espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-27 19:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'fix/fix_esp32p4_key_mgr_efuse_key_rev_le_3_v6.0' into 'release/v6.0'

Browse Source 
fix(esp_hal_security): fixes failing hmac_hal_configure with efuse_key for p4 rev < 3 (v6.0)

See merge request espressif/esp-idf!46892
This commit is contained in:
Ashish Sharma
2026-03-25 10:38:30 +08:00
parent 3bd7ec9fe9 1db26df63d
commit 6e08270b4a
4 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
components/esp_hal_security/ecdsa_hal.c
-1
View File
@@ -45,7 +45,6 @@ static void configure_ecdsa_periph(ecdsa_hal_config_t *conf)
ecdsa_hal_set_efuse_key(conf->curve, conf->efuse_key_blk); ecdsa_hal_set_efuse_key(conf->curve, conf->efuse_key_blk);
#if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY #if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
// Force Key Manager to use eFuse key for ECDSA operation // Force Key Manager to use eFuse key for ECDSA operation
key_mgr_hal_set_key_usage(ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_USE_EFUSE_KEY); key_mgr_hal_set_key_usage(ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
#endif #endif
components/esp_hal_security/hmac_hal.c
+1 -1
View File
@@ -38,7 +38,7 @@ uint32_t hmac_hal_configure(hmac_hal_output_t config, uint32_t key_id)
// No other HMAC output type is allowed when using key manager // No other HMAC output type is allowed when using key manager
return 1; return 1;
} }
} else { } else if (key_mgr_ll_is_supported()) {
key_mgr_hal_set_key_usage(ESP_KEY_MGR_HMAC_KEY, ESP_KEY_MGR_USE_EFUSE_KEY); key_mgr_hal_set_key_usage(ESP_KEY_MGR_HMAC_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
} }
#endif #endif
components/esp_hal_security/test_apps/crypto/main/ds/test_ds.c
+7 -2
View File
@@ -24,6 +24,7 @@ ESP_LOG_ATTR_TAG(TAG, "test_ds");
#include "rom/hmac.h" #include "rom/hmac.h"
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY #if SOC_KEY_MANAGER_DS_KEY_DEPLOY
#include "hal/key_mgr_hal.h"
#include "hal/key_mgr_ll.h" #include "hal/key_mgr_ll.h"
#endif #endif
@@ -92,11 +93,15 @@ static esp_err_t esp_ds_start_sign(const void *message, const esp_ds_data_t *dat
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY #if SOC_KEY_MANAGER_DS_KEY_DEPLOY
if (key_id == HMAC_KEY_KM) { if (key_id == HMAC_KEY_KM) {
if (!key_mgr_ll_is_supported()) { if (!key_mgr_ll_is_supported()) {
HAL_ASSERT(false && "Key manager is not supported"); ds_disable_release();
assert(false && "Key manager is not supported");
} }
key_mgr_hal_set_key_usage(ESP_KEY_MGR_DS_KEY, ESP_KEY_MGR_USE_OWN_KEY);
ds_hal_set_key_source(DS_KEY_SOURCE_KEY_MGR); ds_hal_set_key_source(DS_KEY_SOURCE_KEY_MGR);
} else { } else {
if (key_mgr_ll_is_supported()) {
key_mgr_hal_set_key_usage(ESP_KEY_MGR_DS_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
}
ds_hal_set_key_source(DS_KEY_SOURCE_EFUSE); ds_hal_set_key_source(DS_KEY_SOURCE_EFUSE);
#endif #endif
hmac_hal_start(); hmac_hal_start();
components/esp_security/src/esp_ds.c
+7 -5
View File
@@ -332,15 +332,17 @@ esp_err_t esp_ds_start_sign(const void *message,
ds_acquire_enable(); ds_acquire_enable();
#if SOC_KEY_MANAGER_DS_KEY_DEPLOY #if SOC_KEY_MANAGER_DS_KEY_DEPLOY
if (!key_mgr_ll_is_supported()) {
assert(false && "Key manager is not supported");
}
if (key_id == HMAC_KEY_KM) { if (key_id == HMAC_KEY_KM) {
if (!key_mgr_ll_is_supported()) {
ds_disable_release();
assert(false && "Key manager is not supported");
}
key_mgr_hal_set_key_usage(ESP_KEY_MGR_DS_KEY, ESP_KEY_MGR_USE_OWN_KEY); key_mgr_hal_set_key_usage(ESP_KEY_MGR_DS_KEY, ESP_KEY_MGR_USE_OWN_KEY);
ds_hal_set_key_source(DS_KEY_SOURCE_KEY_MGR); ds_hal_set_key_source(DS_KEY_SOURCE_KEY_MGR);
} else { } else {
key_mgr_hal_set_key_usage(ESP_KEY_MGR_DS_KEY, ESP_KEY_MGR_USE_EFUSE_KEY); if (key_mgr_ll_is_supported()) {
key_mgr_hal_set_key_usage(ESP_KEY_MGR_DS_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
}
ds_hal_set_key_source(DS_KEY_SOURCE_EFUSE); ds_hal_set_key_source(DS_KEY_SOURCE_EFUSE);
#endif #endif
// initiate hmac // initiate hmac