From 6584b5adad63643d2d4903b80b89e958d334e1bb Mon Sep 17 00:00:00 2001 From: "nilesh.kale" Date: Mon, 22 Sep 2025 16:43:16 +0530 Subject: [PATCH] feat: enabled ECDSA peripheral support for ESSP32-P4 --- .../bootloader_support/src/secure_boot.c | 3 + .../with_key_purposes/esp_efuse_api_key.c | 4 +- .../main/with_key_purposes/test_efuse_keys.c | 4 +- components/hal/ecdsa_hal.c | 4 +- components/hal/esp32c5/include/hal/ecdsa_ll.h | 12 +- .../hal/esp32c61/include/hal/ecdsa_ll.h | 11 +- components/hal/esp32h2/include/hal/ecdsa_ll.h | 9 + .../hal/esp32h21/include/hal/ecdsa_ll.h | 11 +- components/hal/esp32h4/include/hal/ecdsa_ll.h | 31 ++ components/hal/esp32p4/include/hal/ecdsa_ll.h | 44 ++- .../test_apps/crypto/main/ecdsa/test_ecdsa.c | 70 +++- components/mbedtls/port/ecdsa/ecdsa_alt.c | 33 +- .../test_apps/main/test_mbedtls_ecdsa.c | 61 +++ .../esp32p4/include/soc/Kconfig.soc_caps.in | 22 +- components/soc/esp32p4/include/soc/soc_caps.h | 9 +- .../register/hw_ver3/soc/ecdsa_eco5_reg.h | 359 ------------------ .../esp32p4/register/hw_ver3/soc/ecdsa_reg.h | 197 ++++++---- 17 files changed, 410 insertions(+), 474 deletions(-) create mode 100644 components/hal/esp32h4/include/hal/ecdsa_ll.h delete mode 100644 components/soc/esp32p4/register/hw_ver3/soc/ecdsa_eco5_reg.h diff --git a/components/bootloader_support/src/secure_boot.c b/components/bootloader_support/src/secure_boot.c index d40c41a4e2..6ac98a20a5 100644 --- a/components/bootloader_support/src/secure_boot.c +++ b/components/bootloader_support/src/secure_boot.c @@ -436,6 +436,8 @@ bool esp_secure_boot_cfg_verify_release_mode(void) ESP_LOGW(TAG, "Not enabled Secure Boot using SHA-384 mode (set SECURE_BOOT_SHA384_EN->1)"); } #else + // Note: Efuse bit ESP_EFUSE_WR_DIS_SECURE_BOOT_SHA384_EN is not present for ESP32P4 +#if !CONFIG_IDF_TARGET_ESP32P4 /* When using Secure Boot with SHA-384, the efuse bit representing Secure Boot with SHA-384 would already be programmed. * But in the case of the existing Secure Boot V2 schemes using SHA-256, the efuse bit representing * Secure Boot with SHA-384 needs to be write-protected, so that an attacker cannot perform a denial-of-service @@ -446,6 +448,7 @@ bool esp_secure_boot_cfg_verify_release_mode(void) if (!secure) { ESP_LOGW(TAG, "Not write-protected secure boot using SHA-384 mode (set WR_DIS_SECURE_BOOT_SHA384_EN->1)"); } +#endif /* !CONFIG_IDF_TARGET_ESP32P4 */ #endif #endif diff --git a/components/efuse/src/efuse_controller/keys/with_key_purposes/esp_efuse_api_key.c b/components/efuse/src/efuse_controller/keys/with_key_purposes/esp_efuse_api_key.c index cc62ad90e1..8248049ef1 100644 --- a/components/efuse/src/efuse_controller/keys/with_key_purposes/esp_efuse_api_key.c +++ b/components/efuse/src/efuse_controller/keys/with_key_purposes/esp_efuse_api_key.c @@ -308,10 +308,10 @@ esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpo #if SOC_EFUSE_ECDSA_KEY purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY || #endif -#if SOC_EFUSE_ECDSA_KEY_P192 || EFUSE_LL_HAS_ECDSA_KEY_P192 +#if (!defined(CONFIG_IDF_TARGET_ESP32P4) && SOC_EFUSE_ECDSA_KEY_P192) || EFUSE_LL_HAS_ECDSA_KEY_P192 purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY_P192 || #endif -#if SOC_EFUSE_ECDSA_KEY_P384 || EFUSE_LL_HAS_ECDSA_KEY_P384 +#if (!defined(CONFIG_IDF_TARGET_ESP32P4) && SOC_EFUSE_ECDSA_KEY_P384) || EFUSE_LL_HAS_ECDSA_KEY_P384 purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY_P384_L || purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY_P384_H || #endif diff --git a/components/efuse/test_apps/main/with_key_purposes/test_efuse_keys.c b/components/efuse/test_apps/main/with_key_purposes/test_efuse_keys.c index 074be58411..4ac209ec54 100644 --- a/components/efuse/test_apps/main/with_key_purposes/test_efuse_keys.c +++ b/components/efuse/test_apps/main/with_key_purposes/test_efuse_keys.c @@ -94,10 +94,10 @@ static esp_err_t s_check_key(esp_efuse_block_t num_key, void* wr_key) #if SOC_EFUSE_ECDSA_KEY purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY || #endif -#if SOC_EFUSE_ECDSA_KEY_P192 || EFUSE_LL_HAS_ECDSA_KEY_P192 +#if (!defined(CONFIG_IDF_TARGET_ESP32P4) && SOC_EFUSE_ECDSA_KEY_P192) || EFUSE_LL_HAS_ECDSA_KEY_P192 purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY_P192 || #endif -#if SOC_EFUSE_ECDSA_KEY_P384 || EFUSE_LL_HAS_ECDSA_KEY_P384 +#if (!defined(CONFIG_IDF_TARGET_ESP32P4) && SOC_EFUSE_ECDSA_KEY_P384) || EFUSE_LL_HAS_ECDSA_KEY_P384 purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY_P384_L || purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY_P384_H || #endif diff --git a/components/hal/ecdsa_hal.c b/components/hal/ecdsa_hal.c index abd06bfd5a..1684eb79c8 100644 --- a/components/hal/ecdsa_hal.c +++ b/components/hal/ecdsa_hal.c @@ -15,7 +15,7 @@ #include "soc/chip_revision.h" #endif -#ifdef SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY +#if SOC_KEY_MANAGER_SUPPORTED && SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY #include "hal/key_mgr_hal.h" #endif @@ -31,7 +31,7 @@ static void configure_ecdsa_periph(ecdsa_hal_config_t *conf) if (conf->use_km_key == 0) { efuse_hal_set_ecdsa_key(conf->curve, conf->efuse_key_blk); -#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY +#if SOC_KEY_MANAGER_SUPPORTED && SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY // Force Key Manager to use eFuse key for XTS-AES operation if (conf->curve == ECDSA_CURVE_SECP192R1) { key_mgr_hal_set_key_usage(ESP_KEY_MGR_ECDSA_192_KEY, ESP_KEY_MGR_USE_EFUSE_KEY); diff --git a/components/hal/esp32c5/include/hal/ecdsa_ll.h b/components/hal/esp32c5/include/hal/ecdsa_ll.h index 4dd004620d..693636124b 100644 --- a/components/hal/esp32c5/include/hal/ecdsa_ll.h +++ b/components/hal/esp32c5/include/hal/ecdsa_ll.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2023-2026 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -413,6 +413,16 @@ static inline bool ecdsa_ll_is_deterministic_mode_supported(void) return true; } +/** + * @brief Check if the ECDSA peripheral is supported on this chip revision + * For ESP32-C5, ECDSA is always supported + */ +static inline bool ecdsa_ll_is_supported(void) +{ + return true; +} + + #ifdef __cplusplus } #endif diff --git a/components/hal/esp32c61/include/hal/ecdsa_ll.h b/components/hal/esp32c61/include/hal/ecdsa_ll.h index 758283e9c0..160e2346d9 100644 --- a/components/hal/esp32c61/include/hal/ecdsa_ll.h +++ b/components/hal/esp32c61/include/hal/ecdsa_ll.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2024-2026 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -432,6 +432,15 @@ static inline bool ecdsa_ll_is_deterministic_mode_supported(void) return true; } +/** + * @brief Check if the ECDSA peripheral is supported on this chip revision + * For ESP32-C61, ECDSA is always supported + */ +static inline bool ecdsa_ll_is_supported(void) +{ + return true; +} + #ifdef __cplusplus } #endif diff --git a/components/hal/esp32h2/include/hal/ecdsa_ll.h b/components/hal/esp32h2/include/hal/ecdsa_ll.h index 842e5b4d97..d1ef9e5441 100644 --- a/components/hal/esp32h2/include/hal/ecdsa_ll.h +++ b/components/hal/esp32h2/include/hal/ecdsa_ll.h @@ -426,6 +426,15 @@ static inline bool ecdsa_ll_is_mpi_required(void) return !ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102); } +/** + * @brief Check if the ECDSA peripheral is supported on this chip revision + * For ESP32-H2, ECDSA is always supported + */ +static inline bool ecdsa_ll_is_supported(void) +{ + return true; +} + #ifdef __cplusplus } #endif diff --git a/components/hal/esp32h21/include/hal/ecdsa_ll.h b/components/hal/esp32h21/include/hal/ecdsa_ll.h index 1593e61d69..a01ee50c5b 100644 --- a/components/hal/esp32h21/include/hal/ecdsa_ll.h +++ b/components/hal/esp32h21/include/hal/ecdsa_ll.h @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2025-2026 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -436,6 +436,15 @@ static inline bool ecdsa_ll_is_deterministic_mode_supported(void) return true; } +/** + * @brief Check if the ECDSA peripheral is supported on this chip revision + * For ESP32-H21, ECDSA is always supported + */ +static inline bool ecdsa_ll_is_supported(void) +{ + return true; +} + #ifdef __cplusplus } #endif diff --git a/components/hal/esp32h4/include/hal/ecdsa_ll.h b/components/hal/esp32h4/include/hal/ecdsa_ll.h new file mode 100644 index 0000000000..e6ac41c9a6 --- /dev/null +++ b/components/hal/esp32h4/include/hal/ecdsa_ll.h @@ -0,0 +1,31 @@ +/* + * SPDX-FileCopyrightText: 2025-2026 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ +#pragma once + +#include +#include +#include "hal/assert.h" +#include "soc/ecdsa_reg.h" +#include "soc/pcr_struct.h" +#include "soc/efuse_periph.h" +#include "hal/ecdsa_types.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @brief Check if the ECDSA peripheral is supported on this chip revision + * For ESP32-H4, ECDSA is always supported + */ +static inline bool ecdsa_ll_is_supported(void) +{ + return true; +} + +#ifdef __cplusplus +} +#endif diff --git a/components/hal/esp32p4/include/hal/ecdsa_ll.h b/components/hal/esp32p4/include/hal/ecdsa_ll.h index 02dbadd3e2..3841477355 100644 --- a/components/hal/esp32p4/include/hal/ecdsa_ll.h +++ b/components/hal/esp32p4/include/hal/ecdsa_ll.h @@ -14,11 +14,16 @@ #include "soc/efuse_reg.h" #include "soc/efuse_struct.h" #include "hal/ecdsa_types.h" - +#include "hal/config.h" +#include "soc/chip_revision.h" +#include "soc/soc.h" #ifdef __cplusplus extern "C" { #endif +/** Forward declaration for efuse_hal_chip_revision() */ +uint32_t efuse_hal_chip_revision(void); + /** * @brief Memory blocks of ECDSA parameters */ @@ -122,7 +127,11 @@ static inline void ecdsa_ll_enable_intr(ecdsa_ll_intr_type_t type) { switch (type) { case ECDSA_INT_CALC_DONE: +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_PREP_DONE_INT_ENA, 1); +#else REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_CALC_DONE_INT_ENA, 1); +#endif break; case ECDSA_INT_SHA_RELEASE: REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_SHA_RELEASE_INT_ENA, 1); @@ -142,7 +151,11 @@ static inline void ecdsa_ll_disable_intr(ecdsa_ll_intr_type_t type) { switch (type) { case ECDSA_INT_CALC_DONE: +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_PREP_DONE_INT_ENA, 0); +#else REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_CALC_DONE_INT_ENA, 0); +#endif break; case ECDSA_INT_SHA_RELEASE: REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_SHA_RELEASE_INT_ENA, 0); @@ -162,7 +175,11 @@ static inline void ecdsa_ll_clear_intr(ecdsa_ll_intr_type_t type) { switch (type) { case ECDSA_INT_CALC_DONE: +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) >= 300 + REG_SET_FIELD(ECDSA_INT_ENA_REG, ECDSA_PREP_DONE_INT_CLR, 1); +#else REG_SET_FIELD(ECDSA_INT_CLR_REG, ECDSA_CALC_DONE_INT_CLR, 1); +#endif break; case ECDSA_INT_SHA_RELEASE: REG_SET_FIELD(ECDSA_INT_CLR_REG, ECDSA_SHA_RELEASE_INT_CLR, 1); @@ -204,11 +221,11 @@ static inline void ecdsa_ll_set_mode(ecdsa_mode_t mode) static inline void ecdsa_ll_set_curve(ecdsa_curve_t curve) { switch (curve) { - case ECDSA_CURVE_SECP256R1: - REG_SET_BIT(ECDSA_CONF_REG, ECDSA_ECC_CURVE); - break; case ECDSA_CURVE_SECP192R1: - REG_CLR_BIT(ECDSA_CONF_REG, ECDSA_ECC_CURVE); + case ECDSA_CURVE_SECP256R1: + case ECDSA_CURVE_SECP384R1: + case ECDSA_CURVE_SM2: + REG_SET_FIELD(ECDSA_CONF_REG, ECDSA_ECC_CURVE, curve); break; default: HAL_ASSERT(false && "Unsupported curve"); @@ -263,7 +280,9 @@ static inline void ecdsa_ll_set_k_type(ecdsa_sign_type_t type) */ static inline void ecdsa_ll_set_deterministic_loop(uint16_t loop_number) { +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) < 300 REG_SET_FIELD(ECDSA_CONF_REG, ECDSA_DETERMINISTIC_LOOP, loop_number); +#endif } /** @@ -431,7 +450,11 @@ static inline int ecdsa_ll_get_operation_result(void) */ static inline int ecdsa_ll_check_k_value(void) { +#if HAL_CONFIG(CHIP_SUPPORT_MIN_REV) < 300 return REG_GET_BIT(ECDSA_RESULT_REG, ECDSA_K_VALUE_WARNING); +#else + return 0; +#endif } /** @@ -482,7 +505,16 @@ __attribute__((always_inline)) static inline void ecdsa_ll_set_ecdsa_key_blk(ecd */ static inline bool ecdsa_ll_is_mpi_required(void) { - return true; // TODO: IDF-13523 + return true; +} + +/** + * @brief Check if the ECDSA peripheral is supported on this chip revision + * For ESP32-P4, ECDSA is only supported on eco5+ (major 3, minor 0+) + */ +static inline bool ecdsa_ll_is_supported(void) +{ + return ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 300); } #ifdef __cplusplus diff --git a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c index 7e78cacb30..15d225103a 100644 --- a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c +++ b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c @@ -316,7 +316,9 @@ TEST(ecdsa, ecdsa_SECP192R1_signature_verification) TEST(ecdsa, ecdsa_SECP192R1_sign_and_verify) { - if (!esp_efuse_is_ecdsa_p192_curve_supported()) { + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else if (!esp_efuse_is_ecdsa_p192_curve_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA 192-curve operations are disabled."); } else { test_ecdsa_sign_and_verify(ECDSA_CURVE_SECP192R1, sha, ecdsa192_pub_x, ecdsa192_pub_y, false, ECDSA_K_TYPE_TRNG); @@ -325,7 +327,9 @@ TEST(ecdsa, ecdsa_SECP192R1_sign_and_verify) TEST(ecdsa, ecdsa_SECP192R1_corrupt_signature) { - if (!esp_efuse_is_ecdsa_p192_curve_supported()) { + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else if (!esp_efuse_is_ecdsa_p192_curve_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA 192-curve operations are disabled."); } else { test_ecdsa_corrupt_data(ECDSA_CURVE_SECP192R1, sha, ecdsa192_r, ecdsa192_s, ecdsa192_pub_x, ecdsa192_pub_y); @@ -339,18 +343,28 @@ TEST(ecdsa, ecdsa_SECP256R1_signature_verification) TEST(ecdsa, ecdsa_SECP256R1_sign_and_verify) { - test_ecdsa_sign_and_verify(ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, false, ECDSA_K_TYPE_TRNG); + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else { + test_ecdsa_sign_and_verify(ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, false, ECDSA_K_TYPE_TRNG); + } } TEST(ecdsa, ecdsa_SECP256R1_corrupt_signature) { - test_ecdsa_corrupt_data(ECDSA_CURVE_SECP256R1, sha, ecdsa256_r, ecdsa256_s, ecdsa256_pub_x, ecdsa256_pub_y); + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else { + test_ecdsa_corrupt_data(ECDSA_CURVE_SECP256R1, sha, ecdsa256_r, ecdsa256_s, ecdsa256_pub_x, ecdsa256_pub_y); + } } #ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE TEST(ecdsa, ecdsa_SECP192R1_det_sign_and_verify) { - if (!ecdsa_ll_is_deterministic_mode_supported()) { + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else if (!ecdsa_ll_is_deterministic_mode_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); } else if (!esp_efuse_is_ecdsa_p192_curve_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA 192-curve operations are disabled."); @@ -361,7 +375,9 @@ TEST(ecdsa, ecdsa_SECP192R1_det_sign_and_verify) TEST(ecdsa, ecdsa_SECP256R1_det_sign_and_verify) { - if (!ecdsa_ll_is_deterministic_mode_supported()) { + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else if (!ecdsa_ll_is_deterministic_mode_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); } else { test_ecdsa_sign_and_verify(ECDSA_CURVE_SECP256R1, sha, ecdsa256_pub_x, ecdsa256_pub_y, false, ECDSA_K_TYPE_DETERMINISITIC); @@ -372,7 +388,9 @@ TEST(ecdsa, ecdsa_SECP256R1_det_sign_and_verify) #ifdef SOC_ECDSA_SUPPORT_EXPORT_PUBKEY TEST(ecdsa, ecdsa_SECP192R1_export_pubkey) { - if (!esp_efuse_is_ecdsa_p192_curve_supported()) { + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else if (!esp_efuse_is_ecdsa_p192_curve_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA 192-curve operations are disabled."); } else { test_ecdsa_export_pubkey(ECDSA_CURVE_SECP192R1, ecdsa192_pub_x, ecdsa192_pub_y, 0); @@ -381,37 +399,63 @@ TEST(ecdsa, ecdsa_SECP192R1_export_pubkey) TEST(ecdsa, ecdsa_SECP256R1_export_pubkey) { - test_ecdsa_export_pubkey(ECDSA_CURVE_SECP256R1, ecdsa256_pub_x, ecdsa256_pub_y, 0); + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else { + test_ecdsa_export_pubkey(ECDSA_CURVE_SECP256R1, ecdsa256_pub_x, ecdsa256_pub_y, 0); + } } #endif /* SOC_ECDSA_SUPPORT_EXPORT_PUBKEY */ #ifdef SOC_ECDSA_SUPPORT_CURVE_P384 TEST(ecdsa, ecdsa_SECP384R1_signature_verification) { - TEST_ASSERT_EQUAL(0, test_ecdsa_verify(ECDSA_CURVE_SECP384R1, sha, ecdsa384_r, ecdsa384_s, ecdsa384_pub_x, ecdsa384_pub_y)); + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else { + TEST_ASSERT_EQUAL(0, test_ecdsa_verify(ECDSA_CURVE_SECP384R1, sha, ecdsa384_r, ecdsa384_s, ecdsa384_pub_x, ecdsa384_pub_y)); + } } TEST(ecdsa, ecdsa_SECP384R1_sign_and_verify) { - test_ecdsa_sign_and_verify(ECDSA_CURVE_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, false, ECDSA_K_TYPE_TRNG); + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else { + test_ecdsa_sign_and_verify(ECDSA_CURVE_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, false, ECDSA_K_TYPE_TRNG); + } } TEST(ecdsa, ecdsa_SECP384R1_corrupt_signature) { - test_ecdsa_corrupt_data(ECDSA_CURVE_SECP384R1, sha, ecdsa384_r, ecdsa384_s, ecdsa384_pub_x, ecdsa384_pub_y); + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else { + test_ecdsa_corrupt_data(ECDSA_CURVE_SECP384R1, sha, ecdsa384_r, ecdsa384_s, ecdsa384_pub_x, ecdsa384_pub_y); + } } #ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE TEST(ecdsa, ecdsa_SECP384R1_det_sign_and_verify) { - test_ecdsa_sign_and_verify(ECDSA_CURVE_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, false, ECDSA_K_TYPE_DETERMINISITIC); + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else if (!ecdsa_ll_is_deterministic_mode_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); + } else { + test_ecdsa_sign_and_verify(ECDSA_CURVE_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, false, ECDSA_K_TYPE_DETERMINISITIC); + } } #endif /* SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE */ #ifdef SOC_ECDSA_SUPPORT_EXPORT_PUBKEY TEST(ecdsa, ecdsa_SECP384R1_export_pubkey) { - test_ecdsa_export_pubkey(ECDSA_CURVE_SECP384R1, ecdsa384_pub_x, ecdsa384_pub_y, 0); + if (!ecdsa_ll_is_supported()) { + ESP_LOGI(TAG, "Skipping test because ECDSA is not supported."); + } else { + test_ecdsa_export_pubkey(ECDSA_CURVE_SECP384R1, ecdsa384_pub_x, ecdsa384_pub_y, 0); + } } #endif /* SOC_ECDSA_SUPPORT_EXPORT_PUBKEY */ #endif /* SOC_ECDSA_SUPPORT_CURVE_P384 */ diff --git a/components/mbedtls/port/ecdsa/ecdsa_alt.c b/components/mbedtls/port/ecdsa/ecdsa_alt.c index 01d6d9be44..2030a7499d 100644 --- a/components/mbedtls/port/ecdsa/ecdsa_alt.c +++ b/components/mbedtls/port/ecdsa/ecdsa_alt.c @@ -154,7 +154,7 @@ static int esp_ecdsa_validate_efuse_block(mbedtls_ecp_group_id grp_id, int efuse { int low_blk = efuse_blk; esp_efuse_purpose_t expected_key_purpose_low; -#if SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES +#if SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES && ((!defined(CONFIG_IDF_TARGET_ESP32P4) && SOC_EFUSE_ECDSA_KEY_P192) || EFUSE_LL_HAS_ECDSA_KEY_P192) #if SOC_ECDSA_SUPPORT_CURVE_P384 int high_blk; HAL_ECDSA_EXTRACT_KEY_BLOCKS(efuse_blk, high_blk, low_blk); @@ -178,23 +178,25 @@ static int esp_ecdsa_validate_efuse_block(mbedtls_ecp_group_id grp_id, int efuse ESP_LOGE(TAG, "Unsupported ECDSA curve ID: %d", grp_id); return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } -#else /* SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES */ +#else /* SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES && ((!defined(CONFIG_IDF_TARGET_ESP32P4) && SOC_EFUSE_ECDSA_KEY_P192) || EFUSE_LL_HAS_ECDSA_KEY_P192) */ expected_key_purpose_low = ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY; -#endif /* !SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES */ +#endif /* !SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES && ((!defined(CONFIG_IDF_TARGET_ESP32P4) && SOC_EFUSE_ECDSA_KEY_P192) || EFUSE_LL_HAS_ECDSA_KEY_P192) */ if (expected_key_purpose_low != esp_efuse_get_key_purpose((esp_efuse_block_t)low_blk)) { ESP_LOGE(TAG, "Key burned in efuse has incorrect purpose"); return MBEDTLS_ERR_ECP_INVALID_KEY; } -#if SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES && SOC_ECDSA_SUPPORT_CURVE_P384 - // Only check high block purpose for P384 curves that actually use it +#if SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES && ((!defined(CONFIG_IDF_TARGET_ESP32P4) && SOC_EFUSE_ECDSA_KEY_P192) || EFUSE_LL_HAS_ECDSA_KEY_P192) +#if SOC_ECDSA_SUPPORT_CURVE_P384 +// Only check high block purpose for P384 curves that actually use it if (grp_id == MBEDTLS_ECP_DP_SECP384R1 && expected_key_purpose_high != esp_efuse_get_key_purpose((esp_efuse_block_t)high_blk)) { ESP_LOGE(TAG, "Key burned in efuse has incorrect purpose for high block"); return MBEDTLS_ERR_ECP_INVALID_KEY; } -#endif +#endif // SOC_ECDSA_SUPPORT_CURVE_P384 +#endif // SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES && ((!defined(CONFIG_IDF_TARGET_ESP32P4) && SOC_EFUSE_ECDSA_KEY_P192) || EFUSE_LL_HAS_ECDSA_KEY_P192) return 0; } @@ -215,6 +217,13 @@ int esp_ecdsa_load_pubkey(mbedtls_ecp_keypair *keypair, int efuse_blk) { int ret = -1; bool use_km_key = (efuse_blk == USE_ECDSA_KEY_FROM_KEY_MANAGER)? true: false; + + // Check if ECDSA peripheral is supported on this chip revision + if (!ecdsa_ll_is_supported()) { + ESP_LOGE(TAG, "ECDSA peripheral not supported on this chip revision"); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } + if (!use_km_key) { int high_blk, low_blk; HAL_ECDSA_EXTRACT_KEY_BLOCKS(efuse_blk, high_blk, low_blk); @@ -445,6 +454,12 @@ static int esp_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi* r, mbedtls_mpi* s return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } + // Check if ECDSA peripheral is supported on this chip revision + if (!ecdsa_ll_is_supported()) { + ESP_LOGE(TAG, "ECDSA peripheral not supported on this chip revision"); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } + if ((grp->id == MBEDTLS_ECP_DP_SECP192R1 && msg_len != ECDSA_SHA_LEN) || (grp->id == MBEDTLS_ECP_DP_SECP256R1 && msg_len != ECDSA_SHA_LEN) #if SOC_ECDSA_SUPPORT_CURVE_P384 @@ -1021,6 +1036,12 @@ static int esp_ecdsa_verify(mbedtls_ecp_group *grp, return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } + // Check if ECDSA peripheral is supported on this chip revision + if (!ecdsa_ll_is_supported()) { + ESP_LOGE(TAG, "ECDSA peripheral not supported on this chip revision"); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } + if ((grp->id == MBEDTLS_ECP_DP_SECP192R1 && blen != ECDSA_SHA_LEN) || (grp->id == MBEDTLS_ECP_DP_SECP256R1 && blen != ECDSA_SHA_LEN) #if SOC_ECDSA_SUPPORT_CURVE_P384 diff --git a/components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c b/components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c index 71823376a1..12fa19abdd 100644 --- a/components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c +++ b/components/mbedtls/test_apps/main/test_mbedtls_ecdsa.c @@ -223,12 +223,22 @@ void test_ecdsa_verify(mbedtls_ecp_group_id id, const uint8_t *hash, const uint8 TEST_CASE("mbedtls ECDSA signature verification performance on SECP192R1", "[mbedtls]") { +#if SOC_ECDSA_SUPPORTED + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } +#endif test_ecdsa_verify(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_r, ecdsa192_s, ecdsa192_pub_x, ecdsa192_pub_y); } TEST_CASE("mbedtls ECDSA signature verification performance on SECP256R1", "[mbedtls]") { +#if SOC_ECDSA_SUPPORTED + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } +#endif test_ecdsa_verify(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_r, ecdsa256_s, ecdsa256_pub_x, ecdsa256_pub_y); } @@ -236,6 +246,11 @@ TEST_CASE("mbedtls ECDSA signature verification performance on SECP256R1", "[mbe #ifdef SOC_ECDSA_SUPPORT_CURVE_P384 TEST_CASE("mbedtls ECDSA signature verification performance on SECP384R1", "[mbedtls]") { +#if SOC_ECDSA_SUPPORTED + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } +#endif test_ecdsa_verify(MBEDTLS_ECP_DP_SECP384R1, sha, ecdsa384_r, ecdsa384_s, ecdsa384_pub_x, ecdsa384_pub_y); } @@ -365,16 +380,25 @@ void test_ecdsa_sign(mbedtls_ecp_group_id id, const uint8_t *hash, const uint8_t TEST_CASE("mbedtls ECDSA signature generation on SECP192R1", "[mbedtls][efuse_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, false, SECP192R1_EFUSE_BLOCK); } TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][efuse_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, false, SECP256R1_EFUSE_BLOCK); } #ifdef SOC_ECDSA_SUPPORT_CURVE_P384 TEST_CASE("mbedtls ECDSA signature generation on SECP384R1", "[mbedtls][efuse_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } uint8_t efuse_key_block = HAL_ECDSA_COMBINE_KEY_BLOCKS(SECP384R1_EFUSE_BLOCK_HIGH, SECP384R1_EFUSE_BLOCK_LOW); test_ecdsa_sign(MBEDTLS_ECP_DP_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, false, efuse_key_block); } @@ -409,6 +433,9 @@ static void deploy_key_in_key_manager(const uint8_t *k1_encrypted, esp_key_mgr_k TEST_CASE("mbedtls ECDSA signature generation on SECP192R1", "[mbedtls][key_manager_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } deploy_key_in_key_manager(k1_ecdsa192_encrypt, ESP_KEY_MGR_ECDSA_192_KEY); test_ecdsa_sign(MBEDTLS_ECP_DP_SECP192R1, sha, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, false, USE_ECDSA_KEY_FROM_KEY_MANAGER); esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_192_KEY); @@ -416,6 +443,9 @@ TEST_CASE("mbedtls ECDSA signature generation on SECP192R1", "[mbedtls][key_mana TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][key_manager_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_256_KEY); test_ecdsa_sign(MBEDTLS_ECP_DP_SECP256R1, sha, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, false, USE_ECDSA_KEY_FROM_KEY_MANAGER); esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_256_KEY); @@ -425,6 +455,9 @@ TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][key_mana #ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP192R1", "[mbedtls][efuse_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } if (!ecdsa_ll_is_deterministic_mode_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); } else { @@ -434,6 +467,9 @@ TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP192R1", "[mbe TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP256R1", "[mbedtls][efuse_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } if (!ecdsa_ll_is_deterministic_mode_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); } else { @@ -444,6 +480,9 @@ TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP256R1", "[mbe #ifdef SOC_ECDSA_SUPPORT_CURVE_P384 TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP384R1", "[mbedtls][efuse_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } uint8_t efuse_key_block = HAL_ECDSA_COMBINE_KEY_BLOCKS(SECP384R1_EFUSE_BLOCK_HIGH, SECP384R1_EFUSE_BLOCK_LOW); test_ecdsa_sign(MBEDTLS_ECP_DP_SECP384R1, sha, ecdsa384_pub_x, ecdsa384_pub_y, true, efuse_key_block); } @@ -452,6 +491,9 @@ TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP384R1", "[mbe #if SOC_KEY_MANAGER_SUPPORTED TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP192R1", "[mbedtls][key_manager_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } if (!ecdsa_ll_is_deterministic_mode_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); } else { @@ -463,6 +505,10 @@ TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP192R1", "[mbe TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP256R1", "[mbedtls][key_manager_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } + if (!ecdsa_ll_is_deterministic_mode_supported()) { ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); } else { @@ -521,17 +567,26 @@ void test_ecdsa_export_pubkey(mbedtls_ecp_group_id id, const uint8_t *pub_x, con TEST_CASE("mbedtls ECDSA export public key on SECP192R1", "[mbedtls][efuse_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP192R1, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, SECP192R1_EFUSE_BLOCK); } TEST_CASE("mbedtls ECDSA export public key on SECP256R1", "[mbedtls][efuse_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP256R1, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, SECP256R1_EFUSE_BLOCK); } #ifdef SOC_ECDSA_SUPPORT_CURVE_P384 TEST_CASE("mbedtls ECDSA export public key on SECP384R1", "[mbedtls][efuse_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } uint8_t efuse_key_block = HAL_ECDSA_COMBINE_KEY_BLOCKS(SECP384R1_EFUSE_BLOCK_HIGH, SECP384R1_EFUSE_BLOCK_LOW); test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP384R1, ecdsa384_pub_x, ecdsa384_pub_y, efuse_key_block); } @@ -540,6 +595,9 @@ TEST_CASE("mbedtls ECDSA export public key on SECP384R1", "[mbedtls][efuse_key]" #if SOC_KEY_MANAGER_SUPPORTED TEST_CASE("mbedtls ECDSA export public key on SECP192R1", "[mbedtls][key_manager_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } deploy_key_in_key_manager(k1_ecdsa192_encrypt, ESP_KEY_MGR_ECDSA_192_KEY); test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP192R1, ecdsa192_sign_pub_x, ecdsa192_sign_pub_y, USE_ECDSA_KEY_FROM_KEY_MANAGER); esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_192_KEY); @@ -547,6 +605,9 @@ TEST_CASE("mbedtls ECDSA export public key on SECP192R1", "[mbedtls][key_manager TEST_CASE("mbedtls ECDSA export public key on SECP256R1", "[mbedtls][key_manager_key]") { + if (!ecdsa_ll_is_supported()) { + TEST_IGNORE_MESSAGE("ECDSA is not supported"); + } deploy_key_in_key_manager(k1_ecdsa256_encrypt, ESP_KEY_MGR_ECDSA_256_KEY); test_ecdsa_export_pubkey(MBEDTLS_ECP_DP_SECP256R1, ecdsa256_sign_pub_x, ecdsa256_sign_pub_y, USE_ECDSA_KEY_FROM_KEY_MANAGER); esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_256_KEY); diff --git a/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in b/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in index 563dd879da..03f4ea92e4 100644 --- a/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in +++ b/components/soc/esp32p4/include/soc/Kconfig.soc_caps.in @@ -205,7 +205,7 @@ config SOC_ECC_EXTENDED_MODES_SUPPORTED config SOC_ECDSA_SUPPORTED bool - default n + default y config SOC_KEY_MANAGER_SUPPORTED bool @@ -1543,10 +1543,22 @@ config SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE bool default y +config SOC_ECDSA_SUPPORT_HW_DETERMINISTIC_LOOP + bool + default y + config SOC_ECDSA_USES_MPI bool default y +config SOC_ECDSA_SUPPORT_CURVE_P384 + bool + default y + +config SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES + bool + default y + config SOC_SDM_GROUPS int default 1 @@ -1891,6 +1903,14 @@ config SOC_EFUSE_ECDSA_KEY bool default y +config SOC_EFUSE_ECDSA_KEY_P192 + bool + default y + +config SOC_EFUSE_ECDSA_KEY_P384 + bool + default y + config SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT bool default y diff --git a/components/soc/esp32p4/include/soc/soc_caps.h b/components/soc/esp32p4/include/soc/soc_caps.h index 7b8d9f0eb3..24316d58ed 100644 --- a/components/soc/esp32p4/include/soc/soc_caps.h +++ b/components/soc/esp32p4/include/soc/soc_caps.h @@ -67,7 +67,7 @@ #define SOC_DIG_SIGN_SUPPORTED 1 #define SOC_ECC_SUPPORTED 1 #define SOC_ECC_EXTENDED_MODES_SUPPORTED 1 -#define SOC_ECDSA_SUPPORTED 0 +#define SOC_ECDSA_SUPPORTED 1 #define SOC_KEY_MANAGER_SUPPORTED 0 #define SOC_FLASH_ENC_SUPPORTED 1 #define SOC_SECURE_BOOT_SUPPORTED 1 @@ -564,7 +564,10 @@ /*--------------------------- ECDSA CAPS ---------------------------------------*/ #define SOC_ECDSA_SUPPORT_EXPORT_PUBKEY (1) #define SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE (1) +#define SOC_ECDSA_SUPPORT_HW_DETERMINISTIC_LOOP (1) #define SOC_ECDSA_USES_MPI (1) +#define SOC_ECDSA_SUPPORT_CURVE_P384 (1) +#define SOC_ECDSA_SUPPORT_CURVE_SPECIFIC_KEY_PURPOSES (1) /*!< Support individual key purposes for different ECDSA curves (P192, P256, P384) */ /*-------------------------- Sigma Delta Modulator CAPS -----------------*/ #define SOC_SDM_GROUPS 1U @@ -687,8 +690,10 @@ #define SOC_EFUSE_SOFT_DIS_JTAG 1 /* Capability to disable the MSPI access in download mode */ #define SOC_EFUSE_DIS_DOWNLOAD_MSPI 1 +// ECDSA_P256_KEY #define SOC_EFUSE_ECDSA_KEY 1 - +#define SOC_EFUSE_ECDSA_KEY_P192 1 +#define SOC_EFUSE_ECDSA_KEY_P384 1 /*-------------------------- Key Manager CAPS----------------------------*/ #define SOC_KEY_MANAGER_SUPPORT_KEY_DEPLOYMENT 1 /*!< Key manager supports key deployment */ #define SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY 1 /*!< Key manager responsible to deploy ECDSA key */ diff --git a/components/soc/esp32p4/register/hw_ver3/soc/ecdsa_eco5_reg.h b/components/soc/esp32p4/register/hw_ver3/soc/ecdsa_eco5_reg.h deleted file mode 100644 index 179698edbb..0000000000 --- a/components/soc/esp32p4/register/hw_ver3/soc/ecdsa_eco5_reg.h +++ /dev/null @@ -1,359 +0,0 @@ -/** - * SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD - * - * SPDX-License-Identifier: Apache-2.0 - */ -#pragma once - -#include -#include "soc/soc.h" -#ifdef __cplusplus -extern "C" { -#endif - -/** ECDSA_CONF_REG register - * ECDSA configure register - */ -#define ECDSA_CONF_REG (DR_REG_ECDSA_BASE + 0x4) -/** ECDSA_WORK_MODE : R/W; bitpos: [1:0]; default: 0; - * The work mode bits of ECDSA Accelerator. 0: Signature Verify Mode. 1: Signature - * Generate Mode. 2: Export Public Key Mode. 3: invalid. - */ -#define ECDSA_WORK_MODE 0x00000003U -#define ECDSA_WORK_MODE_M (ECDSA_WORK_MODE_V << ECDSA_WORK_MODE_S) -#define ECDSA_WORK_MODE_V 0x00000003U -#define ECDSA_WORK_MODE_S 0 -/** ECDSA_ECC_CURVE : R/W; bitpos: [3:2]; default: 0; - * The ecc curve select bit of ECDSA Accelerator. 0: P-192. 1: P-256. 2: P-384. - */ -#define ECDSA_ECC_CURVE 0x00000003U -#define ECDSA_ECC_CURVE_M (ECDSA_ECC_CURVE_V << ECDSA_ECC_CURVE_S) -#define ECDSA_ECC_CURVE_V 0x00000003U -#define ECDSA_ECC_CURVE_S 2 -/** ECDSA_SOFTWARE_SET_K : R/W; bitpos: [4]; default: 0; - * The source of k select bit. 0: k is automatically generated by hardware. 1: k is - * written by software. - */ -#define ECDSA_SOFTWARE_SET_K (BIT(4)) -#define ECDSA_SOFTWARE_SET_K_M (ECDSA_SOFTWARE_SET_K_V << ECDSA_SOFTWARE_SET_K_S) -#define ECDSA_SOFTWARE_SET_K_V 0x00000001U -#define ECDSA_SOFTWARE_SET_K_S 4 -/** ECDSA_SOFTWARE_SET_Z : R/W; bitpos: [5]; default: 0; - * The source of z select bit. 0: z is generated from SHA result. 1: z is written by - * software. - */ -#define ECDSA_SOFTWARE_SET_Z (BIT(5)) -#define ECDSA_SOFTWARE_SET_Z_M (ECDSA_SOFTWARE_SET_Z_V << ECDSA_SOFTWARE_SET_Z_S) -#define ECDSA_SOFTWARE_SET_Z_V 0x00000001U -#define ECDSA_SOFTWARE_SET_Z_S 5 -/** ECDSA_DETERMINISTIC_K : R/W; bitpos: [6]; default: 0; - * The source of hardware generated k. 0: k is generated by TRNG. 1: k is generated by - * deterministic derivation algorithm. - */ -#define ECDSA_DETERMINISTIC_K (BIT(6)) -#define ECDSA_DETERMINISTIC_K_M (ECDSA_DETERMINISTIC_K_V << ECDSA_DETERMINISTIC_K_S) -#define ECDSA_DETERMINISTIC_K_V 0x00000001U -#define ECDSA_DETERMINISTIC_K_S 6 - -/** ECDSA_CLK_REG register - * ECDSA clock gate register - */ -#define ECDSA_CLK_REG (DR_REG_ECDSA_BASE + 0x8) -/** ECDSA_CLK_GATE_FORCE_ON : R/W; bitpos: [0]; default: 0; - * Write 1 to force on register clock gate. - */ -#define ECDSA_CLK_GATE_FORCE_ON (BIT(0)) -#define ECDSA_CLK_GATE_FORCE_ON_M (ECDSA_CLK_GATE_FORCE_ON_V << ECDSA_CLK_GATE_FORCE_ON_S) -#define ECDSA_CLK_GATE_FORCE_ON_V 0x00000001U -#define ECDSA_CLK_GATE_FORCE_ON_S 0 - -/** ECDSA_INT_RAW_REG register - * ECDSA interrupt raw register, valid in level. - */ -#define ECDSA_INT_RAW_REG (DR_REG_ECDSA_BASE + 0xc) -/** ECDSA_PREP_DONE_INT_RAW : RO/WTC/SS; bitpos: [0]; default: 0; - * The raw interrupt status bit for the ecdsa_prep_done_int interrupt - */ -#define ECDSA_PREP_DONE_INT_RAW (BIT(0)) -#define ECDSA_PREP_DONE_INT_RAW_M (ECDSA_PREP_DONE_INT_RAW_V << ECDSA_PREP_DONE_INT_RAW_S) -#define ECDSA_PREP_DONE_INT_RAW_V 0x00000001U -#define ECDSA_PREP_DONE_INT_RAW_S 0 -/** ECDSA_PROC_DONE_INT_RAW : RO/WTC/SS; bitpos: [1]; default: 0; - * The raw interrupt status bit for the ecdsa_proc_done_int interrupt - */ -#define ECDSA_PROC_DONE_INT_RAW (BIT(1)) -#define ECDSA_PROC_DONE_INT_RAW_M (ECDSA_PROC_DONE_INT_RAW_V << ECDSA_PROC_DONE_INT_RAW_S) -#define ECDSA_PROC_DONE_INT_RAW_V 0x00000001U -#define ECDSA_PROC_DONE_INT_RAW_S 1 -/** ECDSA_POST_DONE_INT_RAW : RO/WTC/SS; bitpos: [2]; default: 0; - * The raw interrupt status bit for the ecdsa_post_done_int interrupt - */ -#define ECDSA_POST_DONE_INT_RAW (BIT(2)) -#define ECDSA_POST_DONE_INT_RAW_M (ECDSA_POST_DONE_INT_RAW_V << ECDSA_POST_DONE_INT_RAW_S) -#define ECDSA_POST_DONE_INT_RAW_V 0x00000001U -#define ECDSA_POST_DONE_INT_RAW_S 2 -/** ECDSA_SHA_RELEASE_INT_RAW : RO/WTC/SS; bitpos: [3]; default: 0; - * The raw interrupt status bit for the ecdsa_sha_release_int interrupt - */ -#define ECDSA_SHA_RELEASE_INT_RAW (BIT(3)) -#define ECDSA_SHA_RELEASE_INT_RAW_M (ECDSA_SHA_RELEASE_INT_RAW_V << ECDSA_SHA_RELEASE_INT_RAW_S) -#define ECDSA_SHA_RELEASE_INT_RAW_V 0x00000001U -#define ECDSA_SHA_RELEASE_INT_RAW_S 3 - -/** ECDSA_INT_ST_REG register - * ECDSA interrupt status register. - */ -#define ECDSA_INT_ST_REG (DR_REG_ECDSA_BASE + 0x10) -/** ECDSA_PREP_DONE_INT_ST : RO; bitpos: [0]; default: 0; - * The masked interrupt status bit for the ecdsa_prep_done_int interrupt - */ -#define ECDSA_PREP_DONE_INT_ST (BIT(0)) -#define ECDSA_PREP_DONE_INT_ST_M (ECDSA_PREP_DONE_INT_ST_V << ECDSA_PREP_DONE_INT_ST_S) -#define ECDSA_PREP_DONE_INT_ST_V 0x00000001U -#define ECDSA_PREP_DONE_INT_ST_S 0 -/** ECDSA_PROC_DONE_INT_ST : RO; bitpos: [1]; default: 0; - * The masked interrupt status bit for the ecdsa_proc_done_int interrupt - */ -#define ECDSA_PROC_DONE_INT_ST (BIT(1)) -#define ECDSA_PROC_DONE_INT_ST_M (ECDSA_PROC_DONE_INT_ST_V << ECDSA_PROC_DONE_INT_ST_S) -#define ECDSA_PROC_DONE_INT_ST_V 0x00000001U -#define ECDSA_PROC_DONE_INT_ST_S 1 -/** ECDSA_POST_DONE_INT_ST : RO; bitpos: [2]; default: 0; - * The masked interrupt status bit for the ecdsa_post_done_int interrupt - */ -#define ECDSA_POST_DONE_INT_ST (BIT(2)) -#define ECDSA_POST_DONE_INT_ST_M (ECDSA_POST_DONE_INT_ST_V << ECDSA_POST_DONE_INT_ST_S) -#define ECDSA_POST_DONE_INT_ST_V 0x00000001U -#define ECDSA_POST_DONE_INT_ST_S 2 -/** ECDSA_SHA_RELEASE_INT_ST : RO; bitpos: [3]; default: 0; - * The masked interrupt status bit for the ecdsa_sha_release_int interrupt - */ -#define ECDSA_SHA_RELEASE_INT_ST (BIT(3)) -#define ECDSA_SHA_RELEASE_INT_ST_M (ECDSA_SHA_RELEASE_INT_ST_V << ECDSA_SHA_RELEASE_INT_ST_S) -#define ECDSA_SHA_RELEASE_INT_ST_V 0x00000001U -#define ECDSA_SHA_RELEASE_INT_ST_S 3 - -/** ECDSA_INT_ENA_REG register - * ECDSA interrupt enable register. - */ -#define ECDSA_INT_ENA_REG (DR_REG_ECDSA_BASE + 0x14) -/** ECDSA_PREP_DONE_INT_ENA : R/W; bitpos: [0]; default: 0; - * The interrupt enable bit for the ecdsa_prep_done_int interrupt - */ -#define ECDSA_PREP_DONE_INT_ENA (BIT(0)) -#define ECDSA_PREP_DONE_INT_ENA_M (ECDSA_PREP_DONE_INT_ENA_V << ECDSA_PREP_DONE_INT_ENA_S) -#define ECDSA_PREP_DONE_INT_ENA_V 0x00000001U -#define ECDSA_PREP_DONE_INT_ENA_S 0 -/** ECDSA_PROC_DONE_INT_ENA : R/W; bitpos: [1]; default: 0; - * The interrupt enable bit for the ecdsa_proc_done_int interrupt - */ -#define ECDSA_PROC_DONE_INT_ENA (BIT(1)) -#define ECDSA_PROC_DONE_INT_ENA_M (ECDSA_PROC_DONE_INT_ENA_V << ECDSA_PROC_DONE_INT_ENA_S) -#define ECDSA_PROC_DONE_INT_ENA_V 0x00000001U -#define ECDSA_PROC_DONE_INT_ENA_S 1 -/** ECDSA_POST_DONE_INT_ENA : R/W; bitpos: [2]; default: 0; - * The interrupt enable bit for the ecdsa_post_done_int interrupt - */ -#define ECDSA_POST_DONE_INT_ENA (BIT(2)) -#define ECDSA_POST_DONE_INT_ENA_M (ECDSA_POST_DONE_INT_ENA_V << ECDSA_POST_DONE_INT_ENA_S) -#define ECDSA_POST_DONE_INT_ENA_V 0x00000001U -#define ECDSA_POST_DONE_INT_ENA_S 2 -/** ECDSA_SHA_RELEASE_INT_ENA : R/W; bitpos: [3]; default: 0; - * The interrupt enable bit for the ecdsa_sha_release_int interrupt - */ -#define ECDSA_SHA_RELEASE_INT_ENA (BIT(3)) -#define ECDSA_SHA_RELEASE_INT_ENA_M (ECDSA_SHA_RELEASE_INT_ENA_V << ECDSA_SHA_RELEASE_INT_ENA_S) -#define ECDSA_SHA_RELEASE_INT_ENA_V 0x00000001U -#define ECDSA_SHA_RELEASE_INT_ENA_S 3 - -/** ECDSA_INT_CLR_REG register - * ECDSA interrupt clear register. - */ -#define ECDSA_INT_CLR_REG (DR_REG_ECDSA_BASE + 0x18) -/** ECDSA_PREP_DONE_INT_CLR : WT; bitpos: [0]; default: 0; - * Set this bit to clear the ecdsa_prep_done_int interrupt - */ -#define ECDSA_PREP_DONE_INT_CLR (BIT(0)) -#define ECDSA_PREP_DONE_INT_CLR_M (ECDSA_PREP_DONE_INT_CLR_V << ECDSA_PREP_DONE_INT_CLR_S) -#define ECDSA_PREP_DONE_INT_CLR_V 0x00000001U -#define ECDSA_PREP_DONE_INT_CLR_S 0 -/** ECDSA_PROC_DONE_INT_CLR : WT; bitpos: [1]; default: 0; - * Set this bit to clear the ecdsa_proc_done_int interrupt - */ -#define ECDSA_PROC_DONE_INT_CLR (BIT(1)) -#define ECDSA_PROC_DONE_INT_CLR_M (ECDSA_PROC_DONE_INT_CLR_V << ECDSA_PROC_DONE_INT_CLR_S) -#define ECDSA_PROC_DONE_INT_CLR_V 0x00000001U -#define ECDSA_PROC_DONE_INT_CLR_S 1 -/** ECDSA_POST_DONE_INT_CLR : WT; bitpos: [2]; default: 0; - * Set this bit to clear the ecdsa_post_done_int interrupt - */ -#define ECDSA_POST_DONE_INT_CLR (BIT(2)) -#define ECDSA_POST_DONE_INT_CLR_M (ECDSA_POST_DONE_INT_CLR_V << ECDSA_POST_DONE_INT_CLR_S) -#define ECDSA_POST_DONE_INT_CLR_V 0x00000001U -#define ECDSA_POST_DONE_INT_CLR_S 2 -/** ECDSA_SHA_RELEASE_INT_CLR : WT; bitpos: [3]; default: 0; - * Set this bit to clear the ecdsa_sha_release_int interrupt - */ -#define ECDSA_SHA_RELEASE_INT_CLR (BIT(3)) -#define ECDSA_SHA_RELEASE_INT_CLR_M (ECDSA_SHA_RELEASE_INT_CLR_V << ECDSA_SHA_RELEASE_INT_CLR_S) -#define ECDSA_SHA_RELEASE_INT_CLR_V 0x00000001U -#define ECDSA_SHA_RELEASE_INT_CLR_S 3 - -/** ECDSA_START_REG register - * ECDSA start register - */ -#define ECDSA_START_REG (DR_REG_ECDSA_BASE + 0x1c) -/** ECDSA_START : WT; bitpos: [0]; default: 0; - * Write 1 to start calculation of ECDSA Accelerator. This bit will be self-cleared - * after configuration. - */ -#define ECDSA_START (BIT(0)) -#define ECDSA_START_M (ECDSA_START_V << ECDSA_START_S) -#define ECDSA_START_V 0x00000001U -#define ECDSA_START_S 0 -/** ECDSA_LOAD_DONE : WT; bitpos: [1]; default: 0; - * Write 1 to input load done signal of ECDSA Accelerator. This bit will be - * self-cleared after configuration. - */ -#define ECDSA_LOAD_DONE (BIT(1)) -#define ECDSA_LOAD_DONE_M (ECDSA_LOAD_DONE_V << ECDSA_LOAD_DONE_S) -#define ECDSA_LOAD_DONE_V 0x00000001U -#define ECDSA_LOAD_DONE_S 1 -/** ECDSA_GET_DONE : WT; bitpos: [2]; default: 0; - * Write 1 to input get done signal of ECDSA Accelerator. This bit will be - * self-cleared after configuration. - */ -#define ECDSA_GET_DONE (BIT(2)) -#define ECDSA_GET_DONE_M (ECDSA_GET_DONE_V << ECDSA_GET_DONE_S) -#define ECDSA_GET_DONE_V 0x00000001U -#define ECDSA_GET_DONE_S 2 - -/** ECDSA_STATE_REG register - * ECDSA status register - */ -#define ECDSA_STATE_REG (DR_REG_ECDSA_BASE + 0x20) -/** ECDSA_BUSY : RO; bitpos: [1:0]; default: 0; - * The status bits of ECDSA Accelerator. ECDSA is at 0: IDLE, 1: LOAD, 2: GET, 3: BUSY - * state. - */ -#define ECDSA_BUSY 0x00000003U -#define ECDSA_BUSY_M (ECDSA_BUSY_V << ECDSA_BUSY_S) -#define ECDSA_BUSY_V 0x00000003U -#define ECDSA_BUSY_S 0 - -/** ECDSA_RESULT_REG register - * ECDSA result register - */ -#define ECDSA_RESULT_REG (DR_REG_ECDSA_BASE + 0x24) -/** ECDSA_OPERATION_RESULT : RO/SS; bitpos: [0]; default: 0; - * The operation result bit of ECDSA Accelerator, only valid when ECDSA calculation is - * done. - */ -#define ECDSA_OPERATION_RESULT (BIT(0)) -#define ECDSA_OPERATION_RESULT_M (ECDSA_OPERATION_RESULT_V << ECDSA_OPERATION_RESULT_S) -#define ECDSA_OPERATION_RESULT_V 0x00000001U -#define ECDSA_OPERATION_RESULT_S 0 - -/** ECDSA_DATE_REG register - * Version control register - */ -#define ECDSA_DATE_REG (DR_REG_ECDSA_BASE + 0xfc) -/** ECDSA_DATE : R/W; bitpos: [27:0]; default: 37785984; - * ECDSA version control register - */ -#define ECDSA_DATE 0x0FFFFFFFU -#define ECDSA_DATE_M (ECDSA_DATE_V << ECDSA_DATE_S) -#define ECDSA_DATE_V 0x0FFFFFFFU -#define ECDSA_DATE_S 0 - -/** ECDSA_SHA_MODE_REG register - * ECDSA control SHA register - */ -#define ECDSA_SHA_MODE_REG (DR_REG_ECDSA_BASE + 0x200) -/** ECDSA_SHA_MODE : R/W; bitpos: [2:0]; default: 0; - * The work mode bits of SHA Calculator in ECDSA Accelerator. 0: SHA1. 1: SHA-224. 2: - * SHA-256. 3: SHA-384 4: SHA-512. 5: SHA-512224. 6: SHA-512256. 7: invalid. - */ -#define ECDSA_SHA_MODE 0x00000007U -#define ECDSA_SHA_MODE_M (ECDSA_SHA_MODE_V << ECDSA_SHA_MODE_S) -#define ECDSA_SHA_MODE_V 0x00000007U -#define ECDSA_SHA_MODE_S 0 - -/** ECDSA_SHA_START_REG register - * ECDSA control SHA register - */ -#define ECDSA_SHA_START_REG (DR_REG_ECDSA_BASE + 0x210) -/** ECDSA_SHA_START : WT; bitpos: [0]; default: 0; - * Write 1 to start the first calculation of SHA Calculator in ECDSA Accelerator. This - * bit will be self-cleared after configuration. - */ -#define ECDSA_SHA_START (BIT(0)) -#define ECDSA_SHA_START_M (ECDSA_SHA_START_V << ECDSA_SHA_START_S) -#define ECDSA_SHA_START_V 0x00000001U -#define ECDSA_SHA_START_S 0 - -/** ECDSA_SHA_CONTINUE_REG register - * ECDSA control SHA register - */ -#define ECDSA_SHA_CONTINUE_REG (DR_REG_ECDSA_BASE + 0x214) -/** ECDSA_SHA_CONTINUE : WT; bitpos: [0]; default: 0; - * Write 1 to start the latter calculation of SHA Calculator in ECDSA Accelerator. This - * bit will be self-cleared after configuration. - */ -#define ECDSA_SHA_CONTINUE (BIT(0)) -#define ECDSA_SHA_CONTINUE_M (ECDSA_SHA_CONTINUE_V << ECDSA_SHA_CONTINUE_S) -#define ECDSA_SHA_CONTINUE_V 0x00000001U -#define ECDSA_SHA_CONTINUE_S 0 - -/** ECDSA_SHA_BUSY_REG register - * ECDSA status register - */ -#define ECDSA_SHA_BUSY_REG (DR_REG_ECDSA_BASE + 0x218) -/** ECDSA_SHA_BUSY : RO; bitpos: [0]; default: 0; - * The busy status bit of SHA Calculator in ECDSA Accelerator. 1:SHA is in - * calculation. 0: SHA is idle. - */ -#define ECDSA_SHA_BUSY (BIT(0)) -#define ECDSA_SHA_BUSY_M (ECDSA_SHA_BUSY_V << ECDSA_SHA_BUSY_S) -#define ECDSA_SHA_BUSY_V 0x00000001U -#define ECDSA_SHA_BUSY_S 0 - -/** ECDSA_MESSAGE_MEM register - * The memory that stores message. - */ -#define ECDSA_MESSAGE_MEM (DR_REG_ECDSA_BASE + 0x280) -#define ECDSA_MESSAGE_MEM_SIZE_BYTES 64 - -/** ECDSA_R_MEM register - * The memory that stores r. - */ -#define ECDSA_R_MEM (DR_REG_ECDSA_BASE + 0x3e0) -#define ECDSA_R_MEM_SIZE_BYTES 48 - -/** ECDSA_S_MEM register - * The memory that stores s. - */ -#define ECDSA_S_MEM (DR_REG_ECDSA_BASE + 0x410) -#define ECDSA_S_MEM_SIZE_BYTES 48 - -/** ECDSA_Z_MEM register - * The memory that stores software written z. - */ -#define ECDSA_Z_MEM (DR_REG_ECDSA_BASE + 0x440) -#define ECDSA_Z_MEM_SIZE_BYTES 48 - -/** ECDSA_QAX_MEM register - * The memory that stores x coordinates of QA or software written k. - */ -#define ECDSA_QAX_MEM (DR_REG_ECDSA_BASE + 0x470) -#define ECDSA_QAX_MEM_SIZE_BYTES 48 - -/** ECDSA_QAY_MEM register - * The memory that stores y coordinates of QA. - */ -#define ECDSA_QAY_MEM (DR_REG_ECDSA_BASE + 0x4a0) -#define ECDSA_QAY_MEM_SIZE_BYTES 48 - -#ifdef __cplusplus -} -#endif diff --git a/components/soc/esp32p4/register/hw_ver3/soc/ecdsa_reg.h b/components/soc/esp32p4/register/hw_ver3/soc/ecdsa_reg.h index 59b58185f8..179698edbb 100644 --- a/components/soc/esp32p4/register/hw_ver3/soc/ecdsa_reg.h +++ b/components/soc/esp32p4/register/hw_ver3/soc/ecdsa_reg.h @@ -23,44 +23,37 @@ extern "C" { #define ECDSA_WORK_MODE_M (ECDSA_WORK_MODE_V << ECDSA_WORK_MODE_S) #define ECDSA_WORK_MODE_V 0x00000003U #define ECDSA_WORK_MODE_S 0 -/** ECDSA_ECC_CURVE : R/W; bitpos: [2]; default: 0; - * The ecc curve select bit of ECDSA Accelerator. 0: P-192. 1: P-256. +/** ECDSA_ECC_CURVE : R/W; bitpos: [3:2]; default: 0; + * The ecc curve select bit of ECDSA Accelerator. 0: P-192. 1: P-256. 2: P-384. */ -#define ECDSA_ECC_CURVE (BIT(2)) +#define ECDSA_ECC_CURVE 0x00000003U #define ECDSA_ECC_CURVE_M (ECDSA_ECC_CURVE_V << ECDSA_ECC_CURVE_S) -#define ECDSA_ECC_CURVE_V 0x00000001U +#define ECDSA_ECC_CURVE_V 0x00000003U #define ECDSA_ECC_CURVE_S 2 -/** ECDSA_SOFTWARE_SET_K : R/W; bitpos: [3]; default: 0; +/** ECDSA_SOFTWARE_SET_K : R/W; bitpos: [4]; default: 0; * The source of k select bit. 0: k is automatically generated by hardware. 1: k is * written by software. */ -#define ECDSA_SOFTWARE_SET_K (BIT(3)) +#define ECDSA_SOFTWARE_SET_K (BIT(4)) #define ECDSA_SOFTWARE_SET_K_M (ECDSA_SOFTWARE_SET_K_V << ECDSA_SOFTWARE_SET_K_S) #define ECDSA_SOFTWARE_SET_K_V 0x00000001U -#define ECDSA_SOFTWARE_SET_K_S 3 -/** ECDSA_SOFTWARE_SET_Z : R/W; bitpos: [4]; default: 0; +#define ECDSA_SOFTWARE_SET_K_S 4 +/** ECDSA_SOFTWARE_SET_Z : R/W; bitpos: [5]; default: 0; * The source of z select bit. 0: z is generated from SHA result. 1: z is written by * software. */ -#define ECDSA_SOFTWARE_SET_Z (BIT(4)) +#define ECDSA_SOFTWARE_SET_Z (BIT(5)) #define ECDSA_SOFTWARE_SET_Z_M (ECDSA_SOFTWARE_SET_Z_V << ECDSA_SOFTWARE_SET_Z_S) #define ECDSA_SOFTWARE_SET_Z_V 0x00000001U -#define ECDSA_SOFTWARE_SET_Z_S 4 -/** ECDSA_DETERMINISTIC_K : R/W; bitpos: [5]; default: 0; +#define ECDSA_SOFTWARE_SET_Z_S 5 +/** ECDSA_DETERMINISTIC_K : R/W; bitpos: [6]; default: 0; * The source of hardware generated k. 0: k is generated by TRNG. 1: k is generated by * deterministic derivation algorithm. */ -#define ECDSA_DETERMINISTIC_K (BIT(5)) +#define ECDSA_DETERMINISTIC_K (BIT(6)) #define ECDSA_DETERMINISTIC_K_M (ECDSA_DETERMINISTIC_K_V << ECDSA_DETERMINISTIC_K_S) #define ECDSA_DETERMINISTIC_K_V 0x00000001U -#define ECDSA_DETERMINISTIC_K_S 5 -/** ECDSA_DETERMINISTIC_LOOP : R/W; bitpos: [21:6]; default: 0; - * The (loop number - 1) value in the deterministic derivation algorithm to derive k. - */ -#define ECDSA_DETERMINISTIC_LOOP 0x0000FFFFU -#define ECDSA_DETERMINISTIC_LOOP_M (ECDSA_DETERMINISTIC_LOOP_V << ECDSA_DETERMINISTIC_LOOP_S) -#define ECDSA_DETERMINISTIC_LOOP_V 0x0000FFFFU -#define ECDSA_DETERMINISTIC_LOOP_S 6 +#define ECDSA_DETERMINISTIC_K_S 6 /** ECDSA_CLK_REG register * ECDSA clock gate register @@ -78,77 +71,133 @@ extern "C" { * ECDSA interrupt raw register, valid in level. */ #define ECDSA_INT_RAW_REG (DR_REG_ECDSA_BASE + 0xc) -/** ECDSA_CALC_DONE_INT_RAW : RO/WTC/SS; bitpos: [0]; default: 0; - * The raw interrupt status bit for the ecdsa_calc_done_int interrupt +/** ECDSA_PREP_DONE_INT_RAW : RO/WTC/SS; bitpos: [0]; default: 0; + * The raw interrupt status bit for the ecdsa_prep_done_int interrupt */ -#define ECDSA_CALC_DONE_INT_RAW (BIT(0)) -#define ECDSA_CALC_DONE_INT_RAW_M (ECDSA_CALC_DONE_INT_RAW_V << ECDSA_CALC_DONE_INT_RAW_S) -#define ECDSA_CALC_DONE_INT_RAW_V 0x00000001U -#define ECDSA_CALC_DONE_INT_RAW_S 0 -/** ECDSA_SHA_RELEASE_INT_RAW : RO/WTC/SS; bitpos: [1]; default: 0; +#define ECDSA_PREP_DONE_INT_RAW (BIT(0)) +#define ECDSA_PREP_DONE_INT_RAW_M (ECDSA_PREP_DONE_INT_RAW_V << ECDSA_PREP_DONE_INT_RAW_S) +#define ECDSA_PREP_DONE_INT_RAW_V 0x00000001U +#define ECDSA_PREP_DONE_INT_RAW_S 0 +/** ECDSA_PROC_DONE_INT_RAW : RO/WTC/SS; bitpos: [1]; default: 0; + * The raw interrupt status bit for the ecdsa_proc_done_int interrupt + */ +#define ECDSA_PROC_DONE_INT_RAW (BIT(1)) +#define ECDSA_PROC_DONE_INT_RAW_M (ECDSA_PROC_DONE_INT_RAW_V << ECDSA_PROC_DONE_INT_RAW_S) +#define ECDSA_PROC_DONE_INT_RAW_V 0x00000001U +#define ECDSA_PROC_DONE_INT_RAW_S 1 +/** ECDSA_POST_DONE_INT_RAW : RO/WTC/SS; bitpos: [2]; default: 0; + * The raw interrupt status bit for the ecdsa_post_done_int interrupt + */ +#define ECDSA_POST_DONE_INT_RAW (BIT(2)) +#define ECDSA_POST_DONE_INT_RAW_M (ECDSA_POST_DONE_INT_RAW_V << ECDSA_POST_DONE_INT_RAW_S) +#define ECDSA_POST_DONE_INT_RAW_V 0x00000001U +#define ECDSA_POST_DONE_INT_RAW_S 2 +/** ECDSA_SHA_RELEASE_INT_RAW : RO/WTC/SS; bitpos: [3]; default: 0; * The raw interrupt status bit for the ecdsa_sha_release_int interrupt */ -#define ECDSA_SHA_RELEASE_INT_RAW (BIT(1)) +#define ECDSA_SHA_RELEASE_INT_RAW (BIT(3)) #define ECDSA_SHA_RELEASE_INT_RAW_M (ECDSA_SHA_RELEASE_INT_RAW_V << ECDSA_SHA_RELEASE_INT_RAW_S) #define ECDSA_SHA_RELEASE_INT_RAW_V 0x00000001U -#define ECDSA_SHA_RELEASE_INT_RAW_S 1 +#define ECDSA_SHA_RELEASE_INT_RAW_S 3 /** ECDSA_INT_ST_REG register * ECDSA interrupt status register. */ #define ECDSA_INT_ST_REG (DR_REG_ECDSA_BASE + 0x10) -/** ECDSA_CALC_DONE_INT_ST : RO; bitpos: [0]; default: 0; - * The masked interrupt status bit for the ecdsa_calc_done_int interrupt +/** ECDSA_PREP_DONE_INT_ST : RO; bitpos: [0]; default: 0; + * The masked interrupt status bit for the ecdsa_prep_done_int interrupt */ -#define ECDSA_CALC_DONE_INT_ST (BIT(0)) -#define ECDSA_CALC_DONE_INT_ST_M (ECDSA_CALC_DONE_INT_ST_V << ECDSA_CALC_DONE_INT_ST_S) -#define ECDSA_CALC_DONE_INT_ST_V 0x00000001U -#define ECDSA_CALC_DONE_INT_ST_S 0 -/** ECDSA_SHA_RELEASE_INT_ST : RO; bitpos: [1]; default: 0; +#define ECDSA_PREP_DONE_INT_ST (BIT(0)) +#define ECDSA_PREP_DONE_INT_ST_M (ECDSA_PREP_DONE_INT_ST_V << ECDSA_PREP_DONE_INT_ST_S) +#define ECDSA_PREP_DONE_INT_ST_V 0x00000001U +#define ECDSA_PREP_DONE_INT_ST_S 0 +/** ECDSA_PROC_DONE_INT_ST : RO; bitpos: [1]; default: 0; + * The masked interrupt status bit for the ecdsa_proc_done_int interrupt + */ +#define ECDSA_PROC_DONE_INT_ST (BIT(1)) +#define ECDSA_PROC_DONE_INT_ST_M (ECDSA_PROC_DONE_INT_ST_V << ECDSA_PROC_DONE_INT_ST_S) +#define ECDSA_PROC_DONE_INT_ST_V 0x00000001U +#define ECDSA_PROC_DONE_INT_ST_S 1 +/** ECDSA_POST_DONE_INT_ST : RO; bitpos: [2]; default: 0; + * The masked interrupt status bit for the ecdsa_post_done_int interrupt + */ +#define ECDSA_POST_DONE_INT_ST (BIT(2)) +#define ECDSA_POST_DONE_INT_ST_M (ECDSA_POST_DONE_INT_ST_V << ECDSA_POST_DONE_INT_ST_S) +#define ECDSA_POST_DONE_INT_ST_V 0x00000001U +#define ECDSA_POST_DONE_INT_ST_S 2 +/** ECDSA_SHA_RELEASE_INT_ST : RO; bitpos: [3]; default: 0; * The masked interrupt status bit for the ecdsa_sha_release_int interrupt */ -#define ECDSA_SHA_RELEASE_INT_ST (BIT(1)) +#define ECDSA_SHA_RELEASE_INT_ST (BIT(3)) #define ECDSA_SHA_RELEASE_INT_ST_M (ECDSA_SHA_RELEASE_INT_ST_V << ECDSA_SHA_RELEASE_INT_ST_S) #define ECDSA_SHA_RELEASE_INT_ST_V 0x00000001U -#define ECDSA_SHA_RELEASE_INT_ST_S 1 +#define ECDSA_SHA_RELEASE_INT_ST_S 3 /** ECDSA_INT_ENA_REG register * ECDSA interrupt enable register. */ #define ECDSA_INT_ENA_REG (DR_REG_ECDSA_BASE + 0x14) -/** ECDSA_CALC_DONE_INT_ENA : R/W; bitpos: [0]; default: 0; - * The interrupt enable bit for the ecdsa_calc_done_int interrupt +/** ECDSA_PREP_DONE_INT_ENA : R/W; bitpos: [0]; default: 0; + * The interrupt enable bit for the ecdsa_prep_done_int interrupt */ -#define ECDSA_CALC_DONE_INT_ENA (BIT(0)) -#define ECDSA_CALC_DONE_INT_ENA_M (ECDSA_CALC_DONE_INT_ENA_V << ECDSA_CALC_DONE_INT_ENA_S) -#define ECDSA_CALC_DONE_INT_ENA_V 0x00000001U -#define ECDSA_CALC_DONE_INT_ENA_S 0 -/** ECDSA_SHA_RELEASE_INT_ENA : R/W; bitpos: [1]; default: 0; +#define ECDSA_PREP_DONE_INT_ENA (BIT(0)) +#define ECDSA_PREP_DONE_INT_ENA_M (ECDSA_PREP_DONE_INT_ENA_V << ECDSA_PREP_DONE_INT_ENA_S) +#define ECDSA_PREP_DONE_INT_ENA_V 0x00000001U +#define ECDSA_PREP_DONE_INT_ENA_S 0 +/** ECDSA_PROC_DONE_INT_ENA : R/W; bitpos: [1]; default: 0; + * The interrupt enable bit for the ecdsa_proc_done_int interrupt + */ +#define ECDSA_PROC_DONE_INT_ENA (BIT(1)) +#define ECDSA_PROC_DONE_INT_ENA_M (ECDSA_PROC_DONE_INT_ENA_V << ECDSA_PROC_DONE_INT_ENA_S) +#define ECDSA_PROC_DONE_INT_ENA_V 0x00000001U +#define ECDSA_PROC_DONE_INT_ENA_S 1 +/** ECDSA_POST_DONE_INT_ENA : R/W; bitpos: [2]; default: 0; + * The interrupt enable bit for the ecdsa_post_done_int interrupt + */ +#define ECDSA_POST_DONE_INT_ENA (BIT(2)) +#define ECDSA_POST_DONE_INT_ENA_M (ECDSA_POST_DONE_INT_ENA_V << ECDSA_POST_DONE_INT_ENA_S) +#define ECDSA_POST_DONE_INT_ENA_V 0x00000001U +#define ECDSA_POST_DONE_INT_ENA_S 2 +/** ECDSA_SHA_RELEASE_INT_ENA : R/W; bitpos: [3]; default: 0; * The interrupt enable bit for the ecdsa_sha_release_int interrupt */ -#define ECDSA_SHA_RELEASE_INT_ENA (BIT(1)) +#define ECDSA_SHA_RELEASE_INT_ENA (BIT(3)) #define ECDSA_SHA_RELEASE_INT_ENA_M (ECDSA_SHA_RELEASE_INT_ENA_V << ECDSA_SHA_RELEASE_INT_ENA_S) #define ECDSA_SHA_RELEASE_INT_ENA_V 0x00000001U -#define ECDSA_SHA_RELEASE_INT_ENA_S 1 +#define ECDSA_SHA_RELEASE_INT_ENA_S 3 /** ECDSA_INT_CLR_REG register * ECDSA interrupt clear register. */ #define ECDSA_INT_CLR_REG (DR_REG_ECDSA_BASE + 0x18) -/** ECDSA_CALC_DONE_INT_CLR : WT; bitpos: [0]; default: 0; - * Set this bit to clear the ecdsa_calc_done_int interrupt +/** ECDSA_PREP_DONE_INT_CLR : WT; bitpos: [0]; default: 0; + * Set this bit to clear the ecdsa_prep_done_int interrupt */ -#define ECDSA_CALC_DONE_INT_CLR (BIT(0)) -#define ECDSA_CALC_DONE_INT_CLR_M (ECDSA_CALC_DONE_INT_CLR_V << ECDSA_CALC_DONE_INT_CLR_S) -#define ECDSA_CALC_DONE_INT_CLR_V 0x00000001U -#define ECDSA_CALC_DONE_INT_CLR_S 0 -/** ECDSA_SHA_RELEASE_INT_CLR : WT; bitpos: [1]; default: 0; +#define ECDSA_PREP_DONE_INT_CLR (BIT(0)) +#define ECDSA_PREP_DONE_INT_CLR_M (ECDSA_PREP_DONE_INT_CLR_V << ECDSA_PREP_DONE_INT_CLR_S) +#define ECDSA_PREP_DONE_INT_CLR_V 0x00000001U +#define ECDSA_PREP_DONE_INT_CLR_S 0 +/** ECDSA_PROC_DONE_INT_CLR : WT; bitpos: [1]; default: 0; + * Set this bit to clear the ecdsa_proc_done_int interrupt + */ +#define ECDSA_PROC_DONE_INT_CLR (BIT(1)) +#define ECDSA_PROC_DONE_INT_CLR_M (ECDSA_PROC_DONE_INT_CLR_V << ECDSA_PROC_DONE_INT_CLR_S) +#define ECDSA_PROC_DONE_INT_CLR_V 0x00000001U +#define ECDSA_PROC_DONE_INT_CLR_S 1 +/** ECDSA_POST_DONE_INT_CLR : WT; bitpos: [2]; default: 0; + * Set this bit to clear the ecdsa_post_done_int interrupt + */ +#define ECDSA_POST_DONE_INT_CLR (BIT(2)) +#define ECDSA_POST_DONE_INT_CLR_M (ECDSA_POST_DONE_INT_CLR_V << ECDSA_POST_DONE_INT_CLR_S) +#define ECDSA_POST_DONE_INT_CLR_V 0x00000001U +#define ECDSA_POST_DONE_INT_CLR_S 2 +/** ECDSA_SHA_RELEASE_INT_CLR : WT; bitpos: [3]; default: 0; * Set this bit to clear the ecdsa_sha_release_int interrupt */ -#define ECDSA_SHA_RELEASE_INT_CLR (BIT(1)) +#define ECDSA_SHA_RELEASE_INT_CLR (BIT(3)) #define ECDSA_SHA_RELEASE_INT_CLR_M (ECDSA_SHA_RELEASE_INT_CLR_V << ECDSA_SHA_RELEASE_INT_CLR_S) #define ECDSA_SHA_RELEASE_INT_CLR_V 0x00000001U -#define ECDSA_SHA_RELEASE_INT_CLR_S 1 +#define ECDSA_SHA_RELEASE_INT_CLR_S 3 /** ECDSA_START_REG register * ECDSA start register @@ -204,20 +253,12 @@ extern "C" { #define ECDSA_OPERATION_RESULT_M (ECDSA_OPERATION_RESULT_V << ECDSA_OPERATION_RESULT_S) #define ECDSA_OPERATION_RESULT_V 0x00000001U #define ECDSA_OPERATION_RESULT_S 0 -/** ECDSA_K_VALUE_WARNING : RO/SS; bitpos: [1]; default: 0; - * The k value warning bit of ECDSA Accelerator, valid when k value is bigger than the - * curve order, then actually taken k = k mod n. - */ -#define ECDSA_K_VALUE_WARNING (BIT(1)) -#define ECDSA_K_VALUE_WARNING_M (ECDSA_K_VALUE_WARNING_V << ECDSA_K_VALUE_WARNING_S) -#define ECDSA_K_VALUE_WARNING_V 0x00000001U -#define ECDSA_K_VALUE_WARNING_S 1 /** ECDSA_DATE_REG register * Version control register */ #define ECDSA_DATE_REG (DR_REG_ECDSA_BASE + 0xfc) -/** ECDSA_DATE : R/W; bitpos: [27:0]; default: 36716656; +/** ECDSA_DATE : R/W; bitpos: [27:0]; default: 37785984; * ECDSA version control register */ #define ECDSA_DATE 0x0FFFFFFFU @@ -230,8 +271,8 @@ extern "C" { */ #define ECDSA_SHA_MODE_REG (DR_REG_ECDSA_BASE + 0x200) /** ECDSA_SHA_MODE : R/W; bitpos: [2:0]; default: 0; - * The work mode bits of SHA Calculator in ECDSA Accelerator. 1: SHA-224. 2: SHA-256. - * Others: invalid. + * The work mode bits of SHA Calculator in ECDSA Accelerator. 0: SHA1. 1: SHA-224. 2: + * SHA-256. 3: SHA-384 4: SHA-512. 5: SHA-512224. 6: SHA-512256. 7: invalid. */ #define ECDSA_SHA_MODE 0x00000007U #define ECDSA_SHA_MODE_M (ECDSA_SHA_MODE_V << ECDSA_SHA_MODE_S) @@ -281,37 +322,37 @@ extern "C" { * The memory that stores message. */ #define ECDSA_MESSAGE_MEM (DR_REG_ECDSA_BASE + 0x280) -#define ECDSA_MESSAGE_MEM_SIZE_BYTES 32 +#define ECDSA_MESSAGE_MEM_SIZE_BYTES 64 /** ECDSA_R_MEM register * The memory that stores r. */ -#define ECDSA_R_MEM (DR_REG_ECDSA_BASE + 0xa00) -#define ECDSA_R_MEM_SIZE_BYTES 32 +#define ECDSA_R_MEM (DR_REG_ECDSA_BASE + 0x3e0) +#define ECDSA_R_MEM_SIZE_BYTES 48 /** ECDSA_S_MEM register * The memory that stores s. */ -#define ECDSA_S_MEM (DR_REG_ECDSA_BASE + 0xa20) -#define ECDSA_S_MEM_SIZE_BYTES 32 +#define ECDSA_S_MEM (DR_REG_ECDSA_BASE + 0x410) +#define ECDSA_S_MEM_SIZE_BYTES 48 /** ECDSA_Z_MEM register * The memory that stores software written z. */ -#define ECDSA_Z_MEM (DR_REG_ECDSA_BASE + 0xa40) -#define ECDSA_Z_MEM_SIZE_BYTES 32 +#define ECDSA_Z_MEM (DR_REG_ECDSA_BASE + 0x440) +#define ECDSA_Z_MEM_SIZE_BYTES 48 /** ECDSA_QAX_MEM register * The memory that stores x coordinates of QA or software written k. */ -#define ECDSA_QAX_MEM (DR_REG_ECDSA_BASE + 0xa60) -#define ECDSA_QAX_MEM_SIZE_BYTES 32 +#define ECDSA_QAX_MEM (DR_REG_ECDSA_BASE + 0x470) +#define ECDSA_QAX_MEM_SIZE_BYTES 48 /** ECDSA_QAY_MEM register * The memory that stores y coordinates of QA. */ -#define ECDSA_QAY_MEM (DR_REG_ECDSA_BASE + 0xa80) -#define ECDSA_QAY_MEM_SIZE_BYTES 32 +#define ECDSA_QAY_MEM (DR_REG_ECDSA_BASE + 0x4a0) +#define ECDSA_QAY_MEM_SIZE_BYTES 48 #ifdef __cplusplus }