#include <string.h>
#include "hwcrypto/aes.h"
#include "rom/aes.h"
+#include "soc/dport_reg.h"
#include <sys/lock.h>
static _lock_t aes_lock;
{
/* newlib locks lazy initialize on ESP-IDF */
_lock_acquire(&aes_lock);
- ets_aes_enable();
+ /* Enable AES hardware */
+ REG_SET_BIT(DPORT_PERI_CLK_EN_REG, DPORT_PERI_EN_AES);
+ /* Clear reset on digital signature & secure boot units,
+ otherwise AES unit is held in reset also. */
+ REG_CLR_BIT(DPORT_PERI_RST_EN_REG,
+ DPORT_PERI_EN_AES
+ | DPORT_PERI_EN_DIGITAL_SIGNATURE
+ | DPORT_PERI_EN_SECUREBOOT);
}
void esp_aes_release_hardware( void )
{
- uint8_t zero[256/8] = { 0 };
- ets_aes_setkey_enc(zero, AES256);
- ets_aes_disable();
+ /* Disable AES hardware */
+ REG_SET_BIT(DPORT_PERI_RST_EN_REG, DPORT_PERI_EN_AES);
+ /* Don't return other units to reset, as this pulls
+ reset on RSA & SHA units, respectively. */
+ REG_CLR_BIT(DPORT_PERI_CLK_EN_REG, DPORT_PERI_EN_AES);
_lock_release(&aes_lock);
}
_lock_acquire(&state_change_lock);
- assert( !engine->in_use && "in_use flag should be cleared" );
-
if (sha_engines_all_idle()) {
+ /* Enable SHA hardware */
+ REG_SET_BIT(DPORT_PERI_CLK_EN_REG, DPORT_PERI_EN_SHA);
+ /* also clear reset on secure boot, otherwise SHA is held in reset */
+ REG_CLR_BIT(DPORT_PERI_RST_EN_REG,
+ DPORT_PERI_EN_SHA
+ | DPORT_PERI_EN_SECUREBOOT);
ets_sha_enable();
}
_lock_release(&state_change_lock);
+ assert( !engine->in_use && "in_use flag should be cleared" );
engine->in_use = true;
+
return true;
}
engine->in_use = false;
if (sha_engines_all_idle()) {
- ets_sha_disable();
+ /* Disable SHA hardware */
+ /* Don't assert reset on secure boot, otherwise AES is held in reset */
+ REG_SET_BIT(DPORT_PERI_RST_EN_REG, DPORT_PERI_EN_SHA);
+ REG_CLR_BIT(DPORT_PERI_CLK_EN_REG, DPORT_PERI_EN_SHA);
}
_lock_release(&state_change_lock);
#define DPORT_PERI_RST_EN_V 0xFFFFFFFF
#define DPORT_PERI_RST_EN_S 0
+/* The following bits apply to DPORT_PERI_CLK_EN_REG, DPORT_PERI_RST_EN_REG
+ */
+#define DPORT_PERI_EN_AES (1<<0)
+#define DPORT_PERI_EN_SHA (1<<1)
+#define DPORT_PERI_EN_RSA (1<<2)
+/* NB: Secure boot reset will hold SHA & AES in reset */
+#define DPORT_PERI_EN_SECUREBOOT (1<<3)
+/* NB: Digital signature reset will hold AES & RSA in reset */
+#define DPORT_PERI_EN_DIGITAL_SIGNATURE (1<<4)
+
#define DPORT_WIFI_BB_CFG_REG (DR_REG_DPORT_BASE + 0x024)
/* DPORT_WIFI_BB_CFG : R/W ;bitpos:[31:0] ;default: 32'h0 ; */
/*description: */
#define RSA_MULT_MODE_REG (DR_REG_RSA_BASE + 0x80c)
#define RSA_MULT_START_REG (DR_REG_RSA_BASE + 0x810)
-#define RSA_INTERRUPT_REG (DR_REG_RSA_BASE + 0X814)
+#define RSA_INTERRUPT_REG (DR_REG_RSA_BASE + 0x814)
#define RSA_CLEAN_REG (DR_REG_RSA_BASE + 0x818)
#include "esp_intr.h"
#include "esp_attr.h"
+#include "soc/dport_reg.h"
+
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/semphr.h"
{
/* newlib locks lazy initialize on ESP-IDF */
_lock_acquire(&mpi_lock);
- ets_bigint_enable();
+ REG_SET_BIT(DPORT_PERI_CLK_EN_REG, DPORT_PERI_EN_RSA);
+ /* also clear reset on digital signature, otherwise RSA is held in reset */
+ REG_CLR_BIT(DPORT_PERI_RST_EN_REG,
+ DPORT_PERI_EN_RSA
+ | DPORT_PERI_EN_DIGITAL_SIGNATURE);
+
+ REG_CLR_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+
+ while(REG_READ(RSA_CLEAN_REG) != 1);
+
#ifdef CONFIG_MBEDTLS_MPI_USE_INTERRUPT
rsa_isr_initialise();
#endif
void esp_mpi_release_hardware( void )
{
- ets_bigint_disable();
+ REG_SET_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+
+ /* don't reset digital signature unit, as this resets AES also */
+ REG_SET_BIT(DPORT_PERI_RST_EN_REG, DPORT_PERI_EN_RSA);
+ REG_CLR_BIT(DPORT_PERI_CLK_EN_REG, DPORT_PERI_EN_RSA);
+
_lock_release(&mpi_lock);
}
projects / esp-idf / commitdiff