ecdsa: Support multiple ECDSA keys

Add provision to choose which efuse block should be used as ECDSA private key
2025-08-17 23:28:15 +00:00 · 2023-03-31 14:34:30 +05:30
parent 174ef6c4a3
commit abc099ce9f
7 changed files with 43 additions and 10 deletions
--- a/components/mbedtls/port/include/ecdsa/ecdsa_alt.h
+++ b/components/mbedtls/port/include/ecdsa/ecdsa_alt.h
@@ -21,11 +21,6 @@ extern "C" {
 *        We break the MPI struct of the private key in order to
 *        differentiate between hardware key and software key
 *
- * @note Currently, `efuse_blk` is not used internally.
- *       Hardware will choose the efuse block that has purpose set to ECDSA_KEY.
- *       In case of multiple ECDSA_KEY burnt in efuse, hardware will choose the
- *       greater efuse block number as the private key.
- *
 * @param key The MPI in which this functions stores the hardware context.
 *            This must be uninitialized
 * @param efuse_blk The efuse key block that should be used as the private key.
@@ -42,11 +37,6 @@ int esp_ecdsa_privkey_load_mpi(mbedtls_mpi *key, int efuse_blk);
 *        We break the MPI struct used to represent the private key `d` in ECP keypair
 *        in order to differentiate between hardware key and software key
 *
- * @note Currently, `efuse_blk` is not used internally.
- *       Hardware will choose the efuse block that has purpose set to ECDSA_KEY.
- *       In case of multiple ECDSA_KEY burnt in efuse, hardware will choose the
- *       greater efuse block number as the private key.
- *
 * @param key_ctx The context in which this functions stores the hardware context.
 *                This must be uninitialized
 * @param efuse_blk The efuse key block that should be used as the private key.