2018-11-19 11:46:21 +08:00
// Copyright 2017-2018 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
2019-06-06 10:57:29 +08:00
# pragma once
2018-11-19 11:46:21 +08:00
2021-11-11 18:04:26 -03:00
# include <stdbool.h>
2018-11-19 11:46:21 +08:00
# include <stdint.h>
2021-11-12 09:17:02 -03:00
2018-11-19 11:46:21 +08:00
# include "esp_err.h"
# include "esp_log.h"
2020-05-28 18:02:02 +10:00
# include "soc/soc_caps.h"
2019-06-18 19:34:05 +08:00
# include "sdkconfig.h"
# if CONFIG_IDF_TARGET_ESP32
# include "esp32/esp_efuse.h"
2020-01-17 11:47:08 +08:00
# elif CONFIG_IDF_TARGET_ESP32S2
# include "esp32s2/esp_efuse.h"
2020-07-29 13:13:51 +08:00
# elif CONFIG_IDF_TARGET_ESP32S3
# include "esp32s3/esp_efuse.h"
2020-11-26 19:56:13 +11:00
# elif CONFIG_IDF_TARGET_ESP32C3
# include "esp32c3/esp_efuse.h"
2019-06-18 19:34:05 +08:00
# endif
2018-11-19 11:46:21 +08:00
2021-11-12 09:17:02 -03:00
# ifdef __cplusplus
extern " C " {
# endif
2018-11-19 11:46:21 +08:00
# define ESP_ERR_EFUSE 0x1600 /*!< Base error code for efuse api. */
# define ESP_OK_EFUSE_CNT (ESP_ERR_EFUSE + 0x01) /*!< OK the required number of bits is set. */
# define ESP_ERR_EFUSE_CNT_IS_FULL (ESP_ERR_EFUSE + 0x02) /*!< Error field is full. */
# define ESP_ERR_EFUSE_REPEATED_PROG (ESP_ERR_EFUSE + 0x03) /*!< Error repeated programming of programmed bits is strictly forbidden. */
# define ESP_ERR_CODING (ESP_ERR_EFUSE + 0x04) /*!< Error while a encoding operation. */
2020-12-04 10:42:57 +08:00
# define ESP_ERR_NOT_ENOUGH_UNUSED_KEY_BLOCKS (ESP_ERR_EFUSE + 0x05) /*!< Error not enough unused key blocks available */
2018-11-19 11:46:21 +08:00
/**
2020-12-04 10:42:57 +08:00
* @ brief Type definition for an eFuse field
2018-11-19 11:46:21 +08:00
*/
2020-12-04 10:42:57 +08:00
typedef struct {
2018-12-14 14:00:59 +08:00
esp_efuse_block_t efuse_block : 8 ; /**< Block of eFuse */
uint8_t bit_start ; /**< Start bit [0..255] */
2018-12-11 14:39:32 +08:00
uint16_t bit_count ; /**< Length of bit field [1..-]*/
2020-12-04 10:42:57 +08:00
} esp_efuse_desc_t ;
2018-11-19 11:46:21 +08:00
/**
* @ brief Reads bits from EFUSE field and writes it into an array .
*
* The number of read bits will be limited to the minimum value
* from the description of the bits in " field " structure or " dst_size_bits " required size .
* Use " esp_efuse_get_field_size() " function to determine the length of the field .
2020-12-04 10:42:57 +08:00
*
* @ note Please note that reading in the batch mode does not show uncommitted changes .
*
2018-11-19 11:46:21 +08:00
* @ param [ in ] field A pointer to the structure describing the fields of efuse .
* @ param [ out ] dst A pointer to array that will contain the result of reading .
* @ param [ in ] dst_size_bits The number of bits required to read .
* If the requested number of bits is greater than the field ,
* the number will be limited to the field size .
*
* @ return
* - ESP_OK : The operation was successfully completed .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
*/
esp_err_t esp_efuse_read_field_blob ( const esp_efuse_desc_t * field [ ] , void * dst , size_t dst_size_bits ) ;
2020-04-25 15:13:18 +10:00
/**
* @ brief Read a single bit eFuse field as a boolean value .
*
* @ note The value must exist and must be a single bit wide . If there is any possibility of an error
* in the provided arguments , call esp_efuse_read_field_blob ( ) and check the returned value instead .
*
* @ note If assertions are enabled and the parameter is invalid , execution will abort
2020-12-04 10:42:57 +08:00
* @ note Please note that reading in the batch mode does not show uncommitted changes .
2020-04-25 15:13:18 +10:00
*
* @ param [ in ] field A pointer to the structure describing the fields of efuse .
* @ return
* - true : The field parameter is valid and the bit is set .
* - false : The bit is not set , or the parameter is invalid and assertions are disabled .
*
*/
bool esp_efuse_read_field_bit ( const esp_efuse_desc_t * field [ ] ) ;
2018-11-19 11:46:21 +08:00
/**
* @ brief Reads bits from EFUSE field and returns number of bits programmed as " 1 " .
*
* If the bits are set not sequentially , they will still be counted .
2020-12-04 10:42:57 +08:00
* @ note Please note that reading in the batch mode does not show uncommitted changes .
*
2018-11-19 11:46:21 +08:00
* @ param [ in ] field A pointer to the structure describing the fields of efuse .
* @ param [ out ] out_cnt A pointer that will contain the number of programmed as " 1 " bits .
*
* @ return
* - ESP_OK : The operation was successfully completed .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
*/
esp_err_t esp_efuse_read_field_cnt ( const esp_efuse_desc_t * field [ ] , size_t * out_cnt ) ;
/**
* @ brief Writes array to EFUSE field .
*
* The number of write bits will be limited to the minimum value
* from the description of the bits in " field " structure or " src_size_bits " required size .
* Use " esp_efuse_get_field_size() " function to determine the length of the field .
* After the function is completed , the writing registers are cleared .
* @ param [ in ] field A pointer to the structure describing the fields of efuse .
* @ param [ in ] src A pointer to array that contains the data for writing .
* @ param [ in ] src_size_bits The number of bits required to write .
*
* @ return
* - ESP_OK : The operation was successfully completed .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_write_field_blob ( const esp_efuse_desc_t * field [ ] , const void * src , size_t src_size_bits ) ;
/**
* @ brief Writes a required count of bits as " 1 " to EFUSE field .
*
* If there are no free bits in the field to set the required number of bits to " 1 " ,
* ESP_ERR_EFUSE_CNT_IS_FULL error is returned , the field will not be partially recorded .
* After the function is completed , the writing registers are cleared .
* @ param [ in ] field A pointer to the structure describing the fields of efuse .
* @ param [ in ] cnt Required number of programmed as " 1 " bits .
*
* @ return
* - ESP_OK : The operation was successfully completed .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_CNT_IS_FULL : Not all requested cnt bits is set .
*/
esp_err_t esp_efuse_write_field_cnt ( const esp_efuse_desc_t * field [ ] , size_t cnt ) ;
2020-04-25 14:58:30 +10:00
/**
* @ brief Write a single bit eFuse field to 1
*
* For use with eFuse fields that are a single bit . This function will write the bit to value 1 if
* it is not already set , or does nothing if the bit is already set .
*
* This is equivalent to calling esp_efuse_write_field_cnt ( ) with the cnt parameter equal to 1 ,
* except that it will return ESP_OK if the field is already set to 1.
*
* @ param [ in ] field Pointer to the structure describing the efuse field .
*
* @ return
* - ESP_OK : The operation was successfully completed , or the bit was already set to value 1.
* - ESP_ERR_INVALID_ARG : Error in the passed arugments , including if the efuse field is not 1 bit wide .
*/
esp_err_t esp_efuse_write_field_bit ( const esp_efuse_desc_t * field [ ] ) ;
2018-12-07 17:57:25 +08:00
/**
* @ brief Sets a write protection for the whole block .
*
* After that , it is impossible to write to this block .
* The write protection does not apply to block 0.
* @ param [ in ] blk Block number of eFuse . ( EFUSE_BLK1 , EFUSE_BLK2 and EFUSE_BLK3 )
*
* @ return
* - ESP_OK : The operation was successfully completed .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_CNT_IS_FULL : Not all requested cnt bits is set .
* - ESP_ERR_NOT_SUPPORTED : The block does not support this command .
*/
esp_err_t esp_efuse_set_write_protect ( esp_efuse_block_t blk ) ;
/**
* @ brief Sets a read protection for the whole block .
*
* After that , it is impossible to read from this block .
* The read protection does not apply to block 0.
* @ param [ in ] blk Block number of eFuse . ( EFUSE_BLK1 , EFUSE_BLK2 and EFUSE_BLK3 )
*
* @ return
* - ESP_OK : The operation was successfully completed .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_CNT_IS_FULL : Not all requested cnt bits is set .
* - ESP_ERR_NOT_SUPPORTED : The block does not support this command .
*/
esp_err_t esp_efuse_set_read_protect ( esp_efuse_block_t blk ) ;
2018-11-19 11:46:21 +08:00
/**
* @ brief Returns the number of bits used by field .
*
* @ param [ in ] field A pointer to the structure describing the fields of efuse .
*
* @ return Returns the number of bits used by field .
*/
2018-12-12 15:50:31 +08:00
int esp_efuse_get_field_size ( const esp_efuse_desc_t * field [ ] ) ;
2018-11-19 11:46:21 +08:00
/**
* @ brief Returns value of efuse register .
*
* This is a thread - safe implementation .
* Example : EFUSE_BLK2_RDATA3_REG where ( blk = 2 , num_reg = 3 )
2020-12-04 10:42:57 +08:00
* @ note Please note that reading in the batch mode does not show uncommitted changes .
*
2018-11-19 11:46:21 +08:00
* @ param [ in ] blk Block number of eFuse .
* @ param [ in ] num_reg The register number in the block .
*
* @ return Value of register
*/
uint32_t esp_efuse_read_reg ( esp_efuse_block_t blk , unsigned int num_reg ) ;
/**
* @ brief Write value to efuse register .
*
* Apply a coding scheme if necessary .
* This is a thread - safe implementation .
* Example : EFUSE_BLK3_WDATA0_REG where ( blk = 3 , num_reg = 0 )
* @ param [ in ] blk Block number of eFuse .
* @ param [ in ] num_reg The register number in the block .
* @ param [ in ] val Value to write .
*
* @ return
* - ESP_OK : The operation was successfully completed .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
*/
esp_err_t esp_efuse_write_reg ( esp_efuse_block_t blk , unsigned int num_reg , uint32_t val ) ;
/**
2018-12-06 17:49:02 +08:00
* @ brief Return efuse coding scheme for blocks .
*
* Note : The coding scheme is applicable only to 1 , 2 and 3 blocks . For 0 block , the coding scheme is always ` ` NONE ` ` .
2018-11-19 11:46:21 +08:00
*
* @ param [ in ] blk Block number of eFuse .
2018-12-06 17:49:02 +08:00
* @ return Return efuse coding scheme for blocks
2018-11-19 11:46:21 +08:00
*/
esp_efuse_coding_scheme_t esp_efuse_get_coding_scheme ( esp_efuse_block_t blk ) ;
/**
* @ brief Read key to efuse block starting at the offset and the required size .
*
2020-12-04 10:42:57 +08:00
* @ note Please note that reading in the batch mode does not show uncommitted changes .
*
2018-11-19 11:46:21 +08:00
* @ param [ in ] blk Block number of eFuse .
* @ param [ in ] dst_key A pointer to array that will contain the result of reading .
* @ param [ in ] offset_in_bits Start bit in block .
* @ param [ in ] size_bits The number of bits required to read .
*
* @ return
* - ESP_OK : The operation was successfully completed .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_read_block ( esp_efuse_block_t blk , void * dst_key , size_t offset_in_bits , size_t size_bits ) ;
/**
* @ brief Write key to efuse block starting at the offset and the required size .
*
* @ param [ in ] blk Block number of eFuse .
* @ param [ in ] src_key A pointer to array that contains the key for writing .
* @ param [ in ] offset_in_bits Start bit in block .
* @ param [ in ] size_bits The number of bits required to write .
*
* @ return
* - ESP_OK : The operation was successfully completed .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits
*/
esp_err_t esp_efuse_write_block ( esp_efuse_block_t blk , const void * src_key , size_t offset_in_bits , size_t size_bits ) ;
/**
* @ brief Returns chip version from efuse
*
* @ return chip version
*/
uint8_t esp_efuse_get_chip_ver ( void ) ;
/**
* @ brief Returns chip package from efuse
*
* @ return chip package
*/
uint32_t esp_efuse_get_pkg_ver ( void ) ;
2021-01-08 15:29:26 +08:00
/**
* @ brief Permanently update values written to the efuse write registers
2018-11-19 11:46:21 +08:00
*
* After updating EFUSE_BLKx_WDATAx_REG registers with new values to
* write , call this function to permanently write them to efuse .
*
* @ note Setting bits in efuse is permanent , they cannot be unset .
*
* @ note Due to this restriction you don ' t need to copy values to
* Efuse write registers from the matching read registers , bits which
* are set in the read register but unset in the matching write
* register will be unchanged when new values are burned .
*
* @ note This function is not threadsafe , if calling code updates
* efuse values from multiple tasks then this is caller ' s
* responsibility to serialise .
*
* After burning new efuses , the read registers are updated to match
* the new efuse values .
*/
void esp_efuse_burn_new_values ( void ) ;
2021-01-08 15:29:26 +08:00
/**
* @ brief Reset efuse write registers
2018-11-19 11:46:21 +08:00
*
* Efuse write registers are written to zero , to negate
* any changes that have been staged here .
*
* @ note This function is not threadsafe , if calling code updates
* efuse values from multiple tasks then this is caller ' s
* responsibility to serialise .
*/
void esp_efuse_reset ( void ) ;
2020-04-25 14:30:26 +10:00
# ifdef CONFIG_IDF_TARGET_ESP32
2021-01-08 15:29:26 +08:00
/**
* @ brief Disable BASIC ROM Console via efuse
2018-11-19 11:46:21 +08:00
*
* By default , if booting from flash fails the ESP32 will boot a
* BASIC console in ROM .
*
2020-04-25 16:36:53 +10:00
* Call this function ( from bootloader or app ) to permanently disable the console on this chip .
2020-04-25 14:30:26 +10:00
*
2018-11-19 11:46:21 +08:00
*/
void esp_efuse_disable_basic_rom_console ( void ) ;
2020-04-25 14:30:26 +10:00
# endif
2018-11-19 11:46:21 +08:00
2021-01-08 15:29:26 +08:00
/**
* @ brief Disable ROM Download Mode via eFuse
2020-04-25 16:36:53 +10:00
*
* Permanently disables the ROM Download Mode feature . Once disabled , if the SoC is booted with
* strapping pins set for ROM Download Mode then an error is printed instead .
*
* @ note Not all SoCs support this option . An error will be returned if called on an ESP32
* with a silicon revision lower than 3 , as these revisions do not support this option .
*
* @ note If ROM Download Mode is already disabled , this function does nothing and returns success .
*
* @ return
* - ESP_OK If the eFuse was successfully burned , or had already been burned .
* - ESP_ERR_NOT_SUPPORTED ( ESP32 only ) This SoC is not capable of disabling UART download mode
* - ESP_ERR_INVALID_STATE ( ESP32 only ) This eFuse is write protected and cannot be written
*/
esp_err_t esp_efuse_disable_rom_download_mode ( void ) ;
2020-05-28 18:02:02 +10:00
# if SOC_SUPPORTS_SECURE_DL_MODE
2021-01-08 15:29:26 +08:00
/**
* @ brief Switch ROM Download Mode to Secure Download mode via eFuse
2020-04-25 16:36:53 +10:00
*
* Permanently enables Secure Download mode . This mode limits the use of ROM Download Mode functions
* to simple flash read , write and erase operations , plus a command to return a summary of currently
* enabled security features .
*
* @ note If Secure Download mode is already enabled , this function does nothing and returns success .
*
* @ note Disabling the ROM Download Mode also disables Secure Download Mode .
*
* @ return
* - ESP_OK If the eFuse was successfully burned , or had already been burned .
* - ESP_ERR_INVALID_STATE ROM Download Mode has been disabled via eFuse , so Secure Download mode is unavailable .
*/
esp_err_t esp_efuse_enable_rom_secure_download_mode ( void ) ;
# endif
2021-01-08 15:29:26 +08:00
/**
* @ brief Write random data to efuse key block write registers
2018-11-19 11:46:21 +08:00
*
* @ note Caller is responsible for ensuring efuse
* block is empty and not write protected , before calling .
*
* @ note Behaviour depends on coding scheme : a 256 - bit key is
* generated and written for Coding Scheme " None " , a 192 - bit key
* is generated , extended to 256 - bits by the Coding Scheme ,
* and then writtten for 3 / 4 Coding Scheme .
*
* @ note This function does not burn the new values , caller should
* call esp_efuse_burn_new_values ( ) when ready to do this .
*
* @ param blk_wdata0_reg Address of the first data write register
* in the block
*/
void esp_efuse_write_random_key ( uint32_t blk_wdata0_reg ) ;
2021-01-08 15:29:26 +08:00
/**
* @ brief Return secure_version from efuse field .
2018-12-18 22:42:10 +08:00
* @ return Secure version from efuse field
*/
2019-07-16 16:33:30 +07:00
uint32_t esp_efuse_read_secure_version ( void ) ;
2018-12-18 22:42:10 +08:00
2021-01-08 15:29:26 +08:00
/**
* @ brief Check secure_version from app and secure_version and from efuse field .
2018-12-18 22:42:10 +08:00
*
* @ param secure_version Secure version from app .
* @ return
* - True : If version of app is equal or more then secure_version from efuse .
*/
bool esp_efuse_check_secure_version ( uint32_t secure_version ) ;
2021-01-08 15:29:26 +08:00
/**
* @ brief Write efuse field by secure_version value .
2018-12-18 22:42:10 +08:00
*
* Update the secure_version value is available if the coding scheme is None .
* Note : Do not use this function in your applications . This function is called as part of the other API .
*
* @ param [ in ] secure_version Secure version from app .
* @ return
* - ESP_OK : Successful .
* - ESP_FAIL : secure version of app cannot be set to efuse field .
* - ESP_ERR_NOT_SUPPORTED : Anti rollback is not supported with the 3 / 4 and Repeat coding scheme .
*/
esp_err_t esp_efuse_update_secure_version ( uint32_t secure_version ) ;
2021-01-08 15:29:26 +08:00
/**
* @ brief Initializes variables : offset and size to simulate the work of an eFuse .
2018-12-18 22:42:10 +08:00
*
2019-05-09 14:10:35 +02:00
* Note : To simulate the work of an eFuse need to set CONFIG_BOOTLOADER_EFUSE_SECURE_VERSION_EMULATE option
2018-12-18 22:42:10 +08:00
* and to add in the partition . csv file a line ` efuse_em , data , efuse , , 0x2000 , ` .
*
* @ param [ in ] offset The starting address of the partition where the eFuse data will be located .
* @ param [ in ] size The size of the partition .
*/
void esp_efuse_init ( uint32_t offset , uint32_t size ) ;
2020-12-04 10:42:57 +08:00
/**
* @ brief Set the batch mode of writing fields .
2019-09-18 21:19:48 +08:00
*
2020-12-04 10:42:57 +08:00
* This mode allows you to write the fields in the batch mode when need to burn several efuses at one time .
* To enable batch mode call begin ( ) then perform as usually the necessary operations
* read and write and at the end call commit ( ) to actually burn all written efuses .
* The batch mode can be used nested . The commit will be done by the last commit ( ) function .
* The number of begin ( ) functions should be equal to the number of commit ( ) functions .
*
* @ note Please note that reading in the batch mode does not show uncommitted changes .
*
* Note : If batch mode is enabled by the first task , at this time the second task cannot write / read efuses .
* The second task will wait for the first task to complete the batch operation .
2019-09-18 21:19:48 +08:00
*
* \ code { c }
* // Example of using the batch writing mode.
*
* // set the batch writing mode
* esp_efuse_batch_write_begin ( ) ;
*
* // use any writing functions as usual
* esp_efuse_write_field_blob ( ESP_EFUSE_ . . . ) ;
* esp_efuse_write_field_cnt ( ESP_EFUSE_ . . . ) ;
* esp_efuse_set_write_protect ( EFUSE_BLKx ) ;
* esp_efuse_write_reg ( EFUSE_BLKx , . . . ) ;
* esp_efuse_write_block ( EFUSE_BLKx , . . . ) ;
2020-12-04 10:42:57 +08:00
* esp_efuse_write ( ESP_EFUSE_1 , 3 ) ; // ESP_EFUSE_1 == 1, here we write a new value = 3. The changes will be burn by the commit() function.
* esp_efuse_read_ . . . ( ESP_EFUSE_1 ) ; // this function returns ESP_EFUSE_1 == 1 because uncommitted changes are not readable, it will be available only after commit.
* . . .
*
* // esp_efuse_batch_write APIs can be called recursively.
* esp_efuse_batch_write_begin ( ) ;
* esp_efuse_set_write_protect ( EFUSE_BLKx ) ;
* esp_efuse_batch_write_commit ( ) ; // the burn will be skipped here, it will be done in the last commit().
*
2019-09-18 21:19:48 +08:00
* . . .
*
* // Write all of these fields to the efuse registers
* esp_efuse_batch_write_commit ( ) ;
2020-12-04 10:42:57 +08:00
* esp_efuse_read_ . . . ( ESP_EFUSE_1 ) ; // this function returns ESP_EFUSE_1 == 3.
2019-09-18 21:19:48 +08:00
*
* \ endcode
*
* @ return
* - ESP_OK : Successful .
*/
esp_err_t esp_efuse_batch_write_begin ( void ) ;
2021-01-08 15:29:26 +08:00
/**
* @ brief Reset the batch mode of writing fields .
2019-09-18 21:19:48 +08:00
*
* It will reset the batch writing mode and any written changes .
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_STATE : Tha batch mode was not set .
*/
esp_err_t esp_efuse_batch_write_cancel ( void ) ;
2021-01-08 15:29:26 +08:00
/**
* @ brief Writes all prepared data for the batch mode .
2019-09-18 21:19:48 +08:00
*
* Must be called to ensure changes are written to the efuse registers .
* After this the batch writing mode will be reset .
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_STATE : The deferred writing mode was not set .
*/
esp_err_t esp_efuse_batch_write_commit ( void ) ;
2020-12-04 10:42:57 +08:00
# ifndef CONFIG_IDF_TARGET_ESP32
/**
* @ brief Type of key purpose
*/
typedef enum {
ESP_EFUSE_KEY_PURPOSE_USER = 0 ,
ESP_EFUSE_KEY_PURPOSE_RESERVED = 1 ,
ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_1 = 2 ,
ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_2 = 3 ,
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY = 4 ,
ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_ALL = 5 ,
ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_JTAG = 6 ,
ESP_EFUSE_KEY_PURPOSE_HMAC_DOWN_DIGITAL_SIGNATURE = 7 ,
ESP_EFUSE_KEY_PURPOSE_HMAC_UP = 8 ,
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST0 = 9 ,
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST1 = 10 ,
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST2 = 11 ,
ESP_EFUSE_KEY_PURPOSE_MAX ,
} esp_efuse_purpose_t ;
/**
* @ brief Returns a pointer to a key purpose for an efuse key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*
* To get the value of this field use esp_efuse_read_field_blob ( ) or esp_efuse_get_key_purpose ( ) .
*
* @ return Pointer : If Successful returns a pointer to the corresponding efuse field otherwise NULL .
*/
const esp_efuse_desc_t * * esp_efuse_get_purpose_field ( esp_efuse_block_t block ) ;
/**
* @ brief Returns a pointer to a key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*
* @ return Pointer : If Successful returns a pointer to the corresponding efuse field otherwise NULL .
*/
const esp_efuse_desc_t * * esp_efuse_get_key ( esp_efuse_block_t block ) ;
/**
* @ brief Returns a read protection for the key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*
* @ return True : The key block is read protected
* False : The key block is readable .
*/
bool esp_efuse_get_key_dis_read ( esp_efuse_block_t block ) ;
/**
* @ brief Sets a read protection for the key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_set_key_dis_read ( esp_efuse_block_t block ) ;
/**
* @ brief Returns a write protection for the key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*
* @ return True : The key block is write protected
* False : The key block is writeable .
*/
bool esp_efuse_get_key_dis_write ( esp_efuse_block_t block ) ;
/**
* @ brief Sets a write protection for the key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_set_key_dis_write ( esp_efuse_block_t block ) ;
/**
* @ brief Returns the current purpose set for an efuse key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*
* @ return
* - Value : If Successful , it returns the value of the purpose related to the given key block .
* - ESP_EFUSE_KEY_PURPOSE_MAX : Otherwise .
*/
esp_efuse_purpose_t esp_efuse_get_key_purpose ( esp_efuse_block_t block ) ;
/**
* @ brief Sets a key purpose for an efuse key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
* @ param [ in ] purpose Key purpose .
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_set_key_purpose ( esp_efuse_block_t block , esp_efuse_purpose_t purpose ) ;
/**
* @ brief Returns a write protection of the key purpose field for an efuse key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*
* @ return True : The key purpose is write protected .
* False : The key purpose is writeable .
*/
bool esp_efuse_get_keypurpose_dis_write ( esp_efuse_block_t block ) ;
/**
* @ brief Sets a write protection of the key purpose field for an efuse key block .
*
* @ param [ in ] block A key block in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_set_keypurpose_dis_write ( esp_efuse_block_t block ) ;
/**
* @ brief Find a key block with the particular purpose set .
*
* @ param [ in ] purpose Purpose to search for .
* @ param [ out ] block Pointer in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX which will be set to the key block if found .
* Can be NULL , if only need to test the key block exists .
*
* @ return
* - True : If found ,
* - False : If not found ( value at block pointer is unchanged ) .
*/
bool esp_efuse_find_purpose ( esp_efuse_purpose_t purpose , esp_efuse_block_t * block ) ;
/**
* @ brief Search for an unused key block and return the first one found .
*
* See esp_efuse_key_block_unused for a description of an unused key block .
*
* @ return First unused key block , or EFUSE_BLK_KEY_MAX if no unused key block is found .
*/
esp_efuse_block_t esp_efuse_find_unused_key_block ( void ) ;
/**
* @ brief Return the number of unused efuse key blocks in the range EFUSE_BLK_KEY0 . . EFUSE_BLK_KEY_MAX
*/
unsigned esp_efuse_count_unused_key_blocks ( void ) ;
/**
* @ brief Returns true if the key block is unused , false otherwise .
*
* An unused key block is all zero content , not read or write protected ,
* and has purpose 0 ( ESP_EFUSE_KEY_PURPOSE_USER )
*
* @ param block key block to check .
*
* @ return
* - True if key block is unused ,
* - False if key block is used or the specified block index is not a key block .
*/
bool esp_efuse_key_block_unused ( esp_efuse_block_t block ) ;
/**
* @ brief Returns the status of the Secure Boot public key digest revocation bit .
*
* @ param [ in ] num_digest The number of digest in range 0. .2
*
* @ return
* - True : If key digest is revoked ,
* - False ; If key digest is not revoked .
*/
bool esp_efuse_get_digest_revoke ( unsigned num_digest ) ;
/**
* @ brief Sets the Secure Boot public key digest revocation bit .
*
* @ param [ in ] num_digest The number of digest in range 0. .2
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_set_digest_revoke ( unsigned num_digest ) ;
/**
* @ brief Returns a write protection of the Secure Boot public key digest revocation bit .
*
* @ param [ in ] num_digest The number of digest in range 0. .2
*
* @ return True : The revocation bit is write protected .
* False : The revocation bit is writeable .
*/
bool esp_efuse_get_write_protect_of_digest_revoke ( unsigned num_digest ) ;
/**
* @ brief Sets a write protection of the Secure Boot public key digest revocation bit .
*
* @ param [ in ] num_digest The number of digest in range 0. .2
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_set_write_protect_of_digest_revoke ( unsigned num_digest ) ;
/**
* @ brief Program a block of key data to an efuse block
*
* The burn of a key , protection bits , and a purpose happens in batch mode .
*
* @ param [ in ] block Block to read purpose for . Must be in range EFUSE_BLK_KEY0 to EFUSE_BLK_KEY_MAX . Key block must be unused ( esp_efuse_key_block_unused ) .
* @ param [ in ] purpose Purpose to set for this key . Purpose must be already unset .
* @ param [ in ] key Pointer to data to write .
* @ param [ in ] key_size_bytes Bytes length of data to write .
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_INVALID_STATE : Error in efuses state , unused block not found .
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_write_key ( esp_efuse_block_t block , esp_efuse_purpose_t purpose , const void * key , size_t key_size_bytes ) ;
/**
* @ brief Program keys to unused efuse blocks
*
* The burn of keys , protection bits , and purposes happens in batch mode .
*
* @ param [ in ] purposes Array of purposes ( purpose [ number_of_keys ] ) .
* @ param [ in ] keys Array of keys ( uint8_t keys [ number_of_keys ] [ 32 ] ) . Each key is 32 bytes long .
* @ param [ in ] number_of_keys The number of keys to write ( up to 6 keys ) .
*
* @ return
* - ESP_OK : Successful .
* - ESP_ERR_INVALID_ARG : Error in the passed arguments .
* - ESP_ERR_INVALID_STATE : Error in efuses state , unused block not found .
* - ESP_ERR_NOT_ENOUGH_UNUSED_KEY_BLOCKS : Error not enough unused key blocks available
* - ESP_ERR_EFUSE_REPEATED_PROG : Error repeated programming of programmed bits is strictly forbidden .
* - ESP_ERR_CODING : Error range of data does not match the coding scheme .
*/
esp_err_t esp_efuse_write_keys ( esp_efuse_purpose_t purposes [ ] , uint8_t keys [ ] [ 32 ] , unsigned number_of_keys ) ;
# endif // not CONFIG_IDF_TARGET_ESP32
2018-11-19 11:46:21 +08:00
# ifdef __cplusplus
}
# endif