alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-19 15:59:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(mbedtls): Enable signature verification s/w fallback when ECDSA curve is disabled

Browse Source
This commit is contained in:
harshal.patil
2025-05-07 15:42:19 +05:30
parent 9750c21933
commit 0154c7cfe3
7 changed files with 83 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
components/efuse/esp32h21/esp_efuse_fields.c
View File

@@ -10,7 +10,6 @@
#include "stdlib.h"
#include "esp_types.h"
#include "assert.h"
#include "hal/efuse_ll.h"
#include "esp_err.h"
#include "esp_log.h"
#include "soc/efuse_periph.h"
@@ -52,40 +51,3 @@ esp_err_t esp_efuse_enable_rom_secure_download_mode(void)
}
return esp_efuse_write_field_bit(ESP_EFUSE_ENABLE_SECURITY_DOWNLOAD);
}
#if SOC_ECDSA_P192_CURVE_DEFAULT_DISABLED
bool esp_efuse_is_ecdsa_p192_curve_supported(void)
{
uint32_t current_curve = efuse_ll_get_ecdsa_curve_mode();
return (current_curve == ESP_EFUSE_ECDSA_CURVE_MODE_ALLOW_BOTH_P192_P256_BIT || current_curve == ESP_EFUSE_ECDSA_CURVE_MODE_ALLOW_ONLY_P192_BIT);
}
esp_err_t esp_efuse_enable_ecdsa_p192_curve_mode(void)
{
esp_err_t err;
uint8_t current_curve, next_curve;
current_curve = efuse_ll_get_ecdsa_curve_mode();
// Check if already in desired state
if (current_curve == ESP_EFUSE_ECDSA_CURVE_MODE_ALLOW_BOTH_P192_P256_BIT || current_curve == ESP_EFUSE_ECDSA_CURVE_MODE_ALLOW_ONLY_P192_BIT) {
ESP_EARLY_LOGD(TAG, "ECDSA P-192 curve mode is already enabled");
return ESP_OK;
}
// Check if write is disabled or already locked to P256
if (esp_efuse_read_field_bit(ESP_EFUSE_WR_DIS_ECDSA_CURVE_MODE) || current_curve == ESP_EFUSE_ECDSA_CURVE_MODE_ALLOW_ONLY_P256_BIT_LOCKED) {
ESP_EARLY_LOGE(TAG, "ECDSA curve mode is locked, cannot enable P-192 curve");
return ESP_FAIL;
}
// Attempt to write new curve mode
next_curve = ESP_EFUSE_ECDSA_CURVE_MODE_ALLOW_BOTH_P192_P256_BIT;
err = esp_efuse_write_field_blob(ESP_EFUSE_ECDSA_CURVE_MODE, &next_curve, ESP_EFUSE_ECDSA_CURVE_MODE[0]->bit_count);
if (err != ESP_OK) {
ESP_EARLY_LOGE(TAG, "Failed to enable ECDSA P-192 curve %d", err);
return err;
}
return ESP_OK;
}
#endif /* SOC_ECDSA_P192_CURVE_DEFAULT_DISABLED */