kopia lustrzana https://github.com/espressif/esp-idf
bootloader: Support Flash Encryption for ESP32-C2
KonstantinKondrashov
BOT
rodzic
d11af9051b
commit
505e18237a
|
|
@ -476,6 +476,11 @@ menu "Security features"
|
|||
bool
|
||||
default y if SECURE_BOOT_V2_ENABLED && SECURE_BOOT_V2_RSA_SUPPORTED
|
||||
|
||||
config SECURE_BOOT_FLASH_ENC_KEYS_BURN_TOGETHER
|
||||
bool
|
||||
default y if SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK && SECURE_BOOT && SECURE_FLASH_ENC_ENABLED
|
||||
# ESP32-C2 has one key block for SB and FE keys. These keys must be burned at the same time.
|
||||
|
||||
config SECURE_SIGNED_APPS_NO_SECURE_BOOT
|
||||
bool "Require signed app images"
|
||||
depends on !SECURE_BOOT
|
||||
|
|
@ -769,21 +774,29 @@ menu "Security features"
|
|||
choice SECURE_FLASH_ENCRYPTION_KEYSIZE
|
||||
bool "Size of generated AES-XTS key"
|
||||
default SECURE_FLASH_ENCRYPTION_AES128
|
||||
depends on SOC_FLASH_ENCRYPTION_XTS_AES_256 && SECURE_FLASH_ENC_ENABLED
|
||||
depends on SOC_FLASH_ENCRYPTION_XTS_AES_OPTIONS && SECURE_FLASH_ENC_ENABLED
|
||||
help
|
||||
Size of generated AES-XTS key.
|
||||
|
||||
AES-128 uses a 256-bit key (32 bytes) which occupies one Efuse key block.
|
||||
AES-256 uses a 512-bit key (64 bytes) which occupies two Efuse key blocks.
|
||||
- AES-128 uses a 256-bit key (32 bytes) derived from 128 bits (16 bytes) burned in half Efuse key block.
|
||||
Internally, it calculates SHA256(128 bits)
|
||||
- AES-128 uses a 256-bit key (32 bytes) which occupies one Efuse key block.
|
||||
- AES-256 uses a 512-bit key (64 bytes) which occupies two Efuse key blocks.
|
||||
|
||||
This setting is ignored if either type of key is already burned to Efuse before the first boot.
|
||||
In this case, the pre-burned key is used and no new key is generated.
|
||||
|
||||
config SECURE_FLASH_ENCRYPTION_AES128_DERIVED
|
||||
bool "AES-128 key derived from 128 bits (SHA256(128 bits))"
|
||||
depends on SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED
|
||||
|
||||
config SECURE_FLASH_ENCRYPTION_AES128
|
||||
bool "AES-128 (256-bit key)"
|
||||
depends on SOC_FLASH_ENCRYPTION_XTS_AES_128 && !(IDF_TARGET_ESP32C2 && SECURE_BOOT)
|
||||
|
||||
config SECURE_FLASH_ENCRYPTION_AES256
|
||||
bool "AES-256 (512-bit key)"
|
||||
depends on SOC_FLASH_ENCRYPTION_XTS_AES_256
|
||||
endchoice
|
||||
|
||||
choice SECURE_FLASH_ENCRYPTION_MODE
|
||||
|
|
|
|||
|
|
@ -85,6 +85,49 @@ bool esp_flash_encryption_enabled(void);
|
|||
*/
|
||||
esp_err_t esp_flash_encrypt_check_and_update(void);
|
||||
|
||||
/** @brief Returns the Flash Encryption state and prints it
|
||||
*
|
||||
* @return True - Flash Encryption is enabled
|
||||
* False - Flash Encryption is not enabled
|
||||
*/
|
||||
bool esp_flash_encrypt_state(void);
|
||||
|
||||
/** @brief Checks if the first initialization was done
|
||||
*
|
||||
* If the first initialization was done then FLASH_CRYPT_CNT != 0
|
||||
*
|
||||
* @return true - the first initialization was done
|
||||
* false - the first initialization was NOT done
|
||||
*/
|
||||
bool esp_flash_encrypt_initialized_once(void);
|
||||
|
||||
/** @brief The first initialization of Flash Encryption key and related eFuses
|
||||
*
|
||||
* @return ESP_OK if all operations succeeded
|
||||
*/
|
||||
esp_err_t esp_flash_encrypt_init(void);
|
||||
|
||||
/** @brief Encrypts flash content
|
||||
*
|
||||
* @return ESP_OK if all operations succeeded
|
||||
*/
|
||||
esp_err_t esp_flash_encrypt_contents(void);
|
||||
|
||||
/** @brief Activates Flash encryption on the chip
|
||||
*
|
||||
* It burns FLASH_CRYPT_CNT eFuse based on the CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE option.
|
||||
*
|
||||
* @return ESP_OK if all operations succeeded
|
||||
*/
|
||||
esp_err_t esp_flash_encrypt_enable(void);
|
||||
|
||||
/** @brief Returns True if the write protection of FLASH_CRYPT_CNT is set
|
||||
*
|
||||
* @param print_error Print error if it is write protected
|
||||
*
|
||||
* @return true - if FLASH_CRYPT_CNT is write protected
|
||||
*/
|
||||
bool esp_flash_encrypt_is_write_protected(bool print_error);
|
||||
|
||||
/** @brief Encrypt-in-place a block of flash sectors
|
||||
*
|
||||
|
|
|
|||
|
|
@ -577,6 +577,17 @@ static void load_image(const esp_image_metadata_t *image_data)
|
|||
esp_err_t err;
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_SECURE_BOOT_FLASH_ENC_KEYS_BURN_TOGETHER
|
||||
if (esp_secure_boot_enabled() ^ esp_flash_encrypt_initialized_once()) {
|
||||
ESP_LOGE(TAG, "Secure Boot and Flash Encryption cannot be enabled separately, only together (their keys go into one eFuse key block)");
|
||||
return;
|
||||
}
|
||||
|
||||
if (!esp_secure_boot_enabled() || !esp_flash_encryption_enabled()) {
|
||||
esp_efuse_batch_write_begin();
|
||||
}
|
||||
#endif // CONFIG_SECURE_BOOT_FLASH_ENC_KEYS_BURN_TOGETHER
|
||||
|
||||
#ifdef CONFIG_SECURE_BOOT_V2_ENABLED
|
||||
err = esp_secure_boot_v2_permanently_enable(image_data);
|
||||
if (err != ESP_OK) {
|
||||
|
|
@ -604,13 +615,50 @@ static void load_image(const esp_image_metadata_t *image_data)
|
|||
* 5) Burn EFUSE to enable flash encryption
|
||||
*/
|
||||
ESP_LOGI(TAG, "Checking flash encryption...");
|
||||
bool flash_encryption_enabled = esp_flash_encryption_enabled();
|
||||
err = esp_flash_encrypt_check_and_update();
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGE(TAG, "Flash encryption check failed (%d).", err);
|
||||
bool flash_encryption_enabled = esp_flash_encrypt_state();
|
||||
if (!flash_encryption_enabled) {
|
||||
#ifdef CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED
|
||||
ESP_LOGE(TAG, "flash encryption is not enabled, and SECURE_FLASH_REQUIRE_ALREADY_ENABLED is set, refusing to boot.");
|
||||
return;
|
||||
#endif // CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED
|
||||
|
||||
if (esp_flash_encrypt_is_write_protected(true)) {
|
||||
return;
|
||||
}
|
||||
|
||||
err = esp_flash_encrypt_init();
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGE(TAG, "Initialization of Flash Encryption key failed (%d)", err);
|
||||
return;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_SECURE_BOOT_FLASH_ENC_KEYS_BURN_TOGETHER
|
||||
if (!esp_secure_boot_enabled() || !flash_encryption_enabled) {
|
||||
err = esp_efuse_batch_write_commit();
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGE(TAG, "Error programming eFuses (err=0x%x).", err);
|
||||
return;
|
||||
}
|
||||
assert(esp_secure_boot_enabled());
|
||||
ESP_LOGI(TAG, "Secure boot permanently enabled");
|
||||
}
|
||||
#endif // CONFIG_SECURE_BOOT_FLASH_ENC_KEYS_BURN_TOGETHER
|
||||
|
||||
if (!flash_encryption_enabled) {
|
||||
err = esp_flash_encrypt_contents();
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGE(TAG, "Encryption flash contents failed (%d)", err);
|
||||
return;
|
||||
}
|
||||
|
||||
err = esp_flash_encrypt_enable();
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGE(TAG, "Enabling of Flash encryption failed (%d)", err);
|
||||
return;
|
||||
}
|
||||
}
|
||||
#endif // CONFIG_SECURE_FLASH_ENC_ENABLED
|
||||
|
||||
#ifdef CONFIG_SECURE_BOOT_V1_ENABLED
|
||||
/* Step 6 (see above for full description):
|
||||
|
|
|
|||
|
|
@ -23,7 +23,12 @@ esp_err_t esp_flash_encryption_enable_secure_features(void)
|
|||
ESP_LOGW(TAG, "Not disabling UART bootloader encryption");
|
||||
#endif
|
||||
|
||||
#ifndef CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE
|
||||
ESP_LOGI(TAG, "Disable UART bootloader cache...");
|
||||
esp_efuse_write_field_bit(ESP_EFUSE_DIS_DOWNLOAD_ICACHE);
|
||||
#else
|
||||
ESP_LOGW(TAG, "Not disabling UART bootloader cache - SECURITY COMPROMISED");
|
||||
#endif
|
||||
|
||||
#ifndef CONFIG_SECURE_BOOT_ALLOW_JTAG
|
||||
ESP_LOGI(TAG, "Disable JTAG...");
|
||||
|
|
|
|||
|
|
@ -47,10 +47,10 @@ void esp_flash_encryption_init_checks()
|
|||
if (flash_crypt_cnt == (1<<(CRYPT_CNT[0]->bit_count))-1) {
|
||||
// If encryption counter is already max, no need to write protect it
|
||||
// (this distinction is important on ESP32 ECO3 where write-procted FLASH_CRYPT_CNT also write-protects UART_DL_DIS)
|
||||
return;
|
||||
} else {
|
||||
ESP_LOGE(TAG, "Flash encryption & Secure Boot together requires FLASH_CRYPT_CNT efuse to be write protected. Fixing now...");
|
||||
esp_flash_write_protect_crypt_cnt();
|
||||
}
|
||||
ESP_LOGE(TAG, "Flash encryption & Secure Boot together requires FLASH_CRYPT_CNT efuse to be write protected. Fixing now...");
|
||||
esp_flash_write_protect_crypt_cnt();
|
||||
}
|
||||
}
|
||||
#endif // CONFIG_SECURE_BOOT
|
||||
|
|
@ -110,17 +110,6 @@ void esp_flash_write_protect_crypt_cnt(void)
|
|||
esp_flash_enc_mode_t esp_get_flash_encryption_mode(void)
|
||||
{
|
||||
bool flash_crypt_cnt_wr_dis = false;
|
||||
#if CONFIG_IDF_TARGET_ESP32
|
||||
uint8_t dis_dl_enc = 0, dis_dl_dec = 0, dis_dl_cache = 0;
|
||||
#elif CONFIG_IDF_TARGET_ESP32S2 || CONFIG_IDF_TARGET_ESP32S3
|
||||
uint8_t dis_dl_enc = 0;
|
||||
uint8_t dis_dl_icache = 0;
|
||||
uint8_t dis_dl_dcache = 0;
|
||||
#elif CONFIG_IDF_TARGET_ESP32C3 || CONFIG_IDF_TARGET_ESP32H2
|
||||
uint8_t dis_dl_enc = 0;
|
||||
uint8_t dis_dl_icache = 0;
|
||||
#endif
|
||||
|
||||
esp_flash_enc_mode_t mode = ESP_FLASH_ENC_MODE_DEVELOPMENT;
|
||||
|
||||
if (esp_flash_encryption_enabled()) {
|
||||
|
|
@ -138,27 +127,32 @@ esp_flash_enc_mode_t esp_get_flash_encryption_mode(void)
|
|||
if (flash_crypt_cnt_wr_dis) {
|
||||
|
||||
#if CONFIG_IDF_TARGET_ESP32
|
||||
dis_dl_cache = esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_DL_CACHE);
|
||||
dis_dl_enc = esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_DL_ENCRYPT);
|
||||
dis_dl_dec = esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_DL_DECRYPT);
|
||||
bool dis_dl_cache = esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_DL_CACHE);
|
||||
bool dis_dl_enc = esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_DL_ENCRYPT);
|
||||
bool dis_dl_dec = esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_DL_DECRYPT);
|
||||
/* Check if DISABLE_DL_DECRYPT, DISABLE_DL_ENCRYPT & DISABLE_DL_CACHE are set */
|
||||
if ( dis_dl_cache && dis_dl_enc && dis_dl_dec ) {
|
||||
mode = ESP_FLASH_ENC_MODE_RELEASE;
|
||||
}
|
||||
#elif CONFIG_IDF_TARGET_ESP32S2 || CONFIG_IDF_TARGET_ESP32S3
|
||||
dis_dl_enc = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT);
|
||||
dis_dl_icache = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_ICACHE);
|
||||
dis_dl_dcache = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_DCACHE);
|
||||
bool dis_dl_enc = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT);
|
||||
bool dis_dl_icache = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_ICACHE);
|
||||
bool dis_dl_dcache = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_DCACHE);
|
||||
|
||||
if (dis_dl_enc && dis_dl_icache && dis_dl_dcache) {
|
||||
mode = ESP_FLASH_ENC_MODE_RELEASE;
|
||||
}
|
||||
#elif CONFIG_IDF_TARGET_ESP32C3 || CONFIG_IDF_TARGET_ESP32H2
|
||||
dis_dl_enc = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT);
|
||||
dis_dl_icache = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_ICACHE);
|
||||
|
||||
#elif CONFIG_IDF_TARGET_ESP32C2 || CONFIG_IDF_TARGET_ESP32C3 || CONFIG_IDF_TARGET_ESP32H2
|
||||
bool dis_dl_enc = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT);
|
||||
bool dis_dl_icache = esp_efuse_read_field_bit(ESP_EFUSE_DIS_DOWNLOAD_ICACHE);
|
||||
if (dis_dl_enc && dis_dl_icache) {
|
||||
mode = ESP_FLASH_ENC_MODE_RELEASE;
|
||||
#ifdef CONFIG_SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED
|
||||
// This chip supports two types of key: AES128_DERIVED and AES128.
|
||||
// To be in RELEASE mode, it is important for the AES128_DERIVED key that XTS_KEY_LENGTH_256 be write-protected.
|
||||
bool xts_key_len_256_wr_dis = esp_efuse_read_field_bit(WR_DIS_CRYPT_CNT);
|
||||
mode = (xts_key_len_256_wr_dis) ? ESP_FLASH_ENC_MODE_RELEASE : ESP_FLASH_ENC_MODE_DEVELOPMENT;
|
||||
#endif // CONFIG_SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
|
@ -197,9 +191,15 @@ void esp_flash_encryption_set_release_mode(void)
|
|||
esp_efuse_write_field_bit(ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT);
|
||||
esp_efuse_write_field_bit(ESP_EFUSE_DIS_DOWNLOAD_ICACHE);
|
||||
esp_efuse_write_field_bit(ESP_EFUSE_DIS_DOWNLOAD_DCACHE);
|
||||
#elif CONFIG_IDF_TARGET_ESP32C3 || CONFIG_IDF_TARGET_ESP32H2
|
||||
#elif CONFIG_IDF_TARGET_ESP32C2 || CONFIG_IDF_TARGET_ESP32C3 || CONFIG_IDF_TARGET_ESP32H2
|
||||
esp_efuse_write_field_bit(ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT);
|
||||
esp_efuse_write_field_bit(ESP_EFUSE_DIS_DOWNLOAD_ICACHE);
|
||||
#ifdef CONFIG_SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED
|
||||
// For AES128_DERIVED, FE key is 16 bytes and XTS_KEY_LENGTH_256 is 0.
|
||||
// It is important to protect XTS_KEY_LENGTH_256 from further changing it to 1. Set write protection for this bit.
|
||||
// Burning WR_DIS_CRYPT_CNT, blocks further changing of eFuses: DIS_DOWNLOAD_MANUAL_ENCRYPT, SPI_BOOT_CRYPT_CNT, [XTS_KEY_LENGTH_256], SECURE_BOOT_EN.
|
||||
esp_efuse_write_field_bit(WR_DIS_CRYPT_CNT);
|
||||
#endif // CONFIG_SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED
|
||||
#else
|
||||
ESP_LOGE(TAG, "Flash Encryption support not added, abort..");
|
||||
abort();
|
||||
|
|
|
|||
|
|
@ -15,9 +15,8 @@
|
|||
#include "esp_efuse_table.h"
|
||||
#include "esp_log.h"
|
||||
#include "hal/wdt_hal.h"
|
||||
#ifdef CONFIG_IDF_TARGET_ESP32C2
|
||||
// IDF-3899
|
||||
#warning "Not support flash encryption on esp32c2 yet."
|
||||
#ifdef CONFIG_SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
|
||||
#include "soc/sensitive_reg.h"
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_SECURE_FLASH_ENC_ENABLED
|
||||
|
|
@ -30,6 +29,8 @@
|
|||
#define WR_DIS_CRYPT_CNT ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT
|
||||
#endif
|
||||
|
||||
#define FLASH_ENC_CNT_MAX (CRYPT_CNT[0]->bit_count)
|
||||
|
||||
/* This file implements FLASH ENCRYPTION related APIs to perform
|
||||
* various operations such as programming necessary flash encryption
|
||||
* eFuses, detect whether flash encryption is enabled (by reading eFuse)
|
||||
|
|
@ -39,38 +40,86 @@
|
|||
static const char *TAG = "flash_encrypt";
|
||||
|
||||
/* Static functions for stages of flash encryption */
|
||||
static esp_err_t initialise_flash_encryption(void);
|
||||
static esp_err_t encrypt_flash_contents(size_t flash_crypt_cnt, bool flash_crypt_wr_dis) __attribute__((unused));
|
||||
static esp_err_t encrypt_bootloader(void);
|
||||
static esp_err_t encrypt_and_load_partition_table(esp_partition_info_t *partition_table, int *num_partitions);
|
||||
static esp_err_t encrypt_partition(int index, const esp_partition_info_t *partition);
|
||||
static size_t get_flash_encrypt_cnt_value(void);
|
||||
|
||||
esp_err_t esp_flash_encrypt_check_and_update(void)
|
||||
static size_t get_flash_encrypt_cnt_value(void)
|
||||
{
|
||||
size_t flash_crypt_cnt = 0;
|
||||
esp_efuse_read_field_cnt(CRYPT_CNT, &flash_crypt_cnt);
|
||||
bool flash_crypt_wr_dis = esp_efuse_read_field_bit(WR_DIS_CRYPT_CNT);
|
||||
return flash_crypt_cnt;
|
||||
}
|
||||
|
||||
bool esp_flash_encrypt_initialized_once(void)
|
||||
{
|
||||
return get_flash_encrypt_cnt_value() != 0;
|
||||
}
|
||||
|
||||
bool esp_flash_encrypt_is_write_protected(bool print_error)
|
||||
{
|
||||
if (esp_efuse_read_field_bit(WR_DIS_CRYPT_CNT)) {
|
||||
if (print_error) {
|
||||
ESP_LOGE(TAG, "Flash Encryption cannot be enabled (CRYPT_CNT (%d) is write protected)", get_flash_encrypt_cnt_value());
|
||||
}
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
bool esp_flash_encrypt_state(void)
|
||||
{
|
||||
size_t flash_crypt_cnt = get_flash_encrypt_cnt_value();
|
||||
bool flash_crypt_wr_dis = esp_flash_encrypt_is_write_protected(false);
|
||||
|
||||
ESP_LOGV(TAG, "CRYPT_CNT %d, write protection %d", flash_crypt_cnt, flash_crypt_wr_dis);
|
||||
|
||||
if (flash_crypt_cnt % 2 == 1) {
|
||||
/* Flash is already encrypted */
|
||||
int left = (CRYPT_CNT[0]->bit_count - flash_crypt_cnt) / 2;
|
||||
int left = (FLASH_ENC_CNT_MAX - flash_crypt_cnt) / 2;
|
||||
if (flash_crypt_wr_dis) {
|
||||
left = 0; /* can't update FLASH_CRYPT_CNT, no more flashes */
|
||||
}
|
||||
ESP_LOGI(TAG, "flash encryption is enabled (%d plaintext flashes left)", left);
|
||||
return ESP_OK;
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
esp_err_t esp_flash_encrypt_check_and_update(void)
|
||||
{
|
||||
bool flash_encryption_enabled = esp_flash_encrypt_state();
|
||||
if (!flash_encryption_enabled) {
|
||||
#ifndef CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED
|
||||
/* Flash is not encrypted, so encrypt it! */
|
||||
return encrypt_flash_contents(flash_crypt_cnt, flash_crypt_wr_dis);
|
||||
if (esp_flash_encrypt_is_write_protected(true)) {
|
||||
return ESP_FAIL;
|
||||
}
|
||||
|
||||
esp_err_t err = esp_flash_encrypt_init();
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGE(TAG, "Initialization of Flash encryption key failed (%d)", err);
|
||||
return err;
|
||||
}
|
||||
|
||||
err = esp_flash_encrypt_contents();
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGE(TAG, "Encryption flash contents failed (%d)", err);
|
||||
return err;
|
||||
}
|
||||
|
||||
err = esp_flash_encrypt_enable();
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGE(TAG, "Enabling of Flash encryption failed (%d)", err);
|
||||
return err;
|
||||
}
|
||||
#else
|
||||
ESP_LOGE(TAG, "flash encryption is not enabled, and SECURE_FLASH_REQUIRE_ALREADY_ENABLED "
|
||||
"is set, refusing to boot.");
|
||||
return ESP_ERR_INVALID_STATE;
|
||||
#endif // CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED
|
||||
}
|
||||
return ESP_OK;
|
||||
}
|
||||
|
||||
static esp_err_t check_and_generate_encryption_keys(void)
|
||||
|
|
@ -101,10 +150,10 @@ static esp_err_t check_and_generate_encryption_keys(void)
|
|||
return ESP_ERR_INVALID_STATE;
|
||||
}
|
||||
#else
|
||||
#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_AES64
|
||||
#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_AES128_DERIVED
|
||||
enum { BLOCKS_NEEDED = 1 };
|
||||
esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY,
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS,
|
||||
};
|
||||
key_size = 16;
|
||||
#else
|
||||
|
|
@ -112,7 +161,7 @@ static esp_err_t check_and_generate_encryption_keys(void)
|
|||
esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY,
|
||||
};
|
||||
#endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES64
|
||||
#endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES128_DERIVED
|
||||
#endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES256
|
||||
#endif // CONFIG_IDF_TARGET_ESP32
|
||||
|
||||
|
|
@ -163,8 +212,14 @@ static esp_err_t check_and_generate_encryption_keys(void)
|
|||
return ESP_OK;
|
||||
}
|
||||
|
||||
static esp_err_t initialise_flash_encryption(void)
|
||||
esp_err_t esp_flash_encrypt_init(void)
|
||||
{
|
||||
if (esp_flash_encryption_enabled() || esp_flash_encrypt_initialized_once()) {
|
||||
return ESP_OK;
|
||||
}
|
||||
|
||||
/* Very first flash encryption pass: generate keys, etc. */
|
||||
|
||||
esp_efuse_batch_write_begin(); /* Batch all efuse writes at the end of this function */
|
||||
|
||||
/* Before first flash encryption pass, need to initialise key & crypto config */
|
||||
|
|
@ -190,26 +245,15 @@ static esp_err_t initialise_flash_encryption(void)
|
|||
}
|
||||
|
||||
/* Encrypt all flash data that should be encrypted */
|
||||
static esp_err_t encrypt_flash_contents(size_t flash_crypt_cnt, bool flash_crypt_wr_dis)
|
||||
esp_err_t esp_flash_encrypt_contents(void)
|
||||
{
|
||||
esp_err_t err;
|
||||
esp_partition_info_t partition_table[ESP_PARTITION_TABLE_MAX_ENTRIES];
|
||||
int num_partitions;
|
||||
|
||||
/* If all flash_crypt_cnt bits are burned or write-disabled, the
|
||||
device can't re-encrypt itself. */
|
||||
if (flash_crypt_wr_dis || flash_crypt_cnt == CRYPT_CNT[0]->bit_count) {
|
||||
ESP_LOGE(TAG, "Cannot re-encrypt data CRYPT_CNT %d write disabled %d", flash_crypt_cnt, flash_crypt_wr_dis);
|
||||
return ESP_FAIL;
|
||||
}
|
||||
|
||||
if (flash_crypt_cnt == 0) {
|
||||
/* Very first flash of encrypted data: generate keys, etc. */
|
||||
err = initialise_flash_encryption();
|
||||
if (err != ESP_OK) {
|
||||
return err;
|
||||
}
|
||||
}
|
||||
#ifdef CONFIG_SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
|
||||
REG_WRITE(SENSITIVE_XTS_AES_KEY_UPDATE_REG, 1);
|
||||
#endif
|
||||
|
||||
err = encrypt_bootloader();
|
||||
if (err != ESP_OK) {
|
||||
|
|
@ -234,16 +278,38 @@ static esp_err_t encrypt_flash_contents(size_t flash_crypt_cnt, bool flash_crypt
|
|||
|
||||
ESP_LOGD(TAG, "All flash regions checked for encryption pass");
|
||||
|
||||
return ESP_OK;
|
||||
}
|
||||
|
||||
esp_err_t esp_flash_encrypt_enable(void)
|
||||
{
|
||||
esp_err_t err = ESP_OK;
|
||||
if (!esp_flash_encryption_enabled()) {
|
||||
|
||||
if (esp_flash_encrypt_is_write_protected(true)) {
|
||||
return ESP_FAIL;
|
||||
}
|
||||
|
||||
size_t flash_crypt_cnt = get_flash_encrypt_cnt_value();
|
||||
|
||||
#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE
|
||||
// Go straight to max, permanently enabled
|
||||
ESP_LOGI(TAG, "Setting CRYPT_CNT for permanent encryption");
|
||||
size_t new_flash_crypt_cnt = CRYPT_CNT[0]->bit_count - flash_crypt_cnt;
|
||||
// Go straight to max, permanently enabled
|
||||
ESP_LOGI(TAG, "Setting CRYPT_CNT for permanent encryption");
|
||||
size_t new_flash_crypt_cnt = FLASH_ENC_CNT_MAX - flash_crypt_cnt;
|
||||
#else
|
||||
/* Set least significant 0-bit in flash_crypt_cnt */
|
||||
size_t new_flash_crypt_cnt = 1;
|
||||
/* Set least significant 0-bit in flash_crypt_cnt */
|
||||
size_t new_flash_crypt_cnt = 1;
|
||||
#endif
|
||||
ESP_LOGD(TAG, "CRYPT_CNT %d -> %d", flash_crypt_cnt, new_flash_crypt_cnt);
|
||||
err = esp_efuse_write_field_cnt(CRYPT_CNT, new_flash_crypt_cnt);
|
||||
ESP_LOGD(TAG, "CRYPT_CNT %d -> %d", flash_crypt_cnt, new_flash_crypt_cnt);
|
||||
err = esp_efuse_write_field_cnt(CRYPT_CNT, new_flash_crypt_cnt);
|
||||
|
||||
#if defined(CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE) && defined(CONFIG_SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED)
|
||||
// For AES128_DERIVED, FE key is 16 bytes and XTS_KEY_LENGTH_256 is 0.
|
||||
// It is important to protect XTS_KEY_LENGTH_256 from further changing it to 1. Set write protection for this bit.
|
||||
// Burning WR_DIS_CRYPT_CNT, blocks further changing of eFuses: DOWNLOAD_DIS_MANUAL_ENCRYPT, SPI_BOOT_CRYPT_CNT, [XTS_KEY_LENGTH_256], SECURE_BOOT_EN.
|
||||
esp_efuse_write_field_bit(WR_DIS_CRYPT_CNT);
|
||||
#endif
|
||||
}
|
||||
|
||||
ESP_LOGI(TAG, "Flash encryption completed");
|
||||
|
||||
|
|
|
|||
|
|
@ -64,12 +64,14 @@ static esp_err_t secure_boot_v2_check(bool *need_fix)
|
|||
{
|
||||
esp_err_t err = ESP_OK;
|
||||
esp_efuse_block_t block = EFUSE_BLK_SECURE_BOOT;
|
||||
#ifndef CONFIG_SECURE_BOOT_FLASH_ENC_KEYS_BURN_TOGETHER
|
||||
if (esp_efuse_get_key_dis_read(block)) {
|
||||
ESP_LOGE(TAG, "eFuse BLOCK%d should be readable", block);
|
||||
abort();
|
||||
// This code is not achievable because the bootloader will not boot an app in this state.
|
||||
// But we keep it here just in case (any unexpected behavior).
|
||||
}
|
||||
#endif
|
||||
if (esp_efuse_block_is_empty(block)) {
|
||||
ESP_LOGE(TAG, "eFuse BLOCK%d should not be empty", block);
|
||||
abort();
|
||||
|
|
|
|||
|
|
@ -331,8 +331,10 @@ esp_err_t esp_secure_boot_v2_permanently_enable(const esp_image_metadata_t *imag
|
|||
assert(esp_efuse_read_field_bit(ESP_EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE));
|
||||
#endif
|
||||
|
||||
#ifndef CONFIG_SECURE_BOOT_FLASH_ENC_KEYS_BURN_TOGETHER
|
||||
assert(esp_secure_boot_enabled());
|
||||
ESP_LOGI(TAG, "Secure boot permanently enabled");
|
||||
#endif
|
||||
|
||||
return ESP_OK;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ typedef enum {
|
|||
typedef enum {
|
||||
ESP_EFUSE_KEY_PURPOSE_USER = 0, /**< whole BLOCK3 */
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY = 1, /**< FE uses the whole BLOCK3 (key is 256-bits) */
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY = 2, /**< FE uses lower 128-bits of BLOCK3 (key is 128-bits) */
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS = 2, /**< FE uses lower 128-bits of BLOCK3 (key is 128-bits) */
|
||||
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2 = 3, /**< SB uses higher 128-bits of BLOCK3 (key is 128-bits) */
|
||||
ESP_EFUSE_KEY_PURPOSE_MAX, /**< MAX PURPOSE */
|
||||
} esp_efuse_purpose_t;
|
||||
|
|
|
|||
|
|
@ -153,7 +153,7 @@ esp_efuse_purpose_t esp_efuse_get_key_purpose(esp_efuse_block_t block)
|
|||
if (esp_efuse_read_field_bit(ESP_EFUSE_XTS_KEY_LENGTH_256)) {
|
||||
return ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY;
|
||||
}
|
||||
return ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY;
|
||||
return ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -189,7 +189,7 @@ esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpo
|
|||
if (block < EFUSE_BLK_KEY0 || block >= EFUSE_BLK_KEY_MAX || key_size_bytes > 32 || purpose >= ESP_EFUSE_KEY_PURPOSE_MAX) {
|
||||
return ESP_ERR_INVALID_ARG;
|
||||
}
|
||||
if ((purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2 || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY) && (key_size_bytes != 16)) {
|
||||
if ((purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2 || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS) && (key_size_bytes != 16)) {
|
||||
return ESP_ERR_INVALID_ARG;
|
||||
}
|
||||
|
||||
|
|
@ -202,9 +202,10 @@ esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpo
|
|||
ESP_EFUSE_CHK(esp_efuse_write_block(block, key, offset_in_bits, key_size_bytes * 8));
|
||||
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY) {
|
||||
ESP_EFUSE_CHK(esp_efuse_set_key_purpose(block, purpose));
|
||||
}
|
||||
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY) {
|
||||
ESP_EFUSE_CHK(esp_efuse_set_key_dis_read(block));
|
||||
ESP_EFUSE_CHK(esp_efuse_write_field_bit(ESP_EFUSE_RD_DIS_KEY0_LOW));
|
||||
ESP_EFUSE_CHK(esp_efuse_write_field_bit(ESP_EFUSE_RD_DIS_KEY0_HI));
|
||||
} else if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS) {
|
||||
ESP_EFUSE_CHK(esp_efuse_write_field_bit(ESP_EFUSE_RD_DIS_KEY0_LOW));
|
||||
}
|
||||
ESP_EFUSE_CHK(esp_efuse_set_key_dis_write(block));
|
||||
return esp_efuse_batch_write_commit();
|
||||
|
|
@ -227,7 +228,7 @@ esp_err_t esp_efuse_write_keys(const esp_efuse_purpose_t purposes[], uint8_t key
|
|||
for (unsigned i_key = 0; i_key < number_of_keys; i_key++) {
|
||||
purpose = purposes[i_key];
|
||||
ESP_LOGI(TAG, "Writing EFUSE_BLK_KEY0 with purpose %d", purpose);
|
||||
size_t key_size = (purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2 || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY) ? 16 : 32;
|
||||
size_t key_size = (purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2 || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS) ? 16 : 32;
|
||||
ESP_EFUSE_CHK(esp_efuse_write_key(EFUSE_BLK_KEY0, purpose, keys[i_key], key_size));
|
||||
}
|
||||
return esp_efuse_batch_write_commit();
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ TEST_CASE("Test keys and purposes, rd, wr, wr_key_purposes are in the initial st
|
|||
TEST_ASSERT_EACH_EQUAL_HEX8(0, key, sizeof(key));
|
||||
TEST_ASSERT_FALSE(esp_efuse_get_key_dis_read(num_key));
|
||||
TEST_ASSERT_FALSE(esp_efuse_get_key_dis_write(num_key));
|
||||
TEST_ASSERT_EQUAL(ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, esp_efuse_get_key_purpose(num_key));
|
||||
TEST_ASSERT_EQUAL(ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS, esp_efuse_get_key_purpose(num_key));
|
||||
|
||||
esp_efuse_block_t key_block = EFUSE_BLK_MAX;
|
||||
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_USER, NULL));
|
||||
|
|
@ -53,7 +53,7 @@ static esp_err_t s_check_key(esp_efuse_block_t num_key, void* wr_key, esp_efuse_
|
|||
{
|
||||
size_t offset_in_bits = 0;
|
||||
uint8_t key_size = 32;
|
||||
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY || purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2) {
|
||||
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS || purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2) {
|
||||
key_size = 16;
|
||||
}
|
||||
|
||||
|
|
@ -69,7 +69,7 @@ static esp_err_t s_check_key(esp_efuse_block_t num_key, void* wr_key, esp_efuse_
|
|||
#endif // not CONFIG_IDF_ENV_FPGA
|
||||
|
||||
TEST_ASSERT_TRUE(esp_efuse_get_key_dis_write(num_key));
|
||||
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY) {
|
||||
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY || purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS) {
|
||||
TEST_ASSERT_TRUE(esp_efuse_get_key_dis_read(num_key));
|
||||
#if CONFIG_IDF_ENV_FPGA && !CONFIG_EFUSE_VIRTUAL
|
||||
TEST_ASSERT_EACH_EQUAL_HEX8(0, rd_key, key_size);
|
||||
|
|
@ -91,7 +91,7 @@ void test_write_key(esp_efuse_block_t num_key, esp_efuse_purpose_t purpose) {
|
|||
}
|
||||
|
||||
uint8_t key_size = sizeof(wr_key);
|
||||
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY || purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2) {
|
||||
if (purpose == ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS || purpose == ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2) {
|
||||
key_size = 16;
|
||||
}
|
||||
|
||||
|
|
@ -117,7 +117,7 @@ TEST_CASE("Test esp_efuse_write_key for virt mode", "[efuse]")
|
|||
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK_KEY0, ESP_EFUSE_KEY_PURPOSE_USER, &rd_key, 33));
|
||||
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK3, ESP_EFUSE_KEY_PURPOSE_USER, NULL, sizeof(rd_key)));
|
||||
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK0, ESP_EFUSE_KEY_PURPOSE_USER, &rd_key, sizeof(rd_key)));
|
||||
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK0, ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, &rd_key, sizeof(rd_key)));
|
||||
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK0, ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS, &rd_key, sizeof(rd_key)));
|
||||
TEST_ESP_ERR(ESP_ERR_INVALID_ARG, esp_efuse_write_key(EFUSE_BLK0, ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2, &rd_key, sizeof(rd_key)));
|
||||
|
||||
for (esp_efuse_purpose_t purpose = ESP_EFUSE_KEY_PURPOSE_USER; purpose < ESP_EFUSE_KEY_PURPOSE_MAX; ++purpose) {
|
||||
|
|
@ -145,9 +145,9 @@ TEST_CASE("Test 1 esp_efuse_write_key for FPGA", "[efuse]")
|
|||
esp_efuse_utility_debug_dump_blocks();
|
||||
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
|
||||
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
|
||||
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, NULL));
|
||||
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS, NULL));
|
||||
|
||||
test_write_key(EFUSE_BLK_KEY0, ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY);
|
||||
test_write_key(EFUSE_BLK_KEY0, ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS);
|
||||
|
||||
esp_efuse_utility_debug_dump_blocks();
|
||||
|
||||
|
|
@ -168,7 +168,7 @@ TEST_CASE("Test 2 esp_efuse_write_key for FPGA", "[efuse]")
|
|||
esp_efuse_utility_debug_dump_blocks();
|
||||
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
|
||||
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
|
||||
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, NULL));
|
||||
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS, NULL));
|
||||
|
||||
test_write_key(EFUSE_BLK_KEY0, ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2);
|
||||
|
||||
|
|
@ -212,12 +212,12 @@ TEST_CASE("Test esp_efuse_write_keys", "[efuse]")
|
|||
esp_efuse_utility_debug_dump_blocks();
|
||||
TEST_ASSERT_TRUE(esp_efuse_key_block_unused(EFUSE_BLK_KEY0));
|
||||
TEST_ASSERT_TRUE(esp_efuse_block_is_empty(EFUSE_BLK_KEY0));
|
||||
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY, NULL));
|
||||
TEST_ASSERT_TRUE(esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS, NULL));
|
||||
esp_efuse_block_t key_block = EFUSE_BLK_MAX;
|
||||
|
||||
enum { BLOCKS_NEEDED1 = 2 };
|
||||
esp_efuse_purpose_t purpose1[BLOCKS_NEEDED1] = {
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY,
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS,
|
||||
ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2,
|
||||
};
|
||||
uint8_t keys1[BLOCKS_NEEDED1][32] = {{0xEE}};
|
||||
|
|
@ -233,7 +233,7 @@ TEST_CASE("Test esp_efuse_write_keys", "[efuse]")
|
|||
TEST_ASSERT_TRUE(esp_efuse_find_purpose(purpose1[0], &key_block));
|
||||
TEST_ASSERT_EQUAL(EFUSE_BLK_KEY0, key_block);
|
||||
|
||||
TEST_ESP_OK(s_check_key(EFUSE_BLK_KEY0, keys1[0], ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY));
|
||||
TEST_ESP_OK(s_check_key(EFUSE_BLK_KEY0, keys1[0], ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS));
|
||||
TEST_ESP_OK(s_check_key(EFUSE_BLK_KEY0, keys1[1], ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2));
|
||||
|
||||
esp_efuse_utility_debug_dump_blocks();
|
||||
|
|
@ -260,7 +260,7 @@ TEST_CASE("Test esp_efuse_write_keys for returned errors", "[efuse]")
|
|||
|
||||
enum { BLOCKS_NEEDED = 2 };
|
||||
esp_efuse_purpose_t purpose[BLOCKS_NEEDED] = {
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY,
|
||||
ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS,
|
||||
ESP_EFUSE_KEY_PURPOSE_MAX, // it leads ESP_ERR_INVALID_ARG in esp_efuse_write_keys
|
||||
};
|
||||
uint8_t keys[BLOCKS_NEEDED][32];
|
||||
|
|
|
|||
|
|
@ -467,9 +467,17 @@ config SOC_FLASH_ENCRYPTION_XTS_AES
|
|||
bool
|
||||
default y
|
||||
|
||||
config SOC_FLASH_ENCRYPTION_XTS_AES_OPTIONS
|
||||
bool
|
||||
default y
|
||||
|
||||
config SOC_FLASH_ENCRYPTION_XTS_AES_128
|
||||
bool
|
||||
default n
|
||||
default y
|
||||
|
||||
config SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED
|
||||
bool
|
||||
default y
|
||||
|
||||
config SOC_UART_NUM
|
||||
int
|
||||
|
|
|
|||
|
|
@ -236,8 +236,10 @@
|
|||
|
||||
/*-------------------------- Flash Encryption CAPS----------------------------*/
|
||||
#define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX (32)
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_128 0 // This will be enabled with IDF-3899
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_OPTIONS 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_128 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED 1
|
||||
|
||||
/*-------------------------- UART CAPS ---------------------------------------*/
|
||||
// ESP32-C2 has 2 UARTs
|
||||
|
|
|
|||
|
|
@ -759,6 +759,10 @@ config SOC_FLASH_ENCRYPTION_XTS_AES
|
|||
bool
|
||||
default y
|
||||
|
||||
config SOC_FLASH_ENCRYPTION_XTS_AES_OPTIONS
|
||||
bool
|
||||
default y
|
||||
|
||||
config SOC_FLASH_ENCRYPTION_XTS_AES_128
|
||||
bool
|
||||
default y
|
||||
|
|
|
|||
|
|
@ -349,6 +349,7 @@
|
|||
/*-------------------------- Flash Encryption CAPS----------------------------*/
|
||||
#define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX (64)
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_OPTIONS 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_128 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_256 1
|
||||
|
||||
|
|
|
|||
|
|
@ -899,6 +899,10 @@ config SOC_FLASH_ENCRYPTION_XTS_AES
|
|||
bool
|
||||
default y
|
||||
|
||||
config SOC_FLASH_ENCRYPTION_XTS_AES_OPTIONS
|
||||
bool
|
||||
default y
|
||||
|
||||
config SOC_FLASH_ENCRYPTION_XTS_AES_128
|
||||
bool
|
||||
default y
|
||||
|
|
|
|||
|
|
@ -383,6 +383,7 @@
|
|||
/*-------------------------- Flash Encryption CAPS----------------------------*/
|
||||
#define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX (64)
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_OPTIONS 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_128 1
|
||||
#define SOC_FLASH_ENCRYPTION_XTS_AES_256 1
|
||||
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue