alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
esp-idf/components/hal/Kconfig
Aditya Patwardhan 5b6d8812d1
feat(hal): Add countermeasure for ECDSA generate signature 
The ECDSA peripheral before ECO5 of esp32h2 does not perform the ECDSA
    sign operation in constant time. This allows an attacker to read the
    power signature of the ECDSA sign operation and then calculate the
    ECDSA key stored inside the eFuse. The commit adds a countermeasure
    for this attack. In this case the real ECDSA sign operation is
    masked under dummy ECDSA sign operations to hide its real power
    signature
2024-09-23 19:28:12 +05:30

116 lines
4.5 KiB
Plaintext
Raw Blame History

menu "Hardware Abstraction Layer (HAL) and Low Level (LL)"
choice HAL_DEFAULT_ASSERTION_LEVEL
bool "Default HAL assertion level"
default HAL_ASSERTION_EQUALS_SYSTEM
help
Set the assert behavior / level for HAL component.
HAL component assert level can be set separately,
but the level can't exceed the system assertion level.
e.g. If the system assertion is disabled, then the HAL
assertion can't be enabled either. If the system assertion
is enable, then the HAL assertion can still be disabled
by this Kconfig option.
config HAL_ASSERTION_EQUALS_SYSTEM
bool "Same as system assertion level"
config HAL_ASSERTION_DISABLE
bool "Disabled"
depends on COMPILER_OPTIMIZATION_ASSERTION_LEVEL >= 0
config HAL_ASSERTION_SILENT
bool "Silent"
depends on COMPILER_OPTIMIZATION_ASSERTION_LEVEL >= 1
config HAL_ASSERTION_ENABLE
bool "Enabled"
depends on COMPILER_OPTIMIZATION_ASSERTION_LEVEL >= 2
endchoice
config HAL_DEFAULT_ASSERTION_LEVEL
int
default COMPILER_OPTIMIZATION_ASSERTION_LEVEL if HAL_ASSERTION_EQUALS_SYSTEM
default 0 if HAL_ASSERTION_DISABLE
default 1 if HAL_ASSERTION_SILENT
default 2 if HAL_ASSERTION_ENABLE
choice HAL_LOG_LEVEL
bool "HAL layer log verbosity"
default HAL_LOG_LEVEL_INFO
# If LOG component is linked, one of the following configuration symbol will be defined.
# Else, none will be defined, in that case, we need this HAL_LOG_LEVEL symbol.
depends on !LOG_DEFAULT_LEVEL_NONE && !LOG_DEFAULT_LEVEL_ERROR && !LOG_DEFAULT_LEVEL_WARN && \
!LOG_DEFAULT_LEVEL_INFO && !LOG_DEFAULT_LEVEL_DEBUG && !LOG_DEFAULT_LEVEL_VERBOSE
help
Specify how much output to see in HAL logs.
config HAL_LOG_LEVEL_NONE
bool "No output"
config HAL_LOG_LEVEL_ERROR
bool "Error"
config HAL_LOG_LEVEL_WARN
bool "Warning"
config HAL_LOG_LEVEL_INFO
bool "Info"
config HAL_LOG_LEVEL_DEBUG
bool "Debug"
config HAL_LOG_LEVEL_VERBOSE
bool "Verbose"
endchoice
config HAL_LOG_LEVEL
int
default 0 if HAL_LOG_LEVEL_NONE
default 1 if HAL_LOG_LEVEL_ERROR
default 2 if HAL_LOG_LEVEL_WARN
default 3 if HAL_LOG_LEVEL_INFO
default 4 if HAL_LOG_LEVEL_DEBUG
default 5 if HAL_LOG_LEVEL_VERBOSE
config HAL_SYSTIMER_USE_ROM_IMPL
bool "Use ROM implementation of SysTimer HAL driver"
depends on ESP_ROM_HAS_HAL_SYSTIMER
default y
help
Enable this flag to use HAL functions from ROM instead of ESP-IDF.
If keeping this as "n" in your project, you will have less free IRAM.
If making this as "y" in your project, you will increase free IRAM,
but you will lose the possibility to debug this module, and some new
features will be added and bugs will be fixed in the IDF source
but cannot be synced to ROM.
config HAL_WDT_USE_ROM_IMPL
bool "Use ROM implementation of WDT HAL driver"
depends on ESP_ROM_HAS_HAL_WDT
default y
help
Enable this flag to use HAL functions from ROM instead of ESP-IDF.
If keeping this as "n" in your project, you will have less free IRAM.
If making this as "y" in your project, you will increase free IRAM,
but you will lose the possibility to debug this module, and some new
features will be added and bugs will be fixed in the IDF source
but cannot be synced to ROM.
config HAL_SPI_MASTER_FUNC_IN_IRAM
bool
depends on SPI_MASTER_ISR_IN_IRAM
help
Enable this option to place SPI master hal layer functions into IRAM.
config HAL_SPI_SLAVE_FUNC_IN_IRAM
bool
depends on SPI_SLAVE_ISR_IN_IRAM
help
Enable this option to place SPI slave hal layer functions into IRAM.
config HAL_ECDSA_GEN_SIG_CM
bool "Enable countermeasure for ECDSA signature generation"
default n
# ToDo - IDF-11051
help
Enable this option to apply the countermeasure for ECDSA signature operation
This countermeasure masks the real ECDSA sign operation
under dummy sign operations to add randomness in the generated power signature.
endmenu
Reference in New Issue View Git Blame Copy Permalink