Browse Source

bootloader_support: Support eFuse key APIs in SB and FE

KonstantinKondrashov 4 years ago
parent
commit
3a23340e40

+ 8 - 0
components/bootloader_support/src/flash_encryption/flash_encrypt.c

@@ -100,11 +100,19 @@ static esp_err_t check_and_generate_encryption_keys(void)
         ESP_LOGE(TAG, "XTS_AES_128_KEY is already in use, XTS_AES_256_KEY_1/2 can not be used");
         return ESP_ERR_INVALID_STATE;
     }
+#else
+#ifdef CONFIG_SECURE_FLASH_ENCRYPTION_AES64
+    enum { BLOCKS_NEEDED = 1 };
+    esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
+        ESP_EFUSE_KEY_PURPOSE_XTS_AES_64_KEY,
+    };
+    key_size = 16;
 #else
     enum { BLOCKS_NEEDED = 1 };
     esp_efuse_purpose_t purposes[BLOCKS_NEEDED] = {
         ESP_EFUSE_KEY_PURPOSE_XTS_AES_128_KEY,
     };
+#endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES64
 #endif // CONFIG_SECURE_FLASH_ENCRYPTION_AES256
 #endif // CONFIG_IDF_TARGET_ESP32
 

+ 6 - 2
components/bootloader_support/src/secure_boot_v2/secure_boot.c

@@ -131,7 +131,11 @@ static esp_err_t s_calculate_image_public_key_digests(uint32_t flash_offset, uin
 static esp_err_t check_and_generate_secure_boot_keys(const esp_image_metadata_t *image_data)
 {
     esp_err_t ret;
-#ifdef CONFIG_IDF_TARGET_ESP32
+#ifdef CONFIG_IDF_TARGET_ESP8684
+    esp_efuse_purpose_t secure_boot_key_purpose[SECURE_BOOT_NUM_BLOCKS] = {
+        ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2,
+    };
+#elif CONFIG_IDF_TARGET_ESP32
     esp_efuse_purpose_t secure_boot_key_purpose[SECURE_BOOT_NUM_BLOCKS] = {
         ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_V2,
     };
@@ -146,7 +150,7 @@ static esp_err_t check_and_generate_secure_boot_keys(const esp_image_metadata_t
         ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST1,
         ESP_EFUSE_KEY_PURPOSE_SECURE_BOOT_DIGEST2,
     };
-#endif // CONFIG_IDF_TARGET_ESP32
+#endif // CONFIG_IDF_TARGET_ESP32 || CONFIG_IDF_TARGET_ESP8684
 
     /* Verify the bootloader */
     esp_image_metadata_t bootloader_data = { 0 };