alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-09-20 00:36:01 -04:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

efuse(esp32c2): Support eFuse key APIs

Browse Source
This commit is contained in:
KonstantinKondrashov 2021-12-03 01:48:47 +08:00
parent 3a23340e40
commit ebdc52d4e2
41 changed files with 1706 additions and 460 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
components/bootloader/Kconfig.projbuild
View File

@ -273,6 +273,8 @@ menu "Bootloader config"
depends on BOOTLOADER_APP_ANTI_ROLLBACK
range 1 32 if IDF_TARGET_ESP32
default 32 if IDF_TARGET_ESP32
range 1 4 if IDF_TARGET_ESP32C2
default 4 if IDF_TARGET_ESP32C2
range 1 16
default 16
help

19
components/bootloader_support/src/secure_boot_v2/secure_boot.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2015-2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2015-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -131,26 +131,23 @@ static esp_err_t s_calculate_image_public_key_digests(uint32_t flash_offset, uin
static esp_err_t check_and_generate_secure_boot_keys(const esp_image_metadata_t *image_data)
{
esp_err_t ret;
#ifdef CONFIG_IDF_TARGET_ESP8684
esp_efuse_purpose_t secure_boot_key_purpose[SECURE_BOOT_NUM_BLOCKS] = {
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2,
};
#elif CONFIG_IDF_TARGET_ESP32
esp_efuse_purpose_t secure_boot_key_purpose[SECURE_BOOT_NUM_BLOCKS] = {
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2,
};
#ifdef CONFIG_IDF_TARGET_ESP32
esp_efuse_coding_scheme_t coding_scheme = esp_efuse_get_coding_scheme(EFUSE_BLK_SECURE_BOOT);
if (coding_scheme != EFUSE_CODING_SCHEME_NONE) {
ESP_LOGE(TAG, "No coding schemes are supported in secure boot v2.(Detected scheme: 0x%x)", coding_scheme);
return ESP_ERR_NOT_SUPPORTED;
}
#else
#endif // CONFIG_IDF_TARGET_ESP32
esp_efuse_purpose_t secure_boot_key_purpose[SECURE_BOOT_NUM_BLOCKS] = {
#if SECURE_BOOT_NUM_BLOCKS == 1
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2,
#else
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST0,
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST1,
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST2,
#endif
};
#endif // CONFIG_IDF_TARGET_ESP32 || CONFIG_IDF_TARGET_ESP8684
/* Verify the bootloader */
esp_image_metadata_t bootloader_data = { 0 };

18
components/efuse/CMakeLists.txt
View File

@ -13,14 +13,20 @@ if(EXISTS "${COMPONENT_DIR}/${target}")
add_prefix(srcs "${target}/" ${EFUSE_SOC_SRCS})
endif()
if(CONFIG_SOC_EFUSE_KEY_PURPOSE_FIELD)
set(type "with_key_purposes")
else()
if(CONFIG_SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK)
set(type "without_key_purposes/one_key_block")
else()
set(type "without_key_purposes/three_key_blocks")
endif()
endif()
list(APPEND srcs "src/esp_efuse_api.c"
"src/esp_efuse_fields.c"
"src/esp_efuse_utility.c")
if("esp32" STREQUAL "${target}")
list(APPEND srcs "src/esp_efuse_api_key_esp32.c")
else()
list(APPEND srcs "src/esp_efuse_api_key_esp32xx.c")
endif()
"src/esp_efuse_utility.c"
"src/efuse_controller/keys/${type}/esp_efuse_api_key.c")
idf_component_register(SRCS "${srcs}"
PRIV_REQUIRES bootloader_support soc spi_flash

15
components/efuse/esp32c2/esp_efuse_fields.c
View File

@ -40,15 +40,24 @@ uint32_t esp_efuse_get_pkg_ver(void)
esp_err_t esp_efuse_set_rom_log_scheme(esp_efuse_rom_log_scheme_t log_scheme)
{
abort();
int cur_log_scheme = 0;
esp_efuse_read_field_blob(ESP_EFUSE_UART_PRINT_CONTROL, &cur_log_scheme, ESP_EFUSE_UART_PRINT_CONTROL[0]->bit_count);
if (!cur_log_scheme) { // not burned yet
return esp_efuse_write_field_blob(ESP_EFUSE_UART_PRINT_CONTROL, &log_scheme, ESP_EFUSE_UART_PRINT_CONTROL[0]->bit_count);
} else {
return ESP_ERR_INVALID_STATE;
}
}
esp_err_t esp_efuse_disable_rom_download_mode(void)
{
abort();
return esp_efuse_write_field_bit(ESP_EFUSE_DIS_DOWNLOAD_MODE);
}
esp_err_t esp_efuse_enable_rom_secure_download_mode(void)
{
abort();
if (esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_MODE)) {
return ESP_ERR_INVALID_STATE;
}
return esp_efuse_write_field_bit(ESP_EFUSE_ENABLE_SECURITY_DOWNLOAD);
}

162
components/efuse/esp32c2/esp_efuse_table.c
View File

@ -9,7 +9,7 @@
#include <assert.h>
#include "esp_efuse_table.h"
// md5_digest_table 3bf086fa10d850cbaeccbd70fcba1c2f
// md5_digest_table af57e8a6a405ebf239cc552f713c91d0
// This file was generated from the file esp_efuse_table.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_table.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
@ -24,15 +24,19 @@ static const esp_efuse_desc_t WR_DIS_KEY0_RD_DIS[] = {
};
static const esp_efuse_desc_t WR_DIS_GROUP_1[] = {
{EFUSE_BLK0, 1, 1}, // Write protection for WDT_DELAY DIS_PAD_JTAG,
{EFUSE_BLK0, 1, 1}, // Write protection for WDT_DELAY DIS_PAD_JTAG DIS_DOWNLOAD_ICACHE,
};
static const esp_efuse_desc_t WR_DIS_GROUP_2[] = {
{EFUSE_BLK0, 2, 1}, // Write protection for DOWNLOAD_DIS_MANUAL_ENCRYPT SPI_BOOT_ENCRYPT_DECRYPT_CNT XTS_KEY_LENGTH_256,
{EFUSE_BLK0, 2, 1}, // Write protection for DOWNLOAD_DIS_MANUAL_ENCRYPT SPI_BOOT_CRYPT_CNT XTS_KEY_LENGTH_256 SECURE_BOOT_EN,
};
static const esp_efuse_desc_t WR_DIS_SPI_BOOT_CRYPT_CNT[] = {
{EFUSE_BLK0, 2, 1}, // Write protection for DOWNLOAD_DIS_MANUAL_ENCRYPT [SPI_BOOT_CRYPT_CNT] XTS_KEY_LENGTH_256 SECURE_BOOT_EN,
};
static const esp_efuse_desc_t WR_DIS_GROUP_3[] = {
{EFUSE_BLK0, 3, 1}, // Write protection for UART_PRINT_CONTROL FORCE_SEND_RESUME DIS_DOWNLOAD_MODE DIS_DIRECT_BOOT ENABLE_SECURITY_DOWNLOAD FLASH_TPUW SECURE_BOOT_EN,
{EFUSE_BLK0, 3, 1}, // Write protection for UART_PRINT_CONTROL FORCE_SEND_RESUME DIS_DOWNLOAD_MODE DIS_DIRECT_BOOT ENABLE_SECURITY_DOWNLOAD FLASH_TPUW,
};
static const esp_efuse_desc_t WR_DIS_BLK0_RESERVED[] = {
@ -48,79 +52,87 @@ static const esp_efuse_desc_t WR_DIS_SYS_DATA_PART1[] = {
};
static const esp_efuse_desc_t WR_DIS_KEY0[] = {
{EFUSE_BLK0, 7, 1}, // Write protection for EFUSE_BLK3. KEY0,
{EFUSE_BLK0, 7, 1}, // Write protection for EFUSE_BLK3. whole KEY0,
};
static const esp_efuse_desc_t RD_DIS[] = {
{EFUSE_BLK0, 8, 2}, // Read protection,
{EFUSE_BLK0, 32, 2}, // Read protection,
};
static const esp_efuse_desc_t RD_DIS_KEY0[] = {
{EFUSE_BLK0, 32, 2}, // Read protection for EFUSE_BLK3. KEY0,
};
static const esp_efuse_desc_t RD_DIS_KEY0_LOW[] = {
{EFUSE_BLK0, 32, 1}, // Read protection for EFUSE_BLK3. KEY0 lower 128-bit key,
};
static const esp_efuse_desc_t RD_DIS_KEY0_HI[] = {
{EFUSE_BLK0, 33, 1}, // Read protection for EFUSE_BLK3. KEY0 higher 128-bit key,
};
static const esp_efuse_desc_t WDT_DELAY_SEL[] = {
{EFUSE_BLK0, 34, 2}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 34, 2}, // RTC WDT timeout threshold,
};
static const esp_efuse_desc_t DIS_PAD_JTAG[] = {
{EFUSE_BLK0, 36, 1}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 36, 1}, // Hardware Disable JTAG permanently,
};
static const esp_efuse_desc_t EFUSE_DIS_DOWNLOAD_ICACHE[] = {
{EFUSE_BLK0, 37, 1}, // /* TODO: Need Description*/,
static const esp_efuse_desc_t DIS_DOWNLOAD_ICACHE[] = {
{EFUSE_BLK0, 37, 1}, // Disable ICache in Download mode,
};
static const esp_efuse_desc_t DIS_DOWNLOAD_MANUAL_ENCRYPT[] = {
{EFUSE_BLK0, 38, 1}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 38, 1}, // Disable flash encryption in Download boot mode,
};
static const esp_efuse_desc_t SPI_BOOT_ENCRYPT_DECRYPT_CNT[] = {
{EFUSE_BLK0, 39, 3}, // /* TODO: Need Description*/,
static const esp_efuse_desc_t SPI_BOOT_CRYPT_CNT[] = {
{EFUSE_BLK0, 39, 3}, // Enable SPI boot encrypt/decrypt. Odd number: enable; even number: disable,
};
static const esp_efuse_desc_t XTS_KEY_LENGTH_256[] = {
{EFUSE_BLK0, 42, 1}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 42, 1}, // Select XTS_AES key length. 1: 256-bit of whole block3; 0: Lower 128-bit of block3,
};
static const esp_efuse_desc_t UART_PRINT_CONTROL[] = {
{EFUSE_BLK0, 43, 2}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 43, 2}, // Set UART boot message output mode. 00: Force print; 01: Low-level print controlled by GPIO 8; 10: High-level print controlled by GPIO 8; 11: Print force disabled,
};
static const esp_efuse_desc_t FORCE_SEND_RESUME[] = {
{EFUSE_BLK0, 45, 1}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 45, 1}, // Force ROM code to send an SPI flash resume command during SPI boot,
};
static const esp_efuse_desc_t DIS_DOWNLOAD_MODE[] = {
{EFUSE_BLK0, 46, 1}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 46, 1}, // Disable all download boot modes,
};
static const esp_efuse_desc_t DIS_DIRECT_BOOT[] = {
{EFUSE_BLK0, 47, 1}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 47, 1}, // Disable direct_boot mode,
};
static const esp_efuse_desc_t ENABLE_SECURITY_DOWNLOAD[] = {
{EFUSE_BLK0, 48, 1}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 48, 1}, // Enable secure UART download mode,
};
static const esp_efuse_desc_t FLASH_TPUW[] = {
{EFUSE_BLK0, 49, 4}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 49, 4}, // Configure flash startup delay after SoC being powered up (the unit is ms/2). When the value is 15 delay will be 7.5 ms,
};
static const esp_efuse_desc_t SECURE_BOOT_EN[] = {
{EFUSE_BLK0, 53, 1}, // /* TODO: Need Description*/,
{EFUSE_BLK0, 53, 1}, // Enable secure boot,
};
static const esp_efuse_desc_t SYSTEM_DATA0[] = {
{EFUSE_BLK1, 0, 32}, // EFUSE_SYSTEM_DATA0,
static const esp_efuse_desc_t SECURE_VERSION[] = {
{EFUSE_BLK0, 54, 4}, // Secure version for anti-rollback,
};
static const esp_efuse_desc_t SYSTEM_DATA1[] = {
{EFUSE_BLK1, 32, 32}, // EFUSE_SYSTEM_DATA1,
static const esp_efuse_desc_t USER_DATA[] = {
{EFUSE_BLK1, 0, 88}, // User data block,
};
static const esp_efuse_desc_t SYSTEM_DATA2[] = {
{EFUSE_BLK1, 64, 23}, // EFUSE_SYSTEM_DATA2,
static const esp_efuse_desc_t USER_DATA_MAC_CUSTOM[] = {
{EFUSE_BLK1, 0, 48}, // Custom MAC addr,
};
static const esp_efuse_desc_t MAC_FACTORY[] = {
@ -177,7 +189,19 @@ static const esp_efuse_desc_t ADC_CALIBRATION_2[] = {
};
static const esp_efuse_desc_t KEY0[] = {
{EFUSE_BLK3, 0, 256}, // Key0 or user data,
{EFUSE_BLK3, 0, 256}, // [256bit FE key] or [128bit FE key and 128key SB key] or [user data],
};
static const esp_efuse_desc_t KEY0_FE_256BIT[] = {
{EFUSE_BLK3, 0, 256}, // [256bit FE key],
};
static const esp_efuse_desc_t KEY0_FE_128BIT[] = {
{EFUSE_BLK3, 0, 128}, // [128bit FE key],
};
static const esp_efuse_desc_t KEY0_SB_128BIT[] = {
{EFUSE_BLK3, 128, 128}, // [128bit SB key],
};
@ -195,17 +219,22 @@ const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY0_RD_DIS[] = {
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_GROUP_1[] = {
&WR_DIS_GROUP_1[0], // Write protection for WDT_DELAY DIS_PAD_JTAG
&WR_DIS_GROUP_1[0], // Write protection for WDT_DELAY DIS_PAD_JTAG DIS_DOWNLOAD_ICACHE
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_GROUP_2[] = {
&WR_DIS_GROUP_2[0], // Write protection for DOWNLOAD_DIS_MANUAL_ENCRYPT SPI_BOOT_ENCRYPT_DECRYPT_CNT XTS_KEY_LENGTH_256
&WR_DIS_GROUP_2[0], // Write protection for DOWNLOAD_DIS_MANUAL_ENCRYPT SPI_BOOT_CRYPT_CNT XTS_KEY_LENGTH_256 SECURE_BOOT_EN
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT[] = {
&WR_DIS_SPI_BOOT_CRYPT_CNT[0], // Write protection for DOWNLOAD_DIS_MANUAL_ENCRYPT [SPI_BOOT_CRYPT_CNT] XTS_KEY_LENGTH_256 SECURE_BOOT_EN
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_GROUP_3[] = {
&WR_DIS_GROUP_3[0], // Write protection for UART_PRINT_CONTROL FORCE_SEND_RESUME DIS_DOWNLOAD_MODE DIS_DIRECT_BOOT ENABLE_SECURITY_DOWNLOAD FLASH_TPUW SECURE_BOOT_EN
&WR_DIS_GROUP_3[0], // Write protection for UART_PRINT_CONTROL FORCE_SEND_RESUME DIS_DOWNLOAD_MODE DIS_DIRECT_BOOT ENABLE_SECURITY_DOWNLOAD FLASH_TPUW
NULL
};
@ -225,7 +254,7 @@ const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SYS_DATA_PART1[] = {
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY0[] = {
&WR_DIS_KEY0[0], // Write protection for EFUSE_BLK3. KEY0
&WR_DIS_KEY0[0], // Write protection for EFUSE_BLK3. whole KEY0
NULL
};
@ -239,83 +268,93 @@ const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY0[] = {
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY0_LOW[] = {
&RD_DIS_KEY0_LOW[0], // Read protection for EFUSE_BLK3. KEY0 lower 128-bit key
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY0_HI[] = {
&RD_DIS_KEY0_HI[0], // Read protection for EFUSE_BLK3. KEY0 higher 128-bit key
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WDT_DELAY_SEL[] = {
&WDT_DELAY_SEL[0], // /* TODO: Need Description*/
&WDT_DELAY_SEL[0], // RTC WDT timeout threshold
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_DIS_PAD_JTAG[] = {
&DIS_PAD_JTAG[0], // /* TODO: Need Description*/
&DIS_PAD_JTAG[0], // Hardware Disable JTAG permanently
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_EFUSE_DIS_DOWNLOAD_ICACHE[] = {
&EFUSE_DIS_DOWNLOAD_ICACHE[0], // /* TODO: Need Description*/
const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_ICACHE[] = {
&DIS_DOWNLOAD_ICACHE[0], // Disable ICache in Download mode
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT[] = {
&DIS_DOWNLOAD_MANUAL_ENCRYPT[0], // /* TODO: Need Description*/
&DIS_DOWNLOAD_MANUAL_ENCRYPT[0], // Disable flash encryption in Download boot mode
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_SPI_BOOT_ENCRYPT_DECRYPT_CNT[] = {
&SPI_BOOT_ENCRYPT_DECRYPT_CNT[0], // /* TODO: Need Description*/
const esp_efuse_desc_t* ESP_EFUSE_SPI_BOOT_CRYPT_CNT[] = {
&SPI_BOOT_CRYPT_CNT[0], // Enable SPI boot encrypt/decrypt. Odd number: enable; even number: disable
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_XTS_KEY_LENGTH_256[] = {
&XTS_KEY_LENGTH_256[0], // /* TODO: Need Description*/
&XTS_KEY_LENGTH_256[0], // Select XTS_AES key length. 1: 256-bit of whole block3; 0: Lower 128-bit of block3
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_UART_PRINT_CONTROL[] = {
&UART_PRINT_CONTROL[0], // /* TODO: Need Description*/
&UART_PRINT_CONTROL[0], // Set UART boot message output mode. 00: Force print; 01: Low-level print controlled by GPIO 8; 10: High-level print controlled by GPIO 8; 11: Print force disabled
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_FORCE_SEND_RESUME[] = {
&FORCE_SEND_RESUME[0], // /* TODO: Need Description*/
&FORCE_SEND_RESUME[0], // Force ROM code to send an SPI flash resume command during SPI boot
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_MODE[] = {
&DIS_DOWNLOAD_MODE[0], // /* TODO: Need Description*/
&DIS_DOWNLOAD_MODE[0], // Disable all download boot modes
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_DIS_DIRECT_BOOT[] = {
&DIS_DIRECT_BOOT[0], // /* TODO: Need Description*/
&DIS_DIRECT_BOOT[0], // Disable direct_boot mode
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_ENABLE_SECURITY_DOWNLOAD[] = {
&ENABLE_SECURITY_DOWNLOAD[0], // /* TODO: Need Description*/
&ENABLE_SECURITY_DOWNLOAD[0], // Enable secure UART download mode
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_FLASH_TPUW[] = {
&FLASH_TPUW[0], // /* TODO: Need Description*/
&FLASH_TPUW[0], // Configure flash startup delay after SoC being powered up (the unit is ms/2). When the value is 15 delay will be 7.5 ms
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_EN[] = {
&SECURE_BOOT_EN[0], // /* TODO: Need Description*/
&SECURE_BOOT_EN[0], // Enable secure boot
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_SYSTEM_DATA0[] = {
&SYSTEM_DATA0[0], // EFUSE_SYSTEM_DATA0
const esp_efuse_desc_t* ESP_EFUSE_SECURE_VERSION[] = {
&SECURE_VERSION[0], // Secure version for anti-rollback
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_SYSTEM_DATA1[] = {
&SYSTEM_DATA1[0], // EFUSE_SYSTEM_DATA1
const esp_efuse_desc_t* ESP_EFUSE_USER_DATA[] = {
&USER_DATA[0], // User data block
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_SYSTEM_DATA2[] = {
&SYSTEM_DATA2[0], // EFUSE_SYSTEM_DATA2
const esp_efuse_desc_t* ESP_EFUSE_USER_DATA_MAC_CUSTOM[] = {
&USER_DATA_MAC_CUSTOM[0], // Custom MAC addr
NULL
};
@ -385,6 +424,21 @@ const esp_efuse_desc_t* ESP_EFUSE_ADC_CALIBRATION_2[] = {
};
const esp_efuse_desc_t* ESP_EFUSE_KEY0[] = {
&KEY0[0], // Key0 or user data
&KEY0[0], // [256bit FE key] or [128bit FE key and 128key SB key] or [user data]
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_KEY0_FE_256BIT[] = {
&KEY0_FE_256BIT[0], // [256bit FE key]
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_KEY0_FE_128BIT[] = {
&KEY0_FE_128BIT[0], // [128bit FE key]
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_KEY0_SB_128BIT[] = {
&KEY0_SB_128BIT[0], // [128bit SB key]
NULL
};

65
components/efuse/esp32c2/esp_efuse_table.csv
View File

@ -1,10 +1,8 @@
# field_name, | efuse_block, | bit_start, | bit_count, |comment #
# | (EFUSE_BLK0 | (0..255) | (1..-) | #
# | EFUSE_BLK1 | |MAX_BLK_LEN*| #
# | ... | | | #
# | EFUSE_BLK10)| | | #
# | (EFUSE_BLK0 | (0..255) | (1-256) | #
# | EFUSE_BLK1 | | | #
# | EFUSE_BLK3) | | | #
##########################################################################
# *) The value MAX_BLK_LEN depends on CONFIG_EFUSE_MAX_BLK_LEN, will be replaced with "None" - 256. "3/4" - 192. "REPEAT" - 128.
# !!!!!!!!!!! #
# After editing this file, run the command manually "make efuse_common_table" or "idf.py efuse_common_table"
# this will generate new source files, next rebuild all the sources.
@ -15,39 +13,40 @@
# EFUSE_RD_WR_DIS_REG #
WR_DIS, EFUSE_BLK0, 0, 8, Write protection
WR_DIS.KEY0_RD_DIS, EFUSE_BLK0, 0, 1, Write protection for KEY0_RD_DIS
WR_DIS.GROUP_1, EFUSE_BLK0, 1, 1, Write protection for WDT_DELAY DIS_PAD_JTAG
WR_DIS.GROUP_2, EFUSE_BLK0, 2, 1, Write protection for DOWNLOAD_DIS_MANUAL_ENCRYPT SPI_BOOT_ENCRYPT_DECRYPT_CNT XTS_KEY_LENGTH_256
WR_DIS.GROUP_3, EFUSE_BLK0, 3, 1, Write protection for UART_PRINT_CONTROL FORCE_SEND_RESUME DIS_DOWNLOAD_MODE DIS_DIRECT_BOOT ENABLE_SECURITY_DOWNLOAD FLASH_TPUW SECURE_BOOT_EN
WR_DIS.GROUP_1, EFUSE_BLK0, 1, 1, Write protection for WDT_DELAY DIS_PAD_JTAG DIS_DOWNLOAD_ICACHE
WR_DIS.GROUP_2, EFUSE_BLK0, 2, 1, Write protection for DOWNLOAD_DIS_MANUAL_ENCRYPT SPI_BOOT_CRYPT_CNT XTS_KEY_LENGTH_256 SECURE_BOOT_EN
WR_DIS.SPI_BOOT_CRYPT_CNT, EFUSE_BLK0, 2, 1, Write protection for DOWNLOAD_DIS_MANUAL_ENCRYPT [SPI_BOOT_CRYPT_CNT] XTS_KEY_LENGTH_256 SECURE_BOOT_EN
WR_DIS.GROUP_3, EFUSE_BLK0, 3, 1, Write protection for UART_PRINT_CONTROL FORCE_SEND_RESUME DIS_DOWNLOAD_MODE DIS_DIRECT_BOOT ENABLE_SECURITY_DOWNLOAD FLASH_TPUW
WR_DIS.BLK0_RESERVED, EFUSE_BLK0, 4, 1, Write protection for BLK0_RESERVED
WR_DIS.SYS_DATA_PART0, EFUSE_BLK0, 5, 1, Write protection for EFUSE_BLK1. SYS_DATA_PART0
WR_DIS.SYS_DATA_PART1, EFUSE_BLK0, 6, 1, Write protection for EFUSE_BLK2. SYS_DATA_PART2
WR_DIS.KEY0, EFUSE_BLK0, 7, 1, Write protection for EFUSE_BLK3. KEY0
WR_DIS.KEY0, EFUSE_BLK0, 7, 1, Write protection for EFUSE_BLK3. whole KEY0
# EFUSE_RD_REPEAT_DATA0_REG #
RD_DIS, EFUSE_BLK0, 8, 2, Read protection
RD_DIS.KEY0, EFUSE_BLK0, 8, 2, Read protection for EFUSE_BLK3. KEY0
RD_DIS, EFUSE_BLK0, 32, 2, Read protection
RD_DIS.KEY0, EFUSE_BLK0, 32, 2, Read protection for EFUSE_BLK3. KEY0
RD_DIS.KEY0.LOW, EFUSE_BLK0, 32, 1, Read protection for EFUSE_BLK3. KEY0 lower 128-bit key
RD_DIS.KEY0.HI, EFUSE_BLK0, 33, 1, Read protection for EFUSE_BLK3. KEY0 higher 128-bit key
WDT_DELAY_SEL, EFUSE_BLK0, 10, 2, /* TODO: Need Description*/
DIS_PAD_JTAG, EFUSE_BLK0, 12, 1, /* TODO: Need Description*/
EFUSE_DIS_DOWNLOAD_ICACHE, EFUSE_BLK0, 13, 1, /* TODO: Need Description*/
DIS_DOWNLOAD_MANUAL_ENCRYPT, EFUSE_BLK0, 14, 1, /* TODO: Need Description*/
SPI_BOOT_ENCRYPT_DECRYPT_CNT, EFUSE_BLK0, 15, 3, /* TODO: Need Description*/
XTS_KEY_LENGTH_256, EFUSE_BLK0, 18, 1, /* TODO: Need Description*/
UART_PRINT_CONTROL, EFUSE_BLK0, 19, 2, /* TODO: Need Description*/
FORCE_SEND_RESUME, EFUSE_BLK0, 21, 1, /* TODO: Need Description*/
DIS_DOWNLOAD_MODE, EFUSE_BLK0, 22, 1, /* TODO: Need Description*/
DIS_DIRECT_BOOT, EFUSE_BLK0, 23, 1, /* TODO: Need Description*/
ENABLE_SECURITY_DOWNLOAD, EFUSE_BLK0, 24, 1, /* TODO: Need Description*/
FLASH_TPUW, EFUSE_BLK0, 25, 4, /* TODO: Need Description*/
SECURE_BOOT_EN, EFUSE_BLK0, 29, 1, /* TODO: Need Description*/
WDT_DELAY_SEL, EFUSE_BLK0, 34, 2, RTC WDT timeout threshold
DIS_PAD_JTAG, EFUSE_BLK0, 36, 1, Hardware Disable JTAG permanently
DIS_DOWNLOAD_ICACHE, EFUSE_BLK0, 37, 1, Disable ICache in Download mode
DIS_DOWNLOAD_MANUAL_ENCRYPT, EFUSE_BLK0, 38, 1, Disable flash encryption in Download boot mode
SPI_BOOT_CRYPT_CNT, EFUSE_BLK0, 39, 3, Enable SPI boot encrypt/decrypt. Odd number: enable; even number: disable
XTS_KEY_LENGTH_256, EFUSE_BLK0, 42, 1, Select XTS_AES key length. 1: 256-bit of whole block3; 0: Lower 128-bit of block3
UART_PRINT_CONTROL, EFUSE_BLK0, 43, 2, Set UART boot message output mode. 00: Force print; 01: Low-level print controlled by GPIO 8; 10: High-level print controlled by GPIO 8; 11: Print force disabled
FORCE_SEND_RESUME, EFUSE_BLK0, 45, 1, Force ROM code to send an SPI flash resume command during SPI boot
DIS_DOWNLOAD_MODE, EFUSE_BLK0, 46, 1, Disable all download boot modes
DIS_DIRECT_BOOT, EFUSE_BLK0, 47, 1, Disable direct_boot mode
ENABLE_SECURITY_DOWNLOAD, EFUSE_BLK0, 48, 1, Enable secure UART download mode
FLASH_TPUW, EFUSE_BLK0, 49, 4, Configure flash startup delay after SoC being powered up (the unit is ms/2). When the value is 15 delay will be 7.5 ms
SECURE_BOOT_EN, EFUSE_BLK0, 53, 1, Enable secure boot
SECURE_VERSION, EFUSE_BLK0, 54, 4, Secure version for anti-rollback
# SYS_DATA_PART0 BLOCK# - System configuration
# USER_DATA BLOCK# - System configuration
#######################
SYSTEM_DATA0, EFUSE_BLK1, 0, 32, EFUSE_SYSTEM_DATA0
SYSTEM_DATA1, EFUSE_BLK1, 32, 32, EFUSE_SYSTEM_DATA1
SYSTEM_DATA2, EFUSE_BLK1, 64, 23, EFUSE_SYSTEM_DATA2
USER_DATA, EFUSE_BLK1, 0, 88, User data block
USER_DATA.MAC_CUSTOM, EFUSE_BLK1, 0, 48, Custom MAC addr
# SYS_DATA_PART1 BLOCK# - System configuration
@ -77,6 +76,6 @@
################
KEY0, EFUSE_BLK3, 0, 256, [256bit FE key] or [128bit FE key and 128key SB key] or [user data]
KEY0.FLASH_ENCRYPTION EFUSE_BLK3, 0, 256, [256bit FE key]
KEY0.FLASH_ENCRYPTION_128 EFUSE_BLK3, 0, 128, [128bit FE key]
KEY0.SECURE_BOOT_128 EFUSE_BLK3, 128, 256, [128bit SB key]
KEY0.FE_256BIT, EFUSE_BLK3, 0, 256, [256bit FE key]
KEY0.FE_128BIT, EFUSE_BLK3, 0, 128, [128bit FE key]
KEY0.SB_128BIT, EFUSE_BLK3, 128, 128, [128bit SB key]

Can't render this file because it contains an unexpected character in line 7 and column 87.

91
components/efuse/esp32c2/esp_efuse_utility.c
View File

@ -13,24 +13,84 @@
#include "esp_private/esp_clk.h"
#include "esp32c2/rom/efuse.h"
static const char *TAG = "efuse";
#ifdef CONFIG_EFUSE_VIRTUAL
extern uint32_t virt_blocks[EFUSE_BLK_MAX][COUNT_EFUSE_REG_PER_BLOCK];
#endif // CONFIG_EFUSE_VIRTUAL
/*Range addresses to read blocks*/
const esp_efuse_range_addr_t range_read_addr_blocks[] = {
{EFUSE_RD_WR_DIS_REG, EFUSE_RD_REPEAT_DATA0_REG}, // range address of EFUSE_BLK0 REPEAT
{EFUSE_RD_BLK1_DATA0_REG, EFUSE_RD_BLK1_DATA2_REG}, // range address of EFUSE_BLK1 SYS_DATA_PART0
{EFUSE_RD_BLK2_DATA0_REG, EFUSE_RD_BLK2_DATA7_REG}, // range address of EFUSE_BLK2 SYS_DATA_PART_1
{EFUSE_RD_BLK3_DATA0_REG, EFUSE_RD_BLK3_DATA7_REG}, // range address of EFUSE_BLK3 KEY0
{EFUSE_RD_WR_DIS_REG, EFUSE_RD_REPEAT_DATA0_REG}, // range address of EFUSE_BLK0 (2 regs) REPEAT
{EFUSE_RD_BLK1_DATA0_REG, EFUSE_RD_BLK1_DATA2_REG}, // range address of EFUSE_BLK1 (3 regs) SYS_DATA_PART0
{EFUSE_RD_BLK2_DATA0_REG, EFUSE_RD_BLK2_DATA7_REG}, // range address of EFUSE_BLK2 (8 regs) SYS_DATA_PART_1
{EFUSE_RD_BLK3_DATA0_REG, EFUSE_RD_BLK3_DATA7_REG}, // range address of EFUSE_BLK3 (8 regs) KEY0
};
static uint32_t write_mass_blocks[EFUSE_BLK_MAX][COUNT_EFUSE_REG_PER_BLOCK] = { 0 };
/*Range addresses to write blocks (it is not real regs, it is buffer) */
const esp_efuse_range_addr_t range_write_addr_blocks[] = {
{(uint32_t) &write_mass_blocks[EFUSE_BLK0][0], (uint32_t) &write_mass_blocks[EFUSE_BLK0][1]},
{(uint32_t) &write_mass_blocks[EFUSE_BLK1][0], (uint32_t) &write_mass_blocks[EFUSE_BLK1][2]},
{(uint32_t) &write_mass_blocks[EFUSE_BLK2][0], (uint32_t) &write_mass_blocks[EFUSE_BLK2][7]},
{(uint32_t) &write_mass_blocks[EFUSE_BLK3][0], (uint32_t) &write_mass_blocks[EFUSE_BLK3][7]},
};
#ifndef CONFIG_EFUSE_VIRTUAL
// Update Efuse timing configuration
static esp_err_t esp_efuse_set_timing(void)
{
// no need to set special timing values
return ESP_OK;
}
#endif // ifndef CONFIG_EFUSE_VIRTUAL
// Efuse read operation: copies data from physical efuses to efuse read registers.
void esp_efuse_utility_clear_program_registers(void)
{
abort();
ets_efuse_read();
ets_efuse_clear_program_registers();
}
// Burn values written to the efuse write registers
void esp_efuse_utility_burn_chip(void)
{
abort();
#ifdef CONFIG_EFUSE_VIRTUAL
ESP_LOGW(TAG, "Virtual efuses enabled: Not really burning eFuses");
for (int num_block = EFUSE_BLK_MAX - 1; num_block >= EFUSE_BLK0; num_block--) {
int subblock = 0;
for (uint32_t addr_wr_block = range_write_addr_blocks[num_block].start; addr_wr_block <= range_write_addr_blocks[num_block].end; addr_wr_block += 4) {
virt_blocks[num_block][subblock++] |= REG_READ(addr_wr_block);
}
}
#ifdef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
esp_efuse_utility_write_efuses_to_flash();
#endif
#else
if (esp_efuse_set_timing() != ESP_OK) {
ESP_LOGE(TAG, "Efuse fields are not burnt");
} else {
// Permanently update values written to the efuse write registers
// It is necessary to process blocks in the order from MAX-> EFUSE_BLK0, because EFUSE_BLK0 has protection bits for other blocks.
for (int num_block = EFUSE_BLK_MAX - 1; num_block >= EFUSE_BLK0; num_block--) {
for (uint32_t addr_wr_block = range_write_addr_blocks[num_block].start; addr_wr_block <= range_write_addr_blocks[num_block].end; addr_wr_block += 4) {
if (REG_READ(addr_wr_block) != 0) {
if (esp_efuse_get_coding_scheme(num_block) == EFUSE_CODING_SCHEME_RS) {
uint8_t block_rs[12];
ets_efuse_rs_calculate((void *)range_write_addr_blocks[num_block].start, block_rs);
memcpy((void *)EFUSE_PGM_CHECK_VALUE0_REG, block_rs, sizeof(block_rs));
}
int data_len = (range_write_addr_blocks[num_block].end - range_write_addr_blocks[num_block].start) + sizeof(uint32_t);
memcpy((void *)EFUSE_PGM_DATA0_REG, (void *)range_write_addr_blocks[num_block].start, data_len);
ets_efuse_program(num_block);
break;
}
}
}
}
#endif // CONFIG_EFUSE_VIRTUAL
esp_efuse_utility_reset();
}
// After esp_efuse_write.. functions EFUSE_BLKx_WDATAx_REG were filled is not coded values.
@ -39,5 +99,22 @@ void esp_efuse_utility_burn_chip(void)
// They will be filled during the burn operation.
esp_err_t esp_efuse_utility_apply_new_coding_scheme()
{
abort();
// start with EFUSE_BLK1. EFUSE_BLK0 - always uses EFUSE_CODING_SCHEME_NONE.
for (int num_block = EFUSE_BLK1; num_block < EFUSE_BLK_MAX; num_block++) {
if (esp_efuse_get_coding_scheme(num_block) == EFUSE_CODING_SCHEME_RS) {
for (uint32_t addr_wr_block = range_write_addr_blocks[num_block].start; addr_wr_block <= range_write_addr_blocks[num_block].end; addr_wr_block += 4) {
if (REG_READ(addr_wr_block)) {
int num_reg = 0;
for (uint32_t addr_rd_block = range_read_addr_blocks[num_block].start; addr_rd_block <= range_read_addr_blocks[num_block].end; addr_rd_block += 4, ++num_reg) {
if (esp_efuse_utility_read_reg(num_block, num_reg)) {
ESP_LOGE(TAG, "Bits are not empty. Write operation is forbidden.");
return ESP_ERR_CODING;
}
}
break;
}
}
}
}
return ESP_OK;
}

25
components/efuse/esp32c2/include/esp_efuse.h
View File

@ -11,7 +11,7 @@ extern "C" {
#endif
/**
* @brief Type of eFuse blocks ESP32C2
* @brief Type of eFuse blocks
*/
typedef enum {
EFUSE_BLK0 = 0, /**< Number of eFuse BLOCK0. REPEAT_DATA */
@ -22,11 +22,11 @@ typedef enum {
EFUSE_BLK2 = 2, /**< Number of eFuse BLOCK2. SYS_DATA_PART1 */
EFUSE_BLK_SYS_DATA_PART1 = 2, /**< Number of eFuse BLOCK2. SYS_DATA_PART1 */
EFUSE_BLK3 = 3, /**< Number of eFuse BLOCK3. KEY0*/
EFUSE_BLK_KEY0 = 3, /**< Number of eFuse BLOCK3. KEY0*/
EFUSE_BLK3 = 3, /**< Number of eFuse BLOCK3. KEY0. whole block */
EFUSE_BLK_KEY0 = 3, /**< Number of eFuse BLOCK3. KEY0. whole block */
EFUSE_BLK_KEY_MAX = 4,
EFUSE_BLK_MAX = 4,
EFUSE_BLK_MAX = 4, /**< Number of eFuse blocks */
} esp_efuse_block_t;
/**
@ -37,16 +37,15 @@ typedef enum {
EFUSE_CODING_SCHEME_RS = 3, /**< Reed-Solomon coding */
} esp_efuse_coding_scheme_t;
/** For ESP32C2, there's no key purpose region for efuse keys, In order to maintain
* compatibility with the previous apis, we should set the parameter of 'ets_efuse_purpose_t'
* as default value ETS_EFUSE_KEY_PURPOSE_INVALID.
* (In fact, this parameter can be any value, the api in the rom will not process key_purpose region)
*/
/**
* @brief Type of key purposes (they are virtual because this chip has only fixed purposes for block)
*/
typedef enum {
ESP_EFUSE_KEY_PURPOSE_INVALID = -1,
ESP_EFUSE_KEY_PURPOSE_USER = 0,
ESP_EFUSE_KEY_PURPOSE_FLASH_ENCRYPTION = 1,
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V1 = 2,
ESP_EFUSE_KEY_PURPOSE_USER = 0, /**< whole BLOCK3 */
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY = 1, /**< FE uses the whole BLOCK3 (key is 256-bits) */
ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY = 2, /**< FE uses lower 128-bits of BLOCK3 (key is 128-bits) */
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2 = 3, /**< SB uses higher 128-bits of BLOCK3 (key is 128-bits) */
ESP_EFUSE_KEY_PURPOSE_MAX, /**< MAX PURPOSE */
} esp_efuse_purpose_t;
#ifdef __cplusplus

137
components/efuse/esp32c2/include/esp_efuse_table.h
View File

@ -9,7 +9,7 @@ extern "C" {
#endif
// md5_digest_table 3f91b5a37afbcdf1379820626a92e69c
// md5_digest_table af57e8a6a405ebf239cc552f713c91d0
// This file was generated from the file esp_efuse_table.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_table.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
@ -17,128 +17,51 @@ extern "C" {
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_RD_DIS[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY0_RD_DIS[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_GROUP_1[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_GROUP_2[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_KEY_REVOKE0[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_KEY_REVOKE1[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_KEY_REVOKE2[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY0_PURPOSE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY1_PURPOSE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY2_PURPOSE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY3_PURPOSE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY4_PURPOSE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY5_PURPOSE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_EN[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_AGGRESSIVE_REVOKE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_GROUP_3[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_BLK1[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_BLK0_RESERVED[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SYS_DATA_PART0[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SYS_DATA_PART1[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_USER_DATA[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY0[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY1[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY2[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY3[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY4[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY5[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SYS_DATA_PART2[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY0[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY1[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY2[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY3[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY4[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY5[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_SYS_DATA_PART2[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_RTC_RAM_BOOT[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_ICACHE[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_USB_JTAG[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_ICACHE[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_USB_DEVICE[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_FORCE_DOWNLOAD[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_USB[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_CAN[];
extern const esp_efuse_desc_t* ESP_EFUSE_JTAG_SEL_ENABLE[];
extern const esp_efuse_desc_t* ESP_EFUSE_SOFT_DIS_JTAG[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_PAD_JTAG[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT[];
extern const esp_efuse_desc_t* ESP_EFUSE_USB_DREFH[];
extern const esp_efuse_desc_t* ESP_EFUSE_USB_DREFL[];
extern const esp_efuse_desc_t* ESP_EFUSE_USB_EXCHG_PINS[];
extern const esp_efuse_desc_t* ESP_EFUSE_VDD_SPI_AS_GPIO[];
extern const esp_efuse_desc_t* ESP_EFUSE_BTLC_GPIO_ENABLE[];
extern const esp_efuse_desc_t* ESP_EFUSE_POWERGLITCH_EN[];
extern const esp_efuse_desc_t* ESP_EFUSE_POWER_GLITCH_DSENSE[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY0_LOW[];
extern const esp_efuse_desc_t* ESP_EFUSE_RD_DIS_KEY0_HI[];
extern const esp_efuse_desc_t* ESP_EFUSE_WDT_DELAY_SEL[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_PAD_JTAG[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_ICACHE[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_BOOT_CRYPT_CNT[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_KEY_REVOKE0[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_KEY_REVOKE1[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_KEY_REVOKE2[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY_PURPOSE_0[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY_PURPOSE_1[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY_PURPOSE_2[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY_PURPOSE_3[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY_PURPOSE_4[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY_PURPOSE_5[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_EN[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE[];
extern const esp_efuse_desc_t* ESP_EFUSE_FLASH_TPUW[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_MODE[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_LEGACY_SPI_BOOT[];
extern const esp_efuse_desc_t* ESP_EFUSE_UART_PRINT_CHANNEL[];
extern const esp_efuse_desc_t* ESP_EFUSE_FLASH_ECC_MODE[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_USB_DOWNLOAD_MODE[];
extern const esp_efuse_desc_t* ESP_EFUSE_ENABLE_SECURITY_DOWNLOAD[];
extern const esp_efuse_desc_t* ESP_EFUSE_XTS_KEY_LENGTH_256[];
extern const esp_efuse_desc_t* ESP_EFUSE_UART_PRINT_CONTROL[];
extern const esp_efuse_desc_t* ESP_EFUSE_PIN_POWER_SELECTION[];
extern const esp_efuse_desc_t* ESP_EFUSE_FLASH_TYPE[];
extern const esp_efuse_desc_t* ESP_EFUSE_FLASH_PAGE_SIZE[];
extern const esp_efuse_desc_t* ESP_EFUSE_FLASH_ECC_EN[];
extern const esp_efuse_desc_t* ESP_EFUSE_FORCE_SEND_RESUME[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_MODE[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DIRECT_BOOT[];
extern const esp_efuse_desc_t* ESP_EFUSE_ENABLE_SECURITY_DOWNLOAD[];
extern const esp_efuse_desc_t* ESP_EFUSE_FLASH_TPUW[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_EN[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_VERSION[];
extern const esp_efuse_desc_t* ESP_EFUSE_MAC_FACTORY[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_CLK[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_Q_D1[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_D_D0[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_CS[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_HD_D3[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_WP_D2[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_DQS[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_D4[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_D5[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_D6[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_PAD_CONFIG_D7[];
extern const esp_efuse_desc_t* ESP_EFUSE_WAFER_VERSION[];
extern const esp_efuse_desc_t* ESP_EFUSE_PKG_VERSION[];
extern const esp_efuse_desc_t* ESP_EFUSE_BLOCK1_VERSION[];
extern const esp_efuse_desc_t* ESP_EFUSE_OPTIONAL_UNIQUE_ID[];
extern const esp_efuse_desc_t* ESP_EFUSE_BLOCK2_VERSION[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEMP_CALIB[];
extern const esp_efuse_desc_t* ESP_EFUSE_OCODE[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC1_INIT_CODE_ATTEN0[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC1_INIT_CODE_ATTEN1[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC1_INIT_CODE_ATTEN2[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC1_INIT_CODE_ATTEN3[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC1_CAL_VOL_ATTEN0[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC1_CAL_VOL_ATTEN1[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC1_CAL_VOL_ATTEN2[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC1_CAL_VOL_ATTEN3[];
extern const esp_efuse_desc_t* ESP_EFUSE_USER_DATA[];
extern const esp_efuse_desc_t* ESP_EFUSE_USER_DATA_MAC_CUSTOM[];
extern const esp_efuse_desc_t* ESP_EFUSE_MAC_FACTORY[];
extern const esp_efuse_desc_t* ESP_EFUSE_WAFER_VERSION[];
extern const esp_efuse_desc_t* ESP_EFUSE_PKG_VERSION[];
extern const esp_efuse_desc_t* ESP_EFUSE_BLOCK2_VERSION[];
extern const esp_efuse_desc_t* ESP_EFUSE_RF_REF_I_BIAS_CONFIG[];
extern const esp_efuse_desc_t* ESP_EFUSE_LDO_VOL_BIAS_CONFIG_LOW[];
extern const esp_efuse_desc_t* ESP_EFUSE_LDO_VOL_BIAS_CONFIG_HIGH[];
extern const esp_efuse_desc_t* ESP_EFUSE_PVT_LOW[];
extern const esp_efuse_desc_t* ESP_EFUSE_PVT_HIGH[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC_CALIBRATION_0[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC_CALIBRATION_1[];
extern const esp_efuse_desc_t* ESP_EFUSE_ADC_CALIBRATION_2[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY0[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY1[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY2[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY3[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY4[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY5[];
extern const esp_efuse_desc_t* ESP_EFUSE_SYS_DATA_PART2[];
extern const esp_efuse_desc_t* ESP_EFUSE_K_RTC_LDO[];
extern const esp_efuse_desc_t* ESP_EFUSE_K_DIG_LDO[];
extern const esp_efuse_desc_t* ESP_EFUSE_V_RTC_DBIAS20[];
extern const esp_efuse_desc_t* ESP_EFUSE_V_DIG_DBIAS20[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIG_DBIAS_HVT[];
extern const esp_efuse_desc_t* ESP_EFUSE_THRES_HVT[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY0_FE_256BIT[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY0_FE_128BIT[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY0_SB_128BIT[];
#ifdef __cplusplus
}

8
components/efuse/include/esp_efuse.h
View File

@ -599,8 +599,7 @@ bool esp_efuse_get_keypurpose_dis_write(esp_efuse_block_t block);
*/
esp_efuse_purpose_t esp_efuse_get_key_purpose(esp_efuse_block_t block);
#ifndef CONFIG_IDF_TARGET_ESP32
#if SOC_EFUSE_KEY_PURPOSE_FIELD
/**
* @brief Returns a pointer to a key purpose for an efuse key block.
*
@ -662,6 +661,9 @@ esp_efuse_block_t esp_efuse_find_unused_key_block(void);
*/
unsigned esp_efuse_count_unused_key_blocks(void);
#endif // SOC_EFUSE_KEY_PURPOSE_FIELD
#if SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY
/**
* @brief Returns the status of the Secure Boot public key digest revocation bit.
*
@ -709,7 +711,7 @@ bool esp_efuse_get_write_protect_of_digest_revoke(unsigned num_digest);
*/
esp_err_t esp_efuse_set_write_protect_of_digest_revoke(unsigned num_digest);
#endif // not CONFIG_IDF_TARGET_ESP32
#endif // SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY
/**
* @brief Program a block of key data to an efuse block

30
components/efuse/src/esp_efuse_api_key_esp32xx.c → components/efuse/src/efuse_controller/keys/with_key_purposes/esp_efuse_api_key.c
View File

@ -11,6 +11,11 @@
#include "sdkconfig.h"
#include "esp_efuse_table.h"
/*
* Each eFuse key block has a special field that defines the purpose of this block.
* This special field is called key_purpose.
*/
const static char *TAG = "efuse";
/**
@ -31,9 +36,6 @@ typedef struct {
} esp_efuse_revokes_t;
const esp_efuse_keys_t s_table[EFUSE_BLK_KEY_MAX - EFUSE_BLK_KEY0] = {
#if CONFIG_IDF_TARGET_ESP32C2
{ESP_EFUSE_KEY0, NULL, ESP_EFUSE_RD_DIS_KEY0, ESP_EFUSE_WR_DIS_KEY0, NULL},
#else
{ESP_EFUSE_KEY0, ESP_EFUSE_KEY_PURPOSE_0, ESP_EFUSE_RD_DIS_KEY0, ESP_EFUSE_WR_DIS_KEY0, ESP_EFUSE_WR_DIS_KEY0_PURPOSE},
{ESP_EFUSE_KEY1, ESP_EFUSE_KEY_PURPOSE_1, ESP_EFUSE_RD_DIS_KEY1, ESP_EFUSE_WR_DIS_KEY1, ESP_EFUSE_WR_DIS_KEY1_PURPOSE},
{ESP_EFUSE_KEY2, ESP_EFUSE_KEY_PURPOSE_2, ESP_EFUSE_RD_DIS_KEY2, ESP_EFUSE_WR_DIS_KEY2, ESP_EFUSE_WR_DIS_KEY2_PURPOSE},
@ -43,7 +45,6 @@ const esp_efuse_keys_t s_table[EFUSE_BLK_KEY_MAX - EFUSE_BLK_KEY0] = {
#if 0
{ESP_EFUSE_KEY6, ESP_EFUSE_KEY_PURPOSE_6, ESP_EFUSE_RD_DIS_KEY6, ESP_EFUSE_WR_DIS_KEY6, ESP_EFUSE_WR_DIS_KEY6_PURPOSE},
#endif
#endif //#if CONFIG_IDF_TARGET_ESP32C2
};
#if SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY
@ -76,7 +77,6 @@ bool esp_efuse_block_is_empty(esp_efuse_block_t block)
// Sets a write protection for the whole block.
esp_err_t esp_efuse_set_write_protect(esp_efuse_block_t blk)
{
#if !CONFIG_IDF_TARGET_ESP32C2
if (blk == EFUSE_BLK1) {
return esp_efuse_write_field_cnt(ESP_EFUSE_WR_DIS_BLK1, 1);
} else if (blk == EFUSE_BLK2) {
@ -89,8 +89,7 @@ esp_err_t esp_efuse_set_write_protect(esp_efuse_block_t blk)
unsigned idx = blk - EFUSE_BLK_KEY0;
return esp_efuse_write_field_cnt(s_table[idx].key_wr_dis, 1);
}
#endif
return ESP_ERR_NOT_SUPPORTED; // IDF-3818
return ESP_ERR_NOT_SUPPORTED;
}
// read protect for blk.
@ -100,11 +99,9 @@ esp_err_t esp_efuse_set_read_protect(esp_efuse_block_t blk)
unsigned idx = blk - EFUSE_BLK_KEY0;
return esp_efuse_write_field_cnt(s_table[idx].key_rd_dis, 1);
}
#if !CONFIG_IDF_TARGET_ESP32C2 // IDF-3818
else if (blk == EFUSE_BLK10) {
return esp_efuse_write_field_cnt(ESP_EFUSE_RD_DIS_SYS_DATA_PART2, 1);
}
#endif
return ESP_ERR_NOT_SUPPORTED;
}
@ -171,7 +168,6 @@ esp_err_t esp_efuse_set_key_dis_write(esp_efuse_block_t block)
return esp_efuse_write_field_bit(s_table[idx].key_wr_dis);
}
#if !CONFIG_IDF_TARGET_ESP32C2 // cause esp32c2 efuse has no purpose region
esp_efuse_purpose_t esp_efuse_get_key_purpose(esp_efuse_block_t block)
{
if (block < EFUSE_BLK_KEY0 || block >= EFUSE_BLK_KEY_MAX) {
@ -194,7 +190,6 @@ esp_err_t esp_efuse_set_key_purpose(esp_efuse_block_t block, esp_efuse_purpose_t
unsigned idx = block - EFUSE_BLK_KEY0;
return esp_efuse_write_field_blob(s_table[idx].keypurpose, &purpose, s_table[idx].keypurpose[0]->bit_count);
}
#endif //CONFIG_IDF_TARGET_ESP32C2
bool esp_efuse_get_keypurpose_dis_write(esp_efuse_block_t block)
{
@ -256,11 +251,8 @@ bool esp_efuse_key_block_unused(esp_efuse_block_t block)
return false; // Not a key block
}
if (
#if !CONFIG_IDF_TARGET_ESP32C2
esp_efuse_get_key_purpose(block) != ESP_EFUSE_KEY_PURPOSE_USER ||
if (esp_efuse_get_key_purpose(block) != ESP_EFUSE_KEY_PURPOSE_USER ||
esp_efuse_get_keypurpose_dis_write(block) ||
#endif
esp_efuse_get_key_dis_read(block) ||
esp_efuse_get_key_dis_write(block)) {
return false; // Block in use!
@ -277,15 +269,9 @@ esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpo
{
esp_err_t err = ESP_OK;
#if CONFIG_IDF_TARGET_ESP32C2
if (block != EFUSE_BLK_KEY0) {
return ESP_ERR_INVALID_ARG;
}
#else
if (block < EFUSE_BLK_KEY0 || block >= EFUSE_BLK_KEY_MAX || key_size_bytes > 32 || purpose >= ESP_EFUSE_KEY_PURPOSE_MAX) {
return ESP_ERR_INVALID_ARG;
}
#endif
esp_efuse_batch_write_begin();
@ -296,7 +282,6 @@ esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpo
ESP_EFUSE_CHK(esp_efuse_write_field_blob(s_table[idx].key, key, key_size_bytes * 8));
ESP_EFUSE_CHK(esp_efuse_set_key_dis_write(block));
#if !CONFIG_IDF_TARGET_ESP32C2
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY ||
#ifdef SOC_FLASH_ENCRYPTION_XTS_AES_256
purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_256_KEY_1 ||
@ -310,7 +295,6 @@ esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpo
}
ESP_EFUSE_CHK(esp_efuse_set_key_purpose(block, purpose));
ESP_EFUSE_CHK(esp_efuse_set_keypurpose_dis_write(block));
#endif //#if !CONFIG_IDF_TARGET_ESP32C2
return esp_efuse_batch_write_commit();
}
err_exit:

247
components/efuse/src/efuse_controller/keys/without_key_purposes/one_key_block/esp_efuse_api_key.c Normal file
View File

@ -0,0 +1,247 @@
/*
* SPDX-FileCopyrightText: 2019-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include "esp_efuse.h"
#include "esp_efuse_utility.h"
#include "soc/efuse_periph.h"
#include "assert.h"
#include "sdkconfig.h"
#include "esp_efuse_table.h"
/*
* The chip has only one eFuse key block.
* There are no eFuse key purpose fields (added only virtual key purposes to support key APIs).
* Flash Encryption key and Secure Boot key reside in one eFuse block.
* To burn the FE key and the SB key need to use the batch mode to do it at once.
*/
static esp_err_t esp_efuse_set_key_purpose(esp_efuse_block_t block, esp_efuse_purpose_t purpose);
static __attribute__((unused)) const char *TAG = "efuse";
/**
* @brief Keys and their attributes are packed into a structure
*/
typedef struct {
const esp_efuse_desc_t** key; /**< Key */
esp_efuse_purpose_t purpose; /**< purpose of block */
const esp_efuse_desc_t** key_rd_dis; /**< Read protection of a key */
const esp_efuse_desc_t** key_wr_dis; /**< Write protection of a key*/
} esp_efuse_keys_t;
const esp_efuse_keys_t s_table[EFUSE_BLK_KEY_MAX - EFUSE_BLK_KEY0] = {
{ESP_EFUSE_KEY0, ESP_EFUSE_KEY_PURPOSE_USER, ESP_EFUSE_RD_DIS_KEY0, ESP_EFUSE_WR_DIS_KEY0}, // EFUSE_BLK_KEY0
};
// Sets a write protection for the whole block.
esp_err_t esp_efuse_set_write_protect(esp_efuse_block_t blk)
{
if (blk < EFUSE_BLK_KEY0 || blk >= EFUSE_BLK_KEY_MAX) {
return ESP_ERR_NOT_SUPPORTED;
}
unsigned idx = blk - EFUSE_BLK_KEY0;
return esp_efuse_write_field_cnt(s_table[idx].key_wr_dis, s_table[idx].key_wr_dis[0]->bit_count);
}
// Sets a read protection for the whole block.
esp_err_t esp_efuse_set_read_protect(esp_efuse_block_t blk)
{
if (blk < EFUSE_BLK_KEY0 || blk >= EFUSE_BLK_KEY_MAX) {
return ESP_ERR_NOT_SUPPORTED;
}
unsigned idx = blk - EFUSE_BLK_KEY0;
return esp_efuse_write_field_cnt(s_table[idx].key_rd_dis, s_table[idx].key_rd_dis[0]->bit_count);
}
// get efuse coding_scheme.
esp_efuse_coding_scheme_t esp_efuse_get_coding_scheme(esp_efuse_block_t blk)
{
esp_efuse_coding_scheme_t scheme;
if (blk == EFUSE_BLK0) {
scheme = EFUSE_CODING_SCHEME_NONE;
} else {
scheme = EFUSE_CODING_SCHEME_RS;
}
return scheme;
}
bool esp_efuse_block_is_empty(esp_efuse_block_t block)
{
assert(block >= EFUSE_BLK_KEY0 && block < EFUSE_BLK_KEY_MAX);
const unsigned blk_len_bit = 256;
uint32_t key[8];
esp_err_t err = esp_efuse_read_block(block, &key, 0, blk_len_bit);
if (err != ESP_OK) {
return false;
}
unsigned zeros = 0;
for (unsigned i = 0; i < blk_len_bit / 32; ++i) {
if (key[i] == 0) {
++zeros;
}
}
if (zeros == blk_len_bit / 32) {
return true;
}
return false;
}
bool esp_efuse_get_key_dis_read(esp_efuse_block_t block)
{
assert(block >= EFUSE_BLK_KEY0 && block < EFUSE_BLK_KEY_MAX);
unsigned idx = block - EFUSE_BLK_KEY0;
if (esp_efuse_get_key_purpose(block) == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY) {
uint8_t value = 0;
esp_err_t err = esp_efuse_read_field_blob(s_table[idx].key_rd_dis, &value, s_table[idx].key_rd_dis[0]->bit_count);
assert(err == ESP_OK);
return (err == ESP_OK) && (value == ((1 << s_table[idx].key_rd_dis[0]->bit_count) - 1));
}
return esp_efuse_read_field_bit(ESP_EFUSE_RD_DIS_KEY0_LOW);
}
esp_err_t esp_efuse_set_key_dis_read(esp_efuse_block_t block)
{
if (block < EFUSE_BLK_KEY0 || block >= EFUSE_BLK_KEY_MAX) {
return ESP_ERR_INVALID_ARG;
}
if (esp_efuse_get_key_purpose(block) == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY) {
unsigned idx = block - EFUSE_BLK_KEY0;
uint8_t value = (1 << s_table[idx].key_rd_dis[0]->bit_count) - 1;
return esp_efuse_write_field_blob(s_table[idx].key_rd_dis, &value, s_table[idx].key_rd_dis[0]->bit_count);
}
return esp_efuse_write_field_bit(ESP_EFUSE_RD_DIS_KEY0_LOW);
}
bool esp_efuse_get_key_dis_write(esp_efuse_block_t block)
{
assert(block >= EFUSE_BLK_KEY0 && block < EFUSE_BLK_KEY_MAX);
unsigned idx = block - EFUSE_BLK_KEY0;
return esp_efuse_read_field_bit(s_table[idx].key_wr_dis);
}
esp_err_t esp_efuse_set_key_dis_write(esp_efuse_block_t block)
{
if (block < EFUSE_BLK_KEY0 || block >= EFUSE_BLK_KEY_MAX) {
return ESP_ERR_INVALID_ARG;
}
unsigned idx = block - EFUSE_BLK_KEY0;
return esp_efuse_write_field_bit(s_table[idx].key_wr_dis);
}
bool esp_efuse_key_block_unused(esp_efuse_block_t block)
{
if (block < EFUSE_BLK_KEY0 || block >= EFUSE_BLK_KEY_MAX) {
return false; // Not a key block
}
if (esp_efuse_get_key_dis_read(block) || esp_efuse_get_key_dis_write(block) ||
!esp_efuse_block_is_empty(block)) {
return false; // Block in use!
}
return true; // Unused
}
esp_efuse_purpose_t esp_efuse_get_key_purpose(esp_efuse_block_t block)
{
if (block < EFUSE_BLK_KEY0 || block >= EFUSE_BLK_KEY_MAX) {
return ESP_EFUSE_KEY_PURPOSE_MAX;
}
if (esp_efuse_read_field_bit(ESP_EFUSE_XTS_KEY_LENGTH_256)) {
return ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY;
}
return ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY;
}
static esp_err_t esp_efuse_set_key_purpose(esp_efuse_block_t block, esp_efuse_purpose_t purpose)
{
(void)block;
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY) {
return esp_efuse_write_field_bit(ESP_EFUSE_XTS_KEY_LENGTH_256);
}
return ESP_OK;
}
bool esp_efuse_get_keypurpose_dis_write(esp_efuse_block_t block)
{
(void)block;
return true;
}
bool esp_efuse_find_purpose(esp_efuse_purpose_t purpose, esp_efuse_block_t *block)
{
(void)purpose;
esp_efuse_block_t dummy;
if (block == NULL) {
block = &dummy;
}
*block = EFUSE_BLK_KEY0;
return true;
}
esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpose, const void *key, size_t key_size_bytes)
{
esp_err_t err = ESP_OK;
if (block < EFUSE_BLK_KEY0 || block >= EFUSE_BLK_KEY_MAX || key_size_bytes > 32 || purpose >= ESP_EFUSE_KEY_PURPOSE_MAX) {
return ESP_ERR_INVALID_ARG;
}
if ((purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2 || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY) && (key_size_bytes != 16)) {
return ESP_ERR_INVALID_ARG;
}
esp_efuse_batch_write_begin();
if (!esp_efuse_key_block_unused(block)) {
err = ESP_ERR_INVALID_STATE;
} else {
size_t offset_in_bits = (purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2) ? 16 * 8 : 0;
ESP_EFUSE_CHK(esp_efuse_write_block(block, key, offset_in_bits, key_size_bytes * 8));
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY) {
ESP_EFUSE_CHK(esp_efuse_set_key_purpose(block, purpose));
}
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY) {
ESP_EFUSE_CHK(esp_efuse_set_key_dis_read(block));
}
ESP_EFUSE_CHK(esp_efuse_set_key_dis_write(block));
return esp_efuse_batch_write_commit();
}
err_exit:
esp_efuse_batch_write_cancel();
return err;
}
esp_err_t esp_efuse_write_keys(const esp_efuse_purpose_t purposes[], uint8_t keys[][32], unsigned number_of_keys)
{
esp_err_t err = ESP_FAIL;
if (number_of_keys == 0 || number_of_keys > 2 || keys == NULL || purposes == NULL) {
return ESP_ERR_INVALID_ARG;
}
esp_efuse_purpose_t purpose = 0;
esp_efuse_batch_write_begin();
for (unsigned i_key = 0; i_key < number_of_keys; i_key++) {
purpose = purposes[i_key];
ESP_LOGI(TAG, "Writing EFUSE_BLK_KEY0 with purpose %d", purpose);
size_t key_size = (purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2 || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY) ? 16 : 32;
ESP_EFUSE_CHK(esp_efuse_write_key(EFUSE_BLK_KEY0, purpose, keys[i_key], key_size));
}
return esp_efuse_batch_write_commit();
err_exit:
ESP_LOGE(TAG, "Failed to write EFUSE_BLK_KEY0 with purpose %d. Can't continue.", purpose);
esp_efuse_batch_write_cancel();
return err;
}
esp_err_t esp_secure_boot_read_key_digests(ets_secure_boot_key_digests_t *trusted_keys)
{
if (trusted_keys == NULL) {
return ESP_FAIL;
}
trusted_keys->key_digests[0] = (const void *)(esp_efuse_utility_get_read_register_address(EFUSE_BLK_KEY0) + 16);
return ESP_OK;
}

9
components/efuse/src/esp_efuse_api_key_esp32.c → components/efuse/src/efuse_controller/keys/without_key_purposes/three_key_blocks/esp_efuse_api_key.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2019-2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2019-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -11,6 +11,13 @@
#include "sdkconfig.h"
#include "esp_efuse_table.h"
/*
* FE uses eFuse block1.
* SB uses eFuse block2.
* Block3 can be used by customer.
* There are no eFuse key purpose fields (added only virtual key purposes to support key APIs).
*/
static __attribute__((unused)) const char *TAG = "efuse";
/**

5
components/efuse/src/esp_efuse_fields.c
View File

@ -24,7 +24,7 @@ static __attribute__((unused)) const char *TAG = "efuse";
#ifdef CONFIG_BOOTLOADER_APP_SEC_VER_SIZE_EFUSE_FIELD
#define APP_SEC_VER_SIZE_EFUSE_FIELD CONFIG_BOOTLOADER_APP_SEC_VER_SIZE_EFUSE_FIELD
#else
#define APP_SEC_VER_SIZE_EFUSE_FIELD 16 // smallest possible size for all chips
#define APP_SEC_VER_SIZE_EFUSE_FIELD 4 // smallest possible size for all chips
#endif
// Reset efuse write registers
@ -33,8 +33,6 @@ void esp_efuse_reset(void)
esp_efuse_utility_reset();
}
#if !CONFIG_IDF_TARGET_ESP32C2
// IDF-3818
uint32_t esp_efuse_read_secure_version(void)
{
uint32_t secure_version = 0;
@ -85,4 +83,3 @@ esp_err_t esp_efuse_update_secure_version(uint32_t secure_version)
}
return ESP_OK;
}
#endif

16
components/efuse/test/CMakeLists.txt
View File

@ -1,6 +1,18 @@
idf_build_get_property(target IDF_TARGET)
idf_component_register(SRC_DIRS "."
PRIV_INCLUDE_DIRS "." "include" "../private_include" ../${target}/private_include
if(CONFIG_SOC_EFUSE_KEY_PURPOSE_FIELD)
set(dir "with_key_purposes")
else()
if(CONFIG_SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK)
set(dir "one_key_block")
else()
set(dir "three_key_blocks")
endif()
endif()
set(src_dirs "." "${dir}")
idf_component_register(SRC_DIRS "${src_dirs}"
PRIV_INCLUDE_DIRS "." "${dir}/include" "../private_include" "../${target}/private_include"
PRIV_REQUIRES cmock test_utils efuse bootloader_support
)

109
components/efuse/test/one_key_block/esp_efuse_test_table.c Normal file
View File

@ -0,0 +1,109 @@
/*
* SPDX-FileCopyrightText: 2017-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include "sdkconfig.h"
#include "esp_efuse.h"
#include <assert.h>
#include "esp_efuse_test_table.h"
// md5_digest_table df1ecf346aec29cf593e2f81dc4cd5e4
// This file was generated from the file esp_efuse_test_table.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_test_table.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
// To show efuse_table run the command 'show_efuse_table'.
#define MAX_BLK_LEN CONFIG_EFUSE_MAX_BLK_LEN
// The last free bit in the block is counted over the entire file.
#define LAST_FREE_BIT_BLK1 88
#define LAST_FREE_BIT_BLK2 167
#define LAST_FREE_BIT_BLK3 88
_Static_assert(LAST_FREE_BIT_BLK1 <= MAX_BLK_LEN, "The eFuse table does not match the coding scheme. Edit the table and restart the efuse_common_table or efuse_custom_table command to regenerate the new files.");
_Static_assert(LAST_FREE_BIT_BLK2 <= MAX_BLK_LEN, "The eFuse table does not match the coding scheme. Edit the table and restart the efuse_common_table or efuse_custom_table command to regenerate the new files.");
_Static_assert(LAST_FREE_BIT_BLK3 <= MAX_BLK_LEN, "The eFuse table does not match the coding scheme. Edit the table and restart the efuse_common_table or efuse_custom_table command to regenerate the new files.");
static const esp_efuse_desc_t TEST1_LEN_8[] = {
{EFUSE_BLK3, 0, 8}, // TEST field,
};
static const esp_efuse_desc_t TEST2_LEN_16[] = {
{EFUSE_BLK3, 10, 8}, // TEST field,
{EFUSE_BLK3, 80, 8}, // TEST field,
};
static const esp_efuse_desc_t TEST3_LEN_6[] = {
{EFUSE_BLK3, 22, 6}, // TEST field,
};
static const esp_efuse_desc_t TEST4_LEN_182[] = {
{EFUSE_BLK1, 22, 49}, // TEST field,
{EFUSE_BLK2, 128, 39}, // TEST field,
{EFUSE_BLK1, 71, 17}, // TEST field,
{EFUSE_BLK1, 19, 1}, // TEST field,
{EFUSE_BLK1, 0, 16}, // TEST field,
{EFUSE_BLK2, 0, 17}, // TEST field,
{EFUSE_BLK2, 60, 43}, // TEST field,
};
static const esp_efuse_desc_t TEST5_LEN_1[] = {
{EFUSE_BLK1, 16, 1}, // TEST field,
};
static const esp_efuse_desc_t TEST6_LEN_17[] = {
{EFUSE_BLK1, 17, 1}, // TEST field,
{EFUSE_BLK2, 17, 2}, // TEST field,
{EFUSE_BLK3, 29, 4}, // TEST field,
{EFUSE_BLK2, 31, 3}, // TEST field,
{EFUSE_BLK3, 60, 6}, // TEST field,
{EFUSE_BLK2, 127, 1}, // TEST field,
};
const esp_efuse_desc_t* ESP_EFUSE_TEST1_LEN_8[] = {
&TEST1_LEN_8[0], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST2_LEN_16[] = {
&TEST2_LEN_16[0], // TEST field
&TEST2_LEN_16[1], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST3_LEN_6[] = {
&TEST3_LEN_6[0], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST4_LEN_182[] = {
&TEST4_LEN_182[0], // TEST field
&TEST4_LEN_182[1], // TEST field
&TEST4_LEN_182[2], // TEST field
&TEST4_LEN_182[3], // TEST field
&TEST4_LEN_182[4], // TEST field
&TEST4_LEN_182[5], // TEST field
&TEST4_LEN_182[6], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST5_LEN_1[] = {
&TEST5_LEN_1[0], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST6_LEN_17[] = {
&TEST6_LEN_17[0], // TEST field
&TEST6_LEN_17[1], // TEST field
&TEST6_LEN_17[2], // TEST field
&TEST6_LEN_17[3], // TEST field
&TEST6_LEN_17[4], // TEST field
&TEST6_LEN_17[5], // TEST field
NULL
};

34
components/efuse/test/one_key_block/esp_efuse_test_table.csv Normal file
View File

@ -0,0 +1,34 @@
# field_name, | efuse_block, | bit_start, | bit_count, |comment #
# | (EFUSE_BLK0 | (0..255) | (1..256) | #
# | EFUSE_BLK1 | | | #
# | EFUSE_BLK2 | | | #
# | EFUSE_BLK3) | | | #
##########################################################################
# To generate a new source files. Run two commands:
# cd ~/esp/esp-idf/components/efuse/
# ./efuse_table_gen.py test/esp_efuse_test_table.csv
TEST1_LEN_8, EFUSE_BLK3, 0, 8, TEST field
TEST2_LEN_16, EFUSE_BLK3, 10, 8, TEST field
, EFUSE_BLK3, 80, 8, TEST field
TEST3_LEN_6, EFUSE_BLK3, 22, 6, TEST field
TEST4_LEN_182, EFUSE_BLK1, 22, 49, TEST field
, EFUSE_BLK2, 128, 39, TEST field
, EFUSE_BLK1, 71, 17, TEST field
, EFUSE_BLK1, 19, 1, TEST field
, EFUSE_BLK1, 0, 16, TEST field
, EFUSE_BLK2, 0, 17, TEST field
, EFUSE_BLK2, 60, 43, TEST field
TEST5_LEN_1, EFUSE_BLK1, 16, 1, TEST field
TEST6_LEN_17, EFUSE_BLK1, 17, 1, TEST field
, EFUSE_BLK2, 17, 2, TEST field
, EFUSE_BLK3, 29, 4, TEST field
, EFUSE_BLK2, 31, 3, TEST field
, EFUSE_BLK3, 60, 6, TEST field
, EFUSE_BLK2, 127, 1, TEST field
1 # field_name, | efuse_block, | bit_start, | bit_count, |comment #
2 # | (EFUSE_BLK0 | (0..255) | (1..256) | #
3 # | EFUSE_BLK1 | | | #
4 # | EFUSE_BLK2 | | | #
5 # | EFUSE_BLK3) | | | #
6 ##########################################################################
7 # To generate a new source files. Run two commands:
8 # cd ~/esp/esp-idf/components/efuse/
9 # ./efuse_table_gen.py test/esp_efuse_test_table.csv
10 TEST1_LEN_8, EFUSE_BLK3, 0, 8, TEST field
11 TEST2_LEN_16, EFUSE_BLK3, 10, 8, TEST field
12 , EFUSE_BLK3, 80, 8, TEST field
13 TEST3_LEN_6, EFUSE_BLK3, 22, 6, TEST field
14 TEST4_LEN_182, EFUSE_BLK1, 22, 49, TEST field
15 , EFUSE_BLK2, 128, 39, TEST field
16 , EFUSE_BLK1, 71, 17, TEST field
17 , EFUSE_BLK1, 19, 1, TEST field
18 , EFUSE_BLK1, 0, 16, TEST field
19 , EFUSE_BLK2, 0, 17, TEST field
20 , EFUSE_BLK2, 60, 43, TEST field
21 TEST5_LEN_1, EFUSE_BLK1, 16, 1, TEST field
22 TEST6_LEN_17, EFUSE_BLK1, 17, 1, TEST field
23 , EFUSE_BLK2, 17, 2, TEST field
24 , EFUSE_BLK3, 29, 4, TEST field
25 , EFUSE_BLK2, 31, 3, TEST field
26 , EFUSE_BLK3, 60, 6, TEST field
27 , EFUSE_BLK2, 127, 1, TEST field

28
components/efuse/test/one_key_block/include/esp_efuse_test_table.h Normal file
View File

@ -0,0 +1,28 @@
/*
* SPDX-FileCopyrightText: 2017-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#ifdef __cplusplus
extern "C" {
#endif
// md5_digest_table df1ecf346aec29cf593e2f81dc4cd5e4
// This file was generated from the file esp_efuse_test_table.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_test_table.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
// To show efuse_table run the command 'show_efuse_table'.
extern const esp_efuse_desc_t* ESP_EFUSE_TEST1_LEN_8[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST2_LEN_16[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST3_LEN_6[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST4_LEN_182[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST5_LEN_1[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST6_LEN_17[];
#ifdef __cplusplus
}
#endif

154
components/efuse/test/one_key_block/test_efuse.c Normal file
View File

@ -0,0 +1,154 @@
/*
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <stdio.h>
#include <ctype.h>
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include "unity.h"
#include "esp_log.h"
#include <string.h>
#include "esp_efuse.h"
#include "esp_efuse_table.h"
#include "esp_efuse_utility.h"
#include "esp_efuse_test_table.h"
#include "bootloader_random.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/semphr.h"
#include "test_utils.h"
#include "sdkconfig.h"
#include "esp_rom_efuse.h"
#include "bootloader_common.h"
__attribute__((unused)) static const char* TAG = "efuse_test";
#ifdef CONFIG_EFUSE_VIRTUAL
TEST_CASE("Test a write protection", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_ERR(ESP_ERR_NOT_SUPPORTED, esp_efuse_set_write_protect(EFUSE_BLK0));
TEST_ESP_ERR(ESP_ERR_NOT_SUPPORTED, esp_efuse_set_read_protect(EFUSE_BLK0));
size_t out_cnt;
esp_efuse_read_field_cnt(ESP_EFUSE_WR_DIS, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
TEST_ESP_OK(esp_efuse_set_write_protect(EFUSE_BLK_KEY0));
esp_efuse_read_field_cnt(ESP_EFUSE_WR_DIS, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
TEST_ESP_ERR(ESP_ERR_EFUSE_CNT_IS_FULL, esp_efuse_set_write_protect(EFUSE_BLK_KEY0));
esp_efuse_utility_debug_dump_blocks();
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
}
TEST_CASE("Test a read protection", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_OK(esp_efuse_write_field_bit(ESP_EFUSE_XTS_KEY_LENGTH_256));
size_t out_cnt;
esp_efuse_read_field_cnt(ESP_EFUSE_RD_DIS, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
TEST_ESP_OK(esp_efuse_set_read_protect(EFUSE_BLK_KEY0));
esp_efuse_read_field_cnt(ESP_EFUSE_RD_DIS, &out_cnt);
TEST_ASSERT_EQUAL_INT(2, out_cnt);
esp_efuse_utility_debug_dump_blocks();
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
}
TEST_CASE("Test a key read protection 1", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
size_t out_cnt;
esp_efuse_read_field_cnt(ESP_EFUSE_RD_DIS, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
TEST_ASSERT_FALSE(esp_efuse_get_key_dis_read(EFUSE_BLK_KEY0));
TEST_ESP_OK(esp_efuse_set_key_dis_read(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_get_key_dis_read(EFUSE_BLK_KEY0));
esp_efuse_read_field_cnt(ESP_EFUSE_RD_DIS, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
esp_efuse_utility_debug_dump_blocks();
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
}
TEST_CASE("Test a key read protection 2", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_OK(esp_efuse_write_field_bit(ESP_EFUSE_XTS_KEY_LENGTH_256));
size_t out_cnt;
esp_efuse_read_field_cnt(ESP_EFUSE_RD_DIS, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
TEST_ASSERT_FALSE(esp_efuse_get_key_dis_read(EFUSE_BLK_KEY0));
TEST_ESP_OK(esp_efuse_set_key_dis_read(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_get_key_dis_read(EFUSE_BLK_KEY0));
esp_efuse_read_field_cnt(ESP_EFUSE_RD_DIS, &out_cnt);
TEST_ASSERT_EQUAL_INT(2, out_cnt);
esp_efuse_utility_debug_dump_blocks();
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
}
#endif // CONFIG_EFUSE_VIRTUAL
#ifdef CONFIG_IDF_ENV_FPGA
TEST_CASE("Test a real write (FPGA)2", "[efuse]")
{
esp_efuse_utility_debug_dump_blocks();
ESP_LOGI(TAG, "1. Write KEY3");
uint8_t key[32] = {0};
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY0, &key, 256));
for (int i = 0; i < sizeof(key); ++i) {
TEST_ASSERT_EQUAL_INT(0, key[i]);
}
uint8_t new_key[32] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 12, 12, 14, 15, 16, 17, 18, 19,
20, 21, 22, 22, 24, 25, 26, 27, 28, 29,
30, 31};
TEST_ESP_OK(esp_efuse_write_field_blob(ESP_EFUSE_KEY0, &new_key, 256));
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY0, &key, 256));
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
esp_efuse_utility_debug_dump_blocks();
ESP_LOGI(TAG, "2. Set a read protection for KEY0");
TEST_ESP_OK(esp_efuse_set_read_protect(EFUSE_BLK_KEY0));
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY0, &key, 256));
#ifndef CONFIG_EFUSE_VIRTUAL
TEST_ASSERT_EACH_EQUAL_HEX8(0, key, sizeof(key));
#else
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
#endif // CONFIG_EFUSE_VIRTUAL
esp_efuse_utility_debug_dump_blocks();
}
#endif // CONFIG_IDF_ENV_FPGA

292
components/efuse/test/one_key_block/test_efuse_keys.c Normal file
View File

@ -0,0 +1,292 @@
/*
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <stdio.h>
#include <ctype.h>
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include "unity.h"
#include "test_utils.h"
#include "esp_log.h"
#include "esp_efuse.h"
#include "esp_efuse_table.h"
#include "esp_efuse_utility.h"
#include "sdkconfig.h"
__attribute__((unused)) static const char* TAG = "efuse_key_test";
#ifdef CONFIG_EFUSE_VIRTUAL
TEST_CASE("Test keys and purposes, rd, wr, wr_key_purposes are in the initial state", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_update_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
for (esp_efuse_block_t num_key = EFUSE_BLK_KEY0; num_key < EFUSE_BLK_KEY_MAX; ++num_key) {
printf("EFUSE_BLK_KEY%d, RD, WR, PURPOSE_USER, PURPOSE_USER WR ... \n", num_key - EFUSE_BLK_KEY0);
uint8_t key[32] = { 0xEE };
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY0, &key, sizeof(key) * 8));
TEST_ASSERT_EACH_EQUAL_HEX8(0, key, sizeof(key));
TEST_ASSERT_FALSE(esp_efuse_get_key_dis_read(num_key));
TEST_ASSERT_FALSE(esp_efuse_get_key_dis_write(num_key));
TEST_ASSERT_EQUAL(ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, esp_efuse_get_key_purpose(num_key));
esp_efuse_block_t key_block = EFUSE_BLK_MAX;
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_USER, NULL));
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_USER, &key_block));
TEST_ASSERT_EQUAL(EFUSE_BLK_KEY0, key_block);
printf("EFUSE_BLK_KEY%d, RD, WR, PURPOSE_USER, PURPOSE_USER WR ... OK\n", num_key - EFUSE_BLK_KEY0);
}
}
#endif // CONFIG_EFUSE_VIRTUAL
// If using efuse is real, then turn off writing tests.
#if CONFIG_EFUSE_VIRTUAL || CONFIG_IDF_ENV_FPGA
static esp_err_t s_check_key(esp_efuse_block_t num_key, void* wr_key, esp_efuse_purpose_t purpose)
{
size_t offset_in_bits = 0;
uint8_t key_size = 32;
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY || purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2) {
key_size = 16;
}
if (purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2) {
offset_in_bits = 16 * 8;
}
uint8_t rd_key[32] = { 0xEE };
TEST_ESP_OK(esp_efuse_read_block(EFUSE_BLK_KEY0, &rd_key, offset_in_bits, key_size * 8));
#ifndef CONFIG_IDF_ENV_FPGA
TEST_ASSERT_EQUAL_HEX8_ARRAY(wr_key, rd_key, key_size);
#endif // not CONFIG_IDF_ENV_FPGA
TEST_ASSERT_TRUE(esp_efuse_get_key_dis_write(num_key));
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY) {
TEST_ASSERT_TRUE(esp_efuse_get_key_dis_read(num_key));
#if CONFIG_IDF_ENV_FPGA && !CONFIG_EFUSE_VIRTUAL
TEST_ASSERT_EACH_EQUAL_HEX8(0, rd_key, key_size);
#endif // CONFIG_IDF_ENV_FPGA && ! CONFIG_EFUSE_VIRTUAL
} else {
TEST_ASSERT_EQUAL_HEX8_ARRAY(wr_key, rd_key, key_size);
}
return ESP_OK;
}
void test_write_key(esp_efuse_block_t num_key, esp_efuse_purpose_t purpose) {
int id = num_key - EFUSE_BLK_KEY0;
printf("EFUSE_BLK_KEY%d, purpose=%d ... \n", id, purpose);
uint8_t wr_key[32];
for (int i = 0; i < sizeof(wr_key); i++) {
wr_key[i] = id + 1 + i;
}
uint8_t key_size = sizeof(wr_key);
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY || purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2) {
key_size = 16;
}
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(num_key));
TEST_ESP_OK(esp_efuse_write_key(num_key, purpose, &wr_key, key_size));
TEST_ESP_ERR(ESP_ERR_INVALID_STATE, esp_efuse_write_key(num_key, purpose, &wr_key, key_size));
TEST_ESP_OK(s_check_key(num_key, wr_key, purpose));
TEST_ASSERT_FALSE(esp_efuse_key_block_unused(num_key));
printf("EFUSE_BLK_KEY%d, purpose=%d ... OK\n", id, purpose);
}
#ifndef CONFIG_IDF_ENV_FPGA
TEST_CASE("Test esp_efuse_write_key for virt mode", "[efuse]")
{
uint8_t rd_key[32] = { 0xEE };
esp_efuse_utility_reset();
esp_efuse_utility_update_virt_blocks();
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK_KEY0, ESP_EFUSE_KEY_PURPOSE_USER, &rd_key, 33));
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK3, ESP_EFUSE_KEY_PURPOSE_USER, NULL, sizeof(rd_key)));
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK0, ESP_EFUSE_KEY_PURPOSE_USER, &rd_key, sizeof(rd_key)));
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK0, ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, &rd_key, sizeof(rd_key)));
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK0, ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2, &rd_key, sizeof(rd_key)));
for (esp_efuse_purpose_t purpose = ESP_EFUSE_KEY_PURPOSE_USER; purpose < ESP_EFUSE_KEY_PURPOSE_MAX; ++purpose) {
esp_efuse_utility_reset();
esp_efuse_utility_update_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY) {
TEST_ESP_OK(esp_efuse_write_field_bit(ESP_EFUSE_XTS_KEY_LENGTH_256));
}
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
test_write_key(EFUSE_BLK_KEY0, purpose);
TEST_ASSERT_FALSE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
esp_efuse_utility_debug_dump_blocks();
}
}
#endif // not CONFIG_IDF_ENV_FPGA
TEST_CASE("Test 1 esp_efuse_write_key for FPGA", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_update_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, NULL));
test_write_key(EFUSE_BLK_KEY0, ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY);
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_FALSE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
#ifdef CONFIG_IDF_ENV_FPGA
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
#else
TEST_ASSERT_FALSE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
#endif
printf("reset efuses on the FPGA board for the next test\n");
}
TEST_CASE("Test 2 esp_efuse_write_key for FPGA", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_update_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, NULL));
test_write_key(EFUSE_BLK_KEY0, ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2);
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_FALSE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
TEST_ASSERT_FALSE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
printf("reset efuses on the FPGA board for the next test\n");
}
TEST_CASE("Test 3 esp_efuse_write_key for FPGA", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_update_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
TEST_ESP_OK(esp_efuse_write_field_bit(ESP_EFUSE_XTS_KEY_LENGTH_256));
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY, NULL));
test_write_key(EFUSE_BLK_KEY0, ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY);
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_FALSE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
#ifdef CONFIG_IDF_ENV_FPGA
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
#else
TEST_ASSERT_FALSE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
#endif
printf("reset efuses on the FPGA board for the next test\n");
}
TEST_CASE("Test esp_efuse_write_keys", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_update_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, NULL));
esp_efuse_block_t key_block = EFUSE_BLK_MAX;
enum { BLOCKS_NEEDED1 = 2 };
esp_efuse_purpose_t purpose1[BLOCKS_NEEDED1] = {
ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY,
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2,
};
uint8_t keys1[BLOCKS_NEEDED1][32] = {{0xEE}};
for (int num_key = 0; num_key < BLOCKS_NEEDED1; ++num_key) {
for (int i = 0; i < 32; ++i) {
keys1[num_key][i] = purpose1[num_key] + i + 1;
}
}
TEST_ESP_OK(esp_efuse_write_keys(purpose1, keys1, BLOCKS_NEEDED1));
TEST_ASSERT_TRUE(esp_efuse_find_purpose(purpose1[0], &key_block));
TEST_ASSERT_EQUAL(EFUSE_BLK_KEY0, key_block);
TEST_ESP_OK(s_check_key(EFUSE_BLK_KEY0, keys1[0], ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY));
TEST_ESP_OK(s_check_key(EFUSE_BLK_KEY0, keys1[1], ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2));
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_FALSE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
TEST_ASSERT_FALSE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
enum { BLOCKS_NEEDED2 = 1 };
esp_efuse_purpose_t purpose2[BLOCKS_NEEDED2] = {
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY,
};
TEST_ESP_ERR(ESP_ERR_INVALID_STATE, esp_efuse_write_keys(purpose2, keys1, BLOCKS_NEEDED2));
printf("reset efuses on the FPGA board for the next test\n");
}
TEST_CASE("Test esp_efuse_write_keys for returned errors", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_update_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
enum { BLOCKS_NEEDED = 2 };
esp_efuse_purpose_t purpose[BLOCKS_NEEDED] = {
ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY,
ESP_EFUSE_KEY_PURPOSE_MAX, // it leads ESP_ERR_INVALID_ARG in esp_efuse_write_keys
};
uint8_t keys[BLOCKS_NEEDED][32];
for (int num_key = 0; num_key < BLOCKS_NEEDED; ++num_key) {
for (int i = 0; i < 32; ++i) {
keys[num_key][i] = purpose[num_key] + i + 1;
}
}
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_keys(NULL, keys, BLOCKS_NEEDED));
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_keys(purpose, NULL, BLOCKS_NEEDED));
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_keys(purpose, keys, BLOCKS_NEEDED)); // ESP_EFUSE_KEY_PURPOSE_MAX is not a valid purpose.
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_keys(purpose, keys, 3));
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
TEST_ESP_OK(esp_efuse_write_keys(purpose, keys, 1));
esp_efuse_utility_debug_dump_blocks();
TEST_ASSERT_FALSE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
#ifdef CONFIG_IDF_ENV_FPGA
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
#else
TEST_ASSERT_FALSE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
#endif
}
#endif // CONFIG_EFUSE_VIRTUAL || CONFIG_IDF_ENV_FPGA

189
components/efuse/test/test_efuse.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -24,7 +24,12 @@
#include "esp_rom_efuse.h"
#include "bootloader_common.h"
static const char* TAG = "efuse_test";
#ifdef CONFIG_IDF_TARGET_ESP32
#define MAC_FACTORY_HAS_CRC 1
#endif
__attribute__((unused)) static const char* TAG = "efuse_test";
static void test_read_blob(void)
{
@ -39,12 +44,12 @@ static void test_read_blob(void)
TEST_ASSERT_EQUAL_INT(sizeof(mac) * 8, esp_efuse_get_field_size(ESP_EFUSE_MAC_FACTORY));
ESP_LOGI(TAG, "MAC: %02x:%02x:%02x:%02x:%02x:%02x", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
#ifdef CONFIG_IDF_TARGET_ESP32
#ifdef MAC_FACTORY_HAS_CRC
ESP_LOGI(TAG, "2. Check CRC by MAC");
uint8_t crc;
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_MAC_FACTORY_CRC, &crc, 8));
TEST_ASSERT_EQUAL_HEX8(crc, esp_rom_efuse_mac_address_crc8(mac, sizeof(mac)));
#endif // CONFIG_IDF_TARGET_ESP32
#endif
ESP_LOGI(TAG, "3. Test check args");
uint32_t test_var;
@ -588,7 +593,7 @@ TEST_CASE("Test Bits are not empty. Write operation is forbidden", "[efuse]")
uint8_t r_buff[32];
int st_offset = -1;
int num_block;
for (num_block = EFUSE_BLK1; num_block < 4; ++num_block) {
for (num_block = EFUSE_BLK_KEY0; num_block < EFUSE_BLK_KEY_MAX; ++num_block) {
memset(r_buff, 0, sizeof(r_buff));
esp_efuse_coding_scheme_t coding_scheme = esp_efuse_get_coding_scheme(num_block);
if (coding_scheme == EFUSE_CODING_SCHEME_NONE) {
@ -607,7 +612,7 @@ TEST_CASE("Test Bits are not empty. Write operation is forbidden", "[efuse]")
#else
if (coding_scheme == EFUSE_CODING_SCHEME_RS) {
printf("EFUSE_CODING_SCHEME_RS\n");
if (num_block == EFUSE_BLK1) {
if (num_block == EFUSE_BLK_KEY0) {
count_useful_reg = 6;
} else {
count_useful_reg = 8;
@ -640,7 +645,7 @@ TEST_CASE("Test Bits are not empty. Write operation is forbidden", "[efuse]")
uint8_t val = 1;
TEST_ESP_ERR(ESP_ERR_CODING, esp_efuse_write_block(num_block, &val, st_offset, 1));
} else {
printf("Test skipped. It is not applicable, the device has no written bits.");
printf("Test skipped. It is not applicable, the device has no written bits.\n");
}
}
@ -722,71 +727,6 @@ TEST_CASE("Batch mode is thread-safe", "[efuse]")
}
#endif // #ifndef CONFIG_FREERTOS_UNICORE
static void test_wp(esp_efuse_block_t blk, const esp_efuse_desc_t* field[])
{
size_t out_cnt;
TEST_ESP_OK(esp_efuse_set_write_protect(blk));
esp_efuse_read_field_cnt(field, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
}
static void test_rp(esp_efuse_block_t blk, const esp_efuse_desc_t* field[], bool read_first)
{
size_t out_cnt;
if (read_first) {
esp_efuse_read_field_cnt(field, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
}
TEST_ESP_OK(esp_efuse_set_read_protect(blk));
esp_efuse_read_field_cnt(field, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
if (read_first) {
TEST_ESP_ERR(ESP_ERR_EFUSE_CNT_IS_FULL, esp_efuse_set_read_protect(blk));
}
}
TEST_CASE("Test a write/read protection", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_ERR(ESP_ERR_NOT_SUPPORTED, esp_efuse_set_write_protect(EFUSE_BLK0));
TEST_ESP_ERR(ESP_ERR_NOT_SUPPORTED, esp_efuse_set_read_protect(EFUSE_BLK0));
size_t out_cnt;
esp_efuse_read_field_cnt(ESP_EFUSE_WR_DIS_BLK1, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
TEST_ESP_OK(esp_efuse_set_write_protect(EFUSE_BLK1));
esp_efuse_read_field_cnt(ESP_EFUSE_WR_DIS_BLK1, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
TEST_ESP_ERR(ESP_ERR_EFUSE_CNT_IS_FULL, esp_efuse_set_write_protect(EFUSE_BLK1));
#ifdef CONFIG_IDF_TARGET_ESP32
test_wp(EFUSE_BLK2, ESP_EFUSE_WR_DIS_BLK2);
test_wp(EFUSE_BLK3, ESP_EFUSE_WR_DIS_BLK3);
esp_efuse_utility_debug_dump_blocks();
test_rp(EFUSE_BLK1, ESP_EFUSE_RD_DIS_BLK1, true);
test_rp(EFUSE_BLK2, ESP_EFUSE_RD_DIS_BLK2, false);
test_rp(EFUSE_BLK3, ESP_EFUSE_RD_DIS_BLK3, false);
#else
test_wp(EFUSE_BLK2, ESP_EFUSE_WR_DIS_SYS_DATA_PART1);
test_wp(EFUSE_BLK3, ESP_EFUSE_WR_DIS_USER_DATA);
esp_efuse_utility_debug_dump_blocks();
test_rp(EFUSE_BLK4, ESP_EFUSE_RD_DIS_KEY0, true);
test_rp(EFUSE_BLK5, ESP_EFUSE_RD_DIS_KEY1, false);
test_rp(EFUSE_BLK6, ESP_EFUSE_RD_DIS_KEY2, false);
#endif
esp_efuse_utility_debug_dump_blocks();
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
}
static volatile bool cmd_stop_reset_task1;
static void efuse_burn_task(void* arg)
@ -904,32 +844,7 @@ TEST_CASE("Test a real write (FPGA)", "[efuse]")
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_mac, mac, sizeof(new_mac));
esp_efuse_utility_debug_dump_blocks();
}
#ifndef CONFIG_IDF_TARGET_ESP32
ESP_LOGI(TAG, "2. Write KEY3");
uint8_t key[32] = {0};
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY3, &key, 256));
for (int i = 0; i < sizeof(key); ++i) {
TEST_ASSERT_EQUAL_INT(0, key[i]);
}
uint8_t new_key[32] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 12, 12, 14, 15, 16, 17, 18, 19,
20, 21, 22, 22, 24, 25, 26, 27, 28, 29,
30, 31};
TEST_ESP_OK(esp_efuse_write_field_blob(ESP_EFUSE_KEY3, &new_key, 256));
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY3, &key, 256));
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
esp_efuse_utility_debug_dump_blocks();
ESP_LOGI(TAG, "3. Set a read protection for KEY3");
TEST_ESP_OK(esp_efuse_set_read_protect(EFUSE_BLK7));
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY3, &key, 256));
#ifndef CONFIG_EFUSE_VIRTUAL
TEST_ASSERT_EACH_EQUAL_HEX8(0, key, sizeof(key));
#else
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
#endif // CONFIG_EFUSE_VIRTUAL
esp_efuse_utility_debug_dump_blocks();
#endif // not CONFIG_IDF_TARGET_ESP32
ESP_LOGI(TAG, "4. Write SECURE_VERSION");
int max_bits = esp_efuse_get_field_size(ESP_EFUSE_SECURE_VERSION);
size_t read_sec_version;
@ -955,83 +870,3 @@ TEST_CASE("Test chip_revision APIs return the same value", "[efuse]")
esp_efuse_utility_update_virt_blocks();
TEST_ASSERT_EQUAL_INT(esp_efuse_get_chip_ver(), bootloader_common_get_chip_revision());
}
#ifndef CONFIG_IDF_TARGET_ESP32
#if CONFIG_IDF_ENV_FPGA || CONFIG_EFUSE_VIRTUAL
TEST_CASE("Test writing order is BLK_MAX->BLK0", "[efuse]")
{
uint8_t new_key[32] = {33, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 12, 12, 14, 15, 16, 17, 18, 19,
20, 21, 22, 22, 24, 25, 26, 27, 28, 29,
30, 31};
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_write_field_blob(ESP_EFUSE_KEY4, &new_key, 256));
// If the order of writing blocks is wrong (ex. BLK0 -> BLK_MAX)
// then the write protection bit will be set early and the key was left un-updated.
TEST_ESP_OK(esp_efuse_set_write_protect(EFUSE_BLK_KEY4));
TEST_ESP_OK(esp_efuse_batch_write_commit());
esp_efuse_utility_debug_dump_blocks();
uint8_t key[32] = { 0xEE };
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY4, &key, 256));
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
}
TEST_CASE("Test reading inside of batch mode in a nested way", "[efuse]")
{
uint8_t new_key[32] = {44, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 12, 12, 14, 15, 16, 17, 18, 19,
20, 21, 22, 22, 24, 25, 26, 27, 28, 29,
30, 31};
uint8_t key[32] = { 0xEE };
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY5, &key, 256));
TEST_ASSERT_EACH_EQUAL_HEX8(0, key, sizeof(key));
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_write_field_blob(ESP_EFUSE_KEY5, &new_key, 256));
TEST_ESP_OK(esp_efuse_set_write_protect(EFUSE_BLK_KEY5));
ESP_LOGI(TAG, "Reading inside Batch mode, the key was not burn yet and it is empty");
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY5, &key, 256));
TEST_ASSERT_EACH_EQUAL_HEX8(0, key, sizeof(key));
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
ESP_LOGI(TAG, "Reading inside Batch mode, the key is already set");
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY5, &key, 256));
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
esp_efuse_utility_debug_dump_blocks();
ESP_LOGI(TAG, "Reading inside Batch mode, the key is already set");
TEST_ESP_ERR(ESP_ERR_INVALID_STATE, esp_efuse_batch_write_commit());
TEST_ESP_ERR(ESP_ERR_INVALID_STATE, esp_efuse_batch_write_cancel());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_write_field_blob(ESP_EFUSE_KEY2, &new_key, 256));
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY2, &key, 256));
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
esp_efuse_utility_debug_dump_blocks();
}
#endif // CONFIG_IDF_ENV_FPGA || CONFIG_EFUSE_VIRTUAL
#endif // not CONFIG_IDF_TARGET_ESP32

2
components/efuse/test/esp_efuse_test_table.c → components/efuse/test/three_key_blocks/esp_efuse_test_table.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2017-2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2017-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/

0
components/efuse/test/esp_efuse_test_table.csv → components/efuse/test/three_key_blocks/esp_efuse_test_table.csv
View File

2
components/efuse/test/include/esp_efuse_test_table.h → components/efuse/test/three_key_blocks/include/esp_efuse_test_table.h
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2017-2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2017-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/

86
components/efuse/test/three_key_blocks/test_efuse.c Normal file
View File

@ -0,0 +1,86 @@
/*
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <stdio.h>
#include <ctype.h>
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include "unity.h"
#include "esp_log.h"
#include <string.h>
#include "esp_efuse.h"
#include "esp_efuse_table.h"
#include "esp_efuse_utility.h"
#include "esp_efuse_test_table.h"
#include "bootloader_random.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/semphr.h"
#include "test_utils.h"
#include "sdkconfig.h"
#include "esp_rom_efuse.h"
#include "bootloader_common.h"
__attribute__((unused)) static const char* TAG = "efuse_test";
#ifdef CONFIG_EFUSE_VIRTUAL
static void test_wp(esp_efuse_block_t blk, const esp_efuse_desc_t* field[])
{
size_t out_cnt;
TEST_ESP_OK(esp_efuse_set_write_protect(blk));
esp_efuse_read_field_cnt(field, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
}
static void test_rp(esp_efuse_block_t blk, const esp_efuse_desc_t* field[], bool read_first)
{
size_t out_cnt;
if (read_first) {
esp_efuse_read_field_cnt(field, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
}
TEST_ESP_OK(esp_efuse_set_read_protect(blk));
esp_efuse_read_field_cnt(field, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
if (read_first) {
TEST_ESP_ERR(ESP_ERR_EFUSE_CNT_IS_FULL, esp_efuse_set_read_protect(blk));
}
}
TEST_CASE("Test a write/read protection", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_ERR(ESP_ERR_NOT_SUPPORTED, esp_efuse_set_write_protect(EFUSE_BLK0));
TEST_ESP_ERR(ESP_ERR_NOT_SUPPORTED, esp_efuse_set_read_protect(EFUSE_BLK0));
size_t out_cnt;
esp_efuse_read_field_cnt(ESP_EFUSE_WR_DIS_BLK1, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
TEST_ESP_OK(esp_efuse_set_write_protect(EFUSE_BLK1));
esp_efuse_read_field_cnt(ESP_EFUSE_WR_DIS_BLK1, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
TEST_ESP_ERR(ESP_ERR_EFUSE_CNT_IS_FULL, esp_efuse_set_write_protect(EFUSE_BLK1));
test_wp(EFUSE_BLK2, ESP_EFUSE_WR_DIS_BLK2);
test_wp(EFUSE_BLK3, ESP_EFUSE_WR_DIS_BLK3);
esp_efuse_utility_debug_dump_blocks();
test_rp(EFUSE_BLK1, ESP_EFUSE_RD_DIS_BLK1, true);
test_rp(EFUSE_BLK2, ESP_EFUSE_RD_DIS_BLK2, false);
test_rp(EFUSE_BLK3, ESP_EFUSE_RD_DIS_BLK3, false);
esp_efuse_utility_debug_dump_blocks();
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
}
#endif // #ifdef CONFIG_EFUSE_VIRTUAL

4
components/efuse/test/test_efuse_coding_scheme.c → components/efuse/test/three_key_blocks/test_efuse_coding_scheme.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -11,7 +11,6 @@
#include "unity.h"
#include "bootloader_random.h"
#ifdef CONFIG_IDF_TARGET_ESP32
typedef struct {
uint8_t unencoded[24];
uint32_t encoded[8];
@ -209,4 +208,3 @@ TEST_CASE("Test data does not match the coding scheme", "[efuse]")
esp_efuse_utility_reset();
}
#endif // CONFIG_IDF_TARGET_ESP32

107
components/efuse/test/with_key_purposes/esp_efuse_test_table.c Normal file
View File

@ -0,0 +1,107 @@
/*
* SPDX-FileCopyrightText: 2017-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include "sdkconfig.h"
#include "esp_efuse.h"
#include <assert.h>
#include "esp_efuse_test_table.h"
// md5_digest_table 7d587827a6f6134241dce7d3713b3edc
// This file was generated from the file esp_efuse_test_table.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_test_table.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
// To show efuse_table run the command 'show_efuse_table'.
#define MAX_BLK_LEN CONFIG_EFUSE_MAX_BLK_LEN
// The last free bit in the block is counted over the entire file.
#define LAST_FREE_BIT_BLK1 128
#define LAST_FREE_BIT_BLK2 128
#define LAST_FREE_BIT_BLK3 88
_Static_assert(LAST_FREE_BIT_BLK1 <= MAX_BLK_LEN, "The eFuse table does not match the coding scheme. Edit the table and restart the efuse_common_table or efuse_custom_table command to regenerate the new files.");
_Static_assert(LAST_FREE_BIT_BLK2 <= MAX_BLK_LEN, "The eFuse table does not match the coding scheme. Edit the table and restart the efuse_common_table or efuse_custom_table command to regenerate the new files.");
_Static_assert(LAST_FREE_BIT_BLK3 <= MAX_BLK_LEN, "The eFuse table does not match the coding scheme. Edit the table and restart the efuse_common_table or efuse_custom_table command to regenerate the new files.");
static const esp_efuse_desc_t TEST1_LEN_8[] = {
{EFUSE_BLK3, 0, 8}, // TEST field,
};
static const esp_efuse_desc_t TEST2_LEN_16[] = {
{EFUSE_BLK3, 10, 8}, // TEST field,
{EFUSE_BLK3, 80, 8}, // TEST field,
};
static const esp_efuse_desc_t TEST3_LEN_6[] = {
{EFUSE_BLK3, 22, 6}, // TEST field,
};
static const esp_efuse_desc_t TEST4_LEN_182[] = {
{EFUSE_BLK1, 22, 49}, // TEST field,
{EFUSE_BLK1, 89, 39}, // TEST field,
{EFUSE_BLK1, 71, 18}, // TEST field,
{EFUSE_BLK1, 0, 16}, // TEST field,
{EFUSE_BLK2, 0, 17}, // TEST field,
{EFUSE_BLK2, 60, 43}, // TEST field,
};
static const esp_efuse_desc_t TEST5_LEN_1[] = {
{EFUSE_BLK1, 16, 1}, // TEST field,
};
static const esp_efuse_desc_t TEST6_LEN_17[] = {
{EFUSE_BLK1, 17, 1}, // TEST field,
{EFUSE_BLK2, 17, 2}, // TEST field,
{EFUSE_BLK3, 29, 4}, // TEST field,
{EFUSE_BLK2, 31, 3}, // TEST field,
{EFUSE_BLK3, 60, 6}, // TEST field,
{EFUSE_BLK2, 127, 1}, // TEST field,
};
const esp_efuse_desc_t* ESP_EFUSE_TEST1_LEN_8[] = {
&TEST1_LEN_8[0], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST2_LEN_16[] = {
&TEST2_LEN_16[0], // TEST field
&TEST2_LEN_16[1], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST3_LEN_6[] = {
&TEST3_LEN_6[0], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST4_LEN_182[] = {
&TEST4_LEN_182[0], // TEST field
&TEST4_LEN_182[1], // TEST field
&TEST4_LEN_182[2], // TEST field
&TEST4_LEN_182[3], // TEST field
&TEST4_LEN_182[4], // TEST field
&TEST4_LEN_182[5], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST5_LEN_1[] = {
&TEST5_LEN_1[0], // TEST field
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_TEST6_LEN_17[] = {
&TEST6_LEN_17[0], // TEST field
&TEST6_LEN_17[1], // TEST field
&TEST6_LEN_17[2], // TEST field
&TEST6_LEN_17[3], // TEST field
&TEST6_LEN_17[4], // TEST field
&TEST6_LEN_17[5], // TEST field
NULL
};

33
components/efuse/test/with_key_purposes/esp_efuse_test_table.csv Normal file
View File

@ -0,0 +1,33 @@
# field_name, | efuse_block, | bit_start, | bit_count, |comment #
# | (EFUSE_BLK0 | (0..255) | (1..256) | #
# | EFUSE_BLK1 | | | #
# | EFUSE_BLK2 | | | #
# | EFUSE_BLK3) | | | #
##########################################################################
# To generate a new source files. Run two commands:
# cd ~/esp/esp-idf/components/efuse/
# ./efuse_table_gen.py test/esp_efuse_test_table.csv
TEST1_LEN_8, EFUSE_BLK3, 0, 8, TEST field
TEST2_LEN_16, EFUSE_BLK3, 10, 8, TEST field
, EFUSE_BLK3, 80, 8, TEST field
TEST3_LEN_6, EFUSE_BLK3, 22, 6, TEST field
TEST4_LEN_182, EFUSE_BLK1, 22, 49, TEST field
, EFUSE_BLK1, 89, 39, TEST field
, EFUSE_BLK1, 71, 18, TEST field
, EFUSE_BLK1, 0, 16, TEST field
, EFUSE_BLK2, 0, 17, TEST field
, EFUSE_BLK2, 60, 43, TEST field
TEST5_LEN_1, EFUSE_BLK1, 16, 1, TEST field
TEST6_LEN_17, EFUSE_BLK1, 17, 1, TEST field
, EFUSE_BLK2, 17, 2, TEST field
, EFUSE_BLK3, 29, 4, TEST field
, EFUSE_BLK2, 31, 3, TEST field
, EFUSE_BLK3, 60, 6, TEST field
, EFUSE_BLK2, 127, 1, TEST field
1 # field_name, | efuse_block, | bit_start, | bit_count, |comment #
2 # | (EFUSE_BLK0 | (0..255) | (1..256) | #
3 # | EFUSE_BLK1 | | | #
4 # | EFUSE_BLK2 | | | #
5 # | EFUSE_BLK3) | | | #
6 ##########################################################################
7 # To generate a new source files. Run two commands:
8 # cd ~/esp/esp-idf/components/efuse/
9 # ./efuse_table_gen.py test/esp_efuse_test_table.csv
10 TEST1_LEN_8, EFUSE_BLK3, 0, 8, TEST field
11 TEST2_LEN_16, EFUSE_BLK3, 10, 8, TEST field
12 , EFUSE_BLK3, 80, 8, TEST field
13 TEST3_LEN_6, EFUSE_BLK3, 22, 6, TEST field
14 TEST4_LEN_182, EFUSE_BLK1, 22, 49, TEST field
15 , EFUSE_BLK1, 89, 39, TEST field
16 , EFUSE_BLK1, 71, 18, TEST field
17 , EFUSE_BLK1, 0, 16, TEST field
18 , EFUSE_BLK2, 0, 17, TEST field
19 , EFUSE_BLK2, 60, 43, TEST field
20 TEST5_LEN_1, EFUSE_BLK1, 16, 1, TEST field
21 TEST6_LEN_17, EFUSE_BLK1, 17, 1, TEST field
22 , EFUSE_BLK2, 17, 2, TEST field
23 , EFUSE_BLK3, 29, 4, TEST field
24 , EFUSE_BLK2, 31, 3, TEST field
25 , EFUSE_BLK3, 60, 6, TEST field
26 , EFUSE_BLK2, 127, 1, TEST field

28
components/efuse/test/with_key_purposes/include/esp_efuse_test_table.h Normal file
View File

@ -0,0 +1,28 @@
/*
* SPDX-FileCopyrightText: 2017-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#ifdef __cplusplus
extern "C" {
#endif
// md5_digest_table 7d587827a6f6134241dce7d3713b3edc
// This file was generated from the file esp_efuse_test_table.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_test_table.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
// To show efuse_table run the command 'show_efuse_table'.
extern const esp_efuse_desc_t* ESP_EFUSE_TEST1_LEN_8[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST2_LEN_16[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST3_LEN_6[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST4_LEN_182[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST5_LEN_1[];
extern const esp_efuse_desc_t* ESP_EFUSE_TEST6_LEN_17[];
#ifdef __cplusplus
}
#endif

195
components/efuse/test/with_key_purposes/test_efuse.c Normal file
View File

@ -0,0 +1,195 @@
/*
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <stdio.h>
#include <ctype.h>
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include "unity.h"
#include "esp_log.h"
#include <string.h>
#include "esp_efuse.h"
#include "esp_efuse_table.h"
#include "esp_efuse_utility.h"
#include "esp_efuse_test_table.h"
#include "bootloader_random.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/semphr.h"
#include "test_utils.h"
#include "sdkconfig.h"
#include "esp_rom_efuse.h"
#include "bootloader_common.h"
__attribute__((unused)) static const char* TAG = "efuse_test";
#ifdef CONFIG_EFUSE_VIRTUAL
static void test_wp(esp_efuse_block_t blk, const esp_efuse_desc_t* field[])
{
size_t out_cnt;
TEST_ESP_OK(esp_efuse_set_write_protect(blk));
esp_efuse_read_field_cnt(field, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
}
static void test_rp(esp_efuse_block_t blk, const esp_efuse_desc_t* field[], bool read_first)
{
size_t out_cnt;
if (read_first) {
esp_efuse_read_field_cnt(field, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
}
TEST_ESP_OK(esp_efuse_set_read_protect(blk));
esp_efuse_read_field_cnt(field, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
if (read_first) {
TEST_ESP_ERR(ESP_ERR_EFUSE_CNT_IS_FULL, esp_efuse_set_read_protect(blk));
}
}
TEST_CASE("Test a write/read protection", "[efuse]")
{
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_ERR(ESP_ERR_NOT_SUPPORTED, esp_efuse_set_write_protect(EFUSE_BLK0));
TEST_ESP_ERR(ESP_ERR_NOT_SUPPORTED, esp_efuse_set_read_protect(EFUSE_BLK0));
size_t out_cnt;
esp_efuse_read_field_cnt(ESP_EFUSE_WR_DIS_BLK1, &out_cnt);
TEST_ASSERT_EQUAL_INT(0, out_cnt);
TEST_ESP_OK(esp_efuse_set_write_protect(EFUSE_BLK1));
esp_efuse_read_field_cnt(ESP_EFUSE_WR_DIS_BLK1, &out_cnt);
TEST_ASSERT_EQUAL_INT(1, out_cnt);
TEST_ESP_ERR(ESP_ERR_EFUSE_CNT_IS_FULL, esp_efuse_set_write_protect(EFUSE_BLK1));
test_wp(EFUSE_BLK2, ESP_EFUSE_WR_DIS_SYS_DATA_PART1);
test_wp(EFUSE_BLK3, ESP_EFUSE_WR_DIS_USER_DATA);
esp_efuse_utility_debug_dump_blocks();
test_rp(EFUSE_BLK4, ESP_EFUSE_RD_DIS_KEY0, true);
test_rp(EFUSE_BLK5, ESP_EFUSE_RD_DIS_KEY1, false);
test_rp(EFUSE_BLK6, ESP_EFUSE_RD_DIS_KEY2, false);
esp_efuse_utility_debug_dump_blocks();
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
}
#endif // CONFIG_EFUSE_VIRTUAL
#ifdef CONFIG_IDF_ENV_FPGA
TEST_CASE("Test a real write (FPGA)2", "[efuse]")
{
esp_efuse_utility_debug_dump_blocks();
ESP_LOGI(TAG, "1. Write KEY3");
uint8_t key[32] = {0};
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY3, &key, 256));
for (int i = 0; i < sizeof(key); ++i) {
TEST_ASSERT_EQUAL_INT(0, key[i]);
}
uint8_t new_key[32] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 12, 12, 14, 15, 16, 17, 18, 19,
20, 21, 22, 22, 24, 25, 26, 27, 28, 29,
30, 31};
TEST_ESP_OK(esp_efuse_write_field_blob(ESP_EFUSE_KEY3, &new_key, 256));
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY3, &key, 256));
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
esp_efuse_utility_debug_dump_blocks();
ESP_LOGI(TAG, "2. Set a read protection for KEY3");
TEST_ESP_OK(esp_efuse_set_read_protect(ESP_EFUSE_KEY3));
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY3, &key, 256));
#ifndef CONFIG_EFUSE_VIRTUAL
TEST_ASSERT_EACH_EQUAL_HEX8(0, key, sizeof(key));
#else
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
#endif // CONFIG_EFUSE_VIRTUAL
esp_efuse_utility_debug_dump_blocks();
}
#endif // CONFIG_IDF_ENV_FPGA
#if CONFIG_IDF_ENV_FPGA || CONFIG_EFUSE_VIRTUAL
TEST_CASE("Test writing order is BLK_MAX->BLK0", "[efuse]")
{
uint8_t new_key[32] = {33, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 12, 12, 14, 15, 16, 17, 18, 19,
20, 21, 22, 22, 24, 25, 26, 27, 28, 29,
30, 31};
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_write_field_blob(ESP_EFUSE_KEY4, &new_key, 256));
// If the order of writing blocks is wrong (ex. BLK0 -> BLK_MAX)
// then the write protection bit will be set early and the key was left un-updated.
TEST_ESP_OK(esp_efuse_set_write_protect(EFUSE_BLK_KEY4));
TEST_ESP_OK(esp_efuse_batch_write_commit());
esp_efuse_utility_debug_dump_blocks();
uint8_t key[32] = { 0xEE };
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY4, &key, 256));
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
}
TEST_CASE("Test reading inside of batch mode in a nested way", "[efuse]")
{
uint8_t new_key[32] = {44, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 12, 12, 14, 15, 16, 17, 18, 19,
20, 21, 22, 22, 24, 25, 26, 27, 28, 29,
30, 31};
uint8_t key[32] = { 0xEE };
esp_efuse_utility_reset();
esp_efuse_utility_erase_virt_blocks();
esp_efuse_utility_debug_dump_blocks();
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY5, &key, 256));
TEST_ASSERT_EACH_EQUAL_HEX8(0, key, sizeof(key));
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_write_field_blob(ESP_EFUSE_KEY5, &new_key, 256));
TEST_ESP_OK(esp_efuse_set_write_protect(EFUSE_BLK_KEY5));
ESP_LOGI(TAG, "Reading inside Batch mode, the key was not burn yet and it is empty");
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY5, &key, 256));
TEST_ASSERT_EACH_EQUAL_HEX8(0, key, sizeof(key));
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_batch_write_begin());
ESP_LOGI(TAG, "Reading inside Batch mode, the key is already set");
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY5, &key, 256));
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_batch_write_commit());
esp_efuse_utility_debug_dump_blocks();
ESP_LOGI(TAG, "Reading inside Batch mode, the key is already set");
TEST_ESP_ERR(ESP_ERR_INVALID_STATE, esp_efuse_batch_write_commit());
TEST_ESP_ERR(ESP_ERR_INVALID_STATE, esp_efuse_batch_write_cancel());
TEST_ESP_OK(esp_efuse_batch_write_begin());
TEST_ESP_OK(esp_efuse_write_field_blob(ESP_EFUSE_KEY2, &new_key, 256));
TEST_ESP_OK(esp_efuse_batch_write_commit());
TEST_ESP_OK(esp_efuse_read_field_blob(ESP_EFUSE_KEY2, &key, 256));
TEST_ASSERT_EQUAL_HEX8_ARRAY(new_key, key, sizeof(key));
esp_efuse_utility_debug_dump_blocks();
}
#endif // CONFIG_IDF_ENV_FPGA || CONFIG_EFUSE_VIRTUAL

12
components/efuse/test/test_efuse_keys.c → components/efuse/test/with_key_purposes/test_efuse_keys.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -17,10 +17,10 @@
#include "esp_efuse_utility.h"
#include "sdkconfig.h"
__attribute__((unused)) static const char* TAG = "efuse_test";
__attribute__((unused)) static const char* TAG = "efuse_key_test";
#ifndef CONFIG_IDF_TARGET_ESP32
#ifdef CONFIG_EFUSE_VIRTUAL
TEST_CASE("Test keys and purposes, rd, wr, wr_key_purposes are in the initial state", "[efuse]")
{
@ -47,6 +47,7 @@ TEST_CASE("Test keys and purposes, rd, wr, wr_key_purposes are in the initial st
printf("EFUSE_BLK_KEY%d, RD, WR, PURPOSE_USER, PURPOSE_USER WR ... OK\n", num_key - EFUSE_BLK_KEY0);
}
}
#endif // CONFIG_EFUSE_VIRTUAL
// If using efuse is real, then turn off writing tests.
#if CONFIG_EFUSE_VIRTUAL || CONFIG_IDF_ENV_FPGA
@ -309,6 +310,8 @@ TEST_CASE("Test esp_efuse_write_keys for returned errors", "[efuse]")
TEST_ESP_ERR(ESP_ERR_NOT_ENOUGH_UNUSED_KEY_BLOCKS, esp_efuse_write_keys(purpose, keys, unused_keys + 1));
}
#if SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY
TEST_CASE("Test revocation APIs", "[efuse]")
{
esp_efuse_utility_reset();
@ -381,7 +384,6 @@ TEST_CASE("Test set_write_protect_of_digest_revoke", "[efuse]")
TEST_ASSERT_TRUE(esp_efuse_get_digest_revoke(2));
#endif // CONFIG_IDF_ENV_FPGA && !CONFIG_EFUSE_VIRTUAL
}
#endif // SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY
#endif // CONFIG_EFUSE_VIRTUAL || CONFIG_IDF_ENV_FPGA
#endif // not CONFIG_IDF_TARGET_ESP32

12
components/soc/esp32c2/include/soc/Kconfig.soc_caps.in
View File

@ -36,10 +36,18 @@ config SOC_SUPPORTS_SECURE_DL_MODE
default y
config SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS
int
default 3
bool
default y
config SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS
bool
default n
config SOC_EFUSE_KEY_PURPOSE_FIELD
bool
default n
config SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
bool
default y

6
components/soc/esp32c2/include/soc/soc_caps.h
View File

@ -33,8 +33,10 @@
#define SOC_WIFI_SUPPORTED 0 // Enable during bringup, IDF-3905
#define SOC_ASYNC_MEMCPY_SUPPORTED 1
#define SOC_SUPPORTS_SECURE_DL_MODE 1
#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3
#define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 1
#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 1
#define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 0
#define SOC_EFUSE_KEY_PURPOSE_FIELD 0
#define SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK 1
#define SOC_RTC_FAST_MEM_SUPPORTED 0
#define SOC_RTC_SLOW_MEM_SUPPORTED 0
#define SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY 0

4
components/soc/esp32c3/include/soc/Kconfig.soc_caps.in
View File

@ -71,6 +71,10 @@ config SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS
bool
default y
config SOC_EFUSE_KEY_PURPOSE_FIELD
bool
default y
config SOC_ICACHE_ACCESS_RODATA_SUPPORTED
bool
default y

3
components/soc/esp32c3/include/soc/soc_caps.h
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -42,6 +42,7 @@
#define SOC_SUPPORTS_SECURE_DL_MODE 1
#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3
#define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 1
#define SOC_EFUSE_KEY_PURPOSE_FIELD 1
#define SOC_ICACHE_ACCESS_RODATA_SUPPORTED 1
#define SOC_RTC_FAST_MEM_SUPPORTED 1
#define SOC_RTC_SLOW_MEM_SUPPORTED 0

4
components/soc/esp32h2/include/soc/Kconfig.soc_caps.in
View File

@ -51,6 +51,10 @@ config SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS
int
default 3
config SOC_EFUSE_KEY_PURPOSE_FIELD
bool
default y
config SOC_ICACHE_ACCESS_RODATA_SUPPORTED
bool
default y

3
components/soc/esp32h2/include/soc/soc_caps.h
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -36,6 +36,7 @@
#define SOC_USB_SERIAL_JTAG_SUPPORTED 1
#define SOC_SUPPORTS_SECURE_DL_MODE 1
#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3
#define SOC_EFUSE_KEY_PURPOSE_FIELD 1
#define SOC_ICACHE_ACCESS_RODATA_SUPPORTED 1
#define SOC_TEMP_SENSOR_SUPPORTED 1
#define SOC_RTC_FAST_MEM_SUPPORTED 1

4
components/soc/esp32s2/include/soc/Kconfig.soc_caps.in
View File

@ -75,6 +75,10 @@ config SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS
bool
default y
config SOC_EFUSE_KEY_PURPOSE_FIELD
bool
default y
config SOC_ICACHE_ACCESS_RODATA_SUPPORTED
bool
default y

1
components/soc/esp32s2/include/soc/soc_caps.h
View File

@ -57,6 +57,7 @@
#define SOC_ASYNC_MEMCPY_SUPPORTED 1
#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3
#define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 1
#define SOC_EFUSE_KEY_PURPOSE_FIELD 1
#define SOC_ICACHE_ACCESS_RODATA_SUPPORTED 1
#define SOC_TEMP_SENSOR_SUPPORTED 1
#define SOC_CACHE_SUPPORT_WRAP 1

4
components/soc/esp32s3/include/soc/Kconfig.soc_caps.in
View File

@ -215,6 +215,10 @@ config SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS
bool
default y
config SOC_EFUSE_KEY_PURPOSE_FIELD
bool
default y
config SOC_SDMMC_HOST_SUPPORTED
bool
default y

1
components/soc/esp32s3/include/soc/soc_caps.h
View File

@ -47,6 +47,7 @@
#define SOC_SUPPORTS_SECURE_DL_MODE 1
#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3
#define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 1
#define SOC_EFUSE_KEY_PURPOSE_FIELD 1
#define SOC_SDMMC_HOST_SUPPORTED 1
#define SOC_FLASH_ENCRYPTION_XTS_AES 1
#define SOC_RTC_FAST_MEM_SUPPORTED 1