refactor (bootloader_support, efuse)!: remove target-specific rom includes

The following two functions in bootloader_support are private now:
* esp_secure_boot_verify_sbv2_signature_block()
* esp_secure_boot_verify_rsa_signature_block()
They have been moved into private header files
inside bootloader_private/

* Removed bootloader_reset_reason.h and
  bootloader_common_get_reset_reason() completely.
  Alternative in ROM component is available.

* made esp_efuse.h independent of target-specific rom header

components/app_update/esp_ota_ops.c

@@ -30,6 +30,20 @@
 #include "esp_efuse.h"
 #include "esp_attr.h"
 
+#if CONFIG_IDF_TARGET_ESP32
+#include "esp32/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32S2
+#include "esp32s2/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32C3
+#include "esp32c3/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32S3
+#include "esp32s3/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32H2
+#include "esp32h2/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32C2
+#include "esp32c2/rom/secure_boot.h"
+#endif
+
 #define SUB_TYPE_ID(i) (i & 0x0F)
 
 /* Partial_data is word aligned so no reallocation is necessary for encrypted flash write */
@@ -898,7 +912,7 @@ esp_err_t esp_ota_revoke_secure_boot_public_key(esp_ota_secure_boot_public_key_i
     }
 
     esp_err_t ret;
-    ets_secure_boot_key_digests_t trusted_keys;
+    esp_secure_boot_key_digests_t trusted_keys;
     ret = esp_secure_boot_read_key_digests(&trusted_keys);
     if (ret != ESP_OK) {
         ESP_LOGE(TAG, "Could not read the secure boot key digests from efuse. Aborting..");

components/bootloader/subproject/main/bootloader_start.c

@@ -5,6 +5,7 @@
  */
 #include <stdbool.h>
 #include "esp_log.h"
+#include "esp_rom_sys.h"
 #include "bootloader_init.h"
 #include "bootloader_utility.h"
 #include "bootloader_common.h"
@@ -79,7 +80,7 @@ static int selected_boot_partition(const bootloader_state_t *bs)
     if (boot_index == INVALID_INDEX) {
         return boot_index; // Unrecoverable failure (not due to corrupt ota data or bad partition contents)
     }
-    if (bootloader_common_get_reset_reason(0) != DEEPSLEEP_RESET) {
+    if (esp_rom_get_reset_reason(0) != RESET_REASON_CORE_DEEP_SLEEP) {
         // Factory firmware.
 #ifdef CONFIG_BOOTLOADER_FACTORY_RESET
         bool reset_level = false;

components/bootloader_support/include/bootloader_common.h

@@ -8,21 +8,6 @@
 #include "esp_flash_partitions.h"
 #include "esp_image_format.h"
 #include "esp_app_format.h"
-// [refactor-todo]: we shouldn't expose ROM header files in a public API header, remove them in v5.0
-// Tracked in IDF-1968
-#if CONFIG_IDF_TARGET_ESP32
-#include "esp32/rom/rtc.h"
-#elif CONFIG_IDF_TARGET_ESP32S2
-#include "esp32s2/rom/rtc.h"
-#elif CONFIG_IDF_TARGET_ESP32S3
-#include "esp32s3/rom/rtc.h"
-#elif CONFIG_IDF_TARGET_ESP32C3
-#include "esp32c3/rom/rtc.h"
-#elif CONFIG_IDF_TARGET_ESP32H2
-#include "esp32h2/rom/rtc.h"
-#elif CONFIG_IDF_TARGET_ESP32C2
-#include "esp32c2/rom/rtc.h"
-#endif
 
 #ifdef __cplusplus
 extern "C" {
@@ -196,14 +181,6 @@ esp_err_t bootloader_common_get_partition_description(const esp_partition_pos_t
  */
 uint32_t bootloader_common_get_chip_ver_pkg(void);
 
-/**
- * @brief Query reset reason
- *
- * @param cpu_no CPU number
- * @return reset reason enumeration
- */
-RESET_REASON bootloader_common_get_reset_reason(int cpu_no);
-
 /**
  * @brief Check if the image (bootloader and application) has valid chip ID and revision
  *

components/bootloader_support/include/esp_secure_boot.h

@@ -8,32 +8,13 @@
 #include <stdbool.h>
 #include <esp_err.h>
 #include "soc/efuse_periph.h"
+#include "soc/soc_caps.h"
 #include "esp_image_format.h"
 #include "esp_rom_efuse.h"
 #include "sdkconfig.h"
 #include "esp_rom_crc.h"
 #include "hal/efuse_ll.h"
 
-#if CONFIG_IDF_TARGET_ESP32
-#include "esp32/rom/efuse.h"
-#include "esp32/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32S2
-#include "esp32s2/rom/efuse.h"
-#include "esp32s2/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32C3
-#include "esp32c3/rom/efuse.h"
-#include "esp32c3/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32S3
-#include "esp32s3/rom/efuse.h"
-#include "esp32s3/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32H2
-#include "esp32h2/rom/efuse.h"
-#include "esp32h2/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32C2
-#include "esp32c2/rom/efuse.h"
-#include "esp32c2/rom/secure_boot.h"
-#endif
-
 #ifdef CONFIG_SECURE_BOOT_V1_ENABLED
 #if !defined(CONFIG_SECURE_SIGNED_ON_BOOT) || !defined(CONFIG_SECURE_SIGNED_ON_UPDATE) || !defined(CONFIG_SECURE_SIGNED_APPS)
 #error "internal sdkconfig error, secure boot should always enable all signature options"
@@ -217,34 +198,10 @@ esp_err_t esp_secure_boot_verify_ecdsa_signature_block(const esp_secure_boot_sig
  * Each image can have one or more signature blocks (up to SECURE_BOOT_NUM_BLOCKS). Each signature block includes a public key.
  */
 typedef struct {
-    uint8_t key_digests[SECURE_BOOT_NUM_BLOCKS][ESP_SECURE_BOOT_DIGEST_LEN];    /* SHA of the public key components in the signature block */
+    uint8_t key_digests[SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS][ESP_SECURE_BOOT_DIGEST_LEN];    /* SHA of the public key components in the signature block */
     unsigned num_digests;                                       /* Number of valid digests, starting at index 0 */
 } esp_image_sig_public_key_digests_t;
 
-/** @brief Verify the secure boot signature block for Secure Boot V2.
- *
- *  Performs RSA-PSS or ECDSA verification of the SHA-256 image based on the public key
- *  in the signature block, compared against the public key digest stored in efuse.
- *
- * Similar to esp_secure_boot_verify_signature(), but can be used when the digest is precalculated.
- * @param sig_block Pointer to signature block data
- * @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
- * @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)
- *
- */
-esp_err_t esp_secure_boot_verify_sbv2_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);
-
-/** @brief Legacy function to verify RSA secure boot signature block for Secure Boot V2.
- *
- * @note This is kept for backward compatibility. It internally calls esp_secure_boot_verify_sbv2_signature_block.
- *
- * @param sig_block Pointer to RSA signature block data
- * @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
- * @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)
- *
- */
-esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);
-
 #endif // !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_3
 
 /** @brief Legacy ECDSA verification function

components/bootloader_support/private_include/bootloader_signature.h

@@ -0,0 +1,52 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#pragma once
+
+#include "sdkconfig.h"
+#include <esp_err.h>
+#include <stdint.h>
+
+#if CONFIG_IDF_TARGET_ESP32
+#include "esp32/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32S2
+#include "esp32s2/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32C3
+#include "esp32c3/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32S3
+#include "esp32s3/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32H2
+#include "esp32h2/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32C2
+#include "esp32c2/rom/secure_boot.h"
+#endif
+
+#if !CONFIG_IDF_TARGET_ESP32 || CONFIG_ESP32_REV_MIN_3
+
+/** @brief Verify the secure boot signature block for Secure Boot V2.
+ *
+ *  Performs RSA-PSS or ECDSA verification of the SHA-256 image based on the public key
+ *  in the signature block, compared against the public key digest stored in efuse.
+ *
+ * Similar to esp_secure_boot_verify_signature(), but can be used when the digest is precalculated.
+ * @param sig_block Pointer to signature block data
+ * @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
+ * @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)
+ *
+ */
+esp_err_t esp_secure_boot_verify_sbv2_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);
+
+/** @brief Legacy function to verify RSA secure boot signature block for Secure Boot V2.
+ *
+ * @note This is kept for backward compatibility. It internally calls esp_secure_boot_verify_sbv2_signature_block.
+ *
+ * @param sig_block Pointer to RSA signature block data
+ * @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
+ * @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)
+ *
+ */
+esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);
+
+#endif

components/bootloader_support/src/bootloader_common.c

@@ -189,11 +189,6 @@ void bootloader_common_vddsdio_configure(void)
 #endif // CONFIG_BOOTLOADER_VDDSDIO_BOOST
 }
 
-RESET_REASON bootloader_common_get_reset_reason(int cpu_no)
-{
-    return (RESET_REASON)esp_rom_get_reset_reason(cpu_no);
-}
-
 uint8_t bootloader_flash_get_cs_io(void)
 {
 #if SOC_SPI_MEM_SUPPORT_CONFIG_GPIO_BY_EFUSE

components/bootloader_support/src/esp32c3/bootloader_esp32c3.c

@@ -20,6 +20,7 @@
 #include "soc/assist_debug_reg.h"
 #include "esp_cpu.h"
 #include "soc/rtc.h"
+#include "soc/rtc_cntl_reg.h"
 #include "soc/spi_periph.h"
 #include "soc/extmem_reg.h"
 #include "soc/io_mux_reg.h"

components/bootloader_support/src/esp32h2/bootloader_esp32h2.c

@@ -20,6 +20,7 @@
 #include "soc/assist_debug_reg.h"
 #include "esp_cpu.h"
 #include "soc/rtc.h"
+#include "soc/rtc_cntl_reg.h"
 #include "soc/spi_periph.h"
 #include "soc/extmem_reg.h"
 #include "soc/io_mux_reg.h"

components/bootloader_support/src/esp32s2/bootloader_esp32s2.c

@@ -33,6 +33,7 @@
 #include "soc/dport_reg.h"
 #include "soc/extmem_reg.h"
 #include "soc/rtc.h"
+#include "soc/rtc_cntl_reg.h"
 #include "soc/spi_periph.h"
 #include "esp_efuse.h"
 #include "hal/mmu_hal.h"

components/bootloader_support/src/esp_image_format.c

@@ -7,6 +7,7 @@
 #include <sys/param.h>
 #include <esp_cpu.h>
 #include <bootloader_utility.h>
+#include <bootloader_signature.h>
 #include <esp_secure_boot.h>
 #include <esp_fault.h>
 #include <esp_log.h>

components/bootloader_support/src/secure_boot_v1/secure_boot.c

@@ -11,6 +11,7 @@
 #include "esp_log.h"
 
 #include "esp32/rom/cache.h"
+#include "esp32/rom/secure_boot.h"
 
 #include "soc/rtc_periph.h"
 #include "bootloader_utility.h"

components/bootloader_support/src/secure_boot_v2/secure_boot.c

@@ -15,6 +15,20 @@
 #include "esp_efuse.h"
 #include "esp_efuse_table.h"
 
+#if CONFIG_IDF_TARGET_ESP32
+#include "esp32/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32S2
+#include "esp32s2/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32C3
+#include "esp32c3/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32S3
+#include "esp32s3/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32H2
+#include "esp32h2/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32C2
+#include "esp32c2/rom/secure_boot.h"
+#endif
+
 /* The following API implementations are used only when called
  * from the bootloader code.
  */

components/bootloader_support/src/secure_boot_v2/secure_boot_ecdsa_signature.c

@@ -14,6 +14,8 @@
 #include "mbedtls/ecp.h"
 #include "rom/ecdsa.h"
 
+#include "secure_boot_signature_priv.h"
+
 static const char *TAG = "secure_boot_v2_ecdsa";
 
 #define ECDSA_INTEGER_LEN 32

components/bootloader_support/src/secure_boot_v2/secure_boot_rsa_signature.c

@@ -12,6 +12,8 @@
 #include "mbedtls/entropy.h"
 #include "mbedtls/ctr_drbg.h"
 
+#include "secure_boot_signature_priv.h"
+
 static const char *TAG = "secure_boot_v2_rsa";
 
 esp_err_t verify_rsa_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, const ets_secure_boot_sig_block_t *trusted_block)

components/bootloader_support/src/secure_boot_v2/secure_boot_signature_priv.h

@@ -4,7 +4,20 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 #include "esp_secure_boot.h"
-#include "esp_log.h"
+
+#if CONFIG_IDF_TARGET_ESP32
+#include "esp32/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32S2
+#include "esp32s2/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32C3
+#include "esp32c3/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32S3
+#include "esp32s3/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32H2
+#include "esp32h2/rom/secure_boot.h"
+#elif CONFIG_IDF_TARGET_ESP32C2
+#include "esp32c2/rom/secure_boot.h"
+#endif
 
 esp_err_t verify_ecdsa_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, const ets_secure_boot_sig_block_t *trusted_block);
 

components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_app.c

@@ -8,6 +8,7 @@
 #include "bootloader_flash_priv.h"
 #include "bootloader_sha.h"
 #include "bootloader_utility.h"
+#include "bootloader_signature.h"
 #include "esp_log.h"
 #include "esp_image_format.h"
 #include "mbedtls/sha256.h"
@@ -108,7 +109,7 @@ static esp_err_t get_secure_boot_key_digests(esp_image_sig_public_key_digests_t
 #elif CONFIG_SECURE_BOOT_V2_ENABLED
     ESP_LOGI(TAG, "Take trusted digest key(s) from eFuse block(s)");
     // Read key digests from efuse
-    ets_secure_boot_key_digests_t efuse_trusted;
+    esp_secure_boot_key_digests_t efuse_trusted;
     if (esp_secure_boot_read_key_digests(&efuse_trusted) == ESP_OK) {
         for (unsigned i = 0; i < SECURE_BOOT_NUM_BLOCKS; i++) {
             if (efuse_trusted.key_digests[i] != NULL) {

components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_bootloader.c

@@ -10,6 +10,7 @@
 #include "bootloader_flash_priv.h"
 #include "bootloader_sha.h"
 #include "bootloader_utility.h"
+#include "bootloader_signature.h"
 #include "esp_log.h"
 #include "esp_image_format.h"
 #include "esp_secure_boot.h"
@@ -66,19 +67,19 @@ static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *blo
 static esp_err_t get_secure_boot_key_digests(esp_image_sig_public_key_digests_t *public_key_digests)
 {
     // Read key digests from efuse
-    ets_secure_boot_key_digests_t trusted_keys;
-    ets_secure_boot_key_digests_t trusted_key_copies[2];
+    esp_secure_boot_key_digests_t trusted_keys;
+    esp_secure_boot_key_digests_t trusted_key_copies[2];
 
-    memset(&trusted_keys, 0, sizeof(ets_secure_boot_key_digests_t));
-    memset(trusted_key_copies, 0, 2 * sizeof(ets_secure_boot_key_digests_t));
+    memset(&trusted_keys, 0, sizeof(esp_secure_boot_key_digests_t));
+    memset(trusted_key_copies, 0, 2 * sizeof(esp_secure_boot_key_digests_t));
 
     esp_err_t err = esp_secure_boot_read_key_digests(&trusted_keys);
 
     // Create the copies for FI checks (assuming result is ETS_OK, if it's not then it'll fail the fault check anyhow)
     esp_secure_boot_read_key_digests(&trusted_key_copies[0]);
     esp_secure_boot_read_key_digests(&trusted_key_copies[1]);
-    ESP_FAULT_ASSERT(memcmp(&trusted_keys, &trusted_key_copies[0], sizeof(ets_secure_boot_key_digests_t)) == 0);
-    ESP_FAULT_ASSERT(memcmp(&trusted_keys, &trusted_key_copies[1], sizeof(ets_secure_boot_key_digests_t)) == 0);
+    ESP_FAULT_ASSERT(memcmp(&trusted_keys, &trusted_key_copies[0], sizeof(esp_secure_boot_key_digests_t)) == 0);
+    ESP_FAULT_ASSERT(memcmp(&trusted_keys, &trusted_key_copies[1], sizeof(esp_secure_boot_key_digests_t)) == 0);
 
     if (err == ESP_OK) {
         for (unsigned i = 0; i < SECURE_BOOT_NUM_BLOCKS; i++) {

components/efuse/include/esp_efuse.h

@@ -15,20 +15,6 @@
 #include "sdkconfig.h"
 #include_next "esp_efuse.h"
 
-#if CONFIG_IDF_TARGET_ESP32
-#include "esp32/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32S2
-#include "esp32s2/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32C3
-#include "esp32c3/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32S3
-#include "esp32s3/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32H2
-#include "esp32h2/rom/secure_boot.h"
-#elif CONFIG_IDF_TARGET_ESP32C2
-#include "esp32c2/rom/secure_boot.h"
-#endif
-
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -60,6 +46,17 @@ typedef enum {
     ESP_EFUSE_ROM_LOG_ALWAYS_OFF    /**< Disable ROM logging permanently */
 } esp_efuse_rom_log_scheme_t;
 
+#if CONFIG_ESP32_REV_MIN_3 || !CONFIG_IDF_TARGET_ESP32
+/**
+ * @brief Pointers to the trusted key digests.
+ *
+ * The number of digests depends on the SOC's capabilities.
+ */
+typedef struct {
+    const void *key_digests[SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS]; /**< Pointers to the key digests */
+} esp_secure_boot_key_digests_t;
+#endif
+
 /**
  * @brief   Reads bits from EFUSE field and writes it into an array.
  *
@@ -749,13 +746,15 @@ esp_err_t esp_efuse_write_keys(const esp_efuse_purpose_t purposes[], uint8_t key
 /**
  * @brief Read key digests from efuse. Any revoked/missing digests will be marked as NULL
  *
- * @param[out] trusted_keys The number of digest in range 0..2
+ * @param[out] trusted_key_digests Trusted keys digests, stored in this parameter after successfully
+ *                                 completing this function.
+ *                                 The number of digests depends on the SOC's capabilities.
  *
  * @return
  *    - ESP_OK: Successful.
  *    - ESP_FAIL: If trusted_keys is NULL or there is no valid digest.
  */
-esp_err_t esp_secure_boot_read_key_digests(ets_secure_boot_key_digests_t *trusted_keys);
+esp_err_t esp_secure_boot_read_key_digests(esp_secure_boot_key_digests_t *trusted_key_digests);
 #endif
 
 /**

components/efuse/src/efuse_controller/keys/with_key_purposes/esp_efuse_api_key.c

@@ -365,7 +365,7 @@ esp_err_t esp_efuse_set_write_protect_of_digest_revoke(unsigned num_digest)
     return esp_efuse_write_field_bit(s_revoke_table[num_digest].revoke_wr_dis);
 }
 
-esp_err_t esp_secure_boot_read_key_digests(ets_secure_boot_key_digests_t *trusted_keys)
+esp_err_t esp_secure_boot_read_key_digests(esp_secure_boot_key_digests_t *trusted_keys)
 {
     bool found = false;
     esp_efuse_block_t key_block;
@@ -374,7 +374,7 @@ esp_err_t esp_secure_boot_read_key_digests(ets_secure_boot_key_digests_t *truste
         return ESP_FAIL;
     }
 
-    for (unsigned i = 0; i < MAX_KEY_DIGESTS; i++) {
+    for (unsigned i = 0; i < SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS; i++) {
         trusted_keys->key_digests[i] = NULL;
         if (esp_efuse_get_digest_revoke(i)) {
             continue;
@@ -390,8 +390,6 @@ esp_err_t esp_secure_boot_read_key_digests(ets_secure_boot_key_digests_t *truste
         found = found || (trusted_keys->key_digests[i] != NULL);
     }
 
-    trusted_keys->allow_key_revoke = false;
-
     if (!found) {
         return ESP_FAIL;
     }

components/efuse/src/efuse_controller/keys/without_key_purposes/one_key_block/esp_efuse_api_key.c

@@ -238,7 +238,7 @@ err_exit:
     return err;
 }
 
-esp_err_t esp_secure_boot_read_key_digests(ets_secure_boot_key_digests_t *trusted_keys)
+esp_err_t esp_secure_boot_read_key_digests(esp_secure_boot_key_digests_t *trusted_keys)
 {
     if (trusted_keys == NULL) {
         return ESP_FAIL;

components/efuse/src/efuse_controller/keys/without_key_purposes/three_key_blocks/esp_efuse_api_key.c

@@ -241,7 +241,7 @@ err_exit:
 }
 
 #if CONFIG_ESP32_REV_MIN_3
-esp_err_t esp_secure_boot_read_key_digests(ets_secure_boot_key_digests_t *trusted_keys)
+esp_err_t esp_secure_boot_read_key_digests(esp_secure_boot_key_digests_t *trusted_keys)
 {
     if (trusted_keys == NULL) {
         return ESP_FAIL;

components/esp_hw_support/port/esp32s2/esp_hmac.c

@@ -5,6 +5,7 @@
  */
 
 #include <string.h>
+#include "esp32s2/rom/ets_sys.h"
 #include "esp32s2/rom/hmac.h"
 #include "esp_hmac.h"
 #include "esp_crypto_lock.h"

components/esp_system/port/cpu_start.c

@@ -28,13 +28,16 @@
 #include "soc/dport_reg.h"
 #include "esp32/rtc.h"
 #include "esp32/rom/cache.h"
+#include "esp32/rom/secure_boot.h"
 #elif CONFIG_IDF_TARGET_ESP32S2
 #include "esp32s2/rtc.h"
 #include "esp32s2/rom/cache.h"
+#include "esp32s2/rom/secure_boot.h"
 #include "esp32s2/memprot.h"
 #elif CONFIG_IDF_TARGET_ESP32S3
 #include "esp32s3/rtc.h"
 #include "esp32s3/rom/cache.h"
+#include "esp32s3/rom/secure_boot.h"
 #include "esp_memprot.h"
 #include "soc/assist_debug_reg.h"
 #include "soc/system_reg.h"
@@ -42,15 +45,18 @@
 #elif CONFIG_IDF_TARGET_ESP32C3
 #include "esp32c3/rtc.h"
 #include "esp32c3/rom/cache.h"
+#include "esp32c3/rom/secure_boot.h"
 #include "esp_memprot.h"
 #elif CONFIG_IDF_TARGET_ESP32H2
 #include "esp32h2/rtc.h"
 #include "esp32h2/rom/cache.h"
+#include "esp32h2/rom/secure_boot.h"
 #include "esp_memprot.h"
 #elif CONFIG_IDF_TARGET_ESP32C2
 #include "esp32c2/rtc.h"
 #include "esp32c2/rom/cache.h"
 #include "esp32c2/rom/rtc.h"
+#include "esp32c2/rom/secure_boot.h"
 #include "esp32c2/memprot.h"
 #endif
 

docs/en/migration-guides/system.rst

@@ -20,6 +20,12 @@ Cache Error Interrupt
 
 The old headers ``{IDF_TARGET_NAME}/cache_err_int.h`` have been removed. Please include ``esp_private/cache_err_int.h`` instead.
 
+Bootloader Support
+------------------
+
+* The function ``bootloader_common_get_reset_reason()`` has been removed. Please use the function ``esp_rom_get_reset_reason()`` in the ROM component.
+* The functions ``esp_secure_boot_verify_sbv2_signature_block()`` and ``esp_secure_boot_verify_rsa_signature_block()`` have been removed without replacement. We don't expect users to use these directly. If they are indeed still neccessary, please open a feature request on github explaining why these functions are necessary to you.
+
 Brownout
 --------
 
@@ -49,6 +55,11 @@ PSRAM
 - The target specific header files ``spiram.h`` have been deleted. The header file ``esp_spiram.h`` has been deleted. A new component ``esp_psram`` is created, you should include ``esp_psram.h`` instead. Besides, you might need to add ``esp_psram`` component to the list of component requirements in CMakeLists.txt.
 - ``esp_spiram_get_chip_size`` and ``esp_spiram_get_size`` have been deleted. You should use ``esp_psram_get_size`` instead.
 
+Efuse
+----------
+
+The parameter type of function ``esp_secure_boot_read_key_digests()`` changed from ``ets_secure_boot_key_digests_t*`` to ``esp_secure_boot_key_digests_t*``. ``ets_secure_boot_key_digests_t*``. The new type is the same as the old one, except that the ``allow_key_revoke`` flag has been removed. The latter was always set to ``true`` in current code, hence, it didn't provide additional information.
+
 ESP Common
 ----------
 

tools/test_apps/security/secure_boot/main/secure_boot_main.c

@@ -7,6 +7,7 @@
    CONDITIONS OF ANY KIND, either express or implied.
 */
 #include <stdio.h>
+#include "sdkconfig.h"
 #include "freertos/FreeRTOS.h"
 #include "freertos/task.h"
 #include "soc/efuse_reg.h"
@@ -54,7 +55,7 @@ static void example_print_chip_info(void)
 
 static void example_secure_boot_status(void)
 {
-    ets_secure_boot_key_digests_t trusted_keys = { 0};
+    esp_secure_boot_key_digests_t trusted_keys = { 0};
 
     ESP_LOGI(TAG, "Checking for Secure Boot..");
     if(esp_secure_boot_enabled()) {
@@ -62,7 +63,7 @@ static void example_secure_boot_status(void)
         ESP_ERROR_CHECK( esp_secure_boot_read_key_digests(&trusted_keys) );
 
         unsigned total = 0;
-        for (int i = 0; i < MAX_KEY_DIGESTS; i++) {
+        for (int i = 0; i < SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS; i++) {
             ESP_LOGI(TAG, "Key slot %d:", i);
             if (trusted_keys.key_digests[i]) {
                 ESP_LOG_BUFFER_HEXDUMP("trusted key", trusted_keys.key_digests[i], DIGEST_LEN, ESP_LOG_INFO);