Merge branch 'esp32p4/add_aes_support' into 'master'

feat: add AES support for ESP32-P4

Closes IDF-6519

See merge request espressif/esp-idf!26429

components/hal/test_apps/crypto/main/CMakeLists.txt

@@ -25,7 +25,8 @@ if(CONFIG_SOC_AES_SUPPORTED)
    list(APPEND srcs "aes/test_aes.c"
                      "$ENV{IDF_PATH}/components/mbedtls/port/aes/esp_aes_common.c"
                      "aes/aes_block.c")
-   list(APPEND priv_include_dirs "$ENV{IDF_PATH}/components/mbedtls/port/include")
+   list(APPEND priv_include_dirs "$ENV{IDF_PATH}/components/mbedtls/port/include"
+                                 "$ENV{IDF_PATH}/components/mbedtls/port/aes/include")
 
    if(CONFIG_SOC_AES_SUPPORT_DMA)
       list(APPEND priv_include_dirs "$ENV{IDF_PATH}/components/mbedtls/port/aes/dma/include")
@@ -55,7 +56,7 @@ if(CONFIG_SOC_SHA_SUPPORTED)
 endif()
 
 idf_component_register(SRCS ${srcs}
-                       PRIV_REQUIRES efuse mbedtls
+                       PRIV_REQUIRES efuse mbedtls esp_mm
                        REQUIRES test_utils unity
                        WHOLE_ARCHIVE
                        PRIV_INCLUDE_DIRS "${priv_include_dirs}"

components/hal/test_apps/crypto/main/aes/aes_block.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: CC0-1.0
  */
@@ -8,12 +8,10 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include "soc/periph_defs.h"
-#include "esp_private/periph_ctrl.h"
-
+#include "esp_private/esp_crypto_lock_internal.h"
 #include "hal/aes_types.h"
 #include "hal/aes_hal.h"
-#include "hal/clk_gate_ll.h"
+#include "hal/aes_ll.h"
 
 #if SOC_AES_SUPPORTED
 
@@ -32,8 +30,10 @@ void aes_crypt_cbc_block(int mode,
     uint32_t *iv_words = (uint32_t *)iv;
     unsigned char temp[16];
 
-    /* Enable peripheral module by un-gating the clock and de-asserting the reset signal. */
-    periph_ll_enable_clk_clear_rst(PERIPH_AES_MODULE);
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(true);
+        aes_ll_reset_register();
+    }
 
     /* Sets the key used for AES encryption/decryption */
     aes_hal_setkey(key, key_bytes, mode);
@@ -71,8 +71,9 @@ void aes_crypt_cbc_block(int mode,
         }
     }
 
-    /* Disable peripheral module by gating the clock and asserting the reset signal. */
-    periph_ll_disable_clk_set_rst(PERIPH_AES_MODULE);
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(false);
+    }
 }
 
 
@@ -88,8 +89,10 @@ void aes_crypt_ctr_block(uint8_t key_bytes,
     int c, i;
     size_t n = *nc_off;
 
-    /* Enable peripheral module by un-gating the clock and de-asserting the reset signal. */
-    periph_ll_enable_clk_clear_rst(PERIPH_AES_MODULE);
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(true);
+        aes_ll_reset_register();
+    }
 
     /* Sets the key used for AES encryption/decryption */
     aes_hal_setkey(key, key_bytes, ESP_AES_ENCRYPT);
@@ -110,8 +113,9 @@ void aes_crypt_ctr_block(uint8_t key_bytes,
 
     *nc_off = n;
 
-    /* Disable peripheral module by gating the clock and asserting the reset signal. */
-    periph_ll_disable_clk_set_rst(PERIPH_AES_MODULE);
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(false);
+    }
 }
 
 #endif

components/hal/test_apps/crypto/main/aes/test_aes.c

@@ -266,7 +266,8 @@ static void test_cfb128_aes(size_t buffer_size, const uint8_t expected_cipher_en
     heap_caps_free(decryptedtext);
 }
 
-#if SOC_AES_SUPPORT_GCM
+#define CIPHER_ID_AES 2
+
 static void test_gcm_aes(size_t length, const uint8_t expected_last_block[16], const uint8_t expected_tag[16])
 {
     uint8_t iv[16];
@@ -295,10 +296,10 @@ static void test_gcm_aes(size_t length, const uint8_t expected_last_block[16], c
     memcpy(iv_buf, iv, iv_length);
 
     esp_aes_gcm_init(&ctx);
-    esp_aes_gcm_setkey(&ctx, 0, key, 8 * sizeof(key));
+    TEST_ASSERT(esp_aes_gcm_setkey(&ctx, CIPHER_ID_AES, key, 8 * sizeof(key)) == 0);
 
     /* Encrypt and authenticate */
-    esp_aes_gcm_crypt_and_tag(&ctx, ESP_AES_ENCRYPT, length, iv_buf, iv_length, add, add_length, plaintext, ciphertext, tag_len, tag_buf_encrypt);
+    TEST_ASSERT(esp_aes_gcm_crypt_and_tag(&ctx, ESP_AES_ENCRYPT, length, iv_buf, iv_length, add, add_length, plaintext, ciphertext, tag_len, tag_buf_encrypt) == 0);
     size_t offset = length > 16 ? length - 16 : 0;
     /* Sanity check: make sure the last ciphertext block matches what we expect to see. */
     TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_last_block, ciphertext + offset, MIN(16, length));
@@ -314,7 +315,6 @@ static void test_gcm_aes(size_t length, const uint8_t expected_last_block[16], c
     heap_caps_free(ciphertext);
     heap_caps_free(decryptedtext);
 }
-#endif /* SOC_AES_SUPPORT_GCM */
 #endif /* SOC_AES_SUPPORT_DMA */
 
 TEST(aes, cbc_aes_256_block_test)
@@ -457,8 +457,6 @@ TEST(aes, cfb128_aes_256_long_dma_test)
 
 #endif
 
-#if SOC_AES_SUPPORT_GCM
-
 TEST(aes, gcm_aes_dma_test)
 {
     size_t length = 16;
@@ -489,7 +487,6 @@ TEST(aes, gcm_aes_long_dma_test)
     test_gcm_aes(length, expected_last_block, expected_tag);
 }
 #endif /* CONFIG_CRYPTO_TESTAPP_USE_AES_INTERRUPT */
-#endif /* SOC_AES_SUPPORT_GCM */
 #endif /* SOC_AES_SUPPORT_DMA */
 
 TEST_GROUP_RUNNER(aes)
@@ -509,12 +506,10 @@ TEST_GROUP_RUNNER(aes)
     RUN_TEST_CASE(aes, cfb8_aes_256_long_dma_test);
     RUN_TEST_CASE(aes, cfb128_aes_256_long_dma_test);
 #endif /* CONFIG_CRYPTO_TESTAPP_USE_AES_INTERRUPT */
-#if SOC_AES_SUPPORT_GCM
     RUN_TEST_CASE(aes, gcm_aes_dma_test);
 #if CONFIG_CRYPTO_TESTAPP_USE_AES_INTERRUPT
     RUN_TEST_CASE(aes, gcm_aes_long_dma_test);
 #endif /* CONFIG_CRYPTO_TESTAPP_USE_AES_INTERRUPT */
-#endif /* SOC_AES_SUPPORT_GCM */
 #endif /* SOC_AES_SUPPORT_DMA */
 }
 

components/hal/test_apps/crypto/main/ds/test_ds.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -114,6 +114,7 @@ _Static_assert(NUM_RESULTS == NUM_MESSAGES, "expected_results size should be the
 #if !CONFIG_IDF_TARGET_ESP32S2
 
 #include "esp_private/periph_ctrl.h"
+#include "hal/aes_ll.h"
 #include "hal/ds_hal.h"
 #include "hal/ds_ll.h"
 #include "hal/hmac_hal.h"
@@ -228,7 +229,11 @@ static esp_err_t esp_ds_encrypt_params(esp_ds_data_t *data,
 
     esp_err_t result = ESP_OK;
 
-    periph_module_enable(PERIPH_AES_MODULE);
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(true);
+        aes_ll_reset_register();
+    }
+
     periph_module_enable(PERIPH_SHA_MODULE);
 
     ets_ds_data_t *ds_data = (ets_ds_data_t *) data;
@@ -241,7 +246,10 @@ static esp_err_t esp_ds_encrypt_params(esp_ds_data_t *data,
     }
 
     periph_module_disable(PERIPH_SHA_MODULE);
-    periph_module_disable(PERIPH_AES_MODULE);
+
+    AES_RCC_ATOMIC() {
+        aes_ll_enable_bus_clock(false);
+    }
 
     return result;
 }