feat: enabled secure boot support esp32h21

tools/test_apps/security/secure_boot/conftest.py

@@ -1,4 +1,4 @@
-# SPDX-FileCopyrightText: 2022-2024 Espressif Systems (Shanghai) CO LTD
+# SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
 # SPDX-License-Identifier: Apache-2.0
 # pylint: disable=W0621  # redefined-outer-name
 import os
@@ -40,8 +40,7 @@ class FpgaSerial(IdfSerial):
         """
         offs = int(self.app.sdkconfig.get('BOOTLOADER_OFFSET_IN_FLASH', 0))
         esptool.main(
-            f'--port {self.esp_port} --no-stub write_flash {str(offs)} {bootloader_path} --force'.split(),
-            esp=self.esp
+            f'--port {self.esp_port} --no-stub write_flash {str(offs)} {bootloader_path} --force'.split(), esp=self.esp
         )
 
     @EspSerial.use_esptool()
@@ -53,8 +52,7 @@ class FpgaSerial(IdfSerial):
         """
         offs = int(self.app.flash_args['partition-table']['offset'], 16)
         esptool.main(
-            f'--port {self.esp_port} --no-stub write_flash {str(offs)} {partition_table_path}'.split(),
-            esp=self.esp
+            f'--port {self.esp_port} --no-stub write_flash {str(offs)} {partition_table_path}'.split(), esp=self.esp
         )
 
     @EspSerial.use_esptool()
@@ -65,10 +63,7 @@ class FpgaSerial(IdfSerial):
         :return: None
         """
         offs = int(self.app.flash_args['app']['offset'], 16)
-        esptool.main(
-            f'--port {self.esp_port} --no-stub write_flash {str(offs)} {app_path}'.split(),
-            esp=self.esp
-        )
+        esptool.main(f'--port {self.esp_port} --no-stub write_flash {str(offs)} {app_path}'.split(), esp=self.esp)
 
     def erase_app_header(self) -> None:
         """
@@ -86,23 +81,16 @@ class FpgaSerial(IdfSerial):
     @EspSerial.use_esptool()
     def burn_efuse_key_digest(self, key: str, purpose: str, block: str) -> None:
         espefuse.main(
-            f'--port {self.esp_port} burn_key_digest {block} {key} {purpose} --do-not-confirm'.split(),
-            esp=self.esp
+            f'--port {self.esp_port} burn_key_digest {block} {key} {purpose} --do-not-confirm'.split(), esp=self.esp
         )
 
     @EspSerial.use_esptool()
     def burn_efuse(self, field: str, val: int) -> None:
-        espefuse.main(
-            f'--port {self.esp_port} burn_efuse {field} {str(val)} --do-not-confirm'.split(),
-            esp=self.esp
-        )
+        espefuse.main(f'--port {self.esp_port} burn_efuse {field} {str(val)} --do-not-confirm'.split(), esp=self.esp)
 
     @EspSerial.use_esptool()
     def burn_efuse_key(self, key: str, purpose: str, block: str) -> None:
-        espefuse.main(
-            f'--port {self.esp_port} burn_key {block} {key} {purpose} --do-not-confirm'.split(),
-            esp=self.esp
-        )
+        espefuse.main(f'--port {self.esp_port} burn_key {block} {key} {purpose} --do-not-confirm'.split(), esp=self.esp)
 
     def reset_efuses(self) -> None:
         with serial.Serial(self.efuse_reset_port) as efuseport:
@@ -118,7 +106,7 @@ class FpgaSerial(IdfSerial):
 
 
 class FpgaDut(IdfDut):
-    SECURE_BOOT_EN_KEY = None               # type: str
+    SECURE_BOOT_EN_KEY = None  # type: str
     SECURE_BOOT_EN_VAL = 0
 
     def __init__(self, *args, **kwargs) -> None:  # type: ignore
@@ -200,6 +188,20 @@ class Esp32c61FpgaDut(FpgaDut):
         self.serial.burn_efuse_key_digest(digest, 'SECURE_BOOT_DIGEST%d' % key_index, 'BLOCK_KEY%d' % block)
 
 
+class Esp32h21FpgaDut(FpgaDut):
+    SECURE_BOOT_EN_KEY = 'SECURE_BOOT_EN'
+    SECURE_BOOT_EN_VAL = 1
+
+    def burn_wafer_version(self) -> None:
+        pass
+
+    def secure_boot_burn_en_bit(self) -> None:
+        self.serial.burn_efuse(self.SECURE_BOOT_EN_KEY, self.SECURE_BOOT_EN_VAL)
+
+    def secure_boot_burn_digest(self, digest: str, key_index: int = 0, block: int = 0) -> None:
+        self.serial.burn_efuse_key_digest(digest, 'SECURE_BOOT_DIGEST%d' % key_index, 'BLOCK_KEY%d' % block)
+
+
 @pytest.fixture(scope='module')
 def monkeypatch_module(request: FixtureRequest) -> MonkeyPatch:
     mp = MonkeyPatch()
@@ -209,16 +211,19 @@ def monkeypatch_module(request: FixtureRequest) -> MonkeyPatch:
 
 @pytest.fixture(scope='module', autouse=True)
 def replace_dut_class(monkeypatch_module: MonkeyPatch, pytestconfig: pytest.Config) -> None:
-    target = pytestconfig.getoption('target')
-    if target == 'esp32c3':
-        monkeypatch_module.setattr('pytest_embedded_idf.IdfDut', Esp32c3FpgaDut)
-    elif target == 'esp32s3':
-        monkeypatch_module.setattr('pytest_embedded_idf.IdfDut', Esp32s3FpgaDut)
-    elif target == 'esp32p4':
-        monkeypatch_module.setattr('pytest_embedded_idf.IdfDut', Esp32p4FpgaDut)
-    elif target == 'esp32c5':
-        monkeypatch_module.setattr('pytest_embedded_idf.IdfDut', Esp32c5FpgaDut)
-    elif target == 'esp32c61':
-        monkeypatch_module.setattr('pytest_embedded_idf.IdfDut', Esp32c61FpgaDut)
+    FPGA_DUT_MAP = {
+        'esp32c3': Esp32c3FpgaDut,
+        'esp32s3': Esp32s3FpgaDut,
+        'esp32p4': Esp32p4FpgaDut,
+        'esp32c5': Esp32c5FpgaDut,
+        'esp32c61': Esp32c61FpgaDut,
+        'esp32h21': Esp32h21FpgaDut,
+    }
 
+    target = pytestconfig.getoption('target')
+    fpga_dut_class = FPGA_DUT_MAP.get(target)
+    if fpga_dut_class is None:
+        raise ValueError(f'Unsupported target: {target}')
+
+    monkeypatch_module.setattr('pytest_embedded_idf.IdfDut', fpga_dut_class)
     monkeypatch_module.setattr('pytest_embedded_idf.IdfSerial', FpgaSerial)