From 3a23340e4027b8bef79d569f8a17e208c3c3ac5b Mon Sep 17 00:00:00 2001
From: KonstantinKondrashov <konstantin@espressif.com>
Date: Fri, 3 Dec 2021 01:50:36 +0800
Subject: [PATCH] bootloader_support: Support eFuse key APIs in SB and FE

---
 .../src/flash_encryption/flash_encrypt.c                  | 8 ++++++++
 .../bootloader_support/src/secure_boot_v2/secure_boot.c   | 8 ++++++--
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/components/bootloader_support/src/flash_encryption/flash_encrypt.c b/components/bootloader_support/src/flash_encryption/flash_encrypt.c
index e54a8c1341..fc340a2983 100644
--- a/components/bootloader_support/src/flash_encryption/flash_encrypt.c
+++ b/components/bootloader_support/src/flash_encryption/flash_encrypt.c
@@ -100,11 +100,19 @@ static esp_err_t check_and_generate_encryption_keys(void)
         ESP_LOGE(TAG, "XTS_AES_128_KEY is already in use, XTS_AES_256_KEY_1/2 can not be used");
         return ESP_ERR_INVALID_STATE;
     }
+#else
+#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_AES64
+    enum { BLOCKS_NEEDED = 1 };
+    esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
+        ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY,
+    };
+    key_size = 16;
 #else
     enum { BLOCKS_NEEDED = 1 };
     esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
         ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY,
     };
+#endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES64
 #endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES256
 #endif // CONFIG_IDF_TARGET_ESP32
 
diff --git a/components/bootloader_support/src/secure_boot_v2/secure_boot.c b/components/bootloader_support/src/secure_boot_v2/secure_boot.c
index 37223a89b6..9b30cbf967 100644
--- a/components/bootloader_support/src/secure_boot_v2/secure_boot.c
+++ b/components/bootloader_support/src/secure_boot_v2/secure_boot.c
@@ -131,7 +131,11 @@ static esp_err_t s_calculate_image_public_key_digests(uint32_t flash_offset, uin
 static esp_err_t check_and_generate_secure_boot_keys(const esp_image_metadata_t *image_data)
 {
     esp_err_t ret;
-#ifdef CONFIG_IDF_TARGET_ESP32
+#ifdef CONFIG_IDF_TARGET_ESP8684
+    esp_efuse_purpose_t secure_boot_key_purpose[SECURE_BOOT_NUM_BLOCKS] = {
+        ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2,
+    };
+#elif CONFIG_IDF_TARGET_ESP32
     esp_efuse_purpose_t secure_boot_key_purpose[SECURE_BOOT_NUM_BLOCKS] = {
         ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2,
     };
@@ -146,7 +150,7 @@ static esp_err_t check_and_generate_secure_boot_keys(const esp_image_metadata_t
         ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST1,
         ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST2,
     };
-#endif // CONFIG_IDF_TARGET_ESP32
+#endif // CONFIG_IDF_TARGET_ESP32 || CONFIG_IDF_TARGET_ESP8684
 
     /* Verify the bootloader */
     esp_image_metadata_t bootloader_data = { 0 };