soc: add capability macros for security features

- Security features covers "secure boot", "flash encryption" etc.
- ECO revision specific modifications still need to be handled
through kconfig itself, as soc_caps.h is processed before ECO revision
selection
- This will simplify addition of security features for newer chips by
using these SOC capability macros

components/soc/esp32s3/include/soc/Kconfig.soc_caps.in

@@ -135,14 +135,6 @@ config SOC_SUPPORTS_SECURE_DL_MODE
     bool
     default y
 
-config SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS
-    int
-    default 3
-
-config SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS
-    bool
-    default y
-
 config SOC_EFUSE_KEY_PURPOSE_FIELD
     bool
     default y
@@ -151,10 +143,6 @@ config SOC_SDMMC_HOST_SUPPORTED
     bool
     default y
 
-config SOC_FLASH_ENCRYPTION_XTS_AES
-    bool
-    default y
-
 config SOC_RTC_FAST_MEM_SUPPORTED
     bool
     default y
@@ -163,14 +151,6 @@ config SOC_RTC_SLOW_MEM_SUPPORTED
     bool
     default y
 
-config SOC_FLASH_ENCRYPTION_XTS_AES_256
-    bool
-    default y
-
-config SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY
-    bool
-    default y
-
 config SOC_PSRAM_DMA_CAPABLE
     bool
     default y
@@ -219,6 +199,14 @@ config SOC_DIG_SIGN_SUPPORTED
     bool
     default y
 
+config SOC_FLASH_ENC_SUPPORTED
+    bool
+    default y
+
+config SOC_SECURE_BOOT_SUPPORTED
+    bool
+    default y
+
 config SOC_APPCPU_HAS_CLOCK_GATING_BUG
     bool
     default y
@@ -839,10 +827,38 @@ config SOC_PM_SUPPORT_DEEPSLEEP_CHECK_STUB_ONLY
     bool
     default y
 
+config SOC_SECURE_BOOT_V2_RSA
+    bool
+    default y
+
+config SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS
+    int
+    default 3
+
+config SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS
+    bool
+    default y
+
+config SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY
+    bool
+    default y
+
 config SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX
     int
     default 64
 
+config SOC_FLASH_ENCRYPTION_XTS_AES
+    bool
+    default y
+
+config SOC_FLASH_ENCRYPTION_XTS_AES_128
+    bool
+    default y
+
+config SOC_FLASH_ENCRYPTION_XTS_AES_256
+    bool
+    default y
+
 config SOC_WIFI_HW_TSF
     bool
     default y

components/soc/esp32s3/include/soc/soc_caps.h

@@ -44,15 +44,10 @@
 #define SOC_CCOMP_TIMER_SUPPORTED       1
 #define SOC_ASYNC_MEMCPY_SUPPORTED      1
 #define SOC_SUPPORTS_SECURE_DL_MODE     1
-#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS 3
-#define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS 1
 #define SOC_EFUSE_KEY_PURPOSE_FIELD       1
 #define SOC_SDMMC_HOST_SUPPORTED          1
-#define SOC_FLASH_ENCRYPTION_XTS_AES      1
 #define SOC_RTC_FAST_MEM_SUPPORTED        1
 #define SOC_RTC_SLOW_MEM_SUPPORTED        1
-#define SOC_FLASH_ENCRYPTION_XTS_AES_256  1
-#define SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY             1
 #define SOC_PSRAM_DMA_CAPABLE             1
 #define SOC_XT_WDT_SUPPORTED              1
 #define SOC_I2S_SUPPORTED               1
@@ -65,6 +60,8 @@
 #define SOC_SHA_SUPPORTED               1
 #define SOC_HMAC_SUPPORTED              1
 #define SOC_DIG_SIGN_SUPPORTED          1
+#define SOC_FLASH_ENC_SUPPORTED         1
+#define SOC_SECURE_BOOT_SUPPORTED       1
 
 
 /*-------------------------- SOC CAPS ----------------------------------------*/
@@ -364,10 +361,17 @@
 
 #define SOC_PM_SUPPORT_DEEPSLEEP_CHECK_STUB_ONLY   (1)
 
+/*-------------------------- Secure Boot CAPS----------------------------*/
+#define SOC_SECURE_BOOT_V2_RSA              1
+#define SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS   3
+#define SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS   1
+#define SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY  1
 
 /*-------------------------- Flash Encryption CAPS----------------------------*/
 #define SOC_FLASH_ENCRYPTED_XTS_AES_BLOCK_MAX   (64)
-
+#define SOC_FLASH_ENCRYPTION_XTS_AES        1
+#define SOC_FLASH_ENCRYPTION_XTS_AES_128    1
+#define SOC_FLASH_ENCRYPTION_XTS_AES_256    1
 
 /*-------------------------- WI-FI HARDWARE TSF CAPS -------------------------------*/
 #define SOC_WIFI_HW_TSF                 (1)