RSIP Protected Mode (r_rsip_protected)

Functions
fsp_err_t	R_RSIP_Open (rsip_ctrl_t *const p_ctrl, rsip_cfg_t const *const p_cfg)
fsp_err_t	R_RSIP_Close (rsip_ctrl_t *const p_ctrl)
fsp_err_t	R_RSIP_RandomNumberGenerate (rsip_ctrl_t *const p_ctrl, uint8_t *const p_random)
fsp_err_t	R_RSIP_KeyGenerate (rsip_ctrl_t *const p_ctrl, rsip_key_type_t const key_type, rsip_wrapped_key_t *const p_wrapped_key)
fsp_err_t	R_RSIP_KeyPairGenerate (rsip_ctrl_t *const p_ctrl, rsip_key_pair_type_t const key_pair_type, rsip_wrapped_key_t *const p_wrapped_public_key, rsip_wrapped_key_t *const p_wrapped_private_key)
fsp_err_t	R_RSIP_EncryptedKeyWrap (rsip_ctrl_t *const p_ctrl, rsip_key_update_key_t const *const p_key_update_key, uint8_t const *const p_initial_vector, rsip_key_type_t const key_type, uint8_t const *const p_encrypted_key, rsip_wrapped_key_t *const p_wrapped_key)
fsp_err_t	R_RSIP_RFC3394_KeyWrap (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_kek, rsip_wrapped_key_t const *const p_wrapped_target_key, uint8_t *const p_rfc3394_wrapped_target_key)
fsp_err_t	R_RSIP_RFC3394_KeyUnwrap (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_kek, rsip_key_type_t const key_type, uint8_t const *const p_rfc3394_wrapped_target_key, rsip_wrapped_key_t *const p_wrapped_target_key)
fsp_err_t	R_RSIP_InjectedKeyImport (rsip_key_type_t const key_type, uint8_t const *const p_injected_key, rsip_wrapped_key_t *const p_wrapped_key, uint32_t const wrapped_key_buffer_length)
fsp_err_t	R_RSIP_PublicKeyExport (rsip_wrapped_key_t const *const p_wrapped_public_key, uint8_t *const p_raw_public_key)
fsp_err_t	R_RSIP_AES_Cipher_Init (rsip_ctrl_t *const p_ctrl, rsip_aes_cipher_mode_t const mode, rsip_wrapped_key_t const *const p_wrapped_key, uint8_t const *const p_initial_vector)
fsp_err_t	R_RSIP_AES_Cipher_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_input, uint8_t *const p_output, uint32_t const length)
fsp_err_t	R_RSIP_AES_Cipher_Finish (rsip_ctrl_t *const p_ctrl)
fsp_err_t	R_RSIP_AES_AEAD_Init (rsip_ctrl_t *const p_ctrl, rsip_aes_aead_mode_t const mode, rsip_wrapped_key_t const *const p_wrapped_key, uint8_t const *const p_nonce, uint32_t const nonce_length)
fsp_err_t	R_RSIP_AES_AEAD_LengthsSet (rsip_ctrl_t *const p_ctrl, uint32_t const total_aad_length, uint32_t const total_text_length, uint32_t const tag_length)
fsp_err_t	R_RSIP_AES_AEAD_AADUpdate (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_aad, uint32_t const aad_length)
fsp_err_t	R_RSIP_AES_AEAD_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_input, uint32_t const input_length, uint8_t *const p_output, uint32_t *const p_output_length)
fsp_err_t	R_RSIP_AES_AEAD_Finish (rsip_ctrl_t *const p_ctrl, uint8_t *const p_output, uint32_t *const p_output_length, uint8_t *const p_tag)
fsp_err_t	R_RSIP_AES_AEAD_Verify (rsip_ctrl_t *const p_ctrl, uint8_t *const p_output, uint32_t *const p_output_length, uint8_t const *const p_tag, uint32_t const tag_length)
fsp_err_t	R_RSIP_AES_MAC_Init (rsip_ctrl_t *const p_ctrl, rsip_aes_mac_mode_t const mode, rsip_wrapped_key_t const *const p_wrapped_key)
fsp_err_t	R_RSIP_AES_MAC_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_message, uint32_t const message_length)
fsp_err_t	R_RSIP_AES_MAC_SignFinish (rsip_ctrl_t *const p_ctrl, uint8_t *const p_mac)
fsp_err_t	R_RSIP_AES_MAC_VerifyFinish (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_mac, uint32_t const mac_length)
fsp_err_t	R_RSIP_ECDSA_Sign (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, uint8_t const *const p_hash, uint8_t *const p_signature)
fsp_err_t	R_RSIP_ECDSA_Verify (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, uint8_t const *const p_hash, uint8_t const *const p_signature)
fsp_err_t	R_RSIP_RSA_Encrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, uint8_t const *const p_plain, uint8_t *const p_cipher)
fsp_err_t	R_RSIP_RSA_Decrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, uint8_t const *const p_cipher, uint8_t *const p_plain)
fsp_err_t	R_RSIP_RSAES_PKCS1_V1_5_Encrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, uint8_t const *const p_plain, uint32_t const plain_length, uint8_t *const p_cipher)
fsp_err_t	R_RSIP_RSAES_PKCS1_V1_5_Decrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, uint8_t const *const p_cipher, uint8_t *const p_plain, uint32_t *const p_plain_length, uint32_t const plain_buffer_length)
fsp_err_t	R_RSIP_RSAES_OAEP_Encrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint8_t const *const p_label, uint32_t const label_length, uint8_t const *const p_plain, uint32_t const plain_length, uint8_t *const p_cipher)
fsp_err_t	R_RSIP_RSAES_OAEP_Decrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint8_t const *const p_label, uint32_t const label_length, uint8_t const *const p_cipher, uint8_t *const p_plain, uint32_t *const p_plain_length, uint32_t const plain_buffer_length)
fsp_err_t	R_RSIP_RSASSA_PKCS1_V1_5_Sign (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, rsip_hash_type_t const hash_function, uint8_t const *const p_hash, uint8_t *const p_signature)
fsp_err_t	R_RSIP_RSASSA_PKCS1_V1_5_Verify (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, rsip_hash_type_t const hash_function, uint8_t const *const p_hash, uint8_t const *const p_signature)
fsp_err_t	R_RSIP_RSASSA_PSS_Sign (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint32_t const salt_length, uint8_t const *const p_hash, uint8_t *const p_signature)
fsp_err_t	R_RSIP_RSASSA_PSS_Verify (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint32_t const salt_length, uint8_t const *const p_hash, uint8_t const *const p_signature)
fsp_err_t	R_RSIP_SHA_Compute (rsip_ctrl_t *const p_ctrl, rsip_hash_type_t const hash_type, uint8_t const *const p_message, uint32_t const message_length, uint8_t *const p_digest)
fsp_err_t	R_RSIP_SHA_Init (rsip_ctrl_t *const p_ctrl, rsip_hash_type_t const hash_type)
fsp_err_t	R_RSIP_SHA_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_message, uint32_t const message_length)
fsp_err_t	R_RSIP_SHA_Finish (rsip_ctrl_t *const p_ctrl, uint8_t *const p_digest)
fsp_err_t	R_RSIP_SHA_Suspend (rsip_ctrl_t *const p_ctrl, rsip_sha_handle_t *const p_handle)
fsp_err_t	R_RSIP_SHA_Resume (rsip_ctrl_t *const p_ctrl, rsip_sha_handle_t const *const p_handle)
fsp_err_t	R_RSIP_HMAC_Compute (rsip_ctrl_t *const p_ctrl, const rsip_wrapped_key_t *p_wrapped_key, uint8_t const *const p_message, uint32_t const message_length, uint8_t *const p_mac)
fsp_err_t	R_RSIP_HMAC_Verify (rsip_ctrl_t *const p_ctrl, const rsip_wrapped_key_t *p_wrapped_key, uint8_t const *const p_message, uint32_t const message_length, uint8_t const *const p_mac, uint32_t const mac_length)
fsp_err_t	R_RSIP_HMAC_Init (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_key)
fsp_err_t	R_RSIP_HMAC_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_message, uint32_t const message_length)
fsp_err_t	R_RSIP_HMAC_SignFinish (rsip_ctrl_t *const p_ctrl, uint8_t *const p_mac)
fsp_err_t	R_RSIP_HMAC_VerifyFinish (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_mac, uint32_t const mac_length)
fsp_err_t	R_RSIP_HMAC_Suspend (rsip_ctrl_t *const p_ctrl, rsip_hmac_handle_t *const p_handle)
fsp_err_t	R_RSIP_HMAC_Resume (rsip_ctrl_t *const p_ctrl, rsip_hmac_handle_t const *const p_handle)
fsp_err_t	R_RSIP_OTF_Init (rsip_ctrl_t *const p_ctrl, rsip_otf_channel_t const channel, rsip_wrapped_key_t *const p_wrapped_key, uint8_t const *const p_seed)

Detailed Description

Driver for the Renesas Secure IP (RSIP) peripheral on RA MCUs.

Overview

This module provides RSIP functions in protected mode.

HW Overview

Crypto Peripheral version	Devices
RSIP-E51A	RA8M1, RA8D1, RA8T1

Features

The RSIP module supports for the following features.

• Cryptography
  • Symmetric Encryption/Decryption
    • AES
      • ECB 128/256bit
      • CBC 128/256bit
      • CTR 128/256bit
      • GCM 128/256bit
      • CCM 128/256bit
      • XTS 128/256bit
  • Asymmetric Encryption/Decryption
    • RSA
      • RSAES-PKCS1-V1_5 2048/3072/4096bit
      • RSAES-OAEP 2048/3072/4096bit
      • RSASSA-PKCS1-V1_5 2048/3072/4096bit
      • RSASSA-PSS 2048/3072/4096bit
    • ECC
      • ECDSA secp256r1/secp384r1/secp521r1
  • Hash Functions
    • SHA-2
      • SHA-256/384/512
  • RFC3394 Key Wrap/Unwrap
• Message Authentication Code
  • HMAC-SHA256bit
  • AES-CMAC 128/256bit
• Key Manage
  • Key Support
    • AES 128/256bit
    • RSA 2048/3072/4096bit
    • ECC secp256r1/secp384r1/secp521r1
    • HMAC-SHA256bit
• Random Number Generate

Key Management

The following key management functions are available on each devices.

Key type (rsip_key_type_t)	R_RSIP_EncryptedKeyWrap()	R_RSIP_RFC3394_KeyWrap() R_RSIP_RFC3394_KeyUnwrap()	R_RSIP_InjectedKeyImport()	Generate	Export
RSIP_KEY_TYPE_INVALID	-	-	-	-	-
RSIP_KEY_TYPE_AES_128	Y	Y	Y	R_RSIP_KeyGenerate()	-
RSIP_KEY_TYPE_AES_256	Y	Y	Y	R_RSIP_KeyGenerate()	-
RSIP_KEY_TYPE_XTS_AES_128	Y	-	Y	R_RSIP_KeyGenerate()	-
RSIP_KEY_TYPE_XTS_AES_256	Y	-	Y	R_RSIP_KeyGenerate()	-
RSIP_KEY_TYPE_ECC_SECP256R1_PUBLIC	Y	-	Y	R_RSIP_KeyPairGenerate()	R_RSIP_PublicKeyExport()
RSIP_KEY_TYPE_ECC_SECP256R1_PRIVATE	Y	-	Y	R_RSIP_KeyPairGenerate()	-
RSIP_KEY_TYPE_ECC_SECP384R1_PUBLIC	Y	-	Y	R_RSIP_KeyPairGenerate()	R_RSIP_PublicKeyExport()
RSIP_KEY_TYPE_ECC_SECP384R1_PRIVATE	Y	-	Y	R_RSIP_KeyPairGenerate()	-
RSIP_KEY_TYPE_ECC_SECP521R1_PUBLIC	Y	-	Y	R_RSIP_KeyPairGenerate()	R_RSIP_PublicKeyExport()
RSIP_KEY_TYPE_ECC_SECP521R1_PRIVATE	Y	-	Y	R_RSIP_KeyPairGenerate()	-
RSIP_KEY_TYPE_RSA_2048_PUBLIC	Y	-	Y	R_RSIP_KeyPairGenerate()	R_RSIP_PublicKeyExport()
RSIP_KEY_TYPE_RSA_2048_PRIVATE	Y	-	Y	R_RSIP_KeyPairGenerate()	-
RSIP_KEY_TYPE_RSA_3072_PUBLIC	Y	-	Y	R_RSIP_KeyPairGenerate()	R_RSIP_PublicKeyExport()
RSIP_KEY_TYPE_RSA_3072_PRIVATE	Y	-	Y	R_RSIP_KeyPairGenerate()	-
RSIP_KEY_TYPE_RSA_4096_PUBLIC	Y	-	Y	R_RSIP_KeyPairGenerate()	R_RSIP_PublicKeyExport()
RSIP_KEY_TYPE_RSA_4096_PRIVATE	Y	-	Y	R_RSIP_KeyPairGenerate()	-
RSIP_KEY_TYPE_HMAC_SHA256	Y	-	Y	R_RSIP_KeyGenerate()	-

Key pair type (rsip_key_pair_type_t)	R_RSIP_KeyPairGenerate()	Corresponding public key type	Corresponding private key type
RSIP_KEY_PAIR_TYPE_INVALID	-	-	-
RSIP_KEY_PAIR_TYPE_ECC_SECP256R1	Y	RSIP_KEY_TYPE_ECC_SECP256R1_PUBLIC	RSIP_KEY_TYPE_ECC_SECP256R1_PRIVATE
RSIP_KEY_PAIR_TYPE_ECC_SECP384R1	Y	RSIP_KEY_TYPE_ECC_SECP384R1_PUBLIC	RSIP_KEY_TYPE_ECC_SECP384R1_PRIVATE
RSIP_KEY_PAIR_TYPE_ECC_SECP521R1	Y	RSIP_KEY_TYPE_ECC_SECP521R1_PUBLIC	RSIP_KEY_TYPE_ECC_SECP521R1_PRIVATE
RSIP_KEY_PAIR_TYPE_RSA_2048	Y	RSIP_KEY_TYPE_RSA_2048_PUBLIC	RSIP_KEY_TYPE_RSA_2048_PRIVATE
RSIP_KEY_PAIR_TYPE_RSA_3072	Y	RSIP_KEY_TYPE_RSA_3072_PUBLIC	RSIP_KEY_TYPE_RSA_3072_PRIVATE
RSIP_KEY_PAIR_TYPE_RSA_4096	Y	RSIP_KEY_TYPE_RSA_4096_PUBLIC	RSIP_KEY_TYPE_RSA_4096_PRIVATE

RSIP Operational States

RSIP Protected Mode driver has the following states.

State Name	Details
STATE_INITIAL	Driver is not open.
STATE_MAIN	Ready to Compute.
STATE_AES	Computing AES (unauthnticated cipher)
STATE_AES_AEAD	Computing AES (AEAD).
STATE_AES_MAC	Computing AES (MAC).
STATE_SHA	Computing SHA.
STATE_HMAC	Computing HMAC.

There are two types of APIs provided by the RSIP driver for accelerating cryptographic operations: those that provide cryptographic operations in a single API and those that provide them in multiple APIs. In this document, the former is referred to as single-part operations and the latter as multi-part operations. Each corresponds to the following algorithms :

・single-part operations : DRBG, Key management, RSA, ECDSA, SHA (Compute), HMAC (Compute&Verify)
・multi-part operations : AES (include AEAD, MAC), SHA, HMAC

Multi-part operations are APIs which split a single cryptographic operation into a sequence of separate steps (Init-Update-Finish). This enables fine control over the configuration of the cryptographic operation, and allows the message data to be processed in fragments instead of all at once.
Due to the above characteristics, it is necessary to manage the operational states in the multi-part operations.

Configuration

Clock Configuration

This module does not require a specific clock configuration.

Pin Configuration

This module does not use I/O pins.

Usage Notes

Getting Started: Creating a RSIP Protected Mode Project

Start by creating a new project in e² studio or RASC. On the Stacks tab, add New > Security > RSIP Protected Mode (r_rsip).

Examples

AES Example

This is an example of AES-256 encryption and decryption.

void r_rsip_example_aes ()
{
    fsp_err_t            err;
    static const uint8_t plain[RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2] =
    {
        0x52, 0x65, 0x6e, 0x65, 0x73, 0x61, 0x73, 0x20, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x72, 0x6f, 0x6e,
        0x69, 0x63, 0x73, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x00
    };

    uint8_t iv[RSIP_PRV_BYTE_SIZE_AES_BLOCK] = {0};
    uint8_t cipher_calculated[RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2] = {0};
    uint8_t plain_calculated[RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2]  = {0};

    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;

    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);

    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);

    /* Generate a nonce */
    err = R_RSIP_RandomNumberGenerate(&g_rsip_ctrl, iv);
    assert(FSP_SUCCESS == err);

    /* Encrypt a plaintext */
    err = R_RSIP_AES_Cipher_Init(&g_rsip_ctrl, RSIP_AES_CIPHER_MODE_CBC_ENC, p_wrapped_key, iv);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Update(&g_rsip_ctrl, plain, cipher_calculated, RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Finish(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);

    /* Decrypt a ciphertext using the same key */
    err = R_RSIP_AES_Cipher_Init(&g_rsip_ctrl, RSIP_AES_CIPHER_MODE_CBC_DEC, p_wrapped_key, iv);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Update(&g_rsip_ctrl, cipher_calculated, plain_calculated, RSIP_PRV_BYTE_SIZE_AES_BLOCK);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Update(&g_rsip_ctrl,
                                   cipher_calculated + RSIP_PRV_BYTE_SIZE_AES_BLOCK,
                                   plain_calculated + RSIP_PRV_BYTE_SIZE_AES_BLOCK,
                                   RSIP_PRV_BYTE_SIZE_AES_BLOCK);
    assert(FSP_SUCCESS == err);
    err = R_RSIP_AES_Cipher_Finish(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);

    /* Compare plain and plain_calculated */
    assert(0 == memcmp(plain, plain_calculated, RSIP_PRV_BYTE_SIZE_AES_BLOCK * 2));

    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

GCM Example

This is an example of AES-GCM-256 tag generation and verification.

#define GCM_BLOCK_LEN    (16)
#define GCM_TEXT_LEN     (31)
#define GCM_NONCE_LEN    (12)
#define GCM_AAD_LEN      (8)
#define GCM_TAG_LEN      (8)

void r_rsip_example_gcm ()
{
    fsp_err_t            err;
    static const uint8_t plain[GCM_TEXT_LEN] =
    {
        0x52, 0x65, 0x6e, 0x65, 0x73, 0x61, 0x73, 0x20, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x72, 0x6f, 0x6e,
        0x69, 0x63, 0x73, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
    };
    static const uint8_t aad[GCM_AAD_LEN] =
    {
        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
    };

    uint8_t  nonce[GCM_BLOCK_LEN]                 = {0};
    uint8_t  tag[GCM_BLOCK_LEN]                   = {0};
    uint8_t  cipher_calculated[GCM_BLOCK_LEN * 2] = {0};
    uint8_t  plain_calculated[GCM_BLOCK_LEN * 2]  = {0};
    uint32_t input_length      = 0;
    uint32_t output_length     = 0;
    uint32_t input_length_tmp  = 0;
    uint32_t output_length_tmp = 0;

    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;

    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);

    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);

    /* Generate a nonce */
    err = R_RSIP_RandomNumberGenerate(&g_rsip_ctrl, nonce);
    assert(FSP_SUCCESS == err);

    /* Encrypt a plaintext */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_GCM_ENC, p_wrapped_key, nonce, GCM_NONCE_LEN);
    assert(FSP_SUCCESS == err);

    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, aad, GCM_AAD_LEN);
    assert(FSP_SUCCESS == err);

    /* Input plaintext (one-shot) */
    err            = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl, plain, GCM_TEXT_LEN, cipher_calculated, &output_length_tmp);
    output_length += output_length_tmp;
    assert(FSP_SUCCESS == err);

    /* Output remaining text and generate a tag */
    err = R_RSIP_AES_AEAD_Finish(&g_rsip_ctrl, cipher_calculated + output_length, &output_length_tmp, tag);
    assert(FSP_SUCCESS == err);

    /* Decrypt a ciphertext using the same key */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_GCM_DEC, p_wrapped_key, nonce, GCM_NONCE_LEN);
    assert(FSP_SUCCESS == err);

    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, aad, GCM_AAD_LEN);
    assert(FSP_SUCCESS == err);
    input_length  = 0;
    output_length = 0;

    /* Input ciphertext (multi-shot) */
    input_length_tmp = 10;
    err              = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl,
                                              cipher_calculated + input_length,
                                              input_length_tmp,
                                              plain_calculated + output_length,
                                              &output_length_tmp);
    input_length  += input_length_tmp;
    output_length += output_length_tmp;
    assert(FSP_SUCCESS == err);
    input_length_tmp = GCM_TEXT_LEN - input_length;
    err              = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl,
                                              cipher_calculated + input_length,
                                              input_length_tmp,
                                              plain_calculated + output_length,
                                              &output_length_tmp);
    input_length  += input_length_tmp;
    output_length += output_length_tmp;
    assert(FSP_SUCCESS == err);

    /*
     * Output remaining text and verify the tag
     * Attention: Do not use the output plaintext by R_RSIP_AES_Cipher_DecryptUpdate()
     * before R_RSIP_AES_Cipher_DecryptFinal() returns FSP_SUCCESS.
     * The integrity is checked in this function.
     */
    err = R_RSIP_AES_AEAD_Verify(&g_rsip_ctrl, plain_calculated + output_length, &output_length_tmp, tag, GCM_TAG_LEN);
    assert(FSP_SUCCESS == err);

    /* Compare plain and plain_calculated */
    assert(0 == memcmp(plain, plain_calculated, GCM_TEXT_LEN));

    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

GMAC Example

This is an example of AES-GMAC-256 signature generation and verification.

#define GMAC_NONCE_LEN    (12)
#define GMAC_AAD_LEN      (8)
#define GMAC_TAG_LEN      (16)

void r_rsip_example_gmac ()
{
    fsp_err_t err;

    static const uint8_t aad[GMAC_AAD_LEN] =
    {
        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
    };

    uint8_t  nonce[GMAC_NONCE_LEN] = {0};
    uint8_t  tag[GMAC_TAG_LEN]     = {0};
    uint8_t  output_dummy_buf[1]   = {0};
    uint32_t output_length         = 0;

    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;

    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);

    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);

    /* Generate a nonce */
    err = R_RSIP_RandomNumberGenerate(&g_rsip_ctrl, nonce);
    assert(FSP_SUCCESS == err);

    /* Initialize GMAC signature */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_GCM_ENC, p_wrapped_key, nonce, GMAC_NONCE_LEN);
    assert(FSP_SUCCESS == err);

    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, aad, GMAC_AAD_LEN);
    assert(FSP_SUCCESS == err);

    /* Finalize GMAC generation */
    err = R_RSIP_AES_AEAD_Finish(&g_rsip_ctrl, output_dummy_buf, &output_length, tag);
    assert(FSP_SUCCESS == err);

    /*Initialize GMAC verification*/
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_GCM_DEC, p_wrapped_key, nonce, GMAC_NONCE_LEN);
    assert(FSP_SUCCESS == err);

    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, aad, GMAC_AAD_LEN);
    assert(FSP_SUCCESS == err);

    /* Finalize GMAC verification*/
    err = R_RSIP_AES_AEAD_Verify(&g_rsip_ctrl, output_dummy_buf, &output_length, tag, GMAC_TAG_LEN);
    assert(FSP_SUCCESS == err);

    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

CCM Example

This is an example of AES-CCM-256 tag generation and verification.

#define CCM_NONCE_LEN         (12)
#define CCM_ADATA_LEN         (20)
#define CCM_INPUT_DATA_LEN    (24)
#define CCM_MAC_LEN           (8)

void r_rsip_example_ccm ()
{
    fsp_err_t err;

    static const uint8_t nonce[CCM_NONCE_LEN] =
    {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B};
    static const uint8_t adata[CCM_ADATA_LEN] =
    {
        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
        0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13
    };
    static const uint8_t plain[CCM_INPUT_DATA_LEN] =
    {
        0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29,
        0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33,
        0x34, 0x35, 0x36, 0x37
    };

    uint8_t   cipher_calculated[CCM_INPUT_DATA_LEN * 2] = {0};
    uint8_t   plain_calculated[CCM_INPUT_DATA_LEN * 2]  = {0};
    uint8_t   mac[CCM_MAC_LEN]  = {0};
    uint32_t  output_length_tmp = 0;
    uint8_t * p_output          = NULL;

    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;

    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);

    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);

    /* Encrypt a plaintext */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_CCM_ENC, p_wrapped_key, nonce, CCM_NONCE_LEN);
    assert(FSP_SUCCESS == err);

    /* Set text and tag length. */
    err = R_RSIP_AES_AEAD_LengthsSet(&g_rsip_ctrl, CCM_ADATA_LEN, CCM_INPUT_DATA_LEN, CCM_MAC_LEN);
    assert(FSP_SUCCESS == err);

    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, adata, CCM_ADATA_LEN);
    assert(FSP_SUCCESS == err);

    /* Input plaintext */
    err = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl, plain, CCM_INPUT_DATA_LEN, cipher_calculated, &output_length_tmp);
    assert(FSP_SUCCESS == err);
    p_output = &(cipher_calculated[output_length_tmp]);

    /* Output remaining text and generate a tag */
    err = R_RSIP_AES_AEAD_Finish(&g_rsip_ctrl, p_output, &output_length_tmp, mac);
    assert(FSP_SUCCESS == err);

    /* Decrypt a ciphertext using the same key */
    err = R_RSIP_AES_AEAD_Init(&g_rsip_ctrl, RSIP_AES_AEAD_MODE_CCM_DEC, p_wrapped_key, nonce, CCM_NONCE_LEN);
    assert(FSP_SUCCESS == err);

    /* Set text and tag length. */
    err = R_RSIP_AES_AEAD_LengthsSet(&g_rsip_ctrl, CCM_ADATA_LEN, CCM_INPUT_DATA_LEN, CCM_MAC_LEN);
    assert(FSP_SUCCESS == err);

    /* Input AAD */
    err = R_RSIP_AES_AEAD_AADUpdate(&g_rsip_ctrl, adata, CCM_ADATA_LEN);
    assert(FSP_SUCCESS == err);

    /* Input plaintext */

    // err = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl, plain, CCM_INPUT_DATA_LEN, plain_calculated, &output_length_tmp);
    err = R_RSIP_AES_AEAD_Update(&g_rsip_ctrl,
                                 cipher_calculated,
                                 CCM_INPUT_DATA_LEN,
                                 plain_calculated,
                                 &output_length_tmp);
    assert(FSP_SUCCESS == err);
    p_output = &(plain_calculated[output_length_tmp]);

    /* Output remaining text and verify the tag */
    err = R_RSIP_AES_AEAD_Verify(&g_rsip_ctrl, p_output, &output_length_tmp, mac, CCM_MAC_LEN);
    assert(FSP_SUCCESS == err);

    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

CMAC Example

This is an example of AES-CMAC-256 tag generation and verification.

#define CMAC_MESSAGE_LEN    (10)
#define CMAC_MAC_LEN        (16)

void r_rsip_example_cmac ()
{
    fsp_err_t err;

    static const uint8_t message[CMAC_MESSAGE_LEN] = {0xf0, 0x8f, 0x89, 0x08, 0x75, 0xe1, 0x39, 0x48, 0x04, 0x89};

    uint8_t mac[CMAC_MAC_LEN] = {0};

    /* Prepare wrapped key data area */
    uint8_t              wrapped_key[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
    rsip_wrapped_key_t * p_wrapped_key = (rsip_wrapped_key_t *) wrapped_key;

    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);

    /* Generate a aes 256-bit key */
    err = R_RSIP_KeyGenerate(&g_rsip_ctrl, RSIP_KEY_TYPE_AES_256, p_wrapped_key);
    assert(FSP_SUCCESS == err);

    /* CMAC initialize for encrypt */
    err = R_RSIP_AES_MAC_Init(&g_rsip_ctrl, RSIP_AES_MAC_MODE_CMAC, p_wrapped_key);
    assert(FSP_SUCCESS == err);

    /* Input message */
    err = R_RSIP_AES_MAC_Update(&g_rsip_ctrl, message, CMAC_MESSAGE_LEN);
    assert(FSP_SUCCESS == err);

    /* Output remaining text and generate a tag */
    err = R_RSIP_AES_MAC_SignFinish(&g_rsip_ctrl, mac);
    assert(FSP_SUCCESS == err);

    /* CMAC initialize for decrypt */
    err = R_RSIP_AES_MAC_Init(&g_rsip_ctrl, RSIP_AES_MAC_MODE_CMAC, p_wrapped_key);
    assert(FSP_SUCCESS == err);

    /* Input message */
    err = R_RSIP_AES_MAC_Update(&g_rsip_ctrl, message, CMAC_MESSAGE_LEN);
    assert(FSP_SUCCESS == err);

    /* Verify the tag */
    err = R_RSIP_AES_MAC_VerifyFinish(&g_rsip_ctrl, mac, CMAC_MAC_LEN);
    assert(FSP_SUCCESS == err);

    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

ECC Example

This is an example of ECC secp-256 signature generate and verify.

#define SECP256R1_KEY_SIZE    (32)

void r_rsip_example_ecc ()
{
    fsp_err_t err;

    static const uint8_t message[] = "sample";

    uint8_t hash[SECP256R1_KEY_SIZE]          = {0};
    uint8_t signature[SECP256R1_KEY_SIZE * 2] = {0};

    /* Prepare wrapped key data area */
    uint8_t              wrapped_public_key[RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP256R1_PUBLIC];
    uint8_t              wrapped_private_key[RSIP_BYTE_SIZE_WRAPPED_KEY_ECC_SECP256R1_PRIVATE];
    rsip_wrapped_key_t * p_wrapped_public_key  = (rsip_wrapped_key_t *) wrapped_public_key;
    rsip_wrapped_key_t * p_wrapped_private_key = (rsip_wrapped_key_t *) wrapped_private_key;

    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);

    /* Generate a key pair of secp256r1 */
    err = R_RSIP_KeyPairGenerate(&g_rsip_ctrl,
                                 RSIP_KEY_PAIR_TYPE_ECC_SECP256R1,
                                 p_wrapped_public_key,
                                 p_wrapped_private_key);
    assert(FSP_SUCCESS == err);

    /* Generate the message hash */
    err = R_RSIP_SHA_Compute(&g_rsip_ctrl, RSIP_HASH_TYPE_SHA256, message, sizeof(message), hash);
    assert(FSP_SUCCESS == err);

    /* Generate the signature */
    err = R_RSIP_ECDSA_Sign(&g_rsip_ctrl, p_wrapped_private_key, hash, signature);
    assert(FSP_SUCCESS == err);

    /* Verify the signature*/
    err = R_RSIP_ECDSA_Verify(&g_rsip_ctrl, p_wrapped_public_key, hash, signature);
    assert(FSP_SUCCESS == err);

    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

RSA Example

This is an example of RSA-2048 encryption and decryption.

#define SHA256_HASH_SIZE     (32)
#define RSA_2048_KEY_SIZE    (256)

void r_rsip_example_rsa ()
{
    fsp_err_t err;

    static const uint8_t message[] = "sample";
    static const uint8_t label[]   = "label";

    uint8_t  cipher_calculated[RSA_2048_KEY_SIZE] = {0};
    uint8_t  plain_calculated[RSA_2048_KEY_SIZE]  = {0};
    uint32_t plain_calculated_length              = 0;
    uint8_t  hash[SHA256_HASH_SIZE]               = {0};
    uint8_t  signature[RSA_2048_KEY_SIZE]         = {0};

    /* Prepare wrapped key data area */
    uint8_t              wrapped_public_key[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC];
    uint8_t              wrapped_private_key[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE];
    rsip_wrapped_key_t * p_wrapped_public_key  = (rsip_wrapped_key_t *) wrapped_public_key;
    rsip_wrapped_key_t * p_wrapped_private_key = (rsip_wrapped_key_t *) wrapped_private_key;

    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);

    /* Generate a key pair of RSA-2048 */
    err =
        R_RSIP_KeyPairGenerate(&g_rsip_ctrl, RSIP_KEY_PAIR_TYPE_RSA_2048, p_wrapped_public_key, p_wrapped_private_key);
    assert(FSP_SUCCESS == err);

    /*
     * RSAES-OAEP
     */

    /* Encrypt a plaintext */
    err = R_RSIP_RSAES_OAEP_Encrypt(&g_rsip_ctrl,
                                    p_wrapped_public_key,
                                    RSIP_HASH_TYPE_SHA256,
                                    RSIP_MGF_TYPE_MGF1_SHA256,
                                    label,
                                    sizeof(label),
                                    message,
                                    sizeof(message),
                                    cipher_calculated);
    assert(FSP_SUCCESS == err);

    /* Decrypt a ciphertext using the same key */
    err = R_RSIP_RSAES_OAEP_Decrypt(&g_rsip_ctrl,
                                    p_wrapped_private_key,
                                    RSIP_HASH_TYPE_SHA256,
                                    RSIP_MGF_TYPE_MGF1_SHA256,
                                    label,
                                    sizeof(label),
                                    cipher_calculated,
                                    plain_calculated,
                                    &plain_calculated_length,
                                    sizeof(plain_calculated));
    assert(FSP_SUCCESS == err);

    /* Verify calculated plaintext */
    assert(sizeof(message) == plain_calculated_length);
    assert(0 == memcmp(message, plain_calculated, plain_calculated_length));

    /*
     * RSASSA-PSS
     */

    /* Generate the message hash */
    err = R_RSIP_SHA_Compute(&g_rsip_ctrl, RSIP_HASH_TYPE_SHA256, message, sizeof(message), hash);
    assert(FSP_SUCCESS == err);

    /* Generate the signature */
    err = R_RSIP_RSASSA_PSS_Sign(&g_rsip_ctrl,
                                 p_wrapped_private_key,
                                 RSIP_HASH_TYPE_SHA256,
                                 RSIP_MGF_TYPE_MGF1_SHA256,
                                 RSIP_RSA_SALT_LENGTH_AUTO,
                                 hash,
                                 signature);
    assert(FSP_SUCCESS == err);

    /* Verify the signature*/
    err = R_RSIP_RSASSA_PSS_Verify(&g_rsip_ctrl,
                                   p_wrapped_public_key,
                                   RSIP_HASH_TYPE_SHA256,
                                   RSIP_MGF_TYPE_MGF1_SHA256,
                                   RSIP_RSA_SALT_LENGTH_AUTO,
                                   hash,
                                   signature);
    assert(FSP_SUCCESS == err);

    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

HASH Example

This is an example of calculating the SHA256 hash.

#define SHA256_HASH_SIZE    (32)

void r_rsip_example_hash ()
{
    fsp_err_t err;

    static const uint8_t message[] =
    {
        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
    };

    static const uint8_t hash[] =
    {
        0x63, 0x0d, 0xcd, 0x29, 0x66, 0xc4, 0x33, 0x66, 0x91, 0x12, 0x54, 0x48, 0xbb, 0xb2, 0x5b, 0x4f,
        0xf4, 0x12, 0xa4, 0x9c, 0x73, 0x2d, 0xb2, 0xc8, 0xab, 0xc1, 0xb8, 0x58, 0x1b, 0xd7, 0x10, 0xdd
    };

    uint8_t digest_single[SHA256_HASH_SIZE] = {0};
    uint8_t digest_multi[SHA256_HASH_SIZE]  = {0};

    /* Initialize the driver */
    err = R_RSIP_Open(&g_rsip_ctrl, &g_rsip_cfg);
    assert(FSP_SUCCESS == err);

    /* (1) Calculate SHA-256 digests with single-part API */
    err = R_RSIP_SHA_Compute(&g_rsip_ctrl, RSIP_HASH_TYPE_SHA256, message, sizeof(message), digest_single);
    assert(FSP_SUCCESS == err);

    /* Compare digest and hash */
    assert(0 == memcmp(digest_single, hash, SHA256_HASH_SIZE));

    /* (2) Calculate SHA-256 digests with multi-part API */
    err = R_RSIP_SHA_Init(&g_rsip_ctrl, RSIP_HASH_TYPE_SHA256);
    assert(FSP_SUCCESS == err);

    err = R_RSIP_SHA_Update(&g_rsip_ctrl, message, sizeof(message));
    assert(FSP_SUCCESS == err);

    err = R_RSIP_SHA_Finish(&g_rsip_ctrl, digest_multi);
    assert(FSP_SUCCESS == err);

    /* Compare digest and hash */
    assert(0 == memcmp(digest_multi, hash, SHA256_HASH_SIZE));

    /* Close the driver */
    err = R_RSIP_Close(&g_rsip_ctrl);
    assert(FSP_SUCCESS == err);
}

Data Structures
struct	rsip_instance_ctrl_t

---

Data Structure Documentation

rsip_instance_ctrl_t

struct rsip_instance_ctrl_t

RSIP private control block. DO NOT MODIFY. Initialization occurs when R_RSIP_Open() is called.

Function Documentation

R_RSIP_Open()

fsp_err_t R_RSIP_Open	(	rsip_ctrl_t *const	p_ctrl,
		rsip_cfg_t const *const	p_cfg
	)

Enables use of Renesas Secure IP functionality.
Implements rsip_api_t::open.

<Operational State>
This API can only be executed in the STATE_INITIAL, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_ALREADY_OPEN	Module is already open.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Internal key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Hardware initialization is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption or hardware fault is detected.

Note

This version does not have an optional feature to disable TRNG initialization.

R_RSIP_Close()

fsp_err_t R_RSIP_Close

(

rsip_ctrl_t *const

p_ctrl

)

Disables use of Renesas Secure IP functionality.
Implements rsip_api_t::close.

<Operational State>
This API can be executed in except STATE_INITIAL, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS	STATE_INITIAL
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_RandomNumberGenerate()

fsp_err_t R_RSIP_RandomNumberGenerate	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_random
	)

Generates a 128-bit random number.
Implements rsip_api_t::randomNumberGenerate.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_KeyGenerate()

fsp_err_t R_RSIP_KeyGenerate	(	rsip_ctrl_t *const	p_ctrl,
		rsip_key_type_t const	key_type,
		rsip_wrapped_key_t *const	p_wrapped_key
	)

Generate a wrapped symmetric key from a random number. In this API, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.
Implements rsip_api_t::keyGenerate.

<Usage Precautions>

• Valid key types.

key_type	RSIP_KEY_TYPE_AES_128 RSIP_KEY_TYPE_AES_256 RSIP_KEY_TYPE_XTS_AES_128 RSIP_KEY_TYPE_XTS_AES_256 RSIP_KEY_TYPE_HMAC_SHA256

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also

Section Key Management

R_RSIP_KeyPairGenerate()

fsp_err_t R_RSIP_KeyPairGenerate	(	rsip_ctrl_t *const	p_ctrl,
		rsip_key_pair_type_t const	key_pair_type,
		rsip_wrapped_key_t *const	p_wrapped_public_key,
		rsip_wrapped_key_t *const	p_wrapped_private_key
	)

Generate a wrapped asymmetric key pair from a random number. In this API, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.
Implements rsip_api_t::keyPairGenerate.

<Usage Precautions>

• Valid key pair types.

key_pair_type	RSIP_KEY_PAIR_TYPE_ECC_SECP256R1 RSIP_KEY_PAIR_TYPE_ECC_SECP384R1 RSIP_KEY_PAIR_TYPE_ECC_SECP521R1 RSIP_KEY_PAIR_TYPE_RSA_2048 RSIP_KEY_PAIR_TYPE_RSA_3072 RSIP_KEY_PAIR_TYPE_RSA_4096

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also

Section Key Management

R_RSIP_EncryptedKeyWrap()

fsp_err_t R_RSIP_EncryptedKeyWrap	(	rsip_ctrl_t *const	p_ctrl,
		rsip_key_update_key_t const *const	p_key_update_key,
		uint8_t const *const	p_initial_vector,
		rsip_key_type_t const	key_type,
		uint8_t const *const	p_encrypted_key,
		rsip_wrapped_key_t *const	p_wrapped_key
	)

Decrypt the encrypted user key with Key Update Key (KUK) and wrap it with the Hardware Unique Key (HUK).
Implements rsip_api_t::encryptedKeyWrap.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also

Section Key Management

R_RSIP_RFC3394_KeyWrap()

fsp_err_t R_RSIP_RFC3394_KeyWrap	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_kek,
		rsip_wrapped_key_t const *const	p_wrapped_target_key,
		uint8_t *const	p_rfc3394_wrapped_target_key
	)

This function provides Key Wrap algorithm compliant with RFC3394. Using p_wrapped_kek to wrap p_wrapped_target_key, and output the result to p_rfc3394_wrapped_target_key.
Implements rsip_api_t::rfc3394_KeyWrap.

<Usage Precautions>

• Argument "p_wrapped_kek" only supports the following key type.

  Key Type of p_wrapped_kek	Corresponding Parameter
  AES-128	RSIP_KEY_TYPE_AES_128
  AES-256	RSIP_KEY_TYPE_AES_256

• Argument "p_wrapped_target_key" only supports the following key type.

  Key Type of p_wrapped_target_key	Corresponding Parameter
  AES-128	RSIP_KEY_TYPE_AES_128
  AES-256	RSIP_KEY_TYPE_AES_256

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also

Section Key Management

R_RSIP_RFC3394_KeyUnwrap()

fsp_err_t R_RSIP_RFC3394_KeyUnwrap	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_kek,
		rsip_key_type_t const	key_type,
		uint8_t const *const	p_rfc3394_wrapped_target_key,
		rsip_wrapped_key_t *const	p_wrapped_target_key
	)

This function provides Key Unwrap algorithm compliant with RFC3394. Using p_wrapped_kek to unwrap p_rfc3394_wrapped_target_key, and output the result to p_wrapped_target_key.
Implements rsip_api_t::rfc3394_KeyUnwrap.

<Usage Precautions>

• Argument "p_wrapped_kek" only supports the following key type.

  Key Type of p_wrapped_kek	Corresponding Parameter
  AES-128	RSIP_KEY_TYPE_AES_128
  AES-256	RSIP_KEY_TYPE_AES_256

• Argument "key_type" represents the key type of p_rfc3394_wrapped_target_key, and only supports the following key type.

  Key Type of p_rfc3394_wrapped_target_key	Corresponding Parameter
  AES-128	RSIP_KEY_TYPE_AES_128
  AES-256	RSIP_KEY_TYPE_AES_256

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also

Section Key Management

R_RSIP_InjectedKeyImport()

fsp_err_t R_RSIP_InjectedKeyImport	(	rsip_key_type_t const	key_type,
		uint8_t const *const	p_injected_key,
		rsip_wrapped_key_t *const	p_wrapped_key,
		uint32_t const	wrapped_key_buffer_length
	)

This function provides the ability to construct structure data "rsip_wrapped_key_t" from injected key data. The value of injected key is not validated in this API. Refer "Key Size Table" for supported key types.
Implements rsip_api_t::injectedKeyImport.

<Operational State>
This API can be executed in any state including STATE_INITIAL, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_UNSUPPORTED	Selected key type is not supported.
FSP_ERR_INVALID_SIZE	Buffer length is too short.

See also

Section Key Management

R_RSIP_PublicKeyExport()

fsp_err_t R_RSIP_PublicKeyExport	(	rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t *const	p_raw_public_key
	)

Exports public key parameters from a wrapped key.
Implements rsip_api_t::publicKeyExport.

<Usage Precautions>

• The key type of p_wrapped_public_key must be RSIP_KEY_TYPE_ECC_xxx_PUBLIC or RSIP_KEY_TYPE_RSA_xxx_PUBLIC
• For ECC public keys, raw_public_key has QX placed first and QY placed after that.
• For RSA public keys, raw_public_key has N placed first and E placed after that.
• The value location of each elements in public key is shown in below:

  ECC bit length	QX location	QY location
  192(*)	0	24
  224(*)	0	28
  256	0	32
  384	0	48
  512(*)	0	64
  521(*)	0	66

RSA bit length	N location	E location
1024(*)	0	128
2048	0	256
3072	0	384
4096	0	512

(*) These bit lengths are not supported in V.5.2.0.

<Operational State>
This API can be executed in any state including STATE_INITIAL, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.

See also

Section Key Management

R_RSIP_AES_Cipher_Init()

fsp_err_t R_RSIP_AES_Cipher_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_aes_cipher_mode_t const	mode,
		rsip_wrapped_key_t const *const	p_wrapped_key,
		uint8_t const *const	p_initial_vector
	)

Set parameters of AES cipher.
Implements rsip_api_t::aesCipherInit.

<Usage Precautions>

• p_initial_vector is not required for ECB mode.
• p_initial_vector is IV for CBC mode or XTS mode.
• p_initial_vector is nonce for CTR mode.

<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS	STATE_AES
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_AES_Cipher_Update()

fsp_err_t R_RSIP_AES_Cipher_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_input,
		uint8_t *const	p_output,
		uint32_t const	length
	)

Encrypts plaintext.
Implements rsip_api_t::aesCipherUpdate.

<Usage Precautions>

• Requires prerequisite that R_RSIP_AES_Cipher_Init or R_RSIP_AES_Cipher_Update results in FSP_SUCCESS.
• The length is as follows:

length
ECB,CBC,CTR	Must be 0 or a multiple of 16.
XTS	Must be 0 or greater than or equal to 16. After an integer not divisible by 16 is input, update will no longer be able to execute.

<Operational State>
This API can only be executed in the STATE_AES, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
Any	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	Input length is illegal.

R_RSIP_AES_Cipher_Finish()

fsp_err_t R_RSIP_AES_Cipher_Finish

(

rsip_ctrl_t *const

p_ctrl

)

Finalize AES operation.
Implements rsip_api_t::aesCipherFinish.

<Operational State>
This API can only be executed in the STATE_AES, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_AES_AEAD_Init()

fsp_err_t R_RSIP_AES_AEAD_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_aes_aead_mode_t	mode,
		rsip_wrapped_key_t const *const	p_wrapped_key,
		uint8_t const *const	p_nonce,
		uint32_t const	nonce_length
	)

Prepares an AES-AEAD function.
Implements rsip_api_t::aesAeadInit.

<Usage Precautions>

• The key type of p_wrapped_key must be RSIP_KEY_TYPE_AES_xxx.

<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS	STATE_AES_AEAD
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_AES_AEAD_LengthsSet()

fsp_err_t R_RSIP_AES_AEAD_LengthsSet	(	rsip_ctrl_t *const	p_ctrl,
		uint32_t const	total_aad_length,
		uint32_t const	total_text_length,
		uint32_t const	tag_length
	)

Set text and tag lengths for specific mode.
Implements rsip_api_t::aesAeadLengthsSet.

<Usage Precautions>

• Requires prerequisite that R_RSIP_AES_AEAD_Init results in FSP_SUCCESS.
• The lengths are as follows:

  total_aad_length	Must be 110 or less.
  tag_length	The following values are allowed 4, 6, 8, 10, 12, 14, 16

<Operational State>
This API can only be executed in the STATE_AES_AEAD, and there are no state transitions.
However, this function can only be called once.

<About CCM processing>
This API must be called directly after executing R_RSIP_AES_AEAD_Init API.

<About GCM processing>
This API must NOT be called. Each input length is indeterminate and output tag length is fixed to 16 bytes.
If called, FSP_ERR_INVALID_STATE will be returned.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_SIZE	Input length is illegal.
FSP_ERR_INVALID_STATE	Internal state is illegal.

R_RSIP_AES_AEAD_AADUpdate()

fsp_err_t R_RSIP_AES_AEAD_AADUpdate	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_aad,
		uint32_t const	aad_length
	)

Inputs additional authentication data.
Implements rsip_api_t::aesAeadAadUpdate.

<Usage Precautions>

• For GCM processing requires prerequisite that R_RSIP_AES_AEAD_Init or R_RSIP_AES_AEAD_AADUpdate results in FSP_SUCCESS.
• For CCM processing requires prerequisite that R_RSIP_AES_AEAD_LengthsSet or R_RSIP_AES_AEAD_AADUpdate results in FSP_SUCCESS.
• This API can be called repeatedly, and in the case of CCM, it must be called at least once.
• This API cannot be called after the R_RSIP_AES_AEAD_Update API has been executed.

<Operational State>
This API can only be executed in the STATE_AES_AEAD, and there are no state transitions.

<About GCM processing>
For GCM processing, this API can be skipped.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.

R_RSIP_AES_AEAD_Update()

fsp_err_t R_RSIP_AES_AEAD_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_input,
		uint32_t const	input_length,
		uint8_t *const	p_output,
		uint32_t *const	p_output_length
	)

Inputs additional authentication data.
Implements rsip_api_t::aesAeadUpdate.

<Usage Precautions>

• For GCM processing requires prerequisite that R_RSIP_AES_AEAD_Init, R_RSIP_AES_AEAD_AADUpdate, or R_RSIP_AES_AEAD_Update results in FSP_SUCCESS.
• For CCM processing requires prerequisite that R_RSIP_AES_AEAD_AADUpdate or R_RSIP_AES_AEAD_Update results in FSP_SUCCESS.
• In the case of CCM, it must be called at least once.
• This API must be called after all input by R_RSIP_AES_AEAD_AADUpdate API is complete.

<Operational State>
This API can only be executed in the STATE_AES_AEAD, and there are no state transitions.

<About GMAC processing>
GMAC processing can be performed by skipping this API.
For detailed usage, refer to the example code.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_SIZE	Input length is illegal.
FSP_ERR_INVALID_STATE	Internal state is illegal.

R_RSIP_AES_AEAD_Finish()

fsp_err_t R_RSIP_AES_AEAD_Finish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_output,
		uint32_t *const	p_output_length,
		uint8_t *const	p_tag
	)

Finalizes an AES-AEAD encryption.
Implements rsip_api_t::aesAeadFinish.

<Usage Precautions>

• RSIP_AES_AEAD_MODE_GCM_ENC or RSIP_AES_AEAD_MODE_CCM_ENC must be input as the mode in R_RSIP_AES_AEAD_Init.
• For GCM processing, requires prerequisite that R_RSIP_AES_AEAD_Init, R_RSIP_AES_AEAD_AADUpdate, or R_RSIP_AES_AEAD_Update results in FSP_SUCCESS.
• For CCM processing, requires prerequisite that R_RSIP_AES_AEAD_Update results in FSP_SUCCESS.

<Operational State>
This API can be executed in the STATE_AES_AEAD, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE	No change
Any	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_AES_AEAD_Verify()

fsp_err_t R_RSIP_AES_AEAD_Verify	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_output,
		uint32_t *const	p_output_length,
		uint8_t const *const	p_tag,
		uint32_t const	tag_length
	)

Finalizes an AES-AEAD decryption.
Implements rsip_api_t::aesAeadVerify.

<Usage Precautions>

• RSIP_AES_AEAD_MODE_GCM_DEC or RSIP_AES_AEAD_MODE_CCM_DEC must be input as the mode in R_RSIP_AES_AEAD_Init.
• For GCM processing, requires prerequisite that R_RSIP_AES_AEAD_Init, R_RSIP_AES_AEAD_AADUpdate, or R_RSIP_AES_AEAD_Update results in FSP_SUCCESS.
• For CCM processing, requires prerequisite that R_RSIP_AES_AEAD_Update results in FSP_SUCCESS.

<Operational State>
This API can be executed in the STATE_AES_AEAD, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE	No change
Any	STATE_MAIN

If there is 16-byte fractional data indicated by the total data length of the value of p_cipher that was input by R_RSIP_AES_GCM_DecryptUpdate(), this API will output the result of decrypting that fractional data to p_cipher. Here, the portion that does not reach 16 bytes will be padded with zeros.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	tag_length is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_AUTHENTICATION	Authentication is failed.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_AES_MAC_Init()

fsp_err_t R_RSIP_AES_MAC_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_aes_mac_mode_t const	mode,
		rsip_wrapped_key_t const *const	p_wrapped_key
	)

Prepares an AES-MAC generation and verification.
Implements rsip_api_t::aesMacInit.

<Usage Precautions>

• The key type of p_wrapped_key must be RSIP_KEY_TYPE_AES_xxx.
• The argument mode only supports the feature listed below.

  Mode	Corresponding Parameter
  CMAC	RSIP_AES_MAC_MODE_CMAC

  • GMAC processing can be performed with R_RSIP_AES_AEAD_xxx API.
    　 Refer to the desceription about R_RSIP_AES_AEAD_Update() API.

<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS	STATE_AES_MAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_AES_MAC_Update()

fsp_err_t R_RSIP_AES_MAC_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_message,
		uint32_t const	message_length
	)

Input message.
Implements rsip_api_t::aesMacUpdate.

Inside this function, the data that is input by the user is buffered until the input value of p_message exceeds 16 bytes. If the input value, p_message, is not a multiple of 16 bytes, it will be padded within the function.

<Usage Precautions>

• Requires prerequisite that R_RSIP_AES_MAC_Init or R_RSIP_AES_MAC_Update results in FSP_SUCCESS.

<Operational State>
This API can only be executed in the STATE_AES_MAC, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
Any	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.

R_RSIP_AES_MAC_SignFinish()

fsp_err_t R_RSIP_AES_MAC_SignFinish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_mac
	)

Finalizes an AES-MAC generation.
Implements rsip_api_t::aesMacSignFinish.

<Usage Precautions>

• Requires prerequisite that R_RSIP_AES_MAC_Init or R_RSIP_AES_MAC_Update results in FSP_SUCCESS.

<Operational State>
This API can only be executed in the STATE_AES_MAC, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	Input length is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_AES_MAC_VerifyFinish()

fsp_err_t R_RSIP_AES_MAC_VerifyFinish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_mac,
		uint32_t const	mac_length
	)

Finalizes an AES-MAC verification.
Implements rsip_api_t::aesMacVerifyFinish.

<Usage Precautions>

• Requires prerequisite that R_RSIP_AES_MAC_Init or R_RSIP_AES_MAC_Update results in FSP_SUCCESS.

<Operational State>
This API can only be executed in the STATE_AES_MAC, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE FSP_ERR_INVALID_SIZE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	mac_length is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Internal error.
FSP_ERR_CRYPTO_RSIP_AUTHENTICATION	Authentication is failed.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_ECDSA_Sign()

fsp_err_t R_RSIP_ECDSA_Sign	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		uint8_t const *const	p_hash,
		uint8_t *const	p_signature
	)

Signs a hashed message. The message hash should be generated in advance.
Implements rsip_api_t::ecdsaSign.

<Usage Precautions>

• The key type of p_wrapped_private_key must be RSIP_KEY_TYPE_ECC_xxx_PRIVATE.
• This version supports the following key types:

  Key Length	Key Type
  256 bit	RSIP_KEY_TYPE_ECC_SECP256R1_PRIVATE
  384 bit	RSIP_KEY_TYPE_ECC_SECP384R1_PRIVATE
  521 bit	RSIP_KEY_TYPE_ECC_SECP521R1_PRIVATE

• The hash value must be computed and passed to the argument p_hash before executing this API.
  In the case of hash length is less than the key length, padding is required to make it the same as the key length.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is illegal. Signature generation is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_ECDSA_Verify()

fsp_err_t R_RSIP_ECDSA_Verify	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t const *const	p_hash,
		uint8_t const *const	p_signature
	)

Verifies a hashed message. The message hash should be generated in advance.
Implements rsip_api_t::ecdsaVerify.

<Usage Precautions>

• The key type of p_wrapped_public_key must be RSIP_KEY_TYPE_ECC_xxx_PUBLIC.
• This version supports the following key types:

  Key Length	Key Type
  256 bit	RSIP_KEY_TYPE_ECC_SECP256R1_PUBLIC
  384 bit	RSIP_KEY_TYPE_ECC_SECP384R1_PUBLIC
  521 bit	RSIP_KEY_TYPE_ECC_SECP521R1_PUBLIC

• The hash value must be computed and passed to the argument p_hash before executing this API.
  In the case of hash length is less than the key length, padding is required to make it the same as the key length.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is illegal. Signature verification is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_RSA_Encrypt()

fsp_err_t R_RSIP_RSA_Encrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t const *const	p_plain,
		uint8_t *const	p_cipher
	)

Encrypts plaintext with raw RSA.
Implements rsip_api_t::rsaEncrypt.

<Usage Precautions>

• The key type of p_wrapped_public_key must be RSIP_KEY_TYPE_RSA_xxx_PUBLIC.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PUBLIC
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PUBLIC
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PUBLIC

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note

This API provides RSA low-level primitives (RSAEP/RSAVP1). It should be used in conjunction with any padding scheme.

R_RSIP_RSA_Decrypt()

fsp_err_t R_RSIP_RSA_Decrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		uint8_t const *const	p_cipher,
		uint8_t *const	p_plain
	)

Decrypts ciphertext with raw RSA.
Implements rsip_api_t::rsaDecrypt.

<Usage Precautions>

• The key type of p_wrapped_private_key must be RSIP_KEY_TYPE_RSA_xxx_PRIVATE.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PRIVATE
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PRIVATE
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PRIVATE

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note

This API provides RSA low-level primitives (RSADP/RSASP1). It should be used in conjunction with any padding scheme.

R_RSIP_RSAES_PKCS1_V1_5_Encrypt()

fsp_err_t R_RSIP_RSAES_PKCS1_V1_5_Encrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		uint8_t const *const	p_plain,
		uint32_t const	plain_length,
		uint8_t *const	p_cipher
	)

Encrypts plaintext with RSAES-PKCS1-v1_5.
Implements rsip_api_t::rsaesPkcs1V15Encrypt.

<Usage Precautions>

• The key type of p_wrapped_public_key must be RSIP_KEY_TYPE_RSA_xxx_PUBLIC.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PUBLIC
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PUBLIC
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PUBLIC

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

mLen (plain_length) and k (RSA key length) must meet the following condition.

mlen <= k - 11

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_RSAES_PKCS1_V1_5_Decrypt()

fsp_err_t R_RSIP_RSAES_PKCS1_V1_5_Decrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		uint8_t const *const	p_cipher,
		uint8_t *const	p_plain,
		uint32_t *const	p_plain_length,
		uint32_t const	plain_buffer_length
	)

Decrypts with RSAES-PKCS1-v1_5.
Implements rsip_api_t::rsaesPkcs1V15Decrypt.

<Usage Precautions>

• The key type of p_wrapped_private_key must be RSIP_KEY_TYPE_RSA_xxx_PRIVATE.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PRIVATE
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PRIVATE
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PRIVATE

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note

The stack usage of this function depends on the maximum key length for RSA decryption enabled in configuration. For example, if RSA-2048 is enabled, this function uses at least 256 bytes (2048 bits) of stack. To shrink the stack size, please disable unused key length in configuration.

This API skips the ciphertext length checking at RFC8017 (PKCS#1 v2.2) Section 7.2.2 Step 1.

R_RSIP_RSAES_OAEP_Encrypt()

fsp_err_t R_RSIP_RSAES_OAEP_Encrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		rsip_hash_type_t const	hash_function,
		rsip_mgf_type_t const	mask_generation_function,
		uint8_t const *const	p_label,
		uint32_t const	label_length,
		uint8_t const *const	p_plain,
		uint32_t const	plain_length,
		uint8_t *const	p_cipher
	)

Encrypts plaintext with RSAES-OAEP.
Implements rsip_api_t::rsaesOaepEncrypt.

<Usage Precautions>

• The key type of p_wrapped_public_key must be RSIP_KEY_TYPE_RSA_xxx_PUBLIC.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PUBLIC
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PUBLIC
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PUBLIC

• Argument hash_function only supports the features listed below.

  Hash Function	Corresponding Parameter
  SHA256	RSIP_HASH_TYPE_SHA256
  SHA384	RSIP_HASH_TYPE_SHA384
  SHA512	RSIP_HASH_TYPE_SHA512

• Argument mask_generation_function only supports the features listed below.

  Mask Generation Function	Corresponding Parameter
  SHA256	RSIP_MGF_TYPE_MGF1_SHA256
  SHA384	RSIP_MGF_TYPE_MGF1_SHA384
  SHA512	RSIP_MGF_TYPE_MGF1_SHA512

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

mLen (plain_length), hLen (output length of hash_function), and k (RSA key length) must meet the following condition.

mLen <= k - 2 hLen - 2

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_RSAES_OAEP_Decrypt()

fsp_err_t R_RSIP_RSAES_OAEP_Decrypt	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		rsip_hash_type_t const	hash_function,
		rsip_mgf_type_t const	mask_generation_function,
		uint8_t const *const	p_label,
		uint32_t const	label_length,
		uint8_t const *const	p_cipher,
		uint8_t *const	p_plain,
		uint32_t *const	p_plain_length,
		uint32_t const	plain_buffer_length
	)

Decrypts ciphertext with RSAES-OAEP.
Implements rsip_api_t::rsaesOaepDecrypt.

<Usage Precautions>

• The key type of p_wrapped_private_key must be RSIP_KEY_TYPE_RSA_xxx_PRIVATE.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PRIVATE
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PRIVATE
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PRIVATE

• Argument hash_function only supports the features listed below.

  Hash Function	Corresponding Parameter
  SHA256	RSIP_HASH_TYPE_SHA256
  SHA384	RSIP_HASH_TYPE_SHA384
  SHA512	RSIP_HASH_TYPE_SHA512

• Argument mask_generation_function only supports the features listed below.

  Mask Generation Function	Corresponding Parameter
  SHA256	RSIP_MGF_TYPE_MGF1_SHA256
  SHA384	RSIP_MGF_TYPE_MGF1_SHA384
  SHA512	RSIP_MGF_TYPE_MGF1_SHA512

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

hLen (output length of hash_function) and k (RSA key length) must meet the following condition.

k >= 2 hLen + 2

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note

The stack usage of this function depends on the maximum key length for RSA decryption enabled in configuration. For example, if RSA-2048 is enabled, this function uses at least 256 bytes (2048 bits) of stack. To shrink the stack size, please disable unused key length in configuration.

This API skips the ciphertext length checking at RFC8017 (PKCS#1 v2.2) Section 7.1.2 Step 1.

R_RSIP_RSASSA_PKCS1_V1_5_Sign()

fsp_err_t R_RSIP_RSASSA_PKCS1_V1_5_Sign	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		rsip_hash_type_t const	hash_function,
		uint8_t const *const	p_hash,
		uint8_t *const	p_signature
	)

Signs message with RSASSA-PKCS1-v1_5.
Implements rsip_api_t::rsassaPkcs1V15Sign.

<Usage Precautions>

• The key type of p_wrapped_private_key must be RSIP_KEY_TYPE_RSA_xxx_PRIVATE.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PRIVATE
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PRIVATE
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PRIVATE

• Argument hash_function only supports the features listed below.

  Hash Function	Corresponding Parameter
  SHA256	RSIP_HASH_TYPE_SHA256
  SHA384	RSIP_HASH_TYPE_SHA384
  SHA512	RSIP_HASH_TYPE_SHA512

• The hash value must be computed and passed to the argument p_hash before executing this API.
  Also, the argument hash_function must specify the one used when computing the hash value above.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_RSASSA_PKCS1_V1_5_Verify()

fsp_err_t R_RSIP_RSASSA_PKCS1_V1_5_Verify	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		rsip_hash_type_t const	hash_function,
		uint8_t const *const	p_hash,
		uint8_t const *const	p_signature
	)

Verifies signature with RSASSA-PKCS1-v1_5.
Implements rsip_api_t::rsassaPkcs1V15Verify.

<Usage Precautions>

• The key type of p_wrapped_public_key must be RSIP_KEY_TYPE_RSA_xxx_PUBLIC.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PUBLIC
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PUBLIC
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PUBLIC

• Argument hash_function only supports the features listed below.

  Hash Function	Corresponding Parameter
  SHA256	RSIP_HASH_TYPE_SHA256
  SHA384	RSIP_HASH_TYPE_SHA384
  SHA512	RSIP_HASH_TYPE_SHA512

• The hash value must be computed and passed to the argument p_hash before executing this API.
  Also, the argument hash_function must specify the one used when computing the hash value above.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note

The stack usage of this function depends on the maximum key length for RSA decryption enabled in configuration. For example, if RSA-2048 is enabled, this function uses at least 512 bytes (2048 bits * 2) of stack. To shrink the stack size, please disable unused key length in configuration.

R_RSIP_RSASSA_PSS_Sign()

fsp_err_t R_RSIP_RSASSA_PSS_Sign	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_private_key,
		rsip_hash_type_t const	hash_function,
		rsip_mgf_type_t const	mask_generation_function,
		uint32_t const	salt_length,
		uint8_t const *const	p_hash,
		uint8_t *const	p_signature
	)

Signs message with RSASSA-PSS.
Implements rsip_api_t::rsassaPssSign.

<Usage Precautions>

• The key type of p_wrapped_private_key must be RSIP_KEY_TYPE_RSA_xxx_PRIVATE.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PRIVATE
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PRIVATE
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PRIVATE

• Argument hash_function only supports the features listed below.

  Hash Function	Corresponding Parameter
  SHA256	RSIP_HASH_TYPE_SHA256
  SHA384	RSIP_HASH_TYPE_SHA384
  SHA512	RSIP_HASH_TYPE_SHA512

• Argument mask_generation_function only supports the features listed below.

  Mask Generation Function	Corresponding Parameter
  SHA256	RSIP_MGF_TYPE_MGF1_SHA256
  SHA384	RSIP_MGF_TYPE_MGF1_SHA384
  SHA512	RSIP_MGF_TYPE_MGF1_SHA512

• Argument salt_length must follow the list below.

  Parameter	Description
  RSIP_RSA_SALT_LENGTH_AUTO	The salt length is set to RSIP_RSA_SALT_LENGTH_MAX or　RSIP_RSA_SALT_LENGTH_HASH, whichever is shorter. When verifying, the salt length is detected automatically.
  RSIP_RSA_SALT_LENGTH_HASH	The salt length is set to the hash length.
  RSIP_RSA_SALT_LENGTH_MAX	The salt length is set to emLen - hLen - 2, where emLen is the same as the key length and hLen is the hash length.
  zero or positive integers	The following conditions must be satisfied. salt_length <= emLen - hLen - 2 where emLen is the same as the key length and hLen is the hash length.

• The hash value must be computed and passed to the argument p_hash before executing this API.
  Also, the argument hash_function must specify the one used when computing the hash value above.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_RSASSA_PSS_Verify()

fsp_err_t R_RSIP_RSASSA_PSS_Verify	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_public_key,
		rsip_hash_type_t const	hash_function,
		rsip_mgf_type_t const	mask_generation_function,
		uint32_t const	salt_length,
		uint8_t const *const	p_hash,
		uint8_t const *const	p_signature
	)

Verifies signature with RSASSA-PSS.
Implements rsip_api_t::rsassaPssVerify.

<Usage Precautions>

• The key type of p_wrapped_public_key must be RSIP_KEY_TYPE_RSA_xxx_PUBLIC.
• This version supports the following key types:

  Key Length	Key Type
  2048 bit	RSIP_KEY_TYPE_RSA_2048_PUBLIC
  3072 bit	RSIP_KEY_TYPE_RSA_3072_PUBLIC
  4096 bit	RSIP_KEY_TYPE_RSA_4096_PUBLIC

• Argument hash_function only supports the features listed below.

  Hash Function	Corresponding Parameter
  SHA256	RSIP_HASH_TYPE_SHA256
  SHA384	RSIP_HASH_TYPE_SHA384
  SHA512	RSIP_HASH_TYPE_SHA512

• Argument mask_generation_function only supports the features listed below.

  Mask Generation Function	Corresponding Parameter
  SHA256	RSIP_MGF_TYPE_MGF1_SHA256
  SHA384	RSIP_MGF_TYPE_MGF1_SHA384
  SHA512	RSIP_MGF_TYPE_MGF1_SHA512

• Argument salt_length must follow the list below.

  Parameter	Description
  RSIP_RSA_SALT_LENGTH_AUTO	The salt length is set to RSIP_RSA_SALT_LENGTH_MAX or　RSIP_RSA_SALT_LENGTH_HASH, whichever is shorter. When verifying, the salt length is detected automatically.
  RSIP_RSA_SALT_LENGTH_HASH	The salt length is set to the hash length.
  RSIP_RSA_SALT_LENGTH_MAX	The salt length is set to emLen - hLen - 2, where emLen is the same as the key length and hLen is the hash length.
  zero or positive integers	The following conditions must be satisfied. salt_length <= emLen - hLen - 2 where emLen is the same as the key length and hLen is the hash length.

• The hash value must be computed and passed to the argument p_hash before executing this API.
  Also, the argument hash_function must specify the one used when computing the hash value above.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	Input parameter is invalid.
FSP_ERR_INVALID_SIZE	Any length is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

Note

The stack usage of this function depends on the maximum key length for RSA decryption enabled in configuration. For example, if RSA-2048 is enabled, this function uses at least 512 bytes (2048 bits * 2) of stack. To shrink the stack size, please disable unused key length in configuration.

R_RSIP_SHA_Compute()

fsp_err_t R_RSIP_SHA_Compute	(	rsip_ctrl_t *const	p_ctrl,
		rsip_hash_type_t const	hash_type,
		uint8_t const *const	p_message,
		uint32_t const	message_length,
		uint8_t *const	p_digest
	)

Generates SHA message digest.
Implements rsip_api_t::shaCompute.

<Usage Precautions>

• Hash type must follow the list below.

  Hash Type	Corresponding Parameter
  SHA256	RSIP_HASH_TYPE_SHA256
  SHA384	RSIP_HASH_TYPE_SHA384
  SHA512	RSIP_HASH_TYPE_SHA512

• The length of message digest is the list below.

  Hash Type	digest length
  SHA256	32
  SHA384	48
  SHA512	64

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.

R_RSIP_SHA_Init()

fsp_err_t R_RSIP_SHA_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_hash_type_t const	hash_type
	)

Prepares a SHA generation.
Implements rsip_api_t::shaInit.

<Usage Precautions>

• Hash type must follow the list below.

  Hash Type	Corresponding Parameter
  SHA256	RSIP_HASH_TYPE_SHA256
  SHA384	RSIP_HASH_TYPE_SHA384
  SHA512	RSIP_HASH_TYPE_SHA512

<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS	STATE_SHA
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.

R_RSIP_SHA_Update()

fsp_err_t R_RSIP_SHA_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_message,
		uint32_t const	message_length
	)

Inputs message.
Implements rsip_api_t::shaUpdate.

<Usage Precautions>

• Requires prerequisite that R_RSIP_SHA_Init, R_RSIP_SHA_Update, or R_RSIP_SHA_Resume results in FSP_SUCCESS.

<Operational State>
This API can only be executed in the STATE_SHA, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
Any	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_SHA_Finish()

fsp_err_t R_RSIP_SHA_Finish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_digest
	)

Finalizes a SHA generation.
Implements rsip_api_t::shaFinish.

<Usage Precautions>

• Requires prerequisite that R_RSIP_SHA_Init, R_RSIP_SHA_Update, or R_RSIP_SHA_Resume results in FSP_SUCCESS.
• The length of message digest is the list below.

  Hash Type	digest length
  SHA256	32
  SHA384	48
  SHA512	64

<Operational State>
This API can only be executed in the STATE_SHA, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_SHA_Suspend()

fsp_err_t R_RSIP_SHA_Suspend	(	rsip_ctrl_t *const	p_ctrl,
		rsip_sha_handle_t *const	p_handle
	)

Suspend SHA generation. This API allows you to suspend processing, for example, if you are in the middle of computing digest value for successive chunks of the message and need to perform another process.
Implements rsip_api_t::shaSuspend.

<Usage Precautions>

• Requires prerequisite that R_RSIP_SHA_Init, R_RSIP_SHA_Update, or R_RSIP_SHA_Resume results in FSP_SUCCESS.

<Operational State>
This API can only be executed in the STATE_SHA, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS FSP_ERR_CRYPTO_RSIP_FATAL	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_SHA_Resume()

fsp_err_t R_RSIP_SHA_Resume	(	rsip_ctrl_t *const	p_ctrl,
		rsip_sha_handle_t const *const	p_handle
	)

Resume SHA generation. This API allows you to resume a process that has been suspended by R_RSIP_SHA_Suspend() API.
Implements rsip_api_t::shaResume.

<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS	STATE_SHA
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.

R_RSIP_HMAC_Compute()

fsp_err_t R_RSIP_HMAC_Compute	(	rsip_ctrl_t *const	p_ctrl,
		const rsip_wrapped_key_t *	p_wrapped_key,
		uint8_t const *const	p_message,
		uint32_t const	message_length,
		uint8_t *const	p_mac
	)

Generates HMAC.
Implements rsip_api_t::hmacCompute.

<Usage Precautions>

• The key type of p_wrapped_key must be RSIP_KEY_TYPE_HMAC_xxx.
• The length of MAC is the list below.

  HMAC Type	MAC length
  HMAC-SHA256	32

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_HMAC_Verify()

fsp_err_t R_RSIP_HMAC_Verify	(	rsip_ctrl_t *const	p_ctrl,
		const rsip_wrapped_key_t *	p_wrapped_key,
		uint8_t const *const	p_message,
		uint32_t const	message_length,
		uint8_t const *const	p_mac,
		uint32_t const	mac_length
	)

Verifies HMAC.
Implements rsip_api_t::hmacVerify.

<Usage Precautions>

• The key type of p_wrapped_key must be RSIP_KEY_TYPE_HMAC_xxx.
• The length of MAC must follow the list below.

  HMAC Type	MAC length
  HMAC-SHA256	4 to 32

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	mac_length is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_HMAC_Init()

fsp_err_t R_RSIP_HMAC_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_wrapped_key_t const *const	p_wrapped_key
	)

Prepares a HMAC generation.
Implements rsip_api_t::hmacInit.

<Usage Precautions>

• The key type of p_wrapped_key must be RSIP_KEY_TYPE_HMAC_xxx.

<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS	STATE_HMAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_HMAC_Update()

fsp_err_t R_RSIP_HMAC_Update	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_message,
		uint32_t const	message_length
	)

Inputs message.
Implements rsip_api_t::hmacUpdate.

<Usage Precautions>

• Requires prerequisite that R_RSIP_HMAC_Init, R_RSIP_HMAC_Update, or R_RSIP_HMAC_Resume results in FSP_SUCCESS.

<Operational State>
This API can only be executed in the STATE_HMAC, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
Any	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_HMAC_SignFinish()

fsp_err_t R_RSIP_HMAC_SignFinish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t *const	p_mac
	)

Finalizes a HMAC generation.
Implements rsip_api_t::hmacSignFinish.

<Usage Precautions>

• Requires prerequisite that R_RSIP_HMAC_Init, R_RSIP_HMAC_Update, or R_RSIP_HMAC_Resume results in FSP_SUCCESS.
• The length of MAC is the list below.

  HMAC Type	MAC length
  HMAC-SHA256	32

<Operational State>
This API can only be executed in the STATE_HMAC, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_HMAC_VerifyFinish()

fsp_err_t R_RSIP_HMAC_VerifyFinish	(	rsip_ctrl_t *const	p_ctrl,
		uint8_t const *const	p_mac,
		uint32_t const	mac_length
	)

Finalizes a HMAC verification.
Implements rsip_api_t::hmacVerifyFinish.

<Usage Precautions>

• Requires prerequisite that R_RSIP_HMAC_Init, R_RSIP_HMAC_Update, or R_RSIP_HMAC_Resume results in FSP_SUCCESS.
• The length of MAC must follow the list below.

  HMAC Type	MAC length
  HMAC-SHA256	4 to 32

<Operational State>
This API can only be executed in the STATE_HMAC, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE FSP_ERR_INVALID_SIZE	No change
Others	STATE_MAIN

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_INVALID_SIZE	mac_length is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_FAIL	MAC verification is failed.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_HMAC_Suspend()

fsp_err_t R_RSIP_HMAC_Suspend	(	rsip_ctrl_t *const	p_ctrl,
		rsip_hmac_handle_t *const	p_handle
	)

Suspend HMAC generation. This API allows you to suspend processing, for example, if you are in the middle of computing HMAC for successive chunks of the message and need to perform another process.
Implements rsip_api_t::hmacSuspend.

<Usage Precautions>

• Requires prerequisite that R_RSIP_HMAC_Init, R_RSIP_HMAC_Update, or R_RSIP_HMAC_Resume results in FSP_SUCCESS.

<Operational State>
This API can only be executed in the STATE_HMAC, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS FSP_ERR_CRYPTO_RSIP_FATAL	STATE_MAIN
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_HMAC_Resume()

fsp_err_t R_RSIP_HMAC_Resume	(	rsip_ctrl_t *const	p_ctrl,
		rsip_hmac_handle_t const *const	p_handle
	)

Resume HMAC generation. This API allows you to resume a process that has been suspended by R_RSIP_HMAC_Suspend() API.
Implements rsip_api_t::hmacResume.

<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.

Return Value	State after execution
FSP_SUCCESS	STATE_HMAC
Others	No change

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled in this function by configuration.
FSP_ERR_INVALID_ARGUMENT	Input key type or mode is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

R_RSIP_OTF_Init()

fsp_err_t R_RSIP_OTF_Init	(	rsip_ctrl_t *const	p_ctrl,
		rsip_otf_channel_t const	channel,
		rsip_wrapped_key_t *const	p_wrapped_key,
		uint8_t const *const	p_seed
	)

Initialize on-the-fly decryption on RSIP. Implements rsip_api_t::otfInit.

<Usage Precautions>

• Argument "channel" represents channel number to be used, and supports the features listed below.

  Channel	Corresponding Parameter
  CH-0	RSIP_OTF_CHANNEL_0
  CH-1 (*)	RSIP_OTF_CHANNEL_1

  (*) These features are not supported in v5.3.0.

<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.

Parameters

[in,out]	p_ctrl	Pointer to control block.
[in]	channel	Channel number.
[in]	p_wrapped_key	Pointer to wrapped AES key.
[in]	p_seed	Pointer to seed.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_ASSERTION	A required parameter is NULL.
FSP_ERR_NOT_OPEN	Module is not open.
FSP_ERR_INVALID_STATE	Internal state is illegal.
FSP_ERR_NOT_ENABLED	Input key type is disabled or selected channel is invalid.
FSP_ERR_INVALID_ARGUMENT	Input key type is illegal.
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL	Input key value is illegal.
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_RSIP_FATAL	Software corruption is detected.

See also

Section Key Management

Attention

This function is only part of on-the-fly decryption activation process and intended to be called from a higher level FSP module. Even if a user calls this function directly, the feature will not be enabled. The number of channels for the channel parameter is dependent on the hardware. RA8x1 supports only one channel, and channel parameter must always be set to RSIP_OTF_CHANNEL_0.