feat(esp_security): Added support for key manager for esp32c5

Author: AdityaHPatwardhan

components/bootloader_support/src/esp32c5/flash_encryption_secure_features.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2022-2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -71,12 +71,9 @@ esp_err_t esp_flash_encryption_enable_secure_features(void)
 
 esp_err_t esp_flash_encryption_enable_key_mgr(void)
 {
-    // Enable and reset key manager
-    // To suppress build errors about spinlock's __DECLARE_RCC_ATOMIC_ENV
-    int __DECLARE_RCC_ATOMIC_ENV __attribute__ ((unused));
-    key_mgr_ll_enable_bus_clock(true);
-    key_mgr_ll_enable_peripheral_clock(true);
-    key_mgr_ll_reset_register();
+    _key_mgr_ll_enable_bus_clock(true);
+    _key_mgr_ll_enable_peripheral_clock(true);
+    _key_mgr_ll_reset_register();
 
     while (key_mgr_ll_get_state() != ESP_KEY_MGR_STATE_IDLE) {
     };

components/bootloader_support/src/esp32p4/flash_encryption_secure_features.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2022-2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -53,12 +53,9 @@ esp_err_t esp_flash_encryption_enable_secure_features(void)
 
 esp_err_t esp_flash_encryption_enable_key_mgr(void)
 {
-    // Enable and reset key manager
-    // To suppress build errors about spinlock's __DECLARE_RCC_ATOMIC_ENV
-    int __DECLARE_RCC_ATOMIC_ENV __attribute__ ((unused));
-    key_mgr_ll_enable_bus_clock(true);
-    key_mgr_ll_enable_peripheral_clock(true);
-    key_mgr_ll_reset_register();
+    _key_mgr_ll_enable_bus_clock(true);
+    _key_mgr_ll_enable_peripheral_clock(true);
+    _key_mgr_ll_reset_register();
 
     while (key_mgr_ll_get_state() != ESP_KEY_MGR_STATE_IDLE) {
     };

components/esp_hw_support/include/esp_crypto_lock.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */

components/esp_rom/esp32c5/include/esp32c5/rom/key_mgr.h

@@ -0,0 +1,115 @@
+/*
+ * SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#pragma once
+
+#include "soc/soc_caps.h"
+
+#if SOC_KEY_MANAGER_SUPPORTED
+
+#include "rom/ets_sys.h"
+#include "esp_attr.h"
+#include <stdint.h>
+#include "rom/km.h"
+
+#if __cplusplus
+extern "C" {
+#endif
+
+// store huk info, occupy 96 words
+struct huk_info {
+// store huk info, occupy 165 words
+#define HUK_INFO_LEN 660
+
+    uint8_t info[HUK_INFO_LEN];
+    uint32_t crc;
+} PACKED_ATTR;
+
+// store key info, occupy 512 bits
+struct key_info {
+#define KEY_INFO_LEN 64
+    uint8_t info[KEY_INFO_LEN];
+    uint32_t crc;
+} PACKED_ATTR;
+
+struct huk_key_block {
+#define KEY_HUK_SECTOR_MAGIC 0xDEA5CE5A
+    uint32_t magic;
+    uint32_t version; // for backward compatibility
+    uint8_t reserved[16];
+    struct huk_info huk_info;
+    struct key_info key_info[2]; // at most 2 key info (XTS-512_1 and XTS-512_2), at least use 1
+} WORD_ALIGNED_ATTR PACKED_ATTR;
+
+/*
+ * We define two info sectors "active" and "backup" here
+ * Most rom code would rely only on the "active" sector for the key information
+ *
+ * But there could be a situation where the huk and key information must be regenerated
+ * based on ageing and other factors. For that scenario, we need a "backup" sector
+ */
+#define KEY_HUK_SECTOR_OFFSET(i) ((i)*0x1000)
+#define ACTIVE_SECTOR_OFFSET     KEY_HUK_SECTOR_OFFSET(0)
+#define BACKUP_SECTOR_OFFSET     KEY_HUK_SECTOR_OFFSET(1)
+
+#define KM_PERI_ECDSA (BIT(0))
+#define KM_PERI_XTS   (BIT(1))
+
+struct km_deploy_ops {
+#define KM_KEY_PURPOSE_ECDSA_KEY_192   1
+#define KM_KEY_PURPOSE_ECDSA_KEY_256   2
+#define KM_KEY_PURPOSE_FLASH_XTS_256_1 3
+#define KM_KEY_PURPOSE_FLASH_XTS_256_2 4
+#define KM_KEY_PURPOSE_FLASH_XTS_128   5
+#define KM_KEY_PURPOSE_HMAC            6
+#define KM_KEY_PURPOSE_DS              7
+#define KM_KEY_PURPOSE_PSRAM_XTS_256_1 8
+#define KM_KEY_PURPOSE_PSRAM_XTS_256_2 9
+#define KM_KEY_PURPOSE_PSRAM_XTS_128   10
+#define KM_KEY_PURPOSE_ECDSA_KEY_384_L 11
+#define KM_KEY_PURPOSE_ECDSA_KEY_384_H 12
+    int km_key_purpose;
+#define KM_DEPLOY_MODE_RANDOM  0
+#define KM_DEPLOY_MODE_AES     1
+#define KM_DEPLOY_MODE_ECDH0   2
+#define KM_DEPLOY_MODE_ECDH1   3
+#define KM_DEPLOY_MODE_RECOVER 4
+#define KM_DEPLOY_MODE_EXPORT  5
+    int deploy_mode;
+    uint8_t *init_key; // 256 bits, only used in aes and ecdh1 deploy mode
+    int deploy_only_once;
+    int force_use_km_key;
+    int km_use_efuse_key;
+    uint32_t efuse_km_rnd_switch_cycle; // 0 means use default
+    uint32_t km_rnd_switch_cycle;       // 0 means use default
+    int km_use_sw_init_key;
+    struct huk_info *huk_info;
+    struct key_info *key_info;
+};
+
+/* state of km */
+#define KM_STATE_IDLE    0
+#define KM_STATE_LOAD    1
+#define KM_STATE_GAIN    2
+#define KM_STATE_BUSY    3
+#define KM_STATE_INVALID 4
+
+/* state of huk generator
+ * values defined same as km
+ */
+#define HUK_STATE_IDLE 0
+#define HUK_STATE_LOAD 1
+#define HUK_STATE_GAIN 2
+#define HUK_STATE_BUSY 3
+
+#define HUK_NOT_GENERATED 0
+#define HUK_GEN_VALID     1
+#define HUK_GEN_INVALID   2
+
+#if __cplusplus
+}
+#endif
+#endif

components/esp_security/include/esp_key_mgr.h

@@ -22,7 +22,7 @@ extern "C" {
 #define KEY_MGR_ASSIST_INFO_SIZE         64
 #define KEY_MGR_KEY_RECOVERY_INFO_SIZE   64
 
-#define KEY_MGR_HUK_INFO_SIZE            HUK_INFO_SIZE
+#define KEY_MGR_HUK_INFO_SIZE            HUK_INFO_LEN
 #define KEY_MGR_HUK_RISK_ALERT_LEVEL     HUK_RISK_ALERT_LEVEL
 
 /* AES deploy mode */

components/esp_security/src/esp_crypto_periph_clk.c

@@ -141,9 +141,12 @@ void esp_crypto_ecdsa_enable_periph_clk(bool enable)
 void esp_crypto_key_mgr_enable_periph_clk(bool enable)
 {
     KEY_MANAGER_RCC_ATOMIC() {
+        key_mgr_ll_power_up();
         key_mgr_ll_enable_bus_clock(enable);
         key_mgr_ll_enable_peripheral_clock(enable);
-        key_mgr_ll_reset_register();
+        if (enable) {
+            key_mgr_ll_reset_register();
+        }
     }
 }
 #endif

components/esp_security/src/esp_key_mgr.c

@@ -44,27 +44,37 @@ ESP_STATIC_ASSERT(sizeof(esp_key_mgr_huk_info_t) == sizeof(struct huk_info), "Si
 static void esp_key_mgr_acquire_key_lock(esp_key_mgr_key_type_t key_type)
 {
     switch (key_type) {
-    case ESP_KEY_MGR_ECDSA_KEY:
+    case ESP_KEY_MGR_ECDSA_192_KEY:
+    case ESP_KEY_MGR_ECDSA_256_KEY:
+    case ESP_KEY_MGR_ECDSA_384_KEY:
         _lock_acquire(&s_key_mgr_ecdsa_key_lock);
         break;
     case ESP_KEY_MGR_XTS_AES_128_KEY:
     case ESP_KEY_MGR_XTS_AES_256_KEY:
         _lock_acquire(&s_key_mgr_xts_aes_key_lock);
         break;
+    default:
+        ESP_LOGE(TAG, "Invalid key type");
+        break;
     }
     ESP_LOGV(TAG, "Key lock acquired for key type %d", key_type);
 }
 
 static void esp_key_mgr_release_key_lock(esp_key_mgr_key_type_t key_type)
 {
     switch (key_type) {
-    case ESP_KEY_MGR_ECDSA_KEY:
+    case ESP_KEY_MGR_ECDSA_192_KEY:
+    case ESP_KEY_MGR_ECDSA_256_KEY:
+    case ESP_KEY_MGR_ECDSA_384_KEY:
         _lock_release(&s_key_mgr_ecdsa_key_lock);
         break;
     case ESP_KEY_MGR_XTS_AES_128_KEY:
     case ESP_KEY_MGR_XTS_AES_256_KEY:
         _lock_release(&s_key_mgr_xts_aes_key_lock);
         break;
+    default:
+        ESP_LOGE(TAG, "Invalid key type");
+        break;
     }
     ESP_LOGV(TAG, "Key lock released for key type %d", key_type);
 }
@@ -223,7 +233,7 @@ static esp_err_t key_mgr_deploy_key_aes_mode(aes_deploy_config_t *config)
     if (!key_recovery_info) {
         return ESP_ERR_NO_MEM;
     }
-    // Set key purpose (XTS/ECDSA)
+    // Set key purpose
     ESP_LOGD(TAG, "Key purpose = %d", config->key_purpose);
     key_mgr_hal_set_key_purpose(config->key_purpose);
 
@@ -238,12 +248,10 @@ static esp_err_t key_mgr_deploy_key_aes_mode(aes_deploy_config_t *config)
 
     if (config->key_config->use_pre_generated_sw_init_key) {
         key_mgr_hal_use_sw_init_key();
-    } else {
-        if (!esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_KM_INIT_KEY, NULL)) {
-            ESP_LOGE(TAG, "Could not find key with purpose KM_INIT_KEY");
-            heap_caps_free(key_recovery_info);
-            return ESP_FAIL;
-        }
+    } else if (!esp_efuse_find_purpose(ESP_EFUSE_KEY_PURPOSE_KM_INIT_KEY, NULL)) {
+        ESP_LOGE(TAG, "Could not find key with purpose KM_INIT_KEY");
+        heap_caps_free(key_recovery_info);
+        return ESP_FAIL;
     }
 
     key_mgr_hal_start();
@@ -306,8 +314,10 @@ esp_err_t esp_key_mgr_deploy_key_in_aes_mode(const esp_key_mgr_aes_key_config_t
     aes_deploy_config.k1_encrypted = key_config->k1_encrypted[0];
 
     esp_key_mgr_key_type_t key_type = (esp_key_mgr_key_type_t) key_config->key_type;
-    if (key_type == ESP_KEY_MGR_ECDSA_KEY) {
-        aes_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA;
+    if (key_type == ESP_KEY_MGR_ECDSA_192_KEY) {
+        aes_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA_192;
+    } else if (key_type == ESP_KEY_MGR_ECDSA_256_KEY) {
+        aes_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA_256;
     } else if (key_type == ESP_KEY_MGR_XTS_AES_128_KEY) {
         aes_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_XTS_AES_128;
     } else if (key_type == ESP_KEY_MGR_XTS_AES_256_KEY) {
@@ -424,10 +434,12 @@ esp_err_t esp_key_mgr_activate_key(esp_key_mgr_key_recovery_info_t *key_recovery
     }
 
     esp_key_mgr_key_purpose_t key_purpose;
-    ESP_LOGD(TAG, "Activating key of type %d", key_recovery_info->key_type);
+    ESP_LOGI(TAG, "Activating key of type %d", key_recovery_info->key_type);
     esp_key_mgr_key_type_t key_type = (esp_key_mgr_key_type_t) key_recovery_info->key_type;
-    if (key_type == ESP_KEY_MGR_ECDSA_KEY) {
-        key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA;
+    if (key_type == ESP_KEY_MGR_ECDSA_192_KEY) {
+        key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA_192;
+    } else if (key_type == ESP_KEY_MGR_ECDSA_256_KEY) {
+        key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA_256;
     } else if (key_type == ESP_KEY_MGR_XTS_AES_128_KEY) {
         key_purpose = ESP_KEY_MGR_KEY_PURPOSE_XTS_AES_128;
     } else if (key_type == ESP_KEY_MGR_XTS_AES_256_KEY) {
@@ -438,6 +450,7 @@ esp_err_t esp_key_mgr_activate_key(esp_key_mgr_key_recovery_info_t *key_recovery
     }
 
     esp_err_t esp_ret = ESP_FAIL;
+    ESP_LOGI(TAG, "Activating key of type %d", key_recovery_info->key_type);
     esp_key_mgr_acquire_key_lock(key_type);
     key_recovery_config_t key_recovery_config = {};
     key_recovery_config.key_recovery_info = key_recovery_info;
@@ -448,6 +461,7 @@ esp_err_t esp_key_mgr_activate_key(esp_key_mgr_key_recovery_info_t *key_recovery
     esp_ret = key_mgr_recover_key(&key_recovery_config);
     if (esp_ret != ESP_OK) {
         ESP_LOGE(TAG, "Failed to recover key");
+        esp_key_mgr_release_key_lock(key_type);
         goto cleanup;
     }
 
@@ -456,13 +470,15 @@ esp_err_t esp_key_mgr_activate_key(esp_key_mgr_key_recovery_info_t *key_recovery
         esp_ret = key_mgr_recover_key(&key_recovery_config);
         if (esp_ret != ESP_OK) {
             ESP_LOGE(TAG, "Failed to recover key");
+            esp_key_mgr_release_key_lock(key_type);
             goto cleanup;
         }
     }
 
     // Set the Key Manager Static Register to use own key for the respective key type
-    key_mgr_hal_set_key_usage(key_recovery_info->key_type, ESP_KEY_MGR_USE_OWN_KEY);
+    key_mgr_hal_set_key_usage(key_type, ESP_KEY_MGR_USE_OWN_KEY);
     ESP_LOGI(TAG, "Key activation for type %d successful", key_recovery_info->key_type);
+    esp_key_mgr_release_key_lock(key_type);
     return ESP_OK;
 
 cleanup:
@@ -585,8 +601,11 @@ esp_err_t esp_key_mgr_deploy_key_in_ecdh0_mode(const esp_key_mgr_ecdh0_key_confi
     ecdh0_deploy_config.key_info = key_info;
     ecdh0_deploy_config.k1_G = key_config->k1_G[0];
 
-    if (key_type == ESP_KEY_MGR_ECDSA_KEY) {
-        ecdh0_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA;
+    if (key_type == ESP_KEY_MGR_ECDSA_192_KEY) {
+        ecdh0_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA_192;
+        ecdh0_deploy_config.ecdh0_key_info = ecdh0_key_info->k2_G[0];
+    } else if (key_type == ESP_KEY_MGR_ECDSA_256_KEY) {
+        ecdh0_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA_256;
         ecdh0_deploy_config.ecdh0_key_info = ecdh0_key_info->k2_G[0];
     } else if (key_type == ESP_KEY_MGR_XTS_AES_128_KEY) {
         ecdh0_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_XTS_AES_128;
@@ -718,8 +737,10 @@ esp_err_t esp_key_mgr_deploy_key_in_random_mode(const esp_key_mgr_random_key_con
     random_deploy_config.key_info = key_recovery_info;
     esp_key_mgr_key_type_t key_type = (esp_key_mgr_key_type_t) key_config->key_type;
 
-    if (key_type == ESP_KEY_MGR_ECDSA_KEY) {
-        random_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA;
+    if (key_type == ESP_KEY_MGR_ECDSA_192_KEY) {
+        random_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA_192;
+    } else if (key_type == ESP_KEY_MGR_ECDSA_256_KEY) {
+        random_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_ECDSA_256;
     } else if (key_type == ESP_KEY_MGR_XTS_AES_128_KEY) {
         random_deploy_config.key_purpose = ESP_KEY_MGR_KEY_PURPOSE_XTS_AES_128;
     } else if (key_type == ESP_KEY_MGR_XTS_AES_256_KEY) {
@@ -748,7 +769,7 @@ esp_err_t esp_key_mgr_deploy_key_in_random_mode(const esp_key_mgr_random_key_con
     }
 
     // Set the Key Manager Static Register to use own key for the respective key type
-    key_mgr_hal_set_key_usage(key_config->key_type, ESP_KEY_MGR_USE_OWN_KEY);
+    key_mgr_hal_set_key_usage(key_type, ESP_KEY_MGR_USE_OWN_KEY);
 
     esp_key_mgr_release_hardware(true);
     return esp_ret;

components/esp_security/test_apps/crypto_drivers/main/test_key_mgr.c

@@ -138,7 +138,7 @@ TEST_CASE("Key Manager random mode: ECDSA key deployment", "[hw_crypto] [key_mgr
     static esp_key_mgr_random_key_config_t key_config;
     static esp_key_mgr_key_recovery_info_t key_info;
     esp_err_t esp_ret = ESP_FAIL;
-    key_config.key_type = ESP_KEY_MGR_ECDSA_KEY;
+    key_config.key_type = ESP_KEY_MGR_ECDSA_256_KEY;
     esp_ret = esp_key_mgr_deploy_key_in_random_mode(&key_config, &key_info);
     TEST_ASSERT_EQUAL(ESP_OK, esp_ret);
 }

components/hal/ecdsa_hal.c

@@ -16,7 +16,7 @@
 #endif
 
 #ifdef SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
-#include "hal/key_mgr_ll.h"
+#include "hal/key_mgr_hal.h"
 #endif
 
 #define ECDSA_HAL_P192_COMPONENT_LEN        24
@@ -30,12 +30,20 @@ static void configure_ecdsa_periph(ecdsa_hal_config_t *conf)
 
 #if SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY
         // Force Key Manager to use eFuse key for XTS-AES operation
-        key_mgr_ll_set_key_usage(ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
+        if (conf->curve == ECDSA_CURVE_SECP192R1) {
+            key_mgr_hal_set_key_usage(ESP_KEY_MGR_ECDSA_192_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
+        } else {
+            key_mgr_hal_set_key_usage(ESP_KEY_MGR_ECDSA_256_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
+        }
 #endif
     }
 #if SOC_KEY_MANAGER_SUPPORTED
     else {
-        key_mgr_ll_set_key_usage(ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_USE_OWN_KEY);
+        if (conf->curve == ECDSA_CURVE_SECP192R1) {
+            key_mgr_hal_set_key_usage(ESP_KEY_MGR_ECDSA_192_KEY, ESP_KEY_MGR_USE_OWN_KEY);
+        } else {
+            key_mgr_hal_set_key_usage(ESP_KEY_MGR_ECDSA_256_KEY, ESP_KEY_MGR_USE_OWN_KEY);
+        }
     }
 #endif