feat(espefuse): Clean up limitation for BLOCK9 usage

2025-10-14 11:09:14 +08:00 · 2025-07-17 16:21:56 +03:00
parent 468de5ce57
commit d63e3dbd07
8 changed files with 45 additions and 34 deletions
--- a/espefuse/efuse/esp32c3/fields.py
+++ b/espefuse/efuse/esp32c3/fields.py
@@ -444,5 +444,6 @@ class EfuseKeyPurposeField(EfuseField):
        raw_val = int(self.check_format(str(new_value)))
        str_new_value = self.get_name(raw_val)
        if self.name == "KEY_PURPOSE_5" and str_new_value.startswith("XTS_AES"):
+            # see SOC_EFUSE_BLOCK9_KEY_PURPOSE_QUIRK in esp-idf
            raise esptool.FatalError(f"{self.name} can not have {str_new_value} key due to a hardware bug (please see TRM for more details)")
        return super(EfuseKeyPurposeField, self).save(raw_val)
--- a/espefuse/efuse/esp32c5/fields.py
+++ b/espefuse/efuse/esp32c5/fields.py
@@ -499,7 +499,4 @@ class EfuseKeyPurposeField(EfuseField):

    def save(self, new_value):
        raw_val = int(self.check_format(str(new_value)))
-        str_new_value = self.get_name(raw_val)
-        if self.name == "KEY_PURPOSE_5" and str_new_value.startswith("XTS_AES"):
-            raise esptool.FatalError(f"{self.name} can not have {str_new_value} key due to a hardware bug (please see TRM for more details)")
        return super(EfuseKeyPurposeField, self).save(raw_val)
--- a/espefuse/efuse/esp32c6/fields.py
+++ b/espefuse/efuse/esp32c6/fields.py
@@ -452,5 +452,6 @@ class EfuseKeyPurposeField(EfuseField):
        raw_val = int(self.check_format(str(new_value)))
        str_new_value = self.get_name(raw_val)
        if self.name == "KEY_PURPOSE_5" and str_new_value.startswith("XTS_AES"):
+            # see SOC_EFUSE_BLOCK9_KEY_PURPOSE_QUIRK in esp-idf
            raise esptool.FatalError(f"{self.name} can not have {str_new_value} key due to a hardware bug (please see TRM for more details)")
        return super(EfuseKeyPurposeField, self).save(raw_val)
--- a/espefuse/efuse/esp32c61/fields.py
+++ b/espefuse/efuse/esp32c61/fields.py
@@ -454,7 +454,4 @@ class EfuseKeyPurposeField(EfuseField):

    def save(self, new_value):
        raw_val = int(self.check_format(str(new_value)))
-        str_new_value = self.get_name(raw_val)
-        if self.name == "KEY_PURPOSE_5" and str_new_value.startswith("XTS_AES"):
-            raise esptool.FatalError(f"{self.name} can not have {str_new_value} key due to a hardware bug (please see TRM for more details)")
        return super(EfuseKeyPurposeField, self).save(raw_val)
--- a/espefuse/efuse/esp32h2/fields.py
+++ b/espefuse/efuse/esp32h2/fields.py
@@ -446,5 +446,6 @@ class EfuseKeyPurposeField(EfuseField):
        raw_val = int(self.check_format(str(new_value)))
        str_new_value = self.get_name(raw_val)
        if self.name == "KEY_PURPOSE_5" and str_new_value in ["XTS_AES_128_KEY", "ECDSA_KEY"]:
+            # see SOC_EFUSE_BLOCK9_KEY_PURPOSE_QUIRK in esp-idf
            raise esptool.FatalError(f"{self.name} can not have {str_new_value} key due to a hardware bug (please see TRM for more details)")
        return super(EfuseKeyPurposeField, self).save(raw_val)
--- a/espefuse/efuse/esp32h4/fields.py
+++ b/espefuse/efuse/esp32h4/fields.py
@@ -443,4 +443,8 @@ class EfuseKeyPurposeField(EfuseField):

    def save(self, new_value):
        raw_val = int(self.check_format(str(new_value)))
+        str_new_value = self.get_name(raw_val)
+        if self.name == "KEY_PURPOSE_5" and str_new_value.startswith("XTS_AES"):
+            # see SOC_EFUSE_BLOCK9_KEY_PURPOSE_QUIRK in esp-idf
+            raise esptool.FatalError(f"{self.name} can not have {str_new_value} key due to a hardware bug (please see TRM for more details)")
        return super(EfuseKeyPurposeField, self).save(raw_val)
--- a/espefuse/efuse/esp32s3/fields.py
+++ b/espefuse/efuse/esp32s3/fields.py
@@ -493,5 +493,6 @@ class EfuseKeyPurposeField(EfuseField):
        raw_val = int(self.check_format(str(new_value)))
        str_new_value = self.get_name(raw_val)
        if self.name == "KEY_PURPOSE_5" and str_new_value.startswith("XTS_AES"):
+            # see SOC_EFUSE_BLOCK9_KEY_PURPOSE_QUIRK in esp-idf
            raise esptool.FatalError(f"{self.name} can not have {str_new_value} key due to a hardware bug (please see TRM for more details)")
        return super(EfuseKeyPurposeField, self).save(raw_val)
--- a/test/test_espefuse.py
+++ b/test/test_espefuse.py
@@ -2112,55 +2112,64 @@ class TestMultipleCommands(EfuseTestCase):
        )


-@pytest.mark.skipif(
-    Command(arg_chip, "burn-key").does_not_support("BLOCK_KEY5"),
-    reason="This test is only relevant for chips affected by "
-    "the BLOCK_KEY5 hardware bug",
-)
 class TestKeyPurposes(EfuseTestCase):
+    CHIPS_WITH_BUG_FOR_XTS_AES_IN_BLOCK_KEY5 = [
+        "esp32c3",
+        "esp32c6",
+        "esp32h2",
+        "esp32h4",
+        "esp32s3",
+    ]
+    CHIPS_WITH_BUG_FOR_ECDSA_IN_BLOCK_KEY5 = ["esp32h2"]
+    error_check_msg = "a hardware bug (please see TRM for more details)"
+
    def test_burn_xts_aes_key_purpose(self):
+        ret_code = 0
+        check_msg = None
+        if arg_chip in self.CHIPS_WITH_BUG_FOR_XTS_AES_IN_BLOCK_KEY5:
+            ret_code = 2
+            check_msg = self.error_check_msg
        self.espefuse_py(
            "burn-efuse KEY_PURPOSE_5 XTS_AES_128_KEY",
-            check_msg="A fatal error occurred: "
-            "KEY_PURPOSE_5 can not have XTS_AES_128_KEY "
-            "key due to a hardware bug (please see TRM for more details)",
-            ret_code=2,
+            check_msg=check_msg,
+            ret_code=ret_code,
        )

-    @pytest.mark.skipif(
-        arg_chip != "esp32h2", reason="esp32h2 can not have ECDSA key in KEY5"
-    )
    def test_burn_ecdsa_key_purpose(self):
+        ret_code = 0
+        check_msg = None
+        if arg_chip in self.CHIPS_WITH_BUG_FOR_ECDSA_IN_BLOCK_KEY5:
+            ret_code = 2
+            check_msg = self.error_check_msg
        self.espefuse_py(
-            "burn-efuse KEY_PURPOSE_5 ECDSA_KEY",
-            check_msg="A fatal error occurred: "
-            "KEY_PURPOSE_5 can not have ECDSA_KEY "
-            "key due to a hardware bug (please see TRM for more details)",
-            ret_code=2,
+            "burn-efuse KEY_PURPOSE_5 ECDSA_KEY", check_msg=check_msg, ret_code=ret_code
        )

    def test_burn_xts_aes_key(self):
+        ret_code = 0
+        check_msg = None
+        if arg_chip in self.CHIPS_WITH_BUG_FOR_XTS_AES_IN_BLOCK_KEY5:
+            ret_code = 2
+            check_msg = self.error_check_msg
        self.espefuse_py(
            f"burn-key \
            BLOCK_KEY5 {IMAGES_DIR}/256bit XTS_AES_128_KEY",
-            check_msg="A fatal error occurred: "
-            "KEY_PURPOSE_5 can not have XTS_AES_128_KEY "
-            "key due to a hardware bug (please see TRM for more details)",
-            ret_code=2,
+            check_msg=check_msg,
+            ret_code=ret_code,
        )

-    @pytest.mark.skipif(
-        arg_chip != "esp32h2", reason="esp32h2 can not have ECDSA key in KEY5"
-    )
    def test_burn_ecdsa_key(self):
+        ret_code = 0
+        check_msg = None
+        if arg_chip in self.CHIPS_WITH_BUG_FOR_ECDSA_IN_BLOCK_KEY5:
+            ret_code = 2
+            check_msg = self.error_check_msg
        self.espefuse_py(
            f"burn-key \
            BLOCK_KEY5 {S_IMAGES_DIR}/ecdsa192_secure_boot_signing_key_v2.pem \
            ECDSA_KEY",
-            check_msg="A fatal error occurred: "
-            "KEY_PURPOSE_5 can not have ECDSA_KEY "
-            "key due to a hardware bug (please see TRM for more details)",
-            ret_code=2,
+            check_msg=check_msg,
+            ret_code=ret_code,
        )