feat(hal/aes): use RCC atomic block to enable/reset the AES peripheral

components/esp_hw_support/esp_ds.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -24,6 +24,7 @@
 #include "soc/soc_memory_layout.h"
 #else /* CONFIG_IDF_TARGET_ESP32S2 */
 #include "esp_private/periph_ctrl.h"
+#include "hal/aes_ll.h"
 #include "hal/ds_hal.h"
 #include "hal/ds_ll.h"
 #include "hal/hmac_hal.h"
@@ -438,7 +439,12 @@ esp_err_t esp_ds_encrypt_params(esp_ds_data_t *data,
     // but just the AES and SHA peripherals, so acquiring locks just for these peripherals
     // would be enough rather than acquiring a lock for the Digital Signature peripheral.
     esp_crypto_sha_aes_lock_acquire();
-    periph_module_enable(PERIPH_AES_MODULE);
+
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(true);
+        aes_ll_reset_register();
+    }
+
     periph_module_enable(PERIPH_SHA_MODULE);
 
     ets_ds_data_t *ds_data = (ets_ds_data_t *) data;
@@ -451,7 +457,11 @@ esp_err_t esp_ds_encrypt_params(esp_ds_data_t *data,
     }
 
     periph_module_disable(PERIPH_SHA_MODULE);
-    periph_module_disable(PERIPH_AES_MODULE);
+
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(false);
+    }
+
     esp_crypto_sha_aes_lock_release();
 
     return result;

components/esp_hw_support/include/esp_private/esp_crypto_lock_internal.h

@@ -19,12 +19,14 @@ extern "C" {
 #define HMAC_RCC_ATOMIC()
 #define DS_RCC_ATOMIC()
 #define ECDSA_RCC_ATOMIC()
+#define AES_RCC_ATOMIC()
 #else /* !SOC_RCC_IS_INDEPENDENT */
 #define MPI_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
 #define ECC_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
 #define HMAC_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
 #define DS_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
 #define ECDSA_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
+#define AES_RCC_ATOMIC() PERIPH_RCC_ATOMIC()
 #endif /* SOC_RCC_IS_INDEPENDENT */
 
 #ifdef __cplusplus

components/hal/esp32/include/hal/aes_ll.h

@@ -1,15 +1,17 @@
 /*
- * SPDX-FileCopyrightText: 2020-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
 
 #pragma once
 
+#include <stdbool.h>
+#include <string.h>
 #include "soc/hwcrypto_reg.h"
 #include "soc/dport_access.h"
+#include "soc/dport_reg.h"
 #include "hal/aes_types.h"
-#include <string.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -25,6 +27,40 @@ typedef enum {
     ESP_AES_STATE_IDLE,     /* AES accelerator is idle */
 } esp_aes_state_t;
 
+/**
+ * @brief Enable the bus clock for AES peripheral module
+ *
+ * @param enable true to enable the module, false to disable the module
+ */
+static inline void aes_ll_enable_bus_clock(bool enable)
+{
+    if (enable) {
+        DPORT_SET_PERI_REG_MASK(DPORT_PERI_CLK_EN_REG, DPORT_PERI_EN_AES);
+    } else {
+        DPORT_CLEAR_PERI_REG_MASK(DPORT_PERI_CLK_EN_REG, DPORT_PERI_EN_AES);
+    }
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_enable_bus_clock(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_enable_bus_clock(__VA_ARGS__)
+
+/**
+ * @brief Reset the AES peripheral module
+ */
+static inline void aes_ll_reset_register(void)
+{
+    DPORT_SET_PERI_REG_MASK(DPORT_PERI_RST_EN_REG, DPORT_PERI_EN_AES);
+    DPORT_CLEAR_PERI_REG_MASK(DPORT_PERI_RST_EN_REG, DPORT_PERI_EN_AES);
+
+    // Clear reset on digital signature and secure boot also, otherwise AES is held in reset
+    DPORT_CLEAR_PERI_REG_MASK(DPORT_PERI_RST_EN_REG, DPORT_PERI_EN_DIGITAL_SIGNATURE);
+    DPORT_CLEAR_PERI_REG_MASK(DPORT_PERI_RST_EN_REG, DPORT_PERI_EN_SECUREBOOT);
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_reset_register(__VA_ARGS__)
 
 /**
  * @brief Write the encryption/decryption key to hardware

components/hal/esp32c3/include/hal/aes_ll.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -9,6 +9,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
+#include "soc/system_struct.h"
 #include "hal/aes_types.h"
 
 #ifdef __cplusplus
@@ -25,6 +26,35 @@ typedef enum {
     ESP_AES_STATE_DONE,     /* Transform completed */
 } esp_aes_state_t;
 
+/**
+ * @brief Enable the bus clock for AES peripheral module
+ *
+ * @param enable true to enable the module, false to disable the module
+ */
+static inline void aes_ll_enable_bus_clock(bool enable)
+{
+    SYSTEM.perip_clk_en1.reg_crypto_aes_clk_en = enable;
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_enable_bus_clock(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_enable_bus_clock(__VA_ARGS__)
+
+/**
+ * @brief Reset the AES peripheral module
+ */
+static inline void aes_ll_reset_register(void)
+{
+    SYSTEM.perip_rst_en1.reg_crypto_aes_rst = 1;
+    SYSTEM.perip_rst_en1.reg_crypto_aes_rst = 0;
+
+    // Clear reset on digital signature also, otherwise AES is held in reset
+    SYSTEM.perip_rst_en1.reg_crypto_ds_rst = 0;
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_reset_register(__VA_ARGS__)
 
 /**
  * @brief Write the encryption/decryption key to hardware

components/hal/esp32c6/include/hal/aes_ll.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -9,6 +9,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
+#include "soc/pcr_struct.h"
 #include "hal/aes_types.h"
 
 #ifdef __cplusplus
@@ -25,6 +26,27 @@ typedef enum {
     ESP_AES_STATE_DONE,     /* Transform completed */
 } esp_aes_state_t;
 
+/**
+ * @brief Enable the bus clock for AES peripheral module
+ *
+ * @param enable true to enable the module, false to disable the module
+ */
+static inline void aes_ll_enable_bus_clock(bool enable)
+{
+    PCR.aes_conf.aes_clk_en = enable;
+}
+
+/**
+ * @brief Reset the AES peripheral module
+ */
+static inline void aes_ll_reset_register(void)
+{
+    PCR.aes_conf.aes_rst_en = 1;
+    PCR.aes_conf.aes_rst_en = 0;
+
+    // Clear reset on digital signature also, otherwise AES is held in reset
+    PCR.ds_conf.ds_rst_en = 0;
+}
 
 /**
  * @brief Write the encryption/decryption key to hardware

components/hal/esp32h2/include/hal/aes_ll.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -9,6 +9,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
+#include "soc/pcr_struct.h"
 #include "hal/aes_types.h"
 
 #ifdef __cplusplus
@@ -25,6 +26,27 @@ typedef enum {
     ESP_AES_STATE_DONE,     /* Transform completed */
 } esp_aes_state_t;
 
+/**
+ * @brief Enable the bus clock for AES peripheral module
+ *
+ * @param enable true to enable the module, false to disable the module
+ */
+static inline void aes_ll_enable_bus_clock(bool enable)
+{
+    PCR.aes_conf.aes_clk_en = enable;
+}
+
+/**
+ * @brief Reset the AES peripheral module
+ */
+static inline void aes_ll_reset_register(void)
+{
+    PCR.aes_conf.aes_rst_en = 1;
+    PCR.aes_conf.aes_rst_en = 0;
+
+    // Clear reset on digital signature also, otherwise AES is held in reset
+    PCR.ds_conf.ds_rst_en = 0;
+}
 
 /**
  * @brief Write the encryption/decryption key to hardware

components/hal/esp32p4/include/hal/aes_ll.h

@@ -8,8 +8,9 @@
 
 #include <stdbool.h>
 #include <string.h>
-#include "soc/hwcrypto_reg.h"
 #include "hal/aes_types.h"
+#include "soc/hp_sys_clkrst_struct.h"
+#include "soc/hwcrypto_reg.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -25,6 +26,35 @@ typedef enum {
     ESP_AES_STATE_DONE,     /* Transform completed */
 } esp_aes_state_t;
 
+/**
+ * @brief Enable the bus clock for AES peripheral module
+ *
+ * @param enable true to enable the module, false to disable the module
+ */
+static inline void aes_ll_enable_bus_clock(bool enable)
+{
+    HP_SYS_CLKRST.peri_clk_ctrl25.reg_crypto_aes_clk_en = enable;
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_enable_bus_clock(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_enable_bus_clock(__VA_ARGS__)
+
+/**
+ * @brief Reset the AES peripheral module
+ */
+static inline void aes_ll_reset_register(void)
+{
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_aes = 1;
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_aes = 0;
+
+    // Clear reset on digital signature, otherwise AES is held in reset
+    HP_SYS_CLKRST.hp_rst_en2.reg_rst_en_ds = 0;
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_reset_register(__VA_ARGS__)
 
 /**
  * @brief Write the encryption/decryption key to hardware

components/hal/esp32s2/include/hal/aes_ll.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -8,6 +8,7 @@
 
 #include <stdbool.h>
 #include <string.h>
+#include "soc/dport_reg.h"
 #include "soc/hwcrypto_reg.h"
 #include "hal/aes_types.h"
 
@@ -26,6 +27,39 @@ typedef enum {
     ESP_AES_STATE_DONE,     /* Transform completed */
 } esp_aes_state_t;
 
+/**
+ * @brief Enable the bus clock for AES peripheral module
+ *
+ * @param enable true to enable the module, false to disable the module
+ */
+static inline void aes_ll_enable_bus_clock(bool enable)
+{
+    if (enable) {
+        SET_PERI_REG_MASK(DPORT_PERIP_CLK_EN1_REG, DPORT_CRYPTO_AES_CLK_EN);
+    } else {
+        CLEAR_PERI_REG_MASK(DPORT_PERIP_CLK_EN1_REG, DPORT_CRYPTO_AES_CLK_EN);
+    }
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_enable_bus_clock(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_enable_bus_clock(__VA_ARGS__)
+
+/**
+ * @brief Reset the AES peripheral module
+ */
+static inline void aes_ll_reset_register(void)
+{
+    SET_PERI_REG_MASK(DPORT_PERIP_RST_EN1_REG, DPORT_CRYPTO_AES_RST);
+    CLEAR_PERI_REG_MASK(DPORT_PERIP_RST_EN1_REG, DPORT_CRYPTO_AES_RST);
+
+    // Clear reset on digital signature and crypto DMA also, otherwise AES is held in reset
+    CLEAR_PERI_REG_MASK(DPORT_PERIP_RST_EN1_REG, DPORT_CRYPTO_DS_RST);
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_reset_register(__VA_ARGS__)
 
 /**
  * @brief Write the encryption/decryption key to hardware

components/hal/esp32s2/include/hal/crypto_dma_ll.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -25,6 +25,37 @@ typedef enum {
     CRYPTO_DMA_SHA,
 } crypto_dma_mode_t;
 
+/**
+ * @brief Enable the bus clock for crypto DMA peripheral module
+ *
+ * @param enable true to enable the module, false to disable the module
+ */
+static inline void crypto_dma_ll_enable_bus_clock(bool enable)
+{
+    if (enable) {
+        SET_PERI_REG_MASK(DPORT_PERIP_CLK_EN1_REG, DPORT_CRYPTO_DMA_CLK_EN);
+    } else {
+        CLEAR_PERI_REG_MASK(DPORT_PERIP_CLK_EN1_REG, DPORT_CRYPTO_DMA_CLK_EN);
+    }
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define crypto_dma_ll_enable_bus_clock(...) (void)__DECLARE_RCC_ATOMIC_ENV; crypto_dma_ll_enable_bus_clock(__VA_ARGS__)
+
+/**
+ * @brief Reset the crypto DMA peripheral module
+ */
+static inline void crypto_dma_ll_reset_register(void)
+{
+    SET_PERI_REG_MASK(DPORT_PERIP_RST_EN1_REG, DPORT_CRYPTO_DMA_RST);
+    CLEAR_PERI_REG_MASK(DPORT_PERIP_RST_EN1_REG, DPORT_CRYPTO_DMA_RST);
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define crypto_dma_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; crypto_dma_ll_reset_register(__VA_ARGS__)
+
 /**
  * @brief Resets the DMA
  *

components/hal/esp32s3/include/hal/aes_ll.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -9,6 +9,7 @@
 #include <stdbool.h>
 #include <string.h>
 #include "soc/hwcrypto_reg.h"
+#include "soc/system_struct.h"
 #include "hal/aes_types.h"
 
 #ifdef __cplusplus
@@ -25,6 +26,35 @@ typedef enum {
     ESP_AES_STATE_DONE,     /* Transform completed */
 } esp_aes_state_t;
 
+/**
+ * @brief Enable the bus clock for AES peripheral module
+ *
+ * @param enable true to enable the module, false to disable the module
+ */
+static inline void aes_ll_enable_bus_clock(bool enable)
+{
+    SYSTEM.perip_clk_en1.crypto_aes_clk_en = enable;
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_enable_bus_clock(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_enable_bus_clock(__VA_ARGS__)
+
+/**
+ * @brief Reset the AES peripheral module
+ */
+static inline void aes_ll_reset_register(void)
+{
+    SYSTEM.perip_rst_en1.crypto_aes_rst = 1;
+    SYSTEM.perip_rst_en1.crypto_aes_rst = 0;
+
+    // Clear reset on digital signature also, otherwise AES is held in reset
+    SYSTEM.perip_rst_en1.crypto_ds_rst = 0;
+}
+
+/// use a macro to wrap the function, force the caller to use it in a critical section
+/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
+#define aes_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; aes_ll_reset_register(__VA_ARGS__)
 
 /**
  * @brief Write the encryption/decryption key to hardware

components/hal/test_apps/crypto/main/aes/aes_block.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: CC0-1.0
  */
@@ -8,12 +8,10 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include "soc/periph_defs.h"
+#include "esp_private/esp_crypto_lock_internal.h"
-#include "esp_private/periph_ctrl.h"
-
 #include "hal/aes_types.h"
 #include "hal/aes_hal.h"
-#include "hal/clk_gate_ll.h"
+#include "hal/aes_ll.h"
 
 #if SOC_AES_SUPPORTED
 
@@ -32,8 +30,10 @@ void aes_crypt_cbc_block(int mode,
     uint32_t *iv_words = (uint32_t *)iv;
     unsigned char temp[16];
 
-    /* Enable peripheral module by un-gating the clock and de-asserting the reset signal. */
+    AES_RCC_ATOMIC() {
-    periph_ll_enable_clk_clear_rst(PERIPH_AES_MODULE);
+        aes_ll_enable_bus_clock(true);
+        aes_ll_reset_register();
+    }
 
     /* Sets the key used for AES encryption/decryption */
     aes_hal_setkey(key, key_bytes, mode);
@@ -71,8 +71,9 @@ void aes_crypt_cbc_block(int mode,
         }
     }
 
-    /* Disable peripheral module by gating the clock and asserting the reset signal. */
+    AES_RCC_ATOMIC() {
-    periph_ll_disable_clk_set_rst(PERIPH_AES_MODULE);
+        aes_ll_enable_bus_clock(false);
+    }
 }
 
 
@@ -88,8 +89,10 @@ void aes_crypt_ctr_block(uint8_t key_bytes,
     int c, i;
     size_t n = *nc_off;
 
-    /* Enable peripheral module by un-gating the clock and de-asserting the reset signal. */
+    AES_RCC_ATOMIC() {
-    periph_ll_enable_clk_clear_rst(PERIPH_AES_MODULE);
+        aes_ll_enable_bus_clock(true);
+        aes_ll_reset_register();
+    }
 
     /* Sets the key used for AES encryption/decryption */
     aes_hal_setkey(key, key_bytes, ESP_AES_ENCRYPT);
@@ -110,8 +113,9 @@ void aes_crypt_ctr_block(uint8_t key_bytes,
 
     *nc_off = n;
 
-    /* Disable peripheral module by gating the clock and asserting the reset signal. */
+    AES_RCC_ATOMIC() {
-    periph_ll_disable_clk_set_rst(PERIPH_AES_MODULE);
+        aes_ll_enable_bus_clock(false);
+    }
 }
 
 #endif

components/hal/test_apps/crypto/main/ds/test_ds.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -114,6 +114,7 @@ _Static_assert(NUM_RESULTS == NUM_MESSAGES, "expected_results size should be the
 #if !CONFIG_IDF_TARGET_ESP32S2
 
 #include "esp_private/periph_ctrl.h"
+#include "hal/aes_ll.h"
 #include "hal/ds_hal.h"
 #include "hal/ds_ll.h"
 #include "hal/hmac_hal.h"
@@ -228,7 +229,11 @@ static esp_err_t esp_ds_encrypt_params(esp_ds_data_t *data,
 
     esp_err_t result = ESP_OK;
 
-    periph_module_enable(PERIPH_AES_MODULE);
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(true);
+        aes_ll_reset_register();
+    }
+
     periph_module_enable(PERIPH_SHA_MODULE);
 
     ets_ds_data_t *ds_data = (ets_ds_data_t *) data;
@@ -241,7 +246,10 @@ static esp_err_t esp_ds_encrypt_params(esp_ds_data_t *data,
     }
 
     periph_module_disable(PERIPH_SHA_MODULE);
-    periph_module_disable(PERIPH_AES_MODULE);
+
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(false);
+    }
 
     return result;
 }

components/mbedtls/port/aes/block/esp_aes.c

@@ -33,12 +33,13 @@
 #include "soc/hwcrypto_periph.h"
 #include <sys/lock.h>
 #include "hal/aes_hal.h"
+#include "hal/aes_ll.h"
 #include "esp_aes_internal.h"
 
 #include <freertos/FreeRTOS.h>
 
 #include <stdio.h>
-#include "esp_private/periph_ctrl.h"
+#include "esp_private/esp_crypto_lock_internal.h"
 
 
 static const char *TAG = "esp-aes";
@@ -58,13 +59,18 @@ void esp_aes_acquire_hardware( void )
     portENTER_CRITICAL(&aes_spinlock);
 
     /* Enable AES hardware */
-    periph_module_enable(PERIPH_AES_MODULE);
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(true);
+        aes_ll_reset_register();
+    }
 }
 
 void esp_aes_release_hardware( void )
 {
     /* Disable AES hardware */
-    periph_module_disable(PERIPH_AES_MODULE);
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(false);
+    }
 
     portEXIT_CRITICAL(&aes_spinlock);
 }

components/mbedtls/port/aes/dma/esp_aes.c

@@ -28,11 +28,12 @@
 
 #include <string.h>
 #include "mbedtls/aes.h"
-#include "esp_private/periph_ctrl.h"
 #include "esp_log.h"
 #include "esp_crypto_lock.h"
 #include "hal/aes_hal.h"
+#include "hal/aes_ll.h"
 #include "esp_aes_internal.h"
+#include "esp_private/esp_crypto_lock_internal.h"
 
 #if SOC_AES_GDMA
 #define AES_LOCK() esp_crypto_sha_aes_lock_acquire()
@@ -40,6 +41,7 @@
 #elif SOC_AES_CRYPTO_DMA
 #define AES_LOCK() esp_crypto_dma_lock_acquire()
 #define AES_RELEASE() esp_crypto_dma_lock_release()
+#include "hal/crypto_dma_ll.h"
 #endif
 
 static const char *TAG = "esp-aes";
@@ -49,23 +51,27 @@ void esp_aes_acquire_hardware( void )
     /* Released by esp_aes_release_hardware()*/
     AES_LOCK();
 
-    /* Enable AES and DMA hardware */
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(true);
 #if SOC_AES_CRYPTO_DMA
-    periph_module_enable(PERIPH_AES_DMA_MODULE);
+        crypto_dma_ll_enable_bus_clock(true);
-#elif SOC_AES_GDMA
-    periph_module_enable(PERIPH_AES_MODULE);
 #endif
+        aes_ll_reset_register();
+#if SOC_AES_CRYPTO_DMA
+        crypto_dma_ll_reset_register();
+#endif
+    }
 }
 
 /* Function to disable AES and Crypto DMA clocks and release locks */
 void esp_aes_release_hardware( void )
 {
-    /* Disable AES and DMA hardware */
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(false);
 #if SOC_AES_CRYPTO_DMA
-    periph_module_disable(PERIPH_AES_DMA_MODULE);
+        crypto_dma_ll_enable_bus_clock(false);
-#elif SOC_AES_GDMA
-    periph_module_disable(PERIPH_AES_MODULE);
 #endif
+    }
 
     AES_RELEASE();
 }