feat(ecdsa): use RCC atomic block to enable/reset the ECDSA peripheral

2024-10-05 20:47:46 -04:00 · 2023-09-18 13:57:47 +05:30 · 2023-09-18 13:57:47 +05:30 · 57d10477da
commit 57d10477da
parent 43864f7fb4
5 changed files with 70 additions and 11 deletions
--- a/components/esp_hw_support/include/esp_private/esp_crypto_lock_internal.h
+++ b/components/esp_hw_support/include/esp_private/esp_crypto_lock_internal.h
@ -18,11 +18,13 @@ extern "C" {
 #define ECC_RCC_ATOMIC()
 #define HMAC_RCC_ATOMIC()
 #define DS_RCC_ATOMIC()
+#define ECDSA_RCC_ATOMIC()
 #else /* !SOC_RCC_IS_INDEPENDENT */
 #define MPI_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
 #define ECC_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
 #define HMAC_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
 #define DS_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
+#define ECDSA_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
 #endif /* SOC_RCC_IS_INDEPENDENT */

 #ifdef __cplusplus
--- a/components/hal/esp32h2/include/hal/ecdsa_ll.h
+++ b/components/hal/esp32h2/include/hal/ecdsa_ll.h
@ -9,6 +9,7 @@
 #include <string.h>
 #include "hal/assert.h"
 #include "soc/ecdsa_reg.h"
+#include "soc/pcr_struct.h"
 #include "hal/ecdsa_types.h"

 #ifdef __cplusplus
@ -70,6 +71,25 @@ typedef enum {
    ECDSA_MODE_SHA_CONTINUE
 } ecdsa_ll_sha_mode_t;

+/**
+ * @brief Enable the bus clock for ECDSA peripheral module
+ *
+ * @param true to enable the module, false to disable the module
+ */
+static inline void ecdsa_ll_enable_bus_clock(bool enable)
+{
+    PCR.ecdsa_conf.ecdsa_clk_en = enable;
+}
+
+/**
+ * @brief Reset the ECDSA peripheral module
+ */
+static inline void ecdsa_ll_reset_register(void)
+{
+    PCR.ecdsa_conf.ecdsa_rst_en = 1;
+    PCR.ecdsa_conf.ecdsa_rst_en = 0;
+}
+
 /**
 * @brief Enable interrupt of a given type
 *
--- a/components/hal/esp32p4/include/hal/ecdsa_ll.h
+++ b/components/hal/esp32p4/include/hal/ecdsa_ll.h
@ -9,6 +9,7 @@
 #include <string.h>
 #include "hal/assert.h"
 #include "soc/ecdsa_reg.h"
+#include "soc/hp_sys_clkrst_struct.h"
 #include "hal/ecdsa_types.h"

 #ifdef __cplusplus
@ -70,6 +71,31 @@ typedef enum {
    ECDSA_MODE_SHA_CONTINUE
 } ecdsa_ll_sha_mode_t;

+/**
+ * @brief Enable the bus clock for ECDSA peripheral module
+ *
+ * @param true to enable the module, false to disable the module
+ */
+static inline void ecdsa_ll_enable_bus_clock(bool enable)
+{
+    HP_SYS_CLKRST.peri_clk_ctrl25.reg_crypto_ecdsa_clk_en = enable;
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define ecdsa_ll_enable_bus_clock(...) (void)__DECLARE_RCC_ATOMIC_ENV; ecdsa_ll_enable_bus_clock(__VA_ARGS__)
+
+/**
+ * @brief Reset the ECDSA peripheral module
+ */
+static inline void ecdsa_ll_reset_register(void)
+{
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_ecdsa = 1;
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_ecdsa = 0;
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_crypto = 1;
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_crypto = 0;
+}
+
 /**
 * @brief Enable interrupt of a given type
 *
--- a/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c
+++ b/components/hal/test_apps/crypto/main/ecdsa/test_ecdsa.c
@ -8,10 +8,11 @@
 #include <stdbool.h>
 #include <string.h>

-#include "esp_private/periph_ctrl.h"
+#include "esp_private/esp_crypto_lock_internal.h"
 #include "esp_random.h"
 #include "hal/clk_gate_ll.h"
 #include "hal/ecdsa_hal.h"
+#include "hal/ecdsa_ll.h"
 #include "hal/ecdsa_types.h"

 #include "memory_checks.h"
@ -19,15 +20,19 @@

 #include "ecdsa_params.h"

-
 static void ecdsa_enable_and_reset(void)
 {
-    periph_ll_enable_clk_clear_rst(PERIPH_ECDSA_MODULE);
+    ECDSA_RCC_ATOMIC() {
+        ecdsa_ll_enable_bus_clock(true);
+        ecdsa_ll_reset_register();
+    }
 }

-static void ecdsa_disable_and_reset(void)
+static void ecdsa_disable(void)
 {
-    periph_ll_disable_clk_set_rst(PERIPH_ECDSA_MODULE);
+    ECDSA_RCC_ATOMIC() {
+        ecdsa_ll_enable_bus_clock(false);
+    }
 }

 static void ecc_be_to_le(const uint8_t* be_point, uint8_t *le_point, uint8_t len)
@ -62,7 +67,7 @@ static int test_ecdsa_verify(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t*

    ecdsa_enable_and_reset();
    int ret = ecdsa_hal_verify_signature(&conf, sha_le, r_le, s_le, pub_x, pub_y, len);
-    ecdsa_disable_and_reset();
+    ecdsa_disable();
    return ret;
 }

@ -142,7 +147,7 @@ static void test_ecdsa_sign(bool is_p256, uint8_t* sha, uint8_t* r_le, uint8_t*
        ecdsa_hal_gen_signature(&conf, NULL, sha_le, r_le, s_le, len);
    } while(!memcmp(r_le, zeroes, len) || !memcmp(s_le, zeroes, len));

-    ecdsa_disable_and_reset();
+    ecdsa_disable();
 }

 static void test_ecdsa_sign_and_verify(bool is_p256, uint8_t* sha, uint8_t* pub_x, uint8_t* pub_y, bool use_km_key)
@ -191,7 +196,7 @@ static void test_ecdsa_export_pubkey(bool is_p256, bool use_km_key)
        TEST_ASSERT_EQUAL_HEX8_ARRAY(ecdsa192_pub_y, pub_y, len);
    }

-    ecdsa_disable_and_reset();
+    ecdsa_disable();
 }
 #endif /* SOC_ECDSA_SUPPORT_EXPORT_PUBKEY */

--- a/components/mbedtls/port/ecdsa/ecdsa_alt.c
+++ b/components/mbedtls/port/ecdsa/ecdsa_alt.c
@ -4,14 +4,15 @@
 * SPDX-License-Identifier: Apache-2.0
 */
 #include <string.h>
+#include "hal/ecdsa_ll.h"
 #include "hal/ecdsa_hal.h"
 #include "esp_crypto_lock.h"
 #include "esp_efuse.h"
+#include "esp_private/esp_crypto_lock_internal.h"
 #include "mbedtls/error.h"
 #include "mbedtls/ecdsa.h"
 #include "mbedtls/asn1write.h"
 #include "mbedtls/platform_util.h"
-#include "esp_private/periph_ctrl.h"
 #include "ecdsa/ecdsa_alt.h"

 #define ECDSA_KEY_MAGIC             0xECD5A
@ -24,12 +25,17 @@ static void esp_ecdsa_acquire_hardware(void)
 {
    esp_crypto_ecdsa_lock_acquire();

-    periph_module_enable(PERIPH_ECDSA_MODULE);
+    ECDSA_RCC_ATOMIC() {
+        ecdsa_ll_enable_bus_clock(true);
+        ecdsa_ll_reset_register();
+    }
 }

 static void esp_ecdsa_release_hardware(void)
 {
-    periph_module_disable(PERIPH_ECDSA_MODULE);
+    ECDSA_RCC_ATOMIC() {
+        ecdsa_ll_enable_bus_clock(false);
+    }

    esp_crypto_ecdsa_lock_release();
 }