Skip to content

Commit

Permalink
Merge branch 'h2/support-ecdsa' into 'master'
Browse files Browse the repository at this point in the history 
H2: Add support for ECDSA peripheral

Closes IDF-6287

See merge request espressif/esp-idf!22663
  • Loading branch information
@sachin0x18
sachin0x18 committed Mar 24, 2023
2 parents 1343b90 + e26018d commit 089b11c
Show file tree
Hide file tree
Showing 18 changed files with 1,008 additions and 6 deletions.
5 changes: 3 additions & 2 deletions components/efuse/esp32h2/include/esp_efuse_chip.h
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
Expand Down Expand Up @@ -62,7 +62,8 @@ typedef enum {
*/
typedef enum {
ESP_EFUSE_KEY_PURPOSE_USER = 0, /**< User purposes (software-only use) */
ESP_EFUSE_KEY_PURPOSE_RESERVED = 1, /**< Reserved */
ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY = 1, /**< ECDSA private key (Expected in little endian order)*/
ESP_EFUSE_KEY_PURPOSE_RESERVED = 2, /**< Reserved (Used as a place holder)*/
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY = 4, /**< XTS_AES_128_KEY (flash/PSRAM encryption) */
ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_ALL = 5, /**< HMAC Downstream mode */
ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_JTAG = 6, /**< JTAG soft enable key (uses HMAC Downstream mode) */
Expand Down
3 changes: 3 additions & 0 deletions components/efuse/src/efuse_controller/keys/with_key_purposes/esp_efuse_api_key.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -287,6 +287,9 @@ esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpo
purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_1 ||
purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_2 ||
#endif //#ifdef SOC_EFUSE_SUPPORT_XTS_AES_256_KEYS
#if SOC_ECDSA_SUPPORTED
purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY ||
#endif
purpose == ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_ALL ||
purpose == ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_JTAG ||
purpose == ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_DIGITAL_SIGNATURE ||
Expand Down
3 changes: 2 additions & 1 deletion components/esp_rom/include/esp32h2/rom/efuse.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,8 @@ extern "C" {

typedef enum {
ETS_EFUSE_KEY_PURPOSE_USER = 0,
ETS_EFUSE_KEY_PURPOSE_RESERVED = 1,
ETS_EFUSE_KEY_PURPOSE_ECDSA_KEY = 1,
ETS_EFUSE_KEY_PURPOSE_RESERVED = 2,
ETS_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY = 4,
ETS_EFUSE_KEY_PURPOSE_HMAC_DOWN_ALL = 5,
ETS_EFUSE_KEY_PURPOSE_HMAC_DOWN_JTAG = 6,
Expand Down
4 changes: 4 additions & 0 deletions components/hal/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,10 @@ if(NOT BOOTLOADER_BUILD)
list(APPEND srcs "ecc_hal.c")
endif()

if(CONFIG_SOC_ECDSA_SUPPORTED)
list(APPEND srcs "ecdsa_hal.c")
endif()

if(CONFIG_SOC_SHA_SUPPORTED)
list(APPEND srcs "sha_hal.c")
endif()
Expand Down
99 changes: 99 additions & 0 deletions components/hal/ecdsa_hal.c
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
/*
* SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/

#include "hal/assert.h"
#include "hal/ecdsa_ll.h"
#include "hal/ecdsa_hal.h"

#define ECDSA_HAL_P192_COMPONENT_LEN 24
#define ECDSA_HAL_P256_COMPONENT_LEN 32

static void configure_ecdsa_periph(ecdsa_hal_config_t *conf)
{
ecdsa_ll_set_mode(conf->mode);
ecdsa_ll_set_curve(conf->curve);
ecdsa_ll_set_k_mode(conf->k_mode);
ecdsa_ll_set_z_mode(conf->sha_mode);
}

void ecdsa_hal_gen_signature(ecdsa_hal_config_t *conf, const uint8_t *k, const uint8_t *hash,
uint8_t *r_out, uint8_t *s_out, uint16_t len)
{
if (len != ECDSA_HAL_P192_COMPONENT_LEN && len != ECDSA_HAL_P256_COMPONENT_LEN) {
HAL_ASSERT(false && "Incorrect length");
}

if (conf->k_mode == ECDSA_K_USER_PROVIDED && k == NULL) {
HAL_ASSERT(false && "Mismatch in K configuration");
}

if (conf->sha_mode == ECDSA_Z_USER_PROVIDED && hash == NULL) {
HAL_ASSERT(false && "Mismatch in SHA configuration");
}

if (ecdsa_ll_get_state() != ECDSA_STATE_IDLE) {
HAL_ASSERT(false && "Incorrect ECDSA state");
}

configure_ecdsa_periph(conf);

ecdsa_ll_set_stage(ECDSA_STAGE_START_CALC);

while(ecdsa_ll_get_state() != ECDSA_STATE_LOAD) {
;
}

ecdsa_ll_set_stage(ECDSA_STAGE_LOAD_DONE);

while (ecdsa_ll_get_state() != ECDSA_STATE_GET) {
;
}

ecdsa_ll_read_param(ECDSA_PARAM_R, r_out, len);
ecdsa_ll_read_param(ECDSA_PARAM_S, s_out, len);

ecdsa_ll_set_stage(ECDSA_STAGE_GET_DONE);

while (ecdsa_ll_get_state() != ECDSA_STATE_IDLE) {
;
}
}

int ecdsa_hal_verify_signature(ecdsa_hal_config_t *conf, const uint8_t *hash, const uint8_t *r, const uint8_t *s,
const uint8_t *pub_x, const uint8_t *pub_y, uint16_t len)
{
if (len != ECDSA_HAL_P192_COMPONENT_LEN && len != ECDSA_HAL_P256_COMPONENT_LEN) {
HAL_ASSERT(false && "Incorrect length");
}

if (ecdsa_ll_get_state() != ECDSA_STATE_IDLE) {
HAL_ASSERT(false && "Incorrect ECDSA state");
}

configure_ecdsa_periph(conf);

ecdsa_ll_set_stage(ECDSA_STAGE_START_CALC);

while(ecdsa_ll_get_state() != ECDSA_STATE_LOAD) {
;
}

ecdsa_ll_write_param(ECDSA_PARAM_Z, hash, len);
ecdsa_ll_write_param(ECDSA_PARAM_R, r, len);
ecdsa_ll_write_param(ECDSA_PARAM_S, s, len);
ecdsa_ll_write_param(ECDSA_PARAM_QAX, pub_x, len);
ecdsa_ll_write_param(ECDSA_PARAM_QAY, pub_y, len);

ecdsa_ll_set_stage(ECDSA_STAGE_LOAD_DONE);

while (ecdsa_ll_get_state() != ECDSA_STATE_IDLE) {
;
}

int res = ecdsa_ll_get_verification_result();

return (res ? 0 : -1);
}
18 changes: 16 additions & 2 deletions components/hal/esp32h2/include/hal/clk_gate_ll.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,8 @@ static inline uint32_t periph_ll_get_clk_en_mask(periph_module_t periph)
return PCR_HMAC_CLK_EN;
case PERIPH_DS_MODULE:
return PCR_DS_CLK_EN;
case PERIPH_ECDSA_MODULE:
return PCR_ECDSA_CLK_EN;
case PERIPH_TEMPSENSOR_MODULE:
return PCR_TSENS_CLK_EN;
// case PERIPH_RNG_MODULE:
Expand Down Expand Up @@ -139,6 +141,10 @@ static inline uint32_t periph_ll_get_rst_en_mask(periph_module_t periph, bool en
case PERIPH_TEMPSENSOR_MODULE:
return PCR_TSENS_RST_EN;
case PERIPH_ECC_MODULE:
if (enable == true) {
// Clear reset on ECDSA, otherwise ECC is held in reset
CLEAR_PERI_REG_MASK(PCR_ECDSA_CONF_REG, PCR_ECDSA_RST_EN);
}
return PCR_ECC_RST_EN;
case PERIPH_AES_MODULE:
if (enable == true) {
Expand All @@ -148,21 +154,25 @@ static inline uint32_t periph_ll_get_rst_en_mask(periph_module_t periph, bool en
return PCR_AES_RST_EN;
case PERIPH_SHA_MODULE:
if (enable == true) {
// Clear reset on digital signature and HMAC, otherwise SHA is held in reset
// Clear reset on digital signature, HMAC, and ECDSA, otherwise SHA is held in reset
CLEAR_PERI_REG_MASK(PCR_DS_CONF_REG, PCR_DS_RST_EN);
CLEAR_PERI_REG_MASK(PCR_HMAC_CONF_REG, PCR_HMAC_RST_EN);
CLEAR_PERI_REG_MASK(PCR_ECDSA_CONF_REG, PCR_ECDSA_RST_EN);
}
return PCR_SHA_RST_EN;
case PERIPH_RSA_MODULE:
if (enable == true) {
// Clear reset on digital signature, otherwise RSA is held in reset
// Clear reset on digital signature, and ECDSA, otherwise RSA is held in reset
CLEAR_PERI_REG_MASK(PCR_DS_CONF_REG, PCR_DS_RST_EN);
CLEAR_PERI_REG_MASK(PCR_ECDSA_CONF_REG, PCR_ECDSA_RST_EN);
}
return PCR_RSA_RST_EN;
case PERIPH_HMAC_MODULE:
return PCR_HMAC_RST_EN;
case PERIPH_DS_MODULE:
return PCR_DS_RST_EN;
case PERIPH_ECDSA_MODULE:
return PCR_ECDSA_RST_EN;
// case PERIPH_RNG_MODULE:
// return PCR_WIFI_CLK_RNG_EN;
// case PERIPH_WIFI_MODULE:
Expand Down Expand Up @@ -243,6 +253,8 @@ static uint32_t periph_ll_get_clk_en_reg(periph_module_t periph)
return PCR_HMAC_CONF_REG;
case PERIPH_DS_MODULE:
return PCR_DS_CONF_REG;
case PERIPH_ECDSA_MODULE:
return PCR_ECDSA_CONF_REG;
case PERIPH_TEMPSENSOR_MODULE:
return PCR_TSENS_CLK_CONF_REG;
default:
Expand Down Expand Up @@ -306,6 +318,8 @@ static uint32_t periph_ll_get_rst_en_reg(periph_module_t periph)
return PCR_HMAC_CONF_REG;
case PERIPH_DS_MODULE:
return PCR_DS_CONF_REG;
case PERIPH_ECDSA_MODULE:
return PCR_ECDSA_CONF_REG;
case PERIPH_TEMPSENSOR_MODULE:
return PCR_TSENS_CLK_CONF_REG;
default:
Expand Down

0 comments on commit 089b11c

Please sign in to comment.