0xbc, 0x86, 0x07, 0xfc, 0xf5, 0x10, 0xfc, 0x81, 0x34, 0x70, 0x71, 0xcd, 0x07, 0x26, 0xa3, 0xec, 0x7c, 0x6d, 0xaa, 0xf9, 0x3b, 0x95, 0x50, 0xc8, 0x95, 0xee, 0x2a, 0x10, 0x81, 0x3b, 0xcb, 0x67, 0xdb, 0xe7, 0x17, 0x21, 0xe6, 0x9c, 0x2a, 0x3a, 0xb4, 0xa4, 0x68, 0x8d, 0x87, 0x62, 0x3d, 0xd4, 0x24, 0xdf, 0xeb, 0x35, 0x02, 0xf8, 0xd6, 0x46, 0x09, 0xc1, 0xaf, 0x0d, 0x39, 0x5f, 0x5f, 0x03, 0x5f, 0xd0, 0x4e, 0x3d, 0x29, 0x15, 0x53, 0x70, 0x6a, 0x57, 0x92, 0xfe, 0x21, 0x52, 0xae, 0xcf, 0x0e, 0xd9, 0xad, 0x66, 0xc3, 0x0f, 0x52, 0xe2, 0xd3, 0x52, 0x4d, 0xf7, 0x52, 0x3b, 0x43, 0x9e, 0x5e, 0xb7, 0xfa, 0x70, 0xc2, 0x9a, 0x53, 0xd7, 0x36, 0x4f, 0xa8, 0x80, 0xc1, 0xab, 0x62, 0xc8, 0x22, 0xef, 0x67, 0x78, 0x71, 0x74, 0x69, 0x09, 0xfd, 0x3e, 0x2c, 0x02, 0xd6, 0xeb, 0xc9, 0x15, 0x51, 0x5e, 0x9a, 0x14, 0x5c, 0x97, 0xcc, 0x4a, 0xc6, 0x6e, 0x1c, 0x57, 0xb7, 0x24, 0x6d, 0xe6, 0x39, 0x8f, 0x86, 0x37, 0x48, 0xf0, 0xd6, 0x46, 0x75, 0x13, 0x02, 0x46, 0x7d, 0x7a, 0x07, 0x1e, 0xf0, 0x69, 0x56, 0x93, 0xdc, 0x11, 0xb3, 0xd7, 0xbf, 0x55, 0x92, 0x64, 0x02, 0xf2, 0x26, 0x5d, 0x4f, 0x04, 0x45, 0xed, 0x59, 0x40, 0xf2, 0xa3, 0x3f, 0x50, 0x01, 0xc8, 0xea, 0xd1, 0x53, 0x96, 0xc6, 0x3c, 0x55, 0x67, 0x2e, 0x02, 0x28, 0xc0, 0xfd, 0xee, 0x19, 0x19, 0xa6, 0x37, 0xf3, 0x95, 0xeb, 0xd6, 0xd3, 0xbc, 0x4f, 0x8b, 0xa8, 0x3d, 0x7d, 0x35, 0xa5, 0x22, 0x23, 0x1a, 0x2c, 0x24, 0x8c, 0x90, 0x14, 0xfc, 0x4f, 0x2e, 0xc6, 0x03, 0x42, 0x33, 0x07, 0x7a, 0xec, 0xe8, 0xc3, 0x9c, 0x13, 0x7c, 0x56, 0x8c, 0xd0, 0x5a, 0x90, 0xe3, 0x40, 0x68, 0xeb, 0x9d, 0x91, 0x73, 0x85, 0xe3, 0x7d, 0xb3, 0xa9, 0x9a, 0x82, 0x1c, 0x0a, 0x50, 0x1f, 0x1a, 0xc6, 0x22, 0x88, 0x24, 0x04, 0x79, 0xfe, 0x3e, 0xce, 0x6f, 0xae, 0xa7, 0x8f, 0xb3, 0x3b, 0x05, 0xf1, 0xbb, 0x3b, 0xf1, 0x7b, 0x0a, 0x4f, 0x7e, 0x81, 0xea, 0xdf, 0x04, 0x27, 0x4b, 0x76, 0x4d, 0x52, 0x93, 0xd3, 0xa1, 0xc8, 0x6c, 0x42, 0xcb, 0x3f, 0xaf, 0xd2, 0x74, 0x5b, 0x75, 0x4e, 0xd2, 0x4f, 0x3a, 0x28, 0xf0, 0xe1, 0xfe, 0xac, 0xe1, 0xb9, 0x47, 0xc5, 0x27, 0x0f, 0xe6, 0xd8, 0x7b, 0x1d, 0x5c, 0x52, 0xf4, 0xf2, 0x3d, 0x98, 0x9a, 0x27, 0x3a, 0xac, 0x9e, 0xa4, 0x9c, 0xea, 0xfb, 0xf6, 0x95, 0xf0, 0xbf, 0x15, 0xc5, 0xa9, 0xf2, 0x74, 0x30, 0x5e, 0xff, 0x90, 0x71, 0x30, 0x6a, 0x6f, 0x92, 0xb9, 0x7c, 0x7b, 0xe4, 0x9b, 0xae, 0x2d, 0xb8, 0xdc, 0xe2, 0x4e, 0x7c, 0x5e, 0xc1, 0xc1, 0xb6, 0xf7, 0x48, 0x67, 0x06, 0x28, 0x84, 0xf1, 0xd2, 0x0b, 0x34, 0xff, 0xd6, 0x29, 0xc8, 0xce, 0x46, 0x8f, 0x4d, 0x8f, 0x26, 0x43, 0x0d, 0x65, 0xfa, 0xdc, 0x0e, 0x54, 0x60, 0x24, 0xae, 0x49, 0x64, 0x27, 0x73, 0x8e, 0x8d, 0x6a, 0xc2, 0x7a, 0xee, 0x09, 0xf8, 0xbb, 0xbb, 0x0b, 0x05, 0x36, 0xa5, 0xca, 0x87, 0x3c, 0x32, 0x69, 0xbc, 0x91, 0x0b, 0x53, 0xec, 0x7e, 0x5a, 0x68, 0x8a, 0xea, 0xa5, 0xd9, 0x2b, 0x7a, 0xbd, 0x66, 0x93, 0xa0, 0x0e, 0x30, 0x4c, 0xf7, 0x54, 0x4f, 0x7f, 0x63, 0x79, 0x53, 0xdc, 0xd0, 0xf0, 0x0a, 0x0c, 0xb2, 0x68, 0x3e, 0xab, 0xed, 0x60, 0x78, 0xbe, 0x59, 0xc4, 0x72, 0xcb, 0x35, 0xd6, 0x44, 0x44, 0xfd, 0x10, 0x47, 0xa2, 0x28, 0xed, 0xcd, 0x3b, 0x7e, 0xe9, 0x42, 0x37 }, + .ds_encrypted_input_params = { 0xb6, 0x7e, 0xce, 0xf8, 0x83, 0x31, 0x57, 0x71, 0x2c, 0x34, 0x27, 0xe9, 0x98, 0xc9, 0x9f, 0x07, 0x8d, 0xeb, 0x88, 0x1c, 0xd3, 0xed, 0x6f, 0x32, 0x40, 0xd2, 0x94, 0x7a, 0x52, 0x30, 0x78, 0x55, 0x72, 0xcb, 0x9a, 0x67, 0x6c, 0x68, 0x0b, 0x9e, 0x09, 0x8e, 0x52, 0x5b, 0x6c, 0x6a, 0xc8, 0xcb, 0x44, 0xa9, 0x0d, 0x42, 0xff, 0xcc, 0x0f, 0x70, 0x95, 0x73, 0x35, 0x4b, 0x1a, 0xef, 0xf7, 0x6f, 0x23, 0x6e, 0x7a, 0xd2, 0xdd, 0xa1, 0xdb, 0x20, 0xe7, 0x50, 0x5a, 0x1a, 0x3c, 0xa8, 0xa7, 0xa6, 0x41, 0x92, 0x8e, 0x90, 0x49, 0x11, 0x90, 0x83, 0x7b, 0x03, 0x1b, 0x9a, 0x32, 0xf4, 0x63, 0x10, 0x04, 0x61, 0xf3, 0x91, 0x8c, 0xbd, 0xed, 0x9e, 0x36, 0x90, 0x7d, 0x0a, 0xbb, 0xd2, 0xbe, 0x9b, 0xcb, 0x8f, 0x7c, 0x7a, 0xb7, 0x98, 0xaf, 0x19, 0x4f, 0x83, 0x26, 0xcc, 0x46, 0x56, 0x8a, 0x77, 0x03, 0x0e, 0x40, 0x7e, 0x17, 0x9e, 0xf8, 0x5e, 0xdc, 0x53, 0x27, 0x66, 0x33, 0x90, 0x9c, 0x1c, 0xfc, 0x85, 0xa1, 0xc3, 0x2a, 0x4d, 0xc0, 0xe0, 0xb5, 0xd8, 0x3f, 0x81, 0x64, 0x33, 0x68, 0x16, 0x48, 0xc8, 0x48, 0xc1, 0x6b, 0xbd, 0x1f, 0xe3, 0x57, 0xe2, 0x5c, 0xf7, 0x0f, 0x66, 0x9c, 0x90, 0xe6, 0x06, 0x09, 0x79, 0xe5, 0x04, 0x0d, 0x8d, 0x81, 0x76, 0x71, 0xc4, 0x5d, 0xae, 0x55, 0x03, 0x91, 0x3a, 0x1c, 0xe6, 0x4f, 0x92, 0x48, 0xbe, 0x20, 0xc2, 0x2c, 0xb4, 0x4e, 0xee, 0x89, 0xf5, 0xa0, 0x93, 0xa2, 0x09, 0x81, 0x1d, 0xa5, 0xf5, 0xac, 0xc8, 0xf0, 0x8c, 0xf3, 0x04, 0xca, 0x98, 0x4d, 0xc5, 0x20, 0xdf, 0x0e, 0x10, 0x9b, 0x62, 0x22, 0x36, 0xef, 0x71, 0x83, 0xb6, 0x23, 0xf9, 0xd4, 0x71, 0x2a, 0x03, 0xce, 0x8c, 0x65, 0x15, 0x58, 0x04, 0xa6, 0x11, 0xa1, 0xcb, 0x5b, 0x2c, 0xcf, 0xe1, 0xd2, 0x06, 0x86, 0xd2, 0x07, 0xcd, 0xd7, 0xcc, 0xd8, 0xb8, 0xb5, 0x3e, 0xe3, 0x19, 0x56, 0xa3, 0xf5, 0x9e, 0x8b, 0x85, 0x21, 0x38, 0x6b, 0xea, 0xec, 0xf2, 0x57, 0xf6, 0x2f, 0x0f, 0x79, 0x5e, 0xcd, 0xad, 0xa9, 0x42, 0xb3, 0x75, 0x2f, 0xc6, 0xf5, 0x6a, 0xf6, 0x62, 0x1a, 0x7c, 0xbb, 0x83, 0x80, 0xdb, 0x1d, 0x30, 0x37, 0x07, 0x5a, 0x1b, 0x92, 0x5b, 0x4a, 0xc8, 0x0c, 0x2f, 0xd5, 0x97, 0xd6, 0x35, 0x5f, 0xb8, 0xae, 0x9c, 0x5c, 0x80, 0x57, 0xad, 0xd3, 0x4b, 0x5b, 0xe3, 0x45, 0x47, 0x9a, 0x59, 0x07, 0xff, 0xaa, 0x9d, 0x43, 0x57, 0xaf, 0x42, 0xbd, 0x7d, 0x76, 0x74, 0x7a, 0xdf, 0x81, 0xfd, 0x5e, 0xab, 0x72, 0xfe, 0xed, 0xd3, 0x44, 0xe1, 0x69, 0x0d, 0xc1, 0x33, 0xc7, 0xda, 0x9d, 0xd8, 0xfe, 0x82, 0x1d, 0x72, 0xba, 0xd8, 0x79, 0x2e, 0x10, 0x4e, 0x7d, 0x64, 0x13, 0xac, 0x3e, 0x6c, 0xb2, 0x9c, 0x29, 0xae, 0x0b, 0x38, 0x1b, 0x02, 0x79, 0xb8, 0xad, 0x23, 0x8a, 0xc9, 0x8c, 0xbd, 0xaf, 0xc2, 0x86, 0x76, 0x3a, 0x86, 0xbd, 0x6e, 0x1e, 0xd9, 0x87, 0x00, 0x94, 0x9c, 0x03, 0x10, 0x9f, 0x51, 0x9b, 0x11, 0x4b, 0x6a, 0x25, 0x2e, 0xac, 0x5e, 0x74, 0x7e, 0xf3, 0xe2, 0x11, 0x12, 0x90, 0x40, 0xc0, 0x9e, 0xe8, 0x0a, 0x3d, 0x17, 0xea, 0x6a, 0x27, 0xe7, 0x99, 0xaa, 0xe5, 0x1c, 0x61, 0x31, 0xc3, 0xe9, 0x01, 0xac, 0x67, 0xe5, 0x9b, 0xec, 0xd2, 0x0c, 0x5d, 0x12, 0xfc, 0xa9, 0x1d, 0x7c, 0xcf, 0x68, 0xfb, 0x80, 0x66, 0xf0, 0x34, 0xe3, 0xdf, 0x3d, 0xdc, 0xd0, 0x91, 0xd8, 0x1f, 0xeb, 0x0c, 0x50, 0xdd, 0x37, 0xea, 0x4f, 0x3a, 0x29, 0x21, 0x0c, 0xb1, 0xea, 0x09, 0xdd, 0x23, 0xbd, 0x32, 0xcc, 0x93, 0xe2, 0x83, 0xe4, 0xc9, 0xd3, 0x16, 0x90, 0x91, 0x81, 0x3f, 0x0d, 0x8e, 0x95, 0x6b, 0x49, 0x00, 0x76, 0x0c, 0x95, 0x6b, 0x97, 0x89, 0x03, 0x1f, 0xa4, 0x14, 0x3c, 0xe3, 0xb4, 0x6f, 0x79, 0x5b, 0x31, 0x02, 0x11, 0xe7, 0x91, 0xe4, 0x9b, 0x4e, 0x5d, 0x7b, 0x2f, 0x9d, 0xb0, 0xa4, 0x08, 0x07, 0x79, 0x0b, 0xa7, 0x10, 0x6a, 0xf3, 0x27, 0x4d, 0xb7, 0xca, 0x76, 0x16, 0xcc, 0x91, 0xa6, 0x86, 0xcf, 0xbe, 0xbf, 0xb4, 0x15, 0x35, 0x61, 0x0a, 0x55, 0x0f, 0xd9, 0x0e, 0x5e, 0xb9, 0x8a, 0xe7, 0xbb, 0x36, 0xf5, 0xea, 0x31, 0xdc, 0x5a, 0xae, 0x9a, 0x5e, 0xa0, 0xd2, 0xfd, 0xdb, 0xcb, 0x51, 0x3c, 0xb1, 0x48, 0xee, 0xa5, 0xeb, 0xb1, 0x84, 0x62, 0x56, 0x75, 0x56, 0x79, 0xdd, 0xf9, 0xa8, 0x26, 0x72, 0x74, 0x5b, 0xad, 0x1f, 0xcf, 0x01, 0x94, 0x5c, 0xf7, 0xd3, 0x2d, 0x60, 0xa4, 0x23, 0x8a, 0x1f, 0x97, 0x2c, 0xe6, 0x13, 0x8c, 0x61, 0x6b, 0x9c, 0xba, 0x02, 0x3d, 0x25, 0xf5, 0x86, 0x44, 0xcd, 0xee, 0x56, 0x10, 0x32, 0xbb, 0xee, 0xf2, 0x3b, 0x2b, 0x4e, 0xa2, 0x1e, 0xb1, 0x8b, 0x00, 0x14, 0x21, 0xbb, 0x57, 0x38, 0xf4, 0x49, 0x42, 0x27, 0x0e, 0x82, 0xd0, 0x9d, 0xcd, 0x53, 0x72, 0x25, 0xa1, 0x6e, 0xe9, 0xfd, 0xd8, 0xaf, 0x3b, 0xc5, 0x69, 0x1e, 0x58, 0x2f, 0x1f, 0x2b, 0x77, 0xa1, 0x46, 0x03, 0x35, 0x6e, 0x38, 0x0e, 0x9e, 0xa6, 0x22, 0x80, 0x69, 0x05, 0x2b, 0x8c, 0x8e, 0x7a, 0x64, 0x02, 0xe6, 0x4f, 0x71, 0x85, 0x89, 0xc6, 0xf5, 0xe4, 0xd2, 0xe8, 0xd0, 0x0b, 0x1e, 0xc3, 0x5b, 0x92, 0xd8, 0xe1, 0x1f, 0xd5, 0x95, 0xee, 0x24, 0x01, 0x33, 0xa1, 0x39, 0x76, 0x44, 0xd8, 0xba, 0xd4, 0x79, 0x08, 0xae, 0x2a, 0xcf, 0xb5, 0xe3, 0x4a, 0x86, 0x2d, 0x38, 0x64, 0xff, 0x9e, 0x26, 0xec, 0x20, 0x37, 0xe9, 0xd5, 0x0a, 0xa2, 0x3a, 0x3d, 0x75, 0xd9, 0xf7, 0x66, 0x6b, 0x6d, 0x63, 0x53, 0x16, 0x88, 0x37, 0xad, 0xa0, 0x2e, 0x77, 0xc2, 0x2e, 0x43, 0x1a, 0xf9, 0x55, 0xc8, 0x74, 0xa7, 0xb4, 0xe9, 0x24, 0x2f, 0xa5, 0xb8, 0x1e, 0x1b, 0x58, 0x5d, 0x44, 0x2f, 0x58, 0x59, 0x00, 0x34, 0xe3, 0xf5, 0xa9, 0x12, 0x06, 0x20, 0x5c, 0x59, 0x7b, 0x29, 0x3c, 0x8b, 0x4b, 0x0e, 0xc3, 0x6b, 0x43, 0x55, 0x04, 0x08, 0x65, 0x1a, 0x9a, 0x42, 0xf4, 0xd1, 0xbc, 0x1e, 0x10, 0x96, 0x79, 0x6f, 0xaa, 0x29, 0x8e, 0x3d, 0xce, 0x09, 0x94, 0xff, 0xdd, 0x8a, 0x49, 0x73, 0xde, 0x49, 0xb9, 0xb7, 0x44, 0x9a, 0xd1, 0xcf, 0xc3, 0xd7, 0xb4, 0x71, 0x97, 0xa0, 0x9f, 0x73, 0x62, 0xbb, 0x0a, 0x59, 0x63, 0x64, 0x73, 0x3a, 0x62, 0x5f, 0xae, 0x4b, 0xac, 0xe2, 0x0d, 0x30, 0xa5, 0x2a, 0x65, 0x04, 0x13, 0x17, 0xbb, 0x4f, 0x72, 0xaf, 0xce, 0x5a, 0x28, 0x69, 0xfa, 0x60, 0xe0, 0xc5, 0xc4, 0x65, 0x5d, 0x48, 0xd1, 0x1c, 0x91, 0xd1, 0x59, 0xf4, 0xde, 0x79, 0x2a, 0xf1, 0xd5, 0x60, 0x12, 0xd2, 0x84, 0xc8, 0x0e, 0x0d, 0xa9, 0x78, 0x3b, 0xfb, 0xff, 0x1d, 0xdd, 0xd9, 0x9b, 0xac, 0xa0, 0x8c, 0x76, 0x96, 0xe5, 0x10, 0xfb, 0xfe, 0xab, 0x14, 0xbd, 0x66, 0xa4, 0xa2, 0xe2, 0xe9, 0x6c, 0xf5, 0x6e, 0xba, 0x3a, 0x7a, 0x8a, 0x97, 0x65, 0x9b, 0xdb, 0x92, 0xff, 0xea, 0xd7, 0xa6, 0xeb, 0x48, 0x89, 0x2a, 0x21, 0x83, 0xb8, 0xa2, 0xf3, 0xd9, 0xae, 0xa0, 0x7d, 0xd2, 0x2a, 0xde, 0xaa, 0xaf, 0x8b, 0x30, 0xfd, 0x0c, 0xc0, 0xcb, 0x69, 0x3d, 0x55, 0xe0, 0x9a, 0x57, 0xd3, 0x6d, 0x60, 0xf9, 0xc9, 0x98, 0x30, 0x57, 0x6a, 0x22, 0xaf, 0x72, 0xc1, 0x29, 0xcc, 0xdb, 0x81, 0xe7, 0xe1, 0xdc, 0xca, 0xfe, 0xea, 0xa9, 0xc4, 0x48, 0x64, 0x16, 0x91, 0xba, 0xb7, 0x0b, 0x76, 0xd9, 0x9f, 0xed, 0x19, 0xfb, 0x70, 0x6e, 0xc9, 0xb0, 0xe5, 0x24, 0x1d, 0x99, 0x1c, 0xd3, 0x23, 0x6f, 0x11, 0x4e, 0xac, 0x11, 0xb0, 0xfc, 0x3c, 0x3b, 0xc7, 0xb7, 0xc7, 0x1a, 0xdf, 0x56, 0xe3, 0xd0, 0x4c, 0x2a, 0xde, 0xa4, 0x70, 0xa1, 0xb8, 0xbf, 0x81, 0xab, 0x7b, 0x10, 0x3f, 0xe9, 0x7d, 0xf1, 0x82, 0xcc, 0x4e, 0xcf, 0x00, 0x79, 0x69, 0xdb, 0x99, 0xdf, 0x15, 0xee, 0x1e, 0xbd, 0x28, 0x34, 0xfc, 0xc5, 0x1f, 0xea, 0xf0, 0xca, 0x9f, 0x73, 0x60, 0x5d, 0xe3, 0x03, 0x2f, 0x24, 0xb5, 0x18, 0xcb, 0x35, 0x14, 0x88, 0x87, 0xa0, 0xef, 0x63, 0x43, 0xbc, 0x24, 0x2b, 0x67, 0x8e, 0xc6, 0x4a, 0x92, 0xcf, 0xd9, 0xd3, 0xb8, 0xfb, 0x74, 0xc2, 0x4c, 0xb1, 0x00, 0x5d, 0xa5, 0x23, 0x59, 0xf7, 0xfe, 0x8e, 0x25, 0x07, 0x7f, 0xf8, 0xfd, 0x29, 0x4a, 0x93, 0x80, 0x63, 0x0d, 0xd3, 0x56, 0xff, 0x61, 0x74, 0x1e, 0x19, 0x8f, 0x15, 0x34, 0xd0, 0x53, 0xbf, 0x30, 0xae, 0x86, 0x46, 0x56, 0xfc, 0x73, 0x80, 0x57, 0xe4, 0x11, 0x59, 0x2d, 0xd4, 0x0a, 0xfe, 0x16, 0x22, 0x23, 0xe2, 0xec, 0x15, 0x15, 0xc4, 0xb8, 0xe2, 0xd0, 0x45, 0xa9, 0xce, 0xb4, 0x48, 0x54, 0x79, 0x73, 0x6d, 0x1b, 0x49, 0x32, 0x5b, 0xe3, 0x23, 0x78, 0xf4, 0xa6, 0xe2, 0xd4, 0xc4, 0x43, 0xeb, 0xd4, 0x1b, 0x9f, 0xdb, 0xb6, 0xdb, 0x7a, 0x54, 0x83, 0x99, 0xb9, 0x7c, 0x24, 0x0e, 0x08, 0xbc, 0x27, 0x65, 0x15, 0x24, 0xc5, 0x8b, 0x35, 0xe7, 0x9a, 0x24, 0x62, 0x88, 0x2b, 0x13, 0xe5, 0xc9, 0x5a, 0x14, 0xe8, 0xde, 0xa0, 0x17, 0xb2, 0x1d, 0xcb, 0xb5, 0xb0, 0xc6, 0xcd, 0x89, 0x89, 0xe7, 0x2a, 0x8a, 0x8f, 0x9e, 0x1c, 0xc5, 0x6c, 0xf4, 0xc5, 0x9b, 0xad, 0x39, 0xe1, 0xef, 0xb5, 0x9a, 0xc8, 0x67, 0x33, 0x45, 0xae, 0x44, 0xca, 0x12, 0x2c, 0x8b, 0x6f, 0x16, 0x30, 0x0b, 0xbc, 0x3b, 0x5b, 0x7c, 0xd0, 0x79, 0x31, 0xf6, 0xd9, 0x56, 0x8b, 0xe7, 0xc0, 0x8b, 0x26, 0x46, 0x0d, 0xe8, 0xa9, 0x99, 0x6a, 0xf6, 0x84, 0x89, 0xb9, 0x40, 0xbb, 0xd5, 0x97, 0xd8, 0x3c, 0x3d, 0xcf, 0xd1, 0xf2, 0xa5, 0xf6, 0xda, 0x50, 0x76, 0xe4, 0x28, 0xe4, 0x9f, 0x75, 0x67, 0x9f, 0xa2, 0x9b, 0x56, 0xf8, 0xd8, 0xbc, 0x25, 0x30, 0x57, 0x13, 0xa8, 0x33, 0xcf, 0x0a, 0xb9, 0xba, 0x22, 0x12, 0xac, 0xe0, 0xf1, 0xfb, 0x89, 0xe8, 0x50, 0x5b, 0x9b, 0xb9, 0x06, 0xf4, 0x8b, 0x63, 0xf5, 0x58, 0xd0, 0x12, 0x8b, 0xc1, 0xe5, 0x5e, 0xa9, 0x02, 0x36, 0x78, 0x33, 0xea, 0x91, 0x7d, 0xac, 0x67, 0x0b, 0x98, 0xa5, 0x24, 0xe7, 0xe3, 0xb2, 0xd9, 0xa0, 0xcc, 0x7b, 0xa5, 0x90, 0x6f, 0x36, 0xf4, 0xc1, 0x85, 0x13, 0x57, 0x31, 0xb4, 0x36, 0x44, 0x91, 0x7e, 0x50, 0xb7, 0x5a, 0x30, 0x33, 0xf2, 0xf3, 0x4f, 0x5d, 0x7f, 0x15, 0xad, 0x9c, 0xd5, 0x40, 0x35, 0x4c, 0x0b, 0x7c, 0xc2, 0x9e, 0xd7, 0xfb, 0xa8, 0xd0, 0xb3, 0x39, 0x3e, 0x02, 0xb8, 0x4c, 0x1d, 0x60, 0xfd, 0x45, 0xef, 0x5b, 0x45, 0xef, 0xc1, 0x0b, 0xea, 0xd3, 0xa0, 0x61, 0x9e, 0xab, 0x68, 0xc9, 0xa6, 0x88, 0x87, 0x50, 0xd0, 0xdf, 0x77, 0x93, 0x7d, 0x42, 0xcc, 0x3e, 0xb5, 0xb8, 0xf9, 0xe0, 0x6e, 0xee, 0x69, 0xf5, 0x7f, 0xb7, 0x28, 0x23, 0x0b, 0x0c, 0xc5, 0x7f, 0x42, 0xbe, 0x25, 0x57, 0x7c, 0x47, 0x0a, 0xc0, 0x51, 0xf0, 0xf8, 0x90, 0xea, 0x41, 0x71, 0x70, 0xb0, 0xd2, 0xd3, 0xca, 0x2d, 0x0b, 0xf4, 0xae, 0x0d, 0x65, 0x7f, 0x89, 0x0e, 0x30, 0x2f, 0x6a, 0x21, 0xcc, 0x9d, 0x6e, 0x2e, 0xa6, 0xe2, 0xda, 0xd0, 0xbf, 0xbd, 0xcb, 0x53, 0x98, 0xa1, 0xaa, 0xfe, 0xe0, 0x8b, 0xb5, 0x50, 0xdb, 0x89, 0xa3, 0xfe, 0x02, 0x32, 0x35, 0x7b, 0xb7, 0x5e, 0x3c, 0x3b, 0x2c, 0x71, 0xe2, 0x00, 0x31, 0x84, 0x59, 0xd2, 0x30, 0x27, 0xa4, 0xe4, 0x36, 0xc1, 0x36, 0x4c, 0x38, 0x16 }, + .ds_key_size = 4096, + .ds_result = { 0xa2, 0xbe, 0x4f, 0x7b, 0xd7, 0xcb, 0x10, 0xb4, 0x9e, 0x0f, 0x74, 0x53, 0x09, 0xc7, 0x13, 0x32, 0x20, 0x5b, 0xf3, 0x32, 0x9f, 0x79, 0xe5, 0xe3, 0x46, 0x9a, 0xfd, 0xe8, 0x36, 0xfa, 0x73, 0x99, 0x34, 0xee, 0xd3, 0x73, 0xd7, 0x67, 0xfd, 0x50, 0xe6, 0xf7, 0x82, 0x1f, 0x19, 0x8e, 0x8c, 0xab, 0x5d, 0x9c, 0xe5, 0xbd, 0xe1, 0xc3, 0xf0, 0xe6, 0x96, 0x17, 0x02, 0x0d, 0x3a, 0xc4, 0x62, 0x30, 0xf4, 0x5b, 0x9b, 0xfa, 0x59, 0xae, 0x2b, 0x69, 0x69, 0x64, 0x90, 0xbe, 0x09, 0x13, 0x13, 0xa0, 0xe5, 0xa4, 0xc2, 0xac, 0xe5, 0x5a, 0xae, 0x0d, 0x0e, 0x46, 0xe9, 0xa9, 0x8c, 0x44, 0x4a, 0x5f, 0x9e, 0xf0, 0x3a, 0xb6, 0x94, 0x27, 0x9d, 0x40, 0xff, 0x61, 0x8e, 0xd8, 0xd6, 0x1a, 0xdd, 0xcc, 0x2c, 0xc2, 0xd1, 0x53, 0xec, 0x1e, 0xce, 0x05, 0x92, 0x4e, 0xaf, 0x8b, 0x7f, 0x91, 0xdb, 0x17, 0x18, 0x4e, 0x82, 0x60, 0xf1, 0x36, 0xdf, 0x31, 0xb2, 0x60, 0xe1, 0x44, 0x8f, 0xb3, 0xe0, 0x73, 0xc8, 0xf7, 0xe7, 0x69, 0xb8, 0x24, 0xf8, 0xcb, 0x56, 0x0c, 0xed, 0x6b, 0x36, 0x9b, 0xe3, 0x52, 0xca, 0x50, 0xc4, 0xa8, 0x67, 0x84, 0xa0, 0xc8, 0x25, 0x81, 0xaf, 0x57, 0x06, 0x4e, 0x78, 0x98, 0xf7, 0x0c, 0x74, 0x8e, 0xf4, 0x3e, 0x28, 0x7b, 0x4e, 0xe5, 0x2c, 0x6e, 0x5e, 0xa6, 0x29, 0x7d, 0x5f, 0xd5, 0x90, 0x84, 0xce, 0x1a, 0x57, 0x1a, 0xd6, 0xfb, 0xf1, 0xec, 0xd7, 0x81, 0x18, 0x2a, 0x94, 0xaf, 0xc7, 0x0a, 0x77, 0xe7, 0x6c, 0xd5, 0x87, 0xa2, 0x15, 0x56, 0x0f, 0xdb, 0x3e, 0xe2, 0x64, 0xa7, 0x71, 0x4e, 0xd0, 0xcf, 0x3e, 0x10, 0x97, 0x40, 0x16, 0x69, 0x9d, 0xd4, 0x18, 0xb1, 0xdb, 0xf9, 0xca, 0x6a, 0x5d, 0xb3, 0x9f, 0xe2, 0x3e, 0x57, 0xf9, 0xac, 0x11, 0x88, 0x00, 0x22, 0xf4, 0xcd, 0xa9, 0x15, 0xc2, 0x0b, 0xc8, 0x9b, 0x73, 0x04, 0xdf, 0xf8, 0xdd, 0xeb, 0x50, 0xaa, 0xdd, 0x34, 0x8f, 0x36, 0xca, 0x59, 0x06, 0x70, 0xb0, 0x4a, 0xea, 0x13, 0xed, 0xb5, 0x55, 0x3c, 0xd2, 0xe7, 0x30, 0x2a, 0x41, 0xb5, 0x2c, 0xdb, 0xd5, 0x2a, 0xf7, 0x31, 0xb3, 0x71, 0x22, 0xcd, 0xfd, 0x6b, 0x3a, 0x98, 0x4b, 0xf4, 0xe9, 0xc8, 0xa0, 0x92, 0xc1, 0xcd, 0x23, 0x97, 0x88, 0x21, 0x45, 0xc1, 0xe4, 0x3b, 0x77, 0x69, 0xfb, 0xcd, 0x42, 0x3e, 0x6c, 0xe3, 0x96, 0xc3, 0xfa, 0x5a, 0x0c, 0xea, 0x87, 0x01, 0xee, 0x23, 0x1f, 0x58, 0x07, 0x2c, 0x98, 0x69, 0x6c, 0x14, 0xbd, 0xe6, 0x11, 0x4e, 0x77, 0x67, 0x02, 0x4c, 0x23, 0x36, 0x97, 0xd6, 0x95, 0x95, 0x48, 0x1f, 0x1a, 0xab, 0x8f, 0x13, 0xaa, 0x0b, 0x8d, 0xb5, 0x08, 0xad, 0xaf, 0xf2, 0x7a, 0x70, 0xcc, 0x8a, 0x26, 0x47, 0x34, 0xba, 0x85, 0x07, 0xc9, 0x3a, 0x1e, 0x56, 0x6b, 0x53, 0x47, 0xdc, 0x4a, 0x39, 0xa5, 0x5a, 0x87, 0x3f, 0x6a, 0xb0, 0x96, 0xd8, 0x86, 0xba, 0x01, 0xee, 0x91, 0xb8, 0xca, 0x41, 0xaa, 0x5a, 0x10, 0x4c, 0x9b, 0x5d, 0xf9, 0xd4, 0xac, 0x5f, 0x05, 0x48, 0xfb, 0xa0, 0x63, 0xf7, 0x2c, 0x13, 0xd1, 0x18, 0x2c, 0x62, 0xe8, 0xe6, 0x5c, 0xc2, 0xe6, 0x81, 0x61, 0x84, 0xa8, 0x35, 0xb2, 0x19, 0x35, 0x4a, 0x1b, 0x75, 0x01, 0x91, 0x97, 0x83, 0xc6, 0x24, 0xf2, 0xc4, 0xf4, 0x05, 0xe4, 0x96, 0x60, 0xc8, 0x14, 0x00, 0x30, 0x9c, 0x45, 0xc9, 0x29, 0x22, 0xf4, 0x4c, 0x2f, 0x27, 0x65, 0xdf, 0x24, 0x87, 0x6b, 0x10, 0x65, 0x20, 0x48, 0x1a, 0x36, 0x54, 0xd1, 0x01, 0x80, 0xb1, 0x6a, 0x3e, 0xc0, 0xb6, 0x13, 0x9d, 0xbf, 0x64, 0x44, 0x6e, 0xe2, 0xfe, 0x86, 0x81, 0xaa, 0xa7, 0x07, 0x3d }, +#elif SOC_DS_SIGNATURE_MAX_BIT_LEN == 3072 + .ds_message = { 0x55, 0xa7, 0xa1, 0x8e, 0x10, 0xb3, 0x30, 0x81, 0x42, 0xef, 0xf3, 0x25, 0xc6, 0x7e, 0xd4, 0x0b, 0x0c, 0x67, 0x33, 0xdf, 0x3a, 0xc9, 0x6d, 0x75, 0x19, 0x80, 0x8c, 0xf0, 0xb3, 0x2f, 0x7e, 0x62, 0xd9, 0xae, 0xa6, 0xdc, 0xdd, 0x67, 0x6f, 0x7d, 0x27, 0x4f, 0x46, 0x37, 0x8d, 0x3d, 0xba, 0x2e, 0x8b, 0x84, 0x48, 0x25, 0x4b, 0x8c, 0x6d, 0xdc, 0xcf, 0x19, 0xf0, 0xae, 0x56, 0x2f, 0x6e, 0x1a, 0xe7, 0xa6, 0xdb, 0x72, 0x67, 0x1c, 0xde, 0xcc, 0x16, 0x92, 0x07, 0xf4, 0x66, 0x0b, 0x26, 0xc0, 0x60, 0xd4, 0x45, 0xf1, 0x88, 0xbd, 0x3d, 0xa1, 0x05, 0x7f, 0x96, 0x3f, 0x79, 0x71, 0x19, 0x5b, 0xfa, 0x62, 0xac, 0xc6, 0xaa, 0x8c, 0xc6, 0x8a, 0x50, 0x20, 0x25, 0xc2, 0x60, 0x6b, 0x96, 0xe8, 0xb6, 0xaf, 0x3a, 0xb7, 0x48, 0x08, 0x7b, 0xc4, 0x48, 0xc3, 0x4c, 0xd4, 0x5d, 0x28, 0x7a, 0xbb, 0x37, 0x0d, 0x09, 0xb0, 0x51, 0xdf, 0x2e, 0xee, 0xa4, 0x79, 0xf5, 0x7f, 0x90, 0xcd, 0x12, 0xcf, 0x8b, 0x17, 0x27, 0xce, 0x02, 0x33, 0x91, 0x52, 0x84, 0x2b, 0x09, 0x71, 0x55, 0xe0, 0xd1, 0xfa, 0xc0, 0x34, 0x9b, 0xb0, 0xc2, 0x57, 0xc9, 0x53, 0x21, 0x0f, 0x00, 0xec, 0x1d, 0x61, 0x7f, 0x56, 0x81, 0xca, 0xa2, 0xff, 0xb2, 0x7e, 0xc0, 0x8b, 0xc8, 0x02, 0x21, 0xf6, 0x0f, 0xd0, 0x46, 0xa5, 0xd1, 0x43, 0xce, 0xcb, 0x0e, 0x50, 0xb8, 0x4b, 0x45, 0x3a, 0xac, 0x5f, 0x83, 0x58, 0x30, 0x49, 0xe0, 0x6d, 0x18, 0xc2, 0x96, 0xe7, 0x0c, 0xa6, 0x5b, 0x6e, 0xff, 0xab, 0xa7, 0x40, 0x6d, 0x2d, 0xf8, 0xda, 0x68, 0x9f, 0xf4, 0x29, 0x4f, 0x6e, 0xfd, 0xda, 0x68, 0x8d, 0x0e, 0x6a, 0x12, 0x96, 0x18, 0x95, 0x53, 0x4f, 0xfd, 0x52, 0x61, 0x42, 0x1c, 0xe5, 0x2c, 0xc1, 0x6b, 0x27, 0xee, 0xd0, 0xdf, 0x2d, 0x34, 0x57, 0x39, 0x21, 0x88, 0xda, 0x1e, 0x40, 0xfa, 0x81, 0x85, 0xb2, 0x59, 0x9f, 0x4c, 0x4d, 0xa9, 0xed, 0xca, 0x69, 0x70, 0xbf, 0xc0, 0xaf, 0x6f, 0x10, 0xd0, 0x5d, 0x44, 0xfe, 0xc4, 0x0a, 0xa1, 0x51, 0x9b, 0x44, 0x3a, 0x12, 0x6c, 0x4c, 0x4d, 0x4b, 0x8e, 0x77, 0xe1, 0x83, 0x4a, 0x50, 0x72, 0x02, 0x3e, 0x0d, 0x27, 0xdf, 0xca, 0x0e, 0x3e, 0x36, 0x8c, 0x6c, 0x49, 0xe7, 0xa2, 0xd3, 0x3a, 0x17, 0x85, 0xf7, 0x33, 0xcb, 0xbd, 0xa9, 0xd4, 0xf8, 0xd8, 0x55, 0x61, 0x97, 0x51, 0x97, 0x45, 0x49, 0x41, 0xc0, 0x36, 0xc3, 0x60, 0x85, 0x08, 0x5e, 0xfa, 0x14, 0xc0, 0x14, 0x56, 0x50, 0xdc, 0xae, 0xc0, 0x71, 0xcd, 0x96, 0x4d, 0x94, 0x8f, 0x11, 0xe5, 0x68, 0x68, 0xba, 0x8a, 0x44, 0xde, 0x85, 0x44, 0xdc, 0x1d, 0x85, 0xa2, 0x30, 0xcd, 0xfc, 0xe9, 0x11, 0xea, 0xdc }, + .ds_encrypted_input_params = { 0xb9, 0xe0, 0xf0, 0x75, 0xf1, 0x2f, 0x97, 0x74, 0x5a, 0x91, 0x99, 0xdf, 0xd4, 0x65, 0x56, 0xec, 0xbc, 0xca, 0xa5, 0xf1, 0x83, 0xe7, 0x13, 0x86, 0x95, 0xb6, 0xc2, 0xf9, 0xf4, 0x2c, 0x55, 0xb0, 0x5b, 0x3c, 0x77, 0x64, 0x6b, 0x25, 0xf0, 0x25, 0x31, 0xb0, 0xd8, 0x60, 0xfd, 0x06, 0xcb, 0x6e, 0xa1, 0xf8, 0x79, 0x4f, 0xdf, 0xe5, 0x03, 0x4d, 0xcb, 0x30, 0xed, 0xb2, 0x10, 0xe4, 0x89, 0x34, 0x37, 0x0d, 0xe6, 0xb2, 0x69, 0x41, 0x3c, 0x8e, 0x54, 0x34, 0xbb, 0x7c, 0x08, 0x34, 0xe9, 0x37, 0xe8, 0x89, 0x5e, 0xe7, 0x1d, 0xac, 0x2c, 0x83, 0x33, 0xf3, 0x35, 0x12, 0x5f, 0x2a, 0xec, 0xfa, 0xc2, 0x33, 0xd2, 0x08, 0x4e, 0xcc, 0x86, 0xf2, 0xb3, 0xfb, 0xff, 0x07, 0x1a, 0xa1, 0x07, 0xf4, 0xfb, 0x87, 0xf0, 0x80, 0xbd, 0xc2, 0x27, 0x2b, 0x42, 0xf7, 0xc2, 0xd2, 0xae, 0x9f, 0x82, 0xf2, 0x91, 0xb7, 0xf5, 0x53, 0x25, 0x15, 0xf1, 0x5c, 0x6c, 0x33, 0x88, 0xff, 0x44, 0x13, 0xcb, 0x00, 0x23, 0xbc, 0xfd, 0xae, 0x0d, 0xf8, 0x9d, 0xb7, 0x45, 0x35, 0x80, 0xce, 0xcd, 0x77, 0x5c, 0x9a, 0xc2, 0x46, 0x0a, 0x3c, 0x44, 0xeb, 0xdd, 0xa3, 0x08, 0xcf, 0x5a, 0x38, 0x07, 0x89, 0x88, 0x0f, 0x0d, 0x1b, 0x84, 0x3c, 0xcb, 0x4e, 0x61, 0x07, 0xec, 0x20, 0x89, 0xbb, 0x3c, 0x63, 0xf8, 0x7f, 0x50, 0x68, 0x25, 0x85, 0xba, 0xa4, 0xec, 0xf7, 0x11, 0x8d, 0xa6, 0xa0, 0x2c, 0xc5, 0xa8, 0x7d, 0x9a, 0x85, 0xb6, 0x7a, 0x6a, 0x45, 0x5b, 0x46, 0xc7, 0xcb, 0xda, 0x25, 0xbf, 0x6a, 0xfe, 0xbf, 0xbc, 0xb0, 0x11, 0x19, 0x43, 0x71, 0x0e, 0x1f, 0x66, 0xac, 0x81, 0xd4, 0xe5, 0x3a, 0x03, 0xd8, 0xb0, 0x83, 0xbf, 0xbc, 0x57, 0x24, 0x7a, 0x03, 0x54, 0x2f, 0x58, 0x82, 0x5d, 0x63, 0x4f, 0x78, 0xff, 0x78, 0x84, 0x46, 0x51, 0x9d, 0x40, 0x6c, 0xe5, 0x97, 0xf9, 0xa3, 0x2b, 0x14, 0x02, 0x0f, 0x97, 0xe4, 0xde, 0x32, 0xc3, 0xcf, 0xe6, 0xcf, 0x9c, 0x38, 0xc0, 0x5f, 0x44, 0x9e, 0x78, 0xc9, 0x88, 0xbd, 0xc6, 0x84, 0x25, 0x20, 0x7a, 0xb5, 0xae, 0xc5, 0xf6, 0xe1, 0xb2, 0xdb, 0x1d, 0xb9, 0x06, 0x3f, 0x8a, 0x29, 0xd5, 0xc6, 0xe3, 0x3e, 0x5c, 0x86, 0xe6, 0x88, 0x56, 0x0f, 0x36, 0xe8, 0x48, 0xf0, 0xa8, 0x9b, 0x47, 0x3a, 0xeb, 0x69, 0xb7, 0x03, 0x45, 0x8d, 0xfb, 0xa7, 0xf2, 0x56, 0xd4, 0x2a, 0x81, 0x00, 0x7a, 0x80, 0xfa, 0x72, 0x5d, 0x00, 0x20, 0x67, 0xe3, 0x11, 0x19, 0x1d, 0x22, 0xde, 0x99, 0x03, 0xe5, 0xf2, 0x3f, 0x27, 0x25, 0x05, 0x4b, 0x87, 0x63, 0xb6, 0x50, 0x62, 0xaa, 0x19, 0xe0, 0xf9, 0x35, 0x80, 0x57, 0x01, 0x7d, 0xdd, 0x98, 0xf1, 0x4a, 0x19, 0x5b, 0x5b, 0x7a, 0xf5, 0xab, 0x87, 0x5b, 0x42, 0xfb, 0x01, 0xc4, 0xc5, 0x95, 0xa3, 0x46, 0xfb, 0xd0, 0x96, 0x59, 0x13, 0x7b, 0xdf, 0x11, 0x25, 0x38, 0x80, 0x64, 0x69, 0x53, 0xee, 0xe3, 0x59, 0xf3, 0x9d, 0x4a, 0xee, 0x2f, 0x3f, 0x39, 0xd2, 0x5b, 0xce, 0x73, 0x3e, 0x73, 0xd5, 0x30, 0x1b, 0x50, 0x68, 0x74, 0x3a, 0x29, 0x30, 0x29, 0x63, 0xbb, 0xdf, 0x27, 0xc9, 0x68, 0xeb, 0x5b, 0xb3, 0xe9, 0x9a, 0xa8, 0x11, 0x2a, 0x99, 0x71, 0xcd, 0x1f, 0x02, 0x09, 0xbb, 0x3d, 0x82, 0x12, 0x47, 0x7e, 0xd2, 0x01, 0xeb, 0x1a, 0xd3, 0xb6, 0x24, 0x32, 0xfa, 0x03, 0x09, 0xec, 0x29, 0xfa, 0x56, 0x30, 0xb2, 0xba, 0x9a, 0x23, 0x6c, 0x09, 0xd3, 0x66, 0xfb, 0xa1, 0xef, 0x32, 0xe4, 0x09, 0x4b, 0xfb, 0x41, 0x3a, 0x8f, 0xac, 0xde, 0x4a, 0xad, 0x4d, 0x91, 0xf5, 0xb9, 0x7d, 0x90, 0x3e, 0x41, 0x7e, 0x95, 0x6d, 0x64, 0x4d, 0x83, 0x2a, 0x6e, 0xa5, 0x99, 0x87, 0x70, 0xc6, 0xb0, 0xc8, 0xab, 0xe6, 0xde, 0xec, 0x5b, 0x66, 0xc7, 0x08, 0xe8, 0x10, 0x7d, 0x38, 0x60, 0x06, 0x5b, 0x6c, 0xbc, 0x0e, 0xc9, 0x3c, 0x1c, 0x87, 0x40, 0x8a, 0x90, 0xf8, 0x11, 0xa7, 0xc0, 0x32, 0x7c, 0x50, 0x25, 0xd6, 0x08, 0x94, 0x54, 0x79, 0x5b, 0x3f, 0xc2, 0x8a, 0xa9, 0xc2, 0xcb, 0xca, 0xf4, 0x22, 0x3d, 0x12, 0x0a, 0x77, 0xcd, 0x8e, 0x1f, 0x32, 0x6b, 0x8d, 0xde, 0x8b, 0xcd, 0xca, 0x94, 0xea, 0x5a, 0xa9, 0xf0, 0xaf, 0x91, 0x25, 0x60, 0x0f, 0x87, 0xc1, 0x0b, 0xfc, 0xe5, 0x87, 0xed, 0xb4, 0xf0, 0xad, 0xa5, 0x08, 0x48, 0xbf, 0x2c, 0x07, 0x57, 0x2a, 0x59, 0x52, 0xd7, 0x24, 0x53, 0x0c, 0x41, 0x08, 0x6e, 0x87, 0x1b, 0x89, 0xd3, 0x7e, 0x79, 0x49, 0xa9, 0xeb, 0x99, 0x97, 0x9d, 0x49, 0x01, 0x34, 0x1f, 0x65, 0x0d, 0xcc, 0x4c, 0xe5, 0xdc, 0x90, 0x14, 0xa4, 0x37, 0x8e, 0x51, 0xf8, 0x85, 0xbc, 0xde, 0x21, 0x87, 0xc3, 0xd9, 0xa9, 0x6c, 0x85, 0x2c, 0x7d, 0x8d, 0xba, 0xcb, 0x89, 0xc9, 0x15, 0x73, 0xd3, 0x81, 0x0b, 0x0c, 0x7c, 0x24, 0x16, 0x86, 0x17, 0x90, 0xce, 0x25, 0x54, 0x9e, 0xb5, 0xd1, 0x35, 0x83, 0x24, 0x7e, 0x7b, 0x42, 0x22, 0x9b, 0xe2, 0x42, 0xbd, 0x1e, 0x01, 0x98, 0x7a, 0x9b, 0x61, 0x75, 0x51, 0x74, 0xf6, 0x42, 0x31, 0x60, 0x42, 0x16, 0x71, 0x75, 0xee, 0x22, 0xdb, 0xd7, 0x03, 0xa1, 0x8d, 0x1c, 0x20, 0x04, 0x40, 0x60, 0x20, 0xb9, 0x70, 0x3c, 0x1c, 0x29, 0xf2, 0x3f, 0x6c, 0xfc, 0x79, 0xe0, 0x72, 0x9c, 0xec, 0x8c, 0x1e, 0x29, 0xe7, 0x92, 0x91, 0xdd, 0x7d, 0x20, 0x39, 0xc7, 0xcf, 0xf4, 0x47, 0xdc, 0x9d, 0xea, 0x25, 0xcf, 0x72, 0x52, 0xea, 0x87, 0x5a, 0x6f, 0xce, 0x50, 0x20, 0x69, 0x91, 0xd3, 0x7b, 0x55, 0x52, 0xd9, 0xdf, 0x57, 0x76, 0x3b, 0xdc, 0x6c, 0x17, 0x89, 0x32, 0x04, 0xa6, 0x60, 0x7e, 0x66, 0x55, 0x35, 0xf4, 0x6a, 0xe0, 0x34, 0xf7, 0x57, 0x77, 0xdc, 0xba, 0x02, 0x20, 0x5d, 0xc9, 0xad, 0x8a, 0x19, 0xdb, 0x90, 0xc3, 0x28, 0x10, 0x6c, 0xdd, 0xd3, 0x75, 0x9d, 0x75, 0xac, 0xec, 0xf8, 0x5a, 0x85, 0x8a, 0x89, 0xaa, 0xe9, 0xca, 0xc0, 0xbc, 0xff, 0x42, 0x91, 0x66, 0x49, 0x4c, 0x4b, 0x29, 0x94, 0xad, 0x87, 0x41, 0x87, 0x15, 0x3e, 0x14, 0xd6, 0x4a, 0x74, 0x6d, 0xee, 0xa2, 0x27, 0x81, 0x79, 0xa2, 0x3f, 0x27, 0x82, 0x32, 0xa4, 0x46, 0xf0, 0x59, 0x25, 0x21, 0x31, 0xb8, 0xda, 0xba, 0x50, 0x6f, 0xa4, 0x59, 0xad, 0x8c, 0xb5, 0x9c, 0x83, 0x0b, 0x40, 0x71, 0x25, 0xba, 0x76, 0xa3, 0xa2, 0xe1, 0x6d, 0x5d, 0xda, 0x2f, 0xc4, 0xe3, 0x3f, 0x5c, 0x60, 0x12, 0xfe, 0x74, 0xe6, 0x18, 0x5c, 0x4a, 0x34, 0x65, 0x6b, 0x87, 0x34, 0x3b, 0x3c, 0xf2, 0x0e, 0x78, 0x33, 0x46, 0xc5, 0xa5, 0xd9, 0x10, 0xcc, 0x5e, 0x4d, 0xd2, 0xf2, 0x98, 0xad, 0xcc, 0xef, 0xb3, 0x11, 0x0f, 0x6c, 0x07, 0x9e, 0x84, 0xfc, 0x42, 0x8e, 0x19, 0x81, 0x92, 0x49, 0xe0, 0xca, 0xdd, 0x15, 0x88, 0x1d, 0x4c, 0xd3, 0x3e, 0x24, 0xbb, 0x59, 0x89, 0xd8, 0xae, 0x06, 0x4a, 0x26, 0x0b, 0xe2, 0x38, 0x18, 0x31, 0x7b, 0xb3, 0x0c, 0x73, 0x04, 0x48, 0x39, 0xe4, 0x46, 0x99, 0x67, 0x8d, 0x08, 0xa1, 0xb9, 0x5d, 0x7e, 0xc6, 0x57, 0x40, 0xca, 0x53, 0xd9, 0xab, 0xdc, 0xc3, 0x6d, 0x1f, 0x65, 0xd4, 0xfa, 0x3a, 0xa3, 0xde, 0x9d, 0x7f, 0x23, 0x0f, 0xa4, 0x45, 0xca, 0xbd, 0x05, 0xd9, 0xd7, 0x81, 0xc2, 0xa4, 0x88, 0x03, 0x12, 0x5b, 0x7f, 0xe8, 0xde, 0x08, 0xbc, 0x80, 0xea, 0x13, 0xb4, 0xf1, 0xe8, 0x69, 0x79, 0x71, 0xea, 0x7c, 0xd7, 0x0b, 0xbd, 0x2e, 0x8b, 0xb2, 0x6d, 0xce, 0xd0, 0xe9, 0x3a, 0xd6, 0xd4, 0xf6, 0xa3, 0x7a, 0x4e, 0x4b, 0x07, 0xd3, 0xc7, 0x46, 0xee, 0xf6, 0xeb, 0x07, 0xf7, 0xf8, 0x3f, 0x3d, 0x35, 0xa8, 0x73, 0x9c, 0xae, 0x21, 0xa5, 0x52, 0xb8, 0x1a, 0x9e, 0xce, 0xe3, 0x9f, 0x2f, 0x9a, 0xc2, 0xee, 0xbb, 0x27, 0xcb, 0x35, 0xb3, 0x24, 0x63, 0x5e, 0x93, 0x1d, 0xeb, 0x3e, 0x33, 0x54, 0xf1, 0x7f, 0x0a, 0x8b, 0xe4, 0x28, 0x73, 0x52, 0x81, 0x73, 0x5c, 0x6a, 0xf3, 0x25, 0x6f, 0xf1, 0xda, 0x5f, 0x96, 0xb2, 0xf5, 0x87, 0x80, 0xf2, 0x01, 0x10, 0x38, 0xa6, 0xc8, 0xdf, 0x75, 0x7a, 0x52, 0xd4, 0x4d, 0xc0, 0x85, 0xdf, 0xb8, 0x4f, 0x75, 0x32, 0xd2, 0x3a, 0x71, 0x11, 0x84, 0x7e, 0x08, 0x35, 0x87, 0xca, 0x5c, 0x5e, 0xa3, 0xac, 0x04, 0xca, 0x11, 0x66, 0x19, 0x0c, 0x73, 0xdc, 0x48, 0x42, 0xc4, 0x03, 0x06, 0x0a, 0xe4, 0x9d, 0x50, 0xd1, 0xb2, 0xab, 0x81, 0x74, 0xd9, 0xe8, 0x94, 0xc1, 0x6c, 0x24, 0x57, 0x45, 0x2e, 0x47, 0x00, 0x64, 0x96, 0x23, 0x7d, 0x3c, 0x2a, 0x25, 0x17, 0x92, 0x9a, 0x8b, 0x81 }, .ds_key_size = 3072, - .ds_result = { 0xeb, 0x17, 0x4c, 0xa9, 0x8d, 0x88, 0x53, 0x06, 0x8b, 0x55, 0x84, 0xc7, 0xcf, 0x89, 0x26, 0x17, 0x02, 0x2a, 0xab, 0x5c, 0x1b, 0xa6, 0x22, 0x6b, 0xdb, 0x16, 0xb4, 0x17, 0x97, 0xef, 0x41, 0x85, 0x23, 0x30, 0x2c, 0xa5, 0x13, 0x45, 0x48, 0x8d, 0x53, 0x84, 0x5c, 0xff, 0x0c, 0x23, 0x40, 0x10, 0x56, 0x0f, 0xf5, 0xc1, 0x1e, 0xe0, 0x6e, 0x14, 0xf8, 0xc4, 0x25, 0xe5, 0x35, 0x7e, 0xd6, 0xcc, 0xff, 0x08, 0xe2, 0xc7, 0xb9, 0x03, 0x5f, 0x2c, 0xc9, 0xea, 0x24, 0xa1, 0x27, 0x24, 0x41, 0x49, 0x7c, 0x71, 0x27, 0x84, 0x34, 0x42, 0x74, 0xfc, 0x95, 0x34, 0x1a, 0xdb, 0x46, 0xab, 0x4e, 0x19, 0x8d, 0x77, 0x3a, 0xdb, 0x74, 0x4c, 0x48, 0x20, 0x97, 0xd7, 0x75, 0xcb, 0xa2, 0x28, 0xd2, 0xfd, 0x6c, 0x53, 0x61, 0x71, 0xe4, 0x96, 0x93, 0x9d, 0x98, 0x07, 0xd0, 0x1b, 0x9f, 0x17, 0x1c, 0xf1, 0x32, 0xc1, 0x13, 0x5a, 0x84, 0x49, 0x19, 0x19, 0xc5, 0x36, 0xb2, 0xdb, 0xf7, 0x8b, 0x8d, 0x39, 0xdd, 0xc6, 0xdb, 0x2d, 0xcf, 0xd2, 0xbe, 0x38, 0x8b, 0x90, 0x37, 0xeb, 0x1b, 0x70, 0xed, 0x94, 0x3b, 0xad, 0x5c, 0x19, 0xe2, 0xbe, 0x76, 0xa4, 0xb2, 0x60, 0xc9, 0xd2, 0x6f, 0xb4, 0x01, 0xb1, 0xd7, 0x37, 0xc7, 0xb2, 0xfd, 0xfa, 0xd0, 0xf7, 0xb8, 0x10, 0x2d, 0x59, 0xde, 0x4d, 0x08, 0x25, 0xd1, 0x79, 0x69, 0xfc, 0x87, 0x1a, 0xf1, 0x41, 0x8a, 0x13, 0x31, 0xc4, 0xd4, 0x36, 0x3c, 0x24, 0xc2, 0xe1, 0x27, 0x85, 0x72, 0xe4, 0x92, 0x7a, 0x89, 0x93, 0x47, 0xc6, 0x9b, 0xaa, 0xe0, 0x12, 0xc1, 0x4b, 0x7d, 0xd1, 0xc9, 0xc7, 0x9a, 0xab, 0xa8, 0x68, 0x4d, 0x9e, 0xf4, 0xc4, 0x2e, 0x4b, 0xe6, 0x6d, 0x2a, 0x07, 0xa1, 0xc1, 0x4b, 0x5f, 0x84, 0xf6, 0xd9, 0x5c, 0x15, 0xc8, 0xcc, 0xa5, 0x60, 0x1b, 0xc1, 0x83, 0x9d, 0x18, 0x82, 0xbd, 0x07, 0xb7, 0xa3, 0xb0, 0x93, 0x03, 0x8e, 0x9a, 0x95, 0x3f, 0xe1, 0x4c, 0x6c, 0x21, 0x7e, 0xb3, 0xd7, 0xae, 0xf9, 0x6f, 0x4e, 0x4c, 0xfa, 0xa0, 0x2a, 0x46, 0xae, 0x3a, 0xe6, 0x93, 0xae, 0x1a, 0xfb, 0xa5, 0x2f, 0xad, 0x92, 0xa5, 0x12, 0x76, 0xd6, 0xb9, 0x93, 0xbb, 0xa2, 0x2a, 0x01, 0x14, 0x3a, 0xd7, 0x17, 0xd6, 0xfd, 0xc5, 0x75, 0x9d, 0x8e, 0x4f, 0xee, 0x2f, 0x9f, 0xfb, 0x71, 0x9a, 0x7e, 0xd9, 0xff, 0x95, 0xa0, 0x9f, 0x3d, 0x83, 0x91, 0xcc, 0x86, 0xc2, 0x5c, 0x68, 0xd3, 0x9d, 0x7f, 0x71, 0x54, 0x7a, 0xec, 0xe6, 0x40, 0xa5, 0xe5, 0xb7, 0x84, 0xd7, 0x56, 0x6c, 0x40, 0xb3, 0xa1, 0x9a, 0x9e, 0x50, 0x2b, 0x93, 0xfe, 0xca, 0xa6, 0x3d, 0x02, 0x6b, 0x31, 0x51, 0x87, 0x9d, 0xa7, 0x30, 0x82, 0x49, 0xe5, 0x26, 0xc7, 0xaf } - } + .ds_result = { 0x8d, 0x8b, 0x79, 0x31, 0xbb, 0xc8, 0x02, 0x33, 0xf3, 0x32, 0x96, 0x53, 0xd0, 0x19, 0xd8, 0x3d, 0x71, 0x9d, 0xc9, 0xf1, 0xad, 0x3a, 0x2b, 0x07, 0xb7, 0x08, 0x6f, 0xe4, 0x45, 0xfa, 0x44, 0x7d, 0x66, 0xa5, 0x01, 0x71, 0x28, 0x34, 0xaa, 0x53, 0x0c, 0x66, 0x53, 0x9b, 0x39, 0xeb, 0xb9, 0x6f, 0x24, 0xa6, 0x2e, 0xb7, 0xbd, 0x01, 0x88, 0xab, 0x02, 0x0f, 0x7f, 0x7b, 0xdf, 0xf9, 0xd7, 0x40, 0x51, 0xde, 0x94, 0x83, 0x47, 0x72, 0xab, 0x96, 0xb5, 0xb9, 0xca, 0xbf, 0xc5, 0xff, 0xe4, 0x15, 0x61, 0x65, 0xca, 0x29, 0xf6, 0x37, 0x6a, 0xb0, 0x2e, 0xb4, 0xb9, 0x99, 0x1c, 0x0c, 0xcd, 0x02, 0x3e, 0x26, 0x91, 0x04, 0xc0, 0x6f, 0x13, 0x42, 0xeb, 0x38, 0xc9, 0x63, 0xd3, 0x44, 0xc0, 0xa3, 0x49, 0x30, 0xed, 0xf2, 0x92, 0xbb, 0x66, 0x6d, 0x18, 0x25, 0x91, 0xc2, 0x82, 0x3c, 0x61, 0xf1, 0x95, 0x1a, 0x9d, 0x78, 0xef, 0x48, 0x55, 0xd5, 0xc5, 0xdc, 0x67, 0x7b, 0xba, 0x8a, 0x5e, 0x46, 0x32, 0x1d, 0x37, 0xbc, 0x1b, 0x1b, 0x47, 0xe9, 0x30, 0xa7, 0x89, 0x63, 0x80, 0x87, 0x6c, 0xe5, 0x37, 0xc3, 0x72, 0x35, 0x22, 0x7b, 0xb0, 0xec, 0x20, 0xf7, 0x2c, 0x00, 0xe7, 0x90, 0xec, 0x7f, 0xe1, 0x91, 0xe8, 0xca, 0xf1, 0x06, 0x86, 0xb1, 0xf0, 0x38, 0x5c, 0x2e, 0xfa, 0x0d, 0x95, 0xf1, 0xb1, 0x69, 0x28, 0xd4, 0x55, 0x20, 0xa6, 0xcd, 0xf3, 0x4b, 0x5d, 0xce, 0x7b, 0xd8, 0x43, 0x76, 0x5b, 0x6a, 0x66, 0x59, 0x84, 0x5a, 0xc4, 0xc4, 0xb5, 0x9d, 0x22, 0x07, 0x72, 0x7c, 0xe6, 0xf8, 0x0b, 0x4c, 0x69, 0x11, 0x91, 0x14, 0x84, 0x26, 0x31, 0x3e, 0x12, 0xf7, 0xb1, 0x67, 0x0c, 0x54, 0xe2, 0x17, 0x8a, 0xfa, 0x59, 0x17, 0xf8, 0x21, 0xc1, 0x50, 0x98, 0xd8, 0x0e, 0x36, 0x98, 0xbd, 0x76, 0x06, 0x8f, 0x85, 0x4b, 0x55, 0x16, 0xeb, 0xa4, 0xaa, 0xd5, 0xd9, 0xba, 0x31, 0x91, 0x5e, 0xc6, 0x76, 0xcb, 0xbb, 0x10, 0x5b, 0x82, 0x0c, 0x38, 0x82, 0x91, 0x05, 0x98, 0x15, 0xc4, 0x49, 0x3f, 0xab, 0xe3, 0x29, 0x36, 0x72, 0xc3, 0xfc, 0xb2, 0xde, 0x94, 0x4b, 0x2f, 0x49, 0xba, 0xb1, 0x2c, 0xfe, 0x4c, 0x02, 0x2c, 0x59, 0x1b, 0x31, 0xd9, 0xa6, 0x4a, 0x7c, 0xfb, 0x47, 0xf2, 0x17, 0x73, 0x2d, 0xaa, 0x88, 0x2c, 0x9e, 0xd1, 0xf6, 0xbb, 0xd9, 0x4b, 0x93, 0x15, 0x92, 0x1d, 0x0a, 0xfc, 0xf1, 0xff, 0xf2, 0x3d, 0x96, 0xb9, 0x58, 0x00, 0x4c, 0xfa, 0xee, 0x1c, 0xe1, 0xc7, 0x8d, 0xd4, 0xd0, 0xdc, 0xaa, 0x4d, 0x6c, 0x5b, 0x08, 0x19, 0x5c, 0xd9, 0xdb, 0x8e, 0x55, 0x35, 0xa3, 0x41, 0xe8, 0xda, 0xa4, 0xcc, 0x33, 0xb9, 0x17, 0x08, 0x4b, 0xc5, 0x6d, 0x7a, 0x6a, 0x86, 0x5c }, +#endif + .ds_encrypted_input_params_iv = { 0xff, 0xb6, 0x53, 0x89, 0xd3, 0xe6, 0x33, 0x9b, 0x37, 0xd9, 0x09, 0xc0, 0xd5, 0xe3, 0x98, 0xd6 }, + }, }; diff --git a/components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c b/components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c index fba2088619..0d86a6e40a 100644 --- a/components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c +++ b/components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c @@ -28,6 +28,7 @@ #include "ecdsa/ecdsa_alt.h" #if SOC_KEY_MANAGER_SUPPORTED #include "esp_key_mgr.h" +#include "hal/key_mgr_ll.h" #endif #if SOC_ECDSA_SUPPORTED @@ -409,6 +410,10 @@ static void deploy_key_in_key_manager(const uint8_t *k1_encrypted, esp_key_mgr_k TEST_CASE("mbedtls ECDSA signature generation on SECP192R1", "[mbedtls][key_manager_key]") { + if (!key_mgr_ll_is_supported()) { + TEST_IGNORE_MESSAGE("Key manager is not supported"); + } + deploy_key_in_key_manager(k1_ecdsa192_encrypt, ESP_KEY_MGR_ECDSA_192_KEY); test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, false, USE_ECDSA_KEY_FROM_KEY_MANAGER); esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_192_KEY); @@ -416,6 +421,10 @@ TEST_CASE("mbedtls ECDSA signature generation on SECP192R1", "[mbedtls][key_mana TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][key_manager_key]") { + if (!key_mgr_ll_is_supported()) { + TEST_IGNORE_MESSAGE("Key manager is not supported"); + } + deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_256_KEY); test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, false, USE_ECDSA_KEY_FROM_KEY_MANAGER); esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_256_KEY); @@ -452,6 +461,10 @@ TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP384R1", "[mbe #if SOC_KEY_MANAGER_SUPPORTED TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP192R1", "[mbedtls][key_manager_key]") { + if (!key_mgr_ll_is_supported()) { + TEST_IGNORE_MESSAGE("Key manager is not supported"); + } + if (!ecdsa_ll_is_deterministic_mode_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); } else { @@ -540,6 +553,10 @@ TEST_CASE("mbedtls ECDSA export public key on SECP384R1", "[mbedtls][efuse_key]" #if SOC_KEY_MANAGER_SUPPORTED TEST_CASE("mbedtls ECDSA export public key on SECP192R1", "[mbedtls][key_manager_key]") { + if (!key_mgr_ll_is_supported()) { + TEST_IGNORE_MESSAGE("Key manager is not supported"); + } + deploy_key_in_key_manager(k1_ecdsa192_encrypt, ESP_KEY_MGR_ECDSA_192_KEY); test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP192R1, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, USE_ECDSA_KEY_FROM_KEY_MANAGER); esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_192_KEY); @@ -547,6 +564,10 @@ TEST_CASE("mbedtls ECDSA export public key on SECP192R1", "[mbedtls][key_manager TEST_CASE("mbedtls ECDSA export public key on SECP256R1", "[mbedtls][key_manager_key]") { + if (!key_mgr_ll_is_supported()) { + TEST_IGNORE_MESSAGE("Key manager is not supported"); + } + deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_256_KEY); test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP256R1, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, USE_ECDSA_KEY_FROM_KEY_MANAGER); esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_256_KEY); diff --git a/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in b/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in index 85fbcf97ca..2299616125 100644 --- a/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in @@ -209,7 +209,11 @@ config SOC_ECDSA_SUPPORTED config SOC_KEY_MANAGER_SUPPORTED bool - default n + default y + +config SOC_HUK_SUPPORTED + bool + default y config SOC_FLASH_ENC_SUPPORTED bool @@ -1753,7 +1757,7 @@ config SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT config SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY bool - default y + default n config SOC_KEY_MANAGER_FE_KEY_DEPLOY bool @@ -1767,6 +1771,14 @@ config SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 bool default y +config SOC_KEY_MANAGER_HMAC_KEY_DEPLOY + bool + default y + +config SOC_KEY_MANAGER_DS_KEY_DEPLOY + bool + default y + config SOC_SECURE_BOOT_V2_RSA bool default y diff --git a/components/soc/esp32p4/include/soc/soc_caps.h b/components/soc/esp32p4/include/soc/soc_caps.h index 6a0c9cf655..d6e4a8efc7 100644 --- a/components/soc/esp32p4/include/soc/soc_caps.h +++ b/components/soc/esp32p4/include/soc/soc_caps.h @@ -73,8 +73,9 @@ #define SOC_DIG_SIGN_SUPPORTED 1 #define SOC_ECC_SUPPORTED 1 #define SOC_ECC_EXTENDED_MODES_SUPPORTED 1 -#define SOC_ECDSA_SUPPORTED 0 -#define SOC_KEY_MANAGER_SUPPORTED 0 +#define SOC_ECDSA_SUPPORTED 0 // TODO: IDF-13523 +#define SOC_KEY_MANAGER_SUPPORTED 1 +#define SOC_HUK_SUPPORTED 1 #define SOC_FLASH_ENC_SUPPORTED 1 #define SOC_SECURE_BOOT_SUPPORTED 1 #define SOC_BOD_SUPPORTED 1 @@ -654,10 +655,12 @@ /*-------------------------- Key Manager CAPS----------------------------*/ #define SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT 1 /*!< Key manager supports key deployment */ -#define SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY 1 /*!< Key manager responsible to deploy ECDSA key */ +#define SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY 0 /*!< Key manager responsible to deploy ECDSA key */ // TODO: IDF-13523 #define SOC_KEY_MANAGER_FE_KEY_DEPLOY 1 /*!< Key manager responsible to deploy Flash Encryption key */ #define SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_128 1 /*!< Key manager responsible to deploy the XTS-AES-128 key */ #define SOC_KEY_MANAGER_FE_KEY_DEPLOY_XTS_AES_256 1 /*!< Key manager responsible to deploy the XTS-AES-256 key */ +#define SOC_KEY_MANAGER_HMAC_KEY_DEPLOY 1 /*!< Key manager responsible to deploy HMAC key */ +#define SOC_KEY_MANAGER_DS_KEY_DEPLOY 1 /*!< Key manager responsible to deploy DS key */ /*-------------------------- Secure Boot CAPS----------------------------*/ #define SOC_SECURE_BOOT_V2_RSA 1 diff --git a/components/soc/esp32p4/register/hw_ver3/soc/keymng_eco5_reg.h b/components/soc/esp32p4/register/hw_ver3/soc/keymng_eco5_reg.h deleted file mode 100644 index a385df2586..0000000000 --- a/components/soc/esp32p4/register/hw_ver3/soc/keymng_eco5_reg.h +++ /dev/null @@ -1,395 +0,0 @@ -/** - * SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD - * - * SPDX-License-Identifier: Apache-2.0 - */ -#pragma once - -#include -#include "soc/soc.h" -#ifdef __cplusplus -extern "C" { -#endif - -/** KEYMNG_CLK_REG register - * Key Manager clock gate control register - */ -#define KEYMNG_CLK_REG (DR_REG_KEYMNG_BASE + 0x4) -/** KEYMNG_REG_CG_FORCE_ON : R/W; bitpos: [0]; default: 1; - * Write 1 to force on register clock gate. - */ -#define KEYMNG_REG_CG_FORCE_ON (BIT(0)) -#define KEYMNG_REG_CG_FORCE_ON_M (KEYMNG_REG_CG_FORCE_ON_V << KEYMNG_REG_CG_FORCE_ON_S) -#define KEYMNG_REG_CG_FORCE_ON_V 0x00000001U -#define KEYMNG_REG_CG_FORCE_ON_S 0 -/** KEYMNG_MEM_CG_FORCE_ON : R/W; bitpos: [1]; default: 0; - * Write 1 to force on memory clock gate. - */ -#define KEYMNG_MEM_CG_FORCE_ON (BIT(1)) -#define KEYMNG_MEM_CG_FORCE_ON_M (KEYMNG_MEM_CG_FORCE_ON_V << KEYMNG_MEM_CG_FORCE_ON_S) -#define KEYMNG_MEM_CG_FORCE_ON_V 0x00000001U -#define KEYMNG_MEM_CG_FORCE_ON_S 1 - -/** KEYMNG_INT_RAW_REG register - * Key Manager interrupt raw register, valid in level. - */ -#define KEYMNG_INT_RAW_REG (DR_REG_KEYMNG_BASE + 0x8) -/** KEYMNG_PREP_DONE_INT_RAW : RO/WTC/SS; bitpos: [0]; default: 0; - * The raw interrupt status bit for the km_prep_done_int interrupt - */ -#define KEYMNG_PREP_DONE_INT_RAW (BIT(0)) -#define KEYMNG_PREP_DONE_INT_RAW_M (KEYMNG_PREP_DONE_INT_RAW_V << KEYMNG_PREP_DONE_INT_RAW_S) -#define KEYMNG_PREP_DONE_INT_RAW_V 0x00000001U -#define KEYMNG_PREP_DONE_INT_RAW_S 0 -/** KEYMNG_PROC_DONE_INT_RAW : RO/WTC/SS; bitpos: [1]; default: 0; - * The raw interrupt status bit for the km_proc_done_int interrupt - */ -#define KEYMNG_PROC_DONE_INT_RAW (BIT(1)) -#define KEYMNG_PROC_DONE_INT_RAW_M (KEYMNG_PROC_DONE_INT_RAW_V << KEYMNG_PROC_DONE_INT_RAW_S) -#define KEYMNG_PROC_DONE_INT_RAW_V 0x00000001U -#define KEYMNG_PROC_DONE_INT_RAW_S 1 -/** KEYMNG_POST_DONE_INT_RAW : RO/WTC/SS; bitpos: [2]; default: 0; - * The raw interrupt status bit for the km_post_done_int interrupt - */ -#define KEYMNG_POST_DONE_INT_RAW (BIT(2)) -#define KEYMNG_POST_DONE_INT_RAW_M (KEYMNG_POST_DONE_INT_RAW_V << KEYMNG_POST_DONE_INT_RAW_S) -#define KEYMNG_POST_DONE_INT_RAW_V 0x00000001U -#define KEYMNG_POST_DONE_INT_RAW_S 2 - -/** KEYMNG_INT_ST_REG register - * Key Manager interrupt status register. - */ -#define KEYMNG_INT_ST_REG (DR_REG_KEYMNG_BASE + 0xc) -/** KEYMNG_PREP_DONE_INT_ST : RO; bitpos: [0]; default: 0; - * The masked interrupt status bit for the km_prep_done_int interrupt - */ -#define KEYMNG_PREP_DONE_INT_ST (BIT(0)) -#define KEYMNG_PREP_DONE_INT_ST_M (KEYMNG_PREP_DONE_INT_ST_V << KEYMNG_PREP_DONE_INT_ST_S) -#define KEYMNG_PREP_DONE_INT_ST_V 0x00000001U -#define KEYMNG_PREP_DONE_INT_ST_S 0 -/** KEYMNG_PROC_DONE_INT_ST : RO; bitpos: [1]; default: 0; - * The masked interrupt status bit for the km_proc_done_int interrupt - */ -#define KEYMNG_PROC_DONE_INT_ST (BIT(1)) -#define KEYMNG_PROC_DONE_INT_ST_M (KEYMNG_PROC_DONE_INT_ST_V << KEYMNG_PROC_DONE_INT_ST_S) -#define KEYMNG_PROC_DONE_INT_ST_V 0x00000001U -#define KEYMNG_PROC_DONE_INT_ST_S 1 -/** KEYMNG_POST_DONE_INT_ST : RO; bitpos: [2]; default: 0; - * The masked interrupt status bit for the km_post_done_int interrupt - */ -#define KEYMNG_POST_DONE_INT_ST (BIT(2)) -#define KEYMNG_POST_DONE_INT_ST_M (KEYMNG_POST_DONE_INT_ST_V << KEYMNG_POST_DONE_INT_ST_S) -#define KEYMNG_POST_DONE_INT_ST_V 0x00000001U -#define KEYMNG_POST_DONE_INT_ST_S 2 - -/** KEYMNG_INT_ENA_REG register - * Key Manager interrupt enable register. - */ -#define KEYMNG_INT_ENA_REG (DR_REG_KEYMNG_BASE + 0x10) -/** KEYMNG_PREP_DONE_INT_ENA : R/W; bitpos: [0]; default: 0; - * The interrupt enable bit for the km_prep_done_int interrupt - */ -#define KEYMNG_PREP_DONE_INT_ENA (BIT(0)) -#define KEYMNG_PREP_DONE_INT_ENA_M (KEYMNG_PREP_DONE_INT_ENA_V << KEYMNG_PREP_DONE_INT_ENA_S) -#define KEYMNG_PREP_DONE_INT_ENA_V 0x00000001U -#define KEYMNG_PREP_DONE_INT_ENA_S 0 -/** KEYMNG_PROC_DONE_INT_ENA : R/W; bitpos: [1]; default: 0; - * The interrupt enable bit for the km_proc_done_int interrupt - */ -#define KEYMNG_PROC_DONE_INT_ENA (BIT(1)) -#define KEYMNG_PROC_DONE_INT_ENA_M (KEYMNG_PROC_DONE_INT_ENA_V << KEYMNG_PROC_DONE_INT_ENA_S) -#define KEYMNG_PROC_DONE_INT_ENA_V 0x00000001U -#define KEYMNG_PROC_DONE_INT_ENA_S 1 -/** KEYMNG_POST_DONE_INT_ENA : R/W; bitpos: [2]; default: 0; - * The interrupt enable bit for the km_post_done_int interrupt - */ -#define KEYMNG_POST_DONE_INT_ENA (BIT(2)) -#define KEYMNG_POST_DONE_INT_ENA_M (KEYMNG_POST_DONE_INT_ENA_V << KEYMNG_POST_DONE_INT_ENA_S) -#define KEYMNG_POST_DONE_INT_ENA_V 0x00000001U -#define KEYMNG_POST_DONE_INT_ENA_S 2 - -/** KEYMNG_INT_CLR_REG register - * Key Manager interrupt clear register. - */ -#define KEYMNG_INT_CLR_REG (DR_REG_KEYMNG_BASE + 0x14) -/** KEYMNG_PREP_DONE_INT_CLR : WT; bitpos: [0]; default: 0; - * Set this bit to clear the km_prep_done_int interrupt - */ -#define KEYMNG_PREP_DONE_INT_CLR (BIT(0)) -#define KEYMNG_PREP_DONE_INT_CLR_M (KEYMNG_PREP_DONE_INT_CLR_V << KEYMNG_PREP_DONE_INT_CLR_S) -#define KEYMNG_PREP_DONE_INT_CLR_V 0x00000001U -#define KEYMNG_PREP_DONE_INT_CLR_S 0 -/** KEYMNG_PROC_DONE_INT_CLR : WT; bitpos: [1]; default: 0; - * Set this bit to clear the km_proc_done_int interrupt - */ -#define KEYMNG_PROC_DONE_INT_CLR (BIT(1)) -#define KEYMNG_PROC_DONE_INT_CLR_M (KEYMNG_PROC_DONE_INT_CLR_V << KEYMNG_PROC_DONE_INT_CLR_S) -#define KEYMNG_PROC_DONE_INT_CLR_V 0x00000001U -#define KEYMNG_PROC_DONE_INT_CLR_S 1 -/** KEYMNG_POST_DONE_INT_CLR : WT; bitpos: [2]; default: 0; - * Set this bit to clear the km_post_done_int interrupt - */ -#define KEYMNG_POST_DONE_INT_CLR (BIT(2)) -#define KEYMNG_POST_DONE_INT_CLR_M (KEYMNG_POST_DONE_INT_CLR_V << KEYMNG_POST_DONE_INT_CLR_S) -#define KEYMNG_POST_DONE_INT_CLR_V 0x00000001U -#define KEYMNG_POST_DONE_INT_CLR_S 2 - -/** KEYMNG_STATIC_REG register - * Key Manager static configuration register - */ -#define KEYMNG_STATIC_REG (DR_REG_KEYMNG_BASE + 0x18) -/** KEYMNG_USE_EFUSE_KEY : R/W; bitpos: [4:0]; default: 0; - * Set each bit to choose efuse key instead of key manager deployed key. Each bit - * stands for a key type:bit 4 for psram_key; bit 3 for ds_key; bit 2 for hmac_key; - * bit 1 for flash_key; bit 0 for ecdsa_key - */ -#define KEYMNG_USE_EFUSE_KEY 0x0000001FU -#define KEYMNG_USE_EFUSE_KEY_M (KEYMNG_USE_EFUSE_KEY_V << KEYMNG_USE_EFUSE_KEY_S) -#define KEYMNG_USE_EFUSE_KEY_V 0x0000001FU -#define KEYMNG_USE_EFUSE_KEY_S 0 -/** KEYMNG_RND_SWITCH_CYCLE : R/W; bitpos: [9:5]; default: 15; - * The core clock cycle number to sample one rng input data. Please set it bigger than - * the clock cycle ratio: T_rng/T_km - */ -#define KEYMNG_RND_SWITCH_CYCLE 0x0000001FU -#define KEYMNG_RND_SWITCH_CYCLE_M (KEYMNG_RND_SWITCH_CYCLE_V << KEYMNG_RND_SWITCH_CYCLE_S) -#define KEYMNG_RND_SWITCH_CYCLE_V 0x0000001FU -#define KEYMNG_RND_SWITCH_CYCLE_S 5 -/** KEYMNG_USE_SW_INIT_KEY : R/W; bitpos: [10]; default: 0; - * Set this bit to use software written init key instead of efuse_init_key. - */ -#define KEYMNG_USE_SW_INIT_KEY (BIT(10)) -#define KEYMNG_USE_SW_INIT_KEY_M (KEYMNG_USE_SW_INIT_KEY_V << KEYMNG_USE_SW_INIT_KEY_S) -#define KEYMNG_USE_SW_INIT_KEY_V 0x00000001U -#define KEYMNG_USE_SW_INIT_KEY_S 10 -/** KEYMNG_FLASH_KEY_LEN : R/W; bitpos: [11]; default: 0; - * Set this bit to choose flash crypt using xts-aes-256 or xts-aes-128. 1: use - * xts-aes-256. 0: use xts-aes-128. - */ -#define KEYMNG_FLASH_KEY_LEN (BIT(11)) -#define KEYMNG_FLASH_KEY_LEN_M (KEYMNG_FLASH_KEY_LEN_V << KEYMNG_FLASH_KEY_LEN_S) -#define KEYMNG_FLASH_KEY_LEN_V 0x00000001U -#define KEYMNG_FLASH_KEY_LEN_S 11 -/** KEYMNG_PSRAM_KEY_LEN : R/W; bitpos: [12]; default: 0; - * Set this bit to choose psram crypt using xts-aes-256 or xts-aes-128. 1: use - * xts-aes-256. 0: use xts-aes-128. - */ -#define KEYMNG_PSRAM_KEY_LEN (BIT(12)) -#define KEYMNG_PSRAM_KEY_LEN_M (KEYMNG_PSRAM_KEY_LEN_V << KEYMNG_PSRAM_KEY_LEN_S) -#define KEYMNG_PSRAM_KEY_LEN_V 0x00000001U -#define KEYMNG_PSRAM_KEY_LEN_S 12 - -/** KEYMNG_LOCK_REG register - * Key Manager static configuration locker register - */ -#define KEYMNG_LOCK_REG (DR_REG_KEYMNG_BASE + 0x1c) -/** KEYMNG_USE_EFUSE_KEY_LOCK : R/W1; bitpos: [4:0]; default: 0; - * Write 1 to lock reg_use_efuse_key. Each bit locks the corresponding bit of - * reg_use_efuse_key. - */ -#define KEYMNG_USE_EFUSE_KEY_LOCK 0x0000001FU -#define KEYMNG_USE_EFUSE_KEY_LOCK_M (KEYMNG_USE_EFUSE_KEY_LOCK_V << KEYMNG_USE_EFUSE_KEY_LOCK_S) -#define KEYMNG_USE_EFUSE_KEY_LOCK_V 0x0000001FU -#define KEYMNG_USE_EFUSE_KEY_LOCK_S 0 -/** KEYMNG_RND_SWITCH_CYCLE_LOCK : R/W1; bitpos: [5]; default: 0; - * Write 1 to lock reg_rnd_switch_cycle. - */ -#define KEYMNG_RND_SWITCH_CYCLE_LOCK (BIT(5)) -#define KEYMNG_RND_SWITCH_CYCLE_LOCK_M (KEYMNG_RND_SWITCH_CYCLE_LOCK_V << KEYMNG_RND_SWITCH_CYCLE_LOCK_S) -#define KEYMNG_RND_SWITCH_CYCLE_LOCK_V 0x00000001U -#define KEYMNG_RND_SWITCH_CYCLE_LOCK_S 5 -/** KEYMNG_USE_SW_INIT_KEY_LOCK : R/W1; bitpos: [6]; default: 0; - * Write 1 to lock reg_use_sw_init_key. - */ -#define KEYMNG_USE_SW_INIT_KEY_LOCK (BIT(6)) -#define KEYMNG_USE_SW_INIT_KEY_LOCK_M (KEYMNG_USE_SW_INIT_KEY_LOCK_V << KEYMNG_USE_SW_INIT_KEY_LOCK_S) -#define KEYMNG_USE_SW_INIT_KEY_LOCK_V 0x00000001U -#define KEYMNG_USE_SW_INIT_KEY_LOCK_S 6 -/** KEYMNG_FLASH_KEY_LEN_LOCK : R/W1; bitpos: [7]; default: 0; - * Write 1 to lock reg_flash_key_len. - */ -#define KEYMNG_FLASH_KEY_LEN_LOCK (BIT(7)) -#define KEYMNG_FLASH_KEY_LEN_LOCK_M (KEYMNG_FLASH_KEY_LEN_LOCK_V << KEYMNG_FLASH_KEY_LEN_LOCK_S) -#define KEYMNG_FLASH_KEY_LEN_LOCK_V 0x00000001U -#define KEYMNG_FLASH_KEY_LEN_LOCK_S 7 -/** KEYMNG_PSRAM_KEY_LEN_LOCK : R/W1; bitpos: [8]; default: 0; - * Write 1 to lock reg_psram_key_len. - */ -#define KEYMNG_PSRAM_KEY_LEN_LOCK (BIT(8)) -#define KEYMNG_PSRAM_KEY_LEN_LOCK_M (KEYMNG_PSRAM_KEY_LEN_LOCK_V << KEYMNG_PSRAM_KEY_LEN_LOCK_S) -#define KEYMNG_PSRAM_KEY_LEN_LOCK_V 0x00000001U -#define KEYMNG_PSRAM_KEY_LEN_LOCK_S 8 - -/** KEYMNG_CONF_REG register - * Key Manager configuration register - */ -#define KEYMNG_CONF_REG (DR_REG_KEYMNG_BASE + 0x20) -/** KEYMNG_KGEN_MODE : R/W; bitpos: [2:0]; default: 0; - * Set this field to choose the key generator deployment mode. 0: random mode. 1: AES - * mode. 2: ECDH0 mode. 3: ECDH1 mode. 4: recover mode. 5: export mode. 6-7: reserved. - */ -#define KEYMNG_KGEN_MODE 0x00000007U -#define KEYMNG_KGEN_MODE_M (KEYMNG_KGEN_MODE_V << KEYMNG_KGEN_MODE_S) -#define KEYMNG_KGEN_MODE_V 0x00000007U -#define KEYMNG_KGEN_MODE_S 0 -/** KEYMNG_KEY_PURPOSE : R/W; bitpos: [6:3]; default: 0; - * Set this field to choose the key purpose. 1: ecdsa_key_192. 2: ecdsa_key_256. 3: - * flash_256_1_key. 4: flash_256_2_key. 5: flash_128_key. 6: hmac_key. 7: ds_key. 8: - * psram_256_1_key. 9: psram_256_2_key. 10: psram_128_key. 11: ecdsa_key_384_l. 12: - * ecdsa_key_384_h. Others: reserved. - */ -#define KEYMNG_KEY_PURPOSE 0x0000000FU -#define KEYMNG_KEY_PURPOSE_M (KEYMNG_KEY_PURPOSE_V << KEYMNG_KEY_PURPOSE_S) -#define KEYMNG_KEY_PURPOSE_V 0x0000000FU -#define KEYMNG_KEY_PURPOSE_S 3 - -/** KEYMNG_START_REG register - * Key Manager control register - */ -#define KEYMNG_START_REG (DR_REG_KEYMNG_BASE + 0x24) -/** KEYMNG_START : WT; bitpos: [0]; default: 0; - * Write 1 to continue Key Manager operation at LOAD/GAIN state. - */ -#define KEYMNG_START (BIT(0)) -#define KEYMNG_START_M (KEYMNG_START_V << KEYMNG_START_S) -#define KEYMNG_START_V 0x00000001U -#define KEYMNG_START_S 0 -/** KEYMNG_CONTINUE : WT; bitpos: [1]; default: 0; - * Write 1 to start Key Manager at IDLE state. - */ -#define KEYMNG_CONTINUE (BIT(1)) -#define KEYMNG_CONTINUE_M (KEYMNG_CONTINUE_V << KEYMNG_CONTINUE_S) -#define KEYMNG_CONTINUE_V 0x00000001U -#define KEYMNG_CONTINUE_S 1 - -/** KEYMNG_STATE_REG register - * Key Manager state register - */ -#define KEYMNG_STATE_REG (DR_REG_KEYMNG_BASE + 0x28) -/** KEYMNG_STATE : RO; bitpos: [1:0]; default: 0; - * The state of Key Manager. 0: IDLE. 1: LOAD. 2: GAIN. 3: BUSY. - */ -#define KEYMNG_STATE 0x00000003U -#define KEYMNG_STATE_M (KEYMNG_STATE_V << KEYMNG_STATE_S) -#define KEYMNG_STATE_V 0x00000003U -#define KEYMNG_STATE_S 0 - -/** KEYMNG_RESULT_REG register - * Key Manager operation result register - */ -#define KEYMNG_RESULT_REG (DR_REG_KEYMNG_BASE + 0x2c) -/** KEYMNG_PROC_RESULT : RO/SS; bitpos: [0]; default: 0; - * The procedure result bit of Key Manager, only valid when Key Manager procedure is - * done. 1: Key Manager procedure succeeded. 0: Key Manager procedure failed. - */ -#define KEYMNG_PROC_RESULT (BIT(0)) -#define KEYMNG_PROC_RESULT_M (KEYMNG_PROC_RESULT_V << KEYMNG_PROC_RESULT_S) -#define KEYMNG_PROC_RESULT_V 0x00000001U -#define KEYMNG_PROC_RESULT_S 0 - -/** KEYMNG_KEY_VLD_REG register - * Key Manager key status register - */ -#define KEYMNG_KEY_VLD_REG (DR_REG_KEYMNG_BASE + 0x30) -/** KEYMNG_KEY_ECDSA_192_VLD : RO; bitpos: [0]; default: 0; - * The status bit for key_ecdsa_192. 1: The key has been deployed correctly. 0: The - * key has not been deployed yet. - */ -#define KEYMNG_KEY_ECDSA_192_VLD (BIT(0)) -#define KEYMNG_KEY_ECDSA_192_VLD_M (KEYMNG_KEY_ECDSA_192_VLD_V << KEYMNG_KEY_ECDSA_192_VLD_S) -#define KEYMNG_KEY_ECDSA_192_VLD_V 0x00000001U -#define KEYMNG_KEY_ECDSA_192_VLD_S 0 -/** KEYMNG_KEY_ECDSA_256_VLD : RO; bitpos: [1]; default: 0; - * The status bit for key_ecdsa_256. 1: The key has been deployed correctly. 0: The - * key has not been deployed yet. - */ -#define KEYMNG_KEY_ECDSA_256_VLD (BIT(1)) -#define KEYMNG_KEY_ECDSA_256_VLD_M (KEYMNG_KEY_ECDSA_256_VLD_V << KEYMNG_KEY_ECDSA_256_VLD_S) -#define KEYMNG_KEY_ECDSA_256_VLD_V 0x00000001U -#define KEYMNG_KEY_ECDSA_256_VLD_S 1 -/** KEYMNG_KEY_FLASH_VLD : RO; bitpos: [2]; default: 0; - * The status bit for key_flash. 1: The key has been deployed correctly. 0: The - * key has not been deployed yet. - */ -#define KEYMNG_KEY_FLASH_VLD (BIT(2)) -#define KEYMNG_KEY_FLASH_VLD_M (KEYMNG_KEY_FLASH_VLD_V << KEYMNG_KEY_FLASH_VLD_S) -#define KEYMNG_KEY_FLASH_VLD_V 0x00000001U -#define KEYMNG_KEY_FLASH_VLD_S 2 -/** KEYMNG_KEY_HMAC_VLD : RO; bitpos: [3]; default: 0; - * The status bit for key_hmac. 1: The key has been deployed correctly. 0: The key - * has not been deployed yet. - */ -#define KEYMNG_KEY_HMAC_VLD (BIT(3)) -#define KEYMNG_KEY_HMAC_VLD_M (KEYMNG_KEY_HMAC_VLD_V << KEYMNG_KEY_HMAC_VLD_S) -#define KEYMNG_KEY_HMAC_VLD_V 0x00000001U -#define KEYMNG_KEY_HMAC_VLD_S 3 -/** KEYMNG_KEY_DS_VLD : RO; bitpos: [4]; default: 0; - * The status bit for key_ds. 1: The key has been deployed correctly. 0: The - * key has not been deployed yet. - */ -#define KEYMNG_KEY_DS_VLD (BIT(4)) -#define KEYMNG_KEY_DS_VLD_M (KEYMNG_KEY_DS_VLD_V << KEYMNG_KEY_DS_VLD_S) -#define KEYMNG_KEY_DS_VLD_V 0x00000001U -#define KEYMNG_KEY_DS_VLD_S 4 -/** KEYMNG_KEY_PSRAM_VLD : RO; bitpos: [5]; default: 0; - * The status bit for key_psram. 1: The key has been deployed correctly. 0: The key - * has not been deployed yet. - */ -#define KEYMNG_KEY_PSRAM_VLD (BIT(5)) -#define KEYMNG_KEY_PSRAM_VLD_M (KEYMNG_KEY_PSRAM_VLD_V << KEYMNG_KEY_PSRAM_VLD_S) -#define KEYMNG_KEY_PSRAM_VLD_V 0x00000001U -#define KEYMNG_KEY_PSRAM_VLD_S 5 -/** KEYMNG_KEY_ECDSA_384_VLD : RO; bitpos: [6]; default: 0; - * The status bit for key_ecdsa_384. 1: The key has been deployed correctly. 0: The - * key has not been deployed yet. - */ -#define KEYMNG_KEY_ECDSA_384_VLD (BIT(6)) -#define KEYMNG_KEY_ECDSA_384_VLD_M (KEYMNG_KEY_ECDSA_384_VLD_V << KEYMNG_KEY_ECDSA_384_VLD_S) -#define KEYMNG_KEY_ECDSA_384_VLD_V 0x00000001U -#define KEYMNG_KEY_ECDSA_384_VLD_S 6 - -/** KEYMNG_HUK_VLD_REG register - * Key Manager HUK status register - */ -#define KEYMNG_HUK_VLD_REG (DR_REG_KEYMNG_BASE + 0x34) -/** KEYMNG_HUK_VALID : RO; bitpos: [0]; default: 0; - * The HUK status. 0: HUK is not valid. 1: HUK is valid. - */ -#define KEYMNG_HUK_VALID (BIT(0)) -#define KEYMNG_HUK_VALID_M (KEYMNG_HUK_VALID_V << KEYMNG_HUK_VALID_S) -#define KEYMNG_HUK_VALID_V 0x00000001U -#define KEYMNG_HUK_VALID_S 0 - -/** KEYMNG_DATE_REG register - * Version control register - */ -#define KEYMNG_DATE_REG (DR_REG_KEYMNG_BASE + 0xfc) -/** KEYMNG_DATE : R/W; bitpos: [27:0]; default: 37781824; - * Key Manager version control register. - */ -#define KEYMNG_DATE 0x0FFFFFFFU -#define KEYMNG_DATE_M (KEYMNG_DATE_V << KEYMNG_DATE_S) -#define KEYMNG_DATE_V 0x0FFFFFFFU -#define KEYMNG_DATE_S 0 - -/** KEYMNG_ASSIST_INFO_MEM register - * The memory that stores assist key info. - */ -#define KEYMNG_ASSIST_INFO_MEM (DR_REG_KEYMNG_BASE + 0x100) -#define KEYMNG_ASSIST_INFO_MEM_SIZE_BYTES 64 - -/** KEYMNG_PUBLIC_INFO_MEM register - * The memory that stores public key info. - */ -#define KEYMNG_PUBLIC_INFO_MEM (DR_REG_KEYMNG_BASE + 0x140) -#define KEYMNG_PUBLIC_INFO_MEM_SIZE_BYTES 64 - -/** KEYMNG_SW_INIT_KEY_MEM register - * The memory that stores software written init key. - */ -#define KEYMNG_SW_INIT_KEY_MEM (DR_REG_KEYMNG_BASE + 0x180) -#define KEYMNG_SW_INIT_KEY_MEM_SIZE_BYTES 32 - -#ifdef __cplusplus -} -#endif diff --git a/components/soc/esp32p4/register/hw_ver3/soc/keymng_reg.h b/components/soc/esp32p4/register/hw_ver3/soc/keymng_reg.h index 86cef480c0..e11f28548f 100644 --- a/components/soc/esp32p4/register/hw_ver3/soc/keymng_reg.h +++ b/components/soc/esp32p4/register/hw_ver3/soc/keymng_reg.h @@ -15,13 +15,13 @@ extern "C" { * Key Manager clock gate control register */ #define KEYMNG_CLK_REG (DR_REG_KEYMNG_BASE + 0x4) -/** KEYMNG_CLK_EN : R/W; bitpos: [0]; default: 1; +/** KEYMNG_REG_CG_FORCE_ON : R/W; bitpos: [0]; default: 1; * Write 1 to force on register clock gate. */ -#define KEYMNG_CLK_EN (BIT(0)) -#define KEYMNG_CLK_EN_M (KEYMNG_CLK_EN_V << KEYMNG_CLK_EN_S) -#define KEYMNG_CLK_EN_V 0x00000001U -#define KEYMNG_CLK_EN_S 0 +#define KEYMNG_REG_CG_FORCE_ON (BIT(0)) +#define KEYMNG_REG_CG_FORCE_ON_M (KEYMNG_REG_CG_FORCE_ON_V << KEYMNG_REG_CG_FORCE_ON_S) +#define KEYMNG_REG_CG_FORCE_ON_V 0x00000001U +#define KEYMNG_REG_CG_FORCE_ON_S 0 /** KEYMNG_MEM_CG_FORCE_ON : R/W; bitpos: [1]; default: 0; * Write 1 to force on memory clock gate. */ @@ -138,85 +138,165 @@ extern "C" { * Key Manager static configuration register */ #define KEYMNG_STATIC_REG (DR_REG_KEYMNG_BASE + 0x18) +/** KEYMNG_USE_EFUSE_KEY : R/W; bitpos: [4:0]; default: 0; + * Set each bit to choose efuse key instead of key manager deployed key. Each bit + * stands for a key type:bit 4 for psram_key; bit 3 for ds_key; bit 2 for hmac_key; + * bit 1 for flash_key; bit 0 for ecdsa_key + */ +#define KEYMNG_USE_EFUSE_KEY 0x0000001FU +#define KEYMNG_USE_EFUSE_KEY_M (KEYMNG_USE_EFUSE_KEY_V << KEYMNG_USE_EFUSE_KEY_S) +#define KEYMNG_USE_EFUSE_KEY_V 0x0000001FU +#define KEYMNG_USE_EFUSE_KEY_S 0 -/* KEYMNG_USE_EFUSE_KEY_XTS : R/W ;bitpos:[1] ;default: 1'd0 ; */ -/*description: Set this bit to choose efuse key instead of key manager deployed key for xts_key.*/ -#define KEYMNG_USE_EFUSE_KEY_XTS (BIT(1)) -#define KEYMNG_USE_EFUSE_KEY_XTS_M ((KEYMNG_USE_EFUSE_KEY_XTS_V)<<(KEYMNG_USE_EFUSE_KEY_XTS_S)) -#define KEYMNG_USE_EFUSE_KEY_XTS_V 0x1 -#define KEYMNG_USE_EFUSE_KEY_XTS_S 1 - -/* KEYMNG_USE_EFUSE_KEY_ECDSA : R/W ;bitpos:[0] ;default: 1'd0 ; */ -/*description: Set this bit to choose efuse key instead of key manager deployed key for ecdsa_key.*/ +/** KEYMNG_USE_EFUSE_KEY_ECDSA : R/W; bitpos:[0]; default: 0; + * Set this bit to choose efuse key instead of key manager deployed key for ecdsa. + */ #define KEYMNG_USE_EFUSE_KEY_ECDSA (BIT(0)) -#define KEYMNG_USE_EFUSE_KEY_ECDSA_M ((KEYMNG_USE_EFUSE_KEY_ECDSA_V)<<(KEYMNG_USE_EFUSE_KEY_ECDSA_S)) -#define KEYMNG_USE_EFUSE_KEY_ECDSA_V 0x1 +#define KEYMNG_USE_EFUSE_KEY_ECDSA_M (KEYMNG_USE_EFUSE_KEY_ECDSA_V << KEYMNG_USE_EFUSE_KEY_ECDSA_S) +#define KEYMNG_USE_EFUSE_KEY_ECDSA_V 0x00000001U #define KEYMNG_USE_EFUSE_KEY_ECDSA_S 0 -/** KEYMNG_RND_SWITCH_CYCLE : R/W; bitpos: [8:4]; default: 15; +/** KEYMNG_USE_EFUSE_KEY_FLASH : R/W; bitpos:[1]; default: 0; + * Set this bit to choose efuse key instead of key manager deployed key for flash. + */ +#define KEYMNG_USE_EFUSE_KEY_FLASH (BIT(1)) +#define KEYMNG_USE_EFUSE_KEY_FLASH_M (KEYMNG_USE_EFUSE_KEY_FLASH_V << KEYMNG_USE_EFUSE_KEY_FLASH_S) +#define KEYMNG_USE_EFUSE_KEY_FLASH_V 0x00000001U +#define KEYMNG_USE_EFUSE_KEY_FLASH_S 1 + +/** KEYMNG_USE_EFUSE_KEY_HMAC : R/W; bitpos:[0]; default: 0; + * Set this bit to choose efuse key instead of key manager deployed key for hmac. + */ +#define KEYMNG_USE_EFUSE_KEY_HMAC (BIT(2)) +#define KEYMNG_USE_EFUSE_KEY_HMAC_M (KEYMNG_USE_EFUSE_KEY_HMAC_V << KEYMNG_USE_EFUSE_KEY_HMAC_S) +#define KEYMNG_USE_EFUSE_KEY_HMAC_V 0x00000001U +#define KEYMNG_USE_EFUSE_KEY_HMAC_S 2 + +/** KEYMNG_USE_EFUSE_KEY_DS : R/W; bitpos:[1]; default: 0; + * Set this bit to choose efuse key instead of key manager deployed key for ds. + */ +#define KEYMNG_USE_EFUSE_KEY_DS (BIT(3)) +#define KEYMNG_USE_EFUSE_KEY_DS_M (KEYMNG_USE_EFUSE_KEY_DS_V << KEYMNG_USE_EFUSE_KEY_DS_S) +#define KEYMNG_USE_EFUSE_KEY_DS_V 0x00000001U +#define KEYMNG_USE_EFUSE_KEY_DS_S 3 + +/** KEYMNG_USE_EFUSE_KEY_PSRAM : R/W; bitpos:[1]; default: 0; + * Set this bit to choose efuse key instead of key manager deployed key for psram. + */ +#define KEYMNG_USE_EFUSE_KEY_PSRAM (BIT(4)) +#define KEYMNG_USE_EFUSE_KEY_PSRAM_M (KEYMNG_USE_EFUSE_KEY_PSRAM_V << KEYMNG_USE_EFUSE_KEY_PSRAM_S) +#define KEYMNG_USE_EFUSE_KEY_PSRAM_V 0x00000001U +#define KEYMNG_USE_EFUSE_KEY_PSRAM_S 4 + +/** KEYMNG_RND_SWITCH_CYCLE : R/W; bitpos: [9:5]; default: 15; * The core clock cycle number to sample one rng input data. Please set it bigger than * the clock cycle ratio: T_rng/T_km */ #define KEYMNG_RND_SWITCH_CYCLE 0x0000001FU #define KEYMNG_RND_SWITCH_CYCLE_M (KEYMNG_RND_SWITCH_CYCLE_V << KEYMNG_RND_SWITCH_CYCLE_S) #define KEYMNG_RND_SWITCH_CYCLE_V 0x0000001FU -#define KEYMNG_RND_SWITCH_CYCLE_S 4 -/** KEYMNG_USE_SW_INIT_KEY : R/W; bitpos: [9]; default: 0; +#define KEYMNG_RND_SWITCH_CYCLE_S 5 +/** KEYMNG_USE_SW_INIT_KEY : R/W; bitpos: [10]; default: 0; * Set this bit to use software written init key instead of efuse_init_key. */ -#define KEYMNG_USE_SW_INIT_KEY (BIT(9)) +#define KEYMNG_USE_SW_INIT_KEY (BIT(10)) #define KEYMNG_USE_SW_INIT_KEY_M (KEYMNG_USE_SW_INIT_KEY_V << KEYMNG_USE_SW_INIT_KEY_S) #define KEYMNG_USE_SW_INIT_KEY_V 0x00000001U -#define KEYMNG_USE_SW_INIT_KEY_S 9 -/** KEYMNG_XTS_AES_KEY_LEN : R/W; bitpos: [10]; default: 0; - * Set this bit to choose using xts-aes-256 or xts-aes-128. 1: use xts-aes-256. 0: use - * xts-aes-128. +#define KEYMNG_USE_SW_INIT_KEY_S 10 +/** KEYMNG_FLASH_KEY_LEN : R/W; bitpos: [11]; default: 0; + * Set this bit to choose flash crypt using xts-aes-256 or xts-aes-128. 1: use + * xts-aes-256. 0: use xts-aes-128. */ -#define KEYMNG_XTS_AES_KEY_LEN (BIT(10)) -#define KEYMNG_XTS_AES_KEY_LEN_M (KEYMNG_XTS_AES_KEY_LEN_V << KEYMNG_XTS_AES_KEY_LEN_S) -#define KEYMNG_XTS_AES_KEY_LEN_V 0x00000001U -#define KEYMNG_XTS_AES_KEY_LEN_S 10 +#define KEYMNG_FLASH_KEY_LEN (BIT(11)) +#define KEYMNG_FLASH_KEY_LEN_M (KEYMNG_FLASH_KEY_LEN_V << KEYMNG_FLASH_KEY_LEN_S) +#define KEYMNG_FLASH_KEY_LEN_V 0x00000001U +#define KEYMNG_FLASH_KEY_LEN_S 11 +/** KEYMNG_PSRAM_KEY_LEN : R/W; bitpos: [12]; default: 0; + * Set this bit to choose psram crypt using xts-aes-256 or xts-aes-128. 1: use + * xts-aes-256. 0: use xts-aes-128. + */ +#define KEYMNG_PSRAM_KEY_LEN (BIT(12)) +#define KEYMNG_PSRAM_KEY_LEN_M (KEYMNG_PSRAM_KEY_LEN_V << KEYMNG_PSRAM_KEY_LEN_S) +#define KEYMNG_PSRAM_KEY_LEN_V 0x00000001U +#define KEYMNG_PSRAM_KEY_LEN_S 12 /** KEYMNG_LOCK_REG register * Key Manager static configuration locker register */ #define KEYMNG_LOCK_REG (DR_REG_KEYMNG_BASE + 0x1c) +/** KEYMNG_USE_EFUSE_KEY_LOCK : R/W1; bitpos: [4:0]; default: 0; + * Write 1 to lock reg_use_efuse_key. Each bit locks the corresponding bit of + * reg_use_efuse_key. + */ +#define KEYMNG_USE_EFUSE_KEY_LOCK 0x0000001FU +#define KEYMNG_USE_EFUSE_KEY_LOCK_M (KEYMNG_USE_EFUSE_KEY_LOCK_V << KEYMNG_USE_EFUSE_KEY_LOCK_S) +#define KEYMNG_USE_EFUSE_KEY_LOCK_V 0x0000001FU +#define KEYMNG_USE_EFUSE_KEY_LOCK_S 0 -/* KEYMNG_USE_EFUSE_KEY_XTS : R/W ; bitpos:[1] ; default: 1'd0 ; */ -/* description: Set thus bit to choose efuse key instead of key manager deployed key for xts_key */ -#define KEYMNG_USE_EFUSE_KEY_LOCK_XTS (BIT(1)) -#define KEYMNG_USE_EFUSE_KEY_LOCK_XTS_M ((KEYMNG_USE_EFUSE_KEY_LOCK_XTS_V)<<(KEYMNG_USE_EFUSE_KEY_LOCK_XTS_S)) -#define KEYMNG_USE_EFUSE_KEY_LOCK_XTS_V 0x1 -#define KEYMNG_USE_EFUSE_KEY_LOCK_XTS_S 1 - -/* KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA : R/W ; bitpos:[0] ; default: 1'd0 ; */ -/* description: Write 1 to lock ecdsa-key */ +/** KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA : R/W1 ;bitpos:[0]; default: 0; + * Write 1 to lock reg_use_efuse_key for esdsa + */ #define KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA (BIT(0)) -#define KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA_M ((KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA_V)<<(KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA_S)) -#define KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA_V 0x1 +#define KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA_M (KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA_V << KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA_S) +#define KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA_V 0x00000001U #define KEYMNG_USE_EFUSE_KEY_LOCK_ECDSA_S 0 +/** KEYMNG_USE_EFUSE_KEY_LOCK_FLASH : R/W1 ;bitpos:[1]; default: 0; + * Write 1 to lock reg_use_efuse_key for FLASH + */ +#define KEYMNG_USE_EFUSE_KEY_LOCK_FLASH (BIT(1)) +#define KEYMNG_USE_EFUSE_KEY_LOCK_FLASH_M (KEYMNG_USE_EFUSE_KEY_LOCK_FLASH_V << KEYMNG_USE_EFUSE_KEY_LOCK_FLASH_S) +#define KEYMNG_USE_EFUSE_KEY_LOCK_FLASH_V 0x00000001U +#define KEYMNG_USE_EFUSE_KEY_LOCK_FLASH_S 1 +/** KEYMNG_USE_EFUSE_KEY_LOCK_HMAC : R/W1 ;bitpos:[0]; default: 0; + * Write 1 to lock reg_use_efuse_key for hmac + */ +#define KEYMNG_USE_EFUSE_KEY_LOCK_HMAC (BIT(2)) +#define KEYMNG_USE_EFUSE_KEY_LOCK_HMAC_M (KEYMNG_USE_EFUSE_KEY_LOCK_HMAC_V << KEYMNG_USE_EFUSE_KEY_LOCK_HMAC_S) +#define KEYMNG_USE_EFUSE_KEY_LOCK_HMAC_V 0x00000001U +#define KEYMNG_USE_EFUSE_KEY_LOCK_HMAC_S 2 +/** KEYMNG_USE_EFUSE_KEY_LOCK_DS : R/W1 ;bitpos:[1]; default: 0; + * Write 1 to lock reg_use_efuse_key for ds + */ +#define KEYMNG_USE_EFUSE_KEY_LOCK_DS (BIT(3)) +#define KEYMNG_USE_EFUSE_KEY_LOCK_DS_M (KEYMNG_USE_EFUSE_KEY_LOCK_DS_V << KEYMNG_USE_EFUSE_KEY_LOCK_DS_S) +#define KEYMNG_USE_EFUSE_KEY_LOCK_DS_V 0x00000001U +#define KEYMNG_USE_EFUSE_KEY_LOCK_DS_S 3 +/** KEYMNG_USE_EFUSE_KEY_LOCK_PSRAM : R/W1 ;bitpos:[1]; default: 0; + * Write 1 to lock reg_use_efuse_key for PSRAM + */ +#define KEYMNG_USE_EFUSE_KEY_LOCK_PSRAM (BIT(4)) +#define KEYMNG_USE_EFUSE_KEY_LOCK_PSRAM_M (KEYMNG_USE_EFUSE_KEY_LOCK_PSRAM_V << KEYMNG_USE_EFUSE_KEY_LOCK_PSRAM_S) +#define KEYMNG_USE_EFUSE_KEY_LOCK_PSRAM_V 0x00000001U +#define KEYMNG_USE_EFUSE_KEY_LOCK_PSRAM_S 4 -/** KEYMNG_RND_SWITCH_CYCLE_LOCK : R/W1; bitpos: [4]; default: 0; +/** KEYMNG_RND_SWITCH_CYCLE_LOCK : R/W1; bitpos: [5]; default: 0; * Write 1 to lock reg_rnd_switch_cycle. */ -#define KEYMNG_RND_SWITCH_CYCLE_LOCK (BIT(4)) +#define KEYMNG_RND_SWITCH_CYCLE_LOCK (BIT(5)) #define KEYMNG_RND_SWITCH_CYCLE_LOCK_M (KEYMNG_RND_SWITCH_CYCLE_LOCK_V << KEYMNG_RND_SWITCH_CYCLE_LOCK_S) #define KEYMNG_RND_SWITCH_CYCLE_LOCK_V 0x00000001U -#define KEYMNG_RND_SWITCH_CYCLE_LOCK_S 4 -/** KEYMNG_USE_SW_INIT_KEY_LOCK : R/W1; bitpos: [5]; default: 0; +#define KEYMNG_RND_SWITCH_CYCLE_LOCK_S 5 +/** KEYMNG_USE_SW_INIT_KEY_LOCK : R/W1; bitpos: [6]; default: 0; * Write 1 to lock reg_use_sw_init_key. */ -#define KEYMNG_USE_SW_INIT_KEY_LOCK (BIT(5)) +#define KEYMNG_USE_SW_INIT_KEY_LOCK (BIT(6)) #define KEYMNG_USE_SW_INIT_KEY_LOCK_M (KEYMNG_USE_SW_INIT_KEY_LOCK_V << KEYMNG_USE_SW_INIT_KEY_LOCK_S) #define KEYMNG_USE_SW_INIT_KEY_LOCK_V 0x00000001U -#define KEYMNG_USE_SW_INIT_KEY_LOCK_S 5 -/** KEYMNG_XTS_AES_KEY_LEN_LOCK : R/W1; bitpos: [6]; default: 0; - * Write 1 to lock reg_xts_aes_key_len. +#define KEYMNG_USE_SW_INIT_KEY_LOCK_S 6 +/** KEYMNG_FLASH_KEY_LEN_LOCK : R/W1; bitpos: [7]; default: 0; + * Write 1 to lock reg_flash_key_len. */ -#define KEYMNG_XTS_AES_KEY_LEN_LOCK (BIT(6)) -#define KEYMNG_XTS_AES_KEY_LEN_LOCK_M (KEYMNG_XTS_AES_KEY_LEN_LOCK_V << KEYMNG_XTS_AES_KEY_LEN_LOCK_S) -#define KEYMNG_XTS_AES_KEY_LEN_LOCK_V 0x00000001U -#define KEYMNG_XTS_AES_KEY_LEN_LOCK_S 6 +#define KEYMNG_FLASH_KEY_LEN_LOCK (BIT(7)) +#define KEYMNG_FLASH_KEY_LEN_LOCK_M (KEYMNG_FLASH_KEY_LEN_LOCK_V << KEYMNG_FLASH_KEY_LEN_LOCK_S) +#define KEYMNG_FLASH_KEY_LEN_LOCK_V 0x00000001U +#define KEYMNG_FLASH_KEY_LEN_LOCK_S 7 +/** KEYMNG_PSRAM_KEY_LEN_LOCK : R/W1; bitpos: [8]; default: 0; + * Write 1 to lock reg_psram_key_len. + */ +#define KEYMNG_PSRAM_KEY_LEN_LOCK (BIT(8)) +#define KEYMNG_PSRAM_KEY_LEN_LOCK_M (KEYMNG_PSRAM_KEY_LEN_LOCK_V << KEYMNG_PSRAM_KEY_LEN_LOCK_S) +#define KEYMNG_PSRAM_KEY_LEN_LOCK_V 0x00000001U +#define KEYMNG_PSRAM_KEY_LEN_LOCK_S 8 /** KEYMNG_CONF_REG register * Key Manager configuration register @@ -231,29 +311,16 @@ extern "C" { #define KEYMNG_KGEN_MODE_V 0x00000007U #define KEYMNG_KGEN_MODE_S 0 /** KEYMNG_KEY_PURPOSE : R/W; bitpos: [6:3]; default: 0; - * Set this field to choose the key purpose. 1: ecdsa_key 2: xts_256_1_key. 3: - * xts_256_2_key. 4. xts_128_key. others: reserved. + * Set this field to choose the key purpose. 1: ecdsa_key_192. 2: ecdsa_key_256. 3: + * flash_256_1_key. 4: flash_256_2_key. 5: flash_128_key. 6: hmac_key. 7: ds_key. 8: + * psram_256_1_key. 9: psram_256_2_key. 10: psram_128_key. 11: ecdsa_key_384_l. 12: + * ecdsa_key_384_h. Others: reserved. */ #define KEYMNG_KEY_PURPOSE 0x0000000FU #define KEYMNG_KEY_PURPOSE_M (KEYMNG_KEY_PURPOSE_V << KEYMNG_KEY_PURPOSE_S) #define KEYMNG_KEY_PURPOSE_V 0x0000000FU #define KEYMNG_KEY_PURPOSE_S 3 -#define KEYMNG_KEY_PURPOSE_ECDSA (BIT(0)) -#define KEYMNG_KEY_PURPOSE_ECDSA_M (KEYMNG_KEY_PURPOSE_ECDSA_V << KEYMNG_KEY_PURPOSE_ECDSA_S) -#define KEYMNG_KEY_PURPOSE_ECDSA_V 0x00000001U -#define KEYMNG_KEY_PURPOSE_ECDSA_S 0 - -#define KEYMNG_KEY_PURPOSE_XTS_AES_256_1 (BIT(1)) -#define KEYMNG_KEY_PURPOSE_XTS_AES_256_1_M (KEYMNG_KEY_PURPOSE_XTS_AES_256_1_V << KEYMNG_KEY_PURPOSE_XTS_AES_256_1_S) -#define KEYMNG_KEY_PURPOSE_XTS_AES_256_1_V 0x00000001U -#define KEYMNG_KEY_PURPOSE_XTS_AES_256_1_S 1 - -#define KEYMNG_KEY_PURPOSE_XTS_AES_256_2 (BIT(2)) -#define KEYMNG_KEY_PURPOSE_XTS_AES_256_2_M (KEYMNG_KEY_PURPOSE_XTS_AES_256_2_V << KEYMNG_KEY_PURPOSE_XTS_AES_256_2_S) -#define KEYMNG_KEY_PURPOSE_XTS_AES_256_2_V 0x00000001U -#define KEYMNG_KEY_PURPOSE_XTS_AES_256_2_S 2 - /** KEYMNG_START_REG register * Key Manager control register */ @@ -302,22 +369,62 @@ extern "C" { * Key Manager key status register */ #define KEYMNG_KEY_VLD_REG (DR_REG_KEYMNG_BASE + 0x30) -/** KEYMNG_KEY_ECDSA_VLD : RO; bitpos: [0]; default: 0; - * The status bit for key_ecdsa. 1: The key has been deployed correctly. 0: The key - * has not been deployed yet. - */ -#define KEYMNG_KEY_ECDSA_VLD (BIT(0)) -#define KEYMNG_KEY_ECDSA_VLD_M (KEYMNG_KEY_ECDSA_VLD_V << KEYMNG_KEY_ECDSA_VLD_S) -#define KEYMNG_KEY_ECDSA_VLD_V 0x00000001U -#define KEYMNG_KEY_ECDSA_VLD_S 0 -/** KEYMNG_KEY_XTS_VLD : RO; bitpos: [1]; default: 0; - * The status bit for key_xts. 1: The key has been deployed correctly. 0: The +/** KEYMNG_KEY_ECDSA_192_VLD : RO; bitpos: [0]; default: 0; + * The status bit for key_ecdsa_192. 1: The key has been deployed correctly. 0: The * key has not been deployed yet. */ -#define KEYMNG_KEY_XTS_VLD (BIT(1)) -#define KEYMNG_KEY_XTS_VLD_M (KEYMNG_KEY_XTS_VLD_V << KEYMNG_KEY_XTS_VLD_S) -#define KEYMNG_KEY_XTS_VLD_V 0x00000001U -#define KEYMNG_KEY_XTS_VLD_S 1 +#define KEYMNG_KEY_ECDSA_192_VLD (BIT(0)) +#define KEYMNG_KEY_ECDSA_192_VLD_M (KEYMNG_KEY_ECDSA_192_VLD_V << KEYMNG_KEY_ECDSA_192_VLD_S) +#define KEYMNG_KEY_ECDSA_192_VLD_V 0x00000001U +#define KEYMNG_KEY_ECDSA_192_VLD_S 0 +/** KEYMNG_KEY_ECDSA_256_VLD : RO; bitpos: [1]; default: 0; + * The status bit for key_ecdsa_256. 1: The key has been deployed correctly. 0: The + * key has not been deployed yet. + */ +#define KEYMNG_KEY_ECDSA_256_VLD (BIT(1)) +#define KEYMNG_KEY_ECDSA_256_VLD_M (KEYMNG_KEY_ECDSA_256_VLD_V << KEYMNG_KEY_ECDSA_256_VLD_S) +#define KEYMNG_KEY_ECDSA_256_VLD_V 0x00000001U +#define KEYMNG_KEY_ECDSA_256_VLD_S 1 +/** KEYMNG_KEY_FLASH_VLD : RO; bitpos: [2]; default: 0; + * The status bit for key_flash. 1: The key has been deployed correctly. 0: The + * key has not been deployed yet. + */ +#define KEYMNG_KEY_FLASH_VLD (BIT(2)) +#define KEYMNG_KEY_FLASH_VLD_M (KEYMNG_KEY_FLASH_VLD_V << KEYMNG_KEY_FLASH_VLD_S) +#define KEYMNG_KEY_FLASH_VLD_V 0x00000001U +#define KEYMNG_KEY_FLASH_VLD_S 2 +/** KEYMNG_KEY_HMAC_VLD : RO; bitpos: [3]; default: 0; + * The status bit for key_hmac. 1: The key has been deployed correctly. 0: The key + * has not been deployed yet. + */ +#define KEYMNG_KEY_HMAC_VLD (BIT(3)) +#define KEYMNG_KEY_HMAC_VLD_M (KEYMNG_KEY_HMAC_VLD_V << KEYMNG_KEY_HMAC_VLD_S) +#define KEYMNG_KEY_HMAC_VLD_V 0x00000001U +#define KEYMNG_KEY_HMAC_VLD_S 3 +/** KEYMNG_KEY_DS_VLD : RO; bitpos: [4]; default: 0; + * The status bit for key_ds. 1: The key has been deployed correctly. 0: The + * key has not been deployed yet. + */ +#define KEYMNG_KEY_DS_VLD (BIT(4)) +#define KEYMNG_KEY_DS_VLD_M (KEYMNG_KEY_DS_VLD_V << KEYMNG_KEY_DS_VLD_S) +#define KEYMNG_KEY_DS_VLD_V 0x00000001U +#define KEYMNG_KEY_DS_VLD_S 4 +/** KEYMNG_KEY_PSRAM_VLD : RO; bitpos: [5]; default: 0; + * The status bit for key_psram. 1: The key has been deployed correctly. 0: The key + * has not been deployed yet. + */ +#define KEYMNG_KEY_PSRAM_VLD (BIT(5)) +#define KEYMNG_KEY_PSRAM_VLD_M (KEYMNG_KEY_PSRAM_VLD_V << KEYMNG_KEY_PSRAM_VLD_S) +#define KEYMNG_KEY_PSRAM_VLD_V 0x00000001U +#define KEYMNG_KEY_PSRAM_VLD_S 5 +/** KEYMNG_KEY_ECDSA_384_VLD : RO; bitpos: [6]; default: 0; + * The status bit for key_ecdsa_384. 1: The key has been deployed correctly. 0: The + * key has not been deployed yet. + */ +#define KEYMNG_KEY_ECDSA_384_VLD (BIT(6)) +#define KEYMNG_KEY_ECDSA_384_VLD_M (KEYMNG_KEY_ECDSA_384_VLD_V << KEYMNG_KEY_ECDSA_384_VLD_S) +#define KEYMNG_KEY_ECDSA_384_VLD_V 0x00000001U +#define KEYMNG_KEY_ECDSA_384_VLD_S 6 /** KEYMNG_HUK_VLD_REG register * Key Manager HUK status register @@ -335,7 +442,7 @@ extern "C" { * Version control register */ #define KEYMNG_DATE_REG (DR_REG_KEYMNG_BASE + 0xfc) -/** KEYMNG_DATE : R/W; bitpos: [27:0]; default: 36720704; +/** KEYMNG_DATE : R/W; bitpos: [27:0]; default: 37781824; * Key Manager version control register. */ #define KEYMNG_DATE 0x0FFFFFFFU