blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-03-09 17:19:09 -04:00
Code Issues Projects Releases Wiki Activity

Merge branch 'feature/efuse_update_for_esp32h2_eco5_v5.4' into 'release/v5.4'

Browse Source 
feat(efuse): Adds efuses for esp32h2 eco5 (v5.4)

See merge request espressif/esp-idf!36238
This commit is contained in:
Jiang Jiang Jian 2025-01-17 11:39:31 +08:00
commit 74896d4187
13 changed files with 255 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
components/efuse/esp32h2/esp_efuse_table.c
View File

@ -9,7 +9,7 @@
#include <assert.h>
#include "esp_efuse_table.h"
// md5_digest_table 1b79da735c5daed71ed7a91a0c55c5b6
// md5_digest_table 1dc5045e8a74c32825696ca314128499
// This file was generated from the file esp_efuse_table.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_table.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
@ -59,6 +59,10 @@ static const esp_efuse_desc_t WR_DIS_DIS_DOWNLOAD_MANUAL_ENCRYPT[] = {
{EFUSE_BLK0, 2, 1}, // [] wr_dis of DIS_DOWNLOAD_MANUAL_ENCRYPT,
};
static const esp_efuse_desc_t WR_DIS_POWERGLITCH_EN1[] = {
{EFUSE_BLK0, 2, 1}, // [] wr_dis of POWERGLITCH_EN1,
};
static const esp_efuse_desc_t WR_DIS_WDT_DELAY_SEL[] = {
{EFUSE_BLK0, 3, 1}, // [] wr_dis of WDT_DELAY_SEL,
};
@ -103,6 +107,10 @@ static const esp_efuse_desc_t WR_DIS_KEY_PURPOSE_5[] = {
{EFUSE_BLK0, 13, 1}, // [WR_DIS.KEY5_PURPOSE] wr_dis of KEY_PURPOSE_5,
};
static const esp_efuse_desc_t WR_DIS_XTS_DPA_PSEUDO_LEVEL[] = {
{EFUSE_BLK0, 14, 1}, // [] wr_dis of XTS_DPA_PSEUDO_LEVEL,
};
static const esp_efuse_desc_t WR_DIS_SEC_DPA_LEVEL[] = {
{EFUSE_BLK0, 14, 1}, // [] wr_dis of SEC_DPA_LEVEL,
};
@ -119,8 +127,12 @@ static const esp_efuse_desc_t WR_DIS_SECURE_BOOT_AGGRESSIVE_REVOKE[] = {
{EFUSE_BLK0, 16, 1}, // [] wr_dis of SECURE_BOOT_AGGRESSIVE_REVOKE,
};
static const esp_efuse_desc_t WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[] = {
{EFUSE_BLK0, 17, 1}, // [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K,
static const esp_efuse_desc_t WR_DIS_ECDSA_CURVE_MODE[] = {
{EFUSE_BLK0, 17, 1}, // [] wr_dis of ECDSA_CURVE_MODE,
};
static const esp_efuse_desc_t WR_DIS_ECC_FORCE_CONST_TIME[] = {
{EFUSE_BLK0, 17, 1}, // [] wr_dis of ECC_FORCE_CONST_TIME,
};
static const esp_efuse_desc_t WR_DIS_FLASH_TPUW[] = {
@ -443,6 +455,18 @@ static const esp_efuse_desc_t VDD_SPI_AS_GPIO[] = {
{EFUSE_BLK0, 58, 1}, // [] Represents whether vdd spi pin is functioned as gpio. 1: functioned. 0: not functioned,
};
static const esp_efuse_desc_t ECDSA_CURVE_MODE[] = {
{EFUSE_BLK0, 59, 2}, // [] Configures the curve of ECDSA calculation: 0: only enable P256. 1: only enable P192. 2: both enable P256 and P192. 3: only enable P256,
};
static const esp_efuse_desc_t ECC_FORCE_CONST_TIME[] = {
{EFUSE_BLK0, 61, 1}, // [] Set this bit to permanently turn on ECC const-time mode,
};
static const esp_efuse_desc_t XTS_DPA_PSEUDO_LEVEL[] = {
{EFUSE_BLK0, 62, 2}, // [] Set this bit to control the xts pseudo-round anti-dpa attack function: 0: controlled by register. 1-3: the higher the value is; the more pseudo-rounds are inserted to the xts-aes calculation,
};
static const esp_efuse_desc_t WDT_DELAY_SEL[] = {
{EFUSE_BLK0, 80, 2}, // [] Represents whether RTC watchdog timeout threshold is selected at startup. 1: selected. 0: not selected,
};
@ -491,10 +515,6 @@ static const esp_efuse_desc_t SEC_DPA_LEVEL[] = {
{EFUSE_BLK0, 112, 2}, // [] Represents the spa secure level by configuring the clock random divide mode,
};
static const esp_efuse_desc_t ECDSA_FORCE_USE_HARDWARE_K[] = {
{EFUSE_BLK0, 114, 1}, // [] Represents whether hardware random number k is forced used in ESDCA. 1: force used. 0: not force used,
};
static const esp_efuse_desc_t CRYPT_DPA_ENABLE[] = {
{EFUSE_BLK0, 115, 1}, // [] Represents whether anti-dpa attack is enabled. 1:enabled. 0: disabled,
};
@ -507,6 +527,10 @@ static const esp_efuse_desc_t SECURE_BOOT_AGGRESSIVE_REVOKE[] = {
{EFUSE_BLK0, 117, 1}, // [] Represents whether revoking aggressive secure boot is enabled or disabled. 1: enabled. 0: disabled,
};
static const esp_efuse_desc_t POWERGLITCH_EN1[] = {
{EFUSE_BLK0, 118, 5}, // [] Set these bits to enable power glitch function when chip power on,
};
static const esp_efuse_desc_t FLASH_TPUW[] = {
{EFUSE_BLK0, 124, 4}, // [] Represents the flash waiting time after power-up; in unit of ms. When the value less than 15; the waiting time is the programmed value. Otherwise; the waiting time is 2 times the programmed value,
};
@ -792,6 +816,11 @@ const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_DIS_DOWNLOAD_MANUAL_ENCRYPT[] = {
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_POWERGLITCH_EN1[] = {
&WR_DIS_POWERGLITCH_EN1[0], // [] wr_dis of POWERGLITCH_EN1
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_WDT_DELAY_SEL[] = {
&WR_DIS_WDT_DELAY_SEL[0], // [] wr_dis of WDT_DELAY_SEL
NULL
@ -847,6 +876,11 @@ const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY_PURPOSE_5[] = {
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_XTS_DPA_PSEUDO_LEVEL[] = {
&WR_DIS_XTS_DPA_PSEUDO_LEVEL[0], // [] wr_dis of XTS_DPA_PSEUDO_LEVEL
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SEC_DPA_LEVEL[] = {
&WR_DIS_SEC_DPA_LEVEL[0], // [] wr_dis of SEC_DPA_LEVEL
NULL
@ -867,8 +901,13 @@ const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_AGGRESSIVE_REVOKE[] = {
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[] = {
&WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[0], // [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_CURVE_MODE[] = {
&WR_DIS_ECDSA_CURVE_MODE[0], // [] wr_dis of ECDSA_CURVE_MODE
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECC_FORCE_CONST_TIME[] = {
&WR_DIS_ECC_FORCE_CONST_TIME[0], // [] wr_dis of ECC_FORCE_CONST_TIME
NULL
};
@ -1272,6 +1311,21 @@ const esp_efuse_desc_t* ESP_EFUSE_VDD_SPI_AS_GPIO[] = {
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_ECDSA_CURVE_MODE[] = {
&ECDSA_CURVE_MODE[0], // [] Configures the curve of ECDSA calculation: 0: only enable P256. 1: only enable P192. 2: both enable P256 and P192. 3: only enable P256
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_ECC_FORCE_CONST_TIME[] = {
&ECC_FORCE_CONST_TIME[0], // [] Set this bit to permanently turn on ECC const-time mode
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_XTS_DPA_PSEUDO_LEVEL[] = {
&XTS_DPA_PSEUDO_LEVEL[0], // [] Set this bit to control the xts pseudo-round anti-dpa attack function: 0: controlled by register. 1-3: the higher the value is; the more pseudo-rounds are inserted to the xts-aes calculation
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_WDT_DELAY_SEL[] = {
&WDT_DELAY_SEL[0], // [] Represents whether RTC watchdog timeout threshold is selected at startup. 1: selected. 0: not selected
NULL
@ -1332,11 +1386,6 @@ const esp_efuse_desc_t* ESP_EFUSE_SEC_DPA_LEVEL[] = {
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_ECDSA_FORCE_USE_HARDWARE_K[] = {
&ECDSA_FORCE_USE_HARDWARE_K[0], // [] Represents whether hardware random number k is forced used in ESDCA. 1: force used. 0: not force used
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_CRYPT_DPA_ENABLE[] = {
&CRYPT_DPA_ENABLE[0], // [] Represents whether anti-dpa attack is enabled. 1:enabled. 0: disabled
NULL
@ -1352,6 +1401,11 @@ const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE[] = {
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_POWERGLITCH_EN1[] = {
&POWERGLITCH_EN1[0], // [] Set these bits to enable power glitch function when chip power on
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_FLASH_TPUW[] = {
&FLASH_TPUW[0], // [] Represents the flash waiting time after power-up; in unit of ms. When the value less than 15; the waiting time is the programmed value. Otherwise; the waiting time is 2 times the programmed value
NULL

12
components/efuse/esp32h2/esp_efuse_table.csv
View File

@ -9,7 +9,7 @@
# this will generate new source files, next rebuild all the sources.
# !!!!!!!!!!! #
# This file was generated by regtools.py based on the efuses.yaml file with the version: ef562916e77cf77203c1a4c0cff35ac5
# This file was generated by regtools.py based on the efuses.yaml file with the version: 44563d2af4ebdba4db6c0a34a50c94f9
WR_DIS, EFUSE_BLK0, 0, 32, [] Disable programming of individual eFuses
WR_DIS.RD_DIS, EFUSE_BLK0, 0, 1, [] wr_dis of RD_DIS
@ -22,6 +22,7 @@ WR_DIS.DIS_TWAI, EFUSE_BLK0, 2, 1, [WR_DIS.D
WR_DIS.JTAG_SEL_ENABLE, EFUSE_BLK0, 2, 1, [] wr_dis of JTAG_SEL_ENABLE
WR_DIS.DIS_PAD_JTAG, EFUSE_BLK0, 2, 1, [] wr_dis of DIS_PAD_JTAG
WR_DIS.DIS_DOWNLOAD_MANUAL_ENCRYPT, EFUSE_BLK0, 2, 1, [] wr_dis of DIS_DOWNLOAD_MANUAL_ENCRYPT
WR_DIS.POWERGLITCH_EN1, EFUSE_BLK0, 2, 1, [] wr_dis of POWERGLITCH_EN1
WR_DIS.WDT_DELAY_SEL, EFUSE_BLK0, 3, 1, [] wr_dis of WDT_DELAY_SEL
WR_DIS.SPI_BOOT_CRYPT_CNT, EFUSE_BLK0, 4, 1, [] wr_dis of SPI_BOOT_CRYPT_CNT
WR_DIS.SECURE_BOOT_KEY_REVOKE0, EFUSE_BLK0, 5, 1, [] wr_dis of SECURE_BOOT_KEY_REVOKE0
@ -33,11 +34,13 @@ WR_DIS.KEY_PURPOSE_2, EFUSE_BLK0, 10, 1, [WR_DIS.K
WR_DIS.KEY_PURPOSE_3, EFUSE_BLK0, 11, 1, [WR_DIS.KEY3_PURPOSE] wr_dis of KEY_PURPOSE_3
WR_DIS.KEY_PURPOSE_4, EFUSE_BLK0, 12, 1, [WR_DIS.KEY4_PURPOSE] wr_dis of KEY_PURPOSE_4
WR_DIS.KEY_PURPOSE_5, EFUSE_BLK0, 13, 1, [WR_DIS.KEY5_PURPOSE] wr_dis of KEY_PURPOSE_5
WR_DIS.XTS_DPA_PSEUDO_LEVEL, EFUSE_BLK0, 14, 1, [] wr_dis of XTS_DPA_PSEUDO_LEVEL
WR_DIS.SEC_DPA_LEVEL, EFUSE_BLK0, 14, 1, [] wr_dis of SEC_DPA_LEVEL
WR_DIS.CRYPT_DPA_ENABLE, EFUSE_BLK0, 14, 1, [] wr_dis of CRYPT_DPA_ENABLE
WR_DIS.SECURE_BOOT_EN, EFUSE_BLK0, 15, 1, [] wr_dis of SECURE_BOOT_EN
WR_DIS.SECURE_BOOT_AGGRESSIVE_REVOKE, EFUSE_BLK0, 16, 1, [] wr_dis of SECURE_BOOT_AGGRESSIVE_REVOKE
WR_DIS.ECDSA_FORCE_USE_HARDWARE_K, EFUSE_BLK0, 17, 1, [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K
WR_DIS.ECDSA_CURVE_MODE, EFUSE_BLK0, 17, 1, [] wr_dis of ECDSA_CURVE_MODE
WR_DIS.ECC_FORCE_CONST_TIME, EFUSE_BLK0, 17, 1, [] wr_dis of ECC_FORCE_CONST_TIME
WR_DIS.FLASH_TPUW, EFUSE_BLK0, 18, 1, [] wr_dis of FLASH_TPUW
WR_DIS.DIS_DOWNLOAD_MODE, EFUSE_BLK0, 18, 1, [] wr_dis of DIS_DOWNLOAD_MODE
WR_DIS.DIS_DIRECT_BOOT, EFUSE_BLK0, 18, 1, [] wr_dis of DIS_DIRECT_BOOT
@ -118,6 +121,9 @@ DIS_PAD_JTAG, EFUSE_BLK0, 51, 1, [] Repres
DIS_DOWNLOAD_MANUAL_ENCRYPT, EFUSE_BLK0, 52, 1, [] Represents whether flash encrypt function is disabled or enabled(except in SPI boot mode). 1: disabled. 0: enabled
USB_EXCHG_PINS, EFUSE_BLK0, 57, 1, [] Represents whether the D+ and D- pins is exchanged. 1: exchanged. 0: not exchanged
VDD_SPI_AS_GPIO, EFUSE_BLK0, 58, 1, [] Represents whether vdd spi pin is functioned as gpio. 1: functioned. 0: not functioned
ECDSA_CURVE_MODE, EFUSE_BLK0, 59, 2, [] Configures the curve of ECDSA calculation: 0: only enable P256. 1: only enable P192. 2: both enable P256 and P192. 3: only enable P256
ECC_FORCE_CONST_TIME, EFUSE_BLK0, 61, 1, [] Set this bit to permanently turn on ECC const-time mode
XTS_DPA_PSEUDO_LEVEL, EFUSE_BLK0, 62, 2, [] Set this bit to control the xts pseudo-round anti-dpa attack function: 0: controlled by register. 1-3: the higher the value is; the more pseudo-rounds are inserted to the xts-aes calculation
WDT_DELAY_SEL, EFUSE_BLK0, 80, 2, [] Represents whether RTC watchdog timeout threshold is selected at startup. 1: selected. 0: not selected
SPI_BOOT_CRYPT_CNT, EFUSE_BLK0, 82, 3, [] Enables flash encryption when 1 or 3 bits are set and disables otherwise {0: "Disable"; 1: "Enable"; 3: "Disable"; 7: "Enable"}
SECURE_BOOT_KEY_REVOKE0, EFUSE_BLK0, 85, 1, [] Revoke 1st secure boot key
@ -130,10 +136,10 @@ KEY_PURPOSE_3, EFUSE_BLK0, 100, 4, [KEY3_PUR
KEY_PURPOSE_4, EFUSE_BLK0, 104, 4, [KEY4_PURPOSE] Represents the purpose of Key4
KEY_PURPOSE_5, EFUSE_BLK0, 108, 4, [KEY5_PURPOSE] Represents the purpose of Key5
SEC_DPA_LEVEL, EFUSE_BLK0, 112, 2, [] Represents the spa secure level by configuring the clock random divide mode
ECDSA_FORCE_USE_HARDWARE_K, EFUSE_BLK0, 114, 1, [] Represents whether hardware random number k is forced used in ESDCA. 1: force used. 0: not force used
CRYPT_DPA_ENABLE, EFUSE_BLK0, 115, 1, [] Represents whether anti-dpa attack is enabled. 1:enabled. 0: disabled
SECURE_BOOT_EN, EFUSE_BLK0, 116, 1, [] Represents whether secure boot is enabled or disabled. 1: enabled. 0: disabled
SECURE_BOOT_AGGRESSIVE_REVOKE, EFUSE_BLK0, 117, 1, [] Represents whether revoking aggressive secure boot is enabled or disabled. 1: enabled. 0: disabled
POWERGLITCH_EN1, EFUSE_BLK0, 118, 5, [] Set these bits to enable power glitch function when chip power on
FLASH_TPUW, EFUSE_BLK0, 124, 4, [] Represents the flash waiting time after power-up; in unit of ms. When the value less than 15; the waiting time is the programmed value. Otherwise; the waiting time is 2 times the programmed value
DIS_DOWNLOAD_MODE, EFUSE_BLK0, 128, 1, [] Represents whether Download mode is disabled or enabled. 1: disabled. 0: enabled
DIS_DIRECT_BOOT, EFUSE_BLK0, 129, 1, [] Represents whether direct boot mode is disabled or enabled. 1: disabled. 0: enabled

Can't render this file because it contains an unexpected character in line 8 and column 53.

38
components/efuse/esp32h2/esp_efuse_table_v0.0_v1.1.c Normal file
View File

@ -0,0 +1,38 @@
/*
* SPDX-FileCopyrightText: 2017-2024 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include "sdkconfig.h"
#include "esp_efuse.h"
#include <assert.h>
#include "esp_efuse_table_v0.0_v1.1.h"
// md5_digest_table e0c7039a210d1fb05ea0ef6585afb060
// This file was generated from the file esp_efuse_table_v0.0_v1.1.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_table_v0.0_v1.1.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
// To show efuse_table run the command 'show_efuse_table'.
static const esp_efuse_desc_t WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[] = {
{EFUSE_BLK0, 17, 1}, // [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K,
};
static const esp_efuse_desc_t ECDSA_FORCE_USE_HARDWARE_K[] = {
{EFUSE_BLK0, 114, 1}, // [] Represents whether hardware random number k is forced used in ESDCA. 1: force used. 0: not force used,
};
const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[] = {
&WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[0], // [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K
NULL
};
const esp_efuse_desc_t* ESP_EFUSE_ECDSA_FORCE_USE_HARDWARE_K[] = {
&ECDSA_FORCE_USE_HARDWARE_K[0], // [] Represents whether hardware random number k is forced used in ESDCA. 1: force used. 0: not force used
NULL
};

6
components/efuse/esp32h2/esp_efuse_table_v0.0_v1.1.csv Normal file
View File

@ -0,0 +1,6 @@
# field_name, efuse_block, bit_start, bit_count, comment
# eFuses that only exist on ESP32-H2 v0.0 - v1.1.
WR_DIS_ECDSA_FORCE_USE_HARDWARE_K, EFUSE_BLK0, 17, 1, [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K
ECDSA_FORCE_USE_HARDWARE_K, EFUSE_BLK0, 114, 1, [] Represents whether hardware random number k is forced used in ESDCA. 1: force used. 0: not force used
1 # field_name, efuse_block, bit_start, bit_count, comment
2 # eFuses that only exist on ESP32-H2 v0.0 - v1.1.
3 WR_DIS_ECDSA_FORCE_USE_HARDWARE_K, EFUSE_BLK0, 17, 1, [] wr_dis of ECDSA_FORCE_USE_HARDWARE_K
4 ECDSA_FORCE_USE_HARDWARE_K, EFUSE_BLK0, 114, 1, [] Represents whether hardware random number k is forced used in ESDCA. 1: force used. 0: not force used

16
components/efuse/esp32h2/include/esp_efuse_table.h
View File

@ -9,8 +9,12 @@ extern "C" {
#endif
#include "esp_efuse.h"
#include "sdkconfig.h"
#if CONFIG_ESP32H2_REV_MIN_FULL < 102
#include "esp_efuse_table_v0.0_v1.1.h"
#endif
// md5_digest_table 1b79da735c5daed71ed7a91a0c55c5b6
// md5_digest_table 1dc5045e8a74c32825696ca314128499
// This file was generated from the file esp_efuse_table.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_table.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
@ -29,6 +33,7 @@ extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_DIS_TWAI[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_JTAG_SEL_ENABLE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_DIS_PAD_JTAG[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_DIS_DOWNLOAD_MANUAL_ENCRYPT[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_POWERGLITCH_EN1[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_WDT_DELAY_SEL[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SPI_BOOT_CRYPT_CNT[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_KEY_REVOKE0[];
@ -46,11 +51,13 @@ extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY_PURPOSE_4[];
#define ESP_EFUSE_WR_DIS_KEY4_PURPOSE ESP_EFUSE_WR_DIS_KEY_PURPOSE_4
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_KEY_PURPOSE_5[];
#define ESP_EFUSE_WR_DIS_KEY5_PURPOSE ESP_EFUSE_WR_DIS_KEY_PURPOSE_5
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_XTS_DPA_PSEUDO_LEVEL[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SEC_DPA_LEVEL[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_CRYPT_DPA_ENABLE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_EN[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_SECURE_BOOT_AGGRESSIVE_REVOKE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_CURVE_MODE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECC_FORCE_CONST_TIME[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_FLASH_TPUW[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_DIS_DOWNLOAD_MODE[];
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_DIS_DIRECT_BOOT[];
@ -151,6 +158,9 @@ extern const esp_efuse_desc_t* ESP_EFUSE_DIS_PAD_JTAG[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT[];
extern const esp_efuse_desc_t* ESP_EFUSE_USB_EXCHG_PINS[];
extern const esp_efuse_desc_t* ESP_EFUSE_VDD_SPI_AS_GPIO[];
extern const esp_efuse_desc_t* ESP_EFUSE_ECDSA_CURVE_MODE[];
extern const esp_efuse_desc_t* ESP_EFUSE_ECC_FORCE_CONST_TIME[];
extern const esp_efuse_desc_t* ESP_EFUSE_XTS_DPA_PSEUDO_LEVEL[];
extern const esp_efuse_desc_t* ESP_EFUSE_WDT_DELAY_SEL[];
extern const esp_efuse_desc_t* ESP_EFUSE_SPI_BOOT_CRYPT_CNT[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_KEY_REVOKE0[];
@ -169,10 +179,10 @@ extern const esp_efuse_desc_t* ESP_EFUSE_KEY_PURPOSE_4[];
extern const esp_efuse_desc_t* ESP_EFUSE_KEY_PURPOSE_5[];
#define ESP_EFUSE_KEY5_PURPOSE ESP_EFUSE_KEY_PURPOSE_5
extern const esp_efuse_desc_t* ESP_EFUSE_SEC_DPA_LEVEL[];
extern const esp_efuse_desc_t* ESP_EFUSE_ECDSA_FORCE_USE_HARDWARE_K[];
extern const esp_efuse_desc_t* ESP_EFUSE_CRYPT_DPA_ENABLE[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_EN[];
extern const esp_efuse_desc_t* ESP_EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE[];
extern const esp_efuse_desc_t* ESP_EFUSE_POWERGLITCH_EN1[];
extern const esp_efuse_desc_t* ESP_EFUSE_FLASH_TPUW[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DOWNLOAD_MODE[];
extern const esp_efuse_desc_t* ESP_EFUSE_DIS_DIRECT_BOOT[];

25
components/efuse/esp32h2/include/esp_efuse_table_v0.0_v1.1.h Normal file
View File

@ -0,0 +1,25 @@
/*
* SPDX-FileCopyrightText: 2017-2024 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#ifdef __cplusplus
extern "C" {
#endif
#include "esp_efuse.h"
// md5_digest_table e0c7039a210d1fb05ea0ef6585afb060
// This file was generated from the file esp_efuse_table_v0.0_v1.1.csv. DO NOT CHANGE THIS FILE MANUALLY.
// If you want to change some fields, you need to change esp_efuse_table_v0.0_v1.1.csv file
// then run `efuse_common_table` or `efuse_custom_table` command it will generate this file.
// To show efuse_table run the command 'show_efuse_table'.
extern const esp_efuse_desc_t* ESP_EFUSE_WR_DIS_ECDSA_FORCE_USE_HARDWARE_K[];
extern const esp_efuse_desc_t* ESP_EFUSE_ECDSA_FORCE_USE_HARDWARE_K[];
#ifdef __cplusplus
}
#endif

1
components/efuse/esp32h2/sources.cmake
View File

@ -1,4 +1,5 @@
set(EFUSE_SOC_SRCS "esp_efuse_table.c"
"esp_efuse_table_v0.0_v1.1.c"
"esp_efuse_fields.c"
"esp_efuse_rtc_calib.c"
"esp_efuse_utility.c")

6
components/efuse/src/efuse_controller/keys/with_key_purposes/esp_efuse_api_key.c
View File

@ -1,9 +1,11 @@
/*
* SPDX-FileCopyrightText: 2017-2023 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2017-2024 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include "soc/chip_revision.h"
#include "hal/efuse_hal.h"
#include "esp_efuse.h"
#include "esp_efuse_utility.h"
#include "soc/efuse_periph.h"
@ -318,8 +320,10 @@ esp_err_t esp_efuse_write_key(esp_efuse_block_t block, esp_efuse_purpose_t purpo
#if SOC_EFUSE_ECDSA_USE_HARDWARE_K
if (purpose == ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY) {
// Permanently enable the hardware TRNG supplied k mode (most secure mode)
if (!CONFIG_IDF_TARGET_ESP32H2 || (CONFIG_IDF_TARGET_ESP32H2 && !ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102))) {
ESP_EFUSE_CHK(esp_efuse_write_field_bit(ESP_EFUSE_ECDSA_FORCE_USE_HARDWARE_K));
}
}
#endif
ESP_EFUSE_CHK(esp_efuse_set_key_purpose(block, purpose));
ESP_EFUSE_CHK(esp_efuse_set_keypurpose_dis_write(block));

3
components/efuse/src/esp_efuse_startup.c
View File

@ -6,6 +6,7 @@
#include "sdkconfig.h"
#include "soc/soc_caps.h"
#include "soc/chip_revision.h"
#include "hal/efuse_hal.h"
#include "rom/efuse.h"
#include "esp_efuse.h"
@ -93,8 +94,10 @@ static esp_err_t init_efuse_secure(void)
if (esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY, NULL)) {
// ECDSA key purpose block is present and hence permanently enable
// the hardware TRNG supplied k mode (most secure mode)
if (!CONFIG_IDF_TARGET_ESP32H2 || (CONFIG_IDF_TARGET_ESP32H2 && !ESP_CHIP_REV_ABOVE(efuse_hal_chip_revision(), 102))) {
ESP_RETURN_ON_ERROR(esp_efuse_write_field_bit(ESP_EFUSE_ECDSA_FORCE_USE_HARDWARE_K), TAG, "Failed to enable hardware k mode");
}
}
#endif
#if CONFIG_SECURE_DISABLE_ROM_DL_MODE

4
components/soc/esp32h2/include/soc/Kconfig.soc_caps.in
View File

@ -3,6 +3,10 @@
# using gen_soc_caps_kconfig.py, do not edit manually
#####################################################
config SOC_CAPS_ECO_VER_MAX
int
default 102
config SOC_ADC_SUPPORTED
bool
default y

19
components/soc/esp32h2/include/soc/soc_caps.h
View File

@ -16,7 +16,24 @@
#pragma once
#ifdef __has_include
# if __has_include("sdkconfig.h")
# include "sdkconfig.h"
# define SOC_CAPS_ECO_VER CONFIG_ESP32H2_REV_MIN_FULL
# endif
#endif
#if !defined(SOC_CAPS_ECO_VER)
#define SOC_CAPS_ECO_VER SOC_CAPS_ECO_VER_MAX
#endif
#ifndef SOC_CAPS_ECO_VER
#warning ECO version not determined. Some ECO related caps will not be available.
#warning Define SOC_CAPS_ECO_VER before including this header.
#endif
/*-------------------------- COMMON CAPS ---------------------------------------*/
#define SOC_CAPS_ECO_VER_MAX 102
#define SOC_ADC_SUPPORTED 1
#define SOC_ANA_CMPR_SUPPORTED 1
#define SOC_DEDICATED_GPIO_SUPPORTED 1
@ -474,7 +491,9 @@
#define SOC_EFUSE_SOFT_DIS_JTAG 1
#define SOC_EFUSE_DIS_ICACHE 1
#define SOC_EFUSE_BLOCK9_KEY_PURPOSE_QUIRK 1 // XTS-AES and ECDSA key purposes not supported for this block
#if SOC_CAPS_ECO_VER < 102
#define SOC_EFUSE_ECDSA_USE_HARDWARE_K 1 // Force use hardware TRNG supplied K for ECDSA
#endif
#define SOC_EFUSE_ECDSA_KEY 1
/*-------------------------- Secure Boot CAPS----------------------------*/

71
components/soc/esp32h2/register/soc/efuse_reg.h
View File

@ -289,27 +289,30 @@ extern "C" {
#define EFUSE_VDD_SPI_AS_GPIO_M (EFUSE_VDD_SPI_AS_GPIO_V << EFUSE_VDD_SPI_AS_GPIO_S)
#define EFUSE_VDD_SPI_AS_GPIO_V 0x00000001U
#define EFUSE_VDD_SPI_AS_GPIO_S 26
/** EFUSE_RPT4_RESERVED0_2 : RO; bitpos: [28:27]; default: 0;
* Reserved.
/** EFUSE_ECDSA_CURVE_MODE : R; bitpos: [28:27]; default: 0;
* Configures the curve of ECDSA calculation: 0: only enable P256. 1: only enable
* P192. 2: both enable P256 and P192. 3: only enable P256
*/
#define EFUSE_RPT4_RESERVED0_2 0x00000003U
#define EFUSE_RPT4_RESERVED0_2_M (EFUSE_RPT4_RESERVED0_2_V << EFUSE_RPT4_RESERVED0_2_S)
#define EFUSE_RPT4_RESERVED0_2_V 0x00000003U
#define EFUSE_RPT4_RESERVED0_2_S 27
/** EFUSE_RPT4_RESERVED0_1 : RO; bitpos: [29]; default: 0;
* Reserved.
#define EFUSE_ECDSA_CURVE_MODE 0x00000003U
#define EFUSE_ECDSA_CURVE_MODE_M (EFUSE_ECDSA_CURVE_MODE_V << EFUSE_ECDSA_CURVE_MODE_S)
#define EFUSE_ECDSA_CURVE_MODE_V 0x00000003U
#define EFUSE_ECDSA_CURVE_MODE_S 27
/** EFUSE_ECC_FORCE_CONST_TIME : R; bitpos: [29]; default: 0;
* Set this bit to permanently turn on ECC const-time mode
*/
#define EFUSE_RPT4_RESERVED0_1 (BIT(29))
#define EFUSE_RPT4_RESERVED0_1_M (EFUSE_RPT4_RESERVED0_1_V << EFUSE_RPT4_RESERVED0_1_S)
#define EFUSE_RPT4_RESERVED0_1_V 0x00000001U
#define EFUSE_RPT4_RESERVED0_1_S 29
/** EFUSE_RPT4_RESERVED0_0 : RO; bitpos: [31:30]; default: 0;
* Reserved.
#define EFUSE_ECC_FORCE_CONST_TIME (BIT(29))
#define EFUSE_ECC_FORCE_CONST_TIME_M (EFUSE_ECC_FORCE_CONST_TIME_V << EFUSE_ECC_FORCE_CONST_TIME_S)
#define EFUSE_ECC_FORCE_CONST_TIME_V 0x00000001U
#define EFUSE_ECC_FORCE_CONST_TIME_S 29
/** EFUSE_XTS_DPA_PSEUDO_LEVEL : R; bitpos: [31:30]; default: 0;
* Set this bit to control the xts pseudo-round anti-dpa attack function: 0:
* controlled by register. 1-3: the higher the value is, the more pseudo-rounds are
* inserted to the xts-aes calculation
*/
#define EFUSE_RPT4_RESERVED0_0 0x00000003U
#define EFUSE_RPT4_RESERVED0_0_M (EFUSE_RPT4_RESERVED0_0_V << EFUSE_RPT4_RESERVED0_0_S)
#define EFUSE_RPT4_RESERVED0_0_V 0x00000003U
#define EFUSE_RPT4_RESERVED0_0_S 30
#define EFUSE_XTS_DPA_PSEUDO_LEVEL 0x00000003U
#define EFUSE_XTS_DPA_PSEUDO_LEVEL_M (EFUSE_XTS_DPA_PSEUDO_LEVEL_V << EFUSE_XTS_DPA_PSEUDO_LEVEL_S)
#define EFUSE_XTS_DPA_PSEUDO_LEVEL_V 0x00000003U
#define EFUSE_XTS_DPA_PSEUDO_LEVEL_S 30
/** EFUSE_RD_REPEAT_DATA1_REG register
* BLOCK0 data register 2.
@ -416,14 +419,13 @@ extern "C" {
#define EFUSE_SEC_DPA_LEVEL_M (EFUSE_SEC_DPA_LEVEL_V << EFUSE_SEC_DPA_LEVEL_S)
#define EFUSE_SEC_DPA_LEVEL_V 0x00000003U
#define EFUSE_SEC_DPA_LEVEL_S 16
/** EFUSE_ECDSA_FORCE_USE_HARDWARE_K : RO; bitpos: [18]; default: 1;
* Represents whether hardware random number k is forced used in ESDCA. 1: force used.
* 0: not force used.
/** EFUSE_RESERVE_0_114 : RO; bitpos: [18]; default: 1;
* Reserved
*/
#define EFUSE_ECDSA_FORCE_USE_HARDWARE_K (BIT(18))
#define EFUSE_ECDSA_FORCE_USE_HARDWARE_K_M (EFUSE_ECDSA_FORCE_USE_HARDWARE_K_V << EFUSE_ECDSA_FORCE_USE_HARDWARE_K_S)
#define EFUSE_ECDSA_FORCE_USE_HARDWARE_K_V 0x00000001U
#define EFUSE_ECDSA_FORCE_USE_HARDWARE_K_S 18
#define EFUSE_RESERVE_0_114 (BIT(18))
#define EFUSE_RESERVE_0_114_M (EFUSE_RESERVE_0_114_V << EFUSE_RESERVE_0_114_S)
#define EFUSE_RESERVE_0_114_V 0x00000001U
#define EFUSE_RESERVE_0_114_S 18
/** EFUSE_CRYPT_DPA_ENABLE : RO; bitpos: [19]; default: 1;
* Represents whether anti-dpa attack is enabled. 1:enabled. 0: disabled.
*/
@ -446,13 +448,20 @@ extern "C" {
#define EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE_M (EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE_V << EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE_S)
#define EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE_V 0x00000001U
#define EFUSE_SECURE_BOOT_AGGRESSIVE_REVOKE_S 21
/** EFUSE_RPT4_RESERVED2_0 : RO; bitpos: [27:22]; default: 0;
* Reserved.
/** EFUSE_POWERGLITCH_EN1 : R; bitpos: [26:22]; default: 0;
* Set these bits to enable power glitch function when chip power on
*/
#define EFUSE_RPT4_RESERVED2_0 0x0000003FU
#define EFUSE_RPT4_RESERVED2_0_M (EFUSE_RPT4_RESERVED2_0_V << EFUSE_RPT4_RESERVED2_0_S)
#define EFUSE_RPT4_RESERVED2_0_V 0x0000003FU
#define EFUSE_RPT4_RESERVED2_0_S 22
#define EFUSE_POWERGLITCH_EN1 0x0000001FU
#define EFUSE_POWERGLITCH_EN1_M (EFUSE_POWERGLITCH_EN1_V << EFUSE_POWERGLITCH_EN1_S)
#define EFUSE_POWERGLITCH_EN1_V 0x0000001FU
#define EFUSE_POWERGLITCH_EN1_S 22
/** EFUSE_RESERVED_0_123 : R; bitpos: [27]; default: 0;
* reserved
*/
#define EFUSE_RESERVED_0_123 (BIT(27))
#define EFUSE_RESERVED_0_123_M (EFUSE_RESERVED_0_123_V << EFUSE_RESERVED_0_123_S)
#define EFUSE_RESERVED_0_123_V 0x00000001U
#define EFUSE_RESERVED_0_123_S 27
/** EFUSE_FLASH_TPUW : RO; bitpos: [31:28]; default: 0;
* Represents the flash waiting time after power-up, in unit of ms. When the value
* less than 15, the waiting time is the programmed value. Otherwise, the waiting time

38
components/soc/esp32h2/register/soc/efuse_struct.h
View File

@ -252,18 +252,21 @@ typedef union {
* functioned.
*/
uint32_t vdd_spi_as_gpio:1;
/** rpt4_reserved0_2 : RO; bitpos: [28:27]; default: 0;
* Reserved.
/** ecdsa_curve_mode : R; bitpos: [28:27]; default: 0;
* Configures the curve of ECDSA calculation: 0: only enable P256. 1: only enable
* P192. 2: both enable P256 and P192. 3: only enable P256
*/
uint32_t rpt4_reserved0_2:2;
/** rpt4_reserved0_1 : RO; bitpos: [29]; default: 0;
* Reserved.
uint32_t ecdsa_curve_mode:2;
/** ecc_force_const_time : R; bitpos: [29]; default: 0;
* Set this bit to permanently turn on ECC const-time mode
*/
uint32_t rpt4_reserved0_1:1;
/** rpt4_reserved0_0 : RO; bitpos: [31:30]; default: 0;
* Reserved.
uint32_t ecc_force_const_time:1;
/** xts_dpa_pseudo_level : R; bitpos: [31:30]; default: 0;
* Set this bit to control the xts pseudo-round anti-dpa attack function: 0:
* controlled by register. 1-3: the higher the value is, the more pseudo-rounds are
* inserted to the xts-aes calculation
*/
uint32_t rpt4_reserved0_0:2;
uint32_t xts_dpa_pseudo_level:2;
};
uint32_t val;
} efuse_rd_repeat_data0_reg_t;
@ -339,11 +342,10 @@ typedef union {
* Represents the spa secure level by configuring the clock random divide mode.
*/
uint32_t sec_dpa_level:2;
/** ecdsa_force_use_hardware_k : RO; bitpos: [18]; default: 1;
* Represents whether hardware random number k is forced used in ESDCA. 1: force used.
* 0: not force used.
/** reserve_0_114 : RO; bitpos: [18]; default: 1;
* Reserved
*/
uint32_t ecdsa_force_use_hardware_k:1;
uint32_t reserve_0_114:1;
/** crypt_dpa_enable : RO; bitpos: [19]; default: 1;
* Represents whether anti-dpa attack is enabled. 1:enabled. 0: disabled.
*/
@ -357,10 +359,14 @@ typedef union {
* enabled. 0: disabled.
*/
uint32_t secure_boot_aggressive_revoke:1;
/** rpt4_reserved2_0 : RO; bitpos: [27:22]; default: 0;
* Reserved.
/** powerglitch_en1 : R; bitpos: [26:22]; default: 0;
* Set these bits to enable power glitch function when chip power on
*/
uint32_t rpt4_reserved2_0:6;
uint32_t powerglitch_en1:5;
/** reserved_0_123 : R; bitpos: [27]; default: 0;
* reserved
*/
uint32_t reserved_0_123:1;
/** flash_tpuw : RO; bitpos: [31:28]; default: 0;
* Represents the flash waiting time after power-up, in unit of ms. When the value
* less than 15, the waiting time is the programmed value. Otherwise, the waiting time