alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-23 17:24:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add ecdsa-p384 testcases and relative support for ESP32C5 ECO2

Browse Source 
This commit adds testcases in crypto/hal and mbedtls testapps.
This commit is contained in:
nilesh.kale
2025-05-23 14:23:17 +05:30
parent ae221cb24f
commit 68f06a94bd
25 changed files with 919 additions and 213 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
docs/en/api-reference/peripherals/ecdsa.rst
View File

@@ -22,6 +22,50 @@ ECDSA on {IDF_TARGET_NAME}
On {IDF_TARGET_NAME}, the ECDSA module works with a secret key burnt into an eFuse block. This eFuse key is made completely inaccessible (default mode) for any resources outside the cryptographic modules, thus avoiding key leakage.
ECDSA Key Storage
^^^^^^^^^^^^^^^^^
ECDSA private keys are stored in eFuse key blocks. The number of key blocks required depends on the curve size:
- **P-192 and P-256 curves**: Require one eFuse key block (256 bits)
- **P-384 curve**: Requires two eFuse key blocks (512 bits total)
When using the P-384 curve or any other curves that require two key blocks, you must use the appropriate macro to combine the block numbers into a single integer that the ECDSA peripheral can understand:
- **For mbedTLS applications**: Use :c:macro:`MBEDTLS_ECDSA_COMBINE_KEY_BLOCKS` macro (defined in ``ecdsa/ecdsa_alt.h``)
- **For HAL applications**: Use :c:macro:`HAL_ECDSA_COMBINE_KEY_BLOCKS` macro (defined in ``hal/ecdsa_types.h``)
- **For ESP-TLS applications**: Use :c:macro:`ESP_TLS_ECDSA_COMBINE_KEY_BLOCKS` macro (defined in ``esp_tls.h``)
You can also extract the individual block numbers using the corresponding extract macro:
- **For mbedTLS applications**: Use :c:macro:`MBEDTLS_ECDSA_EXTRACT_KEY_BLOCKS` macro
- **For HAL applications**: Use :c:macro:`HAL_ECDSA_EXTRACT_KEY_BLOCKS` macro
- **For ESP-TLS applications**: Use :c:macro:`ESP_TLS_ECDSA_EXTRACT_KEY_BLOCKS` macro
Here is an example of how to use these macros:
.. code-block:: c
#include "ecdsa/ecdsa_alt.h"
// Example: Using P-384 curve which requires two key blocks
// Assuming you want to use key blocks 4 and 5
uint8_t block_low = 4; // Lower key block
uint8_t block_high = 5; // Higher key block
// Combine the two block numbers into a single integer
// Note: First parameter is high block, second parameter is low block
uint16_t combined_blocks = MBEDTLS_ECDSA_COMBINE_KEY_BLOCKS(block_high, block_low);
// Use the combined_blocks value in your ECDSA operations
// This value can be passed to mbedTLS ECDSA functions
// To extract the individual block numbers later
uint8_t extracted_block_low, extracted_block_high;
MBEDTLS_ECDSA_EXTRACT_KEY_BLOCKS(combined_blocks, &extracted_block_high, &extracted_block_low);
// extracted_block_low will be 4, extracted_block_high will be 5
ECDSA key can be programmed externally through ``idf.py`` script. Here is an example of how to program the ECDSA key:
.. code:: bash