diff --git a/components/mbedtls/CMakeLists.txt b/components/mbedtls/CMakeLists.txt index 475506f0635..ad10a2aa7e8 100644 --- a/components/mbedtls/CMakeLists.txt +++ b/components/mbedtls/CMakeLists.txt @@ -8,6 +8,7 @@ if(esp_tee_build) elseif(BOOTLOADER_BUILD) # TODO: IDF-11673 if(CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL_BOOTLOADER) set(include_dirs "${COMPONENT_DIR}/mbedtls/include" + "${COMPONENT_DIR}/mbedtls/tf-psa-crypto/drivers/builtin/include" "port/mbedtls_rom") set(srcs "port/mbedtls_rom/mbedtls_rom_osi_bootloader.c") endif() diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig index ba5c37fd44e..480dd46e6c3 100644 --- a/components/mbedtls/Kconfig +++ b/components/mbedtls/Kconfig @@ -1608,8 +1608,7 @@ menu "mbedTLS" config MBEDTLS_USE_CRYPTO_ROM_IMPL_BOOTLOADER bool "Use ROM implementation of the crypto algorithm in the bootloader" - # TODO: IDF-15012 - depends on ESP_ROM_HAS_MBEDTLS_CRYPTO_LIB && !MBEDTLS_VER_4_X_SUPPORT + depends on ESP_ROM_HAS_MBEDTLS_CRYPTO_LIB && ESP32C2_REV_MIN_200 default "n" select MBEDTLS_AES_C help @@ -1620,7 +1619,7 @@ menu "mbedTLS" config MBEDTLS_USE_CRYPTO_ROM_IMPL bool "Use ROM implementation of the crypto algorithm" - depends on ESP_ROM_HAS_MBEDTLS_CRYPTO_LIB + depends on ESP_ROM_HAS_MBEDTLS_CRYPTO_LIB && ESP32C2_REV_MIN_200 default "n" select MBEDTLS_SHA512_C select MBEDTLS_AES_C diff --git a/components/mbedtls/test_apps/mbedtls_ut/pytest_mbedtls_ut.py b/components/mbedtls/test_apps/mbedtls_ut/pytest_mbedtls_ut.py index c2d10218dd4..dbdb9bd2303 100644 --- a/components/mbedtls/test_apps/mbedtls_ut/pytest_mbedtls_ut.py +++ b/components/mbedtls/test_apps/mbedtls_ut/pytest_mbedtls_ut.py @@ -118,18 +118,19 @@ def test_mbedtls_hmac_opaque(dut: Dut) -> None: dut.run_all_single_board_cases(group='efuse_hmac_key') -# TODO: IDF-15012 -# @pytest.mark.generic -# @pytest.mark.parametrize( -# 'config', -# [ -# 'rom_impl', -# ], -# indirect=True, -# ) -# @idf_parametrize('target', ['esp32c2'], indirect=['target']) -# def test_mbedtls_rom_impl_esp32c2(dut: Dut) -> None: -# dut.run_all_single_board_cases() +@pytest.mark.esp32c2_rev2 +@pytest.mark.xtal_26mhz +@pytest.mark.generic +@pytest.mark.parametrize( + 'config, baud', + [ + ('rom_impl', '74880'), + ], + indirect=True, +) +@idf_parametrize('target', ['esp32c2'], indirect=['target']) +def test_mbedtls_rom_impl_esp32c2(dut: Dut) -> None: + dut.run_all_single_board_cases() @pytest.mark.generic diff --git a/components/mbedtls/test_apps/mbedtls_ut/sdkconfig.ci.rom_impl b/components/mbedtls/test_apps/mbedtls_ut/sdkconfig.ci.rom_impl index 53574d1c42d..44cf92ee55d 100644 --- a/components/mbedtls/test_apps/mbedtls_ut/sdkconfig.ci.rom_impl +++ b/components/mbedtls/test_apps/mbedtls_ut/sdkconfig.ci.rom_impl @@ -1,3 +1,4 @@ CONFIG_IDF_TARGET="esp32c2" -# TODO: IDF-15012 -# CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL=y +CONFIG_XTAL_FREQ_26=y +CONFIG_ESP32C2_REV_MIN_200=y +CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL=y diff --git a/components/nvs_flash/test_apps_bootloader/sdkconfig.defaults.esp32c2 b/components/nvs_flash/test_apps_bootloader/sdkconfig.defaults.esp32c2 index 5e3a3c88f46..6b1f01f17c8 100644 --- a/components/nvs_flash/test_apps_bootloader/sdkconfig.defaults.esp32c2 +++ b/components/nvs_flash/test_apps_bootloader/sdkconfig.defaults.esp32c2 @@ -1,2 +1,3 @@ CONFIG_IDF_TARGET="esp32c2" +CONFIG_ESP32C2_REV_MIN_200=y CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL_BOOTLOADER=y diff --git a/examples/protocols/https_request/pytest_https_request.py b/examples/protocols/https_request/pytest_https_request.py index 3cd8e0c7560..c4a3c75f6f5 100644 --- a/examples/protocols/https_request/pytest_https_request.py +++ b/examples/protocols/https_request/pytest_https_request.py @@ -389,6 +389,7 @@ def test_examples_protocol_https_request(dut: Dut) -> None: @pytest.mark.wifi_ap +@pytest.mark.esp32c2_rev2 @pytest.mark.xtal_26mhz @pytest.mark.parametrize( 'config, baud', diff --git a/examples/protocols/https_request/sdkconfig.ci.esp32c2_rom_mbedtls b/examples/protocols/https_request/sdkconfig.ci.esp32c2_rom_mbedtls index 04000befa49..73f8dcc658d 100644 --- a/examples/protocols/https_request/sdkconfig.ci.esp32c2_rom_mbedtls +++ b/examples/protocols/https_request/sdkconfig.ci.esp32c2_rom_mbedtls @@ -1,6 +1,6 @@ CONFIG_IDF_TARGET="esp32c2" CONFIG_XTAL_FREQ_26=y +CONFIG_ESP32C2_REV_MIN_200=y CONFIG_EXAMPLE_CONNECT_WIFI=y CONFIG_EXAMPLE_WIFI_SSID_PWD_FROM_STDIN=y -# TODO: IDF-15012 -CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL=n +CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL=y diff --git a/examples/storage/nvs/.build-test-rules.yml b/examples/storage/nvs/.build-test-rules.yml index 618abc0ef3e..8e9b256cb16 100644 --- a/examples/storage/nvs/.build-test-rules.yml +++ b/examples/storage/nvs/.build-test-rules.yml @@ -12,9 +12,6 @@ examples/storage/nvs/nvs_bootloader: - if: CONFIG_NAME == "nvs_enc_flash_enc" and (SOC_AES_SUPPORTED != 1 and ESP_ROM_HAS_MBEDTLS_CRYPTO_LIB != 1) - if: CONFIG_NAME == "nvs_enc_hmac" and (SOC_HMAC_SUPPORTED != 1 or (SOC_HMAC_SUPPORTED == 1 and (SOC_AES_SUPPORTED != 1 and ESP_ROM_HAS_MBEDTLS_CRYPTO_LIB != 1))) reason: As of now in such cases, we do not have any way to perform AES operations in the bootloader build - # TODO: IDF-15012 - - if: IDF_TARGET in ["esp32c2"] and CONFIG_NAME in ["nvs_enc_flash_enc", "nvs_enc_hmac", "default"] - reason: PSA is not yet available for ESP32-C2 examples/storage/nvs/nvs_console: depends_components: diff --git a/examples/storage/nvs/nvs_bootloader/sdkconfig.defaults.esp32c2 b/examples/storage/nvs/nvs_bootloader/sdkconfig.defaults.esp32c2 index 5e3a3c88f46..6b1f01f17c8 100644 --- a/examples/storage/nvs/nvs_bootloader/sdkconfig.defaults.esp32c2 +++ b/examples/storage/nvs/nvs_bootloader/sdkconfig.defaults.esp32c2 @@ -1,2 +1,3 @@ CONFIG_IDF_TARGET="esp32c2" +CONFIG_ESP32C2_REV_MIN_200=y CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL_BOOTLOADER=y