esp32s2: move crypto related functions

components/esp32c3/CMakeLists.txt

@@ -11,10 +11,7 @@ if(BOOTLOADER_BUILD)
 else()
     # Regular app build
 
-    set(srcs "dport_access.c"
-             "esp_hmac.c"
-             "esp_ds.c"
-             "esp_crypto_lock.c")
+    set(srcs "dport_access.c")
     set(include_dirs "include")
 
     set(requires driver efuse soc riscv) #unfortunately rom/uart uses SOC registers directly

components/esp32c3/test/test_sha.c

@@ -1,80 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "esp_types.h"
-#include "esp32c3/clk.h"
-#include "esp_log.h"
-#include "esp_timer.h"
-#include "esp_heap_caps.h"
-#include "idf_performance.h"
-
-#include "unity.h"
-#include "test_utils.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "sha/sha_dma.h"
-
-/* Note: Most of the SHA functions are called as part of mbedTLS, so
-are tested as part of mbedTLS tests. Only esp_sha() is different.
-*/
-
-#define TAG "sha_test"
-
-TEST_CASE("Test esp_sha()", "[hw_crypto]")
-{
-    const size_t BUFFER_SZ = 32 * 1024 + 6; // NB: not an exact multiple of SHA block size
-
-    int64_t begin, end;
-    uint32_t us_sha1;
-    uint8_t sha1_result[20] = { 0 };
-    void *buffer = heap_caps_malloc(BUFFER_SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL);
-    TEST_ASSERT_NOT_NULL(buffer);
-    memset(buffer, 0xEE, BUFFER_SZ);
-
-    const uint8_t sha1_expected[20] = { 0xc7, 0xbb, 0xd3, 0x74, 0xf2, 0xf6, 0x20, 0x86,
-                                        0x61, 0xf4, 0x50, 0xd5, 0xf5, 0x18, 0x44, 0xcc,
-                                        0x7a, 0xb7, 0xa5, 0x4a };
-
-    begin = esp_timer_get_time();
-    esp_sha(SHA1, buffer, BUFFER_SZ, sha1_result);
-    end = esp_timer_get_time();
-    TEST_ASSERT_EQUAL_HEX8_ARRAY(sha1_expected, sha1_result, sizeof(sha1_expected));
-    us_sha1 = end - begin;
-    ESP_LOGI(TAG, "esp_sha() 32KB SHA1 in %u us", us_sha1);
-
-    free(buffer);
-
-    TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA1_32KB, "%dus", us_sha1);
-}
-
-TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
-{
-    const void* ptr;
-    spi_flash_mmap_handle_t handle;
-    uint8_t sha1_espsha[20] = { 0 };
-    uint8_t sha1_mbedtls[20] = { 0 };
-    uint8_t sha256_espsha[32] = { 0 };
-    uint8_t sha256_mbedtls[32] = { 0 };
-
-    const size_t LEN = 1024 * 1024;
-
-    /* mmap() 1MB of flash, we don't care what it is really */
-    esp_err_t err = spi_flash_mmap(0x0, LEN, SPI_FLASH_MMAP_DATA, &ptr, &handle);
-
-    TEST_ASSERT_EQUAL_HEX32(ESP_OK, err);
-    TEST_ASSERT_NOT_NULL(ptr);
-
-    /* Compare esp_sha() result to the mbedTLS result, should always be the same */
-
-    esp_sha(SHA1, ptr, LEN, sha1_espsha);
-    int r = mbedtls_sha1_ret(ptr, LEN, sha1_mbedtls);
-    TEST_ASSERT_EQUAL(0, r);
-
-    esp_sha(SHA2_256, ptr, LEN, sha256_espsha);
-    r = mbedtls_sha256_ret(ptr, LEN, sha256_mbedtls, 0);
-    TEST_ASSERT_EQUAL(0, r);
-
-    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_espsha, sha1_mbedtls, sizeof(sha1_espsha), "SHA1 results should match");
-
-    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_espsha, sha256_mbedtls, sizeof(sha256_espsha), "SHA256 results should match");
-}

components/esp32s2/CMakeLists.txt

@@ -13,10 +13,7 @@ else()
 
     set(srcs "dport_access.c"
              "spiram.c"
-             "spiram_psram.c"
-             "esp_crypto_lock.c"
-             "esp_hmac.c"
-             "esp_ds.c")
+             "spiram_psram.c")
 
     set(include_dirs "include")
 

components/esp32s2/test/test_ds.c

@@ -1,379 +0,0 @@
-// Copyright 2020 Espressif Systems (Shanghai) PTE LTD
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include "unity.h"
-#include "esp32s2/rom/efuse.h"
-#include "esp32s2/rom/digital_signature.h"
-#include "esp32s2/rom/aes.h"
-#include "esp32s2/rom/sha.h"
-#include <string.h>
-
-#include "esp_ds.h"
-
-#define NUM_RESULTS 10
-
-typedef struct {
-    uint8_t iv[ETS_DS_IV_LEN];
-    ets_ds_p_data_t p_data;
-    uint8_t expected_c[ETS_DS_C_LEN];
-    uint8_t hmac_key_idx;
-    uint32_t expected_results[NUM_RESULTS][4096/32];
-} encrypt_testcase_t;
-
-// Generated header (gen_digital_signature_tests.py) defines
-// NUM_HMAC_KEYS, test_hmac_keys, NUM_MESSAGES, NUM_CASES, test_messages[], test_cases[]
-// Some adaptations were made: removed the 512 bit case and changed RSA lengths to the enums from esp_ds.h
-#include "digital_signature_test_cases.h"
-
-_Static_assert(NUM_RESULTS == NUM_MESSAGES, "expected_results size should be the same as NUM_MESSAGES in generated header");
-
-TEST_CASE("Digital Signature Parameter Encryption data NULL", "[hw_crypto]")
-{
-    const char iv [32];
-    esp_ds_p_data_t p_data;
-    const char key [32];
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_encrypt_params(NULL, iv, &p_data, key));
-}
-
-TEST_CASE("Digital Signature Parameter Encryption iv NULL", "[hw_crypto]")
-{
-    esp_ds_data_t data;
-    esp_ds_p_data_t p_data;
-    const char key [32];
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_encrypt_params(&data, NULL, &p_data, key));
-}
-
-TEST_CASE("Digital Signature Parameter Encryption p_data NULL", "[hw_crypto]")
-{
-    esp_ds_data_t data;
-    const char iv [32];
-    const char key [32];
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_encrypt_params(&data, iv, NULL, key));
-}
-
-TEST_CASE("Digital Signature Parameter Encryption key NULL", "[hw_crypto]")
-{
-    esp_ds_data_t data;
-    const char iv [32];
-    esp_ds_p_data_t p_data;
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_encrypt_params(&data, iv, &p_data, NULL));
-}
-
-TEST_CASE("Digital Signature Parameter Encryption", "[hw_crypto]")
-{
-    for (int i = 0; i < NUM_CASES; i++) {
-        printf("Encrypting test case %d...\n", i);
-        const encrypt_testcase_t *t = &test_cases[i];
-        esp_ds_data_t result = { };
-        esp_ds_p_data_t p_data;
-
-        memcpy(p_data.Y, t->p_data.Y, 4096/8);
-        memcpy(p_data.M, t->p_data.M, 4096/8);
-        memcpy(p_data.Rb, t->p_data.Rb, 4096/8);
-        p_data.M_prime = t->p_data.M_prime;
-        p_data.length = t->p_data.length;
-
-        esp_err_t r = esp_ds_encrypt_params(&result, t->iv, &p_data,
-                                                  test_hmac_keys[t->hmac_key_idx]);
-        printf("Encrypting test case %d done\n", i);
-        TEST_ASSERT_EQUAL(ESP_OK, r);
-        TEST_ASSERT_EQUAL(t->p_data.length, result.rsa_length);
-        TEST_ASSERT_EQUAL_HEX8_ARRAY(t->iv, result.iv, ETS_DS_IV_LEN);
-        TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_c, result.c, ETS_DS_C_LEN);
-    }
-}
-
-TEST_CASE("Digital Signature start Invalid message", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = { };
-    ds_data.rsa_length = ESP_DS_RSA_4096;
-    esp_ds_context_t *ctx;
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(NULL, &ds_data, HMAC_KEY1, &ctx));
-}
-
-TEST_CASE("Digital Signature start Invalid data", "[hw_crypto]")
-{
-    const char *message = "test";
-    esp_ds_context_t *ctx;
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, NULL, HMAC_KEY1, &ctx));
-}
-
-TEST_CASE("Digital Signature start Invalid context", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_4096;
-    const char *message = "test";
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY1, NULL));
-}
-
-TEST_CASE("Digital Signature RSA length 0", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = 0;
-    const char *message = "test";
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY1, NULL));
-}
-
-TEST_CASE("Digital Signature RSA length too long", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = 128;
-    const char *message = "test";
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY1, NULL));
-}
-
-TEST_CASE("Digital Signature start HMAC key out of range", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_4096;
-    esp_ds_context_t *ctx;
-    const char *message = "test";
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY5 + 1, &ctx));
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY0 - 1, &ctx));
-}
-
-TEST_CASE("Digital Signature finish Invalid signature ptr", "[hw_crypto]")
-{
-    esp_ds_context_t *ctx = NULL;
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_finish_sign(NULL, ctx));
-}
-
-TEST_CASE("Digital Signature finish Invalid context", "[hw_crypto]")
-{
-    uint8_t signature_data [128 * 4];
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_finish_sign(signature_data, NULL));
-}
-
-TEST_CASE("Digital Signature Blocking Invalid message", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = { };
-    ds_data.rsa_length = ESP_DS_RSA_4096;
-    uint8_t signature_data [128 * 4];
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(NULL, &ds_data, HMAC_KEY1, signature_data));
-}
-
-TEST_CASE("Digital Signature Blocking Invalid data", "[hw_crypto]")
-{
-    const char *message = "test";
-    uint8_t signature_data [128 * 4];
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, NULL, HMAC_KEY1, signature_data));
-}
-
-TEST_CASE("Digital Signature Blocking Invalid signature ptr", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_4096;
-    const char *message = "test";
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY1, NULL));
-}
-
-TEST_CASE("Digital Signature Blocking RSA length 0", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = 0;
-    const char *message = "test";
-    uint8_t signature_data [128 * 4];
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY1, signature_data));
-}
-
-TEST_CASE("Digital Signature Blocking RSA length too long", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = 128;
-    const char *message = "test";
-    uint8_t signature_data [128 * 4];
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY1, signature_data));
-}
-
-TEST_CASE("Digital Signature Blocking HMAC key out of range", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = 127;
-    const char *message = "test";
-    uint8_t signature_data [128 * 4];
-
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY5 + 1, signature_data));
-    TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY0 - 1, signature_data));
-}
-
-#if CONFIG_IDF_ENV_FPGA
-
-static void burn_hmac_keys(void)
-{
-    printf("Burning %d HMAC keys to efuse...\n", NUM_HMAC_KEYS);
-    for (int i = 0; i < NUM_HMAC_KEYS; i++) {
-        // TODO: vary the purpose across the keys
-        ets_efuse_purpose_t purpose = ETS_EFUSE_KEY_PURPOSE_HMAC_DOWN_DIGITAL_SIGNATURE;
-
-        // starting from block 1, block 0 occupied with HMAC upstream test key
-        int ets_status = ets_efuse_write_key(ETS_EFUSE_BLOCK_KEY1 + i,
-                                             purpose,
-                                             test_hmac_keys[i], 32);
-
-        if (ets_status == ESP_OK) {
-            printf("written DS test key to block [%d]!\n", ETS_EFUSE_BLOCK_KEY1 + i);
-        } else {
-            printf("writing DS test key to block [%d] failed, maybe written already\n", ETS_EFUSE_BLOCK_KEY1 + i);
-        }
-    }
-}
-
-TEST_CASE("Digital Signature wrong HMAC key purpose (FPGA only)", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_4096;
-    esp_ds_context_t *ctx;
-    const char *message = "test";
-
-    // HMAC fails in that case because it checks for the correct purpose
-    TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_start_sign(message, &ds_data, HMAC_KEY0, &ctx));
-}
-
-TEST_CASE("Digital Signature Blocking wrong HMAC key purpose (FPGA only)", "[hw_crypto]")
-{
-    esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_4096;
-    const char *message = "test";
-    uint8_t signature_data [128 * 4];
-
-    // HMAC fails in that case because it checks for the correct purpose
-    TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_sign(message, &ds_data, HMAC_KEY0, signature_data));
-}
-
-TEST_CASE("Digital Signature Operation (FPGA only)", "[hw_crypto]")
-{
-    burn_hmac_keys();
-
-    for (int i = 0; i < NUM_CASES; i++) {
-        printf("Running test case %d...\n", i);
-        const encrypt_testcase_t *t = &test_cases[i];
-
-        // copy encrypt parameter test case into ds_data structure
-        esp_ds_data_t ds_data = { };
-        memcpy(ds_data.iv, t->iv, ETS_DS_IV_LEN);
-        memcpy(ds_data.c, t->expected_c, ETS_DS_C_LEN);
-        ds_data.rsa_length = t->p_data.length;
-
-        for (int j = 0; j < NUM_MESSAGES; j++) {
-            uint8_t signature[4096/8] = { 0 };
-            printf(" ... message %d\n", j);
-            esp_ds_context_t *esp_ds_ctx;
-
-            esp_err_t ds_r = esp_ds_start_sign(test_messages[j],
-                    &ds_data,
-                    t->hmac_key_idx + 1,
-                    &esp_ds_ctx);
-            TEST_ASSERT_EQUAL(ESP_OK, ds_r);
-
-            ds_r = esp_ds_finish_sign(signature, esp_ds_ctx);
-            TEST_ASSERT_EQUAL(ESP_OK, ds_r);
-
-            TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_results[j], signature, sizeof(signature));
-        }
-    }
-}
-
-TEST_CASE("Digital Signature Blocking Operation (FPGA only)", "[hw_crypto]")
-{
-    burn_hmac_keys();
-
-    for (int i = 0; i < NUM_CASES; i++) {
-        printf("Running test case %d...\n", i);
-        const encrypt_testcase_t *t = &test_cases[i];
-
-        // copy encrypt parameter test case into ds_data structure
-        esp_ds_data_t ds_data = { };
-        memcpy(ds_data.iv, t->iv, ETS_DS_IV_LEN);
-        memcpy(ds_data.c, t->expected_c, ETS_DS_C_LEN);
-        ds_data.rsa_length = t->p_data.length;
-
-        uint8_t signature[4096/8] = { 0 };
-        esp_ds_context_t *esp_ds_ctx;
-
-        esp_err_t ds_r = esp_ds_start_sign(test_messages[0],
-                &ds_data,
-                t->hmac_key_idx + 1,
-                &esp_ds_ctx);
-        TEST_ASSERT_EQUAL(ESP_OK, ds_r);
-
-        ds_r = esp_ds_finish_sign(signature, esp_ds_ctx);
-        TEST_ASSERT_EQUAL(ESP_OK, ds_r);
-
-        TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_results[0], signature, sizeof(signature));
-    }
-}
-TEST_CASE("Digital Signature Invalid Data (FPGA only)", "[hw_crypto]")
-{
-    burn_hmac_keys();
-
-    // Set up a valid test case
-    const encrypt_testcase_t *t = &test_cases[0];
-    esp_ds_data_t ds_data = { };
-    memcpy(ds_data.iv, t->iv, ETS_DS_IV_LEN);
-    memcpy(ds_data.c, t->expected_c, ETS_DS_C_LEN);
-    ds_data.rsa_length = t->p_data.length;
-
-    uint8_t signature[4096/8] = { 0 };
-    const uint8_t zero[4096/8] = { 0 };
-
-    // Corrupt the IV one bit at a time, rerun and expect failure
-    for (int bit = 0; bit < 128; bit++) {
-        printf("Corrupting IV bit %d...\n", bit);
-        ds_data.iv[bit / 8] ^= 1 << (bit % 8);
-        esp_ds_context_t *esp_ds_ctx;
-
-        esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1, &esp_ds_ctx);
-        TEST_ASSERT_EQUAL(ESP_OK, ds_r);
-        ds_r = esp_ds_finish_sign(signature, esp_ds_ctx);
-        TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r);
-        TEST_ASSERT_EQUAL_HEX8_ARRAY(zero, signature, 4096/8);
-
-        ds_data.iv[bit / 8] ^= 1 << (bit % 8);
-    }
-
-    // Corrupt encrypted key data one bit at a time, rerun and expect failure
-    printf("Corrupting C...\n");
-    for (int bit = 0; bit < ETS_DS_C_LEN * 8; bit++) {
-        printf("Corrupting C bit %d...\n", bit);
-        ds_data.c[bit / 8] ^= 1 << (bit % 8);
-        esp_ds_context_t *esp_ds_ctx;
-
-        esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1, &esp_ds_ctx);
-        TEST_ASSERT_EQUAL(ESP_OK, ds_r);
-        ds_r = esp_ds_finish_sign(signature, esp_ds_ctx);
-        TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r);
-        TEST_ASSERT_EQUAL_HEX8_ARRAY(zero, signature, 4096/8);
-
-        ds_data.c[bit / 8] ^= 1 << (bit % 8);
-    }
-}
-
-#endif // CONFIG_IDF_ENV_FPGA

components/esp32s2/test/test_sha.c

@@ -1,103 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "esp_types.h"
-#include "esp32s2/clk.h"
-#include "esp_log.h"
-#include "ccomp_timer.h"
-#include "esp_heap_caps.h"
-#include "idf_performance.h"
-
-#include "unity.h"
-#include "test_utils.h"
-#include "mbedtls/sha1.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/sha512.h"
-#include "sha/sha_dma.h"
-
-/* Note: Most of the SHA functions are called as part of mbedTLS, so
-are tested as part of mbedTLS tests. Only esp_sha() is different.
-*/
-
-#define TAG "sha_test"
-
-TEST_CASE("Test esp_sha()", "[hw_crypto]")
-{
-    const size_t BUFFER_SZ = 32 * 1024 + 6; // NB: not an exact multiple of SHA block size
-
-    uint32_t us_sha1, us_sha512;
-    uint8_t sha1_result[20] = { 0 };
-    uint8_t sha512_result[64] = { 0 };
-    void *buffer = heap_caps_malloc(BUFFER_SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL);
-    TEST_ASSERT_NOT_NULL(buffer);
-    memset(buffer, 0xEE, BUFFER_SZ);
-
-    const uint8_t sha1_expected[20] = { 0xc7, 0xbb, 0xd3, 0x74, 0xf2, 0xf6, 0x20, 0x86,
-                                        0x61, 0xf4, 0x50, 0xd5, 0xf5, 0x18, 0x44, 0xcc,
-                                        0x7a, 0xb7, 0xa5, 0x4a };
-    const uint8_t sha512_expected[64] = { 0xc7, 0x7f, 0xda, 0x8c, 0xb3, 0x58, 0x14, 0x8a,
-                                          0x52, 0x3b, 0x46, 0x04, 0xc0, 0x85, 0xc5, 0xf0,
-                                          0x46, 0x64, 0x14, 0xd5, 0x96, 0x7a, 0xa2, 0x80,
-                                          0x20, 0x9c, 0x04, 0x27, 0x7d, 0x3b, 0xf9, 0x1f,
-                                          0xb2, 0xa3, 0x45, 0x3c, 0xa1, 0x6a, 0x8d, 0xdd,
-                                          0x35, 0x5e, 0x35, 0x57, 0x76, 0x22, 0x74, 0xd8,
-                                          0x1e, 0x07, 0xc6, 0xa2, 0x9e, 0x3b, 0x65, 0x75,
-                                          0x80, 0x7d, 0xe6, 0x6e, 0x47, 0x61, 0x2c, 0x94 };
-
-    ccomp_timer_start();;
-    esp_sha(SHA1, buffer, BUFFER_SZ, sha1_result);
-    us_sha1 = ccomp_timer_stop();
-    TEST_ASSERT_EQUAL_HEX8_ARRAY(sha1_expected, sha1_result, sizeof(sha1_expected));
-    ESP_LOGI(TAG, "esp_sha() 32KB SHA1 in %u us", us_sha1);
-
-    ccomp_timer_start();;
-    esp_sha(SHA2_512, buffer, BUFFER_SZ, sha512_result);
-    us_sha512 = ccomp_timer_stop();
-    TEST_ASSERT_EQUAL_HEX8_ARRAY(sha512_expected, sha512_result, sizeof(sha512_expected));
-    ESP_LOGI(TAG, "esp_sha() 32KB SHA512 in %u us", us_sha512);
-
-    free(buffer);
-
-    TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA1_32KB, "%dus", us_sha1);
-    TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA512_32KB, "%dus", us_sha512);
-}
-
-TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
-{
-    const void* ptr;
-    spi_flash_mmap_handle_t handle;
-    uint8_t sha1_espsha[20] = { 0 };
-    uint8_t sha1_mbedtls[20] = { 0 };
-    uint8_t sha256_espsha[32] = { 0 };
-    uint8_t sha256_mbedtls[32] = { 0 };
-    uint8_t sha512_espsha[64] = { 0 };
-    uint8_t sha512_mbedtls[64] = { 0 };
-
-    const size_t LEN = 1024 * 1024;
-
-    /* mmap() 1MB of flash, we don't care what it is really */
-    esp_err_t err = spi_flash_mmap(0x0, LEN, SPI_FLASH_MMAP_DATA, &ptr, &handle);
-
-    TEST_ASSERT_EQUAL_HEX32(ESP_OK, err);
-    TEST_ASSERT_NOT_NULL(ptr);
-
-    /* Compare esp_sha() result to the mbedTLS result, should always be the same */
-
-    esp_sha(SHA1, ptr, LEN, sha1_espsha);
-    int r = mbedtls_sha1_ret(ptr, LEN, sha1_mbedtls);
-    TEST_ASSERT_EQUAL(0, r);
-
-    esp_sha(SHA2_256, ptr, LEN, sha256_espsha);
-    r = mbedtls_sha256_ret(ptr, LEN, sha256_mbedtls, 0);
-    TEST_ASSERT_EQUAL(0, r);
-
-    esp_sha(SHA2_512, ptr, LEN, sha512_espsha);
-    r = mbedtls_sha512_ret(ptr, LEN, sha512_mbedtls, 0);
-    TEST_ASSERT_EQUAL(0, r);
-
-    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_espsha, sha1_mbedtls, sizeof(sha1_espsha), "SHA1 results should match");
-
-    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_espsha, sha256_mbedtls, sizeof(sha256_espsha), "SHA256 results should match");
-
-    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_espsha, sha512_mbedtls, sizeof(sha512_espsha), "SHA512 results should match");
-}

components/esp32s3/CMakeLists.txt

@@ -13,7 +13,6 @@ else()
     # Regular app build
 
     set(srcs "dport_access.c"
-             "esp_crypto_lock.c"
              "spiram.c"
              "spi_timing_config.c")
     set(include_dirs "include")

components/esp_common/src/esp_err_to_name.c

@@ -5,9 +5,6 @@
 #if __has_include("soc/soc.h")
 #include "soc/soc.h"
 #endif
-#if __has_include("esp_ds.h")
-#include "esp_ds.h"
-#endif
 #if __has_include("esp_efuse.h")
 #include "esp_efuse.h"
 #endif
@@ -59,6 +56,9 @@
 #if __has_include("nvs.h")
 #include "nvs.h"
 #endif
+#if __has_include("soc/esp32s2/esp_ds.h")
+#include "soc/esp32s2/esp_ds.h"
+#endif
 #if __has_include("ulp_common.h")
 #include "ulp_common.h"
 #endif
@@ -740,7 +740,7 @@ static const esp_err_msg_t esp_err_msg_table[] = {
     ERR_TBL_IT(ESP_ERR_HW_CRYPTO_BASE),                         /* 49152 0xc000 Starting number of HW cryptography
                                                                                 module error codes */
 #   endif
-    // components/esp32s2/include/esp_ds.h
+    // components/esp_hw_support/include/soc/esp32s2/esp_ds.h
 #   ifdef      ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL
     ERR_TBL_IT(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL),                 /* 49153 0xc001 HMAC peripheral problem */
 #   endif

components/esp_hw_support/CMakeLists.txt

@@ -25,7 +25,7 @@ else()
 endif()
 
 idf_component_register(SRCS ${srcs}
-                       INCLUDE_DIRS include include/soc
+                       INCLUDE_DIRS include include/soc include/soc/${target}
                        PRIV_INCLUDE_DIRS port/include
                        REQUIRES ${requires}
                        PRIV_REQUIRES ${priv_requires}

components/esp_hw_support/port/esp32c3/CMakeLists.txt

@@ -9,7 +9,11 @@ set(srcs "cpu_util_esp32c3.c"
          )
 
 if(NOT BOOTLOADER_BUILD)
-    list(APPEND srcs "../async_memcpy_impl_gdma.c" "memprot.c")
+    list(APPEND srcs "../async_memcpy_impl_gdma.c"
+                     "memprot.c"
+                     "esp_hmac.c"
+                     "esp_crypto_lock.c"
+                     "esp_ds.c")
 endif()
 
 add_prefix(srcs "${CMAKE_CURRENT_LIST_DIR}/" "${srcs}")

components/esp_hw_support/port/esp32s2/CMakeLists.txt

@@ -14,7 +14,11 @@ set(srcs
     )
 
 if(NOT BOOTLOADER_BUILD)
-    list(APPEND srcs "async_memcpy_impl_cp_dma.c" "memprot.c")
+    list(APPEND srcs "async_memcpy_impl_cp_dma.c"
+                     "memprot.c"
+                     "esp_hmac.c"
+                     "esp_crypto_lock.c"
+                     "esp_ds.c")
 endif()
 
 add_prefix(srcs "${CMAKE_CURRENT_LIST_DIR}/" "${srcs}")

components/esp_hw_support/port/esp32s3/CMakeLists.txt

@@ -13,7 +13,9 @@ set(srcs
     )
 
 if(NOT BOOTLOADER_BUILD)
-    list(APPEND srcs "../async_memcpy_impl_gdma.c" "memprot.c")
+    list(APPEND srcs "../async_memcpy_impl_gdma.c"
+                     "esp_crypto_lock.c"
+                     "memprot.c")
 endif()
 
 add_prefix(srcs "${CMAKE_CURRENT_LIST_DIR}/" "${srcs}")

components/esp32c3/test/test_ds.c → components/esp_hw_support/test/test_ds.c

@@ -12,16 +12,32 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+#include <string.h>
 #include "unity.h"
+
+#include "soc/soc_caps.h"
+
+#if SOC_DIG_SIGN_SUPPORTED
+#if CONFIG_IDF_TARGET_ESP32S2
+#include "esp32s2/rom/efuse.h"
+#include "esp32s2/rom/digital_signature.h"
+#include "esp32s2/rom/aes.h"
+#include "esp32s2/rom/sha.h"
+#elif CONFIG_IDF_TARGET_ESP32C3
 #include "esp32c3/rom/efuse.h"
 #include "esp32c3/rom/digital_signature.h"
 #include "esp32c3/rom/hmac.h"
-#include <string.h>
+#endif
 
 #include "esp_ds.h"
 
 #define NUM_RESULTS 10
+
+#if CONFIG_IDF_TARGET_ESP32S2
+#define DS_MAX_BITS (4096)
+#elif CONFIG_IDF_TARGET_ESP32C3
 #define DS_MAX_BITS (ETS_DS_MAX_BITS)
+#endif
 
 typedef struct {
     uint8_t iv[ETS_DS_IV_LEN];
@@ -31,9 +47,16 @@ typedef struct {
     uint32_t expected_results[NUM_RESULTS][DS_MAX_BITS/32];
 } encrypt_testcase_t;
 
-// Generated header (components/esp32s2/test/gen_digital_signature_tests.py) defines
+// Generated header digital_signature_test_cases_<bits>.h (by gen_digital_signature_tests.py) defines
 // NUM_HMAC_KEYS, test_hmac_keys, NUM_MESSAGES, NUM_CASES, test_messages[], test_cases[]
-#include "digital_signature_test_cases.h"
+// Some adaptations were made: removed the 512 bit case and changed RSA lengths to the enums from esp_ds.h
+#if DS_MAX_BITS == 4096
+#define RSA_LEN			(ESP_DS_RSA_4096)
+#include "digital_signature_test_cases_4096.h"
+#elif DS_MAX_BITS == 3072
+#define RSA_LEN			(ESP_DS_RSA_3072)
+#include "digital_signature_test_cases_3072.h"
+#endif
 
 _Static_assert(NUM_RESULTS == NUM_MESSAGES, "expected_results size should be the same as NUM_MESSAGES in generated header");
 
@@ -81,16 +104,15 @@ TEST_CASE("Digital Signature Parameter Encryption", "[hw_crypto] [ds]")
         esp_ds_data_t result = { };
         esp_ds_p_data_t p_data;
 
-        memcpy(p_data.Y,   t->p_data.Y, ESP_DS_SIGNATURE_MAX_BIT_LEN/8);
-        memcpy(p_data.M,   t->p_data.M, ESP_DS_SIGNATURE_MAX_BIT_LEN/8);
-        memcpy(p_data.Rb, t->p_data.Rb, ESP_DS_SIGNATURE_MAX_BIT_LEN/8);
+        memcpy(p_data.Y, t->p_data.Y, DS_MAX_BITS/8);
+        memcpy(p_data.M, t->p_data.M, DS_MAX_BITS/8);
+        memcpy(p_data.Rb, t->p_data.Rb, DS_MAX_BITS/8);
         p_data.M_prime = t->p_data.M_prime;
         p_data.length = t->p_data.length;
 
         esp_err_t r = esp_ds_encrypt_params(&result, t->iv, &p_data,
                                                   test_hmac_keys[t->hmac_key_idx]);
         printf("Encrypting test case %d done\n", i);
-
         TEST_ASSERT_EQUAL(ESP_OK, r);
         TEST_ASSERT_EQUAL(t->p_data.length, result.rsa_length);
         TEST_ASSERT_EQUAL_HEX8_ARRAY(t->iv, result.iv, ETS_DS_IV_LEN);
@@ -101,7 +123,7 @@ TEST_CASE("Digital Signature Parameter Encryption", "[hw_crypto] [ds]")
 TEST_CASE("Digital Signature start Invalid message", "[hw_crypto] [ds]")
 {
     esp_ds_data_t ds_data = { };
-    ds_data.rsa_length = ESP_DS_RSA_3072;
+    ds_data.rsa_length = RSA_LEN;
     esp_ds_context_t *ctx;
 
     TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(NULL, &ds_data, HMAC_KEY1, &ctx));
@@ -118,7 +140,7 @@ TEST_CASE("Digital Signature start Invalid data", "[hw_crypto] [ds]")
 TEST_CASE("Digital Signature start Invalid context", "[hw_crypto] [ds]")
 {
     esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_3072;
+    ds_data.rsa_length = RSA_LEN;
     const char *message = "test";
 
     TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY1, NULL));
@@ -145,7 +167,7 @@ TEST_CASE("Digital Signature RSA length too long", "[hw_crypto] [ds]")
 TEST_CASE("Digital Signature start HMAC key out of range", "[hw_crypto] [ds]")
 {
     esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_3072;
+    ds_data.rsa_length = RSA_LEN;
     esp_ds_context_t *ctx;
     const char *message = "test";
 
@@ -170,7 +192,7 @@ TEST_CASE("Digital Signature finish Invalid context", "[hw_crypto] [ds]")
 TEST_CASE("Digital Signature Blocking Invalid message", "[hw_crypto] [ds]")
 {
     esp_ds_data_t ds_data = { };
-    ds_data.rsa_length = ESP_DS_RSA_3072;
+    ds_data.rsa_length = RSA_LEN;
     uint8_t signature_data [128 * 4];
 
     TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(NULL, &ds_data, HMAC_KEY1, signature_data));
@@ -187,7 +209,7 @@ TEST_CASE("Digital Signature Blocking Invalid data", "[hw_crypto] [ds]")
 TEST_CASE("Digital Signature Blocking Invalid signature ptr", "[hw_crypto] [ds]")
 {
     esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_3072;
+    ds_data.rsa_length =  RSA_LEN;
     const char *message = "test";
 
     TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY1, NULL));
@@ -226,17 +248,26 @@ TEST_CASE("Digital Signature Blocking HMAC key out of range", "[hw_crypto] [ds]"
 
 #if CONFIG_IDF_ENV_FPGA
 
-// Burn eFuse blocks 1, 2 and 3. Block 0 is used for HMAC tests already.
 static void burn_hmac_keys(void)
 {
     printf("Burning %d HMAC keys to efuse...\n", NUM_HMAC_KEYS);
     for (int i = 0; i < NUM_HMAC_KEYS; i++) {
         // TODO: vary the purpose across the keys
         ets_efuse_purpose_t purpose = ETS_EFUSE_KEY_PURPOSE_HMAC_DOWN_DIGITAL_SIGNATURE;
-        ets_efuse_write_key(ETS_EFUSE_BLOCK_KEY1 + i,
-                            purpose,
-                            test_hmac_keys[i], 32);
+
+        // starting from block 1, block 0 occupied with HMAC upstream test key
+        int __attribute__((unused)) ets_status = ets_efuse_write_key(ETS_EFUSE_BLOCK_KEY1 + i,
+                                             purpose,
+                                             test_hmac_keys[i], 32);
+#if CONFIG_IDF_TARGET_ESP32S2
+        if (ets_status == ESP_OK) {
+            printf("written DS test key to block [%d]!\n", ETS_EFUSE_BLOCK_KEY1 + i);
+        } else {
+            printf("writing DS test key to block [%d] failed, maybe written already\n", ETS_EFUSE_BLOCK_KEY1 + i);
+        }
+#endif
     }
+#if CONFIG_IDF_TARGET_ESP32C3
     /* verify the keys are what we expect (possibly they're already burned, doesn't matter but they have to match) */
     uint8_t block_compare[32];
     for (int i = 0; i < NUM_HMAC_KEYS; i++) {
@@ -244,6 +275,7 @@ static void burn_hmac_keys(void)
         memcpy(block_compare, (void *)ets_efuse_get_read_register_address(ETS_EFUSE_BLOCK_KEY1 + i), 32);
         TEST_ASSERT_EQUAL_HEX8_ARRAY(test_hmac_keys[i], block_compare, 32);
     }
+#endif
 }
 
 // This test uses the HMAC_KEY0 eFuse key which hasn't been burned by burn_hmac_keys().
@@ -251,12 +283,16 @@ static void burn_hmac_keys(void)
 TEST_CASE("Digital Signature wrong HMAC key purpose (FPGA only)", "[hw_crypto] [ds]")
 {
     esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_3072;
+    ds_data.rsa_length =  RSA_LEN;
     esp_ds_context_t *ctx;
     const char *message = "test";
 
     // HMAC fails in that case because it checks for the correct purpose
+#if CONFIG_IDF_TARGET_ESP32S2
+    TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_start_sign(message, &ds_data, HMAC_KEY0, &ctx));
+#elif CONFIG_IDF_TARGET_ESP32C3
     TEST_ASSERT_EQUAL(ESP32C3_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_start_sign(message, &ds_data, HMAC_KEY0, &ctx));
+#endif
 }
 
 // This test uses the HMAC_KEY0 eFuse key which hasn't been burned by burn_hmac_keys().
@@ -264,12 +300,16 @@ TEST_CASE("Digital Signature wrong HMAC key purpose (FPGA only)", "[hw_crypto] [
 TEST_CASE("Digital Signature Blocking wrong HMAC key purpose (FPGA only)", "[hw_crypto] [ds]")
 {
     esp_ds_data_t ds_data = {};
-    ds_data.rsa_length = ESP_DS_RSA_3072;
+    ds_data.rsa_length = RSA_LEN;
     const char *message = "test";
     uint8_t signature_data [128 * 4];
 
     // HMAC fails in that case because it checks for the correct purpose
+#if CONFIG_IDF_TARGET_ESP32S2
+    TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_sign(message, &ds_data, HMAC_KEY0, signature_data));
+#elif CONFIG_IDF_TARGET_ESP32C3
     TEST_ASSERT_EQUAL(ESP32C3_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_sign(message, &ds_data, HMAC_KEY0, signature_data));
+#endif
 }
 
 TEST_CASE("Digital Signature Operation (FPGA only)", "[hw_crypto] [ds]")
@@ -291,6 +331,7 @@ TEST_CASE("Digital Signature Operation (FPGA only)", "[hw_crypto] [ds]")
             printf(" ... message %d\n", j);
 
             esp_ds_context_t *esp_ds_ctx;
+
             esp_err_t ds_r = esp_ds_start_sign(test_messages[j],
                     &ds_data,
                     t->hmac_key_idx + 1,
@@ -302,8 +343,9 @@ TEST_CASE("Digital Signature Operation (FPGA only)", "[hw_crypto] [ds]")
 
             TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_results[j], signature, sizeof(signature));
         }
-
+#if CONFIG_IDF_TARGET_ESP32C3
         ets_hmac_invalidate_downstream(ETS_EFUSE_KEY_PURPOSE_HMAC_DOWN_DIGITAL_SIGNATURE);
+#endif
     }
 }
 
@@ -322,12 +364,24 @@ TEST_CASE("Digital Signature Blocking Operation (FPGA only)", "[hw_crypto] [ds]"
         ds_data.rsa_length = t->p_data.length;
 
         uint8_t signature[DS_MAX_BITS/8] = { 0 };
+#if CONFIG_IDF_TARGET_ESP32S2
+        esp_ds_context_t *esp_ds_ctx;
+
+        esp_err_t ds_r = esp_ds_start_sign(test_messages[0],
+                &ds_data,
+                t->hmac_key_idx + 1,
+                &esp_ds_ctx);
+        TEST_ASSERT_EQUAL(ESP_OK, ds_r);
 
+        ds_r = esp_ds_finish_sign(signature, esp_ds_ctx);
+        TEST_ASSERT_EQUAL(ESP_OK, ds_r);
+#elif CONFIG_IDF_TARGET_ESP32C3
         esp_err_t ds_r = esp_ds_sign(test_messages[0],
                 &ds_data,
                 t->hmac_key_idx + 1,
                 signature);
         TEST_ASSERT_EQUAL(ESP_OK, ds_r);
+#endif
 
         TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_results[0], signature, sizeof(signature));
     }
@@ -356,7 +410,11 @@ TEST_CASE("Digital Signature Invalid Data (FPGA only)", "[hw_crypto] [ds]")
         esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1, &esp_ds_ctx);
         TEST_ASSERT_EQUAL(ESP_OK, ds_r);
         ds_r = esp_ds_finish_sign(signature, esp_ds_ctx);
+#if CONFIG_IDF_TARGET_ESP32S2
+        TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r);
+#elif CONFIG_IDF_TARGET_ESP32C3
         TEST_ASSERT_EQUAL(ESP32C3_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r);
+#endif
         TEST_ASSERT_EQUAL_HEX8_ARRAY(zero, signature, DS_MAX_BITS/8);
 
         ds_data.iv[bit / 8] ^= 1 << (bit % 8);
@@ -372,7 +430,11 @@ TEST_CASE("Digital Signature Invalid Data (FPGA only)", "[hw_crypto] [ds]")
         esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1, &esp_ds_ctx);
         TEST_ASSERT_EQUAL(ESP_OK, ds_r);
         ds_r = esp_ds_finish_sign(signature, esp_ds_ctx);
+#if CONFIG_IDF_TARGET_ESP32S2
+        TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r);
+#elif CONFIG_IDF_TARGET_ESP32C3
         TEST_ASSERT_EQUAL(ESP32C3_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r);
+#endif
         TEST_ASSERT_EQUAL_HEX8_ARRAY(zero, signature, DS_MAX_BITS/8);
 
         ds_data.c[bit / 8] ^= 1 << (bit % 8);
@@ -380,3 +442,4 @@ TEST_CASE("Digital Signature Invalid Data (FPGA only)", "[hw_crypto] [ds]")
 }
 
 #endif // CONFIG_IDF_ENV_FPGA
+#endif // SOC_DIG_SIGN_SUPPORTED

components/esp32s2/test/test_hmac.c → components/esp_hw_support/test/test_hmac.c

@@ -12,12 +12,14 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-#include "esp_hmac.h"
 #include "unity.h"
 #include "esp_efuse.h"
 #include "esp_efuse_table.h"
 #include "esp_log.h"
 
+#if SOC_HMAC_SUPPORTED
+#include "esp_hmac.h"
+
 #if CONFIG_IDF_ENV_FPGA
 
 #include "esp32s2/rom/efuse.h"
@@ -1033,3 +1035,5 @@ TEST_CASE("HMAC key out of range", "[hw_crypto]")
 }
 
 #endif // CONFIG_IDF_ENV_FPGA
+
+#endif // SOC_HMAC_SUPPORTED

components/hal/include/hal/sha_types.h

@@ -19,25 +19,26 @@
 /* Use enum from rom for backwards compatibility */
 #if CONFIG_IDF_TARGET_ESP32
 #include "esp32/rom/sha.h"
-typedef enum SHA_TYPE esp_sha_type;
 #elif CONFIG_IDF_TARGET_ESP32S2
 #include "esp32s2/rom/sha.h"
-typedef SHA_TYPE esp_sha_type;
 #elif CONFIG_IDF_TARGET_ESP32S3
 #include "esp32s3/rom/sha.h"
-typedef SHA_TYPE esp_sha_type;
 #elif CONFIG_IDF_TARGET_ESP32C3
 #include "esp32c3/rom/sha.h"
-typedef SHA_TYPE esp_sha_type;
 #elif CONFIG_IDF_TARGET_ESP32H2
 #include "esp32h2/rom/sha.h"
-typedef SHA_TYPE esp_sha_type;
 #endif
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
+/* Use enum from rom for backwards compatibility */
+#if CONFIG_IDF_TARGET_ESP32
+typedef enum SHA_TYPE esp_sha_type;
+#else
+typedef SHA_TYPE esp_sha_type;
+#endif
 
 #ifdef __cplusplus
 }

components/esp32/test/test_sha.c → components/mbedtls/test/test_sha.c

@@ -7,19 +7,31 @@
 #include <stdlib.h>
 #include <string.h>
 #include "esp_types.h"
-#include "esp32/clk.h"
 #include "esp_log.h"
-#include "esp_timer.h"
+#include "ccomp_timer.h"
 #include "esp_heap_caps.h"
 #include "idf_performance.h"
 
+#if CONFIG_IDF_TARGET_ESP32
+#include "esp32/clk.h"
+#elif CONFIG_IDF_TARGET_ESP32S2
+#include "esp32s2/clk.h"
+#elif CONFIG_IDF_TARGET_ESP32C3
+#include "esp32c3/clk.h"
+#endif
+
+#include "soc/soc_caps.h"
+
 #include "unity.h"
 #include "test_utils.h"
 #include "mbedtls/sha1.h"
 #include "mbedtls/sha256.h"
+
+#if SOC_SHA_SUPPORT_SHA512
 #include "mbedtls/sha512.h"
+#endif
+
 #include "sha/sha_parallel_engine.h"
-#include "ccomp_timer.h"
 
 /* Note: Most of the SHA functions are called as part of mbedTLS, so
 are tested as part of mbedTLS tests. Only esp_sha() is different.
@@ -32,9 +44,14 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]")
     const size_t BUFFER_SZ = 32 * 1024 + 6; // NB: not an exact multiple of SHA block size
 
     int64_t elapsed;
-    uint32_t us_sha1, us_sha512;
+    uint32_t us_sha1;
     uint8_t sha1_result[20] = { 0 };
+
+#if SOC_SHA_SUPPORT_SHA512
+    uint32_t us_sha512;
     uint8_t sha512_result[64] = { 0 };
+#endif
+
     void *buffer = heap_caps_malloc(BUFFER_SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL);
     TEST_ASSERT_NOT_NULL(buffer);
     memset(buffer, 0xEE, BUFFER_SZ);
@@ -42,6 +59,7 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]")
     const uint8_t sha1_expected[20] = { 0xc7, 0xbb, 0xd3, 0x74, 0xf2, 0xf6, 0x20, 0x86,
                                         0x61, 0xf4, 0x50, 0xd5, 0xf5, 0x18, 0x44, 0xcc,
                                         0x7a, 0xb7, 0xa5, 0x4a };
+#if SOC_SHA_SUPPORT_SHA512
     const uint8_t sha512_expected[64] = { 0xc7, 0x7f, 0xda, 0x8c, 0xb3, 0x58, 0x14, 0x8a,
                                           0x52, 0x3b, 0x46, 0x04, 0xc0, 0x85, 0xc5, 0xf0,
                                           0x46, 0x64, 0x14, 0xd5, 0x96, 0x7a, 0xa2, 0x80,
@@ -50,6 +68,7 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]")
                                           0x35, 0x5e, 0x35, 0x57, 0x76, 0x22, 0x74, 0xd8,
                                           0x1e, 0x07, 0xc6, 0xa2, 0x9e, 0x3b, 0x65, 0x75,
                                           0x80, 0x7d, 0xe6, 0x6e, 0x47, 0x61, 0x2c, 0x94 };
+#endif
 
     ccomp_timer_start();
     esp_sha(SHA1, buffer, BUFFER_SZ, sha1_result);
@@ -58,6 +77,7 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]")
     us_sha1 = elapsed;
     ESP_LOGI(TAG, "esp_sha() 32KB SHA1 in %u us", us_sha1);
 
+#if SOC_SHA_SUPPORT_SHA512
     ccomp_timer_start();
     esp_sha(SHA2_512, buffer, BUFFER_SZ, sha512_result);
     elapsed = ccomp_timer_stop();
@@ -65,11 +85,15 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]")
 
     us_sha512 = elapsed;
     ESP_LOGI(TAG, "esp_sha() 32KB SHA512 in %u us", us_sha512);
+#endif
 
     free(buffer);
 
     TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA1_32KB, "%dus", us_sha1);
+
+#if SOC_SHA_SUPPORT_SHA512
     TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA512_32KB, "%dus", us_sha512);
+#endif
 }
 
 TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
@@ -80,8 +104,11 @@ TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
     uint8_t sha1_mbedtls[20] = { 0 };
     uint8_t sha256_espsha[32] = { 0 };
     uint8_t sha256_mbedtls[32] = { 0 };
+
+#if SOC_SHA_SUPPORT_SHA512
     uint8_t sha512_espsha[64] = { 0 };
     uint8_t sha512_mbedtls[64] = { 0 };
+#endif
 
     const size_t LEN = 1024 * 1024;
 
@@ -101,13 +128,17 @@ TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
     r = mbedtls_sha256_ret(ptr, LEN, sha256_mbedtls, 0);
     TEST_ASSERT_EQUAL(0, r);
 
+#if SOC_SHA_SUPPORT_SHA512
     esp_sha(SHA2_512, ptr, LEN, sha512_espsha);
     r = mbedtls_sha512_ret(ptr, LEN, sha512_mbedtls, 0);
     TEST_ASSERT_EQUAL(0, r);
+#endif
 
     TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_espsha, sha1_mbedtls, sizeof(sha1_espsha), "SHA1 results should match");
 
     TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_espsha, sha256_mbedtls, sizeof(sha256_espsha), "SHA256 results should match");
 
+#if SOC_SHA_SUPPORT_SHA512
     TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_espsha, sha512_mbedtls, sizeof(sha512_espsha), "SHA512 results should match");
+#endif
 }

docs/doxygen/Doxyfile_esp32c3

@@ -1,4 +1,4 @@
 INPUT += \
          $(IDF_PATH)/components/driver/esp32c3/include/driver/temp_sensor.h \
-         $(IDF_PATH)/components/esp32s2/include/esp_ds.h \
-         $(IDF_PATH)/components/esp32c3/include/esp_hmac.h
+         $(IDF_PATH)/components/esp_hw_support/include/soc/esp32c3/esp_ds.h \
+         $(IDF_PATH)/components/esp_hw_support/include/soc/esp32c3/esp_hmac.h

docs/doxygen/Doxyfile_esp32s2

@@ -7,8 +7,8 @@ INPUT += \
          $(IDF_PATH)/components/driver/esp32s2/include/driver/temp_sensor.h \
          $(IDF_PATH)/components/soc/$(IDF_TARGET)/include/soc/touch_sensor_channel.h \
          $(IDF_PATH)/components/driver/$(IDF_TARGET)/include/driver/touch_sensor.h \
-         $(IDF_PATH)/components/esp32s2/include/esp_hmac.h \
-         $(IDF_PATH)/components/esp32s2/include/esp_ds.h \
+         $(IDF_PATH)/components/esp_hw_support/include/soc/esp32s2/esp_ds.h \
+         $(IDF_PATH)/components/esp_hw_support/include/soc/esp32s2/esp_hmac.h \
          $(IDF_PATH)/components/ulp/include/esp32s2/ulp_riscv.h \
          $(IDF_PATH)/components/ulp/include/$(IDF_TARGET)/ulp.h \
          $(IDF_PATH)/components/touch_element/include/touch_element/touch_element.h \

tools/ci/mypy_ignore_list.txt

@@ -1,9 +1,10 @@
 components/app_update/otatool.py
 components/efuse/efuse_table_gen.py
 components/efuse/test_efuse_host/efuse_tests.py
-components/esp32s2/test/gen_digital_signature_tests.py
 components/esp_local_ctrl/python/esp_local_ctrl_pb2.py
 components/esp_netif/test_apps/component_ut_test.py
+components/esp_hw_support/test/gen_digital_signature_tests.py
+components/espcoredump/corefile/elf.py
 components/espcoredump/corefile/gdb.py
 components/espcoredump/test/test_espcoredump.py
 components/lwip/weekend_test/net_suite_test.py