Functions
fsp_err_t	R_RSIP_Open (rsip_ctrl_t const p_ctrl, rsip_cfg_t const const p_cfg)

fsp_err_t	R_RSIP_Close (rsip_ctrl_t *const p_ctrl)

fsp_err_t	R_RSIP_RandomNumberGenerate (rsip_ctrl_t const p_ctrl, uint8_t const p_random)

fsp_err_t	R_RSIP_KeyGenerate (rsip_ctrl_t const p_ctrl, rsip_key_type_t const key_type, rsip_wrapped_key_t const p_wrapped_key)

fsp_err_t	R_RSIP_KeyPairGenerate (rsip_ctrl_t const p_ctrl, rsip_key_pair_type_t const key_pair_type, rsip_wrapped_key_t const p_wrapped_public_key, rsip_wrapped_key_t *const p_wrapped_private_key)

fsp_err_t	R_RSIP_EncryptedKeyWrap (rsip_ctrl_t const p_ctrl, rsip_key_update_key_t const const p_key_update_key, uint8_t const const p_initial_vector, rsip_key_type_t const key_type, uint8_t const const p_encrypted_key, rsip_wrapped_key_t *const p_wrapped_key)

fsp_err_t	R_RSIP_RFC3394_KeyWrap (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_kek, rsip_wrapped_key_t const const p_wrapped_target_key, uint8_t const p_rfc3394_wrapped_target_key)

fsp_err_t	R_RSIP_RFC3394_KeyUnwrap (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_kek, rsip_key_type_t const key_type, uint8_t const const p_rfc3394_wrapped_target_key, rsip_wrapped_key_t const p_wrapped_target_key)

fsp_err_t	R_RSIP_InjectedKeyImport (rsip_key_type_t const key_type, uint8_t const const p_injected_key, rsip_wrapped_key_t const p_wrapped_key, uint32_t const wrapped_key_buffer_length)

fsp_err_t	R_RSIP_PublicKeyExport (rsip_wrapped_key_t const const p_wrapped_public_key, uint8_t const p_raw_public_key)

fsp_err_t	R_RSIP_AES_Cipher_Init (rsip_ctrl_t const p_ctrl, rsip_aes_cipher_mode_t const mode, rsip_wrapped_key_t const const p_wrapped_key, uint8_t const *const p_initial_vector)

fsp_err_t	R_RSIP_AES_Cipher_Update (rsip_ctrl_t const p_ctrl, uint8_t const const p_input, uint8_t *const p_output, uint32_t const length)

fsp_err_t	R_RSIP_AES_Cipher_Finish (rsip_ctrl_t *const p_ctrl)

fsp_err_t	R_RSIP_AES_AEAD_Init (rsip_ctrl_t const p_ctrl, rsip_aes_aead_mode_t mode, rsip_wrapped_key_t const const p_wrapped_key, uint8_t const *const p_nonce, uint32_t const nonce_length)

fsp_err_t	R_RSIP_AES_AEAD_LengthsSet (rsip_ctrl_t *const p_ctrl, uint32_t const total_aad_length, uint32_t const total_text_length, uint32_t const tag_length)

fsp_err_t	R_RSIP_AES_AEAD_AADUpdate (rsip_ctrl_t const p_ctrl, uint8_t const const p_aad, uint32_t const aad_length)

fsp_err_t	R_RSIP_AES_AEAD_Update (rsip_ctrl_t const p_ctrl, uint8_t const const p_input, uint32_t const input_length, uint8_t const p_output, uint32_t const p_output_length)

fsp_err_t	R_RSIP_AES_AEAD_Finish (rsip_ctrl_t const p_ctrl, uint8_t const p_output, uint32_t const p_output_length, uint8_t const p_tag)

fsp_err_t	R_RSIP_AES_AEAD_Verify (rsip_ctrl_t const p_ctrl, uint8_t const p_output, uint32_t const p_output_length, uint8_t const const p_tag, uint32_t const tag_length)

fsp_err_t	R_RSIP_AES_MAC_Init (rsip_ctrl_t const p_ctrl, rsip_aes_mac_mode_t const mode, rsip_wrapped_key_t const const p_wrapped_key)

fsp_err_t	R_RSIP_AES_MAC_Update (rsip_ctrl_t const p_ctrl, uint8_t const const p_message, uint32_t const message_length)

fsp_err_t	R_RSIP_AES_MAC_SignFinish (rsip_ctrl_t const p_ctrl, uint8_t const p_mac)

fsp_err_t	R_RSIP_AES_MAC_VerifyFinish (rsip_ctrl_t const p_ctrl, uint8_t const const p_mac, uint32_t const mac_length)

fsp_err_t	R_RSIP_ECDSA_Sign (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_private_key, uint8_t const const p_hash, uint8_t const p_signature)

fsp_err_t	R_RSIP_ECDSA_Verify (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_public_key, uint8_t const const p_hash, uint8_t const const p_signature)

fsp_err_t	R_RSIP_PKI_ECDSA_CertVerify (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_public_key, uint8_t const const p_hash, uint8_t const const p_signature)

fsp_err_t	R_RSIP_ECDH_KeyAgree (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_private_key, rsip_wrapped_key_t const const p_wrapped_public_key, rsip_wrapped_secret_t const p_wrapped_secret)

fsp_err_t	R_RSIP_ECDH_PlainKeyAgree (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_private_key, uint8_t const const p_plain_public_key, rsip_wrapped_secret_t const p_wrapped_secret)

fsp_err_t	R_RSIP_PureEdDSA_Sign (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_private_key, rsip_wrapped_key_t const const p_wrapped_public_key, uint8_t const const p_message, uint64_t const message_length, uint8_t *const p_signature)

fsp_err_t	R_RSIP_PureEdDSA_Verify (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_public_key, uint8_t const const p_message, uint64_t const message_length, uint8_t const const p_signature)

fsp_err_t	R_RSIP_KDF_SHA_Init (rsip_ctrl_t *const p_ctrl, rsip_hash_type_t const hash_type)

fsp_err_t	R_RSIP_KDF_SHA_ECDHSecretUpdate (rsip_ctrl_t const p_ctrl, rsip_wrapped_secret_t const const p_wrapped_secret)

fsp_err_t	R_RSIP_KDF_SHA_Update (rsip_ctrl_t const p_ctrl, uint8_t const const p_message, uint32_t const message_length)

fsp_err_t	R_RSIP_KDF_SHA_Finish (rsip_ctrl_t const p_ctrl, rsip_wrapped_dkm_t const p_wrapped_dkm)

fsp_err_t	R_RSIP_KDF_SHA_Suspend (rsip_ctrl_t const p_ctrl, rsip_kdf_sha_handle_t const p_handle)

fsp_err_t	R_RSIP_KDF_SHA_Resume (rsip_ctrl_t const p_ctrl, rsip_kdf_sha_handle_t const const p_handle)

fsp_err_t	R_RSIP_KDF_SHA_DKMConcatenate (rsip_wrapped_dkm_t const p_wrapped_dkm1, rsip_wrapped_dkm_t const const p_wrapped_dkm2, uint32_t const wrapped_dkm1_buffer_length)

fsp_err_t	R_RSIP_KDF_SHA_DerivedKeyImport (rsip_ctrl_t const p_ctrl, rsip_wrapped_dkm_t const const p_wrapped_dkm, rsip_key_type_t const key_type, uint32_t const position, rsip_wrapped_key_t *const p_wrapped_key)

fsp_err_t	R_RSIP_KDF_SHA_DerivedIVWrap (rsip_ctrl_t const p_ctrl, rsip_wrapped_dkm_t const const p_wrapped_dkm, rsip_initial_vector_type_t const initial_vector_type, uint32_t const position, uint8_t const const p_tls_sequence_num, uint8_t const p_wrapped_initial_vector)

fsp_err_t	R_RSIP_KDF_MACKeyImport (rsip_ctrl_t const p_ctrl, rsip_key_type_t const key_type, rsip_wrapped_mac_t const const p_wrapped_mac, uint32_t const key_length, rsip_wrapped_key_t *const p_wrapped_key)

fsp_err_t	R_RSIP_KDF_ECDHSecretKeyImport (rsip_ctrl_t const p_ctrl, rsip_key_type_t const key_type, rsip_wrapped_secret_t const const p_wrapped_secret, rsip_wrapped_key_t *const p_wrapped_key)

fsp_err_t	R_RSIP_KDF_HMAC_Init (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_key)

fsp_err_t	R_RSIP_KDF_HMAC_MACUpdate (rsip_ctrl_t const p_ctrl, rsip_wrapped_mac_t const const p_wrapped_mac)

fsp_err_t	R_RSIP_KDF_HMAC_ECDHSecretUpdate (rsip_ctrl_t const p_ctrl, rsip_wrapped_secret_t const const p_wrapped_secret)

fsp_err_t	R_RSIP_KDF_HMAC_Update (rsip_ctrl_t const p_ctrl, uint8_t const const p_message, uint32_t const message_length)

fsp_err_t	R_RSIP_KDF_HMAC_SignFinish (rsip_ctrl_t const p_ctrl, rsip_wrapped_mac_t const p_wrapped_mac)

fsp_err_t	R_RSIP_KDF_HMAC_Suspend (rsip_ctrl_t const p_ctrl, rsip_kdf_hmac_handle_t const p_handle)

fsp_err_t	R_RSIP_KDF_HMAC_Resume (rsip_ctrl_t const p_ctrl, rsip_kdf_hmac_handle_t const const p_handle)

fsp_err_t	R_RSIP_KDF_MACConcatenate (rsip_wrapped_mac_t const p_wrapped_mac1, rsip_wrapped_mac_t const const p_wrapped_mac2, uint32_t const wrapped_mac1_buffer_length)

fsp_err_t	R_RSIP_KDF_DerivedKeyImport (rsip_ctrl_t const p_ctrl, rsip_wrapped_mac_t const const p_wrapped_mac, rsip_key_type_t const key_type, uint32_t const position, rsip_wrapped_key_t *const p_wrapped_key)

fsp_err_t	R_RSIP_KDF_DerivedIVWrap (rsip_ctrl_t const p_ctrl, rsip_wrapped_mac_t const const p_wrapped_mac, rsip_initial_vector_type_t const initial_vector_type, uint32_t const position, uint8_t const const p_tls_sequence_num, uint8_t const p_wrapped_initial_vector)

fsp_err_t	R_RSIP_OTF_Init (rsip_ctrl_t const p_ctrl, rsip_otf_channel_t const channel, rsip_wrapped_key_t const p_wrapped_key, uint8_t const *const p_seed)

fsp_err_t	R_RSIP_PKI_VerifiedCertInfoExport (rsip_ctrl_t const p_ctrl, rsip_verified_cert_info_t const p_verified_cert_info)

fsp_err_t	R_RSIP_PKI_VerifiedCertInfoImport (rsip_ctrl_t const p_ctrl, rsip_verified_cert_info_t const const p_verified_cert_info)

fsp_err_t	R_RSIP_PKI_CertKeyImport (rsip_ctrl_t const p_ctrl, uint8_t const const p_cert, uint32_t const cert_length, rsip_key_type_t const key_type, uint8_t const const p_key_param1, uint32_t const key_param1_length, uint8_t const const p_key_param2, uint32_t const key_param2_length, rsip_hash_type_t const hash_function, rsip_wrapped_key_t *const p_wrapped_public_key)

fsp_err_t	R_RSIP_RSA_Encrypt (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_public_key, uint8_t const const p_plain, uint8_t const p_cipher)

fsp_err_t	R_RSIP_RSA_Decrypt (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_private_key, uint8_t const const p_cipher, uint8_t const p_plain)

fsp_err_t	R_RSIP_RSAES_PKCS1_V1_5_Encrypt (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_public_key, uint8_t const const p_plain, uint32_t const plain_length, uint8_t const p_cipher)

fsp_err_t	R_RSIP_RSAES_PKCS1_V1_5_Decrypt (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_private_key, uint8_t const const p_cipher, uint8_t const p_plain, uint32_t *const p_plain_length, uint32_t const plain_buffer_length)

fsp_err_t	R_RSIP_RSAES_OAEP_Encrypt (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_public_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint8_t const const p_label, uint32_t const label_length, uint8_t const const p_plain, uint32_t const plain_length, uint8_t *const p_cipher)

fsp_err_t	R_RSIP_RSAES_OAEP_Decrypt (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_private_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint8_t const const p_label, uint32_t const label_length, uint8_t const const p_cipher, uint8_t const p_plain, uint32_t const p_plain_length, uint32_t const plain_buffer_length)

fsp_err_t	R_RSIP_RSASSA_PKCS1_V1_5_Sign (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_private_key, rsip_hash_type_t const hash_function, uint8_t const const p_hash, uint8_t const p_signature)

fsp_err_t	R_RSIP_RSASSA_PKCS1_V1_5_Verify (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_public_key, rsip_hash_type_t const hash_function, uint8_t const const p_hash, uint8_t const const p_signature)

fsp_err_t	R_RSIP_RSASSA_PSS_Sign (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_private_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint32_t const salt_length, uint8_t const const p_hash, uint8_t const p_signature)

fsp_err_t	R_RSIP_RSASSA_PSS_Verify (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_public_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint32_t const salt_length, uint8_t const const p_hash, uint8_t const const p_signature)

fsp_err_t	R_RSIP_SHA_Compute (rsip_ctrl_t const p_ctrl, rsip_hash_type_t const hash_type, uint8_t const const p_message, uint32_t const message_length, uint8_t *const p_digest)

fsp_err_t	R_RSIP_SHA_Init (rsip_ctrl_t *const p_ctrl, rsip_hash_type_t const hash_type)

fsp_err_t	R_RSIP_SHA_Update (rsip_ctrl_t const p_ctrl, uint8_t const const p_message, uint32_t const message_length)

fsp_err_t	R_RSIP_SHA_Finish (rsip_ctrl_t const p_ctrl, uint8_t const p_digest)

fsp_err_t	R_RSIP_SHA_Suspend (rsip_ctrl_t const p_ctrl, rsip_sha_handle_t const p_handle)

fsp_err_t	R_RSIP_SHA_Resume (rsip_ctrl_t const p_ctrl, rsip_sha_handle_t const const p_handle)

fsp_err_t	R_RSIP_HMAC_Compute (rsip_ctrl_t const p_ctrl, const rsip_wrapped_key_t p_wrapped_key, uint8_t const const p_message, uint32_t const message_length, uint8_t const p_mac)

fsp_err_t	R_RSIP_HMAC_Verify (rsip_ctrl_t const p_ctrl, const rsip_wrapped_key_t p_wrapped_key, uint8_t const const p_message, uint32_t const message_length, uint8_t const const p_mac, uint32_t const mac_length)

fsp_err_t	R_RSIP_HMAC_Init (rsip_ctrl_t const p_ctrl, rsip_wrapped_key_t const const p_wrapped_key)

fsp_err_t	R_RSIP_HMAC_Update (rsip_ctrl_t const p_ctrl, uint8_t const const p_message, uint32_t const message_length)

fsp_err_t	R_RSIP_HMAC_SignFinish (rsip_ctrl_t const p_ctrl, uint8_t const p_mac)

fsp_err_t	R_RSIP_HMAC_VerifyFinish (rsip_ctrl_t const p_ctrl, uint8_t const const p_mac, uint32_t const mac_length)

fsp_err_t	R_RSIP_HMAC_Suspend (rsip_ctrl_t const p_ctrl, rsip_hmac_handle_t const p_handle)

fsp_err_t	R_RSIP_HMAC_Resume (rsip_ctrl_t const p_ctrl, rsip_hmac_handle_t const const p_handle)

fsp_err_t	R_RSIP_FSBL_OEM_BL_Digest_Generate (rsip_ctrl_t const p_ctrl, uint8_t const const p_key_cert, uint32_t const key_cert_max_length, uint8_t const const p_code_cert, uint32_t const code_cert_max_length, uint32_t const p_mac)

Detailed Description

Driver for the Renesas Secure IP on RA MPUs. This module implements the RSIP Interface.

Overview

This module provides RSIP functions in protected mode.

HW Overview

Crypto Peripheral version	Devices
RSIP-E11A	RA4L1
RSIP-E51A	RA8M1, RA8D1, RA8T1

Features

The RSIP module supports for the following features.

Cryptography
- Symmetric Encryption/Decryption
  - AES
    - ECB 128/192/256bit
    - CBC 128/192/256bit
    - CTR 128/192/256bit
    - GCM 128/192/256bit
    - CCM 128/192/256bit
    - XTS 128/256bit
- Asymmetric Encryption/Decryption
  - RSA
    - RSAES-PKCS1-V1_5 2048/3072/4096bit
    - RSAES-OAEP 2048/3072/4096bit
    - RSASSA-PKCS1-V1_5 2048/3072/4096bit
    - RSASSA-PSS 2048/3072/4096bit
  - ECC
    - ECDSA
      - secp256r1/secp384r1/secp521r1
      - secp256k1
      - brainpool P256r1/P384r1/P512r1
    - EdDSA
      - Ed25519
- Key Agreement
  - ECDH
    - secp256r1/secp384r1/secp521r1
- Key Derivation
  - Key Derivation Function (KDF) using SHA
    - SHA-256bit
  - Key Derivation Function (KDF) using HMAC
    - HMAC-SHA256/384/512bit
  - Key Import by derived keying material
  - IV output by derived keying material
- Public Key Infrastructure (PKI)
  - Certificate Verification
    - ECDSA
      - secp256r1/secp384r1/secp521r1
  - Key Import from Certificate
    - ECC
      - secp256r1/secp384r1/secp521r1
- Hash Functions
  - SHA-2
    - SHA-224, 256, 384, 512, 512/224, 512/256
- RFC3394 Key Wrap/Unwrap
Message Authentication Code
- HMAC-SHA224/256/384/512bit
- AES-CMAC 128/192/256bit
Key Manage
- Key Support
  - AES 128/192/256bit
  - RSA 2048/3072/4096bit
  - ECC
    - secp256r1/secp384r1/secp521r1
    - secp256k1
    - brainpool P256r1/P384r1/P512r1
  - HMAC-SHA224/256/384/512bit
Random Number Generate
Secure boot for FSBL
- Manifest verification and MAC generation (Refer to Application Note R11AN0774.)

Supported algorithms

The following algorithms are available on each devices.

RSIP-E11A: RA4L1
RSIP-E51A: RA8M1, RA8D1, RA8T1

Symmetric Key

Key type (rsip_key_type_t)	RSIP-E11A	RSIP-E51A
RSIP_KEY_TYPE_AES_128	Supported	Supported
RSIP_KEY_TYPE_AES_192	Not Supported	Supported
RSIP_KEY_TYPE_AES_256	Supported	Supported
RSIP_KEY_TYPE_XTS_AES_128	Not Supported	Supported
RSIP_KEY_TYPE_XTS_AES_256	Not Supported	Supported
RSIP_KEY_TYPE_HMAC_SHA224	Supported	Supported
RSIP_KEY_TYPE_HMAC_SHA256	Supported	Supported
RSIP_KEY_TYPE_HMAC_SHA384	Not Supported	Supported
RSIP_KEY_TYPE_HMAC_SHA512	Not Supported	Supported

Asymmetric Key

Key pair type (rsip_key_pair_type_t)	Public key type (rsip_key_type_t)	Private key type (rsip_key_type_t)	RSIP-E11A	RSIP-E51A
RSIP_KEY_PAIR_TYPE_ECC_SECP256R1	RSIP_KEY_TYPE_ECC_SECP256R1_PUBLIC	RSIP_KEY_TYPE_ECC_SECP256R1_PRIVATE	Supported	Supported
RSIP_KEY_PAIR_TYPE_ECC_SECP384R1	RSIP_KEY_TYPE_ECC_SECP384R1_PUBLIC	RSIP_KEY_TYPE_ECC_SECP384R1_PRIVATE	Not Supported	Supported
RSIP_KEY_PAIR_TYPE_ECC_SECP521R1	RSIP_KEY_TYPE_ECC_SECP521R1_PUBLIC	RSIP_KEY_TYPE_ECC_SECP521R1_PRIVATE	Not Supported	Supported
RSIP_KEY_PAIR_TYPE_ECC_SECP256K1	RSIP_KEY_TYPE_ECC_SECP256K1_PUBLIC	RSIP_KEY_TYPE_ECC_SECP256K1_PRIVATE	Not Supported	Supported
RSIP_KEY_PAIR_TYPE_ECC_BRAINPOOLP256R1	RSIP_KEY_TYPE_ECC_BRAINPOOLP256R1_PUBLIC	RSIP_KEY_TYPE_ECC_BRAINPOOLP256R1_PRIVATE	Not Supported	Supported
RSIP_KEY_PAIR_TYPE_ECC_BRAINPOOLP384R1	RSIP_KEY_TYPE_ECC_BRAINPOOLP384R1_PUBLIC	RSIP_KEY_TYPE_ECC_BRAINPOOLP384R1_PRIVATE	Not Supported	Supported
RSIP_KEY_PAIR_TYPE_ECC_BRAINPOOLP512R1	RSIP_KEY_TYPE_ECC_BRAINPOOLP512R1_PUBLIC	RSIP_KEY_TYPE_ECC_BRAINPOOLP512R1_PRIVATE	Not Supported	Supported
RSIP_KEY_PAIR_TYPE_ECC_EDWARDS25519	RSIP_KEY_TYPE_ECC_EDWARDS25519_PUBLIC	RSIP_KEY_TYPE_ECC_EDWARDS25519_PRIVATE	Not Supported	Supported
RSIP_KEY_PAIR_TYPE_RSA_2048	RSIP_KEY_TYPE_RSA_2048_PUBLIC	RSIP_KEY_TYPE_RSA_2048_PRIVATE	Not Supported	Supported
RSIP_KEY_PAIR_TYPE_RSA_3072	RSIP_KEY_TYPE_RSA_3072_PUBLIC	RSIP_KEY_TYPE_RSA_3072_PRIVATE	Not Supported	Supported
RSIP_KEY_PAIR_TYPE_RSA_4096	RSIP_KEY_TYPE_RSA_4096_PUBLIC	RSIP_KEY_TYPE_RSA_4096_PRIVATE	Not Supported	Supported

AES Block Cipher Mode of Operation

Cipher mode (rsip_aes_cipher_mode_t)	RSIP-E11A	RSIP-E51A
RSIP_AES_CIPHER_MODE_ECB_ENC	Supported	Supported
RSIP_AES_CIPHER_MODE_ECB_DEC	Supported	Supported
RSIP_AES_CIPHER_MODE_CBC_ENC	Supported	Supported
RSIP_AES_CIPHER_MODE_CBC_DEC	Supported	Supported
RSIP_AES_CIPHER_MODE_CTR	Supported	Supported
RSIP_AES_CIPHER_MODE_XTS_ENC	Not Supported	Supported
RSIP_AES_CIPHER_MODE_XTS_DEC	Not Supported	Supported

AEAD mode (rsip_aes_aead_mode_t)	RSIP-E11A	RSIP-E51A
RSIP_AES_AEAD_MODE_GCM_ENC	Supported	Supported
RSIP_AES_AEAD_MODE_GCM_DEC	Supported	Supported
RSIP_AES_AEAD_MODE_CCM_ENC	Supported	Supported
RSIP_AES_AEAD_MODE_CCM_DEC	Supported	Supported

MAC mode (rsip_aes_mac_mode_t)	RSIP-E11A	RSIP-E51A
RSIP_AES_MAC_MODE_CMAC	Supported	Supported

Hash Function

Hash Function (rsip_hash_type_t)	RSIP-E11A	RSIP-E51A
RSIP_HASH_TYPE_SHA224	Supported	Supported
RSIP_HASH_TYPE_SHA256	Supported	Supported
RSIP_HASH_TYPE_SHA384	Not Supported	Supported
RSIP_HASH_TYPE_SHA512	Not Supported	Supported
RSIP_HASH_TYPE_SHA512_224	Not Supported	Supported
RSIP_HASH_TYPE_SHA512_256	Not Supported	Supported

Key Derivation Function

Key Derivation Function	RSIP-E11A	RSIP-E51A
SHA-256	Supported	Not Supported
HMAC-SHA256	Not Supported	Supported
HMAC-SHA384	Not Supported	Supported
HMAC-SHA384	Not Supported	Supported

Configuration

Build Time Configurations for r_rsip_e51a_protected

The following build time configurations are defined in fsp_cfg/r_rsip_cfg.h:

Configuration	Options	Default	Description
Selection of algorithms to enable
AES-128	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-192	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-256	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-ECB CBC CTR	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
XTS-AES-128	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
XTS-AES-256	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
XTS-AES	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-GCM	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-CCM	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-CMAC	Enabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC SECP256R1	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC SECP384R1	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC SECP521R1	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC SECP256K1	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC BRAINPOOLP256R1	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC BRAINPOOLP384R1	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC BRAINPOOLP512R1	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC EDWARDS25519	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
RSA-2048	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
RSA-3072	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
RSA-4096	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-224	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-256	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-384	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-512	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-512_224	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-512_256	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA224	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA256	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA384	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA512	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
Parameter Checking	Default (BSP) Enabled Disabled	Default (BSP)	If selected code for parameter checking is included in the build.

Build Time Configurations for r_rsip_e11a_protected

The following build time configurations are defined in fsp_cfg/r_rsip_cfg.h:

Configuration	Options	Default	Description
Selection of algorithms to enable
AES-128	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-192	Disabled	config.driver.rsip.algorithms_enable.aes192.disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-256	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-ECB CBC CTR	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
XTS-AES-128	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
XTS-AES-256	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
XTS-AES	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-GCM	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-CCM	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
AES-CMAC	Enabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC SECP256R1	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC SECP384R1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC SECP521R1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC SECP256K1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC BRAINPOOLP256R1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC BRAINPOOLP384R1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC BRAINPOOLP512R1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
ECC EDWARDS25519	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
RSA-2048	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
RSA-3072	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
RSA-4096	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-224	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-256	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-384	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-512	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-512_224	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
SHA-512_256	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA1	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA224	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA256	Enabled Disabled	Enabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA384	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
HMAC_SHA512	Disabled	Disabled	If the application uses only some of the algorithm in the function, the code size can be reduced by disabling the unused algorithms. This configuration is provided only for the functions for which it works effectively.
Parameter Checking	Default (BSP) Enabled Disabled	Default (BSP)	If selected code for parameter checking is included in the build.

Configurations for Security > RSIP Protected Mode (r_rsip_protected)

This module can be added to the Stacks tab via New Stack > Security > RSIP Protected Mode (r_rsip_protected).

Configuration	Options	Default	Description
General
Name	Name must be a valid C symbol	g_rsip	Module name.

Clock Configuration

This module does not require a specific clock configuration.

Pin Configuration

This module does not use I/O pins.

Usage Notes

Getting Started: Creating a RSIP Protected Mode Project

Start by creating a new project in e² studio or RASC. On the Stacks tab, add New > Security > RSIP Protected Mode (r_rsip_protected).

State Transition

This driver has the following states.

State Name	Details
STATE_INITIAL	Driver is not open.
STATE_MAIN	Ready to Compute.
STATE_AES	Computing AES (unauthenticated cipher)
STATE_AES_AEAD	Computing AES (AEAD).
STATE_AES_MAC	Computing AES (MAC).
STATE_SHA	Computing SHA.
STATE_HMAC	Computing HMAC.
STATE_KDF_SHA	Computing KDF SHA.
STATE_KDF_HMAC	Computing KDF HMAC.

There are two types of APIs provided by the RSIP driver for accelerating cryptographic operations: those that provide cryptographic operations in a single API and those that provide them in multiple APIs. In this document, the former is referred to as single-part operations and the latter as multi-part operations. Each corresponds to the following algorithms:

Single-part operations: DRBG, Key management, ECC, RSA, SHA, HMAC
Multi-part operations: AES, SHA, HMAC

Multi-part operations are APIs which split a single cryptographic operation into a sequence of separate steps (e.g. Init-Update-Finish). This enables fine control over the configuration of the cryptographic operation, and allows the message data to be processed in fragments instead of all at once.

Due to the above characteristics, it is necessary to manage the operational states in the multi-part operations.

Examples

AES cipher Example

This is an example of AES-CBC encryption/decryption.

void r_rsip_example_aes ()
{
    fsp_err_t            err;
    static const uint8_t plain[RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2] BSP_ALIGN_VARIABLE(4) =
    {
        0x52, 0x65, 0x6e, 0x65, 0x73, 0x61, 0x73, 0x20, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x72, 0x6f, 0x6e,
        0x69, 0x63, 0x73, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x00
    };
    uint8_t iv[RSIP_PRV_BYTE_SIZE_AES_BLOCK] BSP_ALIGN_VARIABLE(4) = {0};
    uint8_t cipher_calculated[RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2] BSP_ALIGN_VARIABLE(4) = {0};
    uint8_t plain_calculated[RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2]  BSP_ALIGN_VARIABLE(4) = {0};
    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256] BSP_ALIGN_VARIABLE(4);
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;
    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);
    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* Generate a nonce */
    err = R_RSIP_RandomNumberGenerate(&g_rsip_ctrl, iv);
    assert(FSP_SUCCESS == err);
    /* Encrypt a plaintext */
    err = R_RSIP_AES_Cipher_Init(&g_rsip_ctrl, RSIP_AES_CIPHER_MODE_CBC_ENC, p_wrapped_key, iv);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Update(&g_rsip_ctrl, plain, cipher_calculated, RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Finish(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
    /* Decrypt a ciphertext using the same key */
    err = R_RSIP_AES_Cipher_Init(&g_rsip_ctrl, RSIP_AES_CIPHER_MODE_CBC_DEC, p_wrapped_key, iv);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Update(&g_rsip_ctrl, cipher_calculated, plain_calculated, RSIP_PRV_BYTE_SIZE_AES_BLOCK);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Update(&g_rsip_ctrl,
                                   cipher_calculated + RSIP_PRV_BYTE_SIZE_AES_BLOCK,
                                   plain_calculated + RSIP_PRV_BYTE_SIZE_AES_BLOCK,
                                   RSIP_PRV_BYTE_SIZE_AES_BLOCK);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Finish(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
    /* Compare plain and plain_calculated */
    assert(0 == memcmp(plain, plain_calculated, RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2));
    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

AES-GCM Example

This is an example of AES-GCM encryption/decryption.

#define GCM_BLOCK_LEN    (16)
#define GCM_TEXT_LEN     (31)
#define GCM_NONCE_LEN    (12)
#define GCM_AAD_LEN      (8)
#define GCM_TAG_LEN      (8)
void r_rsip_example_gcm ()
{
    fsp_err_t            err;
    static const uint8_t plain[GCM_TEXT_LEN] BSP_ALIGN_VARIABLE(4) =
    {
        0x52, 0x65, 0x6e, 0x65, 0x73, 0x61, 0x73, 0x20, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x72, 0x6f, 0x6e,
        0x69, 0x63, 0x73, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
    };
    static const uint8_t aad[GCM_AAD_LEN] BSP_ALIGN_VARIABLE(4) =
    {
        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
    };
    uint8_t  nonce[GCM_BLOCK_LEN] BSP_ALIGN_VARIABLE(4)                 = {0};
    uint8_t  tag[GCM_BLOCK_LEN] BSP_ALIGN_VARIABLE(4)                   = {0};
    uint8_t  cipher_calculated[GCM_BLOCK_LEN * 2] BSP_ALIGN_VARIABLE(4) = {0};
    uint8_t  plain_calculated[GCM_BLOCK_LEN * 2] BSP_ALIGN_VARIABLE(4)  = {0};
    uint32_t input_length      = 0;
    uint32_t output_length     = 0;
    uint32_t input_length_tmp  = 0;
    uint32_t output_length_tmp = 0;
    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256] BSP_ALIGN_VARIABLE(4);
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;
    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);
    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* Generate a nonce */
    err = R_RSIP_RandomNumberGenerate(&g_rsip_ctrl, nonce);
    assert(FSP_SUCCESS == err);
    /* Encrypt a plaintext */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_GCM_ENC, p_wrapped_key, nonce, GCM_NONCE_LEN);
    assert(FSP_SUCCESS == err);
    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, aad, GCM_AAD_LEN);
    assert(FSP_SUCCESS == err);
    /* Input plaintext (one-shot) */
    err            = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl, plain, GCM_TEXT_LEN, cipher_calculated, &output_length_tmp);
    output_length += output_length_tmp;
    assert(FSP_SUCCESS == err);
    /* Output remaining text and generate a tag */
    err = R_RSIP_AES_AEAD_Finish(&g_rsip_ctrl, cipher_calculated + output_length, &output_length_tmp, tag);
    assert(FSP_SUCCESS == err);
    /* Decrypt a ciphertext using the same key */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_GCM_DEC, p_wrapped_key, nonce, GCM_NONCE_LEN);
    assert(FSP_SUCCESS == err);
    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, aad, GCM_AAD_LEN);
    assert(FSP_SUCCESS == err);
    input_length  = 0;
    output_length = 0;
    /* Input ciphertext (multi-shot) */
    input_length_tmp = 10;
    err              = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl,
                                              cipher_calculated + input_length,
                                              input_length_tmp,
                                              plain_calculated + output_length,
                                              &output_length_tmp);
    input_length  += input_length_tmp;
    output_length += output_length_tmp;
    assert(FSP_SUCCESS == err);
    input_length_tmp = GCM_TEXT_LEN - input_length;
    err              = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl,
                                              cipher_calculated + input_length,
                                              input_length_tmp,
                                              plain_calculated + output_length,
                                              &output_length_tmp);
    input_length  += input_length_tmp;
    output_length += output_length_tmp;
    assert(FSP_SUCCESS == err);
    /*
     * Output remaining text and verify the tag
     * Attention: Do not use the output plaintext by R_RSIP_AES_Cipher_DecryptUpdate()
     * before R_RSIP_AES_Cipher_DecryptFinal() returns FSP_SUCCESS.
     * The integrity is checked in this function.
     */
    err = R_RSIP_AES_AEAD_Verify(&g_rsip_ctrl, plain_calculated + output_length, &output_length_tmp, tag, GCM_TAG_LEN);
    assert(FSP_SUCCESS == err);
    /* Compare plain and plain_calculated */
    assert(0 == memcmp(plain, plain_calculated, GCM_TEXT_LEN));
    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

AES-GMAC Example

This is an example of AES-GMAC signature/verification.

#define GMAC_NONCE_LEN    (12)
#define GMAC_AAD_LEN      (8)
#define GMAC_TAG_LEN      (16)
void r_rsip_example_gmac ()
{
    fsp_err_t err;
    static const uint8_t aad[GMAC_AAD_LEN] BSP_ALIGN_VARIABLE(4) =
    {
        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
    };
    uint8_t  nonce[GMAC_NONCE_LEN] BSP_ALIGN_VARIABLE(4) = {0};
    uint8_t  tag[GMAC_TAG_LEN] BSP_ALIGN_VARIABLE(4)     = {0};
    uint8_t  output_dummy_buf[1]                         = {0};
    uint32_t output_length                               = 0;
    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256] BSP_ALIGN_VARIABLE(4);
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;
    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);
    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* Generate a nonce */
    err = R_RSIP_RandomNumberGenerate(&g_rsip_ctrl, nonce);
    assert(FSP_SUCCESS == err);
    /* Initialize GMAC signature */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_GCM_ENC, p_wrapped_key, nonce, GMAC_NONCE_LEN);
    assert(FSP_SUCCESS == err);
    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, aad, GMAC_AAD_LEN);
    assert(FSP_SUCCESS == err);
    /* Finalize GMAC generation */
    err = R_RSIP_AES_AEAD_Finish(&g_rsip_ctrl, output_dummy_buf, &output_length, tag);
    assert(FSP_SUCCESS == err);
    /*Initialize GMAC verification*/
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_GCM_DEC, p_wrapped_key, nonce, GMAC_NONCE_LEN);
    assert(FSP_SUCCESS == err);
    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, aad, GMAC_AAD_LEN);
    assert(FSP_SUCCESS == err);
    /* Finalize GMAC verification*/
    err = R_RSIP_AES_AEAD_Verify(&g_rsip_ctrl, output_dummy_buf, &output_length, tag, GMAC_TAG_LEN);
    assert(FSP_SUCCESS == err);
    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

AES-CCM Example

This is an example of AES-CCM encryption/decryption.

#define CCM_NONCE_LEN         (12)
#define CCM_ADATA_LEN         (20)
#define CCM_INPUT_DATA_LEN    (24)
#define CCM_MAC_LEN           (8)
void r_rsip_example_ccm ()
{
    fsp_err_t err;
    static const uint8_t nonce[CCM_NONCE_LEN] BSP_ALIGN_VARIABLE(4) =
    {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B};
    static const uint8_t adata[CCM_ADATA_LEN] BSP_ALIGN_VARIABLE(4) =
    {
        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
        0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13
    };
    static const uint8_t plain[CCM_INPUT_DATA_LEN] BSP_ALIGN_VARIABLE(4) =
    {
        0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29,
        0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33,
        0x34, 0x35, 0x36, 0x37
    };
    uint8_t   cipher_calculated[CCM_INPUT_DATA_LEN * 2] BSP_ALIGN_VARIABLE(4) = {0};
    uint8_t   plain_calculated[CCM_INPUT_DATA_LEN * 2] BSP_ALIGN_VARIABLE(4)  = {0};
    uint8_t   mac[CCM_MAC_LEN] BSP_ALIGN_VARIABLE(4)                          = {0};
    uint32_t  output_length_tmp                                               = 0;
    uint8_t * p_output                                                        = NULL;
    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256] BSP_ALIGN_VARIABLE(4);
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;
    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);
    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* Encrypt a plaintext */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_CCM_ENC, p_wrapped_key, nonce, CCM_NONCE_LEN);
    assert(FSP_SUCCESS == err);
    /* Set text and tag length. */
    err = R_RSIP_AES_AEAD_LengthsSet(&g_rsip_ctrl, CCM_ADATA_LEN, CCM_INPUT_DATA_LEN, CCM_MAC_LEN);
    assert(FSP_SUCCESS == err);
    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, adata, CCM_ADATA_LEN);
    assert(FSP_SUCCESS == err);
    /* Input plaintext */
    err = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl, plain, CCM_INPUT_DATA_LEN, cipher_calculated, &output_length_tmp);
    assert(FSP_SUCCESS == err);
    p_output = &(cipher_calculated[output_length_tmp]);
    /* Output remaining text and generate a tag */
    err = R_RSIP_AES_AEAD_Finish(&g_rsip_ctrl, p_output, &output_length_tmp, mac);
    assert(FSP_SUCCESS == err);
    /* Decrypt a ciphertext using the same key */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_CCM_DEC, p_wrapped_key, nonce, CCM_NONCE_LEN);
    assert(FSP_SUCCESS == err);
    /* Set text and tag length. */
    err = R_RSIP_AES_AEAD_LengthsSet(&g_rsip_ctrl, CCM_ADATA_LEN, CCM_INPUT_DATA_LEN, CCM_MAC_LEN);
    assert(FSP_SUCCESS == err);
    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, adata, CCM_ADATA_LEN);
    assert(FSP_SUCCESS == err);
    /* Input plaintext */
    // err = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl, plain, CCM_INPUT_DATA_LEN, plain_calculated, &output_length_tmp);
    err = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl,
                                 cipher_calculated,
                                 CCM_INPUT_DATA_LEN,
                                 plain_calculated,
                                 &output_length_tmp);
    assert(FSP_SUCCESS == err);
    p_output = &(plain_calculated[output_length_tmp]);
    /* Output remaining text and verify the tag */
    err = R_RSIP_AES_AEAD_Verify(&g_rsip_ctrl, p_output, &output_length_tmp, mac, CCM_MAC_LEN);
    assert(FSP_SUCCESS == err);
    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

AES-CMAC Example

This is an example of AES-CMAC signature/verification.

#define CMAC_MESSAGE_LEN    (10)
#define CMAC_MAC_LEN        (16)
void r_rsip_example_cmac ()
{
    fsp_err_t err;
    static const uint8_t message[CMAC_MESSAGE_LEN] BSP_ALIGN_VARIABLE(4) = {0xf0, 0x8f, 0x89, 0x08, 0x75, 0xe1, 0x39, 0x48, 0x04, 0x89};
    uint8_t mac[CMAC_MAC_LEN] BSP_ALIGN_VARIABLE(4) = {0};
    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256] BSP_ALIGN_VARIABLE(4);
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;
    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);
    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* CMAC initialize for encrypt */
    err = R_RSIP_AES_MAC_Init(&g_rsip_ctrl, RSIP_AES_MAC_MODE_CMAC, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* Input message */
    err = R_RSIP_AES_MAC_Update(&g_rsip_ctrl, message, CMAC_MESSAGE_LEN);
    assert(FSP_SUCCESS == err);
    /* Output remaining text and generate a tag */
    err = R_RSIP_AES_MAC_SignFinish(&g_rsip_ctrl, mac);
    assert(FSP_SUCCESS == err);
    /* CMAC initialize for decrypt */
    err = R_RSIP_AES_MAC_Init(&g_rsip_ctrl, RSIP_AES_MAC_MODE_CMAC, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* Input message */
    err = R_RSIP_AES_MAC_Update(&g_rsip_ctrl, message, CMAC_MESSAGE_LEN);
    assert(FSP_SUCCESS == err);
    /* Verify the tag */
    err = R_RSIP_AES_MAC_VerifyFinish(&g_rsip_ctrl, mac, CMAC_MAC_LEN);
    assert(FSP_SUCCESS == err);
    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

ECC Example

This is an example of ECDSA signature generation/verification.

#define SECP256R1_KEY_SIZE    (32)
void r_rsip_example_ecc ()
{
    fsp_err_t err;
    static const uint8_t message[] BSP_ALIGN_VARIABLE(4) = "sample";
    uint8_t hash[SECP256R1_KEY_SIZE] BSP_ALIGN_VARIABLE(4)          = {0};
    uint8_t signature[SECP256R1_KEY_SIZE * 2] BSP_ALIGN_VARIABLE(4) = {0};
    /* Prepare wrapped key data area */
    uint8_t              wrapped_public_key[RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP256R1_PUBLIC] BSP_ALIGN_VARIABLE(4);
    uint8_t              wrapped_private_key[RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP256R1_PRIVATE] BSP_ALIGN_VARIABLE(4);
    rsip_wrapped_key_t * p_wrapped_public_key  = (rsip_wrapped_key_t *) wrapped_public_key;
    rsip_wrapped_key_t * p_wrapped_private_key = (rsip_wrapped_key_t *) wrapped_private_key;
    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);
    /* Generate a key pair of secp256r1 */
    err = R_RSIP_KeyPairGenerate(&g_rsip_ctrl,
                                 RSIP_KEY_PAIR_TYPE_ECC_SECP256R1,
                                 p_wrapped_public_key,
                                 p_wrapped_private_key);
    assert(FSP_SUCCESS == err);
    /* Generate the message hash */
    err = R_RSIP_SHA_Compute(&g_rsip_ctrl, RSIP_HASH_TYPE_SHA256, message, sizeof(message), hash);
    assert(FSP_SUCCESS == err);
    /* Generate the signature */
    err = R_RSIP_ECDSA_Sign(&g_rsip_ctrl, p_wrapped_private_key, hash, signature);
    assert(FSP_SUCCESS == err);
    /* Verify the signature*/
    err = R_RSIP_ECDSA_Verify(&g_rsip_ctrl, p_wrapped_public_key, hash, signature);
    assert(FSP_SUCCESS == err);
    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

RSA Example

This is an example of RSA encryption/decryption (RSAES-OAEP) and RSA signature generation/verification (RSASSA-PSS).

#define SHA256_HASH_SIZE     (32)
#define RSA_2048_KEY_SIZE    (256)
void r_rsip_example_rsa ()
{
    fsp_err_t err;
    static const uint8_t message[] BSP_ALIGN_VARIABLE(4) = "sample";
    static const uint8_t label[] BSP_ALIGN_VARIABLE(4)   = "label";
    uint8_t  cipher_calculated[RSA_2048_KEY_SIZE] BSP_ALIGN_VARIABLE(4) = {0};
    uint8_t  plain_calculated[RSA_2048_KEY_SIZE] BSP_ALIGN_VARIABLE(4)  = {0};
    uint32_t plain_calculated_length                                    = 0;
    uint8_t  hash[SHA256_HASH_SIZE] BSP_ALIGN_VARIABLE(4)               = {0};
    uint8_t  signature[RSA_2048_KEY_SIZE] BSP_ALIGN_VARIABLE(4)         = {0};
    /* Prepare wrapped key data area */
    uint8_t              wrapped_public_key[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC] BSP_ALIGN_VARIABLE(4);
    uint8_t              wrapped_private_key[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE] BSP_ALIGN_VARIABLE(4);
    rsip_wrapped_key_t * p_wrapped_public_key  = (rsip_wrapped_key_t *) wrapped_public_key;
    rsip_wrapped_key_t * p_wrapped_private_key = (rsip_wrapped_key_t *) wrapped_private_key;
    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);
    /* Generate a key pair of RSA-2048 */
    err =
        R_RSIP_KeyPairGenerate(&g_rsip_ctrl, RSIP_KEY_PAIR_TYPE_RSA_2048, p_wrapped_public_key, p_wrapped_private_key);
    assert(FSP_SUCCESS == err);
    /*
     * RSAES-OAEP
     */
    /* Encrypt a plaintext */
    err = R_RSIP_RSAES_OAEP_Encrypt(&g_rsip_ctrl,
                                    p_wrapped_public_key,
                                    RSIP_HASH_TYPE_SHA256,
                                    RSIP_MGF_TYPE_MGF1_SHA256,
                                    label,
                                    sizeof(label),
                                    message,
                                    sizeof(message),
                                    cipher_calculated);
    assert(FSP_SUCCESS == err);
    /* Decrypt a ciphertext using the same key */
    err = R_RSIP_RSAES_OAEP_Decrypt(&g_rsip_ctrl,
                                    p_wrapped_private_key,
                                    RSIP_HASH_TYPE_SHA256,
                                    RSIP_MGF_TYPE_MGF1_SHA256,
                                    label,
                                    sizeof(label),
                                    cipher_calculated,
                                    plain_calculated,
                                    &plain_calculated_length,
                                    sizeof(plain_calculated));
    assert(FSP_SUCCESS == err);
    /* Verify calculated plaintext */
    assert(sizeof(message) == plain_calculated_length);
    assert(0 == memcmp(message, plain_calculated, plain_calculated_length));
    /*
     * RSASSA-PSS
     */
    /* Generate the message hash */
    err = R_RSIP_SHA_Compute(&g_rsip_ctrl, RSIP_HASH_TYPE_SHA256, message, sizeof(message), hash);
    assert(FSP_SUCCESS == err);
    /* Generate the signature */
    err = R_RSIP_RSASSA_PSS_Sign(&g_rsip_ctrl,
                                 p_wrapped_private_key,
                                 RSIP_HASH_TYPE_SHA256,
                                 RSIP_MGF_TYPE_MGF1_SHA256,
                                 RSIP_RSA_SALT_LENGTH_AUTO,
                                 hash,
                                 signature);
    assert(FSP_SUCCESS == err);
    /* Verify the signature*/
    err = R_RSIP_RSASSA_PSS_Verify(&g_rsip_ctrl,
                                   p_wrapped_public_key,
                                   RSIP_HASH_TYPE_SHA256,
                                   RSIP_MGF_TYPE_MGF1_SHA256,
                                   RSIP_RSA_SALT_LENGTH_AUTO,
                                   hash,
                                   signature);
    assert(FSP_SUCCESS == err);
    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

HASH Example

This is an example of calculating the SHA-256 message digest.

#define SHA256_HASH_SIZE    (32)
void r_rsip_example_hash ()
{
    fsp_err_t err;
    static const uint8_t message[] BSP_ALIGN_VARIABLE(4) =
    {
        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
    };
    static const uint8_t hash[] BSP_ALIGN_VARIABLE(4) =
    {
        0x63, 0x0d, 0xcd, 0x29, 0x66, 0xc4, 0x33, 0x66, 0x91, 0x12, 0x54, 0x48, 0xbb, 0xb2, 0x5b, 0x4f,
        0xf4, 0x12, 0xa4, 0x9c, 0x73, 0x2d, 0xb2, 0xc8, 0xab, 0xc1, 0xb8, 0x58, 0x1b, 0xd7, 0x10, 0xdd
    };
    uint8_t digest_single[SHA256_HASH_SIZE] BSP_ALIGN_VARIABLE(4) = {0};
    uint8_t digest_multi[SHA256_HASH_SIZE] BSP_ALIGN_VARIABLE(4)  = {0};
    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);
    /* (1) Calculate SHA-256 digests with single-part API */
    err = R_RSIP_SHA_Compute(&g_rsip_ctrl, RSIP_HASH_TYPE_SHA256, message, sizeof(message), digest_single);
    assert(FSP_SUCCESS == err);
    /* Compare digest and hash */
    assert(0 == memcmp(digest_single, hash, SHA256_HASH_SIZE));
    /* (2) Calculate SHA-256 digests with multi-part API */
    err = R_RSIP_SHA_Init(&g_rsip_ctrl, RSIP_HASH_TYPE_SHA256);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_SHA_Update(&g_rsip_ctrl, message, sizeof(message));
    assert(FSP_SUCCESS == err);
    err = R_RSIP_SHA_Finish(&g_rsip_ctrl, digest_multi);
    assert(FSP_SUCCESS == err);
    /* Compare digest and hash */
    assert(0 == memcmp(digest_multi, hash, SHA256_HASH_SIZE));
    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

HMAC Example

This is an example of HMAC signature/verification.

#define HMAC_MESSAGE_LEN    (34)
#define HMAC_HASH_LEN       (32)
void r_rsip_example_hmac ()
{
    fsp_err_t err;
    static const uint8_t message[HMAC_MESSAGE_LEN] BSP_ALIGN_VARIABLE(4) =
    {
        0x53, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x6D,
        0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x20, 0x66,
        0x6F, 0x72, 0x20, 0x6B, 0x65, 0x79, 0x6C, 0x65,
        0x6E, 0x3C, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x6C,
        0x65, 0x6E
    };
    uint8_t hash_1[HMAC_HASH_LEN] BSP_ALIGN_VARIABLE(4) = {0};
    uint8_t hash_2[HMAC_HASH_LEN] BSP_ALIGN_VARIABLE(4) = {0};
    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_HMAC_SHA256] BSP_ALIGN_VARIABLE(4);
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;
    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);
    /* Generate a HMAC-SHA 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_HMAC_SHA256, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* (1) Calculate HMAC-SHA-256 hash with single-part API */
    /* HMAC initialize to finish */
    err = R_RSIP_HMAC_Compute(&g_rsip_ctrl, p_wrapped_key, message, HMAC_MESSAGE_LEN, hash_1);
    assert(FSP_SUCCESS == err);
    /* (2) Verify HMAC-SHA-256 hash with single-part API */
    /* HMAC initialize to verify */
    err = R_RSIP_HMAC_Verify(&g_rsip_ctrl, p_wrapped_key, message, HMAC_MESSAGE_LEN, hash_1, HMAC_HASH_LEN);
    assert(FSP_SUCCESS == err);
    /* (3) Calculate HMAC-SHA-256 hash with multi-part API */
    /* HMAC initialize */
    err = R_RSIP_HMAC_Init(&g_rsip_ctrl, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* Inputs message */
    err = R_RSIP_HMAC_Update(&g_rsip_ctrl, message, HMAC_MESSAGE_LEN);
    assert(FSP_SUCCESS == err);
    /* Finalizes a HMAC generation */
    err = R_RSIP_HMAC_SignFinish(&g_rsip_ctrl, hash_2);
    assert(FSP_SUCCESS == err);
    /* (4) Verify HMAC-SHA-256 hash with multi-part API */
    /* HMAC initialize */
    err = R_RSIP_HMAC_Init(&g_rsip_ctrl, p_wrapped_key);
    assert(FSP_SUCCESS == err);
    /* Inputs message */
    err = R_RSIP_HMAC_Update(&g_rsip_ctrl, message, HMAC_MESSAGE_LEN);
    assert(FSP_SUCCESS == err);
    /* Finalizes a HMAC verification */
    err = R_RSIP_HMAC_VerifyFinish(&g_rsip_ctrl, hash_2, HMAC_HASH_LEN);
    assert(FSP_SUCCESS == err);
    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
    /* Compare hash_1 and hash_2 */
    err = memcmp(hash_1, hash_2, HMAC_HASH_LEN);
    assert(FSP_SUCCESS == err);
}

Data Structures
struct	rsip_instance_ctrl_t

Macros
#define	FSP_ERR_SB_INTERNAL_FAIL
	An internal failure.

#define	FSP_ERR_SB_INVALID_ARG
	An invalid argument was entered.

#define	FSP_ERR_SB_UNSUPPORTED_FUNCTION
	Unsupported function executed.

#define	FSP_ERR_SB_INVALID_ALIGNMENT
	Data entered with incorrect alignment.

#define	FSP_ERR_SB_SAME_IMAGE_VERSION
	Same image version.

#define	FSP_ERR_SB_LOWER_IMAGE_VERSION
	Lower image version.

#define	FSP_ERR_SB_MANI_INVALID_MAGIC
	An invalid magic number is set.

#define	FSP_ERR_SB_MANI_UNSUPPORTED_VERSION
	Unsupported version is set.

#define	FSP_ERR_SB_MANI_OUT_OF_RANGE_LEN
	Out of range TLV Length is set.

#define	FSP_ERR_SB_MANI_TLV_FIELD_ERR
	Missing required TLV field.

#define	FSP_ERR_SB_MANI_TLV_INVALID_LEN
	The length exceeding the end of the manifest is specified in length of the TLV field.

#define	FSP_ERR_SB_MANI_INVALID_IMAGE_LEN
	An invalid image length is set.

#define	FSP_ERR_SB_MANI_MISMATCH_SIGN_ALGORITHM
	There is a wrong combination of signature algorithms.

#define	FSP_ERR_SB_MANI_UNSUPPORTED_ALGORITHM
	An algorithm was specified that the manifest does not support.

#define	FSP_ERR_SB_CRYPTO_FAIL
	Cryptographic processing failure.

#define	FSP_ERR_SB_CRYPTO_AUTH_FAIL
	Verification failed.

#define	FSP_ERR_SB_CRYPTO_UNSUPPORTED_ALGORITHM
	Unsupported algorithm.

#define	FSP_ERR_SB_CRYPTO_RESOURCE_CONFLICT
	CryptoIP is in use.

#define	FSP_ERR_SB_CRYPTO_PARAM_ERR
	Parameter error.

Data Structure Documentation

◆ rsip_instance_ctrl_t

struct rsip_instance_ctrl_t

RSIP private control block. DO NOT MODIFY. Initialization occurs when R_RSIP_Open() is called.

Function Documentation

◆ R_RSIP_Open()

fsp_err_t R_RSIP_Open	(	rsip_ctrl_t *const	p_ctrl,
		rsip_cfg_t const *const	p_cfg
	)

Enables use of Renesas Secure IP functionality.

Implements rsip_api_t::open.

State transition

This API can only be executed in STATE_INITIAL, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_ALREADY_OPEN	Module is already open.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Internal key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Hardware initialization is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption or hardware fault is detected.

Note: This version does not have an optional feature to disable TRNG initialization.

◆ R_RSIP_Close()

fsp_err_t R_RSIP_Close ( rsip_ctrl_t *const p_ctrl )

Disables use of Renesas Secure IP functionality.

Implements rsip_api_t::close.

State transition

This API can be executed in except STATE_INITIAL, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_INITIAL
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_RandomNumberGenerate()

fsp_err_t R_RSIP_RandomNumberGenerate	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_random
	)

Generates a 128-bit random number.

Implements rsip_api_t::randomNumberGenerate.

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_KeyGenerate()

fsp_err_t R_RSIP_KeyGenerate	(	rsip_ctrl_t *const	p_ctrl,
		rsip_key_type_t const	key_type,
		rsip_wrapped_key_t *const	p_wrapped_key
	)

Generates a wrapped symmetric key from a random number. In this API, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.

Implements rsip_api_t::keyGenerate.

Conditions

Argument key_type must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_KeyPairGenerate()

fsp_err_t R_RSIP_KeyPairGenerate	(	rsip_ctrl_t *const	p_ctrl,
		rsip_key_pair_type_t const	key_pair_type,
		rsip_wrapped_key_t *const	p_wrapped_public_key,
		rsip_wrapped_key_t *const	p_wrapped_private_key
	)

Generates a wrapped asymmetric key pair from a random number. In this API, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.

Implements rsip_api_t::keyPairGenerate.

Conditions

Argument key_pair_type must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_EncryptedKeyWrap()

fsp_err_t R_RSIP_EncryptedKeyWrap	(	rsip_ctrl_t *const	p_ctrl,
		rsip_key_update_key_t const *const	p_key_update_key,
		uint8_t const *const	p_initial_vector,
		rsip_key_type_t const	key_type,
		uint8_t const *const	p_encrypted_key,
		rsip_wrapped_key_t *const	p_wrapped_key
	)

Decrypts an encrypted user key with Key Update Key (KUK) and wrap it with the Hardware Unique Key (HUK).

Implements rsip_api_t::encryptedKeyWrap.

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms

◆ R_RSIP_RFC3394_KeyWrap()

fsp_err_t R_RSIP_RFC3394_KeyWrap	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_kek,
		rsip_wrapped_key_t const *const	p_wrapped_target_key,
		uint8_t *const	p_rfc3394_wrapped_target_key
	)

This function provides Key Wrap algorithm compliant with RFC3394. Using p_wrapped_kek to wrap p_wrapped_target_key, and output the result to p_rfc3394_wrapped_target_key.
Implements rsip_api_t::rfc3394_KeyWrap.

Argument "p_wrapped_kek" only supports the following key type.

Key Type of p_wrapped_kek Corresponding Parameter

AES-128 RSIP_KEY_TYPE_AES_128

AES-256 RSIP_KEY_TYPE_AES_256

Argument "p_wrapped_target_key" only supports the following key type.

Key Type of p_wrapped_target_key Corresponding Parameter

AES-128 RSIP_KEY_TYPE_AES_128

AES-256 RSIP_KEY_TYPE_AES_256

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

This function provides Key Wrap algorithm compliant with RFC3394. Using p_wrapped_kek to wrap p_wrapped_target_key, and output the result to p_rfc3394_wrapped_target_key.
Implements rsip_api_t::rfc3394_KeyWrap.

Argument "p_wrapped_kek" only supports the following key type.

Key Type of p_wrapped_kek Corresponding Parameter

AES-128 RSIP_KEY_TYPE_AES_128

AES-256 RSIP_KEY_TYPE_AES_256

Argument "p_wrapped_target_key" only supports the following key type.

Key Type of p_wrapped_target_key Corresponding Parameter

AES-128 RSIP_KEY_TYPE_AES_128

AES-256 RSIP_KEY_TYPE_AES_256

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_RFC3394_KeyUnwrap()

fsp_err_t R_RSIP_RFC3394_KeyUnwrap	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_kek,
		rsip_key_type_t const	key_type,
		uint8_t const *const	p_rfc3394_wrapped_target_key,
		rsip_wrapped_key_t *const	p_wrapped_target_key
	)

This function provides Key Unwrap algorithm compliant with RFC3394. Using p_wrapped_kek to unwrap p_rfc3394_wrapped_target_key, and output the result to p_wrapped_target_key.
Implements rsip_api_t::rfc3394_KeyUnwrap.

Argument "p_wrapped_kek" only supports the following key type.

Key Type of p_wrapped_kek Corresponding Parameter

AES-128 RSIP_KEY_TYPE_AES_128

AES-256 RSIP_KEY_TYPE_AES_256

Argument "key_type" represents the key type of p_rfc3394_wrapped_target_key, and only supports the following key type.

Key Type of p_rfc3394_wrapped_target_key Corresponding Parameter

AES-128 RSIP_KEY_TYPE_AES_128

AES-256 RSIP_KEY_TYPE_AES_256

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

This function provides Key Unwrap algorithm compliant with RFC3394. Using p_wrapped_kek to unwrap p_rfc3394_wrapped_target_key, and output the result to p_wrapped_target_key.
Implements rsip_api_t::rfc3394_KeyUnwrap.

Argument "p_wrapped_kek" only supports the following key type.

Key Type of p_wrapped_kek Corresponding Parameter

AES-128 RSIP_KEY_TYPE_AES_128

AES-256 RSIP_KEY_TYPE_AES_256

Argument "key_type" represents the key type of p_rfc3394_wrapped_target_key, and only supports the following key type.

Key Type of p_rfc3394_wrapped_target_key Corresponding Parameter

AES-128 RSIP_KEY_TYPE_AES_128

AES-256 RSIP_KEY_TYPE_AES_256

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_InjectedKeyImport()

fsp_err_t R_RSIP_InjectedKeyImport	(	rsip_key_type_t const	key_type,
		uint8_t const *const	p_injected_key,
		rsip_wrapped_key_t *const	p_wrapped_key,
		uint32_t const	wrapped_key_buffer_length
	)

Generates structure data "rsip_wrapped_key_t" from injected key value. Refer "Key Size Table" for supported key types.

Implements rsip_api_t::injectedKeyImport.

State transition: This API can be executed in any state including STATE_INITIAL, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_UNSUPPORTED	Selected key type is not supported.
FSP_ERR_INVALID_SIZE	Buffer length is too short.

See also: Section Supported Algorithms

Note: Injected key value is not validated in this API.

See also: Section Supported Algorithms.

◆ R_RSIP_PublicKeyExport()

fsp_err_t R_RSIP_PublicKeyExport	(	rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t *const	p_raw_public_key
	)

Exports public key parameters from a wrapped key.

Implements rsip_api_t::publicKeyExport.

Relative position of each elements in p_raw_public_key is shown in below:

ECC (RSIP_KEY_TYPE_ECC_*) : Qx placed first and Qy placed after that.

bit length Qx Qy

256 0 32

384 0 48

512 0 64

521 0 66
RSA (RSIP_KEY_TYPE_RSA_*) : n placed first and e placed after that.

modulus n e

1024 0 128

2048 0 256

3072 0 384

4096 0 512

State transition
This API can be executed in any state including STATE_INITIAL, and does not cause any state transitions.

Return values

FSP_SUCCESS Normal termination.

FSP_ERR_ASSERTION A required parameter is NULL.

FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL Input key value is illegal.

See also
Section Supported Algorithms.

◆ R_RSIP_AES_Cipher_Init()

fsp_err_t R_RSIP_AES_Cipher_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_aes_cipher_mode_t const	mode,
		rsip_wrapped_key_t const *const	p_wrapped_key,
		uint8_t const *const	p_initial_vector
	)

Starts AES cipher operation in confidentiality mode (ECB/CBC/CTR) or XTS mode.

Implements rsip_api_t::aesCipherInit.

Conditions

Key type of p_wrapped_key must be one of the following:

Argument mode must be the following:

AES key
XTS-AES key
- RSIP_AES_CIPHER_MODE_XTS_ENC, RSIP_AES_CIPHER_MODE_XTS_DEC

Argument p_initial_vector must be the following:

[ECB] Not used
[CBC] Raw initial vector
[CTR] Raw nonce
[XTS] Raw initial vector

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_AES
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

Starts AES cipher operation in confidentiality mode (ECB/CBC/CTR) or XTS mode.

Implements rsip_api_t::aesCipherInit.

Conditions

Key type of p_wrapped_key must be one of the following:

Argument mode must be the following:

AES key
XTS-AES key
- RSIP_AES_CIPHER_MODE_XTS_ENC, RSIP_AES_CIPHER_MODE_XTS_DEC

Argument p_initial_vector must be the following:

[ECB] Not used
[CBC] Raw initial vector
[CTR] Raw nonce
[XTS] Raw initial vector

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_AES
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_AES_Cipher_Update()

fsp_err_t R_RSIP_AES_Cipher_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_input,
		uint8_t *const	p_output,
		uint32_t const	length
	)

Encrypts plaintext or decrypts ciphertext.

Implements rsip_api_t::aesCipherUpdate.

Conditions

Argument length must be the following:

[ECB][CBC][CTR] 0 or a multiple of 16.
[XTS] 0 or greater than or equal to 16.

Output length: Output length to p_output is length.

State transition

This API can only be executed in STATE_AES, and does not cause any state transitions.

In XTS mode, if once an integer other than 0 or a multiple of 16 is input, this API can no longer be called.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	Input length is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_AES_Cipher_Finish()

fsp_err_t R_RSIP_AES_Cipher_Finish ( rsip_ctrl_t *const p_ctrl )

Finishes AES operation.

Implements rsip_api_t::aesCipherFinish.

State transition

This API can only be executed in STATE_AES, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_AES_AEAD_Init()

fsp_err_t R_RSIP_AES_AEAD_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_aes_aead_mode_t	mode,
		rsip_wrapped_key_t const *const	p_wrapped_key,
		uint8_t const *const	p_nonce,
		uint32_t const	nonce_length
	)

Starts AES AEAD function.

Implements rsip_api_t::aesAeadInit.

Conditions

Key type of p_wrapped_key must be one of the following:

Argument mode accepts any member of enumeration rsip_aes_aead_mode_t.

Argument nonce_length must be the following:

[GCM] Any length is accepted, but 12 bytes is generally recommended.
[CCM] 7 to 13 bytes.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_AES_AEAD
Others	No change

The next callable API functions in STATE_AES_AEAD are as below.

[GCM] R_RSIP_AES_AEAD_AADUpdate(), R_RSIP_AES_AEAD_Update(), R_RSIP_AES_AEAD_Finish() (encryption), R_RSIP_AES_AEAD_Verify() (decryption)
[CCM] R_RSIP_AES_AEAD_LengthsSet()

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	nonce_length is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

Starts AES AEAD function.

Implements rsip_api_t::aesAeadInit.

Conditions

Key type of p_wrapped_key must be one of the following:

Argument mode accepts any member of enumeration rsip_aes_aead_mode_t.

Argument nonce_length must be the following:

[GCM] Any length is accepted, but 12 bytes is generally recommended.
[CCM] 7 to 13 bytes.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_AES_AEAD
Others	No change

The next callable API functions in STATE_AES_AEAD are as below.

[GCM] R_RSIP_AES_AEAD_AADUpdate(), R_RSIP_AES_AEAD_Update(), R_RSIP_AES_AEAD_Finish() (encryption), R_RSIP_AES_AEAD_Verify() (decryption)
[CCM] R_RSIP_AES_AEAD_LengthsSet()

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	nonce_length is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_AES_AEAD_LengthsSet()

fsp_err_t R_RSIP_AES_AEAD_LengthsSet	(	rsip_ctrl_t *const	p_ctrl,
		uint32_t const	total_aad_length,
		uint32_t const	total_text_length,
		uint32_t const	tag_length
	)

Sets text and tag lengths for CCM mode.

Implements rsip_api_t::aesAeadLengthsSet.

Conditions

Argument total_aad_length must be equal to the length of AAD and must be 110 or less.

Argument total_test_length must be equal to the length of the plaintext or ciphertext.

Argument tag_length must be 4, 6, 8, 10, 12, 14, or 16.

State transition

This API can only be executed in STATE_AES_AEAD, and does not cause any state transitions.

The next callable API functions in STATE_AES_AEAD are as below.

[CCM] R_RSIP_AES_AEAD_AADUpdate()

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_SIZE	Input length is illegal.
FSP_ERR_INVALID_STATE	Internal state is illegal.

Note: In GCM mode, this API must NOT be called. If called, FSP_ERR_INVALID_STATE will be returned. AAD length and text length are indeterminate and output tag length is fixed to 16 bytes.

◆ R_RSIP_AES_AEAD_AADUpdate()

fsp_err_t R_RSIP_AES_AEAD_AADUpdate	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_aad,
		uint32_t const	aad_length
	)

Inputs Additional Authentication Data (AAD).

Implements rsip_api_t::aesAeadAadUpdate.

State transition

This API can only be executed in STATE_AES_AEAD, and does not cause any state transitions.

[GCM] R_RSIP_AES_AEAD_AADUpdate(), R_RSIP_AES_AEAD_Update(), R_RSIP_AES_AEAD_Finish() (encryption), R_RSIP_AES_AEAD_Verify() (decryption)
[CCM] R_RSIP_AES_AEAD_AADUpdate() (AAD input is not completed), R_RSIP_AES_AEAD_Update() (AAD input is completed)

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	aad_length is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.

◆ R_RSIP_AES_AEAD_Update()

fsp_err_t R_RSIP_AES_AEAD_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_input,
		uint32_t const	input_length,
		uint8_t *const	p_output,
		uint32_t *const	p_output_length
	)

Encrypts plaintext or decrypts ciphertext.

Implements rsip_api_t::aesAeadUpdate.

Output length: Output length to p_output (p_output_length) is calculated text that has not yet been output in multiple of 16 bytes.

State transition

This API can only be executed in STATE_AES_AEAD, and does not cause any state transitions.

[GCM] R_RSIP_AES_AEAD_Update(), R_RSIP_AES_AEAD_Finish() (encryption), R_RSIP_AES_AEAD_Verify() (decryption)
[CCM] R_RSIP_AES_AEAD_Update() (text input is not completed), R_RSIP_AES_AEAD_Finish() (text input is completed, encryption), R_RSIP_AES_AEAD_Verify() (text input is completed, decryption)

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_SIZE	Input length is illegal.
FSP_ERR_INVALID_STATE	Internal state is illegal.

Note: In GCM mode, if this API is skipped, GMAC will be calculated. For detailed usage, refer to example code.

◆ R_RSIP_AES_AEAD_Finish()

fsp_err_t R_RSIP_AES_AEAD_Finish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_output,
		uint32_t *const	p_output_length,
		uint8_t *const	p_tag
	)

Finalizes an AES AEAD encryption.

Implements rsip_api_t::aesAeadFinish.

Output length

Output length to p_output (p_output_length) is the remaining calculated text length.

Output length to p_tag as below.

[GCM] 16 bytes.
[CCM] Input value as tag_length in R_RSIP_AES_AEAD_LengthsSet().

State transition

This API can only be executed in STATE_AES_AEAD, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_AES_AEAD_Verify()

fsp_err_t R_RSIP_AES_AEAD_Verify	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_output,
		uint32_t *const	p_output_length,
		uint8_t const *const	p_tag,
		uint32_t const	tag_length
	)

Finalizes an AES AEAD decryption.

If there is 16-byte fractional data indicated by the total data length of the value of p_cipher that was input by R_RSIP_AES_GCM_DecryptUpdate(), this API will output the result of decrypting that fractional data to p_cipher. Here, the portion that does not reach 16 bytes will be padded with zeros.

Implements rsip_api_t::aesAeadVerify.

Conditions

Argument tag_length must be as below.

[GCM] 1 to 16 bytes.
[CCM] Input value as tag_length in R_RSIP_AES_AEAD_LengthsSet().

Output length: Output length to p_output (p_output_length) is the remaining calculated text length.

State transition

This API can only be executed in STATE_AES_AEAD, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	tag_length is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_AUTHENTICATION	Authentication is failed.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_AES_MAC_Init()

fsp_err_t R_RSIP_AES_MAC_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_aes_mac_mode_t const	mode,
		rsip_wrapped_key_t const *const	p_wrapped_key
	)

Starts an AES MAC operation.

Implements rsip_api_t::aesMacInit.

Conditions

Key type of p_wrapped_key must be one of the following:

Argument mode accepts any member of enumeration rsip_aes_aead_mode_t.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_AES_MAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note: To calculate AES-GMAC, please use not R_RSIP_MAC_*() but R_RSIP_AEAD_*(). For detailed usage, refer to example code.

See also: Section Supported Algorithms.

Starts an AES MAC operation.

Implements rsip_api_t::aesMacInit.

Conditions

Key type of p_wrapped_key must be one of the following:

Argument mode accepts any member of enumeration rsip_aes_aead_mode_t.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_AES_MAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note: To calculate AES-GMAC, please use not R_RSIP_MAC_*() but R_RSIP_AEAD_*(). For detailed usage, refer to example code.

See also: Section Supported Algorithms.

◆ R_RSIP_AES_MAC_Update()

fsp_err_t R_RSIP_AES_MAC_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_message,
		uint32_t const	message_length
	)

Inputs message.

Implements rsip_api_t::aesMacUpdate.

Inside this function, the data that is input by the user is buffered until the input value of p_message exceeds 16 bytes. If the input value, p_message, is not a multiple of 16 bytes, it will be padded within the function.

State transition: This API can only be executed in STATE_AES_MAC, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.

◆ R_RSIP_AES_MAC_SignFinish()

fsp_err_t R_RSIP_AES_MAC_SignFinish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_mac
	)

Outputs AES MAC.

Implements rsip_api_t::aesMacSignFinish.

Output length: Output length to p_mac is 16 bytes.

State transition

This API can only be executed in STATE_AES_MAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_AES_MAC_VerifyFinish()

fsp_err_t R_RSIP_AES_MAC_VerifyFinish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_mac,
		uint32_t const	mac_length
	)

Verifies AES MAC.

Implements rsip_api_t::aesMacVerifyFinish.

Conditions

Argument mac_length must be as below.

[CMAC] 2 to 16 bytes.

State transition

This API can only be executed in STATE_AES_MAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	mac_length is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_AUTHENTICATION	Authentication is failed.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_ECDSA_Sign()

fsp_err_t R_RSIP_ECDSA_Sign	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		uint8_t const *const	p_hash,
		uint8_t *const	p_signature
	)

Generates an ECDSA signature.

Implements rsip_api_t::ecdsaSign.

Conditions

Key type of p_wrapped_private_key must be one of the following:

Message hash p_hash should be computed in advance. In the case of hash length is less than the key length, padding is required to make it the same as the key length.

For secp521r1 operation, the length of p_hash must be set to 64 bytes.

For secp521r1 operation, the length of the argument p_signature must be set as 132 byte. Since 521 bit is not a 8-bit multiple, zero padding is required and the data format is as follows:

Data Format for secp521r1 (132 byte)
zero padding (7 bit)	signature r (521 bit)	zero padding (7 bit)	signature s (521 bit)

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is illegal. Signature generation is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_ECDSA_Verify()

fsp_err_t R_RSIP_ECDSA_Verify	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t const *const	p_hash,
		uint8_t const *const	p_signature
	)

Verifies an ECDSA signature.

Implements rsip_api_t::ecdsaVerify.

Conditions

Key type of p_wrapped_public_key must be one of the following:

Message hash p_hash should be computed in advance. In the case of hash length is less than the key length, padding is required to make it the same as the key length.

For secp521r1 operation, the length of p_hash must be set to 64 bytes.

For secp521r1 operation, the length of the argument p_signature must be set as 132 byte. Since 521 bit is not a 8-bit multiple, zero padding is required and the data format is as follows:

Data Format for secp521r1 (132 byte)
zero padding (7 bit)	signature r (521 bit)	zero padding (7 bit)	signature s (521 bit)

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is illegal. Signature verification is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_PKI_ECDSA_CertVerify()

fsp_err_t R_RSIP_PKI_ECDSA_CertVerify	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t const *const	p_hash,
		uint8_t const *const	p_signature
	)

Verifies a public key certificate with ECDSA.

Implements rsip_api_t::pkiEcdsaCertVerify.

Conditions

Key type of p_wrapped_public_key must be one of the following:

Message hash p_hash should be computed in advance. In the case of hash length is less than the key length, padding is required to make it the same as the key length.

For secp521r1 operation, the length of p_hash must be set to 64 bytes.

For secp521r1 operation, the length of the argument p_signature must be set as 132 byte. Since 521 bit is not a 8-bit multiple, zero padding is required and the data format is as follows:

Data Format for secp521r1 (132 byte)
zero padding (7 bit)	signature r (521 bit)	zero padding (7 bit)	signature s (521 bit)

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is illegal. Signature verification is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_ECDH_KeyAgree()

fsp_err_t R_RSIP_ECDH_KeyAgree	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		rsip_wrapped_secret_t *const	p_wrapped_secret
	)

Computes ECDH secret with wrapped private key and wrapped public key.

Implements rsip_api_t::ecdhKeyAgree.

Conditions

Key type of p_wrapped_private_key and p_wrapped_public_key must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_ECDH_PlainKeyAgree()

fsp_err_t R_RSIP_ECDH_PlainKeyAgree	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		uint8_t const *const	p_plain_public_key,
		rsip_wrapped_secret_t *const	p_wrapped_secret
	)

Computes ECDH secret with wrapped private key and plain public key.

Implements rsip_api_t::ecdhPlainKeyAgree.

Conditions

Key type of p_wrapped_private_key must be one of the following:

For secp521r1 operation, the length of the argument p_plain_public_key must be set as 132 byte. Since 521 bit is not a 8-bit multiple, zero padding is required and the data format is as follows:

Data Format for secp521r1 (132 byte)
zero padding (7 bit)	public_key Qx (521 bit)	zero padding (7 bit)	public_key Qy (521 bit)

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Attention: Unauthenticated public key of Diffie–Hellman key exchange generally carry the risk of man-in-the-middle (MITM) attack. Please use R_RSIP_ECDH_KeyAgree() or implement signature verification whenever possible.

◆ R_RSIP_PureEdDSA_Sign()

fsp_err_t R_RSIP_PureEdDSA_Sign	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t const *const	p_message,
		uint64_t const	message_length,
		uint8_t *const	p_signature
	)

Generates an EdDSA signature.

Implements rsip_api_t::eddsaSign.

Conditions

Key type of p_wrapped_private_key must be one of the following:

RSIP_KEY_TYPE_ECC_EDWARDS25519_PRIVATE

Key type of p_wrapped_public_key must be one of the following:

RSIP_KEY_TYPE_ECC_EDWARDS25519_PUBLIC

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_SIZE	Input length is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_PureEdDSA_Verify()

fsp_err_t R_RSIP_PureEdDSA_Verify	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t const *const	p_message,
		uint64_t const	message_length,
		uint8_t const *const	p_signature
	)

Verifies an EdDSA signature.

Implements rsip_api_t::eddsaVerify.

Conditions

Key type of p_wrapped_public_key must be one of the following:

RSIP_KEY_TYPE_ECC_EDWARDS25519_PUBLIC

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_SIZE	Input length is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_KDF_SHA_Init()

fsp_err_t R_RSIP_KDF_SHA_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_hash_type_t const	hash_type
	)

Prepares a SHA generation.

Implements rsip_api_t::kdfshaInit.

Conditions

Argument hash_type must be one of the following:

RSIP_HASH_TYPE_SHA256

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_KDF_SHA
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_KDF_SHA_ECDHSecretUpdate()

fsp_err_t R_RSIP_KDF_SHA_ECDHSecretUpdate	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_secret_t const *const	p_wrapped_secret
	)

Inputs wrapped ECDH secret as a message. Input the messages required to perform the SHA operation using this API and R_RSIP_KDF_SHA_Update() in the desired order.

Implements rsip_api_t::kdfshaEcdhSecretUpdate.

Conditions: The argument p_wrapped_secret must be input the result of R_RSIP_ECDH_KeyAgree() or R_RSIP_ECDH_PlainKeyAgree(). This API cannot be called multiple times in a process of performing SHA operation.

State transition: This API can only be executed in STATE_KDF_SHA, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_KDF_SHA_Update()

fsp_err_t R_RSIP_KDF_SHA_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_message,
		uint32_t const	message_length
	)

Inputs message. Input the messages required to perform the SHA operation using this API and R_RSIP_KDF_SHA_ECDHSecretUpdate() in the desired order.

The total message length that can be input is up to 64 bytes before and after calling R_RSIP_KDF_SHA_ECDHSecretUpdate().

Implements rsip_api_t::kdfshaUpdate.

State transition: This API can only be executed in STATE_KDF_SHA, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	Input message_length is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_KDF_SHA_Finish()

fsp_err_t R_RSIP_KDF_SHA_Finish	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_dkm_t *const	p_wrapped_dkm
	)

Finalizes a SHA operation and generate DKM (Derived Keying Material).

Implements rsip_api_t::kdfshaFinish.

State transition

This API can only be executed in STATE_KDF_SHA, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_KDF_SHA_Suspend()

fsp_err_t R_RSIP_KDF_SHA_Suspend	(	rsip_ctrl_t *const	p_ctrl,
		rsip_kdf_sha_handle_t *const	p_handle
	)

Suspends SHA operation.

This API releases RSIP resource and outputs intermediate results. Therefore, it can be used in the following cases:

Execute another cryptographic operations during inputting successive chunks of the message.
Reuse intermediate results.

Implements rsip_api_t::kdfshaSuspend.

State transition

This API can only be executed in STATE_KDF_SHA, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_KDF_SHA_Resume()

fsp_err_t R_RSIP_KDF_SHA_Resume	(	rsip_ctrl_t *const	p_ctrl,
		rsip_kdf_sha_handle_t const *const	p_handle
	)

Resumes SHA operation suspended by R_RSIP_KDF_SHA_Suspend().

Implements rsip_api_t::kdfshaResume.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_KDF_SHA
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_KDF_SHA_DKMConcatenate()

fsp_err_t R_RSIP_KDF_SHA_DKMConcatenate	(	rsip_wrapped_dkm_t *const	p_wrapped_dkm1,
		rsip_wrapped_dkm_t const *const	p_wrapped_dkm2,
		uint32_t const	wrapped_dkm1_buffer_length
	)

Concatenates two wrapped DKMs.

DKM1 || DKM2 is output to p_wrapped_dkm1.

Implements rsip_api_t::kdfshaDkmConcatenate.

State transition: This API can be executed in any state including STATE_INITIAL, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_KDF_SHA_DerivedKeyImport()

fsp_err_t R_RSIP_KDF_SHA_DerivedKeyImport	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_dkm_t const *const	p_wrapped_dkm,
		rsip_key_type_t const	key_type,
		uint32_t const	position,
		rsip_wrapped_key_t *const	p_wrapped_key
	)

Outputs a wrapped key from DKM information.

Implements rsip_api_t::kdfshaDerivedKeyImport.

Conditions

Argument p_wrapped_dkm must be input the result of R_RSIP_KDF_SHA_Finish() or R_RSIP_KDF_SHA_DKMConcatenate(). Argument key_type must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_KDF_SHA_DerivedIVWrap()

fsp_err_t R_RSIP_KDF_SHA_DerivedIVWrap	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_dkm_t const *const	p_wrapped_dkm,
		rsip_initial_vector_type_t const	initial_vector_type,
		uint32_t const	position,
		uint8_t const *const	p_tls_sequence_num,
		uint8_t *const	p_wrapped_initial_vector
	)

Outputs a initial vector from DKM information.

Implements rsip_api_t::kdfshaDerivedIvWrap.

Conditions

Argument p_wrapped_dkm must be input the result of R_RSIP_KDF_SHA_Finish() or R_RSIP_KDF_SHA_DKMConcatenate(). Argument initial_vector_type must be one of the following:

RSIP_INITIAL_VECTOR_TYPE_AES_16_BYTE

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_KDF_MACKeyImport()

fsp_err_t R_RSIP_KDF_MACKeyImport	(	rsip_ctrl_t *const	p_ctrl,
		rsip_key_type_t const	key_type,
		rsip_wrapped_mac_t const *const	p_wrapped_mac,
		uint32_t const	key_length,
		rsip_wrapped_key_t *const	p_wrapped_key
	)

Converts wrapped data to wrapped HMAC key for KDF.

Implements rsip_api_t::kdfMacKeyImport.

Conditions

Argument key_type must be one of the following:

The argument p_wrapped_mac must be input the result of R_RSIP_KDF_HMAC_SignFinish().

Argument kdf_data_length depends on key type.

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Converts wrapped data to wrapped HMAC key for KDF.

Implements rsip_api_t::kdfMacKeyImport.

Conditions

Argument key_type must be one of the following:

The argument p_wrapped_mac must be input the result of R_RSIP_KDF_HMAC_SignFinish().

Argument kdf_data_length depends on key type.

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_KDF_ECDHSecretKeyImport()

fsp_err_t R_RSIP_KDF_ECDHSecretKeyImport	(	rsip_ctrl_t *const	p_ctrl,
		rsip_key_type_t const	key_type,
		rsip_wrapped_secret_t const *const	p_wrapped_secret,
		rsip_wrapped_key_t *const	p_wrapped_key
	)

Converts wrapped ECDH secret to wrapped HMAC key for KDF.

Implements rsip_api_t::kdfEcdhSecretKeyImport.

Conditions

Argument key_type must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Converts wrapped ECDH secret to wrapped HMAC key for KDF.

Implements rsip_api_t::kdfEcdhSecretKeyImport.

Conditions

Argument key_type must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_KDF_HMAC_Init()

fsp_err_t R_RSIP_KDF_HMAC_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_key
	)

Prepares a HMAC generation.

Implements rsip_api_t::kdfhmacInit.

Conditions

Argument p_wrapped_key must be one of the following:

Output data p_wrapped_key from R_RSIP_KDF_ECDHSecretKeyImport().
Key type of p_wrapped_key is RSIP_KEY_TYPE_HMAC_xxx.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_KDF_HMAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Prepares a HMAC generation.

Implements rsip_api_t::kdfhmacInit.

Conditions

Argument p_wrapped_key must be one of the following:

Output data p_wrapped_key from R_RSIP_KDF_ECDHSecretKeyImport().
Key type of p_wrapped_key is RSIP_KEY_TYPE_HMAC_xxx.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_KDF_HMAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.

◆ R_RSIP_KDF_HMAC_MACUpdate()

fsp_err_t R_RSIP_KDF_HMAC_MACUpdate	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_mac_t const *const	p_wrapped_mac
	)

Inputs wrapped MAC as a message.

Implements rsip_api_t::kdfhmacMacUpdate.

Conditions: The argument p_wrapped_mac must be input the result of R_RSIP_KDF_HMAC_SignFinish().

State transition: This API can only be executed in STATE_KDF_HMAC, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Inputs wrapped MAC as a message.

Implements rsip_api_t::kdfhmacMacUpdate.

Conditions: The argument p_wrapped_mac must be input the result of R_RSIP_KDF_HMAC_SignFinish().

State transition: This API can only be executed in STATE_KDF_HMAC, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.

◆ R_RSIP_KDF_HMAC_ECDHSecretUpdate()

fsp_err_t R_RSIP_KDF_HMAC_ECDHSecretUpdate	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_secret_t const *const	p_wrapped_secret
	)

Inputs wrapped ECDH secret as a message.

Implements rsip_api_t::kdfhmacEcdhSecretUpdate.

Conditions: The argument p_wrapped_secret must be input the result of R_RSIP_ECDH_KeyAgree() or R_RSIP_ECDH_PlainKeyAgree().

State transition: This API can only be executed in STATE_KDF_HMAC, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Inputs wrapped ECDH secret as a message.

Implements rsip_api_t::kdfhmacEcdhSecretUpdate.

Conditions: The argument p_wrapped_secret must be input the result of R_RSIP_ECDH_KeyAgree() or R_RSIP_ECDH_PlainKeyAgree().

State transition: This API can only be executed in STATE_KDF_HMAC, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_KDF_HMAC_Update()

fsp_err_t R_RSIP_KDF_HMAC_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_message,
		uint32_t const	message_length
	)

Inputs message.

Implements rsip_api_t::kdfhmacUpdate.

State transition: This API can only be executed in STATE_KDF_HMAC, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Inputs message.

Implements rsip_api_t::kdfhmacUpdate.

State transition: This API can only be executed in STATE_KDF_HMAC, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_KDF_HMAC_SignFinish()

fsp_err_t R_RSIP_KDF_HMAC_SignFinish	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_mac_t *const	p_wrapped_mac
	)

Finalizes a HMAC generation.

Implements rsip_api_t::kdfhmacSignFinish.

State transition

This API can only be executed in STATE_KDF_HMAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Finalizes a HMAC generation.

Implements rsip_api_t::kdfhmacSignFinish.

State transition

This API can only be executed in STATE_KDF_HMAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_KDF_HMAC_Suspend()

fsp_err_t R_RSIP_KDF_HMAC_Suspend	(	rsip_ctrl_t *const	p_ctrl,
		rsip_kdf_hmac_handle_t *const	p_handle
	)

Suspends HMAC operation.

This API releases RSIP resource and outputs intermediate results. Therefore, it can be used in the following cases:

Execute another cryptographic operations during inputting successive chunks of the message.
Reuse intermediate results.

Implements rsip_api_t::kdfhmacSuspend.

State transition

This API can only be executed in STATE_KDF_HMAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Suspends HMAC operation.

This API releases RSIP resource and outputs intermediate results. Therefore, it can be used in the following cases:

Execute another cryptographic operations during inputting successive chunks of the message.
Reuse intermediate results.

Implements rsip_api_t::kdfhmacSuspend.

State transition

This API can only be executed in STATE_KDF_HMAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_KDF_HMAC_Resume()

fsp_err_t R_RSIP_KDF_HMAC_Resume	(	rsip_ctrl_t *const	p_ctrl,
		rsip_kdf_hmac_handle_t const *const	p_handle
	)

Resumes HMAC operation suspended by R_RSIP_KDF_HMAC_Suspend().

Implements rsip_api_t::kdfhmacResume.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_KDF_HMAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Resumes HMAC operation suspended by R_RSIP_KDF_HMAC_Suspend().

Implements rsip_api_t::kdfhmacResume.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_KDF_HMAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.

◆ R_RSIP_KDF_MACConcatenate()

fsp_err_t R_RSIP_KDF_MACConcatenate	(	rsip_wrapped_mac_t *const	p_wrapped_mac1,
		rsip_wrapped_mac_t const *const	p_wrapped_mac2,
		uint32_t const	wrapped_mac1_buffer_length
	)

Concatenates two wrapped MACs.

MAC1 || MAC2 is output to p_wrapped_mac1.

Implements rsip_api_t::kdfMacConcatenate.

State transition: This API can be executed in any state including STATE_INITIAL, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Concatenates two wrapped MACs.

MAC1 || MAC2 is output to p_wrapped_mac1.

Implements rsip_api_t::kdfMacConcatenate.

State transition: This API can be executed in any state including STATE_INITIAL, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.

◆ R_RSIP_KDF_DerivedKeyImport()

fsp_err_t R_RSIP_KDF_DerivedKeyImport	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_mac_t const *const	p_wrapped_mac,
		rsip_key_type_t const	key_type,
		uint32_t const	position,
		rsip_wrapped_key_t *const	p_wrapped_key
	)

Outputs a wrapped key from KDF output.

Implements rsip_api_t::kdfDerivedKeyImport.

Conditions

Argument p_wrapped_mac must be input the result of R_RSIP_KDF_HMAC_SignFinish() or R_RSIP_KDF_MACConcatenate(). Argument key_type must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Outputs a wrapped key from KDF output.

Implements rsip_api_t::kdfDerivedKeyImport.

Conditions

Argument p_wrapped_mac must be input the result of R_RSIP_KDF_HMAC_SignFinish() or R_RSIP_KDF_MACConcatenate(). Argument key_type must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_KDF_DerivedIVWrap()

fsp_err_t R_RSIP_KDF_DerivedIVWrap	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_mac_t const *const	p_wrapped_mac,
		rsip_initial_vector_type_t const	initial_vector_type,
		uint32_t const	position,
		uint8_t const *const	p_tls_sequence_num,
		uint8_t *const	p_wrapped_initial_vector
	)

Outputs a initial vector from KDF output.

Implements rsip_api_t::kdfDerivedIvWrap.

Conditions

Argument p_wrapped_mac must be input the result of R_RSIP_KDF_HMAC_SignFinish() or R_RSIP_KDF_MACConcatenate(). Argument initial_vector_type must be one of the following:

RSIP_INITIAL_VECTOR_TYPE_AES_16_BYTE

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Outputs a initial vector from KDF output.

Implements rsip_api_t::kdfDerivedIvWrap.

Conditions

Argument p_wrapped_mac must be input the result of R_RSIP_KDF_HMAC_SignFinish() or R_RSIP_KDF_MACConcatenate(). Argument initial_vector_type must be one of the following:

RSIP_INITIAL_VECTOR_TYPE_AES_16_BYTE

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_OTF_Init()

fsp_err_t R_RSIP_OTF_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_otf_channel_t const	channel,
		rsip_wrapped_key_t *const	p_wrapped_key,
		uint8_t const *const	p_seed
	)

Initialize on-the-fly decryption on RSIP. Implements rsip_api_t::otfInit.

Argument "channel" represents channel number to be used, and supports the features listed below.

Channel Corresponding Parameter

CH-0 RSIP_OTF_CHANNEL_0

CH-1 (*) RSIP_OTF_CHANNEL_1

(*) These features are not supported.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Parameters

[in,out]	p_ctrl	Pointer to control block.
[in]	channel	Channel number.
[in]	p_wrapped_key	Pointer to wrapped AES key.
[in]	p_seed	Pointer to seed.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled or selected channel is invalid.
FSP_ERR_INVALID_ARGUMENT	Input key type is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Attention: This function is only part of on-the-fly decryption activation process and intended to be called from a higher level FSP module. Even if a user calls this function directly, the feature will not be enabled. The number of channels for the channel parameter is dependent on the hardware. RA8x1 supports only one channel, and channel parameter must always be set to RSIP_OTF_CHANNEL_0.

Initialize on-the-fly decryption on RSIP. Implements rsip_api_t::otfInit.

Argument "channel" represents channel number to be used, and supports the features listed below.

Channel Corresponding Parameter

CH-0 RSIP_OTF_CHANNEL_0

CH-1 (*) RSIP_OTF_CHANNEL_1

(*) These features are not supported.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Parameters

[in,out]	p_ctrl	Pointer to control block.
[in]	channel	Channel number.
[in]	p_wrapped_key	Pointer to wrapped AES key.
[in]	p_seed	Pointer to seed.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled or selected channel is invalid.
FSP_ERR_INVALID_ARGUMENT	Input key type is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Attention: This function is only part of on-the-fly decryption activation process and intended to be called from a higher level FSP module. Even if a user calls this function directly, the feature will not be enabled. The number of channels for the channel parameter is dependent on the hardware. RA8x1 supports only one channel, and channel parameter must always be set to RSIP_OTF_CHANNEL_0.

◆ R_RSIP_PKI_VerifiedCertInfoExport()

fsp_err_t R_RSIP_PKI_VerifiedCertInfoExport	(	rsip_ctrl_t *const	p_ctrl,
		rsip_verified_cert_info_t *const	p_verified_cert_info
	)

Exports verified certificate information stored in this driver.

The certificate is last called function R_RSIP_PKI_ECDSA_CertVerify(), R_RSIP_PKI_RSASSA_PKCS1_V1_5_CertVerify(), R_RSIP_PKI_RSASSA_PSS_CertVerify(), or R_RSIP_PKI_VerifiedCertInfoImport().

Implements rsip_api_t::pkiVerifiedCertInfoExport.

State transition: This API can be executed in any state including STATE_INITIAL, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.

◆ R_RSIP_PKI_VerifiedCertInfoImport()

fsp_err_t R_RSIP_PKI_VerifiedCertInfoImport	(	rsip_ctrl_t *const	p_ctrl,
		rsip_verified_cert_info_t const *const	p_verified_cert_info
	)

Imports verified certificate information.

Implements rsip_api_t::pkiVerifiedCertInfoImport.

State transition: This API can be executed in any state including STATE_INITIAL, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.

◆ R_RSIP_PKI_CertKeyImport()

fsp_err_t R_RSIP_PKI_CertKeyImport	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_cert,
		uint32_t const	cert_length,
		rsip_key_type_t const	key_type,
		uint8_t const *const	p_key_param1,
		uint32_t const	key_param1_length,
		uint8_t const *const	p_key_param2,
		uint32_t const	key_param2_length,
		rsip_hash_type_t const	hash_function,
		rsip_wrapped_key_t *const	p_wrapped_public_key
	)

Wraps the public key in the verified public key certificate.

Implements rsip_api_t::pkiCertKeyImport.

Conditions

Argument key_type must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note

Argument p_cert must correspond to the signature of the last called function R_RSIP_PKI_ECDSA_CertVerify(), R_RSIP_PKI_RSASSA_PKCS1_V1_5_CertVerify(), or R_RSIP_PKI_RSASSA_PSS_CertVerify().
For arguments p_key_param1 and p_key_param2, specify an address inside the certificate. Addresses outside the certificate are invalid.

◆ R_RSIP_RSA_Encrypt()

fsp_err_t R_RSIP_RSA_Encrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t const *const	p_plain,
		uint8_t *const	p_cipher
	)

Encrypts plaintext with raw RSA.

Implements rsip_api_t::rsaEncrypt.

Conditions

Key type of p_wrapped_public_key must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note: This API provides RSA low-level primitives (RSAEP/RSAVP1). It should be used in conjunction with any padding scheme.

See also: Section Supported Algorithms.

◆ R_RSIP_RSA_Decrypt()

fsp_err_t R_RSIP_RSA_Decrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		uint8_t const *const	p_cipher,
		uint8_t *const	p_plain
	)

Decrypts ciphertext with raw RSA.

Implements rsip_api_t::rsaDecrypt.

Conditions

Key type of p_wrapped_private_key must be one of the following:

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note: This API provides RSA low-level primitives (RSADP/RSASP1). It should be used in conjunction with any padding scheme.

See also: Section Supported Algorithms.

◆ R_RSIP_RSAES_PKCS1_V1_5_Encrypt()

fsp_err_t R_RSIP_RSAES_PKCS1_V1_5_Encrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t const *const	p_plain,
		uint32_t const	plain_length,
		uint8_t *const	p_cipher
	)

Encrypts plaintext with RSAES-PKCS1-v1_5.

Implements rsip_api_t::rsaesPkcs1V15Encrypt.

Conditions

Key type of p_wrapped_public_key must be one of the following:

mLen (plain_length) and k (modulus length) must meet the following condition.

mLen <= k - 11

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_RSAES_PKCS1_V1_5_Decrypt()

fsp_err_t R_RSIP_RSAES_PKCS1_V1_5_Decrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		uint8_t const *const	p_cipher,
		uint8_t *const	p_plain,
		uint32_t *const	p_plain_length,
		uint32_t const	plain_buffer_length
	)

Decrypts with RSAES-PKCS1-v1_5.

Implements rsip_api_t::rsaesPkcs1V15Decrypt.

Conditions

Key type of p_wrapped_private_key must be one of the following:

plain_buffer_length must be greater than or equal to mLen(plaintext length).

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note: This API skips the ciphertext length checking at RFC8017 (PKCS#1 v2.2) Section 7.2.2 Step 1.

See also: Section Supported Algorithms.

◆ R_RSIP_RSAES_OAEP_Encrypt()

fsp_err_t R_RSIP_RSAES_OAEP_Encrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		rsip_hash_type_t const	hash_function,
		rsip_mgf_type_t const	mask_generation_function,
		uint8_t const *const	p_label,
		uint32_t const	label_length,
		uint8_t const *const	p_plain,
		uint32_t const	plain_length,
		uint8_t *const	p_cipher
	)

Encrypts plaintext with RSAES-OAEP.

Implements rsip_api_t::rsaesOaepEncrypt.

Conditions

Key type of p_wrapped_public_key must be one of the following:

mLen (plain_length), hLen (hash length of hash_function), and k (modulus length) must meet the following condition.

mLen <= k - 2 hLen - 2

Argument hash_function accepts any member of enumeration rsip_hash_type_t.

Argument mask_generation_function accepts any member of enumeration rsip_mgf_type_t.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_RSAES_OAEP_Decrypt()

fsp_err_t R_RSIP_RSAES_OAEP_Decrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		rsip_hash_type_t const	hash_function,
		rsip_mgf_type_t const	mask_generation_function,
		uint8_t const *const	p_label,
		uint32_t const	label_length,
		uint8_t const *const	p_cipher,
		uint8_t *const	p_plain,
		uint32_t *const	p_plain_length,
		uint32_t const	plain_buffer_length
	)

Decrypts ciphertext with RSAES-OAEP.

Implements rsip_api_t::rsaesOaepDecrypt.

Conditions

Key type of p_wrapped_private_key must be one of the following:

hLen (hash length of hash_function) and k (modulus length) must meet the following condition.

k >= 2 hLen + 2

plain_buffer_length must be greater than or equal to mLen(plaintext length).

Argument hash_function accepts any member of enumeration rsip_hash_type_t.

Argument mask_generation_function accepts any member of enumeration rsip_mgf_type_t.

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note: This API skips the ciphertext length checking at RFC8017 (PKCS#1 v2.2) Section 7.1.2 Step 1.

See also: Section Supported Algorithms.

◆ R_RSIP_RSASSA_PKCS1_V1_5_Sign()

fsp_err_t R_RSIP_RSASSA_PKCS1_V1_5_Sign	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		rsip_hash_type_t const	hash_function,
		uint8_t const *const	p_hash,
		uint8_t *const	p_signature
	)

Signs message with RSASSA-PKCS1-v1_5.

Implements rsip_api_t::rsassaPkcs1V15Sign.

Conditions

Key type of p_wrapped_private_key must be one of the following:

Argument hash_function accepts any member of enumeration rsip_hash_type_t.

Message hash p_hash should be computed in advance with hash_function.

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_RSASSA_PKCS1_V1_5_Verify()

fsp_err_t R_RSIP_RSASSA_PKCS1_V1_5_Verify	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		rsip_hash_type_t const	hash_function,
		uint8_t const *const	p_hash,
		uint8_t const *const	p_signature
	)

Verifies signature with RSASSA-PKCS1-v1_5.

Implements rsip_api_t::rsassaPkcs1V15Verify.

Conditions

Key type of p_wrapped_public_key must be one of the following:

Argument hash_function accepts any member of enumeration rsip_hash_type_t.

Message hash p_hash should be computed in advance with hash_function.

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_RSASSA_PSS_Sign()

fsp_err_t R_RSIP_RSASSA_PSS_Sign	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		rsip_hash_type_t const	hash_function,
		rsip_mgf_type_t const	mask_generation_function,
		uint32_t const	salt_length,
		uint8_t const *const	p_hash,
		uint8_t *const	p_signature
	)

Signs message with RSASSA-PSS.

Implements rsip_api_t::rsassaPssSign.

Conditions

Key type of p_wrapped_private_key must be one of the following:

Argument hash_function accepts any member of enumeration rsip_hash_type_t.

Argument mask_generation_function accepts any member of enumeration rsip_mgf_type_t.

Message hash p_hash should be computed in advance with hash_function.

Salt length salt_length must be one of the following:

Any member of enumeration rsip_rsa_salt_length_t
Integers that satisfies the formula: sLen <= emLen - hLen - 2
- sLen is salt_length
- emLen is the same as modulus length
- hLen is the hash length

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_RSASSA_PSS_Verify()

fsp_err_t R_RSIP_RSASSA_PSS_Verify	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		rsip_hash_type_t const	hash_function,
		rsip_mgf_type_t const	mask_generation_function,
		uint32_t const	salt_length,
		uint8_t const *const	p_hash,
		uint8_t const *const	p_signature
	)

Verifies signature with RSASSA-PSS. Implements rsip_api_t::rsassaPssVerify.

Conditions

Key type of p_wrapped_public_key must be one of the following:

Argument hash_function accepts any member of enumeration rsip_hash_type_t.

Argument mask_generation_function accepts any member of enumeration rsip_mgf_type_t.

Message hash p_hash should be computed in advance with hash_function.

Salt length salt_length must be one of the following:

Any member of enumeration rsip_rsa_salt_length_t
Integers that satisfies the formula: sLen <= emLen - hLen - 2
- sLen is salt_length
- emLen is the same as modulus length
- hLen is the hash length

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_SHA_Compute()

fsp_err_t R_RSIP_SHA_Compute	(	rsip_ctrl_t *const	p_ctrl,
		rsip_hash_type_t const	hash_type,
		uint8_t const *const	p_message,
		uint32_t const	message_length,
		uint8_t *const	p_digest
	)

Generates SHA message digest. (Total input message must be less than 2^64 bits.)

Implements rsip_api_t::shaCompute.

Conditions: See R_RSIP_SHA_Init().

Output length: See R_RSIP_SHA_Finish().

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.

See also: Section Supported Algorithms.

◆ R_RSIP_SHA_Init()

fsp_err_t R_RSIP_SHA_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_hash_type_t const	hash_type
	)

Starts SHA operation.

Implements rsip_api_t::shaInit.

Conditions: Argument hash_function accepts any member of enumeration rsip_hash_type_t.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_SHA
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.

See also: Section Supported Algorithms.

◆ R_RSIP_SHA_Update()

fsp_err_t R_RSIP_SHA_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_message,
		uint32_t const	message_length
	)

Inputs SHA message. (Total input message must be less than 2^64 bits.)

Implements rsip_api_t::shaUpdate.

State transition: This API can only be executed in STATE_SHA, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_SHA_Finish()

fsp_err_t R_RSIP_SHA_Finish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_digest
	)

Outputs SHA message digest.

Implements rsip_api_t::shaFinish.

Output length

Output length to p_digest depends on hash_function.

State transition

This API can only be executed in STATE_SHA, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_SHA_Suspend()

fsp_err_t R_RSIP_SHA_Suspend	(	rsip_ctrl_t *const	p_ctrl,
		rsip_sha_handle_t *const	p_handle
	)

Suspends SHA operation.

This API releases RSIP resource and outputs intermediate results. Therefore, it can be used in the following cases:

Execute another cryptographic operations during inputting successive chunks of the message.
Reuse intermediate results.

Implements rsip_api_t::shaSuspend.

State transition

This API can only be executed in STATE_SHA, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_SHA_Resume()

fsp_err_t R_RSIP_SHA_Resume	(	rsip_ctrl_t *const	p_ctrl,
		rsip_sha_handle_t const *const	p_handle
	)

Resumes SHA operation suspended by R_RSIP_SHA_Suspend().

Implements rsip_api_t::shaResume.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_SHA
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.

◆ R_RSIP_HMAC_Compute()

fsp_err_t R_RSIP_HMAC_Compute	(	rsip_ctrl_t *const	p_ctrl,
		const rsip_wrapped_key_t *	p_wrapped_key,
		uint8_t const *const	p_message,
		uint32_t const	message_length,
		uint8_t *const	p_mac
	)

Generates HMAC. (Total input message must be less than 2^64 bits.)

Implements rsip_api_t::hmacCompute.

Conditions: See R_RSIP_HMAC_Init().

Output length: See R_RSIP_HMAC_SignFinish().

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_HMAC_Verify()

fsp_err_t R_RSIP_HMAC_Verify	(	rsip_ctrl_t *const	p_ctrl,
		const rsip_wrapped_key_t *	p_wrapped_key,
		uint8_t const *const	p_message,
		uint32_t const	message_length,
		uint8_t const *const	p_mac,
		uint32_t const	mac_length
	)

Verifies HMAC. (Total input message must be less than 2^64 bits.)

Implements rsip_api_t::hmacVerify.

Conditions: See R_RSIP_HMAC_Init() and R_RSIP_HMAC_VerifyFinish().

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	mac_length is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	MAC verification is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also: Section Supported Algorithms.

◆ R_RSIP_HMAC_Init()

fsp_err_t R_RSIP_HMAC_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_key
	)

Starts HMAC operation.

Implements rsip_api_t::hmacInit.

Conditions

Key type of p_wrapped_key must be one of the following:

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_HMAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.

See also: Section Supported Algorithms.

◆ R_RSIP_HMAC_Update()

fsp_err_t R_RSIP_HMAC_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_message,
		uint32_t const	message_length
	)

Inputs HMAC message. (Total input message must be less than 2^64 bits.)

Implements rsip_api_t::hmacUpdate.

State transition: This API can only be executed in STATE_HMAC, and does not cause any state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_HMAC_SignFinish()

fsp_err_t R_RSIP_HMAC_SignFinish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_mac
	)

Outputs HMAC.

Implements rsip_api_t::hmacSignFinish.

Output length

Output length to p_mac depends on key type of p_wrapped_key.

State transition

This API can only be executed in STATE_HMAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_HMAC_VerifyFinish()

fsp_err_t R_RSIP_HMAC_VerifyFinish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_mac,
		uint32_t const	mac_length
	)

Verifies HMAC.

Implements rsip_api_t::hmacVerifyFinish.

Conditions

Argument mac_length depends on key type of p_wrapped_key. Usually the longest length is recommended.

State transition

This API can only be executed in STATE_HMAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
FSP_ERR_ASSERTION	No change
FSP_ERR_NOT_OPEN	No change
FSP_ERR_INVALID_STATE	No change
FSP_ERR_INVALID_SIZE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	mac_length is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	MAC verification is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

◆ R_RSIP_HMAC_Suspend()

fsp_err_t R_RSIP_HMAC_Suspend	(	rsip_ctrl_t *const	p_ctrl,
		rsip_hmac_handle_t *const	p_handle
	)

Suspends HMAC operation.

This API releases RSIP resource and outputs intermediate results. Therefore, it can be used in the following cases:

Execute another cryptographic operations during inputting successive chunks of the message.
Reuse intermediate results.

Implements rsip_api_t::hmacSuspend.

State transition

This API can only be executed in STATE_HMAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Suspends HMAC operation.

This API releases RSIP resource and outputs intermediate results. Therefore, it can be used in the following cases:

Execute another cryptographic operations during inputting successive chunks of the message.
Reuse intermediate results.

Implements rsip_api_t::hmacSuspend.

State transition

This API can only be executed in STATE_HMAC, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_HMAC_Resume()

fsp_err_t R_RSIP_HMAC_Resume	(	rsip_ctrl_t *const	p_ctrl,
		rsip_hmac_handle_t const *const	p_handle
	)

Resumes HMAC operation suspended by R_RSIP_HMAC_Suspend().

Implements rsip_api_t::hmacResume.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_HMAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.

Resumes HMAC operation suspended by R_RSIP_HMAC_Suspend().

Implements rsip_api_t::hmacResume.

State transition

This API can only be executed in STATE_MAIN, and causes state transition.

Return value	Next state
FSP_SUCCESS	STATE_HMAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

◆ R_RSIP_FSBL_OEM_BL_Digest_Generate()

fsp_err_t R_RSIP_FSBL_OEM_BL_Digest_Generate	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_key_cert,
		uint32_t const	key_cert_max_length,
		uint8_t const *const	p_code_cert,
		uint32_t const	code_cert_max_length,
		uint32_t *const	p_mac
	)

Verifies a Manifest signature and outputs the MAC of image and code certificate. The hash algorithm only supports HMAC-SHA256. The signature algorithm only supports ECDSA secp256r1.

State transition: This API can only be executed in STATE_MAIN, and does not cause any state transitions.

Note: If this API returns FSP_ERR_SB_LOWER_IMAGE_VERSION or FSP_ERR_SB_CRYPTO_AUTH_FAIL, RSIP stops working. In this case, RSIP can be resumed by executing R_RSIP_Close() and R_RSIP_Open() in that order.

Parameters

[in,out]	p_ctrl	Pointer to control block.
[in]	p_key_cert	Pointer to key certificate.
[in]	key_cert_max_length	Maximum length of key certificate.
[in]	p_code_cert	Pointer to key code certificate.
[in]	code_cert_max_length	Maximum length of code certificate.
[out]	p_mac	Pointer to output MAC. It is output in TLV format and consists of a 4-byte Type-Length and a 32-byte Value.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_SB_INTERNAL_FAIL	An internal failure.
FSP_ERR_SB_INVALID_ARG	An invalid argument was entered.
FSP_ERR_SB_UNSUPPORTED_FUNCTION	Unsupported function executed.
FSP_ERR_SB_INVALID_ALIGNMENT	Data entered with incorrect alignment.
FSP_ERR_SB_SAME_IMAGE_VERSION	An image of the same version as the current version is input. (verification completed successfully)
FSP_ERR_SB_LOWER_IMAGE_VERSION	Image version lower than the current image version is installed.
FSP_ERR_SB_MANI_INVALID_MAGIC	An invalid magic number is set.
FSP_ERR_SB_MANI_UNSUPPORTED_VERSION	Unsupported version is set.
FSP_ERR_SB_MANI_OUT_OF_RANGE_LEN	Out of range TLV Length is set.
FSP_ERR_SB_MANI_TLV_FIELD_ERR	Missing required TLV field.
FSP_ERR_SB_MANI_TLV_INVALID_LEN	The length exceeding the end of the manifest is specified in length of the TLV field.
FSP_ERR_SB_MANI_INVALID_IMAGE_LEN	An invalid image length is set.
FSP_ERR_SB_MANI_MISMATCH_SIGN_ALGORITHM	There is a wrong combination of signature algorithms.
FSP_ERR_SB_MANI_UNSUPPORTED_ALGORITHM	An algorithm was specified that the manifest does not support.
FSP_ERR_SB_CRYPTO_FAIL	Cryptographic processing failure.
FSP_ERR_SB_CRYPTO_AUTH_FAIL	Verification failed.
FSP_ERR_SB_CRYPTO_PARAM_ERR	Parameter error.
FSP_ERR_SB_CRYPTO_RESOURCE_CONFLICT	CryptoIP is in use.
FSP_ERR_UNSUPPORTED	This API is not supported on this device.

Functions

Detailed Description

Overview

HW Overview

Features

Supported algorithms

Symmetric Key

Asymmetric Key

AES Block Cipher Mode of Operation

Hash Function

Key Derivation Function

Configuration

Build Time Configurations for r_rsip_e51a_protected

Build Time Configurations for r_rsip_e11a_protected

Configurations for Security > RSIP Protected Mode (r_rsip_protected)

Clock Configuration

Pin Configuration

Usage Notes

Getting Started: Creating a RSIP Protected Mode Project

State Transition

Examples

AES cipher Example

AES-GCM Example

AES-GMAC Example

AES-CCM Example

AES-CMAC Example

ECC Example

RSA Example

HASH Example

HMAC Example

Data Structures

Macros

Data Structure Documentation

◆ rsip_instance_ctrl_t

Function Documentation

◆ R_RSIP_Open()

◆ R_RSIP_Close()

◆ R_RSIP_RandomNumberGenerate()

◆ R_RSIP_KeyGenerate()

◆ R_RSIP_KeyPairGenerate()

◆ R_RSIP_EncryptedKeyWrap()

◆ R_RSIP_RFC3394_KeyWrap()

◆ R_RSIP_RFC3394_KeyUnwrap()

◆ R_RSIP_InjectedKeyImport()

◆ R_RSIP_PublicKeyExport()

◆ R_RSIP_AES_Cipher_Init()

◆ R_RSIP_AES_Cipher_Update()

◆ R_RSIP_AES_Cipher_Finish()

◆ R_RSIP_AES_AEAD_Init()

◆ R_RSIP_AES_AEAD_LengthsSet()

◆ R_RSIP_AES_AEAD_AADUpdate()

◆ R_RSIP_AES_AEAD_Update()

◆ R_RSIP_AES_AEAD_Finish()

◆ R_RSIP_AES_AEAD_Verify()

◆ R_RSIP_AES_MAC_Init()

◆ R_RSIP_AES_MAC_Update()

◆ R_RSIP_AES_MAC_SignFinish()

◆ R_RSIP_AES_MAC_VerifyFinish()

◆ R_RSIP_ECDSA_Sign()

◆ R_RSIP_ECDSA_Verify()

◆ R_RSIP_PKI_ECDSA_CertVerify()

◆ R_RSIP_ECDH_KeyAgree()

◆ R_RSIP_ECDH_PlainKeyAgree()

◆ R_RSIP_PureEdDSA_Sign()

◆ R_RSIP_PureEdDSA_Verify()

◆ R_RSIP_KDF_SHA_Init()

◆ R_RSIP_KDF_SHA_ECDHSecretUpdate()

◆ R_RSIP_KDF_SHA_Update()

◆ R_RSIP_KDF_SHA_Finish()

◆ R_RSIP_KDF_SHA_Suspend()

◆ R_RSIP_KDF_SHA_Resume()

◆ R_RSIP_KDF_SHA_DKMConcatenate()

◆ R_RSIP_KDF_SHA_DerivedKeyImport()

◆ R_RSIP_KDF_SHA_DerivedIVWrap()

◆ R_RSIP_KDF_MACKeyImport()

◆ R_RSIP_KDF_ECDHSecretKeyImport()

◆ R_RSIP_KDF_HMAC_Init()

◆ R_RSIP_KDF_HMAC_MACUpdate()

◆ R_RSIP_KDF_HMAC_ECDHSecretUpdate()

◆ R_RSIP_KDF_HMAC_Update()